Commit Graph

33 Commits

Author SHA1 Message Date
claude 8b7da8296c fix: pass session token so anonymous users can install python packages
Build and Deploy Verso / deploy (push) Successful in 14m23s
Build and Deploy Verso (prod) / deploy (push) Successful in 3m55s
userCanInstallPython passed null as the token, so anonymous users
accessing via a share link got privilege level NONE from the WithoutUser
path and allowPythonInstall was always false for them.

Read the token from req.session.anonTokenAccess via
TokenAccessHandler.getRequestToken and forward it through
userCanInstallPython to getPrivilegeLevelForProject.  For TOKEN_BASED
projects this resolves the anonymous user's access level via
getPrivilegeLevelForProjectWithToken, enabling package installation.

Also update Quarto Slides badge color to #e4637c.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-06-10 09:17:30 +00:00
claude e6773c6baf fix: read stored project compiler for quartoFlavor update
Build and Deploy Verso / deploy (push) Successful in 20m28s
options.compiler is set from req.body.compiler which the frontend never
sends, so the condition was never true and quartoFlavor was never written.
Use ProjectGetter to read the stored compiler instead. Fire-and-forget so
it does not delay the compile response.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-06-10 08:48:25 +00:00
claude 9c7a10aa39 fix: correct import path and minor issues in quartoFlavor update
Build and Deploy Verso / deploy (push) Successful in 13m44s
- Fix wrong import path '../models/Project.mjs' → '../../models/Project.mjs'
  (from Features/Compile/, '..' is Features/, not src/; the server would
  crash on startup with ERR_MODULE_NOT_FOUND in Node.js ESM)
- Log MongoDB errors instead of silently swallowing them
- Remove null from Mongoose String enum (not a valid enum value for strings)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-06-10 08:06:00 +00:00
claude bbf532d282 project-list: distinguish Quarto PDF vs Quarto Slides in format badge
Build and Deploy Verso / deploy (push) Successful in 9m30s
Add a quartoFlavor field ('revealjs' | 'pdf') to the Project model.
After each successful Quarto compile, CompileController detects the output
type (output.html → revealjs, otherwise pdf) and persists it.
ProjectListController includes it in the projection and serialization so
it reaches the frontend without an extra round-trip.

Badge variants:
  - quartoFlavor unset (new/uncompiled) → "Quarto PDF" #447099
  - quartoFlavor 'pdf'                  → "Quarto PDF" #447099 (Quarto blue)
  - quartoFlavor 'revealjs'             → "Quarto Slides" #7e56c2 (purple)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-06-10 07:55:45 +00:00
claude 83b6b323c3 Add cv2/tqdm to base; implement per-project Python venvs (Design B, Phase 1)
Build and Deploy Verso / deploy (push) Successful in 17m0s
Base image: add opencv-python-headless (cv2) and tqdm to the bundled
scientific stack, and python3-venv (needed to build per-project venvs).

Per-project dependencies: a project's requirements.txt is now installed into a
venv cached by its sha256 (python3 -m venv --system-site-packages, so the
bundled stack stays visible and only extra packages are installed); QuartoRunner
points Quarto at it via QUARTO_PYTHON. A per-hash flock serialises concurrent
builds; pip output is merged into output.log; on failure the render falls back
to the base interpreter. Venvs live under PYTHON_VENVS_DIR
(default /var/lib/overleaf/data/python-venvs).

Gating: PythonVenvGate.userCanInstallPython restricts installs to the project
owner + invited collaborators (ignorePublicAccess excludes anonymous/link
users), threaded to CLSI as allowPythonInstall on the editor compile,
presentation export, and publish paths. Behind OVERLEAF_ENABLE_PROJECT_PYTHON_VENV
(enabled in the deployment). Design doc updated; Phase 2 (egress policy) and
Phase 3 (venv eviction) remain.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-02 13:14:47 +00:00
Jakob Ackermann 1df98c028d [web] add includeReferer flag to SplitTestHandler.getAssignment (#33235)
* [web] add includeReferer flag to SplitTestHandler.getAssignment

* [web] tests: migrate User.getSplitTestAssignment to async/await

I don't want to fight with callbacks and optional arguments. Just move
it to async/await. New tests should use async/await, so there is no
point in making this work in callback-hell.

* [web] remove unused URL import

GitOrigin-RevId: 6251001e6ba7354f704fa663be8ef365ca0b9d23
2026-05-12 08:06:21 +00:00
Jakob Ackermann 37cc65ec7e [web] consolidate clsi downloads and add zod validation (#33069)
* [web] consolidate clsi downloads and add zod validation

* [validation-tools] make prettier happy

* [web] make clsiServerId optional

* [web] fix type of buildId

* [web] gracefully handle ObjectId

* [web] fix type of buildId

* [monorepo] address review feedback

- cjs export
- update module path in comments
- skip adding ?clsiserverid if not set
- allow nested output file download for submissions and add tests

* [web] address review feedback

* [web] cache one more zod schema

* [web] fix unit tests

GitOrigin-RevId: 0a1e618955983e035defd6d3c0528b81e0e85c95
2026-05-05 08:06:05 +00:00
Jakob Ackermann dec809913c [web] block malformed compile requests from known other frontends (#32461)
The req.body.rootResourcePath has been shipped three weeks ago, so it's
unlikely to trip up stale editor sessions.

For now, only block node-fetch and log the rest.

GitOrigin-RevId: 541189675f68fdcab09f4b409b4143024a29f94a
2026-03-27 09:06:10 +00:00
Jakob Ackermann 81b7121408 [clsi] initial implementation of compile from history (#31883)
* [clsi] initial implementation of compile from history

* [clsi] copy changes

* [saas-e2e] extend test case with nested folder

* [saas-e2e] add test case for tracked changes

* [web] fix accumulating changes from multiple chunks

* [web] optimize size check for compile request payload

* [clsi] deduplicate globalBlobs

* [clsi] add validation for request body details

* [clsi] add metrics for compile from history

* [clsi] download binary files concurrently

* [clsi] skip download of empty file blob

* [clsi] break down e2e compile time metric by compileFromHistory

GitOrigin-RevId: 0dadef93e89d8a172c35cb130a1042d9d1bec42a
2026-03-06 09:12:07 +00:00
Andrew Rumble 5723a9589a Merge pull request #31567 from overleaf/ar-fb/handle-clsi-timeout-better
[clsi-lb,v1,clsi,web] handle clsi timeout better

GitOrigin-RevId: 86aa1e01b8cb465b8b9332e17fb97c21849d0489
2026-03-06 09:12:02 +00:00
Jakob Ackermann da50aee52c [web] disable buffering when downloading large files (#31874)
* [web] disable buffering when downloading large files

* [web] fix unit tests

GitOrigin-RevId: c8b0381962814fa62425364f03457600daf287ef
2026-03-06 09:10:32 +00:00
Jakob Ackermann 624a351aac [web] increase timeout for downloads from clsi (#31840)
* [web] increase timeout for downloads from clsi

* [web] detach request timeout from streaming timeout

* [web] align timeout for clsi-cache downloads with clsi downloads

* [web] destroy stream when bailing out early from aborted requests

GitOrigin-RevId: cc4cad9d684214b2eee0f5fc43513e430ceb0977
2026-03-06 09:09:50 +00:00
Jakob Ackermann 6c6e8d9a97 [monorepo] switch all output file reads to clsi-nginx (#31691)
* [monorepo] switch all output file reads to clsi-nginx

* [clsi-lb] allow gallery download requests

* [terraform] clsi: use nginx.conf from clsi service

* [clsi] fix flakey tests

* [clsi] replace alias with rewrite and root in nginx config

* [k8s] clsi-lb: expose download port on internal service

* [web] add explicit endpoint for downloading all output files

Serve the output.zip endpoint from clsi.

* [clsi] fix regex for latexqc submission ids

Previously, we only handled template submission ids.

GitOrigin-RevId: 6c3b21b01ec41ae767530b14aac31fbe3d640dd5
2026-02-24 09:07:12 +00:00
Jakob Ackermann ddeafa1d7c [web] fallback to clsi-cache from regular output file download (#31555)
* [web] fallback to clsi-cache from regular output file download

* [web] add comment on req.params assignment

GitOrigin-RevId: 9d0c2e0a8e12d322aa5754c732a38f19adeac716
2026-02-17 09:05:08 +00:00
Anna Claire Fields ee4b5f515c Handle ERR_STREAM_UNABLE_TO_PIPE alongside ERR_STREAM_PREMATURE_CLOSE (#31174)
GitOrigin-RevId: bbf49237b177d7a58a9b13efc6f38f5eecfb745c
2026-02-03 09:05:50 +00:00
Tim Down 64da16f0d1 Merge pull request #28670 from overleaf/td-rename-validate-req
Rename validateReq to parseReq

GitOrigin-RevId: a935aaa3f89495e164ce5d10b0bd80436571440f
2026-01-15 09:05:09 +00:00
Tim Down f372fd07f2 Merge pull request #29869 from overleaf/mfb-archive-pdf-caching-gradual-rollouts
Mfb archive pdf caching gradual rollouts

GitOrigin-RevId: 3a2648d067c0c9cfee04fc6758bd1a5ddb44cd21
2025-12-04 09:06:15 +00:00
Andrew Rumble 07c827e9fd Merge pull request #29928 from overleaf/ar-last-infrastructure-conversions
[web] last infrastructure conversions

GitOrigin-RevId: ad1aff9b7df0610ed0303157d9e2c8032f32c02b
2025-11-28 09:05:56 +00:00
Andrew Rumble 18f44866e5 Merge pull request #29919 from overleaf/revert-29795-ar-last-infrastructure-conversions
Revert "[web] last infrastructure conversions"

GitOrigin-RevId: 48dc64553012afb5d2db4b2eb9c9898489b7e5ef
2025-11-27 09:05:54 +00:00
Andrew Rumble d748d8d606 Merge pull request #29795 from overleaf/ar-last-infrastructure-conversions
[web] last infrastructure conversions

GitOrigin-RevId: 68aa11625a9bc6d0d5324ecd95bb5ac52af8ee96
2025-11-27 09:05:30 +00:00
Andrew Rumble beb6f6d484 Merge pull request #29597 from overleaf/ar-last-features-esm-conversion
[web] last features esm conversion

GitOrigin-RevId: a35ab995bf654f1cdfe0e0062d8806761ecccf2d
2025-11-21 09:05:36 +00:00
Andrew Rumble 4f02a85aa4 Update paths
GitOrigin-RevId: 399c594dd1bbf739d91874df6be3b70e57fe01e3
2025-11-06 09:05:57 +00:00
Jakob Ackermann 3586b37491 [web] Remove clsi-cache-prompt/survey, split-tests and events (#29510)
* [web] Remove clsi-cache-prompt/survey and split-tests

* [web] Remove initial 50/50 clsi-cache split-test

* [web] Remove synctex-downloaded-from-cache event

* [web] Remove fallback-to-clsi-cache event

* [saas-e2e] fix tests with clsi-cache enabled

GitOrigin-RevId: b5cf2ab073dc866fe398b81fd5afe46422134c80
2025-11-05 09:06:59 +00:00
Jakob Ackermann 3a206074f2 [web] move premium compiles up one bracket (#29410)
GitOrigin-RevId: 53423f855b2c215f6cc926b480422b2ce3477a74
2025-10-31 09:06:32 +00:00
Jakob Ackermann d056ee5b74 [web] enable compileFromClsiCache independent of clsi-cache-prompt (#29366)
The split test is active now and .active is only set in the dev-env.

GitOrigin-RevId: ed4a379e2144c2a08497eb0cf42ef16077f7ad27
2025-10-29 09:06:04 +00:00
Jakob Ackermann 45ad16445f [web] do not show clsi-cache prompts/survey in free projects (#29302)
GitOrigin-RevId: fe60952e14503884570d3e27fb274fbb7c6b6620
2025-10-24 08:05:46 +00:00
Jakob Ackermann f3f6a8a8e0 [web] add clsi-cache prompts (#29281)
* [web] add clsi-cache prompts

* [web] add new editor variant to segmentation

* [web] add tests for useNewEditorVariant

* [web] adjust start of using clsi-cache in split-test

GitOrigin-RevId: c9c5b1eff2ceefb65ef82516d9074cb971cb4c48
2025-10-24 08:05:42 +00:00
Andrew Rumble f02f6475ac Update paths
GitOrigin-RevId: a9474c8f36e8b287de4dd8fda29bc082001444ac
2025-10-23 08:06:10 +00:00
Jakob Ackermann 93526bec96 [web] pre-populate clsi-cache ahead of showing survey (#29221)
* [web] pre-populate clsi-cache ahead of showing survey

* [web] tweak variant checks

Co-authored-by: Mathias Jakobsen <mathias.jakobsen@overleaf.com>

---------

Co-authored-by: Mathias Jakobsen <mathias.jakobsen@overleaf.com>
GitOrigin-RevId: 749a7a1c3b21ef2e46bc86a74631e004069c5806
2025-10-21 08:06:25 +00:00
Andrew Rumble e909995ce0 Rename features files
GitOrigin-RevId: fc4ce037343b02d002fa07b7cdc283f2d7d4f89b
2025-10-21 08:05:47 +00:00
Antoine Clausse 33e63d79fc Merge pull request #28584 from overleaf/ac-some-web-esm-migration-5
[web] Convert some Features files to ES modules (part 5)

GitOrigin-RevId: 0cad67f9afe0095e2b066bf2f4d3717c00540dab
2025-10-08 08:06:15 +00:00
Antoine Clausse 46715191e3 Merge pull request #28544 from overleaf/ac-some-web-esm-migration-4
[web] Convert some Features files to ES modules (part 4)

GitOrigin-RevId: cf11a7584e39c4d4de08e2f924240e488a4066c4
2025-09-24 08:05:58 +00:00
Antoine Clausse 71f0b28a84 [web] Convert some Features files to ES modules (part 3) (#28494)
* Rename files to mjs

* Rename test files to mjs

* Update CODEOWNERS

* Update files to ESM

* Update test files to ESM

* Update RestoreManager.test.mjs

* Remove unused `AdminAuthorizationHelper` mock and stub

* Remove unnecessary return

GitOrigin-RevId: 2b9ef126de1d8964afbc6e5641cca36712655866
2025-09-17 08:05:02 +00:00