Jessica Lawshe
1aef3acca9
Merge pull request #27834 from overleaf/ii-domain-capture-not-in-group-redirect
...
[web] Redirect to domain capture page
GitOrigin-RevId: 15d2b8046beb5a40fc4937c337ee9655abaed8fd
2025-08-20 08:06:16 +00:00
MoxAmber
fc5ae92be1
Merge pull request #27677 from overleaf/as-compile-timeout-enforcement
...
[web] 10s Compile Timeout - Enforcement Phase
GitOrigin-RevId: 3930eb376cc1293409259e073032218e09d5270e
2025-08-20 08:06:01 +00:00
MoxAmber
86a1be9739
Merge pull request #27848 from overleaf/as-compile-warning-teardown
...
[web] Tear down 10s-timeout-warning split test
GitOrigin-RevId: ca8faf77bc73073e9fc126d9d722fe568921c1c3
2025-08-20 08:05:57 +00:00
Antoine Clausse
5373c84d9f
[web] Add requireAdminRoles param to hasAdminCapability ( #28006 )
...
* Add `requireAdminRoles` param to `hasAdminCapability`
https://github.com/overleaf/internal/pull/27965#discussion_r2284808889
Co-authored-by: Andrew Rumble <andrew.rumble@overleaf.com >
* Update test
---------
Co-authored-by: Andrew Rumble <andrew.rumble@overleaf.com >
GitOrigin-RevId: 83f8af84debc70c7a2e294638747369c786be22f
2025-08-20 08:05:52 +00:00
Brian Gough
f5dbbadf79
add option to disable link sharing ( #27626 )
...
* add option to remove link-sharing from backend
* restrict make link-sharing in the frontend based on capability
* extend e2e project-sharing tests to cover OVERLEAF_DISABLE_LINK_SHARING=true
* throw an error when link sharing is disabled in TokenAccessHandler
* throw errors when attempting to add users to projects with link sharing disabled
* Update server-ce/test/project-sharing.spec.ts
Co-authored-by: Jakob Ackermann <jakob.ackermann@overleaf.com >
* add tests for existing access when link sharing is disabled
* update tests to specify access restrictions for read-only and read-write link shared projects
* [web] block access to legacy public project with link-sharing disabled
---------
Co-authored-by: Jakob Ackermann <jakob.ackermann@overleaf.com >
GitOrigin-RevId: 5f194dbcb790e973e427c58a3a4a738a5dd74cb4
2025-08-20 08:05:33 +00:00
Domagoj Kriskovic
eac4a5cb13
Show Recurly's line items breakdown in subscription change preview ( #27809 )
...
* Show Recurly's line items breakdown in subscription change preview
* fix rounding, filter items that cancel each other out
GitOrigin-RevId: 0f5d71b3917ce8a52ff36608a6ec6280fe7d38ce
2025-08-19 08:05:02 +00:00
Antoine Clausse
40772ef819
[web] Add admin permissions modify-group-member and modify-managed-group-member ( #27665 )
...
* Add capability `modify-managed-group-member` & `modify-group-member`
* Check `modify-managed-group-member` & `modify-group-member` (backend)
* Check `modify-managed-group-member` & `modify-group-member` (frontend)
* Update tests
* Update with `ol-hasWriteAccess` flag
* Update tests
* Move functions to AdminAuthorizationHelper.js
* Update import to fix build error
* Add `ol-hasWriteAccess` to types
* Use `hasAdminAccess()` instead of `req?.user?.isAdmin`
* Add tests on `/manage/groups/:id/invites` depending on admin roles
* Reuse `UserMembershipAuthorization.hasAdminCapability`
* Fix: Add entityAccess check
* Update unit test
* Rename `hasAdminGroupMemberCapability` to `hasModifyGroupMemberCapability`
* Remove useless and redundant `hasWriteAccess` check
* Restore stub in afterEach
GitOrigin-RevId: 4b6d83751121b43d4c19d0dbd82a4833cf7a6f24
2025-08-15 08:05:57 +00:00
Antoine Clausse
d49f0e28e3
[web] Add admin permission modify-group-setting ( #27657 )
...
* Add capacity `modify-group-setting`
* Check `modify-group-setting` (backend)
* Check `modify-group-setting` (frontend)
* Update tests
* Fix: Add entityAccess check
* Update unit test
GitOrigin-RevId: 7702fe34762ecb8bd050c2fa2b6e95a9baf90be3
2025-08-15 08:05:52 +00:00
Liangjun Song
b9fc80f503
Merge pull request #27800 from overleaf/ls-support-create-stripe-customer-from-admin-panel
...
Support creating Stripe customer from admin panel
GitOrigin-RevId: 3e23008e1f4690e6f3737b5689e20958bf468f82
2025-08-15 08:05:34 +00:00
Domagoj Kriskovic
704e577c23
Add endpoint to retrieve document with history ranges and use it in dsmp API ( #27564 )
...
GitOrigin-RevId: 3d2ac33cdc903a07b8ec67f7fb6f723ae9c81a26
2025-08-15 08:05:17 +00:00
John Lees-Miller
aa10bc92af
Merge pull request #27890 from overleaf/jlm-spam-safe-email
...
Apply new spam check to email address
GitOrigin-RevId: 9e204ea75e930455971769a73843d015fc4a9033
2025-08-14 08:06:28 +00:00
Christopher Hoskin
ae602208f1
Merge pull request #27860 from overleaf/lg-spam-safe
...
Add spam check for incident
GitOrigin-RevId: 752180f7507e32219cc5faaef5d48fdc0003e889
2025-08-13 08:07:10 +00:00
Andrew Rumble
160e82a732
Combine implementations of hasAdminCapability
...
GitOrigin-RevId: a847c9182c018524c96726fe30e501763904b82e
2025-08-13 08:06:58 +00:00
Andrew Rumble
906a2f0686
Add view-split-test and modify-split-test capabilities
...
GitOrigin-RevId: 3f0752aec332c386ece72d2447d39126065ddb35
2025-08-13 08:06:53 +00:00
Andrew Rumble
cce55cf3d8
Add authorization helper for admin capabilities
...
GitOrigin-RevId: fbf28c89500481e379db6c49512876d867478eb7
2025-08-13 08:06:39 +00:00
roo hutton
5e3ea318e3
Merge pull request #27757 from overleaf/rh-secondary-email-alert
...
Only send security alert email after successful addEmailAddress call
GitOrigin-RevId: 391e613b0f855a5d2187b1da87355e0dbb10044d
2025-08-13 08:06:34 +00:00
Jakob Ackermann
cbe86818a7
[web] add config option for project/user hard deletion delay ( #27725 )
...
GitOrigin-RevId: db8030d6c8a3cdf8490edafcfa436cdbcd80fc28
2025-08-13 08:06:17 +00:00
Jakob Ackermann
d055f01c00
[web] add config option for custom maintenance message ( #27618 )
...
GitOrigin-RevId: e01eebecce780af6e9e3f8b82321cb7776d414e2
2025-08-13 08:06:12 +00:00
roo hutton
6c185cd700
Merge pull request #27670 from overleaf/rh-stripe-pause-addons
...
Prevent buying add-on while subscription is paused
GitOrigin-RevId: b8cfbbaa05a1031bedf37edf7b1ded2252eb6906
2025-08-12 08:06:08 +00:00
roo hutton
ec0f719307
Merge pull request #27391 from overleaf/rh-stripe-pause-anchor
...
Reset billing cycle when resuming paused Stripe subscription
GitOrigin-RevId: 44f7aa4d3eeaab7622e97b0178fe7d6c7cccae50
2025-08-12 08:06:04 +00:00
Miguel Serrano
e8e319d231
[web] Clean up group-audit-logs split test ( #27614 )
...
GitOrigin-RevId: e22183820e418cabc83cf2619c2c10cf4f82d3b9
2025-08-12 08:05:39 +00:00
ilkin-overleaf
29249c55a2
Merge pull request #27680 from overleaf/ii-domain-capture-get-user-affiliations
...
[web] Get domain capture info when getting user affiliations
GitOrigin-RevId: 475024cda072c45e548407dfdb36a772f845ac2b
2025-08-11 08:06:26 +00:00
Domagoj Kriskovic
bd8493dba6
[dsmp] Add acceptChanges notification ( #27555 )
...
* [dsmp] moved redis functions to RedisStreamManager
* use getEventStream generator function
* [dsmp] moved redis functions to RedisStreamManager
* [dsmp] Add acceptChanges notification
* rename to acceptedChanges
* cleanup after rebasing parent branch
GitOrigin-RevId: c7e100f55503e52b146bcc07deb3e483250b66f8
2025-08-11 08:05:37 +00:00
Domagoj Kriskovic
49bcfdd575
[ds-mobile-app] Implement reject changes in document updater ( #27483 )
...
* [ds-mobile-app] Implement reject changes in document updater
* Return rejected change ids
GitOrigin-RevId: 7915170af9164852ce39d783776106e722aaa925
2025-08-11 08:05:29 +00:00
Antoine Clausse
422e892231
[web] Map admin capabilities to project PrivilegeLevels ( #27488 )
...
* Add capability `copy-project`
* Check `copy-project` (frontend)
* Update tests
* Suggestion: map `modify-project`-`PrivilegeLevels.OWNER` and `view-project`-`PrivilegeLevels.READ_ONLY`
* Suggestion: remove capability `copy-project`. Use `view-project` instead
* Revert unrelated changes
* Add tests on AuthorizationManager when `adminRolesEnabled`
* Update `Modules.promises.hooks.fire` stubs with `.withArgs('getAdminCapabilities')`
Co-authored-by: Andrew Rumble <andrew.rumble@overleaf.com >
* Use `getAdminCapabilities` from AdminAuthorizationHelper.js
---------
Co-authored-by: Andrew Rumble <andrew.rumble@overleaf.com >
GitOrigin-RevId: 61167509c4a035c99831a5b0346347c2e6b5fae0
2025-08-08 08:07:59 +00:00
Jessica Lawshe
f1c59be2d2
Merge pull request #27637 from overleaf/jel-remove-unused-group-sso
...
[web] Use `providerId` for group SSO and remove unused `universityId`
GitOrigin-RevId: 0928cdfee78cae5cdede57159b9968c15e26f27c
2025-08-08 08:07:34 +00:00
Mathias Jakobsen
9839dc57b3
Merge pull request #27620 from overleaf/mj-remove-ai-assistant-notification
...
[web] Remove AI Assist notification
GitOrigin-RevId: e3ffcac233eb77d215bff8af7e35f7fdecacf29a
2025-08-08 08:07:00 +00:00
Andrew Rumble
70e0ca3eb5
Split adminCapabilities middleware into two
...
GitOrigin-RevId: 093e455e33459cae2e3da236958cb991f128299e
2025-08-08 08:05:52 +00:00
Andrew Rumble
0f4534260b
Try checking admin access before getting capabilities
...
GitOrigin-RevId: 75ff99aa6b6e94c1b84a99d22d65b327f4d40126
2025-08-08 08:05:47 +00:00
Andrew Rumble
ccfeb59c59
Move hasAdminCapability middleware into helpers
...
This is so that we can test it more easily than embedding it would allow
GitOrigin-RevId: be23d945bc7c816d32b18b4990ecd9e0a6592eb5
2025-08-08 08:05:42 +00:00
Andrew Rumble
192aacbecd
Add hasAdminCapabilities function to ExpressLocals
...
This will be available in pug to allow admin capabilities to be used.
GitOrigin-RevId: 6bc4e38385b421aa44ee9385e28f3c59b09e3ade
2025-08-08 08:05:37 +00:00
Jimmy Domagala-Tang
d7b282c176
removing split test and enforcing WF account creation as winning variant ( #26920 )
...
GitOrigin-RevId: 49d801004a6fced936214e5c08b82284ab771e72
2025-08-06 08:05:30 +00:00
roo hutton
58b8e36739
Merge pull request #27215 from overleaf/rh-stripe-pause-status
...
Update features and subscription state when Stripe pause starts and ends
GitOrigin-RevId: 368f5d9b046cfe26e996be336189081b96926713
2025-08-06 08:04:57 +00:00
roo hutton
5e293f8c79
Merge pull request #27413 from overleaf/rh-sp-remove-geoip
...
Only make GeoIP lookup for premium nudge experiment in SaaS environment
GitOrigin-RevId: a0df9186dc957cd5ead6e798266874aebedabee5
2025-08-06 08:04:41 +00:00
M Fahru
1c4b55fff4
Merge pull request #27498 from overleaf/mf-fix-subscriptionX-segmentation-stripe
...
[web] Only send one subscriptionId data in event segmentation for Stripe subscription to follow recurly
GitOrigin-RevId: 9e514d2991df768ea7e77bd5fa5f9d851c4ee8f0
2025-08-05 08:06:26 +00:00
Simon Gardner
4bb6019e56
Merge pull request #27506 from overleaf/slg-improve-add-manager-error
...
Improve error message when attempting to add non-registered manager
GitOrigin-RevId: d098b3640940c6299c279b86c9c7e2631cc73191
2025-08-05 08:06:21 +00:00
Simon Gardner
e129856dfe
Merge pull request #27445 from overleaf/slg-improve-domain-matcher-error
...
Improve domain matcher error message
GitOrigin-RevId: 8f07a8e27854637cb931f852e6c59d4960caa33b
2025-08-05 08:06:16 +00:00
Thomas
7b7b560431
Use AsyncLocalStorage to cache userFullEmails on the request, avoiding duplicated calls to the affiliations endpoint ( #27542 )
...
* Use AsyncLocalStorage to cache userFullEmails
* Rename temporary fakeUser override to avoid conflicts
GitOrigin-RevId: 3a74816f677c1357293b0d46f245b4cfc499f2fa
2025-08-05 08:06:04 +00:00
Simon Gardner
7b7d03bcc0
Merge pull request #27516 from overleaf/slg-hide-enrolment_ad_html
...
hide enrolment_ad_html field from v1 admin form and remove unused usage in web
GitOrigin-RevId: 7cf8eed1a68bbaf2ebbb77069bfd421cd26ef01d
2025-08-05 08:05:41 +00:00
Mathias Jakobsen
8f2001e477
Merge pull request #27329 from overleaf/dp-editor-redesign-beta
...
Prepare editor redesign for beta release
GitOrigin-RevId: 584c0303f652640669234bd227780ed4f20b76c0
2025-08-01 08:05:42 +00:00
Miguel Serrano
cf0a4c472f
[web] Group audit log link in settings ( #27390 )
...
* [web] Group audit log link in settings
Adds a link to access the `/manage/groups/:subscription_id/audit-logs`
endpoint
* [web] Add `group-audit-logs` split test for gradual rollout
GitOrigin-RevId: 60d6c9917ca54ff5e228996e7454a901f0f3b9ca
2025-08-01 08:05:10 +00:00
Jakob Ackermann
29045b9085
[web] download binary files in clsi from filestore via new endpoints ( #27505 )
...
* [history-v1] use String.padStart instead of lodash.padStart
* [web] download binary files in clsi from filestore via new endpoints
* [server-ce] tests: Cypress.env() is parsing boolean values
* [server-ce] tests: run history migration as root
GitOrigin-RevId: bdf6c0e542531ccc4b3f13d2ed68ca0d31e580e9
2025-07-31 08:05:28 +00:00
Antoine Clausse
7f8a423104
[web] Fixup: Remove unused sendReconfirmation ( #27486 )
...
Wrong merge caused this error in https://github.com/overleaf/internal/pull/27423 (37c8fa1)
GitOrigin-RevId: 3b0033f69fc872439c3f2ae37429fb05d9d69af1
2025-07-30 08:06:55 +00:00
Jakob Ackermann
6a92acf542
Merge pull request #27476 from overleaf/jpa-transfer-all
...
[web] add script for transferring all of a users projects in Server Pro
GitOrigin-RevId: 3aad2b624e1da2af83fec0715c2e5e08eff43695
2025-07-30 08:06:51 +00:00
Liangjun Song
b5d26217ac
Merge pull request #27291 from overleaf/ls-update-group-plan-display-name
...
Update group plan display name
GitOrigin-RevId: 7ffd46645f857d102e278833537d86ff6d74fb1c
2025-07-30 08:06:43 +00:00
Antoine Clausse
1cebef56f0
Remove endpoint /user/emails/send-reconfirmation ( #27423 )
...
GitOrigin-RevId: bd96d749175248cba83eb07c00dab7e7a9f819da
2025-07-30 08:06:38 +00:00
Antoine Clausse
535a9774ef
[web] Remove the unused endpoint /user/emails/resend_confirmation ( #27416 )
...
* Remove the unused endpoint `/user/emails/resend_confirmation`
* Remove exported middleware `resendConfirmationEmail`
* Revert "Remove exported middleware `resendConfirmationEmail`"
This reverts commit 7989bf25465dbc9b68c9d1af0d64d1097a747b55.
GitOrigin-RevId: 8054c6f217a734881093f78599a7b2be29436793
2025-07-30 08:06:33 +00:00
Antoine Clausse
ec69641649
[web] Remove the endpoint /user/emails (POST) ( #27418 )
...
* Remove `/user/emails` (post)
* Update test
GitOrigin-RevId: 3979820935209ca36fdd8fabc016ad55d4858cef
2025-07-30 08:06:29 +00:00
Domagoj Kriskovic
c41a451f98
[dsmp] Add a route for accepting changes ( #27398 )
...
* [dsmp] Add a route for accepting changes
* change the payload to accept both change id and range
* remove project lookup
* Remove try/catch from DsMobileAppManager test
GitOrigin-RevId: afd4f793e9389cad97555cfb6675944e5fcf9b84
2025-07-29 08:05:42 +00:00
Liangjun Song
ec591c4f7b
Merge pull request #27150 from overleaf/ls-flexible-licensing-for-stripe-manually-billed-users
...
Support Stripe manually billed users in flexible licensing
GitOrigin-RevId: b3211577a313f3a241320bfe3910cf648ee49319
2025-07-25 08:05:32 +00:00