* changing to pug conditional format for admin page conditional render
* feat: update notifications settings page and open BE route
feat: adding new page for notification prefs on user settings, along with updating saving prefs for global preferences
adding error handling and disabling when request is inflight
formatting and adding split test for viewing notification ettings
fix: updating to levels of preferences, and removing global type for preferences as we will now share the same backing settings between global and project preferences
feat: add global mute to user settings for notifications
making params in preferences schema optional
feat: update global settings to only set mute, and remove optional settings
fix: store userId as objectId, and filter based on global mute setting
GitOrigin-RevId: 947a95dc02d12b4a2d8e3cc29bd04c23af2aef25
* refactor PaymentService.getPaymentProviderAdminUrl to be more useful
* display all stripe customer accounts
* mv change segment modal to each account
* stripeSubscriptionData -> stripeCustomerData
GitOrigin-RevId: 4c1a277f5073ee7cb12f4596210ba4f8624451b8
* feat: allow for monthly tl builds experiment
* feat: show correct image when user doesnt have access to current image in compiler settings (#28282)
* adding packer space for extra rolling image
---------
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
GitOrigin-RevId: db909e1a85f36f1567236a2c4d5790b565dda76d
* [history-v1] add endpoint for getting blob stats of projects
* [web] display project history blob size on admin pages
* [web] break down history storage size by text and binary blob
GitOrigin-RevId: bfa4d56cf2c503d03005c13a0f7ac38158156cd2
* add option to remove link-sharing from backend
* restrict make link-sharing in the frontend based on capability
* extend e2e project-sharing tests to cover OVERLEAF_DISABLE_LINK_SHARING=true
* throw an error when link sharing is disabled in TokenAccessHandler
* throw errors when attempting to add users to projects with link sharing disabled
* Update server-ce/test/project-sharing.spec.ts
Co-authored-by: Jakob Ackermann <jakob.ackermann@overleaf.com>
* add tests for existing access when link sharing is disabled
* update tests to specify access restrictions for read-only and read-write link shared projects
* [web] block access to legacy public project with link-sharing disabled
---------
Co-authored-by: Jakob Ackermann <jakob.ackermann@overleaf.com>
GitOrigin-RevId: 5f194dbcb790e973e427c58a3a4a738a5dd74cb4
* [web] Group settings: audit Log
User facing audit logs, available to Group Admins.
- `/audit-logs` page
- `/audit-logs/csv` to download all logs
GitOrigin-RevId: 4938c49fdd8e62f5ea278b6c80ed2bd544455b92
* Create AdminCapabilities in admin-panel module
* Add `adminRolesEnabled` setting
* Use `PermissionsController.requirePermission` in admin-panel routes
* Update `adminCapabilities` to be an array
* Update frontend tests
* Rename `defaultAdminCapabilities` to `fullAdminCapabilities`
Co-authored-by: Jakob Ackermann <jakob.ackermann@overleaf.com>
* Add tests to PermissionsManagerTests.js
* Get admin roles and capabilities from the database
* Add tests to admin-panel
* Fixup PermissionsManagerTests.js without admin-panel module
* Revert "Use `PermissionsController.requirePermission` in admin-panel routes"
This reverts commit ccbf3e3e3bca9239b786c662cba2ac6bd2f4117a.
* Revert "Fixup PermissionsManagerTests.js without admin-panel module"
This reverts commit 6d7ad207bb17c5ca4c12c489d4636a02c608926d.
* Revert "Add tests to PermissionsManagerTests.js"
This reverts commit 8f9cc911750911e1c4b74b631d8c8a1b1ca86630.
* Fix tests after the reverts
* Replace capabilities to more sensible examples ('modify-user-email' and 'view-project')
* Set `adminRolesEnabled: false` for now
* Return `[]` capabilities for non-admins
* Misc: types, test description, settings ordering
* Small refactor of AdminPermissions.mjs:
Reuse code with `getMissingCapabilities`
Throw when `requiredCapabilities` is empty
* Update tests after update
* Rename `checkAdminPermissions` to `hasAdminPermissions`
* Change role permissions to array instead of object
* Remove admin capabilities when `!Settings.adminPrivilegeAvailable`
* Return `[]` if there is no user id
* Throw if `user?._id` is missing
* Update services/web/modules/admin-panel/app/src/AdminPermissions.mjs
Co-authored-by: Jakob Ackermann <jakob.ackermann@overleaf.com>
* Adjust to ForbiddenError constructor syntax
* Give empty capabilities for unknown role, update tests
---------
Co-authored-by: Jakob Ackermann <jakob.ackermann@overleaf.com>
GitOrigin-RevId: 1eec4f6a45e1cc3ae76a3a4603cec1ceba1c2322
* [web] Feature disablement status on user's admin panel
Adds a visual hint on the end user's admin panel when
dropbox/chat/ai features are disabled
GitOrigin-RevId: ded7a80120821ff606cc2c3b61bc2d82615c6026
