Unverified Commit c3945283 authored by Matthieu Simonin's avatar Matthieu Simonin Committed by msimonin
Browse files

[inria-2.3.1] Update to 2.3.1

- Update sharelatex docker image version
- Update the creation script
  + make the test user password stronger
   (overleaf now enforce a validation check)
   + Align with latest version
- Update the login response logic
  + HTML if the login is successful
  + json if the login fails (same as before)
- Bump version to 1.0.0.alpha-0
parent 66140d43
...@@ -52,7 +52,9 @@ py36-functionnal: &base-functionnal ...@@ -52,7 +52,9 @@ py36-functionnal: &base-functionnal
- docker exec --workdir /var/www/sharelatex -i sharelatex grunt user:test --email=joe@inria.fr - docker exec --workdir /var/www/sharelatex -i sharelatex grunt user:test --email=joe@inria.fr
- export CI_BASE_URL=http://172.17.0.1:8080 - export CI_BASE_URL=http://172.17.0.1:8080
- export CI_USERNAME=joe@inria.fr - export CI_USERNAME=joe@inria.fr
- export CI_PASSWORD=test # NOTE(msimonin): the password is hardcoded in the user creation script in
# sharelatex/tests/CreateUserTest.coffee
- export CI_PASSWORD=Testtest42
# let's test ! # let's test !
# the python interpreter version is taken from the TOXENV var # the python interpreter version is taken from the TOXENV var
- tox - tox
......
...@@ -45,6 +45,8 @@ version of ShareLatex/Overleaf CE version. Roughly we have the following mapping ...@@ -45,6 +45,8 @@ version of ShareLatex/Overleaf CE version. Roughly we have the following mapping
- sharelatex/overleaf - sharelatex/overleaf
* - 0.Y.Z * - 0.Y.Z
- 1.2.1 - 1.2.1
* - 1.Y.Z
- 2.3.1
Note on passwords management Note on passwords management
---------------------------- ----------------------------
......
from json.decoder import JSONDecodeError
import logging import logging
import re
# try to find CAS form
from lxml import html
import os import os
import requests
from pathlib import Path from pathlib import Path
import re
import requests
import threading import threading
import uuid import uuid
import zipfile import zipfile
...@@ -136,30 +140,38 @@ def walk_files(project_data): ...@@ -136,30 +140,38 @@ def walk_files(project_data):
return walk_project_data(project_data, lambda x: x["type"] == "file") return walk_project_data(project_data, lambda x: x["type"] == "file")
def check_error(json): def check_login_error(response):
"""Check if there's an error in the returned json from sharelatex. """Check if there's an error in the request response
This assumes json to be a dict like the following The response text is
{ - HTML if the auth is successful
"message": - json: otherwise
{ {
"text": "Your email or password is incorrect. Please try again", "message":
"type": "error" {
} "text": "Your email or password is incorrect. Please try again",
} "type": "error"
}
}
Args: Args:
json (dict): message returned by the sharelatex server response (request response): message returned by the sharelatex server
Raise: Raise:
Exception with the corresponding text in the message Exception with the corresponding text in the message
""" """
message = json.get("message") try:
if message is None: json = response.json()
return message = json.get("message")
t = message.get("type") if message is None:
if t is not None and t == "error": return
raise Exception(message.get("text", "Unknown error")) t = message.get("type")
if t is not None and t == "error":
raise Exception(message.get("text", "Unknown error"))
except JSONDecodeError:
# this migh be a successful login here
logger.info("Loggin successful")
pass
def get_csrf_Token(html_text): def get_csrf_Token(html_text):
...@@ -213,11 +225,8 @@ class SyncClient: ...@@ -213,11 +225,8 @@ class SyncClient:
logger.debug(" try login") logger.debug(" try login")
_r = self._post(login_url, data=self.login_data, verify=self.verify) _r = self._post(login_url, data=self.login_data, verify=self.verify)
_r.raise_for_status() _r.raise_for_status()
check_error(_r.json()) check_login_error(_r)
else: else:
# try to find CAS form
from lxml import html
logger.debug(" try CAS login") logger.debug(" try CAS login")
a = html.fromstring(r.text) a = html.fromstring(r.text)
if len(a.forms) == 1: if len(a.forms) == 1:
......
__version__ = "0.5.5" __version__ = "1.0.0.alpha-0"
...@@ -8,11 +8,12 @@ module.exports = (grunt) -> ...@@ -8,11 +8,12 @@ module.exports = (grunt) ->
process.exit(1) process.exit(1)
settings = require "settings-sharelatex" settings = require "settings-sharelatex"
UserRegistrationHandler = require "../web/app/js/Features/User/UserRegistrationHandler" UserRegistrationHandler = require "../web/app/src/Features/User/UserRegistrationHandler"
OneTimeTokenHandler = require "../web/app/js/Features/Security/OneTimeTokenHandler" OneTimeTokenHandler = require "../web/app/src/Features/Security/OneTimeTokenHandler"
UserRegistrationHandler.registerNewUser { UserRegistrationHandler.registerNewUser {
email: email email: email
password: "test" # NOTE(msimonin): we need a /strong/ password otherwise we don't validate
password: "Testtest42"
}, (error, user) -> }, (error, user) ->
if error? and error?.message != "EmailAlreadyRegistered" if error? and error?.message != "EmailAlreadyRegistered"
throw error throw error
...@@ -21,7 +22,7 @@ module.exports = (grunt) -> ...@@ -21,7 +22,7 @@ module.exports = (grunt) ->
user.save (error) -> user.save (error) ->
throw error if error? throw error if error?
ONE_WEEK = 7 * 24 * 60 * 60 # seconds ONE_WEEK = 7 * 24 * 60 * 60 # seconds
OneTimeTokenHandler.getNewToken user._id, { expiresIn: ONE_WEEK }, (err, token)-> OneTimeTokenHandler.getNewToken "password", { expiresIn: ONE_WEEK, email:user.email, user_id: user._id.toString() }, (err, token)->
return next(err) if err? return next(err) if err?
console.log "" console.log ""
......
version: "2.2" # NOTE(msimonin) this comes from https://github.com/overleaf/overleaf/blob/02098ca23b2f4301f737296bb73652c7cf207730/docker-compose.yml
# With the following differences:
# - I removed any volume definition (we don't need them in this env)
# - I bound on *:8080 in particular this will be reachable on the
# (deterministic) docker bridge ip (172.17.0.1)
version: '2.2'
services: services:
sharelatex: sharelatex:
restart: always restart: always
image: sharelatex/sharelatex:v1.2.1 # Server Pro users:
container_name: sharelatex # image: quay.io/sharelatex/sharelatex-pro
# hack image: registry.gitlab.inria.fr/sed-rennes/overleaf/overleaf/overleaf:inria-2.3.1
command: /sbin/my_init container_name: sharelatex
entrypoint: python3 # hack
# /hack command: /sbin/my_init
depends_on: entrypoint: python3
mongo: # /hack
condition: service_healthy depends_on:
redis: mongo:
condition: service_started condition: service_healthy
privileged: true redis:
ports: condition: service_started
# binding on docker bridge ports:
- 172.17.0.1:8080:80 - 0.0.0.0:8080:80
links: links:
- mongo - mongo
- redis - redis
######################################################################## ########################################################################
#### Server Pro: Un-comment the following line to mount the docker #### #### Server Pro: Un-comment the following line to mount the docker ####
#### socket, required for Sibling Containers to work #### #### socket, required for Sibling Containers to work ####
######################################################################## ########################################################################
# - /var/run/docker.sock:/var/run/docker.sock # - /var/run/docker.sock:/var/run/docker.sock
environment: environment:
SHARELATEX_APP_NAME: Overleaf Community Edition
SHARELATEX_APP_NAME: Overleaf Community Edition
SHARELATEX_MONGO_URL: mongodb://mongo/sharelatex
SHARELATEX_MONGO_URL: mongodb://mongo/sharelatex
# Same property, unfortunately with different names in
# different locations # Same property, unfortunately with different names in
SHARELATEX_REDIS_HOST: redis # different locations
REDIS_HOST: redis SHARELATEX_REDIS_HOST: redis
REDIS_HOST: redis
ENABLED_LINKED_FILE_TYPES: "url,project_file"
ENABLED_LINKED_FILE_TYPES: 'url,project_file'
# Enables Thumbnail generation using ImageMagick
ENABLE_CONVERSIONS: "true" # Enables Thumbnail generation using ImageMagick
ENABLE_CONVERSIONS: 'true'
# Disables email confirmation requirement
EMAIL_CONFIRMATION_DISABLED: "true" # Disables email confirmation requirement
EMAIL_CONFIRMATION_DISABLED: 'true'
## Set for SSL via nginx-proxy
#VIRTUAL_HOST: 103.112.212.22 # temporary fix for LuaLaTex compiles
# SHARELATEX_SITE_URL: http://sharelatex.mydomain.com # see https://github.com/overleaf/overleaf/issues/695
# SHARELATEX_NAV_TITLE: Our ShareLaTeX Instance TEXMFVAR: /var/lib/sharelatex/tmp/texmf-var
# SHARELATEX_HEADER_IMAGE_URL: http://somewhere.com/mylogo.png
# SHARELATEX_ADMIN_EMAIL: support@it.com ## Set for SSL via nginx-proxy
# SHARELATEX_LEFT_FOOTER: '[{"text": "Powered by <a href=\"https://www.sharelatex.com\">ShareLaTeX</a> 2016"},{"text": "Another page I want to link to can be found <a href=\"here\">here</a>"} ]' #VIRTUAL_HOST: 103.112.212.22
# SHARELATEX_RIGHT_FOOTER: '[{"text": "Hello I am on the Right"} ]'
# SHARELATEX_EMAIL_FROM_ADDRESS: "team@sharelatex.com" # SHARELATEX_SITE_URL: http://sharelatex.mydomain.com
# SHARELATEX_EMAIL_AWS_SES_ACCESS_KEY_ID: # SHARELATEX_NAV_TITLE: Our ShareLaTeX Instance
# SHARELATEX_EMAIL_AWS_SES_SECRET_KEY: # SHARELATEX_HEADER_IMAGE_URL: http://somewhere.com/mylogo.png
# SHARELATEX_EMAIL_SMTP_HOST: smtp.mydomain.com # SHARELATEX_ADMIN_EMAIL: support@it.com
# SHARELATEX_EMAIL_SMTP_PORT: 587
# SHARELATEX_EMAIL_SMTP_SECURE: false # SHARELATEX_LEFT_FOOTER: '[{"text": "Powered by <a href=\"https://www.sharelatex.com\">ShareLaTeX</a> 2016"},{"text": "Another page I want to link to can be found <a href=\"here\">here</a>"} ]'
# SHARELATEX_EMAIL_SMTP_USER: # SHARELATEX_RIGHT_FOOTER: '[{"text": "Hello I am on the Right"} ]'
# SHARELATEX_EMAIL_SMTP_PASS:
# SHARELATEX_EMAIL_SMTP_TLS_REJECT_UNAUTH: true # SHARELATEX_EMAIL_FROM_ADDRESS: "team@sharelatex.com"
# SHARELATEX_EMAIL_SMTP_IGNORE_TLS: false
# SHARELATEX_CUSTOM_EMAIL_FOOTER: "<div>This system is run by department x </div>" # SHARELATEX_EMAIL_AWS_SES_ACCESS_KEY_ID:
################ # SHARELATEX_EMAIL_AWS_SES_SECRET_KEY:
## Server Pro ##
################ # SHARELATEX_EMAIL_SMTP_HOST: smtp.mydomain.com
# SANDBOXED_COMPILES: 'true' # SHARELATEX_EMAIL_SMTP_PORT: 587
# SANDBOXED_COMPILES_SIBLING_CONTAINERS: 'true' # SHARELATEX_EMAIL_SMTP_SECURE: false
# SANDBOXED_COMPILES_HOST_DIR: '/var/sharelatex_data/data/compiles' # SHARELATEX_EMAIL_SMTP_USER:
# SYNCTEX_BIN_HOST_PATH: '/var/sharelatex_data/bin/synctex' # SHARELATEX_EMAIL_SMTP_PASS:
# DOCKER_RUNNER: 'false' # SHARELATEX_EMAIL_SMTP_TLS_REJECT_UNAUTH: true
## Works with test LDAP server shown at bottom of docker compose # SHARELATEX_EMAIL_SMTP_IGNORE_TLS: false
# SHARELATEX_LDAP_URL: 'ldap://ldap:389' # SHARELATEX_CUSTOM_EMAIL_FOOTER: "<div>This system is run by department x </div>"
# SHARELATEX_LDAP_SEARCH_BASE: 'ou=people,dc=planetexpress,dc=com'
# SHARELATEX_LDAP_SEARCH_FILTER: '(uid={{username}})' ################
# SHARELATEX_LDAP_BIND_DN: 'cn=admin,dc=planetexpress,dc=com' ## Server Pro ##
# SHARELATEX_LDAP_BIND_CREDENTIALS: 'GoodNewsEveryone' ################
# SHARELATEX_LDAP_EMAIL_ATT: 'mail'
# SHARELATEX_LDAP_NAME_ATT: 'cn' # SANDBOXED_COMPILES: 'true'
# SHARELATEX_LDAP_LAST_NAME_ATT: 'sn'
# SHARELATEX_LDAP_UPDATE_USER_DETAILS_ON_LOGIN: 'true' # SANDBOXED_COMPILES_SIBLING_CONTAINERS: 'true'
# SHARELATEX_TEMPLATES_USER_ID: "578773160210479700917ee5" # SANDBOXED_COMPILES_HOST_DIR: '/var/sharelatex_data/data/compiles'
# SHARELATEX_NEW_PROJECT_TEMPLATE_LINKS: '[ {"name":"All Templates","url":"/templates/all"}]' # SYNCTEX_BIN_HOST_PATH: '/var/sharelatex_data/bin/synctex'
# SHARELATEX_PROXY_LEARN: "true"
# DOCKER_RUNNER: 'false'
mongo:
restart: always ## Works with test LDAP server shown at bottom of docker compose
image: mongo # SHARELATEX_LDAP_URL: 'ldap://ldap:389'
container_name: mongo # SHARELATEX_LDAP_SEARCH_BASE: 'ou=people,dc=planetexpress,dc=com'
expose: # SHARELATEX_LDAP_SEARCH_FILTER: '(uid={{username}})'
- 27017 # SHARELATEX_LDAP_BIND_DN: 'cn=admin,dc=planetexpress,dc=com'
healthcheck: # SHARELATEX_LDAP_BIND_CREDENTIALS: 'GoodNewsEveryone'
test: echo 'db.stats().ok' | mongo localhost:27017/test --quiet # SHARELATEX_LDAP_EMAIL_ATT: 'mail'
interval: 10s # SHARELATEX_LDAP_NAME_ATT: 'cn'
timeout: 10s # SHARELATEX_LDAP_LAST_NAME_ATT: 'sn'
retries: 5 # SHARELATEX_LDAP_UPDATE_USER_DETAILS_ON_LOGIN: 'true'
redis: # SHARELATEX_TEMPLATES_USER_ID: "578773160210479700917ee5"
restart: always # SHARELATEX_NEW_PROJECT_TEMPLATE_LINKS: '[ {"name":"All Templates","url":"/templates/all"}]'
image: redis
container_name: redis
expose: # SHARELATEX_PROXY_LEARN: "true"
- 6379
# ldap: mongo:
# restart: always restart: always
# image: rroemhild/test-openldap image: mongo
# container_name: ldap container_name: mongo
# expose: expose:
# - 389 - 27017
# See https://github.com/jwilder/nginx-proxy for documentation on how to configure the nginx-proxy container, healthcheck:
# and https://github.com/overleaf/overleaf/wiki/HTTPS-reverse-proxy-using-Nginx for an example of some recommended test: echo 'db.stats().ok' | mongo localhost:27017/test --quiet
# settings. We recommend using a properly managed nginx instance outside of the Overleaf Server Pro setup, interval: 10s
# but the example here can be used if you'd prefer to run everything with docker-compose timeout: 10s
# nginx-proxy: retries: 5
# image: jwilder/nginx-proxy
# container_name: nginx-proxy redis:
# ports: restart: always
# #- "80:80" image: redis:5
# - "443:443" container_name: redis
# volumes: expose:
# - /var/run/docker.sock:/tmp/docker.sock:ro - 6379
# - /home/sharelatex/tmp:/etc/nginx/certs
# ldap:
# restart: always
# image: rroemhild/test-openldap
# container_name: ldap
# expose:
# - 389
# See https://github.com/jwilder/nginx-proxy for documentation on how to configure the nginx-proxy container,
# and https://github.com/overleaf/overleaf/wiki/HTTPS-reverse-proxy-using-Nginx for an example of some recommended
# settings. We recommend using a properly managed nginx instance outside of the Overleaf Server Pro setup,
# but the example here can be used if you'd prefer to run everything with docker-compose
# nginx-proxy:
# image: jwilder/nginx-proxy
# container_name: nginx-proxy
# ports:
# #- "80:80"
# - "443:443"
# volumes:
# - /var/run/docker.sock:/tmp/docker.sock:ro
# - /home/sharelatex/tmp:/etc/nginx/certs
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment