agw/overleaf-cep
1
0
Fork 0
mirror of https://github.com/yu-i-i/overleaf-cep.git synced 2026-05-29 12:01:32 +02:00
Code Issues Packages Projects Releases Wiki Activity
26,133 Commits 3 Branches 19 Tags
bbfea381e11f70bb55eccf2297a3d721fc79720e
Commit Graph

1433 Commits

Author SHA1 Message Date
Eric Mc Sween
ca845ad532 Merge pull request #27903 from overleaf/em-unit-tests-redis 
Make Redis available to unit tests

GitOrigin-RevId: 7bd403d9ad4be504a87bc9108d60686e6c2a9fb1
 2025-08-18 08:05:40 +00:00
Antoine Clausse
ba97b96815 [web] Add admin permissions modify-group-member and modify-managed-group-member (#27665) 
* Add capability `modify-managed-group-member` & `modify-group-member`

* Check `modify-managed-group-member` & `modify-group-member` (backend)

* Check `modify-managed-group-member` & `modify-group-member` (frontend)

* Update tests

* Update with `ol-hasWriteAccess` flag

* Update tests

* Move functions to AdminAuthorizationHelper.js

* Update import to fix build error

* Add `ol-hasWriteAccess` to types

* Use `hasAdminAccess()` instead of `req?.user?.isAdmin`

* Add tests on `/manage/groups/:id/invites` depending on admin roles

* Reuse `UserMembershipAuthorization.hasAdminCapability`

* Fix: Add entityAccess check

* Update unit test

* Rename `hasAdminGroupMemberCapability` to `hasModifyGroupMemberCapability`

* Remove useless and redundant `hasWriteAccess` check

* Restore stub in afterEach

GitOrigin-RevId: 4b6d83751121b43d4c19d0dbd82a4833cf7a6f24
 2025-08-15 08:05:57 +00:00
Liangjun Song
1acb68f41c Merge pull request #27800 from overleaf/ls-support-create-stripe-customer-from-admin-panel 
Support creating Stripe customer from admin panel

GitOrigin-RevId: 3e23008e1f4690e6f3737b5689e20958bf468f82
 2025-08-15 08:05:34 +00:00
John Lees-Miller
a829949fd2 Merge pull request #27890 from overleaf/jlm-spam-safe-email 
Apply new spam check to email address

GitOrigin-RevId: 9e204ea75e930455971769a73843d015fc4a9033
 2025-08-14 08:06:28 +00:00
Christopher Hoskin
ca30fdd95c Merge pull request #27860 from overleaf/lg-spam-safe 
Add spam check for incident

GitOrigin-RevId: 752180f7507e32219cc5faaef5d48fdc0003e889
 2025-08-13 08:07:10 +00:00
Andrew Rumble
447efbd5b1 Combine implementations of hasAdminCapability 
GitOrigin-RevId: a847c9182c018524c96726fe30e501763904b82e
 2025-08-13 08:06:58 +00:00
Andrew Rumble
feac1cb27b Add authorization helper for admin capabilities 
GitOrigin-RevId: fbf28c89500481e379db6c49512876d867478eb7
 2025-08-13 08:06:39 +00:00
roo hutton
3147edccfd Merge pull request #27670 from overleaf/rh-stripe-pause-addons 
Prevent buying add-on while subscription is paused

GitOrigin-RevId: b8cfbbaa05a1031bedf37edf7b1ded2252eb6906
 2025-08-12 08:06:08 +00:00
roo hutton
ece71f0426 Merge pull request #27391 from overleaf/rh-stripe-pause-anchor 
Reset billing cycle when resuming paused Stripe subscription

GitOrigin-RevId: 44f7aa4d3eeaab7622e97b0178fe7d6c7cccae50
 2025-08-12 08:06:04 +00:00
ilkin-overleaf
5f020595c4 Merge pull request #27680 from overleaf/ii-domain-capture-get-user-affiliations 
[web] Get domain capture info when getting user affiliations

GitOrigin-RevId: 475024cda072c45e548407dfdb36a772f845ac2b
 2025-08-11 08:06:26 +00:00
Domagoj Kriskovic
da7092bfb9 [dsmp] Add acceptChanges notification (#27555) 
* [dsmp] moved redis functions to RedisStreamManager

* use getEventStream generator function

* [dsmp] moved redis functions to RedisStreamManager

* [dsmp] Add acceptChanges notification

* rename to acceptedChanges

* cleanup after rebasing parent branch

GitOrigin-RevId: c7e100f55503e52b146bcc07deb3e483250b66f8
 2025-08-11 08:05:37 +00:00
Antoine Clausse
4716bc3114 [web] Map admin capabilities to project PrivilegeLevels (#27488) 
* Add capability `copy-project`

* Check `copy-project` (frontend)

* Update tests

* Suggestion: map `modify-project`-`PrivilegeLevels.OWNER` and `view-project`-`PrivilegeLevels.READ_ONLY`

* Suggestion: remove capability `copy-project`. Use `view-project` instead

* Revert unrelated changes

* Add tests on AuthorizationManager when `adminRolesEnabled`

* Update `Modules.promises.hooks.fire` stubs with `.withArgs('getAdminCapabilities')`

Co-authored-by: Andrew Rumble <andrew.rumble@overleaf.com>

* Use `getAdminCapabilities` from AdminAuthorizationHelper.js

---------

Co-authored-by: Andrew Rumble <andrew.rumble@overleaf.com>
GitOrigin-RevId: 61167509c4a035c99831a5b0346347c2e6b5fae0
 2025-08-08 08:07:59 +00:00
Jessica Lawshe
a3d842a98d Merge pull request #27637 from overleaf/jel-remove-unused-group-sso 
[web] Use `providerId` for group SSO and remove unused `universityId`

GitOrigin-RevId: 0928cdfee78cae5cdede57159b9968c15e26f27c
 2025-08-08 08:07:34 +00:00
Andrew Rumble
b4c6aa6a7e Split adminCapabilities middleware into two 
GitOrigin-RevId: 093e455e33459cae2e3da236958cb991f128299e
 2025-08-08 08:05:52 +00:00
Andrew Rumble
488c0ab6e6 Try checking admin access before getting capabilities 
GitOrigin-RevId: 75ff99aa6b6e94c1b84a99d22d65b327f4d40126
 2025-08-08 08:05:47 +00:00
Andrew Rumble
df68be700d Move hasAdminCapability middleware into helpers 
This is so that we can test it more easily than embedding it would allow

GitOrigin-RevId: be23d945bc7c816d32b18b4990ecd9e0a6592eb5
 2025-08-08 08:05:42 +00:00
Andrew Rumble
73427c1bfc Add hasAdminCapabilities function to ExpressLocals 
This will be available in pug to allow admin capabilities to be used.

GitOrigin-RevId: 6bc4e38385b421aa44ee9385e28f3c59b09e3ade
 2025-08-08 08:05:37 +00:00
roo hutton
bcbdd0100d Merge pull request #27215 from overleaf/rh-stripe-pause-status 
Update features and subscription state when Stripe pause starts and ends

GitOrigin-RevId: 368f5d9b046cfe26e996be336189081b96926713
 2025-08-06 08:04:57 +00:00
Thomas
20c30f6b94 Use AsyncLocalStorage to cache userFullEmails on the request, avoiding duplicated calls to the affiliations endpoint (#27542) 
* Use AsyncLocalStorage to cache userFullEmails

* Rename temporary fakeUser override to avoid conflicts

GitOrigin-RevId: 3a74816f677c1357293b0d46f245b4cfc499f2fa
 2025-08-05 08:06:04 +00:00
Simon Gardner
b80b7f6afe Merge pull request #27516 from overleaf/slg-hide-enrolment_ad_html 
hide enrolment_ad_html field from v1 admin form and remove unused usage in web

GitOrigin-RevId: 7cf8eed1a68bbaf2ebbb77069bfd421cd26ef01d
 2025-08-05 08:05:41 +00:00
Jakob Ackermann
dd825b3653 [web] download binary files in clsi from filestore via new endpoints (#27505) 
* [history-v1] use String.padStart instead of lodash.padStart

* [web] download binary files in clsi from filestore via new endpoints

* [server-ce] tests: Cypress.env() is parsing boolean values

* [server-ce] tests: run history migration as root

GitOrigin-RevId: bdf6c0e542531ccc4b3f13d2ed68ca0d31e580e9
 2025-07-31 08:05:28 +00:00
Jakob Ackermann
3ae228ff28 Merge pull request #27476 from overleaf/jpa-transfer-all 
[web] add script for transferring all of a users projects in Server Pro

GitOrigin-RevId: 3aad2b624e1da2af83fec0715c2e5e08eff43695
 2025-07-30 08:06:51 +00:00
Antoine Clausse
c9c26f7f52 Remove endpoint /user/emails/send-reconfirmation (#27423) 
GitOrigin-RevId: bd96d749175248cba83eb07c00dab7e7a9f819da
 2025-07-30 08:06:38 +00:00
Antoine Clausse
924aa6db23 [web] Remove the unused endpoint /user/emails/resend_confirmation (#27416) 
* Remove the unused endpoint `/user/emails/resend_confirmation`

* Remove exported middleware `resendConfirmationEmail`

* Revert "Remove exported middleware `resendConfirmationEmail`"

This reverts commit 7989bf25465dbc9b68c9d1af0d64d1097a747b55.

GitOrigin-RevId: 8054c6f217a734881093f78599a7b2be29436793
 2025-07-30 08:06:33 +00:00
Antoine Clausse
f8e643570c [web] Remove the endpoint /user/emails (POST) (#27418) 
* Remove `/user/emails` (post)

* Update test

GitOrigin-RevId: 3979820935209ca36fdd8fabc016ad55d4858cef
 2025-07-30 08:06:29 +00:00
Liangjun Song
898cdb00e1 Merge pull request #27150 from overleaf/ls-flexible-licensing-for-stripe-manually-billed-users 
Support Stripe manually billed users in flexible licensing

GitOrigin-RevId: b3211577a313f3a241320bfe3910cf648ee49319
 2025-07-25 08:05:32 +00:00
roo hutton
8cb07fdb08 Merge pull request #27141 from overleaf/rh-stripe-schedule-pause 
Support subscription pausing in Stripe

GitOrigin-RevId: 5550b2af2db99fd456d591c9bb4ba64d34dc7615
 2025-07-24 08:05:29 +00:00
Jakob Ackermann
3fb0e7d297 [web] prepare filestore migration for Server Pro/CE (#27230) 
* [web] prepare filestore migration for Server Pro/CE

* [history-v1] remove unused USER_FILES_BUCKET_NAME env var from script

* [server-ce] tests: write default docker-compose.override.yml on startup

* [server-ce] tests: extend access logging of host-admin for response

* [server-ce] tests: test text and binary file upload

* [server-ce] tests: add tests for filestore migration

* [web] simplify feature gate for filestore/project-history-blobs logic

Co-authored-by: Brian Gough <brian.gough@overleaf.com>

* [server-ce] test: fix flaky test helper

---------

Co-authored-by: Brian Gough <brian.gough@overleaf.com>
GitOrigin-RevId: f89bdab2749e2b7a49d609e2eac6bf621c727966
 2025-07-22 08:06:58 +00:00
Domagoj Kriskovic
9d899f0254 Add docModified hook in ds-mobile-app module (#27196) 
* Add docModified hook in ds-mobile-app module

* use Object.entries when iterating over promises

* avoid project lookup

* update tests

GitOrigin-RevId: 88676746f56558a97ce31010b57f5eeb254fefef
 2025-07-22 08:05:56 +00:00
Domagoj Kriskovic
021cd6de7c Support password-fallbackPassword array in requireBasicAuth (#27237) 
GitOrigin-RevId: 33b15a05996bfa0190041f347772867a9667e2ca
 2025-07-22 08:05:51 +00:00
Antoine Clausse
f19b603b33 [web] In tests, update email confirmation to use the 6-digits flow (#27069) 
* Rename `sendExistingSecondaryEmailConfirmationCode` to `sendExistingEmailConfirmationCode`

* Deduplicate error handling into `throwIfErrorResponse`

* Update `userHelper.confirmEmail` to use the 6-digits flow

GitOrigin-RevId: 91bdf7b185407b58520ca6b2aa1a7c71bdd23bc8
 2025-07-18 08:06:18 +00:00
Liangjun Song
2c8c95ad93 Merge pull request #27093 from overleaf/ls-support-3ds-in-group-plan-update-flows 
Support 3DS verification in group plan update flows

GitOrigin-RevId: 3206f612e5699f39ac44864daf6610da2956e6ca
 2025-07-16 08:05:25 +00:00
Liangjun Song
9f78291e94 Merge pull request #26934 from overleaf/ls-support-individual-to-group-plan-upgrade 
Support individual to group plan upgrade in Stripe

GitOrigin-RevId: 24cbe7bd6de86a4d9410e1abc49b6457e0871f40
 2025-07-16 08:05:20 +00:00
Jessica Lawshe
c158d8345e Merge pull request #26366 from overleaf/jel-group-csv 
[web] Include in group members CSV if user is managed and/or linked to the group's SSO

GitOrigin-RevId: 449974917d98cf121ea46eaa58be4b3666d88268
 2025-07-15 08:06:14 +00:00
roo hutton
83e910261f Merge pull request #26994 from overleaf/rh-cio-ai-assist 
Expose AI status to customer.io

GitOrigin-RevId: 7e69676d686326f50b16cbae9b1e4d97c14612fa
 2025-07-15 08:05:42 +00:00
Andrew Rumble
477b59fe97 Replace uses of resolve in place of a NextFunction 
rejectOnError is safer

GitOrigin-RevId: 9ae988975ce5c4921964ecdab5892b72def0e78e
 2025-07-14 08:06:09 +00:00
Rebeka Dekany
e29662c951 Tear down bs5-auth-pages feature flag (#27035) 
* Remove auth-pages-bs5 test assignment setPassword

* Remove auth-pages-bs5 test assignment passwordReset

* Remove auth-pages-bs5 test assignment primaryEmailCheck

* Remove auth-pages-bs5 test assignment reconfirm

* Remove - bootstrap5PageStatus = 'enabled'

* Remove primary-email-check.less

* Fix spacing

* Remove unused translations

* Removed unused SplitTestHandler

* Update password_reset_sentence_case to password_reset

GitOrigin-RevId: d5a5c9a1576f325186aa103c4b7ad8fb819b790a
 2025-07-14 08:05:56 +00:00
ilkin-overleaf
8e81644482 Merge pull request #27018 from overleaf/ii-flexible-licensing-manually-billed-billed-tear-down-revert 
[web] Revert "FL manually billed subscription feature flag tear down"

GitOrigin-RevId: 7cc809570d310f56b8f9e1a4f43ca895db8a8073
 2025-07-11 08:06:03 +00:00
ilkin-overleaf
3ec75212fe Merge pull request #27017 from overleaf/ii-flexible-licensing-manually-billed-users-add-seats-revert 
[web] Revert "FL manually billed subscriptions with no upsell"

GitOrigin-RevId: 3ce5441f825f9a364d3c17e3ac09aa3b9e87b0e7
 2025-07-11 08:05:58 +00:00
ilkin-overleaf
cff0e23b6a Merge pull request #27015 from overleaf/ii-groups-pagination-2-revert 
[web] Revert "Group members page pagination"

GitOrigin-RevId: 83c377e319c32110bdaa22970cc378f2aa89be7c
 2025-07-11 08:05:44 +00:00
Domagoj Kriskovic
a9e47f043a Move AI related functions from PaymentProviderEntities to AiHelper (#26956) 
* Move AI related functions from PaymentProviderEntities to AiHelper

* added @ts-check

GitOrigin-RevId: 8c8eec334b40a7f8f8533f6d5194f428112f68f9
 2025-07-10 08:07:51 +00:00
Eric Mc Sween
ef6ec25e21 Merge pull request #26918 from overleaf/em-transfer-to-reviewer 
Support ownership transfer to reviewer

GitOrigin-RevId: 1e97439e720a2125028a1776525f5c3766a289ef
 2025-07-10 08:06:50 +00:00
Eric Mc Sween
855b7ca628 Merge pull request #26968 from overleaf/em-revert-jul8 
Revert bad deploy

GitOrigin-RevId: fd6227cf4fde7fd8053b47365154d59d15fa115e
 2025-07-09 08:07:12 +00:00
ilkin-overleaf
ff89d3b834 Merge pull request #26842 from overleaf/ii-flexible-licensing-manually-billed-billed-tear-down 
[web] FL manually billed subscription feature flag tear down

GitOrigin-RevId: c860e8fc17c14685688fb834260772d9b63bcc6a
 2025-07-09 08:06:49 +00:00
ilkin-overleaf
d898582b2f Merge pull request #26829 from overleaf/ii-flexible-licensing-manually-billed-users-add-seats 
[web] FL manually billed subscriptions with no upsell

GitOrigin-RevId: b5f2083c7eabd0a1a5d024d5699d2c5e5556671a
 2025-07-09 08:06:44 +00:00
ilkin-overleaf
820bc6e624 Merge pull request #26610 from overleaf/ii-groups-pagination-2 
[web] Group members page pagination

GitOrigin-RevId: 9c7635bf24bed0af6d7d1a9626cae310f524b3e0
 2025-07-09 08:06:26 +00:00
Mathias Jakobsen
1def8a2b7f Merge pull request #26827 from overleaf/mj-zip-download-name 
[web] Sanitise project name in zip download

GitOrigin-RevId: 3b22da84002f57e3965c529c673344af04db9128
 2025-07-08 08:06:26 +00:00
Liangjun Song
06cf395e37 Merge pull request #26574 from overleaf/ls-group-plan-seats-adding-in-stripe 
Support group plan seats adding in Stripe

GitOrigin-RevId: 9c46c167388c5578a1513f908e409ab5d940c1df
 2025-07-08 08:06:12 +00:00
Kristina
a15de4e18c Merge pull request #26793 from overleaf/mf-add-missing-public-key-on-purchase-addon 
[web] Add missing publicKey to purchase add-on flow when user need to authenticate their payment via 3ds secure flow

GitOrigin-RevId: cc330cb8dad501479bbb3c5c5b4fc32ef9d36921
 2025-07-03 08:06:25 +00:00
Kristina
638d0fb156 [web] rm annual-prices-monthly-rates split test (#26727) 
* [web] rm annual-prices-monthly-rates split test

- rm monthly rates treatment
- rm unused translations
- rm unused supporting functions
- rm unused styles

GitOrigin-RevId: 5901853245cd9b01ee9e4774154d29ae8f5fcae5
 2025-07-03 08:06:13 +00:00