From 6264c8205266678a41a1d1f54c3373b6eb7d69ab Mon Sep 17 00:00:00 2001 From: David Rotermund Date: Wed, 2 Oct 2024 18:15:15 +0200 Subject: [PATCH] Add files via upload --- overleafserver/escape/LatexRunner.js | 204 ++ .../app/src/AuthenticationControllerLdap.js | 63 + .../ldap/app/src/AuthenticationManagerLdap.js | 73 + .../AuthenticationController.js | 666 +++++ .../PasswordReset/PasswordResetController.js | 212 ++ .../PasswordReset/PasswordResetHandler.js | 145 + .../app/src/Features/User/UserController.js | 517 ++++ .../ldap/app/src/InitLdapAuthentication.js | 54 + overleafserver/ldap/app/src/LdapContacts.js | 133 + overleafserver/ldap/app/src/LdapStrategy.js | 38 + .../ldap/app/src/infrastructure/Features.js | 101 + overleafserver/ldap/app/views/user/login.pug | 42 + .../ldap/app/views/user/settings.pug | 40 + .../hooks/use-review-panel-state.ts | 1661 ++++++++++++ .../hooks/use-codemirror-scope.ts | 533 ++++ overleafserver/ldap/index.js | 27 + overleafserver/ldap/locales/en.json | 2400 +++++++++++++++++ .../launchpad/app/src/LaunchpadController.js | 240 ++ .../modules/launchpad/app/views/launchpad.pug | 264 ++ .../ldap/patches/ldapauth-fork+4.3.3.patch | 64 + .../ldap/web/config/settings.defaults.js | 938 +++++++ .../Features/Project/ProjectEditorHandler.js | 156 ++ .../track/web/config/settings.defaults.js | 935 +++++++ .../app/src/TrackChangesController.js | 308 +++ .../app/src/TrackChangesRouter.js | 72 + .../track/web/modules/track-changes/index.js | 2 + 26 files changed, 9888 insertions(+) create mode 100644 overleafserver/escape/LatexRunner.js create mode 100644 overleafserver/ldap/app/src/AuthenticationControllerLdap.js create mode 100644 overleafserver/ldap/app/src/AuthenticationManagerLdap.js create mode 100644 overleafserver/ldap/app/src/Features/Authentication/AuthenticationController.js create mode 100644 overleafserver/ldap/app/src/Features/PasswordReset/PasswordResetController.js create mode 100644 overleafserver/ldap/app/src/Features/PasswordReset/PasswordResetHandler.js create mode 100644 overleafserver/ldap/app/src/Features/User/UserController.js create mode 100644 overleafserver/ldap/app/src/InitLdapAuthentication.js create mode 100644 overleafserver/ldap/app/src/LdapContacts.js create mode 100644 overleafserver/ldap/app/src/LdapStrategy.js create mode 100644 overleafserver/ldap/app/src/infrastructure/Features.js create mode 100644 overleafserver/ldap/app/views/user/login.pug create mode 100644 overleafserver/ldap/app/views/user/settings.pug create mode 100644 overleafserver/ldap/frontend/js/features/ide-react/context/review-panel/hooks/use-review-panel-state.ts create mode 100644 overleafserver/ldap/frontend/js/features/source-editor/hooks/use-codemirror-scope.ts create mode 100644 overleafserver/ldap/index.js create mode 100644 overleafserver/ldap/locales/en.json create mode 100644 overleafserver/ldap/modules/launchpad/app/src/LaunchpadController.js create mode 100644 overleafserver/ldap/modules/launchpad/app/views/launchpad.pug create mode 100644 overleafserver/ldap/patches/ldapauth-fork+4.3.3.patch create mode 100644 overleafserver/ldap/web/config/settings.defaults.js create mode 100644 overleafserver/track/web/app/src/Features/Project/ProjectEditorHandler.js create mode 100644 overleafserver/track/web/config/settings.defaults.js create mode 100644 overleafserver/track/web/modules/track-changes/app/src/TrackChangesController.js create mode 100644 overleafserver/track/web/modules/track-changes/app/src/TrackChangesRouter.js create mode 100644 overleafserver/track/web/modules/track-changes/index.js diff --git a/overleafserver/escape/LatexRunner.js b/overleafserver/escape/LatexRunner.js new file mode 100644 index 0000000..b2ed5b1 --- /dev/null +++ b/overleafserver/escape/LatexRunner.js @@ -0,0 +1,204 @@ +const Path = require('path') +const { promisify } = require('util') +const Settings = require('@overleaf/settings') +const logger = require('@overleaf/logger') +const CommandRunner = require('./CommandRunner') +const fs = require('fs') + +const ProcessTable = {} // table of currently running jobs (pids or docker container names) + +const TIME_V_METRICS = Object.entries({ + 'cpu-percent': /Percent of CPU this job got: (\d+)/m, + 'cpu-time': /User time.*: (\d+.\d+)/m, + 'sys-time': /System time.*: (\d+.\d+)/m, +}) + +const COMPILER_FLAGS = { + latex: '-pdfdvi', + lualatex: '-lualatex', + pdflatex: '-pdf', + xelatex: '-xelatex', +} + +function runLatex(projectId, options, callback) { + const { + directory, + mainFile, + image, + environment, + flags, + compileGroup, + stopOnFirstError, + stats, + timings, + } = options + const compiler = options.compiler || 'pdflatex' + const timeout = options.timeout || 60000 // milliseconds + + logger.debug( + { + directory, + compiler, + timeout, + mainFile, + environment, + flags, + compileGroup, + stopOnFirstError, + }, + 'starting compile' + ) + + let command + try { + command = _buildLatexCommand(mainFile, { + compiler, + stopOnFirstError, + flags, + }) + } catch (err) { + return callback(err) + } + + const id = `${projectId}` // record running project under this id + + ProcessTable[id] = CommandRunner.run( + projectId, + command, + directory, + image, + timeout, + environment, + compileGroup, + function (error, output) { + delete ProcessTable[id] + if (error) { + return callback(error) + } + const runs = + output?.stderr?.match(/^Run number \d+ of .*latex/gm)?.length || 0 + const failed = output?.stdout?.match(/^Latexmk: Errors/m) != null ? 1 : 0 + // counters from latexmk output + stats['latexmk-errors'] = failed + stats['latex-runs'] = runs + stats['latex-runs-with-errors'] = failed ? runs : 0 + stats[`latex-runs-${runs}`] = 1 + stats[`latex-runs-with-errors-${runs}`] = failed ? 1 : 0 + // timing information from /usr/bin/time + const stderr = (output && output.stderr) || '' + if (stderr.includes('Command being timed:')) { + // Add metrics for runs with `$ time -v ...` + for (const [timing, matcher] of TIME_V_METRICS) { + const match = stderr.match(matcher) + if (match) { + timings[timing] = parseFloat(match[1]) + } + } + } + // record output files + _writeLogOutput(projectId, directory, output, () => { + callback(error, output) + }) + } + ) +} + +function _writeLogOutput(projectId, directory, output, callback) { + if (!output) { + return callback() + } + // internal method for writing non-empty log files + function _writeFile(file, content, cb) { + if (content && content.length > 0) { + fs.unlink(file, () => { + fs.writeFile(file, content, { flag: 'wx' }, err => { + if (err) { + // don't fail on error + logger.error({ err, projectId, file }, 'error writing log file') + } + cb() + }) + }) + } else { + cb() + } + } + // write stdout and stderr, ignoring errors + _writeFile(Path.join(directory, 'output.stdout'), output.stdout, () => { + _writeFile(Path.join(directory, 'output.stderr'), output.stderr, () => { + callback() + }) + }) +} + +function killLatex(projectId, callback) { + const id = `${projectId}` + logger.debug({ id }, 'killing running compile') + if (ProcessTable[id] == null) { + logger.warn({ id }, 'no such project to kill') + callback(null) + } else { + CommandRunner.kill(ProcessTable[id], callback) + } +} + +function _buildLatexCommand(mainFile, opts = {}) { + const command = [] + + if (Settings.clsi?.strace) { + command.push('strace', '-o', 'strace', '-ff') + } + + if (Settings.clsi?.latexmkCommandPrefix) { + command.push(...Settings.clsi.latexmkCommandPrefix) + } + + // Basic command and flags + command.push( + 'latexmk', + '-cd', + '-jobname=output', + '-auxdir=$COMPILE_DIR', + '-outdir=$COMPILE_DIR', + '-synctex=1', + '-shell-escape', + '-interaction=batchmode' + ) + + // Stop on first error option + if (opts.stopOnFirstError) { + command.push('-halt-on-error') + } else { + // Run all passes despite errors + command.push('-f') + } + + // Extra flags + if (opts.flags) { + command.push(...opts.flags) + } + + // TeX Engine selection + const compilerFlag = COMPILER_FLAGS[opts.compiler] + if (compilerFlag) { + command.push(compilerFlag) + } else { + throw new Error(`unknown compiler: ${opts.compiler}`) + } + + // We want to run latexmk on the tex file which we will automatically + // generate from the Rtex/Rmd/md file. + mainFile = mainFile.replace(/\.(Rtex|md|Rmd|Rnw)$/, '.tex') + command.push(Path.join('$COMPILE_DIR', mainFile)) + + return command +} + +module.exports = { + runLatex, + killLatex, + promises: { + runLatex: promisify(runLatex), + killLatex: promisify(killLatex), + }, +} diff --git a/overleafserver/ldap/app/src/AuthenticationControllerLdap.js b/overleafserver/ldap/app/src/AuthenticationControllerLdap.js new file mode 100644 index 0000000..7878537 --- /dev/null +++ b/overleafserver/ldap/app/src/AuthenticationControllerLdap.js @@ -0,0 +1,63 @@ +const AuthenticationManagerLdap = require('./AuthenticationManagerLdap') +const AuthenticationController = require('../../../../app/src/Features/Authentication/AuthenticationController') +const LoginRateLimiter = require('../../../../app/src/Features/Security/LoginRateLimiter') +const logger = require('@overleaf/logger') +const { handleAuthenticateErrors } = require('../../../../app/src/Features/Authentication/AuthenticationErrors') +const Modules = require('../../../../app/src/infrastructure/Modules') + +const AuthenticationControllerLdap = { + async doPassportLdapLogin(req, ldapUser, done) { + let user, info + try { + ;({ user, info } = await AuthenticationControllerLdap._doPassportLdapLogin( + req, + ldapUser + )) + } catch (error) { + return done(error) + } + return done(undefined, user, info) + }, + async _doPassportLdapLogin(req, ldapUser) { + const { fromKnownDevice } = AuthenticationController.getAuditInfo(req) + const auditLog = { + ipAddress: req.ip, + info: { method: 'LDAP password login', fromKnownDevice }, + } + + let user, isPasswordReused + try { + user = await AuthenticationManagerLdap.promises.findOrCreateLdapUser(ldapUser, auditLog) + } catch (error) { + return { + user: false, + info: handleAuthenticateErrors(error, req), + } + } + if (user && AuthenticationController.captchaRequiredForLogin(req, user)) { + return { + user: false, + info: { + text: req.i18n.translate('cannot_verify_user_not_robot'), + type: 'error', + errorReason: 'cannot_verify_user_not_robot', + status: 400, + }, + } + } else if (user) { + // async actions + return { user, info: undefined } + } else { //something wrong + logger.debug({ email : ldapUser.mail }, 'failed LDAP log in') + return { + user: false, + info: { + type: 'error', + status: 500, + }, + } + } + }, +} + +module.exports = AuthenticationControllerLdap diff --git a/overleafserver/ldap/app/src/AuthenticationManagerLdap.js b/overleafserver/ldap/app/src/AuthenticationManagerLdap.js new file mode 100644 index 0000000..88e916c --- /dev/null +++ b/overleafserver/ldap/app/src/AuthenticationManagerLdap.js @@ -0,0 +1,73 @@ +const Settings = require('@overleaf/settings') +const UserCreator = require('../../../../app/src/Features/User/UserCreator') +const { User } = require('../../../../app/src/models/User') +const { + callbackify, + promisify, +} = require('@overleaf/promise-utils') + + +const AuthenticationManagerLdap = { + splitFullName(fullName) { + fullName = fullName.trim(); + let lastSpaceIndex = fullName.lastIndexOf(' '); + let firstNames = fullName.substring(0, lastSpaceIndex).trim(); + let lastName = fullName.substring(lastSpaceIndex + 1).trim(); + return [firstNames, lastName]; + }, + async findOrCreateLdapUser(ldapUser, auditLog) { + //user is already authenticated in Ldap + const attEmail = Settings.ldap.attEmail + const attFirstName = Settings.ldap?.attFirstName || "" + const attLastName = Settings.ldap?.attLastName || "" + const attName = Settings.ldap?.attName || "" + + let nameParts = ["",""] + if ((!attFirstName || !attLastName) && attName) { + nameParts = this.splitFullName(ldapUser[attName] || "") + } + const firstName = attFirstName ? (ldapUser[attFirstName] || "") : nameParts[0] + const lastName = attLastName ? (ldapUser[attLastName] || "") : nameParts[1] + const email = Array.isArray(ldapUser[attEmail]) + ? ldapUser[attEmail][0].toLowerCase() + : ldapUser[attEmail].toLowerCase() + const isAdmin = ldapUser._groups?.length > 0 + + var user = await User.findOne({ 'email': email }).exec() + if( !user ) { + user = await UserCreator.promises.createNewUser( + { + email: email, + first_name: firstName, + last_name: lastName, + isAdmin: isAdmin, + holdingAccount: false, + } + ) + await User.updateOne( + { _id: user._id }, + { $set : { 'emails.0.confirmedAt' : Date.now() } } + ).exec() //email of ldap user is confirmed + } + var userDetails = Settings.ldap.updateUserDetailsOnLogin ? { first_name : firstName, last_name: lastName } : {} + if( Settings.ldap.updateAdminOnLogin ) { + user.isAdmin = isAdmin + userDetails.isAdmin = isAdmin + } + const result = await User.updateOne( + { _id: user._id, loginEpoch: user.loginEpoch }, { $inc: { loginEpoch: 1 }, $set: userDetails }, + {} + ).exec() + + if (result.modifiedCount !== 1) { + throw new ParallelLoginError() + } + return user + }, +} + +module.exports = { + findOrCreateLdapUser: callbackify(AuthenticationManagerLdap.findOrCreateLdapUser), + splitFullName: AuthenticationManagerLdap.splitFullName, + promises: AuthenticationManagerLdap, +} diff --git a/overleafserver/ldap/app/src/Features/Authentication/AuthenticationController.js b/overleafserver/ldap/app/src/Features/Authentication/AuthenticationController.js new file mode 100644 index 0000000..638a9fa --- /dev/null +++ b/overleafserver/ldap/app/src/Features/Authentication/AuthenticationController.js @@ -0,0 +1,666 @@ +const AuthenticationManager = require('./AuthenticationManager') +const SessionManager = require('./SessionManager') +const OError = require('@overleaf/o-error') +const LoginRateLimiter = require('../Security/LoginRateLimiter') +const UserUpdater = require('../User/UserUpdater') +const Metrics = require('@overleaf/metrics') +const logger = require('@overleaf/logger') +const querystring = require('querystring') +const Settings = require('@overleaf/settings') +const basicAuth = require('basic-auth') +const tsscmp = require('tsscmp') +const UserHandler = require('../User/UserHandler') +const UserSessionsManager = require('../User/UserSessionsManager') +const Analytics = require('../Analytics/AnalyticsManager') +const passport = require('passport') +const NotificationsBuilder = require('../Notifications/NotificationsBuilder') +const UrlHelper = require('../Helpers/UrlHelper') +const AsyncFormHelper = require('../Helpers/AsyncFormHelper') +const _ = require('lodash') +const UserAuditLogHandler = require('../User/UserAuditLogHandler') +const AnalyticsRegistrationSourceHelper = require('../Analytics/AnalyticsRegistrationSourceHelper') +const { + acceptsJson, +} = require('../../infrastructure/RequestContentTypeDetection') +const { + ParallelLoginError, + PasswordReusedError, +} = require('./AuthenticationErrors') +const { hasAdminAccess } = require('../Helpers/AdminAuthorizationHelper') +const Modules = require('../../infrastructure/Modules') +const { expressify, promisify } = require('@overleaf/promise-utils') + +function send401WithChallenge(res) { + res.setHeader('WWW-Authenticate', 'OverleafLogin') + res.sendStatus(401) +} + +function checkCredentials(userDetailsMap, user, password) { + const expectedPassword = userDetailsMap.get(user) + const userExists = userDetailsMap.has(user) && expectedPassword // user exists with a non-null password + const isValid = userExists && tsscmp(expectedPassword, password) + if (!isValid) { + logger.err({ user }, 'invalid login details') + } + Metrics.inc('security.http-auth.check-credentials', 1, { + path: userExists ? 'known-user' : 'unknown-user', + status: isValid ? 'pass' : 'fail', + }) + return isValid +} + +function reduceStaffAccess(staffAccess) { + const reducedStaffAccess = {} + for (const field in staffAccess) { + if (staffAccess[field]) { + reducedStaffAccess[field] = true + } + } + return reducedStaffAccess +} + +function userHasStaffAccess(user) { + return user.staffAccess && Object.values(user.staffAccess).includes(true) +} + +// TODO: Finish making these methods async +const AuthenticationController = { + serializeUser(user, callback) { + if (!user._id || !user.email) { + const err = new Error('serializeUser called with non-user object') + logger.warn({ user }, err.message) + return callback(err) + } + const lightUser = { + _id: user._id, + first_name: user.first_name, + last_name: user.last_name, + email: user.email, + referal_id: user.referal_id, + session_created: new Date().toISOString(), + ip_address: user._login_req_ip, + must_reconfirm: user.must_reconfirm, + v1_id: user.overleaf != null ? user.overleaf.id : undefined, + analyticsId: user.analyticsId || user._id, + alphaProgram: user.alphaProgram || undefined, // only store if set + betaProgram: user.betaProgram || undefined, // only store if set + } + if (user.isAdmin) { + lightUser.isAdmin = true + } + if (userHasStaffAccess(user)) { + lightUser.staffAccess = reduceStaffAccess(user.staffAccess) + } + + callback(null, lightUser) + }, + + deserializeUser(user, cb) { + cb(null, user) + }, + + passportLogin(req, res, next) { + // This function is middleware which wraps the passport.authenticate middleware, + // so we can send back our custom `{message: {text: "", type: ""}}` responses on failure, + // and send a `{redir: ""}` response on success + passport.authenticate( + Settings.ldap?.enable ? ['custom-fail-ldapauth','local'] : ['local'], + { keepSessionInfo: true }, + function (err, user, infoArray) { + if (err) { + return next(err) + } + if (user) { + // `user` is either a user object or false + AuthenticationController.setAuditInfo(req, { + method: 'Password login', + }) + return AuthenticationController.finishLogin(user, req, res, next) + } else { + let info = infoArray[0] + if (info.redir != null) { + return res.json({ redir: info.redir }) + } else { + res.status(info.status || 200) + delete info.status + const body = { message: info } + const { errorReason } = info + if (errorReason) { + body.errorReason = errorReason + delete info.errorReason + } + return res.json(body) + } + } + } + )(req, res, next) + }, + + async _finishLoginAsync(user, req, res) { + if (user === false) { + return AsyncFormHelper.redirect(req, res, '/login') + } // OAuth2 'state' mismatch + + if (user.suspended) { + return AsyncFormHelper.redirect(req, res, '/account-suspended') + } + + if (Settings.adminOnlyLogin && !hasAdminAccess(user)) { + return res.status(403).json({ + message: { type: 'error', text: 'Admin only panel' }, + }) + } + + const auditInfo = AuthenticationController.getAuditInfo(req) + + const anonymousAnalyticsId = req.session.analyticsId + const isNewUser = req.session.justRegistered || false + + const results = await Modules.promises.hooks.fire( + 'preFinishLogin', + req, + res, + user + ) + + if (results.some(result => result && result.doNotFinish)) { + return + } + + if (user.must_reconfirm) { + return AuthenticationController._redirectToReconfirmPage(req, res, user) + } + + const redir = + AuthenticationController.getRedirectFromSession(req) || '/project' + + _loginAsyncHandlers(req, user, anonymousAnalyticsId, isNewUser) + const userId = user._id + + await UserAuditLogHandler.promises.addEntry( + userId, + 'login', + userId, + req.ip, + auditInfo + ) + + await _afterLoginSessionSetupAsync(req, user) + + AuthenticationController._clearRedirectFromSession(req) + AnalyticsRegistrationSourceHelper.clearSource(req.session) + AnalyticsRegistrationSourceHelper.clearInbound(req.session) + AsyncFormHelper.redirect(req, res, redir) + }, + + finishLogin(user, req, res, next) { + AuthenticationController._finishLoginAsync(user, req, res).catch(err => + next(err) + ) + }, + + doPassportLogin(req, username, password, done) { + const email = username.toLowerCase() + Modules.hooks.fire( + 'preDoPassportLogin', + req, + email, + function (err, infoList) { + if (err) { + return done(err) + } + const info = infoList.find(i => i != null) + if (info != null) { + return done(null, false, info) + } + LoginRateLimiter.processLoginRequest(email, function (err, isAllowed) { + if (err) { + return done(err) + } + if (!isAllowed) { + logger.debug({ email }, 'too many login requests') + return done(null, null, { + text: req.i18n.translate('to_many_login_requests_2_mins'), + type: 'error', + key: 'to-many-login-requests-2-mins', + status: 429, + }) + } + const { fromKnownDevice } = AuthenticationController.getAuditInfo(req) + const auditLog = { + ipAddress: req.ip, + info: { method: 'Password login', fromKnownDevice }, + } + AuthenticationManager.authenticate( + { email }, + password, + auditLog, + { + enforceHIBPCheck: !fromKnownDevice, + }, + function (error, user, isPasswordReused) { + if (error != null) { + if (error instanceof ParallelLoginError) { + return done(null, false, { status: 429 }) + } else if (error instanceof PasswordReusedError) { + const text = `${req.i18n + .translate( + 'password_compromised_try_again_or_use_known_device_or_reset' + ) + .replace('<0>', '') + .replace('', ' (https://haveibeenpwned.com/passwords)') + .replace('<1>', '') + .replace( + '', + ` (${Settings.siteUrl}/user/password/reset)` + )}.` + return done(null, false, { + status: 400, + type: 'error', + key: 'password-compromised', + text, + }) + } + return done(error) + } + if ( + user && + AuthenticationController.captchaRequiredForLogin(req, user) + ) { + done(null, false, { + text: req.i18n.translate('cannot_verify_user_not_robot'), + type: 'error', + errorReason: 'cannot_verify_user_not_robot', + status: 400, + }) + } else if (user) { + if ( + isPasswordReused && + AuthenticationController.getRedirectFromSession(req) == null + ) { + AuthenticationController.setRedirectInSession( + req, + '/compromised-password' + ) + } + + // async actions + done(null, user) + } else { + AuthenticationController._recordFailedLogin() + logger.debug({ email }, 'failed log in') + done(null, false, { + type: 'error', + key: 'invalid-password-retry-or-reset', + status: 401, + }) + } + } + ) + }) + } + ) + }, + + captchaRequiredForLogin(req, user) { + switch (AuthenticationController.getAuditInfo(req).captcha) { + case 'trusted': + case 'disabled': + return false + case 'solved': + return false + case 'skipped': { + let required = false + if (user.lastFailedLogin) { + const requireCaptchaUntil = + user.lastFailedLogin.getTime() + + Settings.elevateAccountSecurityAfterFailedLogin + required = requireCaptchaUntil >= Date.now() + } + Metrics.inc('force_captcha_on_login', 1, { + status: required ? 'yes' : 'no', + }) + return required + } + default: + throw new Error('captcha middleware missing in handler chain') + } + }, + + ipMatchCheck(req, user) { + if (req.ip !== user.lastLoginIp) { + NotificationsBuilder.ipMatcherAffiliation(user._id).create( + req.ip, + () => {} + ) + } + return UserUpdater.updateUser( + user._id.toString(), + { + $set: { lastLoginIp: req.ip }, + }, + () => {} + ) + }, + + requireLogin() { + const doRequest = function (req, res, next) { + if (next == null) { + next = function () {} + } + if (!SessionManager.isUserLoggedIn(req.session)) { + if (acceptsJson(req)) return send401WithChallenge(res) + return AuthenticationController._redirectToLoginOrRegisterPage(req, res) + } else { + req.user = SessionManager.getSessionUser(req.session) + return next() + } + } + + return doRequest + }, + + /** + * @param {string} scope + * @return {import('express').Handler} + */ + requireOauth(scope) { + if (typeof scope !== 'string' || !scope) { + throw new Error( + "requireOauth() expects a non-empty string as 'scope' parameter" + ) + } + + // require this here because module may not be included in some versions + const Oauth2Server = require('../../../../modules/oauth2-server/app/src/Oauth2Server') + const middleware = async (req, res, next) => { + const request = new Oauth2Server.Request(req) + const response = new Oauth2Server.Response(res) + try { + const token = await Oauth2Server.server.authenticate( + request, + response, + { scope } + ) + req.oauth = { access_token: token.accessToken } + req.oauth_token = token + req.oauth_user = token.user + next() + } catch (err) { + if ( + err.code === 400 && + err.message === 'Invalid request: malformed authorization header' + ) { + err.code = 401 + } + // send all other errors + res + .status(err.code) + .json({ error: err.name, error_description: err.message }) + } + } + return expressify(middleware) + }, + + _globalLoginWhitelist: [], + addEndpointToLoginWhitelist(endpoint) { + return AuthenticationController._globalLoginWhitelist.push(endpoint) + }, + + requireGlobalLogin(req, res, next) { + if ( + AuthenticationController._globalLoginWhitelist.includes( + req._parsedUrl.pathname + ) + ) { + return next() + } + + if (req.headers.authorization != null) { + AuthenticationController.requirePrivateApiAuth()(req, res, next) + } else if (SessionManager.isUserLoggedIn(req.session)) { + next() + } else { + logger.debug( + { url: req.url }, + 'user trying to access endpoint not in global whitelist' + ) + if (acceptsJson(req)) return send401WithChallenge(res) + AuthenticationController.setRedirectInSession(req) + res.redirect('/login') + } + }, + + validateAdmin(req, res, next) { + const adminDomains = Settings.adminDomains + if ( + !adminDomains || + !(Array.isArray(adminDomains) && adminDomains.length) + ) { + return next() + } + const user = SessionManager.getSessionUser(req.session) + if (!hasAdminAccess(user)) { + return next() + } + const email = user.email + if (email == null) { + return next( + new OError('[ValidateAdmin] Admin user without email address', { + userId: user._id, + }) + ) + } + if (!adminDomains.find(domain => email.endsWith(`@${domain}`))) { + return next( + new OError('[ValidateAdmin] Admin user with invalid email domain', { + email, + userId: user._id, + }) + ) + } + return next() + }, + + checkCredentials, + + requireBasicAuth: function (userDetails) { + const userDetailsMap = new Map(Object.entries(userDetails)) + return function (req, res, next) { + const credentials = basicAuth(req) + if ( + !credentials || + !checkCredentials(userDetailsMap, credentials.name, credentials.pass) + ) { + send401WithChallenge(res) + Metrics.inc('security.http-auth', 1, { status: 'reject' }) + } else { + Metrics.inc('security.http-auth', 1, { status: 'accept' }) + next() + } + } + }, + + requirePrivateApiAuth() { + return AuthenticationController.requireBasicAuth(Settings.httpAuthUsers) + }, + + setAuditInfo(req, info) { + if (!req.__authAuditInfo) { + req.__authAuditInfo = {} + } + Object.assign(req.__authAuditInfo, info) + }, + + getAuditInfo(req) { + return req.__authAuditInfo || {} + }, + + setRedirectInSession(req, value) { + if (value == null) { + value = + Object.keys(req.query).length > 0 + ? `${req.path}?${querystring.stringify(req.query)}` + : `${req.path}` + } + if ( + req.session != null && + !/^\/(socket.io|js|stylesheets|img)\/.*$/.test(value) && + !/^.*\.(png|jpeg|svg)$/.test(value) + ) { + const safePath = UrlHelper.getSafeRedirectPath(value) + return (req.session.postLoginRedirect = safePath) + } + }, + + _redirectToLoginOrRegisterPage(req, res) { + if ( + req.query.zipUrl != null || + req.session.sharedProjectData || + req.path === '/user/subscription/new' + ) { + AuthenticationController._redirectToRegisterPage(req, res) + } else { + AuthenticationController._redirectToLoginPage(req, res) + } + }, + + _redirectToLoginPage(req, res) { + logger.debug( + { url: req.url }, + 'user not logged in so redirecting to login page' + ) + AuthenticationController.setRedirectInSession(req) + const url = `/login?${querystring.stringify(req.query)}` + res.redirect(url) + Metrics.inc('security.login-redirect') + }, + + _redirectToReconfirmPage(req, res, user) { + logger.debug( + { url: req.url }, + 'user needs to reconfirm so redirecting to reconfirm page' + ) + req.session.reconfirm_email = user != null ? user.email : undefined + const redir = '/user/reconfirm' + AsyncFormHelper.redirect(req, res, redir) + }, + + _redirectToRegisterPage(req, res) { + logger.debug( + { url: req.url }, + 'user not logged in so redirecting to register page' + ) + AuthenticationController.setRedirectInSession(req) + const url = `/register?${querystring.stringify(req.query)}` + res.redirect(url) + Metrics.inc('security.login-redirect') + }, + + _recordSuccessfulLogin(userId, callback) { + if (callback == null) { + callback = function () {} + } + UserUpdater.updateUser( + userId.toString(), + { + $set: { lastLoggedIn: new Date() }, + $inc: { loginCount: 1 }, + }, + function (error) { + if (error != null) { + callback(error) + } + Metrics.inc('user.login.success') + callback() + } + ) + }, + + _recordFailedLogin(callback) { + Metrics.inc('user.login.failed') + if (callback) callback() + }, + + getRedirectFromSession(req) { + let safePath + const value = _.get(req, ['session', 'postLoginRedirect']) + if (value) { + safePath = UrlHelper.getSafeRedirectPath(value) + } + return safePath || null + }, + + _clearRedirectFromSession(req) { + if (req.session != null) { + delete req.session.postLoginRedirect + } + }, +} + +function _afterLoginSessionSetup(req, user, callback) { + req.login(user, { keepSessionInfo: true }, function (err) { + if (err) { + OError.tag(err, 'error from req.login', { + user_id: user._id, + }) + return callback(err) + } + delete req.session.__tmp + delete req.session.csrfSecret + req.session.save(function (err) { + if (err) { + OError.tag(err, 'error saving regenerated session after login', { + user_id: user._id, + }) + return callback(err) + } + UserSessionsManager.trackSession(user, req.sessionID, function () {}) + if (!req.deviceHistory) { + // Captcha disabled or SSO-based login. + return callback() + } + req.deviceHistory.add(user.email) + req.deviceHistory + .serialize(req.res) + .catch(err => { + logger.err({ err }, 'cannot serialize deviceHistory') + }) + .finally(() => callback()) + }) + }) +} + +const _afterLoginSessionSetupAsync = promisify(_afterLoginSessionSetup) + +function _loginAsyncHandlers(req, user, anonymousAnalyticsId, isNewUser) { + UserHandler.setupLoginData(user, err => { + if (err != null) { + logger.warn({ err }, 'error setting up login data') + } + }) + LoginRateLimiter.recordSuccessfulLogin(user.email, () => {}) + AuthenticationController._recordSuccessfulLogin(user._id, () => {}) + AuthenticationController.ipMatchCheck(req, user) + Analytics.recordEventForUserInBackground(user._id, 'user-logged-in', { + source: req.session.saml + ? 'saml' + : req.user_info?.auth_provider || 'email-password', + }) + Analytics.identifyUser(user._id, anonymousAnalyticsId, isNewUser) + + logger.debug( + { email: user.email, userId: user._id.toString() }, + 'successful log in' + ) + + req.session.justLoggedIn = true + // capture the request ip for use when creating the session + return (user._login_req_ip = req.ip) +} + +AuthenticationController.promises = { + finishLogin: AuthenticationController._finishLoginAsync, +} + +module.exports = AuthenticationController diff --git a/overleafserver/ldap/app/src/Features/PasswordReset/PasswordResetController.js b/overleafserver/ldap/app/src/Features/PasswordReset/PasswordResetController.js new file mode 100644 index 0000000..1e6909e --- /dev/null +++ b/overleafserver/ldap/app/src/Features/PasswordReset/PasswordResetController.js @@ -0,0 +1,212 @@ +const PasswordResetHandler = require('./PasswordResetHandler') +const AuthenticationController = require('../Authentication/AuthenticationController') +const AuthenticationManager = require('../Authentication/AuthenticationManager') +const SessionManager = require('../Authentication/SessionManager') +const UserGetter = require('../User/UserGetter') +const UserUpdater = require('../User/UserUpdater') +const UserSessionsManager = require('../User/UserSessionsManager') +const OError = require('@overleaf/o-error') +const EmailsHelper = require('../Helpers/EmailHelper') +const { expressify } = require('@overleaf/promise-utils') + +async function setNewUserPassword(req, res, next) { + let user + let { passwordResetToken, password, email } = req.body + if (!passwordResetToken || !password) { + return res.status(400).json({ + message: { + key: 'invalid-password', + }, + }) + } + + const err = AuthenticationManager.validatePassword(password, email) + if (err) { + const message = AuthenticationManager.getMessageForInvalidPasswordError( + err, + req + ) + return res.status(400).json({ message }) + } + + passwordResetToken = passwordResetToken.trim() + + const initiatorId = SessionManager.getLoggedInUserId(req.session) + // password reset via tokens can be done while logged in, or not + const auditLog = { + initiatorId, + ip: req.ip, + } + + try { + const result = await PasswordResetHandler.promises.setNewUserPassword( + passwordResetToken, + password, + auditLog + ) + const { found, reset, userId } = result + if (!found) { + return res.status(404).json({ + message: { + key: 'token-expired', + }, + }) + } + if (!reset) { + return res.status(500).json({ + message: req.i18n.translate('error_performing_request'), + }) + } + await UserSessionsManager.promises.removeSessionsFromRedis({ _id: userId }) + await UserUpdater.promises.removeReconfirmFlag(userId) + if (!req.session.doLoginAfterPasswordReset) { + return res.sendStatus(200) + } + user = await UserGetter.promises.getUser(userId) + } catch (error) { + if (error.name === 'NotFoundError') { + return res.status(404).json({ + message: { + key: 'token-expired', + }, + }) + } else if (error.name === 'InvalidPasswordError') { + return res.status(400).json({ + message: { + key: 'invalid-password', + }, + }) + } else if (error.name === 'PasswordMustBeDifferentError') { + return res.status(400).json({ + message: { + key: 'password-must-be-different', + }, + }) + } else if (error.name === 'PasswordReusedError') { + return res.status(400).json({ + message: { + key: 'password-must-be-strong', + }, + }) + } else { + return res.status(500).json({ + message: req.i18n.translate('error_performing_request'), + }) + } + } + AuthenticationController.setAuditInfo(req, { + method: 'Password reset, set new password', + }) + AuthenticationController.finishLogin(user, req, res, next) +} + +async function requestReset(req, res, next) { + const email = EmailsHelper.parseEmail(req.body.email) + if (!email) { + return res.status(400).json({ + message: req.i18n.translate('must_be_email_address'), + }) + } + + let status + try { + status = + await PasswordResetHandler.promises.generateAndEmailResetToken(email) + } catch (err) { + OError.tag(err, 'failed to generate and email password reset token', { + email, + }) + if (err.message === 'user does not have permission for change-password') { + return res.status(403).json({ + message: { + key: 'no-password-allowed-due-to-sso', + }, + }) + } + throw err + } + + if (status === 'primary') { + return res.status(200).json({ + message: req.i18n.translate('password_reset_email_sent'), + }) + } else if (status === 'secondary') { + return res.status(404).json({ + message: req.i18n.translate('secondary_email_password_reset'), + }) + } else if (status === 'external') { + return res.status(403).json({ + message: req.i18n.translate('password_managed_externally'), + }) + } else { + return res.status(404).json({ + message: req.i18n.translate('cant_find_email'), + }) + } +} + +async function renderSetPasswordForm(req, res, next) { + if (req.query.passwordResetToken != null) { + try { + const result = + await PasswordResetHandler.promises.getUserForPasswordResetToken( + req.query.passwordResetToken + ) + + const { user, remainingPeeks } = result || {} + if (!user || remainingPeeks <= 0) { + return res.redirect('/user/password/reset?error=token_expired') + } + req.session.resetToken = req.query.passwordResetToken + let emailQuery = '' + + if (typeof req.query.email === 'string') { + const email = EmailsHelper.parseEmail(req.query.email) + if (email) { + emailQuery = `?email=${encodeURIComponent(email)}` + } + } + + return res.redirect('/user/password/set' + emailQuery) + } catch (err) { + if (err.name === 'ForbiddenError') { + return next(err) + } + return res.redirect('/user/password/reset?error=token_expired') + } + } + + if (req.session.resetToken == null) { + return res.redirect('/user/password/reset') + } + + const email = EmailsHelper.parseEmail(req.query.email) + + // clean up to avoid leaking the token in the session object + const passwordResetToken = req.session.resetToken + delete req.session.resetToken + + res.render('user/setPassword', { + title: 'set_password', + email, + passwordResetToken, + }) +} + +module.exports = { + renderRequestResetForm(req, res) { + const errorQuery = req.query.error + let error = null + if (errorQuery === 'token_expired') { + error = 'password_reset_token_expired' + } + res.render('user/passwordReset', { + title: 'reset_password', + error, + }) + }, + + requestReset: expressify(requestReset), + renderSetPasswordForm: expressify(renderSetPasswordForm), + setNewUserPassword: expressify(setNewUserPassword), +} diff --git a/overleafserver/ldap/app/src/Features/PasswordReset/PasswordResetHandler.js b/overleafserver/ldap/app/src/Features/PasswordReset/PasswordResetHandler.js new file mode 100644 index 0000000..abc3633 --- /dev/null +++ b/overleafserver/ldap/app/src/Features/PasswordReset/PasswordResetHandler.js @@ -0,0 +1,145 @@ +const settings = require('@overleaf/settings') +const UserAuditLogHandler = require('../User/UserAuditLogHandler') +const UserGetter = require('../User/UserGetter') +const OneTimeTokenHandler = require('../Security/OneTimeTokenHandler') +const EmailHandler = require('../Email/EmailHandler') +const AuthenticationManager = require('../Authentication/AuthenticationManager') +const { callbackify, promisify } = require('util') +const { assertUserPermissions } = + require('../Authorization/PermissionsManager').promises + +const AUDIT_LOG_TOKEN_PREFIX_LENGTH = 10 + +async function generateAndEmailResetToken(email) { + const user = await UserGetter.promises.getUserByAnyEmail(email) + + if (!user) { + return null + } + + if (!user.hashedPassword) { + return 'external' + } + + if (user.email !== email) { + return 'secondary' + } + + await assertUserPermissions(user, ['change-password']) + + const data = { user_id: user._id.toString(), email } + const token = await OneTimeTokenHandler.promises.getNewToken('password', data) + + const emailOptions = { + to: email, + setNewPasswordUrl: `${ + settings.siteUrl + }/user/password/set?passwordResetToken=${token}&email=${encodeURIComponent( + email + )}`, + } + + await EmailHandler.promises.sendEmail('passwordResetRequested', emailOptions) + + return 'primary' +} + +function expirePasswordResetToken(token, callback) { + OneTimeTokenHandler.expireToken('password', token, err => { + return callback(err) + }) +} + +async function getUserForPasswordResetToken(token) { + let result + try { + result = await OneTimeTokenHandler.promises.peekValueFromToken( + 'password', + token + ) + } catch (err) { + if (err.name === 'NotFoundError') { + return + } else { + throw err + } + } + const { data, remainingPeeks } = result || {} + + if (data == null || data.email == null) { + return { user: null, remainingPeeks } + } + + const user = await UserGetter.promises.getUserByMainEmail(data.email, { + _id: 1, + 'overleaf.id': 1, + email: 1, + }) + + await assertUserPermissions(user, ['change-password']) + + if (user == null) { + return { user: null, remainingPeeks: 0 } + } else if (data.user_id != null && data.user_id === user._id.toString()) { + return { user, remainingPeeks } + } else if ( + data.v1_user_id != null && + user.overleaf != null && + data.v1_user_id === user.overleaf.id + ) { + return { user, remainingPeeks } + } else { + return { user: null, remainingPeeks: 0 } + } +} + +async function setNewUserPassword(token, password, auditLog) { + const result = + await PasswordResetHandler.promises.getUserForPasswordResetToken(token) + const { user } = result || {} + + if (!user) { + return { + found: false, + reset: false, + userId: null, + } + } + await UserAuditLogHandler.promises.addEntry( + user._id, + 'reset-password', + auditLog.initiatorId, + auditLog.ip, + { token: token.substring(0, AUDIT_LOG_TOKEN_PREFIX_LENGTH) } + ) + + const reset = await AuthenticationManager.promises.setUserPassword( + user, + password + ) + + await PasswordResetHandler.promises.expirePasswordResetToken(token) + + return { found: true, reset, userId: user._id } +} + +const PasswordResetHandler = { + generateAndEmailResetToken: callbackify(generateAndEmailResetToken), + + setNewUserPassword: callbackify(setNewUserPassword), + + getUserForPasswordResetToken: callbackify(getUserForPasswordResetToken), + + expirePasswordResetToken, +} + +PasswordResetHandler.promises = { + generateAndEmailResetToken, + getUserForPasswordResetToken, + expirePasswordResetToken: promisify( + PasswordResetHandler.expirePasswordResetToken + ), + setNewUserPassword, +} + +module.exports = PasswordResetHandler diff --git a/overleafserver/ldap/app/src/Features/User/UserController.js b/overleafserver/ldap/app/src/Features/User/UserController.js new file mode 100644 index 0000000..70e1554 --- /dev/null +++ b/overleafserver/ldap/app/src/Features/User/UserController.js @@ -0,0 +1,517 @@ +const UserHandler = require('./UserHandler') +const UserDeleter = require('./UserDeleter') +const UserGetter = require('./UserGetter') +const { User } = require('../../models/User') +const NewsletterManager = require('../Newsletter/NewsletterManager') +const logger = require('@overleaf/logger') +const metrics = require('@overleaf/metrics') +const AuthenticationManager = require('../Authentication/AuthenticationManager') +const SessionManager = require('../Authentication/SessionManager') +const Features = require('../../infrastructure/Features') +const UserAuditLogHandler = require('./UserAuditLogHandler') +const UserSessionsManager = require('./UserSessionsManager') +const UserUpdater = require('./UserUpdater') +const Errors = require('../Errors/Errors') +const HttpErrorHandler = require('../Errors/HttpErrorHandler') +const OError = require('@overleaf/o-error') +const EmailHandler = require('../Email/EmailHandler') +const UrlHelper = require('../Helpers/UrlHelper') +const { promisify, callbackify } = require('util') +const { expressify } = require('@overleaf/promise-utils') +const { + acceptsJson, +} = require('../../infrastructure/RequestContentTypeDetection') +const Modules = require('../../infrastructure/Modules') +const OneTimeTokenHandler = require('../Security/OneTimeTokenHandler') + +async function _sendSecurityAlertClearedSessions(user) { + const emailOptions = { + to: user.email, + actionDescribed: `active sessions were cleared on your account ${user.email}`, + action: 'active sessions cleared', + } + try { + await EmailHandler.promises.sendEmail('securityAlert', emailOptions) + } catch (error) { + // log error when sending security alert email but do not pass back + logger.error( + { error, userId: user._id }, + 'could not send security alert email when sessions cleared' + ) + } +} + +function _sendSecurityAlertPasswordChanged(user) { + const emailOptions = { + to: user.email, + actionDescribed: `your password has been changed on your account ${user.email}`, + action: 'password changed', + } + EmailHandler.promises + .sendEmail('securityAlert', emailOptions) + .catch(error => { + // log error when sending security alert email but do not pass back + logger.error( + { error, userId: user._id }, + 'could not send security alert email when password changed' + ) + }) +} + +async function _ensureAffiliation(userId, emailData) { + if (emailData.samlProviderId) { + await UserUpdater.promises.confirmEmail(userId, emailData.email) + } else { + await UserUpdater.promises.addAffiliationForNewUser(userId, emailData.email) + } +} + +async function changePassword(req, res, next) { + metrics.inc('user.password-change') + const userId = SessionManager.getLoggedInUserId(req.session) + + const { user } = await AuthenticationManager.promises.authenticate( + { _id: userId }, + req.body.currentPassword, + null, + { enforceHIBPCheck: false } + ) + if (!user) { + return HttpErrorHandler.badRequest( + req, + res, + req.i18n.translate('password_change_old_password_wrong') + ) + } + + if (req.body.newPassword1 !== req.body.newPassword2) { + return HttpErrorHandler.badRequest( + req, + res, + req.i18n.translate('password_change_passwords_do_not_match') + ) + } + + try { + await AuthenticationManager.promises.setUserPassword( + user, + req.body.newPassword1 + ) + } catch (error) { + if (error.name === 'InvalidPasswordError') { + const message = AuthenticationManager.getMessageForInvalidPasswordError( + error, + req + ) + return res.status(400).json({ message }) + } else if (error.name === 'PasswordMustBeDifferentError') { + return HttpErrorHandler.badRequest( + req, + res, + req.i18n.translate('password_change_password_must_be_different') + ) + } else if (error.name === 'PasswordReusedError') { + return res.status(400).json({ + message: { + key: 'password-must-be-strong', + }, + }) + } else { + throw error + } + } + await UserAuditLogHandler.promises.addEntry( + user._id, + 'update-password', + user._id, + req.ip + ) + + // no need to wait, errors are logged and not passed back + _sendSecurityAlertPasswordChanged(user) + + await UserSessionsManager.promises.removeSessionsFromRedis( + user, + req.sessionID // remove all sessions except the current session + ) + + await OneTimeTokenHandler.promises.expireAllTokensForUser( + userId.toString(), + 'password' + ) + + return res.json({ + message: { + type: 'success', + email: user.email, + text: req.i18n.translate('password_change_successful'), + }, + }) +} + +async function clearSessions(req, res, next) { + metrics.inc('user.clear-sessions') + const userId = SessionManager.getLoggedInUserId(req.session) + const user = await UserGetter.promises.getUser(userId, { email: 1 }) + const sessions = await UserSessionsManager.promises.getAllUserSessions(user, [ + req.sessionID, + ]) + await UserAuditLogHandler.promises.addEntry( + user._id, + 'clear-sessions', + user._id, + req.ip, + { sessions } + ) + await UserSessionsManager.promises.removeSessionsFromRedis( + user, + req.sessionID // remove all sessions except the current session + ) + + await _sendSecurityAlertClearedSessions(user) + + res.sendStatus(201) +} + +async function ensureAffiliation(user) { + if (!Features.hasFeature('affiliations')) { + return + } + + const flaggedEmails = user.emails.filter(email => email.affiliationUnchecked) + if (flaggedEmails.length === 0) { + return + } + + if (flaggedEmails.length > 1) { + logger.error( + { userId: user._id }, + `Unexpected number of flagged emails: ${flaggedEmails.length}` + ) + } + + await _ensureAffiliation(user._id, flaggedEmails[0]) +} + +async function ensureAffiliationMiddleware(req, res, next) { + let user + if (!Features.hasFeature('affiliations') || !req.query.ensureAffiliation) { + return next() + } + const userId = SessionManager.getLoggedInUserId(req.session) + try { + user = await UserGetter.promises.getUser(userId) + } catch (error) { + return new Errors.UserNotFoundError({ info: { userId } }) + } + // if the user does not have permission to add an affiliation, we skip this middleware + try { + req.assertPermission('add-affiliation') + } catch (error) { + if (error instanceof Errors.ForbiddenError) { + return next() + } + } + try { + await ensureAffiliation(user) + } catch (error) { + return next(error) + } + return next() +} + +async function tryDeleteUser(req, res, next) { + const userId = SessionManager.getLoggedInUserId(req.session) + const { password } = req.body + req.logger.addFields({ userId }) + + logger.debug({ userId }, 'trying to delete user account') + if (password == null || password === '') { + logger.err({ userId }, 'no password supplied for attempt to delete account') + return res.sendStatus(403) + } + + let user + try { + user = ( + await AuthenticationManager.promises.authenticate( + { _id: userId }, + password, + null, + { enforceHIBPCheck: false } + ) + ).user + } catch (err) { + throw OError.tag( + err, + 'error authenticating during attempt to delete account', + { userId } + ) + } + + if (!user) { + logger.err({ userId }, 'auth failed during attempt to delete account') + return res.sendStatus(403) + } + + try { + await UserDeleter.promises.deleteUser(userId, { + deleterUser: user, + ipAddress: req.ip, + }) + } catch (err) { + const errorData = { + message: 'error while deleting user account', + info: { userId }, + } + if (err instanceof Errors.SubscriptionAdminDeletionError) { + // set info.public.error for JSON response so frontend can display + // a specific message + errorData.info.public = { + error: 'SubscriptionAdminDeletionError', + } + logger.warn(OError.tag(err, errorData.message, errorData.info)) + return HttpErrorHandler.unprocessableEntity( + req, + res, + errorData.message, + errorData.info.public + ) + } else { + throw OError.tag(err, errorData.message, errorData.info) + } + } + + await Modules.promises.hooks.fire('tryDeleteV1Account', user) + + const sessionId = req.sessionID + + if (typeof req.logout === 'function') { + const logout = promisify(req.logout) + await logout() + } + + const destroySession = promisify(req.session.destroy.bind(req.session)) + await destroySession() + + UserSessionsManager.promises.untrackSession(user, sessionId).catch(err => { + logger.warn({ err, userId: user._id }, 'failed to untrack session') + }) + res.sendStatus(200) +} + +async function subscribe(req, res, next) { + const userId = SessionManager.getLoggedInUserId(req.session) + req.logger.addFields({ userId }) + + const user = await UserGetter.promises.getUser(userId, { + _id: 1, + email: 1, + first_name: 1, + last_name: 1, + }) + await NewsletterManager.promises.subscribe(user) + res.json({ + message: req.i18n.translate('thanks_settings_updated'), + }) +} + +async function unsubscribe(req, res, next) { + const userId = SessionManager.getLoggedInUserId(req.session) + req.logger.addFields({ userId }) + + const user = await UserGetter.promises.getUser(userId, { + _id: 1, + email: 1, + first_name: 1, + last_name: 1, + }) + await NewsletterManager.promises.unsubscribe(user) + await Modules.promises.hooks.fire('newsletterUnsubscribed', user) + res.json({ + message: req.i18n.translate('thanks_settings_updated'), + }) +} + +async function updateUserSettings(req, res, next) { + const userId = SessionManager.getLoggedInUserId(req.session) + req.logger.addFields({ userId }) + + const user = await User.findById(userId).exec() + if (user == null) { + throw new OError('problem updating user settings', { userId }) + } + + if (req.body.first_name != null) { + user.first_name = req.body.first_name.trim() + } + if (req.body.last_name != null) { + user.last_name = req.body.last_name.trim() + } + if (req.body.role != null) { + user.role = req.body.role.trim() + } + if (req.body.institution != null) { + user.institution = req.body.institution.trim() + } + if (req.body.mode != null) { + user.ace.mode = req.body.mode + } + if (req.body.editorTheme != null) { + user.ace.theme = req.body.editorTheme + } + if (req.body.overallTheme != null) { + user.ace.overallTheme = req.body.overallTheme + } + if (req.body.fontSize != null) { + user.ace.fontSize = req.body.fontSize + } + if (req.body.autoComplete != null) { + user.ace.autoComplete = req.body.autoComplete + } + if (req.body.autoPairDelimiters != null) { + user.ace.autoPairDelimiters = req.body.autoPairDelimiters + } + if (req.body.spellCheckLanguage != null) { + user.ace.spellCheckLanguage = req.body.spellCheckLanguage + } + if (req.body.pdfViewer != null) { + user.ace.pdfViewer = req.body.pdfViewer + } + if (req.body.syntaxValidation != null) { + user.ace.syntaxValidation = req.body.syntaxValidation + } + if (req.body.fontFamily != null) { + user.ace.fontFamily = req.body.fontFamily + } + if (req.body.lineHeight != null) { + user.ace.lineHeight = req.body.lineHeight + } + if (req.body.mathPreview != null) { + user.ace.mathPreview = req.body.mathPreview + } + await user.save() + + const newEmail = req.body.email?.trim().toLowerCase() + if ( + newEmail == null || + newEmail === user.email || + (req.externalAuthenticationSystemUsed() && !user.hashedPassword) + ) { + // end here, don't update email + SessionManager.setInSessionUser(req.session, { + first_name: user.first_name, + last_name: user.last_name, + }) + res.sendStatus(200) + } else if (newEmail.indexOf('@') === -1) { + // email invalid + res.sendStatus(400) + } else { + // update the user email + const auditLog = { + initiatorId: userId, + ipAddress: req.ip, + } + + try { + await UserUpdater.promises.changeEmailAddress(userId, newEmail, auditLog) + } catch (err) { + if (err instanceof Errors.EmailExistsError) { + const translation = req.i18n.translate('email_already_registered') + return HttpErrorHandler.conflict(req, res, translation) + } else { + return HttpErrorHandler.legacyInternal( + req, + res, + req.i18n.translate('problem_changing_email_address'), + OError.tag(err, 'problem_changing_email_address', { + userId, + newEmail, + }) + ) + } + } + + const user = await User.findById(userId).exec() + SessionManager.setInSessionUser(req.session, { + email: user.email, + first_name: user.first_name, + last_name: user.last_name, + }) + + try { + await UserHandler.promises.populateTeamInvites(user) + } catch (err) { + logger.error({ err }, 'error populateTeamInvites') + } + + res.sendStatus(200) + } +} + +async function doLogout(req) { + metrics.inc('user.logout') + const user = SessionManager.getSessionUser(req.session) + logger.debug({ user }, 'logging out') + const sessionId = req.sessionID + + if (typeof req.logout === 'function') { + // passport logout + const logout = promisify(req.logout.bind(req)) + await logout() + } + + const destroySession = promisify(req.session.destroy.bind(req.session)) + await destroySession() + + if (user != null) { + UserSessionsManager.promises.untrackSession(user, sessionId).catch(err => { + logger.warn({ err, userId: user._id }, 'failed to untrack session') + }) + } +} + +async function logout(req, res, next) { + const requestedRedirect = req.body.redirect + ? UrlHelper.getSafeRedirectPath(req.body.redirect) + : undefined + const redirectUrl = requestedRedirect || '/login' + + await doLogout(req) + + if (acceptsJson(req)) { + res.status(200).json({ redir: redirectUrl }) + } else { + res.redirect(redirectUrl) + } +} + +async function expireDeletedUser(req, res, next) { + const userId = req.params.userId + await UserDeleter.promises.expireDeletedUser(userId) + res.sendStatus(204) +} + +async function expireDeletedUsersAfterDuration(req, res, next) { + await UserDeleter.promises.expireDeletedUsersAfterDuration() + res.sendStatus(204) +} + +module.exports = { + clearSessions: expressify(clearSessions), + changePassword: expressify(changePassword), + tryDeleteUser: expressify(tryDeleteUser), + subscribe: expressify(subscribe), + unsubscribe: expressify(unsubscribe), + updateUserSettings: expressify(updateUserSettings), + doLogout: callbackify(doLogout), + logout: expressify(logout), + expireDeletedUser: expressify(expireDeletedUser), + expireDeletedUsersAfterDuration: expressify(expireDeletedUsersAfterDuration), + promises: { + doLogout, + ensureAffiliation, + ensureAffiliationMiddleware, + }, +} diff --git a/overleafserver/ldap/app/src/InitLdapAuthentication.js b/overleafserver/ldap/app/src/InitLdapAuthentication.js new file mode 100644 index 0000000..4f318d2 --- /dev/null +++ b/overleafserver/ldap/app/src/InitLdapAuthentication.js @@ -0,0 +1,54 @@ +const Settings = require('@overleaf/settings') +const fs = require('fs') + +function _getFilesContents(paths) { + return paths.map(path => { + try { + const content = fs.readFileSync(path) + return content + } catch (error) { + console.error(`Error reading file at ${path}:`, error) + return null + } + }) +} + +function initLdapAuthentication() { + Settings.ldap = { + enable: process.env.EXTERNAL_AUTH === 'ldap', + updateUserDetailsOnLogin: process.env.OVERLEAF_LDAP_UPDATE_USER_DETAILS_ON_LOGIN === 'true', + placeholder: process.env.OVERLEAF_LDAP_PLACEHOLDER || 'Username or email address', + attEmail: process.env.OVERLEAF_LDAP_EMAIL_ATT || 'mail', + attFirstName: process.env.OVERLEAF_LDAP_FIRST_NAME_ATT, + attLastName: process.env.OVERLEAF_LDAP_LAST_NAME_ATT, + attName: process.env.OVERLEAF_LDAP_NAME_ATT, + updateAdminOnLogin: process.env.OVERLEAF_LDAP_UPDATE_ADMIN_ON_LOGIN === 'true', + server: { + url: process.env.OVERLEAF_LDAP_URL, + bindDN: process.env.OVERLEAF_LDAP_BIND_DN || "", + bindCredentials: process.env.OVERLEAF_LDAP_BIND_CREDENTIALS || "", + bindProperty: process.env.OVERLEAF_LDAP_BIND_PROPERTY, + searchBase: process.env.OVERLEAF_LDAP_SEARCH_BASE, + searchFilter: process.env.OVERLEAF_LDAP_SEARCH_FILTER, + searchScope: process.env.OVERLEAF_LDAP_SEARCH_SCOPE || 'sub', + searchAttributes: JSON.parse(process.env.OVERLEAF_LDAP_SEARCH_ATTRIBUTES || '[]'), + groupSearchBase: process.env.OVERLEAF_LDAP_ADMIN_SEARCH_BASE, + groupSearchFilter: process.env.OVERLEAF_LDAP_ADMIN_SEARCH_FILTER, + groupSearchScope: process.env.OVERLEAF_LDAP_ADMIN_SEARCH_SCOPE || 'sub', + groupSearchAttributes: ["dn"], + groupDnProperty: process.env.OVERLEAF_LDAP_ADMIN_DN_PROPERTY, + cache: process.env.OVERLEAF_LDAP_CACHE === 'true', + timeout: process.env.OVERLEAF_LDAP_TIMEOUT, + connectTimeout: process.env.OVERLEAF_LDAP_CONNECT_TIMEOUT, + starttls: process.env.OVERLEAF_LDAP_STARTTLS === 'true', + tlsOptions: { + ca: _getFilesContents( + JSON.parse(process.env.OVERLEAF_LDAP_TLS_OPTS_CA_PATH || '[]') + ), + rejectUnauthorized: process.env.OVERLEAF_LDAP_TLS_OPTS_REJECT_UNAUTH === 'true', + } + } + } +} + +module.exports = { initLdapAuthentication } diff --git a/overleafserver/ldap/app/src/LdapContacts.js b/overleafserver/ldap/app/src/LdapContacts.js new file mode 100644 index 0000000..ff1494a --- /dev/null +++ b/overleafserver/ldap/app/src/LdapContacts.js @@ -0,0 +1,133 @@ +const Settings = require('@overleaf/settings') +const ldapjs = require('ldapauth-fork/node_modules/ldapjs') +const { splitFullName } = require('./AuthenticationManagerLdap') +const UserGetter = require('../../../../app/src/Features/User/UserGetter') + +async function fetchLdapContacts(userId, contacts) { + if (!Settings.ldap?.enable || !process.env.OVERLEAF_LDAP_CONTACTS_FILTER) { + return [] + } + + const { attEmail, attFirstName = "", attLastName = "", attName = "" } = Settings.ldap + const { + url, + timeout, + connectTimeout, + tlsOptions, + starttls, + bindDN, + bindCredentials, + } = Settings.ldap.server + const searchBase = process.env.OVERLEAF_LDAP_CONTACTS_SEARCH_BASE || Settings.ldap.server.searchBase + const searchScope = process.env.OVERLEAF_LDAP_CONTACTS_SEARCH_SCOPE || 'sub' + const ldapConfig = { url, timeout, connectTimeout, tlsOptions } + + let ldapUsers + const client = ldapjs.createClient(ldapConfig) + try { + if (starttls) { + await _upgradeToTLS(client, tlsOptions) + } + await _bindLdap(client, bindDN, bindCredentials) + + const filter = await _formContactsSearchFilter(client, userId, process.env.OVERLEAF_LDAP_CONTACTS_FILTER) + const searchOptions = { scope: searchScope, attributes: [attEmail, attFirstName, attLastName, attName], filter } + + ldapUsers = await _searchLdap(client, searchBase, searchOptions) + } catch (error) { + console.error('Error in fetchLdapContacts: ', error) + return [] + } finally { + client.unbind() + } + + const newLdapContacts = ldapUsers.reduce((acc, ldapUser) => { + const email = Array.isArray(ldapUser[attEmail]) + ? ldapUser[attEmail][0]?.toLowerCase() + : ldapUser[attEmail]?.toLowerCase() + if (!email) return acc + if (!contacts.some(contact => contact.email === email)) { + let nameParts = ["",""] + if ((!attFirstName || !attLastName) && attName) { + nameParts = splitFullName(ldapUser[attName] || "") + } + const firstName = attFirstName ? (ldapUser[attFirstName] || "") : nameParts[0] + const lastName = attLastName ? (ldapUser[attLastName] || "") : nameParts[1] + acc.push({ + first_name: firstName, + last_name: lastName, + email: email, + type: 'user', + }) + } + return acc + }, []) + + return newLdapContacts.sort((a, b) => + a.last_name.localeCompare(b.last_name) || + a.first_name.localeCompare(a.first_name) || + a.email.localeCompare(b.email) + ) +} + +function _upgradeToTLS(client, tlsOptions) { + return new Promise((resolve, reject) => { + client.on('error', error => reject(new Error(`LDAP client error: ${error}`))) + client.on('connect', () => { + client.starttls(tlsOptions, null, error => { + if (error) { + reject(new Error(`StartTLS error: ${error}`)) + } else { + resolve() + } + }) + }) + }) +} + +function _bindLdap(client, bindDN, bindCredentials) { + return new Promise((resolve, reject) => { + client.bind(bindDN, bindCredentials, error => { + if (error) { + reject(error) + } else { + resolve() + } + }) + }) +} + +function _searchLdap(client, baseDN, options) { + return new Promise((resolve, reject) => { + const searchEntries = [] + client.search(baseDN, options, (error, res) => { + if (error) { + reject(error) + } else { + res.on('searchEntry', entry => searchEntries.push(entry.object)) + res.on('error', reject) + res.on('end', () => resolve(searchEntries)) + } + }) + }) +} + +async function _formContactsSearchFilter(client, userId, contactsFilter) { + const searchProperty = process.env.OVERLEAF_LDAP_CONTACTS_PROPERTY + if (!searchProperty) { + return contactsFilter + } + const email = await UserGetter.promises.getUserEmail(userId) + const searchOptions = { + scope: Settings.ldap.server.searchScope, + attributes: [searchProperty], + filter: `(${Settings.ldap.attEmail}=${email})`, + } + const searchBase = Settings.ldap.server.searchBase + const ldapUser = (await _searchLdap(client, searchBase, searchOptions))[0] + const searchPropertyValue = ldapUser ? ldapUser[searchProperty] + : process.env.OVERLEAF_LDAP_CONTACTS_NON_LDAP_VALUE || 'IMATCHNOTHING' + return contactsFilter.replace(/{{userProperty}}/g, searchPropertyValue) +} + +module.exports = { fetchLdapContacts } diff --git a/overleafserver/ldap/app/src/LdapStrategy.js b/overleafserver/ldap/app/src/LdapStrategy.js new file mode 100644 index 0000000..bfc6b60 --- /dev/null +++ b/overleafserver/ldap/app/src/LdapStrategy.js @@ -0,0 +1,38 @@ +const Settings = require('@overleaf/settings') +const AuthenticationControllerLdap = require('./AuthenticationControllerLdap') +const passport = require('passport') +const LdapStrategy = require('passport-ldapauth').Strategy + +// custom responses on authentication failure +class CustomFailLdapStrategy extends LdapStrategy { + constructor(options, validate) { + super(options, validate); + this.name = 'custom-fail-ldapauth' + } + authenticate(req, options) { + const defaultFail = this.fail.bind(this) + this.fail = function(info, status) { + info.type = 'error' + info.key = 'invalid-password-retry-or-reset' + info.status = 401 + return defaultFail(info, status) + }.bind(this) + super.authenticate(req, options) + } +} + +function addLdapStrategy(passport) { + passport.use( + new CustomFailLdapStrategy( + { + server: Settings.ldap.server, + passReqToCallback: true, + usernameField: 'email', + passwordField: 'password', + }, + AuthenticationControllerLdap.doPassportLdapLogin + ) + ) +} + +module.exports = { addLdapStrategy } diff --git a/overleafserver/ldap/app/src/infrastructure/Features.js b/overleafserver/ldap/app/src/infrastructure/Features.js new file mode 100644 index 0000000..7548580 --- /dev/null +++ b/overleafserver/ldap/app/src/infrastructure/Features.js @@ -0,0 +1,101 @@ +const _ = require('lodash') +const Settings = require('@overleaf/settings') + +const supportModuleAvailable = Settings.moduleImportSequence.includes('support') + +const symbolPaletteModuleAvailable = + Settings.moduleImportSequence.includes('symbol-palette') + +const trackChangesModuleAvailable = + Settings.moduleImportSequence.includes('track-changes') + +/** + * @typedef {Object} Settings + * @property {Object | undefined} apis + * @property {Object | undefined} apis.linkedUrlProxy + * @property {string | undefined} apis.linkedUrlProxy.url + * @property {Object | undefined} apis.references + * @property {string | undefined} apis.references.url + * @property {boolean | undefined} enableGithubSync + * @property {boolean | undefined} enableGitBridge + * @property {boolean | undefined} enableHomepage + * @property {boolean | undefined} enableSaml + * @property {boolean | undefined} ldap + * @property {boolean | undefined} oauth + * @property {Object | undefined} overleaf + * @property {Object | undefined} overleaf.oauth + * @property {boolean | undefined} saml + */ + +const Features = { + /** + * @returns {boolean} + */ + externalAuthenticationSystemUsed() { + return ( + (Boolean(Settings.ldap) && Boolean(Settings.ldap.enable)) || + (Boolean(Settings.saml) && Boolean(Settings.saml.enable)) || + Boolean(Settings.overleaf) + ) + }, + + /** + * Whether a feature is enabled in the appliation's configuration + * + * @param {string} feature + * @returns {boolean} + */ + hasFeature(feature) { + switch (feature) { + case 'saas': + return Boolean(Settings.overleaf) + case 'homepage': + return Boolean(Settings.enableHomepage) + case 'registration-page': + return ( + !Features.externalAuthenticationSystemUsed() || + Boolean(Settings.overleaf) + ) + case 'registration': + return Boolean(Settings.overleaf) + case 'github-sync': + return Boolean(Settings.enableGithubSync) + case 'git-bridge': + return Boolean(Settings.enableGitBridge) + case 'oauth': + return Boolean(Settings.oauth) + case 'templates-server-pro': + return Boolean(Settings.templates?.user_id) + case 'affiliations': + case 'analytics': + return Boolean(_.get(Settings, ['apis', 'v1', 'url'])) + case 'overleaf-integration': + return Boolean(Settings.overleaf) || Boolean(Settings.enableRegistrationPage) + case 'references': + return Boolean(_.get(Settings, ['apis', 'references', 'url'])) + case 'saml': + return Boolean(Settings.enableSaml) + case 'linked-project-file': + return Boolean(Settings.enabledLinkedFileTypes.includes('project_file')) + case 'linked-project-output-file': + return Boolean( + Settings.enabledLinkedFileTypes.includes('project_output_file') + ) + case 'link-url': + return Boolean( + _.get(Settings, ['apis', 'linkedUrlProxy', 'url']) && + Settings.enabledLinkedFileTypes.includes('url') + ) + case 'support': + return supportModuleAvailable + case 'symbol-palette': + return symbolPaletteModuleAvailable + case 'track-changes': + return trackChangesModuleAvailable + default: + throw new Error(`unknown feature: ${feature}`) + } + }, +} + +module.exports = Features diff --git a/overleafserver/ldap/app/views/user/login.pug b/overleafserver/ldap/app/views/user/login.pug new file mode 100644 index 0000000..056b6be --- /dev/null +++ b/overleafserver/ldap/app/views/user/login.pug @@ -0,0 +1,42 @@ +extends ../layout-marketing + +block content + main.content.content-alt#main-content + .container + .row + .col-md-6.col-md-offset-3.col-lg-4.col-lg-offset-4 + .card + .page-header + h1 #{translate("log_in")} + form(data-ol-async-form, name="loginForm", action='/login', method="POST") + input(name='_csrf', type='hidden', value=csrfToken) + +formMessages() + +customFormMessage('invalid-password-retry-or-reset', 'danger') + | !{translate('email_or_password_wrong_try_again_or_reset', {}, [{ name: 'a', attrs: { href: '/user/password/reset', 'aria-describedby': 'resetPasswordDescription' } }])} + span.sr-only(id='resetPasswordDescription') + | #{translate('reset_password_link')} + +customValidationMessage('password-compromised') + | !{translate('password_compromised_try_again_or_use_known_device_or_reset', {}, [{name: 'a', attrs: {href: 'https://haveibeenpwned.com/passwords', rel: 'noopener noreferrer', target: '_blank'}}, {name: 'a', attrs: {href: '/user/password/reset', target: '_blank'}}])}. + .form-group + input.form-control( + type=(settings.ldap && settings.ldap.enable) ? 'text' : 'email', + name='email', + required, + placeholder=(settings.ldap && settings.ldap.enable) ? settings.ldap.placeholder : 'email@example.com', + autofocus="true" + ) + .form-group + input.form-control( + type='password', + name='password', + required, + placeholder='********', + ) + .actions + button.btn-primary.btn( + type='submit', + data-ol-disabled-inflight + ) + span(data-ol-inflight="idle") #{translate("login")} + span(hidden data-ol-inflight="pending") #{translate("logging_in")}… + a.pull-right(href='/user/password/reset') #{translate("forgot_your_password")}? diff --git a/overleafserver/ldap/app/views/user/settings.pug b/overleafserver/ldap/app/views/user/settings.pug new file mode 100644 index 0000000..e351b4d --- /dev/null +++ b/overleafserver/ldap/app/views/user/settings.pug @@ -0,0 +1,40 @@ +extends ../layout-marketing + +block entrypointVar + - entrypoint = 'pages/user/settings' + +block vars + - bootstrap5PageStatus = 'enabled' // One of 'disabled', 'enabled', and 'queryStringOnly' + - bootstrap5PageSplitTest = 'bootstrap-5' + +block append meta + meta(name="ol-hasPassword" data-type="boolean" content=hasPassword) + meta(name="ol-shouldAllowEditingDetails" data-type="boolean" content=shouldAllowEditingDetails || hasPassword) + meta(name="ol-oauthProviders", data-type="json", content=oauthProviders) + meta(name="ol-institutionLinked", data-type="json", content=institutionLinked) + meta(name="ol-samlError", data-type="json", content=samlError) + meta(name="ol-institutionEmailNonCanonical", content=institutionEmailNonCanonical) + + meta(name="ol-reconfirmedViaSAML", content=reconfirmedViaSAML) + meta(name="ol-reconfirmationRemoveEmail", content=reconfirmationRemoveEmail) + meta(name="ol-samlBeta", content=samlBeta) + meta(name="ol-ssoErrorMessage", content=ssoErrorMessage) + meta(name="ol-thirdPartyIds", data-type="json", content=thirdPartyIds || {}) + meta(name="ol-passwordStrengthOptions", data-type="json", content=settings.passwordStrengthOptions || {}) + meta(name="ol-isExternalAuthenticationSystemUsed" data-type="boolean" content=externalAuthenticationSystemUsed() && !hasPassword) + meta(name="ol-user" data-type="json" content=user) + meta(name="ol-dropbox" data-type="json" content=dropbox) + meta(name="ol-github" data-type="json" content=github) + meta(name="ol-projectSyncSuccessMessage", content=projectSyncSuccessMessage) + meta(name="ol-showPersonalAccessToken", data-type="boolean" content=showPersonalAccessToken) + meta(name="ol-optionalPersonalAccessToken", data-type="boolean" content=optionalPersonalAccessToken) + meta(name="ol-personalAccessTokens", data-type="json" content=personalAccessTokens) + meta(name="ol-emailAddressLimit", data-type="json", content=emailAddressLimit) + meta(name="ol-currentManagedUserAdminEmail" data-type="string" content=currentManagedUserAdminEmail) + meta(name="ol-gitBridgeEnabled" data-type="boolean" content=gitBridgeEnabled) + meta(name="ol-isSaas" data-type="boolean" content=isSaas) + meta(name="ol-memberOfSSOEnabledGroups" data-type="json" content=memberOfSSOEnabledGroups) + +block content + main.content.content-alt#main-content + #settings-page-root diff --git a/overleafserver/ldap/frontend/js/features/ide-react/context/review-panel/hooks/use-review-panel-state.ts b/overleafserver/ldap/frontend/js/features/ide-react/context/review-panel/hooks/use-review-panel-state.ts new file mode 100644 index 0000000..7d76eed --- /dev/null +++ b/overleafserver/ldap/frontend/js/features/ide-react/context/review-panel/hooks/use-review-panel-state.ts @@ -0,0 +1,1661 @@ +import { useState, useEffect, useMemo, useCallback, useRef } from 'react' +import { useTranslation } from 'react-i18next' +import { isEqual, cloneDeep } from 'lodash' +import usePersistedState from '@/shared/hooks/use-persisted-state' +import useScopeValue from '../../../../../shared/hooks/use-scope-value' +import useSocketListener from '@/features/ide-react/hooks/use-socket-listener' +import useAbortController from '@/shared/hooks/use-abort-controller' +import useScopeEventEmitter from '@/shared/hooks/use-scope-event-emitter' +import useLayoutToLeft from '@/features/ide-react/context/review-panel/hooks/useLayoutToLeft' +import { sendMB } from '@/infrastructure/event-tracking' +import { + dispatchReviewPanelLayout as handleLayoutChange, + UpdateType, +} from '@/features/source-editor/extensions/changes/change-manager' +import { useProjectContext } from '@/shared/context/project-context' +import { useLayoutContext } from '@/shared/context/layout-context' +import { useUserContext } from '@/shared/context/user-context' +import { useIdeReactContext } from '@/features/ide-react/context/ide-react-context' +import { useConnectionContext } from '@/features/ide-react/context/connection-context' +import { usePermissionsContext } from '@/features/ide-react/context/permissions-context' +import { useModalsContext } from '@/features/ide-react/context/modals-context' +import { + EditorManager, + useEditorManagerContext, +} from '@/features/ide-react/context/editor-manager-context' +import { debugConsole } from '@/utils/debugging' +import { deleteJSON, getJSON, postJSON } from '@/infrastructure/fetch-json' +import ColorManager from '@/ide/colors/ColorManager' +import RangesTracker from '@overleaf/ranges-tracker' +import type * as ReviewPanel from '@/features/source-editor/context/review-panel/types/review-panel-state' +import { + CommentId, + ReviewPanelCommentThreadMessage, + ReviewPanelCommentThreads, + ReviewPanelDocEntries, + SubView, + ThreadId, +} from '../../../../../../../types/review-panel/review-panel' +import { UserId } from '../../../../../../../types/user' +import { PublicAccessLevel } from '../../../../../../../types/public-access-level' +import { + DeepReadonly, + Entries, + MergeAndOverride, +} from '../../../../../../../types/utils' +import { ReviewPanelCommentThread } from '../../../../../../../types/review-panel/comment-thread' +import { DocId } from '../../../../../../../types/project-settings' +import { + ReviewPanelAddCommentEntry, + ReviewPanelAggregateChangeEntry, + ReviewPanelBulkActionsEntry, + ReviewPanelChangeEntry, + ReviewPanelCommentEntry, + ReviewPanelEntry, +} from '../../../../../../../types/review-panel/entry' +import { + ReviewPanelCommentThreadMessageApi, + ReviewPanelCommentThreadsApi, +} from '../../../../../../../types/review-panel/api' +import { DateString } from '../../../../../../../types/helpers/date' +import { + Change, + CommentOperation, + EditOperation, +} from '../../../../../../../types/change' +import { RangesTrackerWithResolvedThreadIds } from '@/features/ide-react/editor/document-container' +import useViewerPermissions from '@/shared/hooks/use-viewer-permissions' +import getMeta from '@/utils/meta' +import { useEditorContext } from '@/shared/context/editor-context' + +const dispatchReviewPanelEvent = (type: string, payload?: any) => { + window.dispatchEvent( + new CustomEvent('review-panel:event', { + detail: { type, payload }, + }) + ) +} + +const formatUser = (user: any): any => { + let isSelf, name + const id = + (user != null ? user._id : undefined) || + (user != null ? user.id : undefined) + + if (id == null) { + return { + id: 'anonymous-user', + email: null, + name: 'Anonymous', + isSelf: false, + hue: ColorManager.ANONYMOUS_HUE, + avatar_text: 'A', + } + } + if (id === getMeta('ol-user_id')) { + name = 'You' + isSelf = true + } else { + name = [user.first_name, user.last_name] + .filter(n => n != null && n !== '') + .join(' ') + if (name === '') { + name = + (user.email != null ? user.email.split('@')[0] : undefined) || 'Unknown' + } + isSelf = false + } + return { + id, + email: user.email, + name, + isSelf, + hue: ColorManager.getHueForUserId(id), + avatar_text: [user.first_name, user.last_name] + .filter(n => n != null) + .map(n => n[0]) + .join(''), + } +} + +const formatComment = ( + comment: ReviewPanelCommentThreadMessageApi +): ReviewPanelCommentThreadMessage => { + const commentTyped = comment as unknown as ReviewPanelCommentThreadMessage + commentTyped.user = formatUser(comment.user) + commentTyped.timestamp = new Date(comment.timestamp) + return commentTyped +} + +function useReviewPanelState(): ReviewPanel.ReviewPanelState { + const { t } = useTranslation() + const { reviewPanelOpen, setReviewPanelOpen, setMiniReviewPanelVisible } = + useLayoutContext() + const { projectId } = useIdeReactContext() + const project = useProjectContext() + const user = useUserContext() + const { socket } = useConnectionContext() + const { + features: { trackChangesVisible, trackChanges }, + } = project + const { isRestrictedTokenMember } = useEditorContext() + const { + openDocId, + currentDocument, + currentDocumentId, + wantTrackChanges, + setWantTrackChanges, + } = useEditorManagerContext() as MergeAndOverride< + EditorManager, + { currentDocumentId: DocId } + > + // TODO permissions to be removed from the review panel context. It currently acts just as a proxy. + const permissions = usePermissionsContext() + const { showGenericMessageModal } = useModalsContext() + const addCommentEmitter = useScopeEventEmitter('comment:start_adding') + const hasViewerPermissions = useViewerPermissions() + + const layoutToLeft = useLayoutToLeft('.ide-react-editor-panel') + const [subView, setSubView] = + useState>('cur_file') + const [isOverviewLoading, setIsOverviewLoading] = + useState>(false) + // All selected changes. If an aggregated change (insertion + deletion) is selected, the two ids + // will be present. The length of this array will differ from the count below (see explanation). + const selectedEntryIds = useRef([]) + // A count of user-facing selected changes. An aggregated change (insertion + deletion) will count + // as only one. + const [nVisibleSelectedChanges, setNVisibleSelectedChanges] = + useState>(0) + const [collapsed, setCollapsed] = usePersistedState< + ReviewPanel.Value<'collapsed'> + >(`docs_collapsed_state:${projectId}`, {}, false, true) + const [commentThreads, setCommentThreads] = useState< + ReviewPanel.Value<'commentThreads'> + >({}) + const [entries, setEntries] = useState>({}) + const [users, setUsers] = useScopeValue>('users') + const [resolvedComments, setResolvedComments] = useState< + ReviewPanel.Value<'resolvedComments'> + >({}) + + const [shouldCollapse, setShouldCollapse] = + useState>(true) + const [lineHeight, setLineHeight] = + useState>(0) + + const [formattedProjectMembers, setFormattedProjectMembers] = useState< + ReviewPanel.Value<'formattedProjectMembers'> + >({}) + const [trackChangesState, setTrackChangesState] = useState< + ReviewPanel.Value<'trackChangesState'> + >({}) + const [trackChangesOnForEveryone, setTrackChangesOnForEveryone] = + useState>(false) + const [trackChangesOnForGuests, setTrackChangesOnForGuests] = + useState>(false) + const [trackChangesForGuestsAvailable, setTrackChangesForGuestsAvailable] = + useState>(false) + + const [resolvedThreadIds, setResolvedThreadIds] = useState< + Record + >({}) + + const [loadingThreads, setLoadingThreads] = + useScopeValue('loadingThreads') + + const loadThreadsController = useAbortController() + const threadsLoadedOnceRef = useRef(false) + const loadingThreadsInProgressRef = useRef(false) + const ensureThreadsAreLoaded = useCallback(() => { + if (threadsLoadedOnceRef.current) { + // We get any updates in real time so only need to load them once. + return + } + threadsLoadedOnceRef.current = true + loadingThreadsInProgressRef.current = true + + return getJSON(`/project/${projectId}/threads`, { + signal: loadThreadsController.signal, + }) + .then(threads => { + setLoadingThreads(false) + const tempResolvedThreadIds: typeof resolvedThreadIds = {} + const threadsEntries = Object.entries(threads) as [ + [ + ThreadId, + MergeAndOverride< + ReviewPanelCommentThread, + ReviewPanelCommentThreadsApi[ThreadId] + >, + ], + ] + for (const [threadId, thread] of threadsEntries) { + for (const comment of thread.messages) { + formatComment(comment) + } + if (thread.resolved_by_user) { + thread.resolved_by_user = formatUser(thread.resolved_by_user) + tempResolvedThreadIds[threadId] = true + } + } + setResolvedThreadIds(tempResolvedThreadIds) + setCommentThreads(threads as unknown as ReviewPanelCommentThreads) + + dispatchReviewPanelEvent('loaded_threads') + handleLayoutChange({ async: true }) + + return { + resolvedThreadIds: tempResolvedThreadIds, + commentThreads: threads, + } + }) + .catch(debugConsole.error) + .finally(() => { + loadingThreadsInProgressRef.current = false + }) + }, [loadThreadsController.signal, projectId, setLoadingThreads]) + + const rangesTrackers = useRef< + Record + >({}) + const refreshingRangeUsers = useRef(false) + const refreshedForUserIds = useRef(new Set()) + const refreshChangeUsers = useCallback( + (userId: UserId | null) => { + if (userId != null) { + if (refreshedForUserIds.current.has(userId)) { + // We've already tried to refresh to get this user id, so stop it looping + return + } + refreshedForUserIds.current.add(userId) + } + + // Only do one refresh at once + if (refreshingRangeUsers.current) { + return + } + refreshingRangeUsers.current = true + + getJSON(`/project/${projectId}/changes/users`) + .then(usersResponse => { + refreshingRangeUsers.current = false + const tempUsers = {} as ReviewPanel.Value<'users'> + // Always include ourself, since if we submit an op, we might need to display info + // about it locally before it has been flushed through the server + if (user) { + if (user.id) { + tempUsers[user.id] = formatUser(user) + } else { + tempUsers['anonymous-user'] = formatUser(user) + } + } + + for (const user of usersResponse) { + if (user.id) { + tempUsers[user.id] = formatUser(user) + } else { + tempUsers['anonymous-user'] = formatUser(user) + } + } + + setUsers(tempUsers) + }) + .catch(error => { + refreshingRangeUsers.current = false + debugConsole.error(error) + }) + }, + [projectId, setUsers, user] + ) + + const getChangeTracker = useCallback( + (docId: DocId) => { + if (!rangesTrackers.current[docId]) { + const rangesTracker = new RangesTracker([], []) + ;( + rangesTracker as RangesTrackerWithResolvedThreadIds + ).resolvedThreadIds = { ...resolvedThreadIds } + rangesTrackers.current[docId] = + rangesTracker as RangesTrackerWithResolvedThreadIds + } + return rangesTrackers.current[docId]! + }, + [resolvedThreadIds] + ) + + const getDocEntries = useCallback( + (docId: DocId) => { + return entries[docId] ?? ({} as ReviewPanelDocEntries) + }, + [entries] + ) + + const getDocResolvedComments = useCallback( + (docId: DocId) => { + return resolvedComments[docId] ?? ({} as ReviewPanelDocEntries) + }, + [resolvedComments] + ) + + const getThread = useCallback( + (threadId: ThreadId) => { + return ( + commentThreads[threadId] ?? + ({ messages: [] } as ReviewPanelCommentThread) + ) + }, + [commentThreads] + ) + + const updateEntries = useCallback( + async (docId: DocId) => { + const rangesTracker = getChangeTracker(docId) + const docEntries = cloneDeep(getDocEntries(docId)) + const docResolvedComments = cloneDeep(getDocResolvedComments(docId)) + // Assume we'll delete everything until we see it, then we'll remove it from this object + const deleteChanges = new Set() + + for (const [id, change] of Object.entries(docEntries) as Entries< + typeof docEntries + >) { + if ( + 'entry_ids' in change && + id !== 'add-comment' && + id !== 'bulk-actions' + ) { + for (const entryId of change.entry_ids) { + deleteChanges.add(entryId) + } + } + } + for (const [, change] of Object.entries(docResolvedComments) as Entries< + typeof docResolvedComments + >) { + if ('entry_ids' in change) { + for (const entryId of change.entry_ids) { + deleteChanges.add(entryId) + } + } + } + + let potentialAggregate = false + let prevInsertion = null + + for (const change of rangesTracker.changes as any[]) { + if ( + potentialAggregate && + change.op.d && + change.op.p === prevInsertion.op.p + prevInsertion.op.i.length && + change.metadata.user_id === prevInsertion.metadata.user_id + ) { + // An actual aggregate op. + const aggregateChangeEntries = docEntries as Record< + string, + ReviewPanelAggregateChangeEntry + > + aggregateChangeEntries[prevInsertion.id].type = 'aggregate-change' + aggregateChangeEntries[prevInsertion.id].metadata.replaced_content = + change.op.d + aggregateChangeEntries[prevInsertion.id].entry_ids.push(change.id) + } else { + if (docEntries[change.id] == null) { + docEntries[change.id] = {} as ReviewPanelEntry + } + deleteChanges.delete(change.id) + const newEntry: Partial = { + type: change.op.i ? 'insert' : 'delete', + entry_ids: [change.id], + content: change.op.i || change.op.d, + offset: change.op.p, + metadata: change.metadata, + } + for (const [key, value] of Object.entries(newEntry) as Entries< + typeof newEntry + >) { + const entriesTyped = docEntries[change.id] as Record + entriesTyped[key] = value + } + } + + if (change.op.i) { + potentialAggregate = true + prevInsertion = change + } else { + potentialAggregate = false + prevInsertion = null + } + + if (!users[change.metadata.user_id]) { + if (!(isRestrictedTokenMember || hasViewerPermissions)) { + refreshChangeUsers(change.metadata.user_id) + } + } + } + + let localResolvedThreadIds = resolvedThreadIds + + if ( + !(isRestrictedTokenMember || hasViewerPermissions) && + rangesTracker.comments.length > 0 + ) { + const threadsLoadResult = await ensureThreadsAreLoaded() + if (threadsLoadResult?.resolvedThreadIds) { + localResolvedThreadIds = threadsLoadResult.resolvedThreadIds + } + } else if (loadingThreads) { + // ensure that tracked changes are highlighted even if no comments are loaded + setLoadingThreads(false) + dispatchReviewPanelEvent('loaded_threads') + } + + if (!loadingThreadsInProgressRef.current) { + for (const comment of rangesTracker.comments) { + const commentId = comment.id as ThreadId + deleteChanges.delete(commentId) + + let newComment: any + if (localResolvedThreadIds[comment.op.t]) { + docResolvedComments[commentId] ??= {} as ReviewPanelCommentEntry + newComment = docResolvedComments[commentId] + delete docEntries[commentId] + } else { + docEntries[commentId] ??= {} as ReviewPanelEntry + newComment = docEntries[commentId] + delete docResolvedComments[commentId] + } + + newComment.type = 'comment' + newComment.thread_id = comment.op.t + newComment.entry_ids = [comment.id] + newComment.content = comment.op.c + newComment.offset = comment.op.p + } + } + + deleteChanges.forEach(changeId => { + delete docEntries[changeId] + delete docResolvedComments[changeId] + }) + + setEntries(prev => { + return isEqual(prev[docId], docEntries) + ? prev + : { ...prev, [docId]: docEntries } + }) + setResolvedComments(prev => { + return isEqual(prev[docId], docResolvedComments) + ? prev + : { ...prev, [docId]: docResolvedComments } + }) + + return docEntries + }, + [ + getChangeTracker, + getDocEntries, + getDocResolvedComments, + refreshChangeUsers, + resolvedThreadIds, + users, + ensureThreadsAreLoaded, + loadingThreads, + setLoadingThreads, + hasViewerPermissions, + isRestrictedTokenMember, + ] + ) + + const regenerateTrackChangesId = useCallback( + (doc: typeof currentDocument) => { + const currentChangeTracker = getChangeTracker(doc.doc_id as DocId) + const oldId = currentChangeTracker.getIdSeed() + const newId = RangesTracker.generateIdSeed() + currentChangeTracker.setIdSeed(newId) + doc.setTrackChangesIdSeeds({ pending: newId, inflight: oldId }) + }, + [getChangeTracker] + ) + + useEffect(() => { + if (!currentDocument) { + return + } + // The open doc range tracker is kept up to date in real-time so + // replace any outdated info with this + const rangesTracker = currentDocument.ranges! + ;(rangesTracker as RangesTrackerWithResolvedThreadIds).resolvedThreadIds = { + ...resolvedThreadIds, + } + rangesTrackers.current[currentDocument.doc_id as DocId] = + rangesTracker as RangesTrackerWithResolvedThreadIds + currentDocument.on('flipped_pending_to_inflight', () => + regenerateTrackChangesId(currentDocument) + ) + regenerateTrackChangesId(currentDocument) + + return () => { + currentDocument.off('flipped_pending_to_inflight') + } + }, [currentDocument, regenerateTrackChangesId, resolvedThreadIds]) + + const currentUserType = useCallback((): 'member' | 'guest' | 'anonymous-user' => { + if (!user) { + return 'anonymous-user' + } + if (project.owner._id === user.id) { + return 'member' + } + for (const member of project.members as any[]) { + if (member._id === user.id) { + return 'member' + } + } + return 'guest' + }, [project.members, project.owner, user]) + + const applyClientTrackChangesStateToServer = useCallback( + ( + trackChangesOnForEveryone: boolean, + trackChangesOnForGuests: boolean, + trackChangesState: ReviewPanel.Value<'trackChangesState'> + ) => { + const data: { + on?: boolean + on_for?: Record + on_for_guests?: boolean + } = {} + if (trackChangesOnForEveryone) { + data.on = true + } else { + data.on_for = {} + const entries = Object.entries(trackChangesState) as Array< + [ + UserId, + NonNullable< + (typeof trackChangesState)[keyof typeof trackChangesState] + >, + ] + > + for (const [userId, { value }] of entries) { + data.on_for[userId] = value + } + if (trackChangesOnForGuests) { + data.on_for_guests = true + } + } + postJSON(`/project/${projectId}/track_changes`, { + body: data, + }).catch(debugConsole.error) + }, + [projectId] + ) + + const setGuestsTCState = useCallback( + (newValue: boolean) => { + setTrackChangesOnForGuests(newValue) + if (currentUserType() === 'guest' || currentUserType() === 'anonymous-user') { + setWantTrackChanges(newValue) + } + }, + [currentUserType, setWantTrackChanges] + ) + + const setUserTCState = useCallback( + ( + trackChangesState: DeepReadonly>, + userId: UserId, + newValue: boolean, + isLocal = false + ) => { + const newTrackChangesState: ReviewPanel.Value<'trackChangesState'> = { + ...trackChangesState, + } + const state = + newTrackChangesState[userId] ?? + ({} as NonNullable<(typeof newTrackChangesState)[UserId]>) + newTrackChangesState[userId] = state + + if (state.syncState == null || state.syncState === 'synced') { + state.value = newValue + state.syncState = 'synced' + } else if (state.syncState === 'pending' && state.value === newValue) { + state.syncState = 'synced' + } else if (isLocal) { + state.value = newValue + state.syncState = 'pending' + } + + setTrackChangesState(newTrackChangesState) + + if (userId === user.id) { + setWantTrackChanges(newValue) + } + + return newTrackChangesState + }, + [setWantTrackChanges, user.id] + ) + + const setEveryoneTCState = useCallback( + (newValue: boolean, isLocal = false) => { + setTrackChangesOnForEveryone(newValue) + let newTrackChangesState: ReviewPanel.Value<'trackChangesState'> = { + ...trackChangesState, + } + for (const member of project.members as any[]) { + newTrackChangesState = setUserTCState( + newTrackChangesState, + member._id, + newValue, + isLocal + ) + } + setGuestsTCState(newValue) + + newTrackChangesState = setUserTCState( + newTrackChangesState, + project.owner._id, + newValue, + isLocal + ) + + return { trackChangesState: newTrackChangesState } + }, + [ + project.members, + project.owner._id, + setGuestsTCState, + setUserTCState, + trackChangesState, + ] + ) + + const toggleTrackChangesForEveryone = useCallback< + ReviewPanel.UpdaterFn<'toggleTrackChangesForEveryone'> + >( + (onForEveryone: boolean) => { + const { trackChangesState } = setEveryoneTCState(onForEveryone, true) + setGuestsTCState(onForEveryone) + applyClientTrackChangesStateToServer( + onForEveryone, + onForEveryone, + trackChangesState + ) + }, + [applyClientTrackChangesStateToServer, setEveryoneTCState, setGuestsTCState] + ) + + const toggleTrackChangesForGuests = useCallback< + ReviewPanel.UpdaterFn<'toggleTrackChangesForGuests'> + >( + (onForGuests: boolean) => { + setGuestsTCState(onForGuests) + applyClientTrackChangesStateToServer( + trackChangesOnForEveryone, + onForGuests, + trackChangesState + ) + }, + [ + applyClientTrackChangesStateToServer, + setGuestsTCState, + trackChangesOnForEveryone, + trackChangesState, + ] + ) + + const toggleTrackChangesForUser = useCallback< + ReviewPanel.UpdaterFn<'toggleTrackChangesForUser'> + >( + (onForUser: boolean, userId: UserId) => { + const newTrackChangesState = setUserTCState( + trackChangesState, + userId, + onForUser, + true + ) + applyClientTrackChangesStateToServer( + trackChangesOnForEveryone, + trackChangesOnForGuests, + newTrackChangesState + ) + }, + [ + applyClientTrackChangesStateToServer, + setUserTCState, + trackChangesOnForEveryone, + trackChangesOnForGuests, + trackChangesState, + ] + ) + + const applyTrackChangesStateToClient = useCallback( + (state: boolean | ReviewPanel.Value<'trackChangesState'>) => { + if (typeof state === 'boolean') { + setEveryoneTCState(state) + setGuestsTCState(state) + } else { + setTrackChangesOnForEveryone(false) + // TODO + // @ts-ignore + setGuestsTCState(state.__guests__ === true) + + let newTrackChangesState: ReviewPanel.Value<'trackChangesState'> = { + ...trackChangesState, + } + for (const member of project.members as any[]) { + newTrackChangesState = setUserTCState( + newTrackChangesState, + member._id, + !!state[member._id] + ) + } + newTrackChangesState = setUserTCState( + newTrackChangesState, + project.owner._id, + !!state[project.owner._id] + ) + return newTrackChangesState + } + }, + [ + project.members, + project.owner._id, + setEveryoneTCState, + setGuestsTCState, + setUserTCState, + trackChangesState, + ] + ) + + const setGuestFeatureBasedOnProjectAccessLevel = ( + projectPublicAccessLevel?: PublicAccessLevel + ) => { + setTrackChangesForGuestsAvailable(projectPublicAccessLevel === 'tokenBased') + } + + useEffect(() => { + setGuestFeatureBasedOnProjectAccessLevel(project.publicAccessLevel) + }, [project.publicAccessLevel]) + + useEffect(() => { + if ( + trackChangesForGuestsAvailable || + !trackChangesOnForGuests || + trackChangesOnForEveryone + ) { + return + } + + // Overrides guest setting + toggleTrackChangesForGuests(false) + }, [ + toggleTrackChangesForGuests, + trackChangesForGuestsAvailable, + trackChangesOnForEveryone, + trackChangesOnForGuests, + ]) + + const projectJoinedEffectExecuted = useRef(false) + useEffect(() => { + if (!projectJoinedEffectExecuted.current) { + projectJoinedEffectExecuted.current = true + requestAnimationFrame(() => { + if (trackChanges) { + applyTrackChangesStateToClient(project.trackChangesState) + } else { + applyTrackChangesStateToClient(false) + } + setGuestFeatureBasedOnProjectAccessLevel(project.publicAccessLevel) + }) + } + }, [ + applyTrackChangesStateToClient, + trackChanges, + project.publicAccessLevel, + project.trackChangesState, + ]) + + useEffect(() => { + setFormattedProjectMembers(prevState => { + const tempFormattedProjectMembers: typeof prevState = {} + if (project.owner) { + tempFormattedProjectMembers[project.owner._id] = formatUser( + project.owner + ) + } + const members = project.members ?? [] + for (const member of members) { + if (member.privileges === 'readAndWrite') { + if (!trackChangesState[member._id]) { + // An added member will have track changes enabled if track changes is on for everyone + setUserTCState( + trackChangesState, + member._id, + trackChangesOnForEveryone, + true + ) + } + tempFormattedProjectMembers[member._id] = formatUser(member) + } + } + return tempFormattedProjectMembers + }) + }, [ + project.members, + project.owner, + setUserTCState, + trackChangesOnForEveryone, + trackChangesState, + ]) + + useSocketListener( + socket, + 'toggle-track-changes', + applyTrackChangesStateToClient + ) + + const gotoEntry = useCallback( + (docId: DocId, entryOffset: number) => { + openDocId(docId, { gotoOffset: entryOffset }) + }, + [openDocId] + ) + + const view = reviewPanelOpen ? subView : 'mini' + + const toggleReviewPanel = useCallback(() => { + if (!trackChangesVisible) { + return + } + setReviewPanelOpen(!reviewPanelOpen) + sendMB('rp-toggle-panel', { + value: !reviewPanelOpen, + }) + }, [reviewPanelOpen, setReviewPanelOpen, trackChangesVisible]) + + const onCommentResolved = useCallback( + (threadId: ThreadId, user: any) => { + setCommentThreads(prevState => { + const thread = { ...getThread(threadId) } + thread.resolved = true + thread.resolved_by_user = formatUser(user) + thread.resolved_at = new Date().toISOString() as DateString + return { ...prevState, [threadId]: thread } + }) + setResolvedThreadIds(prevState => ({ ...prevState, [threadId]: true })) + dispatchReviewPanelEvent('comment:resolve_threads', [threadId]) + }, + [getThread] + ) + + const resolveComment = useCallback( + (docId: DocId, entryId: ThreadId) => { + const docEntries = getDocEntries(docId) + const entry = docEntries[entryId] as ReviewPanelCommentEntry + + setEntries(prevState => ({ + ...prevState, + [docId]: { + ...prevState[docId], + [entryId]: { + ...prevState[docId][entryId], + focused: false, + }, + }, + })) + + postJSON( + `/project/${projectId}/doc/${docId}/thread/${entry.thread_id}/resolve` + ) + onCommentResolved(entry.thread_id, user) + sendMB('rp-comment-resolve', { view }) + }, + [getDocEntries, onCommentResolved, projectId, user, view] + ) + + const onCommentReopened = useCallback( + (threadId: ThreadId) => { + setCommentThreads(prevState => { + const { + resolved: _1, + resolved_by_user: _2, + resolved_at: _3, + ...thread + } = getThread(threadId) + return { ...prevState, [threadId]: thread } + }) + setResolvedThreadIds(({ [threadId]: _, ...resolvedThreadIds }) => { + return resolvedThreadIds + }) + dispatchReviewPanelEvent('comment:unresolve_thread', threadId) + }, + [getThread] + ) + + const unresolveComment = useCallback( + (docId: DocId, threadId: ThreadId) => { + onCommentReopened(threadId) + const url = `/project/${projectId}/doc/${docId}/thread/${threadId}/reopen` + postJSON(url).catch(debugConsole.error) + sendMB('rp-comment-reopen') + }, + [onCommentReopened, projectId] + ) + + const onThreadDeleted = useCallback((threadId: ThreadId) => { + setResolvedThreadIds(({ [threadId]: _, ...resolvedThreadIds }) => { + return resolvedThreadIds + }) + setCommentThreads(({ [threadId]: _, ...commentThreads }) => { + return commentThreads + }) + dispatchReviewPanelEvent('comment:remove', threadId) + }, []) + + const deleteThread = useCallback( + (docId: DocId, threadId: ThreadId) => { + onThreadDeleted(threadId) + deleteJSON(`/project/${projectId}/doc/${docId}/thread/${threadId}`).catch( + debugConsole.error + ) + sendMB('rp-comment-delete') + }, + [onThreadDeleted, projectId] + ) + + const onCommentEdited = useCallback( + (threadId: ThreadId, commentId: CommentId, content: string) => { + setCommentThreads(prevState => { + const thread = { ...getThread(threadId) } + thread.messages = thread.messages.map(message => { + return message.id === commentId ? { ...message, content } : message + }) + return { ...prevState, [threadId]: thread } + }) + }, + [getThread] + ) + + const saveEdit = useCallback( + (threadId: ThreadId, commentId: CommentId, content: string) => { + const url = `/project/${projectId}/thread/${threadId}/messages/${commentId}/edit` + postJSON(url, { body: { content } }).catch(debugConsole.error) + handleLayoutChange({ async: true }) + }, + [projectId] + ) + + const onCommentDeleted = useCallback( + (threadId: ThreadId, commentId: CommentId) => { + setCommentThreads(prevState => { + const thread = { ...getThread(threadId) } + thread.messages = thread.messages.filter(m => m.id !== commentId) + return { ...prevState, [threadId]: thread } + }) + }, + [getThread] + ) + + const deleteComment = useCallback( + (threadId: ThreadId, commentId: CommentId) => { + onCommentDeleted(threadId, commentId) + deleteJSON( + `/project/${projectId}/thread/${threadId}/messages/${commentId}` + ).catch(debugConsole.error) + handleLayoutChange({ async: true }) + }, + [onCommentDeleted, projectId] + ) + + const doAcceptChanges = useCallback( + (entryIds: ThreadId[]) => { + const url = `/project/${projectId}/doc/${currentDocumentId}/changes/accept` + postJSON(url, { body: { change_ids: entryIds } }).catch( + debugConsole.error + ) + dispatchReviewPanelEvent('changes:accept', entryIds) + }, + [currentDocumentId, projectId] + ) + + const acceptChanges = useCallback( + (entryIds: ThreadId[]) => { + doAcceptChanges(entryIds) + sendMB('rp-changes-accepted', { view }) + }, + [doAcceptChanges, view] + ) + + const doRejectChanges = useCallback((entryIds: ThreadId[]) => { + dispatchReviewPanelEvent('changes:reject', entryIds) + }, []) + + const rejectChanges = useCallback( + (entryIds: ThreadId[]) => { + doRejectChanges(entryIds) + sendMB('rp-changes-rejected', { view }) + }, + [doRejectChanges, view] + ) + + const bulkAcceptActions = useCallback(() => { + doAcceptChanges(selectedEntryIds.current) + sendMB('rp-bulk-accept', { view, nEntries: nVisibleSelectedChanges }) + }, [doAcceptChanges, nVisibleSelectedChanges, view]) + + const bulkRejectActions = useCallback(() => { + doRejectChanges(selectedEntryIds.current) + sendMB('rp-bulk-reject', { view, nEntries: nVisibleSelectedChanges }) + }, [doRejectChanges, nVisibleSelectedChanges, view]) + + const refreshRanges = useCallback(() => { + type Doc = { + id: DocId + ranges: { + comments?: Change[] + changes?: Change[] + } + } + + return getJSON(`/project/${projectId}/ranges`) + .then(docs => { + setCollapsed(prevState => { + const collapsed = { ...prevState } + docs.forEach(doc => { + if (collapsed[doc.id] == null) { + collapsed[doc.id] = false + } + }) + return collapsed + }) + + docs.forEach(async doc => { + if (doc.id !== currentDocumentId) { + // this is kept up to date in real-time, don't overwrite + const rangesTracker = getChangeTracker(doc.id) + rangesTracker.comments = doc.ranges?.comments ?? [] + rangesTracker.changes = doc.ranges?.changes ?? [] + } + }) + + return Promise.all(docs.map(doc => updateEntries(doc.id))) + }) + .catch(debugConsole.error) + }, [ + currentDocumentId, + getChangeTracker, + projectId, + setCollapsed, + updateEntries, + ]) + + const handleSetSubview = useCallback((subView: SubView) => { + setSubView(subView) + sendMB('rp-subview-change', { subView }) + }, []) + + const submitReply = useCallback( + (threadId: ThreadId, replyContent: string) => { + const url = `/project/${projectId}/thread/${threadId}/messages` + postJSON(url, { body: { content: replyContent } }).catch(() => { + showGenericMessageModal( + t('error_submitting_comment'), + t('comment_submit_error') + ) + }) + + const trackingMetadata = { + view, + size: replyContent.length, + thread: threadId, + } + + setCommentThreads(prevState => ({ + ...prevState, + [threadId]: { ...getThread(threadId), submitting: true }, + })) + handleLayoutChange({ async: true }) + sendMB('rp-comment-reply', trackingMetadata) + }, + [getThread, projectId, showGenericMessageModal, t, view] + ) + + // TODO `submitNewComment` is partially localized in the `add-comment-entry` component. + const submitNewComment = useCallback( + (content: string) => { + if (!content) { + return + } + + const entries = getDocEntries(currentDocumentId) + const addCommentEntry = entries['add-comment'] as + | ReviewPanelAddCommentEntry + | undefined + + if (!addCommentEntry) { + return + } + + const { offset, length } = addCommentEntry + const threadId = RangesTracker.generateId() as ThreadId + setCommentThreads(prevState => ({ + ...prevState, + [threadId]: { ...getThread(threadId), submitting: true }, + })) + + const url = `/project/${projectId}/thread/${threadId}/messages` + postJSON(url, { body: { content } }) + .then(() => { + dispatchReviewPanelEvent('comment:add', { threadId, offset, length }) + handleLayoutChange({ async: true }) + sendMB('rp-new-comment', { size: content.length }) + }) + .catch(() => { + showGenericMessageModal( + t('error_submitting_comment'), + t('comment_submit_error') + ) + }) + }, + [ + currentDocumentId, + getDocEntries, + getThread, + projectId, + showGenericMessageModal, + t, + ] + ) + + const [isAddingComment, setIsAddingComment] = useState(false) + const [navHeight, setNavHeight] = useState(0) + const [toolbarHeight, setToolbarHeight] = useState(0) + const [layoutSuspended, setLayoutSuspended] = useState(false) + const [unsavedComment, setUnsavedComment] = useState('') + + useEffect(() => { + if (!trackChangesVisible) { + setReviewPanelOpen(false) + } + }, [trackChangesVisible, setReviewPanelOpen]) + + const hasEntries = useMemo(() => { + const docEntries = getDocEntries(currentDocumentId) + const permEntriesCount = Object.keys(docEntries).filter(key => { + return !['add-comment', 'bulk-actions'].includes(key) + }).length + return permEntriesCount > 0 && trackChangesVisible + }, [currentDocumentId, getDocEntries, trackChangesVisible]) + + useEffect(() => { + setMiniReviewPanelVisible(!reviewPanelOpen && !!hasEntries) + }, [reviewPanelOpen, hasEntries, setMiniReviewPanelVisible]) + + // listen for events from the CodeMirror 6 track changes extension + useEffect(() => { + const toggleTrackChangesFromKbdShortcut = () => { + if (trackChangesVisible && trackChanges) { + const userId: UserId = user.id + const state = trackChangesState[userId] + if (state) { + toggleTrackChangesForUser(!state.value, userId) + } + } + } + + const editorLineHeightChanged = (payload: typeof lineHeight) => { + setLineHeight(payload) + handleLayoutChange() + } + + const editorTrackChangesChanged = async () => { + const tempEntries = cloneDeep(await updateEntries(currentDocumentId)) + + // `tempEntries` would be mutated + dispatchReviewPanelEvent('recalculate-screen-positions', { + entries: tempEntries, + updateType: 'trackedChangesChange', + }) + + // The state should be updated after dispatching the 'recalculate-screen-positions' + // event as `tempEntries` will be mutated + setEntries(prev => ({ ...prev, [currentDocumentId]: tempEntries })) + handleLayoutChange() + } + + const editorTrackChangesVisibilityChanged = () => { + handleLayoutChange({ async: true, animate: false }) + } + + const editorFocusChanged = ( + selectionOffsetStart: number, + selectionOffsetEnd: number, + selection: boolean, + updateType: UpdateType + ) => { + let tempEntries = cloneDeep(getDocEntries(currentDocumentId)) + // All selected changes will be added to this array. + selectedEntryIds.current = [] + // Count of user-visible changes, i.e. an aggregated change will count as one. + let tempNVisibleSelectedChanges = 0 + + const offset = selectionOffsetStart + const length = selectionOffsetEnd - selectionOffsetStart + + // Recreate the add comment and bulk actions entries only when + // necessary. This is to avoid the UI thinking that these entries have + // changed and getting into an infinite loop. + if (selection) { + const existingAddComment = tempEntries[ + 'add-comment' + ] as ReviewPanelAddCommentEntry + if ( + !existingAddComment || + existingAddComment.offset !== offset || + existingAddComment.length !== length + ) { + tempEntries['add-comment'] = { + type: 'add-comment', + offset, + length, + } as ReviewPanelAddCommentEntry + } + const existingBulkActions = tempEntries[ + 'bulk-actions' + ] as ReviewPanelBulkActionsEntry + if ( + !existingBulkActions || + existingBulkActions.offset !== offset || + existingBulkActions.length !== length + ) { + tempEntries['bulk-actions'] = { + type: 'bulk-actions', + offset, + length, + } as ReviewPanelBulkActionsEntry + } + } else { + delete (tempEntries as Partial)['add-comment'] + delete (tempEntries as Partial)['bulk-actions'] + } + + for (const [key, entry] of Object.entries(tempEntries) as Entries< + typeof tempEntries + >) { + let isChangeEntryAndWithinSelection = false + if (entry.type === 'comment' && !resolvedThreadIds[entry.thread_id]) { + tempEntries = { + ...tempEntries, + [key]: { + ...tempEntries[key], + focused: + entry.offset <= selectionOffsetStart && + selectionOffsetStart <= entry.offset + entry.content.length, + }, + } + } else if ( + entry.type === 'insert' || + entry.type === 'aggregate-change' + ) { + isChangeEntryAndWithinSelection = + entry.offset >= selectionOffsetStart && + entry.offset + entry.content.length <= selectionOffsetEnd + tempEntries = { + ...tempEntries, + [key]: { + ...tempEntries[key], + focused: + entry.offset <= selectionOffsetStart && + selectionOffsetStart <= entry.offset + entry.content.length, + }, + } + } else if (entry.type === 'delete') { + isChangeEntryAndWithinSelection = + selectionOffsetStart <= entry.offset && + entry.offset <= selectionOffsetEnd + tempEntries = { + ...tempEntries, + [key]: { + ...tempEntries[key], + focused: entry.offset === selectionOffsetStart, + }, + } + } else if ( + ['add-comment', 'bulk-actions'].includes(entry.type) && + selection + ) { + tempEntries = { + ...tempEntries, + [key]: { ...tempEntries[key], focused: true }, + } + } + if (isChangeEntryAndWithinSelection) { + const entryIds = 'entry_ids' in entry ? entry.entry_ids : [] + for (const entryId of entryIds) { + selectedEntryIds.current.push(entryId) + } + tempNVisibleSelectedChanges++ + } + } + + // `tempEntries` would be mutated + dispatchReviewPanelEvent('recalculate-screen-positions', { + entries: tempEntries, + updateType, + }) + + // The state should be updated after dispatching the 'recalculate-screen-positions' + // event as `tempEntries` will be mutated + setEntries(prev => ({ ...prev, [currentDocumentId]: tempEntries })) + setNVisibleSelectedChanges(tempNVisibleSelectedChanges) + + handleLayoutChange() + } + + const addNewCommentFromKbdShortcut = () => { + if (!trackChangesVisible) { + return + } + dispatchReviewPanelEvent('comment:select_line') + + if (!reviewPanelOpen) { + toggleReviewPanel() + } + handleLayoutChange({ async: true }) + addCommentEmitter() + } + + const handleEditorEvents = (e: Event) => { + const event = e as CustomEvent + const { type, payload } = event.detail + + switch (type) { + case 'line-height': { + editorLineHeightChanged(payload) + break + } + + case 'track-changes:changed': { + editorTrackChangesChanged() + break + } + + case 'track-changes:visibility_changed': { + editorTrackChangesVisibilityChanged() + break + } + + case 'focus:changed': { + const { from, to, empty, updateType } = payload + editorFocusChanged(from, to, !empty, updateType) + break + } + + case 'add-new-comment': { + addNewCommentFromKbdShortcut() + break + } + + case 'toggle-track-changes': { + toggleTrackChangesFromKbdShortcut() + break + } + + case 'toggle-review-panel': { + toggleReviewPanel() + break + } + } + } + + window.addEventListener('editor:event', handleEditorEvents) + + return () => { + window.removeEventListener('editor:event', handleEditorEvents) + } + }, [ + addCommentEmitter, + currentDocumentId, + getDocEntries, + resolvedThreadIds, + reviewPanelOpen, + toggleReviewPanel, + toggleTrackChangesForUser, + trackChanges, + trackChangesState, + trackChangesVisible, + updateEntries, + user.id, + ]) + + useSocketListener(socket, 'reopen-thread', onCommentReopened) + useSocketListener(socket, 'delete-thread', onThreadDeleted) + useSocketListener(socket, 'resolve-thread', onCommentResolved) + useSocketListener(socket, 'edit-message', onCommentEdited) + useSocketListener(socket, 'delete-message', onCommentDeleted) + useSocketListener( + socket, + 'accept-changes', + useCallback( + (docId: DocId, entryIds: ThreadId[]) => { + if (docId !== currentDocumentId) { + getChangeTracker(docId).removeChangeIds(entryIds) + } else { + dispatchReviewPanelEvent('changes:accept', entryIds) + } + updateEntries(docId) + }, + [currentDocumentId, getChangeTracker, updateEntries] + ) + ) + useSocketListener( + socket, + 'new-comment', + useCallback( + (threadId: ThreadId, comment: ReviewPanelCommentThreadMessageApi) => { + setCommentThreads(prevState => { + const { submitting: _, ...thread } = getThread(threadId) + thread.messages = [...thread.messages] + thread.messages.push(formatComment(comment)) + return { ...prevState, [threadId]: thread } + }) + handleLayoutChange({ async: true }) + }, + [getThread] + ) + ) + useSocketListener( + socket, + 'new-comment-threads', + useCallback( + (threads: ReviewPanelCommentThreadsApi) => { + setCommentThreads(prevState => { + const newThreads = { ...prevState } + for (const threadIdString of Object.keys(threads)) { + const threadId = threadIdString as ThreadId + const { submitting: _, ...thread } = getThread(threadId) + // Replace already loaded messages with the server provided ones + thread.messages = threads[threadId].messages.map(formatComment) + newThreads[threadId] = thread + } + return newThreads + }) + handleLayoutChange({ async: true }) + }, + [getThread] + ) + ) + + const openSubView = useRef('cur_file') + useEffect(() => { + if (!reviewPanelOpen) { + // Always show current file when not open, but save current state + setSubView(prevState => { + openSubView.current = prevState + return 'cur_file' + }) + } else { + // Reset back to what we had when previously open + setSubView(openSubView.current) + } + handleLayoutChange({ async: true, animate: false }) + }, [reviewPanelOpen]) + + const canRefreshRanges = useRef(false) + useEffect(() => { + if (subView === 'overview' && canRefreshRanges.current) { + canRefreshRanges.current = false + + setIsOverviewLoading(true) + refreshRanges().finally(() => { + setIsOverviewLoading(false) + }) + } + }, [subView, refreshRanges]) + + const prevSubView = useRef(subView) + const initializedPrevSubView = useRef(false) + useEffect(() => { + // Prevent setting a computed value for `prevSubView` on mount + if (!initializedPrevSubView.current) { + initializedPrevSubView.current = true + return + } + prevSubView.current = subView === 'cur_file' ? 'overview' : 'cur_file' + // Allow refreshing ranges once for each `subView` change + canRefreshRanges.current = true + }, [subView]) + + useEffect(() => { + if (subView === 'cur_file' && prevSubView.current === 'overview') { + dispatchReviewPanelEvent('overview-closed', subView) + } + }, [subView]) + + useEffect(() => { + if (Object.keys(users).length) { + handleLayoutChange({ async: true }) + } + }, [users]) + + const values = useMemo( + () => ({ + collapsed, + commentThreads, + entries, + isAddingComment, + loadingThreads, + nVisibleSelectedChanges, + permissions, + users, + resolvedComments, + shouldCollapse, + navHeight, + toolbarHeight, + subView, + wantTrackChanges, + isOverviewLoading, + openDocId: currentDocumentId, + lineHeight, + trackChangesState, + trackChangesOnForEveryone, + trackChangesOnForGuests, + trackChangesForGuestsAvailable, + formattedProjectMembers, + layoutSuspended, + unsavedComment, + layoutToLeft, + }), + [ + collapsed, + commentThreads, + entries, + isAddingComment, + loadingThreads, + nVisibleSelectedChanges, + permissions, + users, + resolvedComments, + shouldCollapse, + navHeight, + toolbarHeight, + subView, + wantTrackChanges, + isOverviewLoading, + currentDocumentId, + lineHeight, + trackChangesState, + trackChangesOnForEveryone, + trackChangesOnForGuests, + trackChangesForGuestsAvailable, + formattedProjectMembers, + layoutSuspended, + unsavedComment, + layoutToLeft, + ] + ) + + const updaterFns = useMemo( + () => ({ + handleSetSubview, + handleLayoutChange, + gotoEntry, + resolveComment, + submitReply, + acceptChanges, + rejectChanges, + toggleReviewPanel, + bulkAcceptActions, + bulkRejectActions, + saveEdit, + submitNewComment, + deleteComment, + unresolveComment, + refreshResolvedCommentsDropdown: refreshRanges, + deleteThread, + toggleTrackChangesForEveryone, + toggleTrackChangesForUser, + toggleTrackChangesForGuests, + setCollapsed, + setShouldCollapse, + setIsAddingComment, + setNavHeight, + setToolbarHeight, + setLayoutSuspended, + setUnsavedComment, + }), + [ + handleSetSubview, + gotoEntry, + resolveComment, + submitReply, + acceptChanges, + rejectChanges, + toggleReviewPanel, + bulkAcceptActions, + bulkRejectActions, + saveEdit, + submitNewComment, + deleteComment, + unresolveComment, + refreshRanges, + deleteThread, + toggleTrackChangesForEveryone, + toggleTrackChangesForUser, + toggleTrackChangesForGuests, + setCollapsed, + setShouldCollapse, + setIsAddingComment, + setNavHeight, + setToolbarHeight, + setLayoutSuspended, + setUnsavedComment, + ] + ) + + return { values, updaterFns } +} + +export default useReviewPanelState diff --git a/overleafserver/ldap/frontend/js/features/source-editor/hooks/use-codemirror-scope.ts b/overleafserver/ldap/frontend/js/features/source-editor/hooks/use-codemirror-scope.ts new file mode 100644 index 0000000..689847c --- /dev/null +++ b/overleafserver/ldap/frontend/js/features/source-editor/hooks/use-codemirror-scope.ts @@ -0,0 +1,533 @@ +import { useCallback, useEffect, useRef } from 'react' +import { EditorState } from '@codemirror/state' +import useScopeValue from '../../../shared/hooks/use-scope-value' +import useScopeEventEmitter from '../../../shared/hooks/use-scope-event-emitter' +import useEventListener from '../../../shared/hooks/use-event-listener' +import useScopeEventListener from '../../../shared/hooks/use-scope-event-listener' +import { createExtensions } from '../extensions' +import { + lineHeights, + setEditorTheme, + setOptionsTheme, +} from '../extensions/theme' +import { + restoreCursorPosition, + setCursorLineAndScroll, + setCursorPositionAndScroll, +} from '../extensions/cursor-position' +import { + setAnnotations, + showCompileLogDiagnostics, +} from '../extensions/annotations' +import { useDetachCompileContext as useCompileContext } from '../../../shared/context/detach-compile-context' +import { setCursorHighlights } from '../extensions/cursor-highlights' +import { + setLanguage, + setMetadata, + setSyntaxValidation, +} from '../extensions/language' +import { restoreScrollPosition } from '../extensions/scroll-position' +import { setEditable } from '../extensions/editable' +import { useFileTreeData } from '../../../shared/context/file-tree-data-context' +import { setAutoPair } from '../extensions/auto-pair' +import { setAutoComplete } from '../extensions/auto-complete' +import { usePhrases } from './use-phrases' +import { setPhrases } from '../extensions/phrases' +import { + addLearnedWord, + removeLearnedWord, + resetLearnedWords, + setSpelling, +} from '../extensions/spelling' +import { + createChangeManager, + dispatchEditorEvent, + reviewPanelToggled, +} from '../extensions/changes/change-manager' +import { setKeybindings } from '../extensions/keybindings' +import { Highlight } from '../../../../../types/highlight' +import { EditorView } from '@codemirror/view' +import { useErrorHandler } from 'react-error-boundary' +import { setVisual } from '../extensions/visual/visual' +import { useFileTreePathContext } from '@/features/file-tree/contexts/file-tree-path' +import { useUserSettingsContext } from '@/shared/context/user-settings-context' +import { setDocName } from '@/features/source-editor/extensions/doc-name' +import isValidTexFile from '@/main/is-valid-tex-file' +import { captureException } from '@/infrastructure/error-reporter' +import grammarlyExtensionPresent from '@/shared/utils/grammarly' +import { DocumentContainer } from '@/features/ide-react/editor/document-container' +import { useLayoutContext } from '@/shared/context/layout-context' +import { debugConsole } from '@/utils/debugging' +import { useMetadataContext } from '@/features/ide-react/context/metadata-context' +import { useUserContext } from '@/shared/context/user-context' + +function useCodeMirrorScope(view: EditorView) { + const { fileTreeData } = useFileTreeData() + + const [permissions] = useScopeValue<{ write: boolean }>('permissions') + + // set up scope listeners + + const { logEntryAnnotations, editedSinceCompileStarted, compiling } = + useCompileContext() + + const { reviewPanelOpen, miniReviewPanelVisible } = useLayoutContext() + + const metadata = useMetadataContext() + + const [loadingThreads] = useScopeValue('loadingThreads') + + const [currentDoc] = useScopeValue( + 'editor.sharejs_doc' + ) + const [docName] = useScopeValue('editor.open_doc_name') + const [trackChanges] = useScopeValue('editor.trackChanges') + + const { id: userId } = useUserContext() + const { userSettings } = useUserSettingsContext() + const { + fontFamily, + fontSize, + lineHeight, + overallTheme, + autoComplete, + editorTheme, + autoPairDelimiters, + mode, + syntaxValidation, + } = userSettings + + const [cursorHighlights] = useScopeValue>( + 'onlineUserCursorHighlights' + ) + + const [spellCheckLanguage] = useScopeValue( + 'project.spellCheckLanguage' + ) + + const [visual] = useScopeValue('editor.showVisual') + + const [references] = useScopeValue<{ keys: string[] }>('$root._references') + + // build the translation phrases + const phrases = usePhrases() + + const phrasesRef = useRef(phrases) + + // initialise the local state + + const themeRef = useRef({ + fontFamily, + fontSize, + lineHeight, + overallTheme, + editorTheme, + }) + + useEffect(() => { + themeRef.current = { + fontFamily, + fontSize, + lineHeight, + overallTheme, + editorTheme, + } + + view.dispatch( + setOptionsTheme({ + fontFamily, + fontSize, + lineHeight, + overallTheme, + }) + ) + + setEditorTheme(editorTheme).then(spec => { + view.dispatch(spec) + }) + }, [view, fontFamily, fontSize, lineHeight, overallTheme, editorTheme]) + + const settingsRef = useRef({ + autoComplete, + autoPairDelimiters, + mode, + syntaxValidation, + }) + + const currentDocRef = useRef({ + currentDoc, + trackChanges, + loadingThreads, + }) + + useEffect(() => { + if (currentDoc) { + currentDocRef.current.currentDoc = currentDoc + } + }, [view, currentDoc]) + + const docNameRef = useRef(docName) + + useEffect(() => { + currentDocRef.current.loadingThreads = loadingThreads + }, [view, loadingThreads]) + + useEffect(() => { + currentDocRef.current.trackChanges = trackChanges + + if (currentDoc) { + if (trackChanges) { + currentDoc.track_changes_as = userId || 'anonymous-user' + } else { + currentDoc.track_changes_as = null + } + } + }, [userId, currentDoc, trackChanges]) + + useEffect(() => { + if (lineHeight && fontSize) { + dispatchEditorEvent('line-height', lineHeights[lineHeight] * fontSize) + } + }, [lineHeight, fontSize]) + + const spellingRef = useRef({ + spellCheckLanguage, + }) + + useEffect(() => { + spellingRef.current = { + spellCheckLanguage, + } + view.dispatch(setSpelling(spellingRef.current)) + }, [view, spellCheckLanguage]) + + // listen to doc:after-opened, and focus the editor + useEffect(() => { + const listener = () => { + scheduleFocus(view) + } + window.addEventListener('doc:after-opened', listener) + return () => window.removeEventListener('doc:after-opened', listener) + }, [view]) + + // set the project metadata, mostly for use in autocomplete + // TODO: read this data from the scope? + const metadataRef = useRef({ + ...metadata, + references: references.keys, + fileTreeData, + }) + + // listen to project metadata (commands, labels and package names) updates + useEffect(() => { + metadataRef.current = { ...metadataRef.current, ...metadata } + view.dispatch(setMetadata(metadataRef.current)) + }, [view, metadata]) + + // listen to project reference keys updates + useEffect(() => { + const listener = (event: Event) => { + metadataRef.current.references = (event as CustomEvent).detail + view.dispatch(setMetadata(metadataRef.current)) + } + window.addEventListener('project:references', listener) + return () => window.removeEventListener('project:references', listener) + }, [view]) + + // listen to project root folder updates + useEffect(() => { + if (fileTreeData) { + metadataRef.current.fileTreeData = fileTreeData + view.dispatch(setMetadata(metadataRef.current)) + } + }, [view, fileTreeData]) + + const editableRef = useRef(permissions.write) + + const { previewByPath } = useFileTreePathContext() + + const showVisual = visual && isValidTexFile(docName) + + const visualRef = useRef({ + previewByPath, + visual: showVisual, + }) + + const handleError = useErrorHandler() + + const handleException = useCallback((exception: any) => { + captureException(exception, { + tags: { + handler: 'cm6-exception', + // which editor mode is active ('visual' | 'code') + ol_editor_mode: visualRef.current.visual ? 'visual' : 'code', + // which editor keybindings are active ('default' | 'vim' | 'emacs') + ol_editor_keybindings: settingsRef.current.mode, + // whether Writefull is present ('extension' | 'integration' | 'none') + ol_extensions_writefull: window.writefull?.type ?? 'none', + // whether Grammarly is present + ol_extensions_grammarly: grammarlyExtensionPresent(), + }, + }) + }, []) + + // create a new state when currentDoc changes + + useEffect(() => { + if (currentDoc) { + debugConsole.log('creating new editor state') + + const state = EditorState.create({ + doc: currentDoc.getSnapshot(), + extensions: createExtensions({ + currentDoc: { + ...currentDocRef.current, + currentDoc, + }, + docName: docNameRef.current, + theme: themeRef.current, + metadata: metadataRef.current, + settings: settingsRef.current, + phrases: phrasesRef.current, + spelling: spellingRef.current, + visual: visualRef.current, + changeManager: createChangeManager(view, currentDoc), + handleError, + handleException, + }), + }) + view.setState(state) + + // synchronous config + view.dispatch( + restoreCursorPosition(state.doc, currentDoc.doc_id), + setEditable(editableRef.current), + setOptionsTheme(themeRef.current) + ) + + // asynchronous config + setEditorTheme(themeRef.current.editorTheme).then(spec => { + view.dispatch(spec) + }) + + setKeybindings(settingsRef.current.mode).then(spec => { + view.dispatch(spec) + }) + + if (!visualRef.current.visual) { + window.setTimeout(() => { + view.dispatch(restoreScrollPosition()) + view.focus() + }) + } + } + // IMPORTANT: This effect must not depend on anything variable apart from currentDoc, + // as the editor state is recreated when the effect runs. + }, [view, currentDoc, handleError, handleException]) + + useEffect(() => { + if (docName) { + docNameRef.current = docName + + view.dispatch( + setDocName(docNameRef.current), + setLanguage( + docNameRef.current, + metadataRef.current, + settingsRef.current.syntaxValidation + ) + ) + } + }, [view, docName]) + + useEffect(() => { + visualRef.current.visual = showVisual + view.dispatch(setVisual(visualRef.current)) + view.dispatch({ + effects: EditorView.scrollIntoView(view.state.selection.main.head), + }) + // clear performance measures and marks when switching between Source and Rich Text + window.dispatchEvent(new Event('editor:visual-switch')) + }, [view, showVisual]) + + useEffect(() => { + visualRef.current.previewByPath = previewByPath + view.dispatch(setVisual(visualRef.current)) + }, [view, previewByPath]) + + useEffect(() => { + editableRef.current = permissions.write + view.dispatch(setEditable(editableRef.current)) // the editor needs to be locked when there's a problem saving data + }, [view, permissions.write]) + + useEffect(() => { + phrasesRef.current = phrases + view.dispatch(setPhrases(phrases)) + }, [view, phrases]) + + // listen to editor settings updates + useEffect(() => { + settingsRef.current.autoPairDelimiters = autoPairDelimiters + view.dispatch(setAutoPair(autoPairDelimiters)) + }, [view, autoPairDelimiters]) + + useEffect(() => { + settingsRef.current.autoComplete = autoComplete + view.dispatch(setAutoComplete(autoComplete)) + }, [view, autoComplete]) + + useEffect(() => { + settingsRef.current.mode = mode + setKeybindings(mode).then(spec => { + view.dispatch(spec) + }) + }, [view, mode]) + + useEffect(() => { + settingsRef.current.syntaxValidation = syntaxValidation + view.dispatch(setSyntaxValidation(syntaxValidation)) + }, [view, syntaxValidation]) + + const emitSyncToPdf = useScopeEventEmitter('cursor:editor:syncToPdf') + + const handleGoToLine = useCallback( + (event, lineNumber, columnNumber, syncToPdf) => { + setCursorLineAndScroll(view, lineNumber, columnNumber) + if (syncToPdf) { + emitSyncToPdf() + } + }, + [emitSyncToPdf, view] + ) + + // select and scroll to position on editor:gotoLine event (from synctex) + useScopeEventListener('editor:gotoLine', handleGoToLine) + + const handleGoToOffset = useCallback( + (event, offset) => { + setCursorPositionAndScroll(view, offset) + }, + [view] + ) + + // select and scroll to position on editor:gotoOffset event (from review panel) + useScopeEventListener('editor:gotoOffset', handleGoToOffset) + + // dispatch 'cursor:editor:update' to Angular scope (for synctex and realtime) + const dispatchCursorUpdate = useScopeEventEmitter('cursor:editor:update') + + const handleCursorUpdate = useCallback( + (event: CustomEvent) => { + dispatchCursorUpdate(event.detail) + }, + [dispatchCursorUpdate] + ) + + // listen for 'cursor:editor:update' events from CodeMirror, and dispatch them to Angular + useEventListener('cursor:editor:update', handleCursorUpdate) + + // dispatch 'cursor:editor:update' to Angular scope (for outline) + const dispatchScrollUpdate = useScopeEventEmitter('scroll:editor:update') + + const handleScrollUpdate = useCallback( + (event: CustomEvent) => { + dispatchScrollUpdate(event.detail) + }, + [dispatchScrollUpdate] + ) + + // listen for 'cursor:editor:update' events from CodeMirror, and dispatch them to Angular + useEventListener('scroll:editor:update', handleScrollUpdate) + + // enable the compile log linter a) when "Code Check" is off, b) when the project hasn't changed and isn't compiling. + // the project "changed at" date is reset at the start of the compile, i.e. "the project hasn't changed", + // but we don't want to display the compile log diagnostics from the previous compile. + const enableCompileLogLinter = + !syntaxValidation || (!editedSinceCompileStarted && !compiling) + + // store enableCompileLogLinter in a ref for use in useEffect + const enableCompileLogLinterRef = useRef(enableCompileLogLinter) + + useEffect(() => { + enableCompileLogLinterRef.current = enableCompileLogLinter + }, [enableCompileLogLinter]) + + // enable/disable the compile log linter as appropriate + useEffect(() => { + // dispatch in a timeout, so the dispatch isn't in the same cycle as the edit which caused it + window.setTimeout(() => { + view.dispatch(showCompileLogDiagnostics(enableCompileLogLinter)) + }, 0) + }, [view, enableCompileLogLinter]) + + // set the compile log annotations when they change + useEffect(() => { + if (currentDoc && logEntryAnnotations) { + const annotations = logEntryAnnotations[currentDoc.doc_id] + + // dispatch in a timeout, so the dispatch isn't in the same cycle as the edit which caused it + window.setTimeout(() => { + view.dispatch( + setAnnotations(view.state.doc, annotations || []), + // reconfigure the compile log lint source, so it runs once with the new data + showCompileLogDiagnostics(enableCompileLogLinterRef.current) + ) + }) + } + }, [view, currentDoc, logEntryAnnotations]) + + const highlightsRef = useRef<{ cursorHighlights: Highlight[] }>({ + cursorHighlights: [], + }) + + useEffect(() => { + if (cursorHighlights && currentDoc) { + const items = cursorHighlights[currentDoc.doc_id] + highlightsRef.current.cursorHighlights = items + window.setTimeout(() => { + view.dispatch(setCursorHighlights(items)) + }) + } + }, [view, cursorHighlights, currentDoc]) + + const handleAddLearnedWords = useCallback( + (event: CustomEvent) => { + // If the word addition is from adding the word to the dictionary via the + // editor, there will be a transaction running now so wait for that to + // finish before starting a new one + window.setTimeout(() => { + view.dispatch(addLearnedWord(spellCheckLanguage, event.detail)) + }, 0) + }, + [spellCheckLanguage, view] + ) + + useEventListener('learnedWords:add', handleAddLearnedWords) + + const handleRemoveLearnedWords = useCallback( + (event: CustomEvent) => { + view.dispatch(removeLearnedWord(spellCheckLanguage, event.detail)) + }, + [spellCheckLanguage, view] + ) + + useEventListener('learnedWords:remove', handleRemoveLearnedWords) + + const handleResetLearnedWords = useCallback(() => { + view.dispatch(resetLearnedWords()) + }, [view]) + + useEventListener('learnedWords:reset', handleResetLearnedWords) + + useEffect(() => { + view.dispatch(reviewPanelToggled()) + }, [reviewPanelOpen, miniReviewPanelVisible, view]) +} + +export default useCodeMirrorScope + +const scheduleFocus = (view: EditorView) => { + window.setTimeout(() => { + view.focus() + }, 0) +} diff --git a/overleafserver/ldap/index.js b/overleafserver/ldap/index.js new file mode 100644 index 0000000..deb083b --- /dev/null +++ b/overleafserver/ldap/index.js @@ -0,0 +1,27 @@ +const { initLdapAuthentication } = require('./app/src/InitLdapAuthentication') +const { fetchLdapContacts } = require('./app/src/LdapContacts') +const { addLdapStrategy } = require('./app/src/LdapStrategy') + +initLdapAuthentication() + +module.exports = { + name: 'ldap-authentication', + hooks: { + passportSetup: function (passport, callback) { + try { + addLdapStrategy(passport) + callback(null) + } catch (error) { + callback(error) + } + }, + getContacts: async function (userId, contacts, callback) { + try { + const newLdapContacts = await fetchLdapContacts(userId, contacts) + callback(null, newLdapContacts) + } catch (error) { + callback(error) + } + }, + } +} diff --git a/overleafserver/ldap/locales/en.json b/overleafserver/ldap/locales/en.json new file mode 100644 index 0000000..d0cc2a3 --- /dev/null +++ b/overleafserver/ldap/locales/en.json @@ -0,0 +1,2400 @@ +{ + "12x_basic": "12x Basic", + "1_2_width": "½ width", + "1_4_width": "¼ width", + "3_4_width": "¾ width", + "About": "About", + "Account": "Account", + "Account Settings": "Account Settings", + "Documentation": "Documentation", + "Projects": "Projects", + "Security": "Security", + "Subscription": "Subscription", + "Terms": "Terms", + "Universities": "Universities", + "a_custom_size_has_been_used_in_the_latex_code": "A custom size has been used in the LaTeX code.", + "a_fatal_compile_error_that_completely_blocks_compilation": "A <0>fatal compile error that completely blocks the compilation.", + "a_file_with_that_name_already_exists_and_will_be_overriden": "A file with that name already exists. That file will be overwritten.", + "a_more_comprehensive_list_of_keyboard_shortcuts": "A more comprehensive list of keyboard shortcuts can be found in <0>this __appName__ project template", + "about": "About", + "about_to_archive_projects": "You are about to archive the following projects:", + "about_to_delete_cert": "You are about to delete the following certificate:", + "about_to_delete_projects": "You are about to delete the following projects:", + "about_to_delete_tag": "You are about to delete the following tag (any projects in them will not be deleted):", + "about_to_delete_the_following_project": "You are about to delete the following project", + "about_to_delete_the_following_projects": "You are about to delete the following projects", + "about_to_delete_user_preamble": "You’re about to delete __userName__ (__userEmail__). Doing this will mean:", + "about_to_enable_managed_users": "By enabling the Managed Users feature, all existing members of your group subscription will be invited to become managed. This will give you admin rights over their account. You will also have the option to invite new members to join the subscription and become managed.", + "about_to_leave_projects": "You are about to leave the following projects:", + "about_to_trash_projects": "You are about to trash the following projects:", + "abstract": "Abstract", + "accept": "Accept", + "accept_all": "Accept all", + "accept_and_continue": "Accept and continue", + "accept_invitation": "Accept invitation", + "accept_or_reject_each_changes_individually": "Accept or reject each change individually", + "accept_terms_and_conditions": "Accept terms and conditions", + "accepted_invite": "Accepted invite", + "accepting_invite_as": "You are accepting this invite as", + "access_denied": "Access Denied", + "account": "Account", + "account_has_been_link_to_institution_account": "Your __appName__ account on __email__ has been linked to your __institutionName__ institutional account.", + "account_has_past_due_invoice_change_plan_warning": "Your account currently has a past due invoice. You will not be able to change your plan until this is resolved.", + "account_linking": "Account Linking", + "account_managed_by_group_administrator": "Your account is managed by your group administrator (__admin__)", + "account_not_linked_to_dropbox": "Your account is not linked to Dropbox", + "account_settings": "Account Settings", + "account_with_email_exists": "It looks like an __appName__ account with the email __email__ already exists.", + "acct_linked_to_institution_acct_2": "You can <0>log in to Overleaf through your <0>__institutionName__ institutional login.", + "actions": "Actions", + "activate": "Activate", + "activate_account": "Activate your account", + "activating": "Activating", + "activation_token_expired": "Your activation token has expired, you will need to get another one sent to you.", + "active": "Active", + "add": "Add", + "add_a_recovery_email_address": "Add a recovery email address", + "add_additional_certificate": "Add another certificate", + "add_affiliation": "Add Affiliation", + "add_another_address_line": "Add another address line", + "add_another_email": "Add another email", + "add_another_token": "Add another token", + "add_comma_separated_emails_help": "Separate multiple email addresses using the comma (,) character.", + "add_comment": "Add comment", + "add_company_details": "Add Company Details", + "add_email": "Add Email", + "add_email_address": "Add email address", + "add_email_to_claim_features": "Add an institutional email address to claim your features.", + "add_files": "Add Files", + "add_more_collaborators": "Add more collaborators", + "add_more_managers": "Add more managers", + "add_more_members": "Add more members", + "add_new_email": "Add new email", + "add_or_remove_project_from_tag": "Add or remove project from tag __tagName__", + "add_people": "Add people", + "add_role_and_department": "Add role and department", + "add_to_tag": "Add to tag", + "add_your_comment_here": "Add your comment here", + "add_your_first_group_member_now": "Add your first group members now", + "added": "added", + "added_by_on": "Added by __name__ on __date__", + "adding": "Adding", + "adding_a_bibliography": "Adding a bibliography?", + "additional_certificate": "Additional certificate", + "additional_licenses": "Your subscription includes <0>__additionalLicenses__ additional license(s) for a total of <1>__totalLicenses__ licenses.", + "address": "Address", + "address_line_1": "Address", + "address_second_line_optional": "Address second line (optional)", + "adjust_column_width": "Adjust column width", + "admin": "admin", + "admin_user_created_message": "Created admin user, Log in here to continue", + "advanced_reference_search": "Advanced <0>reference search", + "advanced_search": "Advanced Search", + "aggregate_changed": "Changed", + "aggregate_to": "to", + "agree_with_the_terms": "I agree with the Overleaf terms", + "ai_can_make_mistakes": "AI can make mistakes. Review fixes before you apply them.", + "ai_feedback_do_you_have_any_thoughts_or_suggestions": "Do you have any thoughts or suggestions for improving this feature?", + "ai_feedback_tell_us_what_was_wrong_so_we_can_improve": "Tell us what was wrong so we can improve.", + "ai_feedback_the_answer_was_too_long": "The answer was too long", + "ai_feedback_the_answer_wasnt_detailed_enough": "The answer wasn’t detailed enough", + "ai_feedback_the_suggestion_didnt_fix_the_error": "The suggestion didn’t fix the error", + "ai_feedback_the_suggestion_wasnt_the_best_fix_available": "The suggestion wasn’t the best fix available", + "ai_feedback_there_was_no_code_fix_suggested": "There was no code fix suggested", + "alignment": "Alignment", + "all": "All", + "all_borders": "All borders", + "all_our_group_plans_offer_educational_discount": "All of our <0>group plans offer an <1>educational discount for students and faculty", + "all_premium_features": "All premium features", + "all_premium_features_including": "All premium features, including:", + "all_prices_displayed_are_in_currency": "All prices displayed are in __recommendedCurrency__.", + "all_projects": "All Projects", + "all_projects_will_be_transferred_immediately": "All projects will be transferred to the new owner immediately.", + "all_templates": "All Templates", + "all_the_pros_of_our_standard_plan_plus_unlimited_collab": "All the pros of our standard plan, plus unlimited collaborators per project.", + "all_these_experiments_are_available_exclusively": "All these experiments are available exclusively to members of the Labs program. If you sign up, you can choose which experiments you want to try.", + "already_have_an_account": "Already have an account?", + "already_have_sl_account": "Already have an __appName__ account?", + "already_subscribed_try_refreshing_the_page": "Already subscribed? Try refreshing the page.", + "also": "Also", + "also_available_as_on_premises": "Also available as On-Premises", + "alternatively_create_new_institution_account": "Alternatively, you can create a new account with your institution email (__email__) by clicking __clickText__.", + "alternatively_create_local_admin_account": "Alternatively, you can create __appName__ local admin account.", + "an_email_has_already_been_sent_to": "An email has already been sent to <0>__email__. Please wait and try again later.", + "an_error_occurred_when_verifying_the_coupon_code": "An error occurred when verifying the coupon code", + "and": "and", + "annual": "Annual", + "anonymous": "Anonymous", + "anyone_with_link_can_edit": "Anyone with this link can edit this project", + "anyone_with_link_can_view": "Anyone with this link can view this project", + "app_on_x": "__appName__ on __social__", + "apply_educational_discount": "Apply educational discount", + "apply_educational_discount_info": "Overleaf offers a 40% educational discount for groups of 10 or more. Applies to students or faculty using Overleaf for teaching.", + "apply_suggestion": "Apply suggestion", + "april": "April", + "archive": "Archive", + "archive_projects": "Archive Projects", + "archived": "Archived", + "archived_projects": "Archived Projects", + "archiving_projects_wont_affect_collaborators": "Archiving projects won’t affect your collaborators.", + "are_you_affiliated_with_an_institution": "Are you affiliated with an institution?", + "are_you_getting_an_undefined_control_sequence_error": "Are you getting an Undefined Control Sequence error? If you are, make sure you’ve loaded the graphicx package—<0>\\usepackage{graphicx}—in the preamble (first section of code) in your document. <1>Learn more", + "are_you_still_at": "Are you still at <0>__institutionName__?", + "are_you_sure": "Are you sure?", + "article": "Article", + "articles": "Articles", + "as_a_member_of_sso_required": "As a member of __institutionName__, you must log in to __appName__ through your institution.", + "as_email": "as __email__", + "ascending": "Ascending", + "ask_proj_owner_to_unlink_from_current_github": "Ask the owner of the project (<0>__projectOwnerEmail__) to unlink the project from the current GitHub repository and create a connection to a different repository.", + "ask_proj_owner_to_upgrade_for_full_history": "Please ask the project owner to upgrade to access this project’s full history.", + "ask_proj_owner_to_upgrade_for_references_search": "Please ask the project owner to upgrade to use the References Search feature.", + "ask_repo_owner_to_reconnect": "Ask the GitHub repository owner (<0>__repoOwnerEmail__) to reconnect the project.", + "ask_repo_owner_to_renew_overleaf_subscription": "Ask the GitHub repository owner (<0>__repoOwnerEmail__) to renew their __appName__ subscription and reconnect the project.", + "august": "August", + "author": "Author", + "auto_close_brackets": "Auto-close Brackets", + "auto_compile": "Auto Compile", + "auto_complete": "Auto-complete", + "autocompile_disabled": "Autocompile disabled", + "autocompile_disabled_reason": "Due to high server load, background recompilation has been temporarily disabled. Please recompile by clicking the button above.", + "autocomplete": "Autocomplete", + "autocomplete_references": "Reference Autocomplete (inside a \\cite{} block)", + "automatic_user_registration": "automatic user registration", + "back": "Back", + "back_to_account_settings": "Back to account settings", + "back_to_configuration": "Back to configuration", + "back_to_editor": "Back to editor", + "back_to_log_in": "Back to log in", + "back_to_subscription": "Back to Subscription", + "back_to_your_projects": "Back to your projects", + "basic": "Basic", + "basic_compile_timeout_on_fast_servers": "Basic compile timeout on fast servers", + "become_an_advisor": "Become an __appName__ advisor", + "before_you_use_the_ai_error_assistant": "Before you use the AI error assistant", + "best_choices_companies_universities_non_profits": "Best choice for companies, universities and non-profits", + "beta": "Beta", + "beta_feature_badge": "Beta feature badge", + "beta_program_already_participating": "You are enrolled in the Beta Program", + "beta_program_badge_description": "While using __appName__, you will see beta features marked with this badge:", + "beta_program_benefits": "We’re always improving __appName__. By joining this program you can have <0>early access to new features and help us understand your needs better.", + "beta_program_not_participating": "You are not enrolled in the Beta Program", + "beta_program_opt_in_action": "Opt-In to Beta Program", + "beta_program_opt_out_action": "Opt-Out of Beta Program", + "better_bibliographies": "Better bibliographies", + "bibliographies": "Bibliographies", + "binary_history_error": "Preview not available for this file type", + "blank_project": "Blank Project", + "blocked_filename": "This file name is blocked.", + "blog": "Blog", + "brl_discount_offer_plans_page_banner": "__flag__ Great news! We’ve applied a 50% discount to premium plans on this page for our users in Brazil. Check out the new lower prices.", + "browser": "Browser", + "built_in": "Built-In", + "bulk_accept_confirm": "Are you sure you want to accept the selected __nChanges__ changes?", + "bulk_reject_confirm": "Are you sure you want to reject the selected __nChanges__ changes?", + "buy_now_no_exclamation_mark": "Buy now", + "by": "by", + "by_joining_labs": "By joining Labs, you agree to receive occasional emails and updates from Overleaf—for example, to request your feedback. You also agree to our <0>terms of service and <1>privacy notice.", + "by_registering_you_agree_to_our_terms_of_service": "By registering, you agree to our <0>terms of service and <1>privacy notice.", + "by_subscribing_you_agree_to_our_terms_of_service": "By subscribing, you agree to our <0>terms of service.", + "can_edit": "Can edit", + "can_link_institution_email_acct_to_institution_acct": "You can now link your __email__ __appName__ account to your __institutionName__ institutional account.", + "can_link_institution_email_by_clicking": "You can link your __email__ __appName__ account to your __institutionName__ account by clicking __clickText__.", + "can_link_institution_email_to_login": "You can link your __email__ __appName__ account to your __institutionName__ account, which will allow you to log in to __appName__ through your institution and will reconfirm your institutional email address.", + "can_link_your_institution_acct_2": "You can now <0>link your <0>__appName__ account to your <0>__institutionName__ institutional account.", + "can_now_relink_dropbox": "You can now <0>relink your Dropbox account.", + "can_view": "Can view", + "cancel": "Cancel", + "cancel_anytime": "We’re confident that you’ll love __appName__, but if not you can cancel anytime. We’ll give you your money back, no questions asked, if you let us know within 30 days.", + "cancel_my_account": "Cancel my subscription", + "cancel_my_subscription": "Cancel my subscription", + "cancel_personal_subscription_first": "You already have an individual subscription, would you like us to cancel this first before joining the group licence?", + "cancel_your_subscription": "Cancel Your Subscription", + "cannot_invite_non_user": "Can’t send invite. Recipient must already have an __appName__ account", + "cannot_invite_self": "Can’t send invite to yourself", + "cannot_verify_user_not_robot": "Sorry, we could not verify that you are not a robot. Please check that Google reCAPTCHA is not being blocked by an ad blocker or firewall.", + "cant_find_email": "That email address is not registered, sorry.", + "cant_find_page": "Sorry, we can’t find the page you are looking for.", + "cant_see_what_youre_looking_for_question": "Can’t see what you’re looking for?", + "caption_above": "Caption above", + "caption_below": "Caption below", + "card_details": "Card details", + "card_details_are_not_valid": "Card details are not valid", + "card_must_be_authenticated_by_3dsecure": "Your card must be authenticated with 3D Secure before continuing", + "card_payment": "Card payment", + "careers": "Careers", + "category_arrows": "Arrows", + "category_greek": "Greek", + "category_misc": "Misc", + "category_operators": "Operators", + "category_relations": "Relations", + "center": "Center", + "certificate": "Certificate", + "change": "Change", + "change_currency": "Change currency", + "change_or_cancel-cancel": "cancel", + "change_or_cancel-change": "Change", + "change_or_cancel-or": "or", + "change_owner": "Change owner", + "change_password": "Change Password", + "change_password_in_account_settings": "Change password in Account Settings", + "change_plan": "Change plan", + "change_primary_email_address_instructions": "To change your primary email, please add your new primary email address first (by clicking <0>Add another email) and confirm it. Then click the <0>Make Primary button. <1>Learn more about managing your __appName__ emails.", + "change_project_owner": "Change Project Owner", + "change_the_ownership_of_your_personal_projects": "Change the ownership of your personal projects to the new account. <0>Find out how to change project owner.", + "change_to_group_plan": "Change to a group plan", + "change_to_this_plan": "Change to this plan", + "changing_the_position_of_your_figure": "Changing the position of your figure", + "changing_the_position_of_your_table": "Changing the position of your table", + "chat": "Chat", + "chat_error": "Could not load chat messages, please try again.", + "check_your_email": "Check your email", + "checking": "Checking", + "checking_dropbox_status": "Checking Dropbox status", + "checking_project_github_status": "Checking project status in GitHub", + "choose_a_custom_color": "Choose a custom color", + "choose_from_group_members": "Choose from group members", + "choose_which_experiments": "Choose which experiments you’d like to try.", + "choose_your_plan": "Choose your plan", + "city": "City", + "clear_cached_files": "Clear cached files", + "clear_search": "clear search", + "clear_sessions": "Clear Sessions", + "clear_sessions_description": "This is a list of other sessions (logins) which are active on your account, not including your current session. Click the \"Clear Sessions\" button below to log them out.", + "clear_sessions_success": "Sessions Cleared", + "clearing": "Clearing", + "click_here_to_view_sl_in_lng": "Click here to use __appName__ in <0>__lngName__", + "click_link_to_proceed": "Click __clickText__ below to proceed.", + "clicking_delete_will_remove_sso_config_and_clear_saml_data": "Clicking <0>Delete will remove your SSO configuration and unlink all users. You can only do this when SSO is disabled in your Group settings.", + "clone_with_git": "Clone with Git", + "close": "Close", + "clsi_maintenance": "The compile servers are down for maintenance, and will be back shortly.", + "clsi_unavailable": "Sorry, the compile server for your project was temporarily unavailable. Please try again in a few moments.", + "cn": "Chinese (Simplified)", + "code_check_failed": "Code check failed", + "code_check_failed_explanation": "Your code has errors that need to be fixed before the auto-compile can run", + "code_editor": "Code Editor", + "collaborate_easily_on_your_projects": "Collaborate easily on your projects. Work on longer or more complex docs.", + "collaborate_online_and_offline": "Collaborate online and offline, using your own workflow", + "collaboration": "Collaboration", + "collaborator": "Collaborator", + "collabratec_account_not_registered": "IEEE Collabratec™ account not registered. Please connect to Overleaf from IEEE Collabratec™ or log in with a different account.", + "collabs_per_proj": "__collabcount__ collaborators per project", + "collabs_per_proj_single": "__collabcount__ collaborator per project", + "collapse": "Collapse", + "column_width": "Column width", + "column_width_is_custom_click_to_resize": "Column width is custom. Click to resize", + "column_width_is_x_click_to_resize": "Column width is __width__. Click to resize", + "comment": "Comment", + "comment_submit_error": "Sorry, there was a problem submitting your comment", + "commit": "Commit", + "common": "Common", + "common_causes_of_compile_timeouts_include": "Common causes of compile timeouts include", + "commons_plan_tooltip": "You’re on the __plan__ plan because of your affiliation with __institution__. Click to find out how to make the most of your Overleaf premium features.", + "compact": "Compact", + "company_name": "Company Name", + "compare": "Compare", + "compare_features": "Compare features", + "comparing_from_x_to_y": "Comparing from <0>__startTime__ to <0>__endTime__", + "compile_error_entry_description": "An error which prevented this project from compiling", + "compile_error_handling": "Compile Error Handling", + "compile_larger_projects": "Compile larger projects", + "compile_mode": "Compile Mode", + "compile_servers": "Compile servers", + "compile_servers_info": "Compiles for users on premium plans always run on a dedicated pool of the fastest available servers.", + "compile_servers_info_new": "The servers used to compile your project. Compiles for users on paid plans always run on the fastest available servers.", + "compile_terminated_by_user": "The compile was cancelled using the ‘Stop Compilation’ button. You can download the raw logs to see where the compile stopped.", + "compile_timeout_short": "Compile timeout", + "compile_timeout_short_info_basic": "This is how much time you get to compile your project on the Overleaf servers. You may need additional time for longer or more complex projects.", + "compile_timeout_short_info_new": "This is how much time you get to compile your project on Overleaf. You may need additional time for longer or more complex projects.", + "compiler": "Compiler", + "compiling": "Compiling", + "complete": "Complete", + "compliance": "Compliance", + "compromised_password": "Compromised Password", + "configure_sso": "Configure SSO", + "configured": "Configured", + "confirm": "Confirm", + "confirm_affiliation": "Confirm Affiliation", + "confirm_affiliation_to_relink_dropbox": "Please confirm you are still at the institution and on their license, or upgrade your account in order to relink your Dropbox account.", + "confirm_delete_user_type_email_address": "To confirm you want to delete __userName__ please type the email address associated with their account", + "confirm_email": "Confirm Email", + "confirm_new_password": "Confirm New Password", + "confirm_primary_email_change": "Confirm primary email change", + "confirm_remove_sso_config_enter_email": "To confirm you want to remove your SSO configuration, enter your email address:", + "confirm_your_email": "Confirm your email address", + "confirmation_link_broken": "Sorry, something is wrong with your confirmation link. Please try copy and pasting the link from the bottom of your confirmation email.", + "confirmation_token_invalid": "Sorry, your confirmation token is invalid or has expired. Please request a new email confirmation link.", + "confirming": "Confirming", + "conflicting_paths_found": "Conflicting Paths Found", + "congratulations_youve_successfully_join_group": "Congratulations! You‘ve successfully joined the group subscription.", + "connected_users": "Connected Users", + "connecting": "Connecting", + "connection_lost": "Connection lost", + "contact": "Contact", + "contact_group_admin": "Please contact your group administrator.", + "contact_message_label": "Message", + "contact_sales": "Contact Sales", + "contact_support_to_change_group_subscription": "Please <0>contact support if you wish to change your group subscription.", + "contact_us": "Contact Us", + "contact_us_lowercase": "Contact us", + "contacting_the_sales_team": "Contacting the Sales team", + "continue": "Continue", + "continue_github_merge": "I have manually merged. Continue", + "continue_to": "Continue to __appName__", + "continue_with_free_plan": "Continue with free plan", + "continue_with_service": "Continue with __service__", + "copied": "Copied", + "copy": "Copy", + "copy_code": "Copy code", + "copy_project": "Copy Project", + "copy_response": "Copy response", + "copying": "Copying", + "could_not_connect_to_collaboration_server": "Could not connect to collaboration server", + "could_not_connect_to_websocket_server": "Could not connect to WebSocket server", + "could_not_load_translations": "Could not load translations", + "country": "Country", + "country_flag": "__country__ country flag", + "coupon_code": "Coupon code", + "coupon_code_is_not_valid_for_selected_plan": "Coupon code is not valid for selected plan", + "coupons_not_included": "This does not include your current discounts, which will be applied automatically before your next payment", + "create": "Create", + "create_a_new_password_for_your_account": "Create a new password for your account", + "create_a_new_project": "Create a new project", + "create_account": "Create account", + "create_an_account": "Create an account", + "create_first_admin_account": "Create the first Admin account", + "create_new_account": "Create new account", + "create_new_subscription": "Create New Subscription", + "create_new_tag": "Create new tag", + "create_project_in_github": "Create a GitHub repository", + "created_at": "Created at", + "creating": "Creating", + "credit_card": "Credit Card", + "cs": "Czech", + "currency": "Currency", + "current_file": "Current file", + "current_password": "Current Password", + "current_price": "Current price", + "current_session": "Current Session", + "currently_seeing_only_24_hrs_history": "You’re currently seeing the last 24 hours of changes in this project.", + "currently_signed_in_as_x": "Currently signed in as <0>__userEmail__.", + "currently_subscribed_to_plan": "You are currently subscribed to the <0>__planName__ plan.", + "custom": "Custom", + "custom_borders": "Custom borders", + "custom_resource_portal": "Custom resource portal", + "custom_resource_portal_info": "You can have your own custom portal page on Overleaf. This is a great place for your users to find out more about Overleaf, access templates, FAQs and Help resources, and sign up to Overleaf.", + "customize": "Customize", + "customize_your_group_subscription": "Customize your group subscription", + "customize_your_plan": "Customize your plan", + "customizing_figures": "Customizing figures", + "customizing_tables": "Customizing tables", + "da": "Danish", + "date": "Date", + "date_and_owner": "Date and owner", + "de": "German", + "dealing_with_errors": "Dealing with errors", + "december": "December", + "dedicated_account_manager": "Dedicated account manager", + "dedicated_account_manager_info": "Our Account Management Team will be able to assist with requests, questions and to help you spread the word about Overleaf with promotional materials, training resources and webinars.", + "default": "Default", + "delete": "Delete", + "delete_account": "Delete Account", + "delete_account_confirmation_label": "I understand this will delete all projects in my __appName__ account with email address <0>__userDefaultEmail__", + "delete_account_warning_message_3": "You are about to permanently delete all of your account data, including your projects and settings. Please type your account email address and password in the boxes below to proceed.", + "delete_acct_no_existing_pw": "Please use the password reset form to set a password before deleting your account", + "delete_and_leave": "Delete / Leave", + "delete_and_leave_projects": "Delete and Leave Projects", + "delete_authentication_token": "Delete Authentication token", + "delete_authentication_token_info": "You’re about to delete a Git authentication token. If you do, it can no longer be used to authenticate your identity when performing Git operations.", + "delete_certificate": "Delete certificate", + "delete_figure": "Delete figure", + "delete_projects": "Delete Projects", + "delete_row_or_column": "Delete row or column", + "delete_sso_config": "Delete SSO configuration", + "delete_table": "Delete table", + "delete_tag": "Delete Tag", + "delete_token": "Delete token", + "delete_user": "Delete user", + "delete_your_account": "Delete your account", + "deleted_at": "Deleted At", + "deleted_by_email": "Deleted By email", + "deleted_by_id": "Deleted By ID", + "deleted_by_ip": "Deleted By IP", + "deleted_by_on": "Deleted by __name__ on __date__", + "deleting": "Deleting", + "demonstrating_git_integration": "Demonstrating Git integration", + "demonstrating_track_changes_feature": "Demonstrating Track Changes feature", + "department": "Department", + "descending": "Descending", + "description": "Description", + "details_provided_by_google_explanation": "Your details were provided by your Google account. Please check you’re happy with them.", + "dictionary": "Dictionary", + "did_you_know_institution_providing_professional": "Did you know that __institutionName__ is providing <0>free __appName__ Professional features to everyone at __institutionName__?", + "disable_single_sign_on": "Disable single sign-on", + "disable_sso": "Disable SSO", + "disable_stop_on_first_error": "Disable “Stop on first error”", + "disabling": "Disabling", + "disconnected": "Disconnected", + "discount_of": "Discount of __amount__", + "dismiss_error_popup": "Dismiss first error alert", + "display_deleted_user": "Display deleted users", + "do_not_have_acct_or_do_not_want_to_link": "If you don’t have an __appName__ account, or if you don’t want to link to your __institutionName__ account, please click __clickText__.", + "do_not_link_accounts": "Don’t link accounts", + "do_you_need_edit_access": "Do you need edit access?", + "do_you_want_to_change_your_primary_email_address_to": "Do you want to change your primary email address to __email__?", + "do_you_want_to_overwrite_it": "Do you want to overwrite it?", + "do_you_want_to_overwrite_it_plural": "Do you want to overwrite them?", + "do_you_want_to_overwrite_them": "Do you want to overwrite them?", + "document_too_long": "Document Too Long", + "document_too_long_detail": "Sorry, this file is too long to be edited manually. Please upload it directly.", + "document_updated_externally": "Document Updated Externally", + "document_updated_externally_detail": "This document was just updated externally. Any recent changes you have made may have been overwritten. To see previous versions, please look in the history.", + "documentation": "Documentation", + "does_not_contain_or_significantly_match_your_email": "does not contain or significantly match your email", + "doesnt_match": "Doesn’t match", + "doing_this_allow_log_in_through_institution": "Doing this will allow you to log in to __appName__ through your institution and will reconfirm your institutional email address.", + "doing_this_allow_log_in_through_institution_2": "Doing this will allow you to log in to <0>__appName__ through your institution and will reconfirm your institutional email address.", + "doing_this_will_verify_affiliation_and_allow_log_in_2": "Doing this will verify your affiliation with <0>__institutionName__ and will allow you to log in to <0>__appName__ through your institution.", + "done": "Done", + "dont_have_account": "Don’t have an account?", + "dont_have_account_without_question_mark": "Don’t have an account", + "download": "Download", + "download_all": "Download all", + "download_metadata": "Download Overleaf metadata", + "download_pdf": "Download PDF", + "download_zip_file": "Download .zip file", + "draft_sso_configuration": "Draft SSO configuration", + "drag_here": "drag here", + "drag_here_paste_an_image_or": "Drag here, paste an image, or ", + "drop_files_here_to_upload": "Drop files here to upload", + "dropbox": "Dropbox", + "dropbox_already_linked_error": "Your Dropbox account cannot be linked as it is already linked with another Overleaf account.", + "dropbox_already_linked_error_with_email": "Your Dropbox account cannot be linked as it is already linked with another Overleaf account using email address __otherUsersEmail__.", + "dropbox_checking_sync_status": "Checking Dropbox for updates", + "dropbox_duplicate_names_error": "Your Dropbox account can not be linked, because you have more than one project with the same name: ", + "dropbox_duplicate_project_names": "Your Dropbox account has been unlinked, because you have more than one project called <0>\"__projectName__\".", + "dropbox_duplicate_project_names_suggestion": "Please make your project names unique across all your <0>active, archived and trashed projects and then re-link your Dropbox account.", + "dropbox_email_not_verified": "We have been unable to retrieve updates from your Dropbox account. Dropbox reported that your email address is unverified. Please verify your email address in your Dropbox account to resolve this.", + "dropbox_for_link_share_projs": "This project was accessed via link-sharing and won’t be synchronised to your Dropbox unless you are invited via e-mail by the project owner.", + "dropbox_integration_info": "Work online and offline seamlessly with two-way Dropbox sync. Changes you make locally will be sent automatically to the version on Overleaf and vice versa.", + "dropbox_integration_lowercase": "Dropbox integration", + "dropbox_successfully_linked_description": "Thanks, we’ve successfully linked your Dropbox account to __appName__.", + "dropbox_sync": "Dropbox Sync", + "dropbox_sync_both": "Sending and receiving updates", + "dropbox_sync_description": "Keep your __appName__ projects in sync with your Dropbox account. Changes in __appName__ are automatically sent to your Dropbox account, and the other way around.", + "dropbox_sync_error": "Sorry, there was a problem checking our Dropbox service. Please try again in a few moments.", + "dropbox_sync_in": "Receiving updates from Dropbox", + "dropbox_sync_now_rate_limited": "Manual syncing is limited to one per minute. Please wait for a while and try again.", + "dropbox_sync_now_running": "A manual sync for this project has been started in the background. Please give it a few minutes to process.", + "dropbox_sync_out": "Sending updates to Dropbox", + "dropbox_sync_troubleshoot": "Changes not appearing in Dropbox? Please wait a few minutes. If changes still don’t appear, you can <0>sync this project now.", + "dropbox_synced": "Overleaf and Dropbox have processed all updates. Note that your local Dropbox might still be synchronizing", + "dropbox_unlinked_because_access_denied": "Your Dropbox account has been unlinked because the Dropbox service rejected your stored credentials. Please relink your Dropbox account to continue using it with Overleaf.", + "dropbox_unlinked_because_full": "Your Dropbox account has been unlinked because it is full, and we can no longer send updates to it. Please free up some space and relink your Dropbox account to continue using it with Overleaf.", + "dropbox_unlinked_premium_feature": "<0>Your Dropbox account has been unlinked because Dropbox Sync is a premium feature that you had through an institutional license.", + "due_date": "Due __date__", + "due_today": "Due today", + "duplicate_file": "Duplicate File", + "duplicate_projects": "This user has projects with duplicate names", + "each_user_will_have_access_to": "Each user will have access to", + "easily_import_and_sync_your_references": "Easily import and sync your references from Zotero or Mendeley when you upgrade your Overleaf plan.", + "easily_manage_your_project_files_everywhere": "Easily manage your project files, everywhere", + "edit": "Edit", + "edit_dictionary": "Edit Dictionary", + "edit_dictionary_empty": "Your custom dictionary is empty.", + "edit_dictionary_remove": "Remove from dictionary", + "edit_figure": "Edit figure", + "edit_sso_configuration": "Edit SSO Configuration", + "edit_tag": "Edit Tag", + "editing": "Editing", + "editing_and_collaboration": "Editing and collaboration", + "editing_captions": "Editing captions", + "editor": "Editor", + "editor_and_pdf": "Editor & PDF", + "editor_disconected_click_to_reconnect": "Editor disconnected, click anywhere to reconnect.", + "editor_limit_exceeded_in_this_project": "Too many editors in this project", + "editor_only_hide_pdf": "Editor only <0>(hide PDF)", + "editor_theme": "Editor theme", + "educational_discount_applied": "40% educational discount applied!", + "educational_discount_available_for_groups_of_ten_or_more": "The educational discount is available for groups of 10 or more", + "educational_discount_disclaimer": "This license is for educational purposes (applies to students or faculty using Overleaf for teaching)", + "educational_discount_for_groups_of_ten_or_more": "Overleaf offers a 40% educational discount for groups of 10 or more.", + "educational_discount_for_groups_of_x_or_more": "The educational discount is available for groups of __size__ or more", + "educational_percent_discount_applied": "__percent__% educational discount applied!", + "email": "Email", + "email_address": "Email address", + "email_address_is_invalid": "Email address is invalid", + "email_already_associated_with": "The __email1__ email is already associated with the __email2__ __appName__ account.", + "email_already_registered": "This email is already registered", + "email_already_registered_secondary": "This email is already registered as a secondary email", + "email_already_registered_sso": "This email is already registered. Please log in to your account another way and link your account to the new provider via your account settings.", + "email_confirmed_onboarding": "Great! Let’s get you set up", + "email_confirmed_onboarding_message": "Your email address is confirmed. Click <0>Continue to finish your setup.", + "email_does_not_belong_to_university": "We don’t recognize that domain as being affiliated with your university. Please contact us to add the affiliation.", + "email_limit_reached": "You can have a maximum of <0>__emailAddressLimit__ email addresses on this account. To add another email address, please delete an existing one.", + "email_link_expired": "Email link expired, please request a new one.", + "email_must_be_linked_to_institution": "As a member of __institutionName__, this email address can only be added via single sign-on on your <0>account settings page. Please add a different recovery email address.", + "email_or_password_wrong_try_again": "Your email or password is incorrect. Please try again.", + "email_or_password_wrong_try_again_or_reset": "Your email or password is incorrect. Please try again, or <0>set or reset your password.", + "email_required": "Email required", + "email_sent": "Email Sent", + "emails": "Emails", + "emails_and_affiliations_explanation": "Add additional email addresses to your account to access any upgrades your university or institution has, to make it easier for collaborators to find you, and to make sure you can recover your account.", + "emails_and_affiliations_title": "Emails and Affiliations", + "empty": "Empty", + "empty_zip_file": "Zip doesn’t contain any file", + "en": "English", + "enable_managed_users": "Enable Managed Users", + "enable_single_sign_on": "Enable single sign-on", + "enable_sso": "Enable SSO", + "enable_stop_on_first_error_under_recompile_dropdown_menu": "Enable <0>“Stop on first error” under the <1>Recompile drop-down menu to help you find and fix errors right away.", + "enabled": "Enabled", + "enabling": "Enabling", + "end_of_document": "End of document", + "enter_6_digit_code": "Enter 6-digit code", + "enter_any_size_including_units_or_valid_latex_command": "Enter any size (including units) or valid LaTeX command", + "enter_image_url": "Enter image URL", + "enter_the_confirmation_code": "Enter the 6-digit confirmation code sent to __email__.", + "enter_your_email_address": "Enter your email address", + "enter_your_email_address_below_and_we_will_send_you_a_link_to_reset_your_password": "Enter your email address below, and we will send you a link to reset your password", + "enter_your_new_password": "Enter your new password", + "error": "Error", + "error_opening_document": "Error opening document", + "error_opening_document_detail": "Sorry, something went wrong opening this document. Please try again.", + "error_performing_request": "An error has occurred while performing your request.", + "error_processing_file": "Sorry, something went wrong processing this file. Please try again.", + "error_submitting_comment": "Error submitting comment", + "es": "Spanish", + "estimated_number_of_overleaf_users": "Estimated number of __appName__ users", + "every": "per", + "everything_in_free_plus": "Everything in Free, plus…", + "everything_in_standard_plus": "Everything in Standard, plus…", + "example": "Example", + "example_project": "Example Project", + "examples": "Examples", + "exclusive_access_with_labs": "Exclusive access to early-stage experiments", + "existing_plan_active_until_term_end": "Your existing plan and its features will remain active until the end of the current billing period.", + "expand": "Expand", + "expired": "Expired", + "expired_confirmation_code": "Your confirmation code has expired. Click <0>Resend confirmation code to get a new one.", + "expires": "Expires", + "expires_in_days": "Expires in __days__ days", + "expires_on": "Expires: __date__", + "expiry": "Expiry Date", + "export_csv": "Export CSV", + "export_project_to_github": "Export Project to GitHub", + "failed_to_send_group_invite_to_email": "Failed to send Group invite to <0>__email__. Please try again later.", + "failed_to_send_managed_user_invite_to_email": "Failed to send Managed User invite to <0>__email__. Please try again later.", + "failed_to_send_sso_link_invite_to_email": "Failed to send SSO invite reminder to <0>__email__. Please try again later.", + "faq_change_plans_or_cancel_answer": "Yes, you can do this at any time via your subscription settings. You can change plans, switch between monthly and annual billing options, or cancel to downgrade to the free plan. When cancelling, your subscription will continue until the end of the billing period. If your account temporarily does not have a subscription, the only change will be to the features available to you. Your projects will always be available on your account.", + "faq_change_plans_or_cancel_question": "Can I change plans or cancel later?", + "faq_do_collab_need_on_paid_plan_answer": "No, they can be on any plan, including the free plan. If you are on a premium plan, some premium features will be available to your collaborators in projects that you have created, even if those collaborators are on the free plan. For more information, read about <0>account and subscriptions and <1>how premium features work.", + "faq_do_collab_need_on_paid_plan_question": "Do my collaborators also need to be on a paid plan?", + "faq_how_does_a_group_plan_work_answer": "Group subscriptions are a way to upgrade more than one Overleaf account. They are easy to manage, help to save on paperwork, and reduce the cost of purchasing multiple subscriptions separately. To learn more, read about <0>joining a group subscription and <1>managing a group subscription. You can purchase group subscriptions above or by <2>contacting us.", + "faq_how_does_a_group_plan_work_question": "How does a group plan work? How can I add people to the plan?", + "faq_how_does_free_trial_works_answer": "You get full access to your chosen __appName__ plan during your __len__-day free trial. There is no obligation to continue beyond the trial. Your card will be charged at the end of your __len__ day trial unless you cancel before then. You can cancel via your subscription settings.", + "faq_how_free_trial_works_answer_v2": "You get full access to your chosen premium plan during your __len__ day free trial, and there is no obligation to continue beyond the trial. Your card will be charged at the end of your trial unless you cancel before then. To cancel, go to your subscription settings in your account (the trial will continue for the full __len__ days).", + "faq_how_free_trial_works_question": "How does the free trial work?", + "faq_i_have_free_account_want_subscription_how_answer_first_paragraph": "In Overleaf, every user creates and manages their own Overleaf account. Most users start on the free plan but can upgrade and enjoy the premium features by subscribing to a plan, joining a group subscription or joining a <0>Commons subscription. When you purchase, join or leave a subscription, you can still keep the same Overleaf account.", + "faq_i_have_free_account_want_subscription_how_answer_second_paragraph": "To find out more, read more about <0>how accounts and subscriptions work together in Overleaf.", + "faq_i_have_free_account_want_subscription_how_question": "I have a free account and want to join a subscription, how do I do that?", + "faq_pay_by_invoice_answer_v2": "Yes, if you’d like to purchase a group subscription for five or more people, or a site license. For individual subscriptions we can only accept payment online via credit card, debit card or PayPal.", + "faq_pay_by_invoice_question": "Can I pay by invoice / purchase order?", + "faq_the_individual_standard_plan_10_collab_first_paragraph": "No. Only the subscriber’s account will be upgraded. An individual Standard subscription allows you to invite 10 collaborators to each project owned by you.", + "faq_the_individual_standard_plan_10_collab_question": "The individual Standard plan has 10 project collaborators, does it mean that 10 people will be upgraded?", + "faq_the_individual_standard_plan_10_collab_second_paragraph": "While working on a project that you, as a subscriber, share with them, your collaborators will be able to access some premium features such as the full document history and extended compile time for that particular project. Inviting them to a particular project does not upgrade their accounts overall, however. Read more about <0>which features are per project, and which are per account.", + "faq_what_is_the_difference_between_users_and_collaborators_answer_first_paragraph": "In Overleaf, every user creates their own account. You can create projects that only you work on, and you can also invite others to view or work with you on projects that you own. Users that you share your project with are called <0>collaborators. We sometimes refer to them as project collaborators.", + "faq_what_is_the_difference_between_users_and_collaborators_answer_second_paragraph": "In other words, collaborators are just other Overleaf users that you are working with on one of your projects.", + "faq_what_is_the_difference_between_users_and_collaborators_question": "What’s the difference between users and collaborators?", + "fast": "Fast", + "fastest": "Fastest", + "feature_included": "Feature included", + "feature_not_included": "Feature not included", + "featured": "Featured", + "featured_latex_templates": "Featured LaTeX Templates", + "features": "Features", + "features_and_benefits": "Features & Benefits", + "february": "February", + "file_action_created": "Created", + "file_action_deleted": "Deleted", + "file_action_edited": "Edited", + "file_action_renamed": "Renamed", + "file_action_restored": "Restored __fileName__ from: __date__", + "file_already_exists": "A file or folder with this name already exists", + "file_already_exists_in_this_location": "An item named <0>__fileName__ already exists in this location. If you wish to move this file, rename or remove the conflicting file and try again.", + "file_name": "File Name", + "file_name_figure_modal": "File name", + "file_name_in_this_project": "File Name In This Project", + "file_name_in_this_project_figure_modal": "File name in this project", + "file_outline": "File outline", + "file_size": "File size", + "file_too_large": "File too large", + "files_cannot_include_invalid_characters": "File name is empty or contains invalid characters", + "files_selected": "files selected.", + "filters": "Filters", + "find_out_more": "Find out More", + "find_out_more_about_institution_login": "Find out more about institutional login", + "find_out_more_about_the_file_outline": "Find out more about the file outline", + "find_out_more_nt": "Find out more.", + "finding_a_fix": "Finding a fix", + "first_name": "First Name", + "fit_to_height": "Fit to height", + "fit_to_width": "Fit to width", + "fixed_width": "Fixed width", + "fixed_width_wrap_text": "Fixed width, wrap text", + "flexible_plans_for_everyone": "Flexible plans for everyone—from individual students and researchers, to large businesses and universities.", + "fold_line": "Fold line", + "folder_location": "Folder location", + "folders": "Folders", + "following_paths_conflict": "The following files and folders conflict with the same path", + "font_family": "Font Family", + "font_size": "Font Size", + "footer_about_us": "About us", + "footer_contact_us": "Contact us", + "footer_navigation": "Footer navigation", + "footer_plans_and_pricing": "Plans & pricing", + "for_business": "For business", + "for_enterprise": "For enterprise", + "for_groups_or_site_wide": "For groups or site-wide", + "for_individuals_and_groups": "For individuals & groups", + "for_large_institutions_and_organizations_need_sitewide_on_premise": "For large institutions and organizations that need site-wide access or an on-premises solution.", + "for_more_information_see_managed_accounts_section": "For more information, see the \"Managed Accounts\" section in <0>our terms of use, which you agree to by clicking Accept invitation.", + "for_publishers": "For publishers", + "for_small_teams_and_departments_who_want_to_write_collaborate": "For small teams and departments who want to write and collaborate easily in LaTeX.", + "for_students": "For students", + "for_students_only": "For students only", + "for_teaching": "For teaching", + "for_teams_and_organizations_who_want_a_streamlined_sso_and_security": "For teams and organizations who want a streamlined sign-on process and our strongest cloud security.", + "for_universities": "For universities", + "forever": "forever", + "forgot_password": "Forgot password?", + "forgot_your_password": "Forgot your password", + "format": "Format", + "found_matching_deleted_users": "Found __deletedUserCount__ matching deleted users", + "four_minutes": "4 minutes", + "fr": "French", + "free": "Free", + "free_7_day_trial_billed_annually": "Free 7-day trial, then billed annually", + "free_7_day_trial_billed_monthly": "Free 7-day trial, then billed monthly", + "free_dropbox_and_history": "Free Dropbox and History", + "free_plan_label": "You’re on the free plan", + "free_plan_tooltip": "Click to find out how you could benefit from Overleaf premium features.", + "frequently_asked_questions": "frequently asked questions", + "from_another_project": "From another project", + "from_enforcement_date": "From __enforcementDate__ any additional editors on this project will be made viewers.", + "from_external_url": "From external URL", + "from_project_files": "From project files", + "from_provider": "From __provider__", + "from_url": "From URL", + "full_doc_history": "Full document history", + "full_doc_history_info_v2": "You can see all the edits in your project and who made every change. Add labels to quickly access specific versions.", + "full_document_history": "Full document <0>history", + "full_width": "Full width", + "gallery": "Gallery", + "gallery_find_more": "Find More __itemPlural__", + "gallery_items_tagged": "__itemPlural__ tagged __title__", + "gallery_page_items": "Gallery Items", + "gallery_page_summary": "A gallery of up-to-date and stylish LaTeX templates, examples to help you learn LaTeX, and papers and presentations published by our community. Search or browse below.", + "gallery_page_title": "Gallery - Templates, Examples and Articles written in LaTeX", + "gallery_show_all": "Show all __itemPlural__", + "generate_token": "Generate token", + "generic_if_problem_continues_contact_us": "If the problem continues please contact us", + "generic_linked_file_compile_error": "This project’s output files are not available because it failed to compile. Please open the project to see the compilation error details.", + "generic_something_went_wrong": "Sorry, something went wrong", + "get_advanced_reference_search": "Get advanced reference search", + "get_collaborative_benefits": "Get the collaborative benefits from __appName__, even if you prefer to work offline", + "get_discounted_plan": "Get discounted plan", + "get_dropbox_sync": "Get Dropbox Sync", + "get_early_access_to_ai": "Get early access to the new AI Error Assistant in Overleaf Labs", + "get_exclusive_access_to_labs": "Get exclusive access to early-stage experiments when you join Overleaf Labs. All we ask in return is your honest feedback to help us develop and improve.", + "get_full_project_history": "Get full project history", + "get_git_integration": "Get Git integration", + "get_github_sync": "Get GitHub Sync", + "get_in_touch": "Get in touch", + "get_in_touch_having_problems": "Get in touch with support if you’re having problems", + "get_involved": "Get involved", + "get_more_compile_time": "Get more compile time", + "get_most_subscription_by_checking_features": "Get the most out of your __appName__ subscription by checking out <0>__appName__’s features.", + "get_some_texnical_assistance": "Get some TeXnical assistance from AI to fix errors in your project.", + "get_symbol_palette": "Get Symbol Palette", + "get_the_best_overleaf_experience": "Get the best Overleaf experience", + "get_the_best_writing_experience": "Get the best writing experience", + "get_the_most_out_headline": "Get the most out of __appName__ with features such as:", + "get_track_changes": "Get track changes", + "git": "Git", + "git_authentication_token": "Git authentication token", + "git_authentication_token_create_modal_info_1": "This is your Git authentication token. You should enter this when prompted for a password.", + "git_authentication_token_create_modal_info_2": "<0>You will only see this authentication token once so please copy it and keep it safe. For full instructions on using authentication tokens, visit our <1>help page.", + "git_bridge_modal_click_generate": "Click Generate token to generate your authentication token now. Or do this later in your Account Settings.", + "git_bridge_modal_description": "You can git clone your project using the link displayed below.", + "git_bridge_modal_enter_authentication_token": "When prompted for a password, enter your new authentication token:", + "git_bridge_modal_git_authentication_tokens": "Git authentication tokens", + "git_bridge_modal_read_only": "You have read-only access to this project. This means you can pull from __appName__ but you can’t push any changes you make back to this project.", + "git_bridge_modal_see_once": "You’ll only see this token once. To delete it or generate a new one, visit Account Settings. For detailed instructions and troubleshooting, read our <0>help page.", + "git_bridge_modal_tokens_description": "To git clone your project you’ll need the link below and a Git authentication token.", + "git_bridge_modal_use_previous_token": "If you’re prompted for a password, you can use a previously generated Git authentication token. Or you can generate a new one in Account Settings. For more support, read our <0>help page.", + "git_bridge_modal_you_can_also_git_clone": "You can also git clone your project by using the link below and a Git authentication token.", + "git_gitHub_dropbox_mendeley_and_zotero_integrations": "Git, GitHub, Dropbox, Mendeley, and Zotero integrations", + "git_integration": "Git Integration", + "git_integration_info": "With Git integration, you can clone your Overleaf projects with Git. For full instructions on how to do this, read <0>our help page.", + "git_integration_lowercase": "Git integration", + "git_integration_lowercase_info": "You can clone your Overleaf project to a local repository, treating your Overleaf project as a remote repository that changes can be pushed to and pulled from.", + "github": "GitHub", + "github_commit_message_placeholder": "Commit message for changes made in __appName__...", + "github_credentials_expired": "Your GitHub authorization credentials have expired", + "github_empty_repository_error": "It looks like your GitHub repository is empty or not yet available. Create a new file on GitHub.com then try again.", + "github_file_name_error": "This repository cannot be imported, because it contains file(s) with an invalid filename:", + "github_git_and_dropbox_integrations": "<0>Github, <0>Git and <0>Dropbox integrations", + "github_git_folder_error": "This project contains a .git folder at the top level, indicating that it is already a git repository. The Overleaf GitHub sync service cannot sync git histories. Please remove the .git folder and try again.", + "github_integration_lowercase": "Git and GitHub integration", + "github_is_no_longer_connected": "GitHub is no longer connected to this project.", + "github_is_premium": "GitHub Sync is a premium feature", + "github_large_files_error": "Merge failed: your GitHub repository contains files over the 50mb file size limit ", + "github_merge_failed": "Your changes in __appName__ and GitHub could not be automatically merged. Please manually merge the <0>__sharelatex_branch__ branch into the default branch in git. Click below to continue, after you have manually merged.", + "github_no_master_branch_error": "This repository cannot be imported as it is missing a default branch. Please make sure the project has a default branch", + "github_only_integration_lowercase": "GitHub integration", + "github_only_integration_lowercase_info": "Link your Overleaf projects directly to a GitHub repository that acts as a remote repository for your overleaf project. This allows you to share with collaborators outside of Overleaf, and integrate Overleaf into more complex workflows.", + "github_private_description": "You choose who can see and commit to this repository.", + "github_public_description": "Anyone can see this repository. You choose who can commit.", + "github_repository_diverged": "The default branch of the linked repository has been force-pushed. Pulling GitHub changes after a force push can cause Overleaf and GitHub to get out of sync. You might need to push changes after pulling to get back in sync.", + "github_successfully_linked_description": "Thanks, we’ve successfully linked your GitHub account to __appName__. You can now export your __appName__ projects to GitHub, or import projects from your GitHub repositories.", + "github_symlink_error": "Your GitHub repository contains symbolic link files, which are not currently supported by Overleaf. Please remove these and try again.", + "github_sync": "GitHub Sync", + "github_sync_description": "With GitHub Sync you can link your __appName__ projects to GitHub repositories, create new commits from __appName__, and merge commits from GitHub.", + "github_sync_error": "Sorry, there was a problem checking our GitHub service. Please try again in a few moments.", + "github_sync_repository_not_found_description": "The linked repository has either been removed, or you no longer have access to it. You can set up sync with a new repository by cloning the project and using the ‘GitHub’ menu item. You can also unlink the repository from this project.", + "github_timeout_error": "Syncing your Overleaf project with GitHub has timed out. This may be due to the overall size of your project, or the number of files/changes to sync, being too large.", + "github_too_many_files_error": "This repository cannot be imported as it exceeds the maximum number of files allowed", + "github_validation_check": "Please check that the repository name is valid, and that you have permission to create the repository.", + "github_workflow_authorize": "Authorize GitHub Workflow files", + "github_workflow_files_delete_github_repo": "The repository has been created on GitHub but linking was unsuccessful. You will have to delete GitHub repository or choose a new name.", + "github_workflow_files_error": "The __appName__ GitHub sync service couldn’t sync GitHub Workflow files (in .github/workflows/). Please authorize __appName__ to edit your GitHub workflow files and try again.", + "give_feedback": "Give feedback", + "give_your_feedback": "give your feedback", + "global": "global", + "go_back_and_link_accts": "Go back and link your accounts", + "go_next_page": "Go to Next Page", + "go_page": "Go to page __page__", + "go_prev_page": "Go to Previous Page", + "go_to_account_settings": "Go to Account Settings", + "go_to_code_location_in_pdf": "Go to code location in PDF", + "go_to_overleaf": "Go to Overleaf", + "go_to_pdf_location_in_code": "Go to PDF location in code (Tip: double click on the PDF for best results)", + "go_to_settings": "Go to settings", + "great_for_getting_started": "Great for getting started", + "group_admin": "Group admin", + "group_admins_get_access_to": "Group admins get access to", + "group_admins_get_access_to_info": "Special features available only on group plans.", + "group_full": "This group is already full", + "group_invitations": "Group Invitations", + "group_invite_has_been_sent_to_email": "Group invite has been sent to <0>__email__", + "group_libraries": "Group Libraries", + "group_managed_by_group_administrator": "User accounts in this group are managed by the group administrator.", + "group_members_and_collaborators_get_access_to": "Group members and their project collaborators get access to", + "group_members_and_collaborators_get_access_to_info": "These features are available to group members and their collaborators (other Overleaf users invited to projects owned a group member).", + "group_members_get_access_to": "Group members get access to", + "group_members_get_access_to_info": "These features are available only to group members (subscribers).", + "group_plan_tooltip": "You are on the __plan__ plan as a member of a group subscription. Click to find out how to make the most of your Overleaf premium features.", + "group_plan_with_name_tooltip": "You are on the __plan__ plan as a member of a group subscription, __groupName__. Click to find out how to make the most of your Overleaf premium features.", + "group_plans": "Group Plans", + "group_professional": "Group Professional", + "group_sso_configuration_idp_metadata": "The information you provide here comes from your Identity Provider (IdP). This is often referred to as its <0>SAML metadata. You can add this manually or click <1>Import IdP metadata to import an XML file.", + "group_sso_configure_service_provider_in_idp": "For some IdPs, you must configure Overleaf as a Service Provider to get the data you need to fill out this form. To do this, you will need to download the Overleaf metadata.", + "group_sso_documentation_links": "Please see our <0>documentation and <1>troubleshooting guide for more help.", + "group_standard": "Group Standard", + "group_subscription": "Group Subscription", + "groups": "Groups", + "have_an_extra_backup": "Have an extra backup", + "have_more_days_to_try": "Have another __days__ days on your Trial!", + "headers": "Headers", + "help": "Help", + "help_articles_matching": "Help articles matching your subject", + "help_improve_overleaf_fill_out_this_survey": "If you would like to help us improve Overleaf, please take a moment to fill out <0>this survey.", + "help_improve_screen_reader_fill_out_this_survey": "Help us improve your experience using a screen reader with __appName__ by filling out this quick survey.", + "hide_configuration": "Hide configuration", + "hide_deleted_user": "Hide deleted users", + "hide_document_preamble": "Hide document preamble", + "hide_local_file_contents": "Hide Local File Contents", + "hide_outline": "Hide File outline", + "history": "History", + "history_add_label": "Add label", + "history_adding_label": "Adding label", + "history_are_you_sure_delete_label": "Are you sure you want to delete the following label", + "history_compare_from_this_version": "Compare from this version", + "history_compare_up_to_this_version": "Compare up to this version", + "history_delete_label": "Delete label", + "history_deleting_label": "Deleting label", + "history_download_this_version": "Download this version", + "history_entry_origin_dropbox": "via Dropbox", + "history_entry_origin_git": "via Git", + "history_entry_origin_github": "via GitHub", + "history_entry_origin_upload": "upload", + "history_label_created_by": "Created by", + "history_label_project_current_state": "Current state", + "history_label_this_version": "Label this version", + "history_new_label_name": "New label name", + "history_view_a11y_description": "Show all of the project history or only labelled versions.", + "history_view_all": "All history", + "history_view_labels": "Labels", + "hit_enter_to_reply": "Hit Enter to reply", + "home": "Home", + "hotkey_add_a_comment": "Add a comment", + "hotkey_autocomplete_menu": "Autocomplete Menu", + "hotkey_beginning_of_document": "Beginning of document", + "hotkey_bold_text": "Bold text", + "hotkey_compile": "Compile", + "hotkey_delete_current_line": "Delete Current Line", + "hotkey_end_of_document": "End of document", + "hotkey_find_and_replace": "Find (and replace)", + "hotkey_go_to_line": "Go To Line", + "hotkey_indent_selection": "Indent Selection", + "hotkey_insert_candidate": "Insert Candidate", + "hotkey_italic_text": "Italic Text", + "hotkey_redo": "Redo", + "hotkey_search_references": "Search References", + "hotkey_select_all": "Select All", + "hotkey_select_candidate": "Select Candidate", + "hotkey_to_lowercase": "To Lowercase", + "hotkey_to_uppercase": "To Uppercase", + "hotkey_toggle_comment": "Toggle Comment", + "hotkey_toggle_review_panel": "Toggle review panel", + "hotkey_toggle_track_changes": "Toggle track changes", + "hotkey_undo": "Undo", + "hotkeys": "Hotkeys", + "how_it_works": "How it works", + "how_to_create_tables": "How to create tables", + "how_to_insert_images": "How to insert images", + "how_we_use_your_data": "How we use your data", + "how_we_use_your_data_explanation": "<0>Please help us continue to improve Overleaf by answering a few quick questions. Your answers will help us and our corporate group understand more about our user base. We may use this information to improve your Overleaf experience, for example by providing personalized onboarding, upgrade prompts, help suggestions, and tailored marketing communications (if you’ve opted-in to receive them).<1>For more details on how we use your personal data, please see our <0>Privacy Notice.", + "hundreds_templates_info": "Produce beautiful documents starting from our gallery of LaTeX templates for journals, conferences, theses, reports, CVs and much more.", + "i_want_to_stay": "I want to stay", + "id": "ID", + "if_have_existing_can_link": "If you have an existing __appName__ account on another email, you can link it to your __institutionName__ account by clicking __clickText__.", + "if_owner_can_link": "If you own the __appName__ account with __email__, you will be allowed to link it to your __institutionName__ institutional account.", + "if_you_need_to_customize_your_table_further_you_can": "If you need to customize your table further, you can. Using LaTeX code, you can change anything from table styles and border styles to colors and column widths. <0>Read our guide to using tables in LaTeX to help you get started.", + "if_your_occupation_not_listed_type_full_name": "If your __occupation__ isn’t listed, you can type the full name.", + "ignore_and_continue_institution_linking": "You can also ignore this and continue to __appName__ with your __email__ account.", + "ignore_validation_errors": "Don’t check syntax", + "ill_take_it": "I’ll take it!", + "image_file": "Image file", + "image_url": "Image URL", + "image_width": "Image width", + "import_a_bibtex_file_from_your_provider_account": "Import a BibTeX file from your __provider__ account", + "import_from_github": "Import from GitHub", + "import_idp_metadata": "Import IdP metadata", + "import_to_sharelatex": "Import to __appName__", + "imported_from_another_project_at_date": "Imported from <0>Another project/__sourceEntityPathHTML__, at __formattedDate__ __relativeDate__", + "imported_from_external_provider_at_date": "Imported from <0>__shortenedUrlHTML__ at __formattedDate__ __relativeDate__", + "imported_from_mendeley_at_date": "Imported from Mendeley at __formattedDate__ __relativeDate__", + "imported_from_the_output_of_another_project_at_date": "Imported from the output of <0>Another project: __sourceOutputFilePathHTML__, at __formattedDate__ __relativeDate__", + "imported_from_zotero_at_date": "Imported from Zotero at __formattedDate__ __relativeDate__", + "importing": "Importing", + "importing_and_merging_changes_in_github": "Importing and merging changes in GitHub", + "in_good_company": "You’re In Good Company", + "in_order_to_have_a_secure_account_make_sure_your_password": "To help keep your account secure, make sure your new password:", + "in_order_to_match_institutional_metadata_2": "In order to match your institutional metadata, we’ve linked your account using <0>__email__.", + "in_order_to_match_institutional_metadata_associated": "In order to match your institutional metadata, your account is associated with the email __email__.", + "include_caption": "Include caption", + "include_label": "Include label", + "include_the_error_message_and_ai_response": "Include the error message and AI response", + "increased_compile_timeout": "Increased compile timeout", + "individuals": "Individuals", + "indvidual_plans": "Individual Plans", + "info": "Info", + "inr_discount_modal_info": "Get document history, track changes, additional collaborators, and more at Purchasing Power Parity prices.", + "inr_discount_modal_title": "70% off all Overleaf premium plans for users in India", + "inr_discount_offer_plans_page_banner": "__flag__ Great news! We’ve applied a 70% discount to premium plans for our users in India. Check out the new lower prices below.", + "insert": "Insert", + "insert_column_left": "Insert column left", + "insert_column_right": "Insert column right", + "insert_figure": "Insert figure", + "insert_from_another_project": "Insert from another project", + "insert_from_project_files": "Insert from project files", + "insert_from_url": "Insert from URL", + "insert_image": "Insert image", + "insert_row_above": "Insert row above", + "insert_row_below": "Insert row below", + "insert_x_columns_left": "Insert __columns__ columns left", + "insert_x_columns_right": "Insert __columns__ columns right", + "insert_x_rows_above": "Insert __rows__ rows above", + "insert_x_rows_below": "Insert __rows__ rows below", + "institution": "Institution", + "institution_account": "Institution Account", + "institution_account_tried_to_add_affiliated_with_another_institution": "This email is already associated with your account but affiliated with another institution.", + "institution_account_tried_to_add_already_linked": "This institution is already linked with your account via another email address.", + "institution_account_tried_to_add_already_registered": "The email/institution account you tried to add is already registered with __appName__.", + "institution_account_tried_to_add_not_affiliated": "This email is already associated with your account but not affiliated with this institution.", + "institution_account_tried_to_confirm_saml": "This email cannot be confirmed. Please remove the email from your account and try adding it again.", + "institution_acct_successfully_linked_2": "Your <0>__appName__ account was successfully linked to your <0>__institutionName__ institutional account.", + "institution_and_role": "Institution and role", + "institution_email_new_to_app": "Your __institutionName__ email (__email__) is new to __appName__.", + "institution_has_overleaf_subscription": "<0>__institutionName__ has an Overleaf subscription. Click the confirmation link sent to __emailAddress__ to upgrade to <0>Overleaf Professional.", + "institution_templates": "Institution Templates", + "institutional": "Institutional", + "institutional_leavers_survey_notification": "Provide some quick feedback to receive a 25% discount on an annual subscription!", + "institutional_login_not_supported": "Your institution doesn’t support institutional login yet, but you can still register with your institutional email.", + "institutional_login_unknown": "Sorry, we don’t know which institution issued that email address. You can browse our list of institutions to find yours, or you can use one of the other options below.", + "integrations": "Integrations", + "interested_in_cheaper_personal_plan": "Would you be interested in the cheaper <0>__price__ Personal plan?", + "invalid_certificate": "Invalid certificate. Please check the certificate and try again.", + "invalid_confirmation_code": "That didn’t work. Please check the code and try again.", + "invalid_email": "An email address is invalid", + "invalid_file_name": "Invalid File Name", + "invalid_filename": "Upload failed: check that the file name doesn’t contain special characters, trailing/leading whitespace or more than __nameLimit__ characters", + "invalid_institutional_email": "Your institution’s SSO service returned your email address as __email__, which is at an unexpected domain that we do not recognise as belonging to it. You may be able to change your primary email address via your user profile at your institution to one at your institution’s domain. Please contact your IT department if you have any questions.", + "invalid_password": "Invalid Password", + "invalid_password_contains_email": "Password cannot contain parts of email address", + "invalid_password_invalid_character": "Password contains an invalid character", + "invalid_password_not_set": "Password is required", + "invalid_password_too_long": "Maximum password length __maxLength__ exceeded", + "invalid_password_too_short": "Password too short, minimum __minLength__", + "invalid_password_too_similar": "Password is too similar to parts of email address", + "invalid_request": "Invalid Request. Please correct the data and try again.", + "invalid_zip_file": "Invalid zip file", + "invite": "Invite", + "invite_expired": "The invite may have expired", + "invite_more_collabs": "Invite more collaborators", + "invite_not_accepted": "Invite not yet accepted", + "invite_not_valid": "This is not a valid project invite", + "invite_not_valid_description": "The invite may have expired. Please contact the project owner", + "invite_resend_limit_hit": "The invite resend limit hit", + "invited_to_group": "<0>__inviterName__ has invited you to join a group subscription on __appName__", + "invited_to_group_have_individual_subcription": "__inviterName__ has invited you to join a group __appName__ subscription. If you join this group, you may not need your individual subscription. Would you like to cancel it?", + "invited_to_group_login": "To accept this invitation you need to log in as __emailAddress__.", + "invited_to_group_login_benefits": "As part of this group, you’ll have access to __appName__ premium features such as additional collaborators, greater maximum compile time, and real-time track changes.", + "invited_to_group_register": "To accept __inviterName__’s invitation you’ll need to create an account.", + "invited_to_group_register_benefits": "__appName__ is a collaborative online LaTeX editor, with thousands of ready-to-use templates and an array of LaTeX learning resources to help you get started.", + "invited_to_join": "You have been invited to join", + "ip_address": "IP Address", + "is_email_affiliated": "Is your email affiliated with an institution? ", + "is_longer_than_n_characters": "is at least __n__ characters long", + "is_not_used_on_any_other_website": "is not used on any other website", + "issued_on": "Issued: __date__", + "it": "Italian", + "ja": "Japanese", + "january": "January", + "join_beta_program": "Join beta program", + "join_labs": "Join Labs", + "join_now": "Join now", + "join_overleaf_labs": "Join Overleaf Labs", + "join_project": "Join Project", + "join_sl_to_view_project": "Join __appName__ to view this project", + "join_team_explanation": "Please click the button below to join the group subscription and enjoy the benefits of an upgraded __appName__ account", + "joined_team": "You have joined the group subscription managed by __inviterName__", + "joining": "Joining", + "july": "July", + "june": "June", + "justify": "Justify", + "kb_suggestions_enquiry": "Have you checked our <0>__kbLink__?", + "keep_current_plan": "Keep my current plan", + "keep_personal_projects_separate": "Keep personal projects separate", + "keep_your_account_safe": "Keep your account safe", + "keep_your_account_safe_add_another_email": "Keep your account safe and make sure you don’t lose access to it by adding another email address.", + "keep_your_email_updated": "Keep your email updated so that you don’t lose access to your account and data.", + "keybindings": "Keybindings", + "knowledge_base": "knowledge base", + "ko": "Korean", + "labels_help_you_to_easily_reference_your_figures": "Labels help you to easily reference your figures throughout your document. To reference a figure within the text, reference the label using the <0>\\ref{...} command. This makes it easy to reference figures without needing to manually remember the figure numbering. <1>Learn more", + "labels_help_you_to_reference_your_tables": "Labels help you to reference your tables throughout your document easily. To reference a table within the text, reference the label using the <0>\\ref{...} command. This makes it easy to reference tables without manually remembering the table numbering. <1>Read about labels and cross-references.", + "labs_program_benefits": "By signing up for Overleaf Labs you can get your hands on in-development features and try them out as much as you like. All we ask in return is your honest feedback to help us develop and improve. It’s important to note that features available in this program are still being tested and actively developed. This means they could change, be removed, or become part of a premium plan.", + "language": "Language", + "language_feedback": "Language Feedback", + "large_or_high-resolution_images_taking_too_long": "Large or high-resolution images taking too long to process. You may be able to <0>optimize them.", + "last_active": "Last Active", + "last_active_description": "Last time a project was opened.", + "last_edit": "Last edit", + "last_logged_in": "Last logged in", + "last_modified": "Last Modified", + "last_name": "Last Name", + "last_resort_trouble_shooting_guide": "If that doesn’t help, follow our <0>troubleshooting guide.", + "last_suggested_fix": "Last suggested fix", + "last_updated": "Last Updated", + "last_updated_date_by_x": "__lastUpdatedDate__ by __person__", + "last_used": "last used", + "latam_discount_modal_info": "Unlock the full potential of Overleaf with a __discount__% discount on premium subscriptions paid in __currencyName__. Get a longer compile timeout, full document history, track changes, additional collaborators, and more.", + "latam_discount_modal_title": "Premium subscription discount", + "latam_discount_offer_plans_page_banner": "__flag__ We’ve applied a __discount__ discount to premium plans on this page for our users in __country__. Check out the new lower prices (in __currency__).", + "latex_articles_page_summary": "Papers, presentations, reports and more, written in LaTeX and published by our community. Search or browse below.", + "latex_articles_page_title": "Articles - Papers, Presentations, Reports and more", + "latex_examples_page_summary": "Examples of powerful LaTeX packages and techniques in use — a great way to learn LaTeX by example. Search or browse below.", + "latex_examples_page_title": "Examples - Equations, Formatting, TikZ, Packages and More", + "latex_in_thirty_minutes": "LaTeX in 30 minutes", + "latex_places_figures_according_to_a_special_algorithm": "LaTeX places figures according to a special algorithm. You can use something called ‘placement parameters’ to influence the positioning of the figure. <0>Find out how", + "latex_places_tables_according_to_a_special_algorithm": "LaTeX places tables according to a special algorithm. You can use “placement parameters” to influence the position of the table. <0>This article explains how to do this.", + "latex_templates": "LaTeX Templates", + "layout": "Layout", + "layout_processing": "Layout processing", + "ldap": "LDAP", + "ldap_create_admin_instructions": "Choose an email address for the first __appName__ admin account. This should correspond to an account in the LDAP system. You will then be asked to log in with this account.", + "learn": "Learn", + "learn_more": "Learn more", + "learn_more_about_account": "<0>Learn more about managing your __appName__ account.", + "learn_more_about_emails": "<0>Learn more about managing your __appName__ emails.", + "learn_more_about_link_sharing": "Learn more about Link Sharing", + "learn_more_about_managed_users": "Learn more about Managed Users.", + "learn_more_about_other_causes_of_compile_timeouts": "<0>Learn more about other causes of compile timeouts and how to fix them.", + "learn_more_lowercase": "learn more", + "leave": "Leave", + "leave_any_group_subscriptions": "Leave any group subscriptions other than the one that will be managing your account. <0>Leave them from the Subscription page.", + "leave_group": "Leave group", + "leave_labs": "Leave Overleaf Labs", + "leave_now": "Leave now", + "leave_projects": "Leave Projects", + "left": "Left", + "length_unit": "Length unit", + "let_us_know": "Let us know", + "let_us_know_how_we_can_help": "Let us know how we can help", + "let_us_know_what_you_think": "Let us know what you think", + "lets_fix_your_errors": "Let’s fix your errors", + "library": "Library", + "license": "License", + "license_for_educational_purposes": "This license is for educational purposes (applies to students or faculty using __appName__ for teaching)", + "limited_offer": "Limited offer", + "limited_to_n_editors_per_project": "Limited to __count__ editor per project", + "limited_to_n_editors_per_project_plural": "Limited to __count__ editors per project", + "line_height": "Line Height", + "line_width_is_the_width_of_the_line_in_the_current_environment": "Line width is the width of the line in the current environment. e.g. a full page width in single-column layout or half a page width in a two-column layout.", + "link": "Link", + "link_account": "Link Account", + "link_accounts": "Link Accounts", + "link_accounts_and_add_email": "Link Accounts and Add Email", + "link_institutional_email_get_started": "Link an institutional email address to your account to get started.", + "link_sharing": "Link sharing", + "link_sharing_is_off": "Link sharing is off, only invited users can view this project.", + "link_sharing_is_off_short": "Link sharing is off", + "link_sharing_is_on": "Link sharing is on", + "link_to_github": "Link to your GitHub account", + "link_to_github_description": "You need to authorise __appName__ to access your GitHub account to allow us to sync your projects.", + "link_to_mendeley": "Link to Mendeley", + "link_to_zotero": "Link to Zotero", + "link_your_accounts": "Link your accounts", + "linked_accounts": "linked accounts", + "linked_accounts_explained": "You can link your __appName__ account with other services to enable the features described below.", + "linked_collabratec_description": "Use Collabratec to manage your __appName__ projects.", + "linked_file": "Imported file", + "links": "Links", + "loading": "Loading", + "loading_content": "Creating Project", + "loading_github_repositories": "Loading your GitHub repositories", + "loading_prices": "loading prices", + "loading_recent_github_commits": "Loading recent commits", + "loading_writefull": "Loading Writefull", + "local_account": "Local account", + "log_entry_description": "Log entry with level: __level__", + "log_entry_maximum_entries": "Maximum log entries limit hit", + "log_entry_maximum_entries_enable_stop_on_first_error": "Try to fix the first error and recompile. Often one error causes many later error messages. You can <0>Enable “Stop on first error” to focus on fixing errors. We recommend fixing errors as soon as possible; letting them accumulate may lead to hard-to-debug and fatal errors. <1>Learn more", + "log_entry_maximum_entries_see_full_logs": "If you need to see the full logs, you can still download them or view the raw logs below.", + "log_entry_maximum_entries_title": "__total__ log messages total. Showing the first __displayed__", + "log_hint_extra_info": "Learn more", + "log_in": "Log in", + "log_in_and_link": "Log in and link", + "log_in_and_link_accounts": "Log in and link accounts", + "log_in_first_to_proceed": "You will need to log in first to proceed.", + "log_in_now": "Log in now", + "log_in_with": "Log in with __provider__", + "log_in_with_a_different_account": "Log in with a different account", + "log_in_with_email": "Log in with __email__", + "log_in_with_email_raw": "Log in with email", + "log_in_with_existing_institution_email": "Please log in with your existing __appName__ account in order to get your __appName__ and __institutionName__ institutional accounts linked.", + "log_in_with_primary_email_address": "This will be the email address to use if you log in with an email address and password. Important __appName__ notifications will be sent to this email address.", + "log_in_with_sso": "Log in with SSO", + "log_in_with_sso_email": "Work or university email address", + "log_out": "Log Out", + "log_out_from": "Log out from __email__", + "log_out_lowercase_dot": "Log out.", + "log_viewer_error": "There was a problem displaying this project’s compilation errors and logs.", + "logged_in_with_email": "You are currently logged in to __appName__ with the email __email__.", + "logging_in": "Logging in", + "logging_in_or_managing_your_account": "Logging in or managing your account", + "login": "Login", + "login_count": "Login count", + "login_error": "Login error", + "login_failed": "Login failed", + "login_here": "Login here", + "login_or_password_wrong_try_again": "Your login or password is incorrect. Please try again", + "login_register_or": "or", + "login_to_accept_invitation": "Log in to accept invitation", + "login_to_overleaf": "Log in to Overleaf", + "login_with_service": "Log in with __service__", + "logs_and_output_files": "Logs and output files", + "longer_compile_timeout": "Longer <0>compile timeout", + "longer_compile_timeout_on_faster_servers": "Longer compile timeout on faster servers", + "looking_multiple_licenses": "Looking for multiple licenses?", + "looks_like_logged_in_with_email": "It looks like you’re already logged in to __appName__ with the email __email__.", + "looks_like_youre_at": "It looks like you’re at <0>__institutionName__.", + "lost_connection": "Lost Connection", + "main_document": "Main document", + "main_file_not_found": "Unknown main document", + "maintenance": "Maintenance", + "make_a_copy": "Make a copy", + "make_email_primary_description": "Make this the primary email, used to log in", + "make_owner": "Make owner", + "make_primary": "Make Primary", + "make_private": "Make Private", + "manage_beta_program_membership": "Manage Beta Program Membership", + "manage_files_from_your_dropbox_folder": "Manage files from your Dropbox folder", + "manage_group_managers": "Manage group managers", + "manage_group_members_subtext": "Add or remove members from your group subscription", + "manage_group_settings": "Manage group settings", + "manage_group_settings_subtext": "Configure and manage SSO and Managed Users", + "manage_group_settings_subtext_group_sso": "Configure and manage SSO", + "manage_group_settings_subtext_managed_users": "Turn on Managed Users", + "manage_institution_managers": "Manage institution managers", + "manage_managers_subtext": "Assign or remove manager privileges", + "manage_members": "Manage members", + "manage_newsletter": "Manage Your Newsletter Preferences", + "manage_publisher_managers": "Manage publisher managers", + "manage_sessions": "Manage Your Sessions", + "manage_subscription": "Manage Subscription", + "managed": "Managed", + "managed_user_invite_has_been_sent_to_email": "Managed User invite has been sent to <0>__email__", + "managed_users": "Managed Users", + "managed_users_accounts": "Managed user accounts", + "managed_users_accounts_plan_info": "Managed Users gives you more control over your group’s use of Overleaf. It ensures tighter management of user access and deletion and allows you to keep control of projects when someone leaves the group.", + "managed_users_explanation": "Managed Users ensures you stay in control of your organization’s projects and who owns them. <0>Read more about Managed Users.", + "managed_users_is_enabled": "Managed Users is enabled", + "managed_users_terms": "To use the Managed Users feature, you must agree to the latest version of our customer terms at <0>__link__ on behalf of your organization by selecting \"I agree\" below. These terms will then apply to your organization’s use of Overleaf in place of any previously agreed Overleaf terms. The exception to this is where we have a signed agreement in place with you, in which case that signed agreement will continue to govern. Please keep a copy for your records.", + "managers_cannot_remove_admin": "Admins cannot be removed", + "managers_cannot_remove_self": "Managers cannot remove themselves", + "managers_management": "Managers management", + "managing_your_subscription": "Managing your subscription", + "march": "March", + "mark_as_resolved": "Mark as resolved", + "math_display": "Math Display", + "math_inline": "Math Inline", + "max_collab_per_project": "Max. collaborators per project", + "max_collab_per_project_info": "The number of people you can invite to work on each project. They just need to have an Overleaf account. They can be different people in each project.", + "maximum_files_uploaded_together": "Maximum __max__ files uploaded together", + "may": "May", + "maybe_later": "Maybe later", + "members_management": "Members management", + "mendeley": "Mendeley", + "mendeley_cta": "Get Mendeley integration", + "mendeley_groups_loading_error": "There was an error loading groups from Mendeley", + "mendeley_groups_relink": "There was an error accessing your Mendeley data. This was likely caused by lack of permissions. Please re-link your account and try again.", + "mendeley_integration": "Mendeley Integration", + "mendeley_integration_lowercase": "Mendeley integration", + "mendeley_integration_lowercase_info": "Manage your reference library in Mendeley, and link it directly to .bib files in Overleaf, so you can easily cite anything from your libraries.", + "mendeley_is_premium": "Mendeley integration is a premium feature", + "mendeley_reference_loading_error": "Error, could not load references from Mendeley", + "mendeley_reference_loading_error_expired": "Mendeley token expired, please re-link your account", + "mendeley_reference_loading_error_forbidden": "Could not load references from Mendeley, please re-link your account and try again", + "mendeley_sync_description": "With the Mendeley integration you can import your references from Mendeley into your __appName__ projects.", + "menu": "Menu", + "merge": "Merge", + "merge_cells": "Merge cells", + "merging": "Merging", + "missing_field_for_entry": "Missing field for", + "missing_fields_for_entry": "Missing fields for", + "money_back_guarantee": "30-day money back guarantee, no questions asked", + "month": "month", + "monthly": "Monthly", + "more": "More", + "more_actions": "More actions", + "more_info": "More Info", + "more_options_for_border_settings_coming_soon": "More options for border settings coming soon.", + "more_project_collaborators": "<0>More project <0>collaborators", + "more_than_one_kind_of_snippet_was_requested": "The link to open this content on Overleaf included some invalid parameters. If this keeps happening for links on a particular site, please report this to them.", + "most_popular": "most popular", + "most_popular_uppercase": "Most popular", + "must_be_email_address": "Must be an email address", + "must_be_purchased_online": "Must be purchased online", + "my_library": "My Library", + "n_items": "__count__ item", + "n_items_plural": "__count__ items", + "n_more_updates_above": "__count__ more update above", + "n_more_updates_above_plural": "__count__ more updates above", + "n_more_updates_below": "__count__ more update below", + "n_more_updates_below_plural": "__count__ more updates below", + "name": "Name", + "name_usage_explanation": "Your name will be displayed to your collaborators (so they know who they’re working with).", + "native": "Native", + "navigate_log_source": "Navigate to log position in source code: __location__", + "navigation": "Navigation", + "nearly_activated": "You’re one step away from activating your __appName__ account!", + "need_anything_contact_us_at": "If there is anything you ever need please feel free to contact us directly at", + "need_contact_group_admin_to_make_changes": "You’ll need to contact your group admin if you want to make certain changes to your account. <0>Read more about managed users.", + "need_make_changes": "You need to make some changes", + "need_more_than_to_licenses_get_in_touch": "Need more than 50 licenses? Please get in touch", + "need_more_than_x_licenses": "Need more than __x__ licenses?", + "need_to_add_new_primary_before_remove": "You’ll need to add a new primary email address before you can remove this one.", + "need_to_leave": "Need to leave?", + "need_to_upgrade_for_more_collabs": "You need to upgrade your account to add more collaborators", + "new_compile_domain_notice": "We’ve recently migrated PDF downloads to a new domain. Something might be blocking your browser from accessing that new domain, <0>__compilesUserContentDomain__. This could be caused by network blocking or a strict browser plugin rule. Please follow our <1>troubleshooting guide.", + "new_file": "New file", + "new_folder": "New folder", + "new_name": "New Name", + "new_password": "New Password", + "new_project": "New Project", + "new_snippet_project": "Untitled", + "new_subscription_will_be_billed_immediately": "Your new subscription will be billed immediately to your current payment method.", + "new_tag": "New Tag", + "new_tag_name": "New tag name", + "newsletter": "Newsletter", + "newsletter_info_note": "Please note: you will still receive important emails, such as project invites and security notifications (password resets, account linking, etc).", + "newsletter_info_subscribed": "You are currently <0>subscribed to the __appName__ newsletter. If you would prefer not to receive this email then you can unsubscribe at any time.", + "newsletter_info_summary": "Every few months we send a newsletter out summarizing the new features available.", + "newsletter_info_title": "Newsletter Preferences", + "newsletter_info_unsubscribed": "You are currently <0>unsubscribed to the __appName__ newsletter.", + "newsletter_onboarding_accept": "I’d like emails about product offers and company news and events.", + "next": "Next", + "next_page": "Next page", + "next_payment_of_x_collectected_on_y": "The next payment of <0>__paymentAmmount__ will be collected on <1>__collectionDate__.", + "nl": "Dutch", + "no": "Norwegian", + "no_actions": "No actions", + "no_articles_matching_your_tags": "There are no articles matching your tags", + "no_borders": "No borders", + "no_caption": "No caption", + "no_comments": "No comments", + "no_comments_or_suggestions": "No comments or suggestions", + "no_existing_password": "Please use the password reset form to set your password", + "no_featured_templates": "No featured templates", + "no_folder": "No folder", + "no_i_dont_need_these": "No, I don’t need these", + "no_image_files_found": "No image files found", + "no_members": "No members", + "no_messages": "No messages", + "no_new_commits_in_github": "No new commits in GitHub since last merge.", + "no_one_has_commented_or_left_any_suggestions_yet": "No one has commented or left any suggestions yet.", + "no_other_projects_found": "No other projects found, please create another project first", + "no_other_sessions": "No other sessions active", + "no_pdf_error_explanation": "This compile didn’t produce a PDF. This can happen if:", + "no_pdf_error_reason_no_content": "The document environment contains no content. If it’s empty, please add some content and compile again.", + "no_pdf_error_reason_output_pdf_already_exists": "This project contains a file called output.pdf. If that file exists, please rename it and compile again.", + "no_pdf_error_reason_unrecoverable_error": "There is an unrecoverable LaTeX error. If there are LaTeX errors shown below or in the raw logs, please try to fix them and compile again.", + "no_pdf_error_title": "No PDF", + "no_planned_maintenance": "There is currently no planned maintenance", + "no_preview_available": "Sorry, no preview is available.", + "no_projects": "No projects", + "no_resolved_threads": "No resolved threads", + "no_search_results": "No Search Results", + "no_selection_select_file": "Currently, no file is selected. Please select a file from the file tree.", + "no_symbols_found": "No symbols found", + "no_thanks_cancel_now": "No thanks, I still want to cancel", + "no_update_email": "No, update email", + "normal": "Normal", + "normally_x_price_per_month": "Normally __price__ per month", + "normally_x_price_per_year": "Normally __price__ per year", + "not_found_error_from_the_supplied_url": "The link to open this content on Overleaf pointed to a file that could not be found. If this keeps happening for links on a particular site, please report this to them.", + "not_managed": "Not managed", + "not_now": "Not now", + "not_registered": "Not registered", + "note_features_under_development": "<0>Please note that features in this program are still being tested and actively developed. This means that they might <0>change, be <0>removed or <0>become part of a premium plan", + "notification_features_upgraded_by_affiliation": "Good news! Your affiliated organization __institutionName__ has an Overleaf subscription, and you now have access to all of Overleaf’s Professional features.", + "notification_ieee_collabratec_retirement_message": "As of April 2, 2024, free access to Overleaf Professional subscriptions via Collabratec or IEEE accounts has ended. Need to upgrade? <0>View our plans. Contact <1>authors@ieee.org with any questions.", + "notification_personal_and_group_subscriptions": "We’ve spotted that you’ve got <0>more than one active __appName__ subscription. To avoid paying more than you need to, <1>review your subscriptions.", + "notification_personal_subscription_not_required_due_to_affiliation": " Good news! Your affiliated organization __institutionName__ has an Overleaf subscription, and you now have access to Overleaf’s Professional features through your affiliation. You can cancel your individual subscription without losing access to any features.", + "notification_project_invite": "__userName__ would like you to join __projectName__ Join Project", + "notification_project_invite_accepted_message": "You’ve joined __projectName__", + "notification_project_invite_message": "__userName__ would like you to join __projectName__", + "november": "November", + "number_collab": "Number of collaborators", + "number_collab_info": "The number of people you can invite to work on a project with you. The limit is per project, so you can invite different people to each project.", + "number_of_projects": "Number of projects", + "number_of_users": "Number of users", + "number_of_users_info": "The number of users that can upgrade their Overleaf account if you purchase this plan.", + "number_of_users_with_colon": "Number of users:", + "oauth_orcid_description": " Securely establish your identity by linking your ORCID iD to your __appName__ account. Submissions to participating publishers will automatically include your ORCID iD for improved workflow and visibility. ", + "october": "October", + "off": "Off", + "official": "Official", + "ok": "OK", + "ok_continue_to_project": "OK, continue to project", + "ok_join_project": "OK, join project", + "on": "On", + "on_free_plan_upgrade_to_access_features": "You are on the __appName__ Free plan. Upgrade to access these <0>Premium Features", + "one_collaborator": "Only one collaborator", + "one_collaborator_per_project": "1 collaborator per project", + "one_free_collab": "One free collaborator", + "one_per_project": "1 per project", + "one_step_away_from_professional_features": "You are one step away from accessing <0>Overleaf Professional features!", + "one_user": "1 user", + "ongoing_experiments": "Ongoing experiments", + "online_latex_editor": "Online LaTeX Editor", + "only_group_admin_or_managers_can_delete_your_account_1": "By becoming a managed user, your organization will have admin rights over your account and control over your stuff, including the right to close your account and access, delete and share your stuff. As a result:", + "only_group_admin_or_managers_can_delete_your_account_2": "Only your group admin or group managers will be able to delete your account.", + "only_group_admin_or_managers_can_delete_your_account_3": "Your group admin and group managers will be able to reassign ownership of your projects to another group member.", + "only_group_admin_or_managers_can_delete_your_account_4": "Once you have become a managed user, you cannot change back. <0>Learn more about managed Overleaf accounts.", + "only_group_admin_or_managers_can_delete_your_account_5": "For more information, see the \"Managed Accounts\" section in our terms of use, which you agree to by clicking Accept invitation", + "only_importer_can_refresh": "Only the person who originally imported this __provider__ file can refresh it.", + "open_a_file_on_the_left": "Open a file on the left", + "open_advanced_reference_search": "Open advanced reference search", + "open_as_template": "Open as Template", + "open_file": "Edit file", + "open_link": "Go to page", + "open_path": "Open __path__", + "open_project": "Open Project", + "open_target": "Go to target", + "opted_out_linking": "You’ve opted out from linking your __email__ __appName__ account to your institutional account.", + "optional": "Optional", + "or": "or", + "organization": "Organization", + "organization_name": "Organization name", + "organization_or_company_name": "Organization or company name", + "organization_or_company_type": "Organization or company type", + "organize_projects": "Organize Projects", + "original_price": "Original price", + "other": "Other", + "other_actions": "Other Actions", + "other_logs_and_files": "Other logs and files", + "other_output_files": "Download other output files", + "other_sessions": "Other Sessions", + "other_ways_to_log_in": "Other ways to log in", + "our_values": "Our values", + "out_of_sync": "Out of sync", + "out_of_sync_detail": "Sorry, this file has gone out of sync and we need to do a full refresh.<0 /><1>Please see this help guide for more information", + "output_file": "Output file", + "over": "over", + "over_n_users_at_research_institutions_and_business": "Over __userCountMillion__ million users at research institutions and businesses worldwide love __appName__", + "overall_theme": "Overall theme", + "overleaf": "Overleaf", + "overleaf_group_plans": "Overleaf group plans", + "overleaf_history_system": "Overleaf History System", + "overleaf_individual_plans": "Overleaf individual plans", + "overleaf_labs": "Overleaf Labs", + "overleaf_plans_and_pricing": "overleaf plans and pricing", + "overview": "Overview", + "overwrite": "Overwrite", + "overwriting_the_original_folder": "Overwriting the original folder will delete it and all the files it contains.", + "owned_by_x": "owned by __x__", + "owner": "Owner", + "page_current": "Page __page__, Current Page", + "page_not_found": "Page Not Found", + "pagination_navigation": "Pagination Navigation", + "partial_outline_warning": "The File outline is out of date. It will update itself as you edit the document", + "password": "Password", + "password_cant_be_the_same_as_current_one": "Password can’t be the same as current one", + "password_change_old_password_wrong": "Your old password is wrong", + "password_change_password_must_be_different": "The password you entered is the same as your current password. Please try a different password.", + "password_change_passwords_do_not_match": "Passwords do not match", + "password_change_successful": "Password changed", + "password_compromised_try_again_or_use_known_device_or_reset": "The password you’ve entered is on a <0>public list of compromised passwords. Please try logging in from a device you’ve previously used or <1>reset your password", + "password_managed_externally": "Password settings are managed externally", + "password_reset": "Password Reset", + "password_reset_email_sent": "You have been sent an email to complete your password reset.", + "password_reset_token_expired": "Your password reset token has expired. Please request a new password reset email and follow the link there.", + "password_too_long_please_reset": "Maximum password length exceeded. Please reset your password.", + "password_updated": "Password updated", + "password_was_detected_on_a_public_list_of_known_compromised_passwords": "This password was detected on a <0>public list of known compromised passwords", + "paste_options": "Paste options", + "paste_with_formatting": "Paste with formatting", + "paste_without_formatting": "Paste without formatting", + "payment_method_accepted": "__paymentMethod__ accepted", + "payment_provider_unreachable_error": "Sorry, there was an error talking to our payment provider. Please try again in a few moments.\nIf you are using any ad or script blocking extensions in your browser, you may need to temporarily disable them.", + "payment_summary": "Payment summary", + "pdf_compile_in_progress_error": "A previous compile is still running. Please wait a minute and try compiling again.", + "pdf_compile_rate_limit_hit": "Compile rate limit hit", + "pdf_compile_try_again": "Please wait for your other compile to finish before trying again.", + "pdf_in_separate_tab": "PDF in separate tab", + "pdf_only_hide_editor": "PDF only <0>(hide editor)", + "pdf_preview_error": "There was a problem displaying the compilation results for this project.", + "pdf_rendering_error": "PDF Rendering Error", + "pdf_unavailable_for_download": "PDF unavailable for download", + "pdf_viewer": "PDF Viewer", + "pdf_viewer_error": "There was a problem displaying the PDF for this project.", + "pending": "Pending", + "pending_additional_licenses": "Your subscription is changing to include <0>__pendingAdditionalLicenses__ additional license(s) for a total of <1>__pendingTotalLicenses__ licenses.", + "pending_invite": "Pending invite", + "per_month": "per month", + "per_user": "per user", + "per_user_per_year": "per user / per year", + "per_user_year": "per user / year", + "per_year": "per year", + "percent_discount_for_groups": "__appName__ offers a __percent__% educational discount for groups of __size__ or more.", + "percent_is_the_percentage_of_the_line_width": "% is the percentage of the line width", + "personal": "Personal", + "personalized_onboarding": "Personalized onboarding", + "personalized_onboarding_info": "We’ll help you get everything set up and then we’re here to answer questions from your users about the platform, templates or LaTeX!", + "pl": "Polish", + "plan": "Plan", + "plan_tooltip": "You’re on the __plan__ plan. Click to find out how to make the most of your Overleaf premium features.", + "planned_maintenance": "Planned Maintenance", + "plans_amper_pricing": "Plans & Pricing", + "plans_and_pricing": "Plans and Pricing", + "plans_and_pricing_lowercase": "plans and pricing", + "please_ask_the_project_owner_to_upgrade_to_track_changes": "Please ask the project owner to upgrade to use track changes", + "please_change_primary_to_remove": "Please change your primary email in order to remove", + "please_check_your_inbox": "Please check your inbox", + "please_check_your_inbox_to_confirm": "Please check your email inbox to confirm your <0>__institutionName__ affiliation.", + "please_compile_pdf_before_download": "Please compile your project before downloading the PDF", + "please_compile_pdf_before_word_count": "Please compile your project before performing a word count", + "please_confirm_email": "Please confirm your email __emailAddress__ by clicking on the link in the confirmation email ", + "please_confirm_your_email_before_making_it_default": "Please confirm your email before making it the primary.", + "please_contact_support_to_makes_change_to_your_plan": "Please <0>contact support to make changes to your plan", + "please_contact_us_if_you_think_this_is_in_error": "Please <0>contact us if you think this is in error.", + "please_enter_confirmation_code": "Please enter your confirmation code", + "please_enter_email": "Please enter your email address", + "please_get_in_touch": "Please get in touch", + "please_link_before_making_primary": "Please confirm your email by linking to your institutional account before making it the primary email.", + "please_reconfirm_institutional_email": "Please take a moment to confirm your institutional email address or <0>remove it from your account.", + "please_reconfirm_your_affiliation_before_making_this_primary": "Please confirm your affiliation before making this the primary.", + "please_refresh": "Please refresh the page to continue.", + "please_request_a_new_password_reset_email_and_follow_the_link": "Please request a new password reset email and follow the link", + "please_select": "Please select", + "please_select_a_file": "Please Select a File", + "please_select_a_project": "Please Select a Project", + "please_select_an_output_file": "Please Select an Output File", + "please_set_a_password": "Please set a password", + "please_set_main_file": "Please choose the main file for this project in the project menu. ", + "please_wait": "Please wait", + "plus_additional_collaborators_document_history_track_changes_and_more": "(plus additional collaborators, document history, track changes, and more).", + "plus_more": "plus more", + "popular_tags": "Popular Tags", + "portal_add_affiliation_to_join": "It looks like you are already logged in to __appName__. If you have a __portalTitle__ email you can add it now.", + "position": "Position", + "postal_code": "Postal Code", + "powerful_latex_editor_and_realtime_collaboration": "Powerful LaTeX editor & real-time collaboration", + "powerful_latex_editor_and_realtime_collaboration_info": "Spell check, intelligent autocomplete, syntax highlighting, dozens of color themes, vim and emacs bindings, help with LaTeX warnings and error messages, and more. Everyone always has the latest version, and you can see your collaborators’ cursors and changes in real time.", + "premium_feature": "Premium feature", + "premium_features": "Premium features", + "premium_plan_label": "You’re using Overleaf Premium", + "presentation": "Presentation", + "presentation_mode": "Presentation mode", + "press_and_awards": "Press & awards", + "previous_page": "Previous page", + "price": "Price", + "primarily_work_study_question": "Where do you primarily work or study?", + "primarily_work_study_question_company": "Company", + "primarily_work_study_question_government": "Government", + "primarily_work_study_question_nonprofit_ngo": "Nonprofit or NGO", + "primarily_work_study_question_other": "Other", + "primarily_work_study_question_university_school": "University or school", + "primary_certificate": "Primary certificate", + "primary_email_check_question": "Is <0>__email__ still your email address?", + "priority_support": "Priority support", + "priority_support_info": "Our helpful Support team will prioritise and escalate your support requests where necessary.", + "privacy": "Privacy", + "privacy_and_terms": "Privacy and Terms", + "privacy_policy": "Privacy Policy", + "private": "Private", + "problem_changing_email_address": "There was a problem changing your email address. Please try again in a few moments. If the problem continues please contact us.", + "problem_talking_to_publishing_service": "There is a problem with our publishing service, please try again in a few minutes", + "problem_with_subscription_contact_us": "There is a problem with your subscription. Please contact us for more information.", + "proceed_to_paypal": "Proceed to PayPal", + "proceeding_to_paypal_takes_you_to_the_paypal_site_to_pay": "Proceeding to PayPal will take you to the PayPal site to pay for your subscription.", + "processing": "processing", + "processing_uppercase": "Processing", + "processing_your_request": "Please wait while we process your request.", + "professional": "Professional", + "progress_bar_percentage": "Progress bar from 0 to 100%", + "project": "project", + "project_approaching_file_limit": "This project is approaching the file limit", + "project_figure_modal": "Project", + "project_flagged_too_many_compiles": "This project has been flagged for compiling too often. The limit will be lifted shortly.", + "project_has_too_many_files": "This project has reached the 2000 file limit", + "project_last_published_at": "Your project was last published at", + "project_layout_sharing_submission": "Project Layout, Sharing, and Submission", + "project_name": "Project Name", + "project_not_linked_to_github": "This project is not linked to a GitHub repository. You can create a repository for it in GitHub:", + "project_owner_plus_10": "Project author + 10", + "project_ownership_transfer_confirmation_1": "Are you sure you want to make <0>__user__ the owner of <1>__project__?", + "project_ownership_transfer_confirmation_2": "This action cannot be undone. The new owner will be notified and will be able to change project access settings (including removing your own access).", + "project_renamed_or_deleted": "Project Renamed or Deleted", + "project_renamed_or_deleted_detail": "This project has either been renamed or deleted by an external data source such as Dropbox. We don’t want to delete your data on Overleaf, so this project still contains your history and collaborators. If the project has been renamed please look in your project list for a new project under the new name.", + "project_synced_with_git_repo_at": "This project is synced with the GitHub repository at", + "project_synchronisation": "Project Synchronisation", + "project_timed_out_enable_stop_on_first_error": "<0>Enable “Stop on first error” to help you find and fix errors right away.", + "project_timed_out_fatal_error": "A <0>fatal compile error may be completely blocking compilation.", + "project_timed_out_intro": "Sorry, your compile took too long to run and timed out. The most common causes of timeouts are:", + "project_timed_out_learn_more": "<0>Learn more about other causes of compile timeouts and how to fix them.", + "project_timed_out_optimize_images": "Large or high-resolution images are taking too long to process. You may be able to <0>optimize them.", + "project_too_large": "Project too large", + "project_too_large_please_reduce": "This project has too much editable text, please try and reduce it. The largest files are:", + "project_too_much_editable_text": "This project has too much editable text, please try to reduce it.", + "project_url": "Affected project URL", + "projects": "Projects", + "projects_count": "Projects count", + "projects_list": "Projects list", + "provide_details_of_your_sso_configuration": "Add, edit, or delete your Identity Provider’s SAML metadata.", + "pt": "Portuguese", + "public": "Public", + "publish": "Publish", + "publish_as_template": "Manage Template", + "publisher_account": "Publisher Account", + "publishing": "Publishing", + "pull_github_changes_into_sharelatex": "Pull GitHub changes into __appName__", + "purchase_now": "Purchase Now", + "push_sharelatex_changes_to_github": "Push __appName__ changes to GitHub", + "quoted_text_in": "Quoted text in", + "raw_logs": "Raw logs", + "raw_logs_description": "Raw logs from the LaTeX compiler", + "react_history_tutorial_content": "To compare a range of versions, use the <0> on the versions you want at the start and end of the range. To add a label or to download a version use the options in the three-dot menu. <1>Learn more about using Overleaf History.", + "react_history_tutorial_title": "History actions have a new home", + "reactivate_subscription": "Reactivate your subscription", + "read_lines_from_path": "Read lines from __path__", + "read_more": "Read more", + "read_more_about_free_compile_timeouts_servers": "Read more about changes to free compile timeouts and servers", + "read_only": "Read only", + "read_only_token": "Read-Only Token", + "read_write_token": "Read-Write Token", + "ready_to_join_x": "You’re ready to join __inviterName__", + "ready_to_join_x_in_group_y": "You’re ready to join __inviterName__ in __groupName__", + "ready_to_set_up": "Ready to set up", + "ready_to_use_templates": "Ready-to-use templates", + "real_time_track_changes": "Real-time track-changes", + "realtime_track_changes": "Real-time track changes", + "realtime_track_changes_info_v2": "Switch on track changes to see who made every change, accept or reject others’ changes, and write comments.", + "reasons_for_compile_timeouts": "Reasons for compile timeouts", + "reauthorize_github_account": "Reauthorize your GitHub Account", + "recaptcha_conditions": "The site is protected by reCAPTCHA and the Google <1>Privacy Policy and <2>Terms of Service apply.", + "recent": "Recent", + "recent_commits_in_github": "Recent commits in GitHub", + "recompile": "Recompile", + "recompile_from_scratch": "Recompile from scratch", + "recompile_pdf": "Recompile the PDF", + "reconfirm": "reconfirm", + "reconfirm_explained": "We need to reconfirm your account. Please request a password reset link via the form below to reconfirm your account. If you have any problems reconfirming your account, please contact us at", + "reconnect": "Try again", + "reconnecting": "Reconnecting", + "reconnecting_in_x_secs": "Reconnecting in __seconds__ secs", + "recurly_email_update_needed": "Your billing email address is currently <0>__recurlyEmail__. If needed you can update your billing address to <1>__userEmail__.", + "recurly_email_updated": "Your billing email address was successfully updated", + "redirect_to_editor": "Redirect to editor", + "redirect_url": "Redirect URL", + "redirecting": "Redirecting", + "reduce_costs_group_licenses": "You can cut down on paperwork and reduce costs with our discounted group licenses.", + "reference_error_relink_hint": "If this error persists, try re-linking your account here:", + "reference_managers": "Reference managers", + "reference_search": "Advanced reference search", + "reference_search_info_new": "Find your references easily—search by author, title, year, or journal.", + "reference_search_info_v2": "It’s easy to find your references - you can search by author, title, year or journal. You can still search by citation key too.", + "reference_sync": "Reference manager sync", + "refresh": "Refresh", + "refresh_page_after_linking_dropbox": "Please refresh this page after linking your account to Dropbox.", + "refresh_page_after_starting_free_trial": "Please refresh this page after starting your free trial.", + "refreshing": "Refreshing", + "regards": "Regards", + "register": "Register", + "register_error": "Registration error", + "register_for_overleaf": "Register for __appName__", + "register_intercept_sso": "You can link your __authProviderName__ account from the Account Settings page after logging in.", + "register_to_accept_invitation": "Register to accept invitation", + "register_to_edit_template": "Please register to edit the __templateName__ template", + "register_using_email": "Register using your email", + "register_using_service": "Register using __service__", + "register_with_another_email": "Register with __appName__ using another email.", + "registered": "Registered", + "registering": "Registering", + "registration_error": "Registration error", + "reject": "Reject", + "reject_all": "Reject all", + "related_tags": "Related Tags", + "relink_your_account": "Re-link your account", + "reload_editor": "Reload editor", + "remind_before_trial_ends": "We’ll remind you before your trial ends", + "remote_service_error": "The remote service produced an error", + "remove": "Remove", + "remove_access": "Remove access", + "remove_collaborator": "Remove collaborator", + "remove_from_group": "Remove from group", + "remove_link": "Remove link", + "remove_manager": "Remove manager", + "remove_or_replace_figure": "Remove or replace figure", + "remove_secondary_email_addresses": "Remove any secondary email addresses associated with your account. <0>Remove them in account settings.", + "remove_sso_login_option": "Remove the SSO login option for your users.", + "remove_tag": "Remove tag __tagName__", + "removed": "removed", + "removed_from_project": "Removed from project", + "removing": "Removing", + "rename": "Rename", + "rename_project": "Rename Project", + "renaming": "Renaming", + "reopen": "Re-open", + "replace_figure": "Replace figure", + "replace_from_another_project": "Replace from another project", + "replace_from_computer": "Replace from computer", + "replace_from_project_files": "Replace from project files", + "replace_from_url": "Replace from URL", + "reply": "Reply", + "repository_name": "Repository Name", + "republish": "Republish", + "request_new_password_reset_email": "Request a new password reset email", + "request_password_reset": "Request password reset", + "request_password_reset_to_reconfirm": "Request password reset email to reconfirm", + "request_reconfirmation_email": "Request reconfirmation email", + "request_sent_thank_you": "Message sent! Our team will review it and reply by email.", + "requesting_password_reset": "Requesting password reset", + "required": "Required", + "resend": "Resend", + "resend_confirmation_code": "Resend confirmation code", + "resend_confirmation_email": "Resend confirmation email", + "resend_email": "Resend email", + "resend_group_invite": "Resend group invite", + "resend_link_sso": "Resend SSO invite", + "resend_managed_user_invite": "Resend managed user invite", + "resending_confirmation_code": "Resending confirmation code", + "resending_confirmation_email": "Resending confirmation email", + "reset_password": "Reset Password", + "reset_password_link": "Click this link to reset your password", + "reset_your_password": "Reset your password", + "resize": "Resize", + "resolve": "Resolve", + "resolved_comments": "Resolved comments", + "restore": "Restore", + "restore_file": "Restore file", + "restore_file_confirmation_message": "Your current file will restore to the version from __date__ at __time__.", + "restore_file_confirmation_title": "Restore this version?", + "restore_file_error_message": "There was a problem restoring the file version. Please try again in a few moments. If the problem continues please contact us.", + "restore_file_error_title": "Restore File Error", + "restore_file_version": "Restore this version", + "restoring": "Restoring", + "restricted": "Restricted", + "restricted_no_permission": "Restricted, sorry you don’t have permission to load this page.", + "resync_completed": "Resync completed!", + "resync_message": "Resyncing project history can take several minutes depending on the size of the project.", + "resync_project_history": "Resync Project History", + "retry_test": "Retry test", + "return_to_login_page": "Return to Login page", + "reverse_x_sort_order": "Reverse __x__ sort order", + "revert_pending_plan_change": "Revert scheduled plan change", + "review": "Review", + "review_your_peers_work": "Review your peers’ work", + "revoke": "Revoke", + "revoke_invite": "Revoke Invite", + "right": "Right", + "ro": "Romanian", + "role": "Role", + "ru": "Russian", + "saml": "SAML", + "saml_auth_error": "Sorry, your identity provider responded with an error. Please contact your administrator for more information.", + "saml_authentication_required_error": "Other login methods have been disabled by your group administrator. Please use your group SSO login.", + "saml_create_admin_instructions": "Choose an email address for the first __appName__ admin account. This should correspond to an account in the SAML system. You will then be asked to log in with this account.", + "saml_email_not_recognized_error": "This email address isn’t set up for SSO. Please check it and try again or contact your administrator.", + "saml_identity_exists_error": "Sorry, the identity returned by your identity provider is already linked with a different Overleaf account. Please contact your administrator for more information.", + "saml_invalid_signature_error": "Sorry, the information received from your identity provider has an invalid signature. Please contact your administrator for more information.", + "saml_login_disabled_error": "Sorry, single sign-on login has been disabled for __email__. Please contact your administrator for more information.", + "saml_login_failure": "Sorry, there was a problem logging you in. Please contact your administrator for more information.", + "saml_login_identity_mismatch_error": "Sorry, you are trying to log in to Overleaf as __email__ but the identity returned by your identity provider is not the correct one for this Overleaf account.", + "saml_login_identity_not_found_error": "Sorry, we were not able to find an Overleaf account set up for single sign-on with this identity provider.", + "saml_metadata": "Overleaf SAML Metadata", + "saml_missing_signature_error": "Sorry, the information received from your identity provider is not signed (both response and assertion signatures are required). Please contact your administrator for more information.", + "saml_response": "SAML Response", + "save": "Save", + "save_20_percent": "save 20%", + "save_20_percent_by_paying_annually": "Save 20% by paying annually", + "save_30_percent_or_more": "save 30% or more", + "save_30_percent_or_more_uppercase": "Save 30% or more", + "save_or_cancel-cancel": "Cancel", + "save_or_cancel-or": "or", + "save_or_cancel-save": "Save", + "save_x_percent_or_more": "Save __percent__% or more", + "saving": "Saving", + "saving_20_percent": "Saving 20%!", + "saving_notification_with_seconds": "Saving __docname__... (__seconds__ seconds of unsaved changes)", + "search": "Search", + "search_bib_files": "Search by author, title, year", + "search_command_find": "Find", + "search_command_replace": "Replace", + "search_in_all_projects": "Search in all projects", + "search_in_archived_projects": "Search in archived projects", + "search_in_shared_projects": "Search in projects shared with you", + "search_in_trashed_projects": "Search in trashed projects", + "search_in_your_projects": "Search in your projects", + "search_match_case": "Match case", + "search_next": "next", + "search_previous": "previous", + "search_projects": "Search projects", + "search_references": "Search the .bib files in this project", + "search_regexp": "Regular expression", + "search_replace": "Replace", + "search_replace_all": "Replace All", + "search_replace_with": "Replace with", + "search_search_for": "Search for", + "search_whole_word": "Whole word", + "search_within_selection": "Within selection", + "searched_path_for_lines_containing": "Searched __path__ for lines containing \"__query__\"", + "secondary_email_password_reset": "That email is registered as a secondary email. Please enter the primary email for your account.", + "security": "Security", + "see_changes_in_your_documents_live": "See changes in your documents, live", + "select_a_column_or_a_merged_cell_to_align": "Select a column or a merged cell to align", + "select_a_column_to_adjust_column_width": "Select a column to adjust column width", + "select_a_file": "Select a File", + "select_a_file_figure_modal": "Select a file", + "select_a_group_optional": "Select a Group (optional)", + "select_a_new_owner_for_projects": "Select a new owner for this user’s projects", + "select_a_payment_method": "Select a payment method", + "select_a_project": "Select a Project", + "select_a_project_figure_modal": "Select a project", + "select_a_row_or_a_column_to_delete": "Select a row or a column to delete", + "select_all": "Select all", + "select_all_projects": "Select all projects", + "select_an_output_file": "Select an Output File", + "select_an_output_file_figure_modal": "Select an output file", + "select_cells_in_a_single_row_to_merge": "Select cells in a single row to merge", + "select_color": "Select color __name__", + "select_folder_from_project": "Select folder from project", + "select_from_output_files": "select from output files", + "select_from_project_files": "select from project files", + "select_from_source_files": "select from source files", + "select_from_your_computer": "select from your computer", + "select_github_repository": "Select a GitHub repository to import into __appName__.", + "select_image_from_project_files": "Select image from project files", + "select_monthly_plans": "Select for monthly plans", + "select_project": "Select __project__", + "select_projects": "Select Projects", + "select_tag": "Select tag __tagName__", + "select_user": "Select user", + "selected": "Selected", + "selected_by_overleaf_staff": "Selected by Overleaf staff", + "selected_by_overleaf_staff_description": "These templates were hand-picked by Overleaf staff for their high quality and positive feedback received from the Overleaf community over the years.", + "selection_deleted": "Selection deleted", + "send": "Send", + "send_first_message": "Send your first message to your collaborators", + "send_message": "Send message", + "send_test_email": "Send a test email", + "sending": "Sending", + "sent": "Sent", + "september": "September", + "server_error": "Server Error", + "server_pro_license_entitlement_line_1": "<0>__appName__ Server Pro license", + "server_pro_license_entitlement_line_2": "You currently have <0>__count__ active users. If you need to increase your license entitlement, please <1>contact Overleaf.", + "server_pro_license_entitlement_line_3": "An active user is one who has opened a project in this Server Pro instance in the last 12 months.", + "services": "Services", + "session_created_at": "Session Created At", + "session_error": "Session error. Please check you have cookies enabled. If the problem persists, try clearing your cache and cookies.", + "session_expired_redirecting_to_login": "Session Expired. Redirecting to login page in __seconds__ seconds", + "sessions": "Sessions", + "set_color": "set color", + "set_column_width": "Set column width", + "set_new_password": "Set new password", + "set_password": "Set Password", + "set_up_single_sign_on": "Set up single sign-on (SSO)", + "set_up_sso": "Set up SSO", + "settings": "Settings", + "setup_another_account_under_a_personal_email_address": "Set up another Overleaf account under a personal email address.", + "share": "Share", + "share_project": "Share Project", + "share_with_your_collabs": "Share with your collaborators", + "shared_with_you": "Shared with you", + "sharelatex_beta_program": "__appName__ Beta Program", + "shortcut_to_open_advanced_reference_search": "(__ctrlSpace__ or __altSpace__)", + "show_all": "show all", + "show_all_projects": "Show all projects", + "show_document_preamble": "Show document preamble", + "show_hotkeys": "Show Hotkeys", + "show_in_code": "Show in code", + "show_in_pdf": "Show in PDF", + "show_less": "show less", + "show_local_file_contents": "Show Local File Contents", + "show_outline": "Show File outline", + "show_x_more_projects": "Show __x__ more projects", + "show_your_support": "Show your support", + "showing_1_result": "Showing 1 result", + "showing_1_result_of_total": "Showing 1 result of __total__", + "showing_x_out_of_n_projects": "Showing __x__ out of __n__ projects.", + "showing_x_results": "Showing __x__ results", + "showing_x_results_of_total": "Showing __x__ results of __total__", + "sign_up": "Sign up", + "single_sign_on_sso": "Single Sign-On (SSO)", + "site_description": "An online LaTeX editor that’s easy to use. No installation, real-time collaboration, version control, hundreds of LaTeX templates, and more.", + "sitewide_option_available": "Site-wide option available", + "sitewide_option_available_info": "Users are automatically upgraded when they register or add their email address to Overleaf (domain-based enrollment or SSO).", + "skip": "Skip", + "skip_to_content": "Skip to content", + "something_not_right": "Something’s not right", + "something_went_wrong": "Something went wrong", + "something_went_wrong_canceling_your_subscription": "Something went wrong canceling your subscription. Please contact support.", + "something_went_wrong_loading_pdf_viewer": "Something went wrong loading the PDF viewer. This might be caused by issues like <0>temporary network problems or an <0>outdated web browser. Please follow the <1>troubleshooting steps for access, loading and display problems. If the issue persists, please <2>let us know.", + "something_went_wrong_processing_the_request": "Something went wrong processing the request", + "something_went_wrong_rendering_pdf": "Something went wrong while rendering this PDF.", + "something_went_wrong_rendering_pdf_expected": "There was an issue displaying this PDF. <0>Please recompile", + "something_went_wrong_server": "Something went wrong. Please try again.", + "somthing_went_wrong_compiling": "Sorry, something went wrong and your project could not be compiled. Please try again in a few moments.", + "sorry_detected_sales_restricted_region": "Sorry, we’ve detected that you are in a region from which we cannot presently accept payments. If you think you’ve received this message in error, please contact us with details of your location, and we will look into this for you. We apologize for the inconvenience.", + "sorry_it_looks_like_that_didnt_work_this_time": "Sorry! It looks like that didn’t work this time. Please try again.", + "sorry_something_went_wrong_opening_the_document_please_try_again": "Sorry, an unexpected error occurred when trying to open this content on Overleaf. Please try again.", + "sorry_the_connection_to_the_server_is_down": "Sorry, the connection to the server is down.", + "sorry_there_are_no_experiments": "Sorry, there are no experiments currently running in Overleaf Labs.", + "sorry_this_account_has_been_suspended": "Sorry, this account has been suspended.", + "sorry_your_table_cant_be_displayed_at_the_moment": "Sorry, your table can’t be displayed at the moment.", + "sorry_your_token_expired": "Sorry, your token expired", + "sort_by": "Sort by", + "sort_by_x": "Sort by __x__", + "source": "Source", + "spell_check": "Spell check", + "sso": "SSO", + "sso_account_already_linked": "Account already linked to another __appName__ user", + "sso_active": "SSO active", + "sso_already_setup_good_to_go": "Single sign-on is already set up on your account, so you’re good to go.", + "sso_config_deleted": "SSO configuration deleted", + "sso_config_prop_help_certificate": "Base64 encoded certificate without whitespace", + "sso_config_prop_help_first_name": "The SAML attribute that specifies the user’s first name", + "sso_config_prop_help_last_name": "The SAML attribute that specifies the user’s last name", + "sso_config_prop_help_redirect_url": "The single sign-on redirect URL provided by your IdP (sometimes called the single sign-on service HTTP-redirect location)", + "sso_config_prop_help_user_id": "The SAML attribute provided by your IdP that identifies each user", + "sso_configuration": "SSO configuration", + "sso_configuration_not_finalized": "Your configuration has not been finalized.", + "sso_configuration_saved": "SSO configuration has been saved", + "sso_disabled_by_group_admin": "SSO has been disabled by your group administrator. You can still log in and use Overleaf as you normally would.", + "sso_error_audience_mismatch": "The Service Provider entity ID configured in your IdP does not match the one provided in our metadata. Please contact your IT department for more information.", + "sso_error_idp_error": "Your identity provider responded with an error.", + "sso_error_invalid_external_user_id": "The SAML attribute provided by your IdP that uniquely identifies your user has an invalid format, a string is expected. Attribute: <0>__expecting__", + "sso_error_invalid_signature": "Sorry, the information received from your identity provider has an invalid signature.", + "sso_error_missing_external_user_id": "The SAML attribute provided by your IdP that uniquely identifies your user is either missing or under a different name than the one you configured. Expecting: <0>__expecting__", + "sso_error_missing_firstname_attribute": "The SAML attribute that specifies the user’s first name is either missing or under a different name than the one you configured. Expecting: <0>__expecting__", + "sso_error_missing_lastname_attribute": "The SAML attribute that specifies the user’s last name is either missing or under a different name than the one you configured. Expecting: <0>__expecting__", + "sso_error_missing_signature": "Sorry, the information received from your identity provider is not signed (both response and assertion signatures are required).", + "sso_error_response_already_processed": "The SAML response’s InResponseTo is invalid. This can happen if it either didn’t match that of the SAML request, or the login took too long to process and the request has expired.", + "sso_explanation": "Set up single sign-on for your group. This sign in method will be optional for group members unless Managed Users is enabled. <0>Learn more about Overleaf Group SSO.", + "sso_here_is_the_data_we_received": "Here is the data we received in the SAML response:", + "sso_integration": "SSO integration", + "sso_integration_info": "Overleaf offers a standard SAML-based Single Sign On integration.", + "sso_is_disabled": "SSO is disabled", + "sso_is_disabled_explanation_1": "Group members won’t be able to log in via SSO", + "sso_is_disabled_explanation_2": "All members of the group will need a username and password to log in to __appName__", + "sso_is_enabled": "SSO is enabled", + "sso_is_enabled_explanation_1": "Group members will <0>only be able to sign in via SSO after linking their accounts with your IdP.", + "sso_is_enabled_explanation_1_sso_only": "Group members will have the option to sign in via SSO.", + "sso_is_enabled_explanation_2": "If there are any problems with the configuration, only you (as the group administrator) will be able to disable SSO.", + "sso_link_account_with_idp": "Your group uses SSO. This means we need to authenticate your account with the group identity provider. Click <0>Set up SSO to authenticate now.", + "sso_link_error": "Error linking account", + "sso_link_invite_has_been_sent_to_email": "An SSO invite reminder has been sent to <0>__email__", + "sso_login": "SSO login", + "sso_logs": "SSO Logs", + "sso_not_active": "SSO not active", + "sso_not_linked": "You have not linked your account to __provider__. Please log in to your account another way and link your __provider__ account via your account settings.", + "sso_reauth_request": "SSO reauthentication request has been sent to <0>__email__", + "sso_test_interstitial_info_1": "<0>Before starting this test, please ensure you’ve <1>configured Overleaf as a Service Provider in your IdP, and authorized access to the Overleaf service.", + "sso_test_interstitial_info_2": "Clicking <0>Test configuration will redirect you to your IdP’s login screen. <1>Read our documentation for full details of what happens during the test. And check our <2>SSO troubleshooting advice if you get stuck.", + "sso_test_interstitial_title": "Let’s test your SSO configuration", + "sso_test_result_error_message": "The test hasn’t worked this time, but don’t worry — errors can usually be quickly addressed by adjusting the configuration settings. Our <0>SSO troubleshooting guide provides help with some of the common causes of testing errors.", + "sso_title": "Single sign-on", + "sso_user_denied_access": "Cannot log in because __appName__ was not granted access to your __provider__ account. Please try again.", + "sso_user_explanation_enabled_with_admin_email": "Your group administered by <0>__adminEmail__ has SSO enabled so you can log in without needing to remember a password.", + "sso_user_explanation_enabled_with_group_name": "Your group <0>__groupName__ has SSO enabled so you can log in without needing to remember a password.", + "sso_user_explanation_ready_with_admin_email": "Your group administered by <0>__adminEmail__ has SSO enabled so you can log in without needing to remember a password. Click <1>__buttonText__ to get started.", + "sso_user_explanation_ready_with_group_name": "Your group <0>__groupName__ has SSO enabled so you can log in without needing to remember a password. Click <1>__buttonText__ to get started.", + "standard": "Standard", + "start_a_free_trial": "Start a free trial", + "start_by_adding_your_email": "Start by adding your email address.", + "start_by_fixing_the_first_error_in_your_doc": "Start by fixing the first error in your doc to avoid problems later on.", + "start_free_trial": "Start Free Trial!", + "start_free_trial_without_exclamation": "Start Free Trial", + "start_typing_find_your_company": " Start typing to find your company", + "start_typing_find_your_organization": "Start typing to find your organization", + "start_typing_find_your_university": "Start typing to find your university", + "state": "State", + "status_checks": "Status Checks", + "still_have_questions": "Still have questions?", + "stop_compile": "Stop compilation", + "stop_on_first_error": "Stop on first error", + "stop_on_first_error_enabled_description": "<0>“Stop on first error” is enabled. Disabling it may allow the compiler to produce a PDF (but your project will still have errors).", + "stop_on_first_error_enabled_title": "No PDF: Stop on first error enabled", + "stop_on_validation_error": "Check syntax before compile", + "store_your_work": "Store your work on your own infrastructure", + "stretch_width_to_text": "Stretch width to text", + "student": "Student", + "student_and_faculty_support_make_difference": "Student and faculty support make a difference! We can share this information with our contacts at your university when discussing an Overleaf institutional account.", + "student_disclaimer": "The educational discount applies to all students at secondary and postsecondary institutions (schools and universities). We may contact you to confirm that you’re eligible for the discount.", + "student_plans": "Student Plans", + "students": "Students", + "subject": "Subject", + "subject_area": "Subject area", + "subject_to_additional_vat": "Prices may be subject to additional VAT, depending on your country.", + "submit": "submit", + "submit_title": "Submit", + "subscribe": "Subscribe", + "subscribe_to_find_the_symbols_you_need_faster": "Subscribe to find the symbols you need faster", + "subscription": "Subscription", + "subscription_admin_panel": "admin panel", + "subscription_admins_cannot_be_deleted": "You cannot delete your account while on a subscription. Please cancel your subscription and try again. If you keep seeing this message please contact us.", + "subscription_canceled": "Subscription Canceled", + "subscription_canceled_and_terminate_on_x": " Your subscription has been canceled and will terminate on <0>__terminateDate__. No further payments will be taken.", + "subscription_will_remain_active_until_end_of_billing_period_x": "Your subscription will remain active until the end of your billing period, <0>__terminationDate__.", + "subscription_will_remain_active_until_end_of_trial_period_x": "Your subscription will remain active until the end of your trial period, <0>__terminationDate__.", + "success_sso_set_up": "Success! Single sign-on is all set up for you.", + "suggest_a_different_fix": "Suggest a different fix", + "suggest_fix": "Suggest fix", + "suggested": "Suggested", + "suggested_fix_for_error_in_path": "Suggested fix for error in __path__", + "suggestion": "Suggestion", + "suggestion_applied": "Suggestion applied", + "support": "Support", + "sure_you_want_to_cancel_plan_change": "Are you sure you want to revert your scheduled plan change? You will remain subscribed to the <0>__planName__ plan.", + "sure_you_want_to_change_plan": "Are you sure you want to change plan to <0>__planName__?", + "sure_you_want_to_delete": "Are you sure you want to permanently delete the following files?", + "sure_you_want_to_leave_group": "Are you sure you want to leave this group?", + "sv": "Swedish", + "switch_to_editor": "Switch to editor", + "switch_to_pdf": "Switch to PDF", + "symbol_palette": "Symbol palette", + "symbol_palette_highlighted": "<0>Symbol palette", + "symbol_palette_info": "A quick and convenient way to insert math symbols into your document.", + "symbol_palette_info_new": "Insert math symbols into your document with the click of a button.", + "sync": "Sync", + "sync_dropbox_github": "Sync with Dropbox and GitHub", + "sync_project_to_github_explanation": "Any changes you have made in __appName__ will be committed and merged with any updates in GitHub.", + "sync_to_dropbox": "Sync to Dropbox", + "sync_to_github": "Sync to GitHub", + "synctex_failed": "Couldn’t find the corresponding source file", + "syntax_validation": "Code check", + "tab_connecting": "Connecting with the editor", + "tab_no_longer_connected": "This tab is no longer connected with the editor", + "tag_color": "Tag color", + "tag_name_cannot_exceed_characters": "Tag name cannot exceed __maxLength__ characters", + "tag_name_is_already_used": "Tag \"__tagName__\" already exists", + "tags": "Tags", + "take_me_home": "Take me home!", + "take_short_survey": "Take a short survey", + "take_survey": "Take survey", + "tc_everyone": "Everyone", + "tc_guests": "Guests", + "tc_switch_everyone_tip": "Toggle track-changes for everyone", + "tc_switch_guests_tip": "Toggle track-changes for all link-sharing guests", + "tc_switch_user_tip": "Toggle track-changes for this user", + "tell_the_project_owner_and_ask_them_to_upgrade": "<0>Tell the project owner and ask them to upgrade their Overleaf plan if you need more compile time.", + "template": "Template", + "template_approved_by_publisher": "This template has been approved by the publisher", + "template_description": "Template Description", + "template_gallery": "Template Gallery", + "template_not_found_description": "This way of creating projects from templates has been removed. Please visit our template gallery to find more templates.", + "template_title_taken_from_project_title": "The template title will be taken automatically from the project title", + "template_top_pick_by_overleaf": "This template was hand-picked by Overleaf staff for its high quality", + "templates": "Templates", + "templates_admin_source_project": "Admin: Source Project", + "templates_page_summary": "Start your projects with quality LaTeX templates for journals, CVs, resumes, papers, presentations, assignments, letters, project reports, and more. Search or browse below.", + "templates_page_title": "Templates - Journals, CVs, Presentations, Reports and More", + "ten_collaborators_per_project": "10 collaborators per project", + "ten_per_project": "10 per project", + "terminated": "Compilation cancelled", + "terms": "Terms", + "test": "Test", + "test_configuration": "Test configuration", + "test_configuration_successful": "Test configuration successful", + "tex_live_version": "TeX Live version", + "thank_you": "Thank you!", + "thank_you_email_confirmed": "Thank you, your email is now confirmed", + "thank_you_exclamation": "Thank you!", + "thank_you_for_being_part_of_our_beta_program": "Thank you for being part of our Beta Program, where you can have <0>early access to new features and help us understand your needs better", + "thank_you_for_your_feedback": "Thank you for your feedback!", + "thanks": "Thanks", + "thanks_for_confirming_your_email_address": "Thanks for confirming your email address", + "thanks_for_subscribing": "Thanks for subscribing!", + "thanks_for_subscribing_you_help_sl": "Thank you for subscribing to the __planName__ plan. It’s support from people like yourself that allows __appName__ to continue to grow and improve.", + "thanks_settings_updated": "Thanks, your settings have been updated.", + "the_file_supplied_is_of_an_unsupported_type ": "The link to open this content on Overleaf pointed to the wrong kind of file. Valid file types are .tex documents and .zip files. If this keeps happening for links on a particular site, please report this to them.", + "the_following_files_already_exist_in_this_project": "The following files already exist in this project:", + "the_following_folder_already_exists_in_this_project": "The following folder already exists in this project:", + "the_following_folder_already_exists_in_this_project_plural": "The following folders already exist in this project:", + "the_original_text_has_changed": "The original text has changed, so this suggestion can’t be applied", + "the_project_that_contains_this_file_is_not_shared_with_you": "The project that contains this file is not shared with you", + "the_requested_conversion_job_was_not_found": "The link to open this content on Overleaf specified a conversion job that could not be found. It’s possible that the job has expired and needs to be run again. If this keeps happening for links on a particular site, please report this to them.", + "the_requested_publisher_was_not_found": "The link to open this content on Overleaf specified a publisher that could not be found. If this keeps happening for links on a particular site, please report this to them.", + "the_required_parameters_were_not_supplied": "The link to open this content on Overleaf was missing some required parameters. If this keeps happening for links on a particular site, please report this to them.", + "the_supplied_parameters_were_invalid": "The link to open this content on Overleaf included some invalid parameters. If this keeps happening for links on a particular site, please report this to them.", + "the_supplied_uri_is_invalid": "The link to open this content on Overleaf included an invalid URI. If this keeps happening for links on a particular site, please report this to them.", + "the_target_folder_could_not_be_found": "The target folder could not be found.", + "the_width_you_choose_here_is_based_on_the_width_of_the_text_in_your_document": "The width you choose here is based on the width of the text in your document. Alternatively, you can customize the image size directly in the LaTeX code.", + "their_projects_will_be_transferred_to_another_user": "Their projects will all be transferred to another user of your choice", + "theme": "Theme", + "then_x_price_per_month": "Then __price__ per month", + "then_x_price_per_year": "Then __price__ per year", + "there_are_lots_of_options_to_edit_and_customize_your_figures": "There are lots of options to edit and customize your figures, such as wrapping text around the figure, rotating the image, or including multiple images in a single figure. You’ll need to edit the LaTeX code to do this. <0>Find out how", + "there_was_an_error_opening_your_content": "There was an error creating your project", + "thesis": "Thesis", + "they_lose_access_to_account": "They lose all access to this Overleaf account immediately", + "this_action_cannot_be_reversed": "This action cannot be reversed.", + "this_action_cannot_be_undone": "This action cannot be undone.", + "this_address_will_be_shown_on_the_invoice": "This address will be shown on the invoice", + "this_could_be_because_we_cant_support_some_elements_of_the_table": "This could be because we can’t yet support some elements of the table in the table preview. Or there may be an error in the table’s LaTeX code.", + "this_field_is_required": "This field is required", + "this_grants_access_to_features_2": "This grants you access to <0>__appName__ <0>__featureType__ features.", + "this_is_a_labs_experiment": "This is a Labs experiment", + "this_is_your_template": "This is your template from your project", + "this_project_exceeded_compile_timeout_limit_on_free_plan": "This project exceeded the compile timeout limit on our free plan.", + "this_project_has_more_than_max_collabs": "This project has more than the maximum number of collaborators allowed on the project owner’s Overleaf plan. This means you could lose edit access from __linkSharingDate__.", + "this_project_is_public": "This project is public and can be edited by anyone with the URL.", + "this_project_is_public_read_only": "This project is public and can be viewed but not edited by anyone with the URL", + "this_project_will_appear_in_your_dropbox_folder_at": "This project will appear in your Dropbox folder at ", + "this_tool_helps_you_insert_figures": "This tool helps you insert figures into your project without needing to write the LaTeX code. The following information explains more about the options in the tool and how to further customize your figures.", + "this_tool_helps_you_insert_simple_tables_into_your_project_without_writing_latex_code_give_feedback": "This tool helps you insert simple tables into your project without writing LaTeX code. This tool is new, so please <0>give us feedback and look out for additional functionality coming soon.", + "this_was_helpful": "This was helpful", + "this_wasnt_helpful": "This wasn’t helpful", + "thousands_templates": "Thousands of templates", + "thousands_templates_info": "Produce beautiful documents starting from our gallery of LaTeX templates for journals, conferences, theses, reports, CVs and much more.", + "three_free_collab": "Three free collaborators", + "timedout": "Timed out", + "tip": "Tip", + "title": "Title", + "to_add_email_accounts_need_to_be_linked_2": "To add this email, your <0>__appName__ and <0>__institutionName__ accounts will need to be linked.", + "to_add_more_collaborators": "To add more collaborators or turn on link sharing, please ask the project owner", + "to_change_access_permissions": "To change access permissions, please ask the project owner", + "to_confirm_email_address_you_must_be_logged_in_with_the_requesting_account": "To confirm an email address, you must be logged in with the Overleaf account that requested the new secondary email.", + "to_confirm_transfer_enter_email_address": "To accept the invitation, enter the email address linked to your account.", + "to_confirm_unlink_all_users_enter_email": "To confirm you want to unlink all users, enter your email address:", + "to_fix_this_you_can": "To fix this, you can:", + "to_fix_this_you_can_ask_the_github_repository_owner": "To fix this, you can ask the GitHub repository owner (<0>__repoOwnerEmail__) to renew their __appName__ subscription and reconnect the project.", + "to_insert_or_move_a_caption_make_sure_tabular_is_directly_within_table": "To insert or move a caption, make sure \\begin{tabular} is directly within a table environment", + "to_keep_edit_access": "To keep edit access, ask the project owner to upgrade their plan or reduce the number of people with edit access.", + "to_many_login_requests_2_mins": "This account has had too many login requests. Please wait 2 minutes before trying to log in again", + "to_modify_your_subscription_go_to": "To modify your subscription go to", + "to_use_text_wrapping_in_your_table_make_sure_you_include_the_array_package": "<0>Please note: To use text wrapping in your table, make sure you include the <1>array package in your document preamble:", + "toggle_compile_options_menu": "Toggle compile options menu", + "token": "token", + "token_access_failure": "Cannot grant access; contact the project owner for help", + "token_limit_reached": "You’ve reached the 10 token limit. To generate a new authentication token, please delete an existing one.", + "token_read_only": "token read-only", + "token_read_write": "token read-write", + "too_many_attempts": "Too many attempts. Please wait for a while and try again.", + "too_many_comments_or_tracked_changes": "Too many comments or tracked changes", + "too_many_comments_or_tracked_changes_detail": "Sorry, this file has too many comments or tracked changes. Please try accepting or rejecting some existing changes, or resolving and deleting some comments.", + "too_many_confirm_code_resend_attempts": "Too many attempts. Please wait 1 minute then try again.", + "too_many_confirm_code_verification_attempts": "Too many verification attempts. Please wait 1 minute then try again.", + "too_many_files_uploaded_throttled_short_period": "Too many files uploaded, your uploads have been throttled for a short period. Please wait 15 minutes and try again.", + "too_many_requests": "Too many requests were received in a short space of time. Please wait for a few moments and try again.", + "too_many_search_results": "There are more than 100 results. Please refine your search.", + "too_recently_compiled": "This project was compiled very recently, so this compile has been skipped.", + "took_a_while": "That took a while...", + "toolbar_bullet_list": "Bullet List", + "toolbar_choose_section_heading_level": "Choose section heading level", + "toolbar_decrease_indent": "Decrease Indent", + "toolbar_format_bold": "Format Bold", + "toolbar_format_italic": "Format Italic", + "toolbar_increase_indent": "Increase Indent", + "toolbar_insert_citation": "Insert Citation", + "toolbar_insert_cross_reference": "Insert Cross-reference", + "toolbar_insert_display_math": "Insert Display Math", + "toolbar_insert_figure": "Insert Figure", + "toolbar_insert_inline_math": "Insert Inline Math", + "toolbar_insert_link": "Insert Link", + "toolbar_insert_math": "Insert Math", + "toolbar_insert_table": "Insert Table", + "toolbar_numbered_list": "Numbered List", + "toolbar_redo": "Redo", + "toolbar_table_insert_size_table": "Insert __size__ table", + "toolbar_table_insert_table_lowercase": "Insert table", + "toolbar_toggle_symbol_palette": "Toggle Symbol Palette", + "toolbar_undo": "Undo", + "tooltip_hide_filetree": "Click to hide the file tree", + "tooltip_hide_pdf": "Click to hide the PDF", + "tooltip_show_filetree": "Click to show the file tree", + "tooltip_show_pdf": "Click to show the PDF", + "top_pick": "Top pick", + "total": "Total", + "total_per_month": "Total per month", + "total_per_year": "Total per year", + "total_per_year_for_x_users": "total per year for __licenseSize__ users", + "total_with_subtotal_and_tax": "Total: <0>__total__ (__subtotal__ + __tax__ tax) per year", + "total_words": "Total Words", + "tr": "Turkish", + "track_any_change_in_real_time": "Track any change, in real-time", + "track_changes": "Track changes", + "track_changes_for_everyone": "Track changes for everyone", + "track_changes_for_x": "Track changes for __name__", + "track_changes_is_off": "Track changes is off", + "track_changes_is_on": "Track changes is on", + "tracked_change_added": "Added", + "tracked_change_deleted": "Deleted", + "transfer_management_of_your_account": "Transfer management of your Overleaf account", + "transfer_management_of_your_account_to_x": "Transfer management of your Overleaf account to __groupName__", + "transfer_management_resolve_following_issues": "To transfer the management of your account, you need to resolve the following issues:", + "transfer_this_users_projects": "Transfer this user’s projects", + "transfer_this_users_projects_description": "This user’s projects will be transferred to a new owner.", + "transferring": "Transferring", + "trash": "Trash", + "trash_projects": "Trash Projects", + "trashed": "Trashed", + "trashed_projects": "Trashed Projects", + "trashing_projects_wont_affect_collaborators": "Trashing projects won’t affect your collaborators.", + "trial_last_day": "This is the last day of your Overleaf Premium trial", + "trial_remaining_days": "__days__ more days on your Overleaf Premium trial", + "tried_to_log_in_with_email": "You’ve tried to log in with __email__.", + "tried_to_register_with_email": "You’ve tried to register with __email__, which is already registered with __appName__ as an institutional account.", + "troubleshooting_tip": "Troubleshooting tip", + "try_again": "Please try again", + "try_for_free": "Try for free", + "try_it_for_free": "Try it for free", + "try_now": "Try Now", + "try_premium_for_free": "Try Premium for free", + "try_recompile_project_or_troubleshoot": "Please try recompiling the project from scratch, and if that doesn’t help, follow our <0>troubleshooting guide.", + "try_relinking_provider": "It looks like you need to re-link your __provider__ account.", + "try_to_compile_despite_errors": "Try to compile despite errors", + "try_writefull": "Try Writefull", + "turn_off": "Turn off", + "turn_off_link_sharing": "Turn off link sharing", + "turn_on": "Turn on", + "turn_on_link_sharing": "Turn on link sharing", + "tutorials": "Tutorials", + "two_users": "2 users", + "uk": "Ukrainian", + "unable_to_extract_the_supplied_zip_file": "Opening this content on Overleaf failed because the zip file could not be extracted. Please ensure that it is a valid zip file. If this keeps happening for links on a particular site, please report this to them.", + "unarchive": "Restore", + "uncategorized": "Uncategorized", + "uncategorized_projects": "Uncategorized Projects", + "unconfirmed": "Unconfirmed", + "undelete": "Undelete", + "undeleting": "Undeleting", + "understanding_labels": "Understanding labels", + "unfold_line": "Unfold line", + "unique_identifier_attribute": "Unique identifier attribute", + "university": "University", + "university_school": "University or school name", + "unknown": "Unknown", + "unlimited": "Unlimited", + "unlimited_bold": "<0>Unlimited", + "unlimited_collaborators_in_each_project": "Unlimited collaborators in each project", + "unlimited_collaborators_per_project": "Unlimited collaborators per project", + "unlimited_collabs": "Unlimited collaborators", + "unlimited_collabs_rt": "<0>Unlimited collaborators", + "unlimited_projects": "Unlimited projects", + "unlimited_projects_info": "Your projects are private by default. This means that only you can view them, and only you can allow other people to access them.", + "unlink": "Unlink", + "unlink_all_users": "Unlink all users", + "unlink_all_users_explanation": "You’re about to remove the SSO login option for all users in your group. If SSO is enabled, this will force users to reauthenticate their Overleaf accounts with your IdP. They’ll receive an email asking them to do this.", + "unlink_dropbox_folder": "Unlink Dropbox Account", + "unlink_dropbox_warning": "Any projects that you have synced with Dropbox will be disconnected and no longer kept in sync with Dropbox. Are you sure you want to unlink your Dropbox account?", + "unlink_github_repository": "Unlink GitHub repository", + "unlink_github_warning": "Any projects that you have synced with GitHub will be disconnected and no longer kept in sync with GitHub. Are you sure you want to unlink your GitHub account?", + "unlink_linked_accounts": "Unlink any linked accounts (such as ORCID ID, IEEE). <0>Remove them in Account Settings (under Linked Accounts).", + "unlink_linked_google_account": "Unlink your Google account. <0>Remove it in Account Settings (under Linked Accounts).", + "unlink_provider_account_title": "Unlink __provider__ Account", + "unlink_provider_account_warning": "Warning: When you unlink your account from __provider__ you will not be able to sign in using __provider__ anymore.", + "unlink_reference": "Unlink References Provider", + "unlink_the_project_from_the_current_github_repo": "Unlink the project from the current GitHub repository and create a connection to a repository you own. (You need an active __appName__ subscription to set up a GitHub Sync).", + "unlink_user": "Unlink user", + "unlink_user_explanation": "You’re about to remove the SSO login option for <0>__email__. This will force them to reauthenticate their Overleaf account with your IdP. They’ll receive an email asking them to do this.", + "unlink_users": "Unlink users", + "unlink_warning_reference": "Warning: When you unlink your account from this provider you will not be able to import references into your projects.", + "unlinking": "Unlinking", + "unmerge_cells": "Unmerge cells", + "unpublish": "Unpublish", + "unpublishing": "Unpublishing", + "unsubscribe": "Unsubscribe", + "unsubscribed": "Unsubscribed", + "unsubscribing": "Unsubscribing", + "untrash": "Restore", + "up_to": "Up to", + "update": "Update", + "update_account_info": "Update Account Info", + "update_dropbox_settings": "Update Dropbox Settings", + "update_your_billing_details": "Update Your Billing Details", + "updates_to_project_sharing": "Updates to project sharing", + "updating": "Updating", + "updating_site": "Updating Site", + "upgrade": "Upgrade", + "upgrade_cc_btn": "Upgrade now, pay after 7 days", + "upgrade_for_12x_more_compile_time": "Upgrade to get 12x more compile time", + "upgrade_now": "Upgrade Now", + "upgrade_to_add_more_editors": "Upgrade to add more editors to your project", + "upgrade_to_get_feature": "Upgrade to get __feature__, plus:", + "upgrade_to_track_changes": "Upgrade to track changes", + "upload": "Upload", + "upload_failed": "Upload failed", + "upload_from_computer": "Upload from computer", + "upload_project": "Upload Project", + "upload_zipped_project": "Upload Zipped Project", + "url_to_fetch_the_file_from": "URL to fetch the file from", + "usage_metrics": "Usage metrics", + "usage_metrics_info": "Metrics that show how many users are accessing the licence, how many projects are being created and worked on, and how much collaboration is happening in Overleaf.", + "use_a_different_password": "Please use a different password", + "use_saml_metadata_to_configure_sso_with_idp": "Use the Overleaf SAML metadata to configure SSO with your Identity Provider.", + "use_your_own_machine": "Use your own machine, with your own setup", + "used_latex_before": "Have you ever used LaTeX before?", + "used_latex_response_never": "No, never", + "used_latex_response_occasionally": "Yes, occasionally", + "used_latex_response_often": "Yes, very often", + "used_when_referring_to_the_figure_elsewhere_in_the_document": "Used when referring to the figure elsewhere in the document", + "user_already_added": "User already added", + "user_deletion_error": "Sorry, something went wrong deleting your account. Please try again in a minute.", + "user_deletion_password_reset_tip": "If you cannot remember your password, or if you are using Single-Sign-On with another provider to sign in (such as ORCID or Google), please <0>reset your password and try again.", + "user_first_name_attribute": "User first name attribute", + "user_is_not_part_of_group": "User is not part of group", + "user_last_name_attribute": "User last name attribute", + "user_management": "User management", + "user_management_info": "Group plan admins have access to an admin panel where users can be added and removed easily. For site-wide plans, users are automatically upgraded when they register or add their email address to Overleaf (domain-based enrollment or SSO).", + "user_not_found": "User not found", + "user_sessions": "User Sessions", + "user_wants_you_to_see_project": "__username__ would like you to join __projectname__", + "using_latex": "Using LaTeX", + "using_premium_features": "Using premium features", + "using_the_overleaf_editor": "Using the __appName__ Editor", + "valid": "Valid", + "valid_sso_configuration": "Valid SSO configuration", + "validation_issue_entry_description": "A validation issue which prevented this project from compiling", + "vat": "VAT", + "vat_number": "VAT Number", + "verify_email_address_before_enabling_managed_users": "You need to verify your email address before enabling managed users.", + "view_all": "View All", + "view_code": "View code", + "view_configuration": "View configuration", + "view_group_members": "View group members", + "view_hub": "View Admin Hub", + "view_hub_subtext": "Access and download subscription statistics and a list of users", + "view_in_template_gallery": "View it in the template gallery", + "view_invitation": "View Invitation", + "view_labs_experiments": "View Labs Experiments", + "view_less": "View less", + "view_logs": "View logs", + "view_metrics": "View metrics", + "view_metrics_commons_subtext": "Monitor and download usage metrics for your Commons subscription", + "view_metrics_group_subtext": "Monitor and download usage metrics for your group subscription", + "view_more": "View more", + "view_options": "View options", + "view_pdf": "View PDF", + "view_source": "View Source", + "view_your_invoices": "View Your Invoices", + "viewer": "Viewer", + "viewing_x": "Viewing <0>__endTime__", + "visual_editor": "Visual Editor", + "visual_editor_is_only_available_for_tex_files": "Visual Editor is only available for TeX files", + "want_change_to_apply_before_plan_end": "If you wish this change to apply before the end of your current billing period, please contact us.", + "we_are_unable_to_opt_you_into_this_experiment": "We are unable to opt you into this experiment at this time, please ensure your organization has allowed this feature, or try again later.", + "we_cant_confirm_this_email": "We can’t confirm this email", + "we_cant_find_any_sections_or_subsections_in_this_file": "We can’t find any sections or subsections in this file", + "we_do_not_share_personal_information": "See our <0>Privacy Notice for details of how we treat your personal data", + "we_logged_you_in": "We have logged you in.", + "we_may_also_contact_you_from_time_to_time_by_email_with_a_survey": "<0>We may also contact you from time to time by email with a survey, or to see if you would like to participate in other user research initiatives", + "we_sent_new_code": "We’ve sent a new code. If it doesn’t arrive, make sure to check your spam and any promotions folders.", + "webinars": "Webinars", + "website_status": "Website status", + "wed_love_you_to_stay": "We’d love you to stay", + "welcome_to_sl": "Welcome to __appName__", + "were_making_some_changes_to_project_sharing_this_means_you_will_be_visible": "We’re making some <0>changes to project sharing. This means, as someone with edit access, your name and email address will be visible to the project owner and other editors.", + "were_performing_maintenance": "We’re performing maintenance on Overleaf and you need to wait a moment. Sorry for any inconvenience. The editor will refresh automatically in __seconds__ seconds.", + "weve_recently_reduced_the_compile_timeout_limit_which_may_have_affected_this_project": "We’ve recently <0>reduced the compile timeout limit on our free plan, which may have affected this project.", + "weve_recently_reduced_the_compile_timeout_limit_which_may_have_affected_your_project": "We’ve recently <0>reduced the compile timeout limit on our free plan, which may have affected your project.", + "what_do_you_need": "What do you need?", + "what_do_you_need_help_with": "What do you need help with?", + "what_does_this_mean": "What does this mean?", + "what_does_this_mean_for_you": "This means:", + "what_happens_when_sso_is_enabled": "What happens when SSO is enabled?", + "what_should_we_call_you": "What should we call you?", + "when_you_join_labs": "When you join Labs, you can choose which experiments you want to be part of. Once you’ve done that, you can use Overleaf as normal, but you’ll see any labs features marked with this badge:", + "when_you_tick_the_include_caption_box": "When you tick the box “Include caption” the image will be inserted into your document with a placeholder caption. To edit it, you simply select the placeholder text and type to replace it with your own.", + "why_latex": "Why LaTeX?", + "wide": "Wide", + "will_lose_edit_access_on_date": "Will lose edit access on __date__", + "will_need_to_log_out_from_and_in_with": "You will need to log out from your __email1__ account and then log in with __email2__.", + "with_premium_subscription_you_also_get": "With an Overleaf Premium subscription you also get", + "word_count": "Word Count", + "work_offline": "Work offline", + "work_or_university_sso": "Work/university single sign-on", + "work_with_non_overleaf_users": "Work with non Overleaf users", + "would_you_like_to_see_a_university_subscription": "Would you like to see a university-wide __appName__ subscription at your university?", + "write_and_collaborate_faster_with_features_like": "Write and collaborate faster with features like:", + "writefull": "Writefull", + "writefull_alternate_login_prompt": "If you have a Writefull account, <0>log in to get started. If you don’t have a Writefull account, we’ll create one for you. By enabling Writefull, you accept Writefull’s <1>terms of service and <2>privacy policy.", + "writefull_disable_prompt_body": "Writefull is enabled. You can switch it on or off in the account settings anytime.", + "writefull_learn_more": "Learn more about Writefull for Overleaf", + "writefull_loading_error_body": "Try refreshing the page. If this doesn’t work, try disabling any active browser extensions to check they aren’t blocking Writefull from loading.", + "writefull_loading_error_title": "Writefull didn’t load correctly", + "writefull_prompt_body": "Get Writefull’s research-tailored, AI-powered language feedback and LaTeX help directly in Overleaf.", + "writefull_prompt_terms": "When you click <0>Try Writefull, your email address and Overleaf user ID will be shared with Writefull. This will either link your Overleaf and Writefull accounts (if you have both with the same email address) or it’ll create a new Writefull account for you.<1> When enabled, Writefull has access to the content of any project you open, so you can get AI language feedback and suggestions. Read more about <2>Writefull for Overleaf.", + "writefull_prompt_terms_title": "What data is shared with Writefull?", + "writefull_prompt_title": "Accelerate your writing process with AI", + "writefull_settings_description": "Get free AI-based language feedback specifically tailored for research writing with Writefull for Overleaf.", + "x_changes_in": "__count__ change in", + "x_changes_in_plural": "__count__ changes in", + "x_collaborators_per_project": "__collaboratorsCount__ collaborators per project", + "x_price_for_first_month": "<0>__price__ for your first month", + "x_price_for_first_year": "<0>__price__ for your first year", + "x_price_for_y_months": "<0>__price__ for your first __discountMonths__ months", + "x_price_per_user": "__price__ per user", + "x_price_per_year": "__price__ per year", + "x_total_per_year": "__price__ total per year", + "year": "year", + "yearly": "Yearly", + "yes_im_in": "Yes, I’m in", + "yes_move_me_to_personal_plan": "Yes, move me to the Personal plan", + "yes_that_is_correct": "Yes, that’s correct", + "you": "You", + "you_already_have_a_subscription": "You already have a subscription", + "you_and_collaborators_get_access_to": "You and your project collaborators get access to", + "you_and_collaborators_get_access_to_info": "These features are available to you and your collaborators (other Overleaf users that you invite to your projects).", + "you_are_a_manager_and_member_of_x_plan_as_member_of_group_subscription_y_administered_by_z": "You are a <1>manager and <1>member of the <0>__planName__ group subscription <1>__groupName__ administered by <1>__adminEmail__.", + "you_are_a_manager_and_member_of_x_plan_as_member_of_group_subscription_y_administered_by_z_you": "You are a <1>manager and <1>member of the <0>__planName__ group subscription <1>__groupName__ administered by <1>you (__adminEmail__).", + "you_are_a_manager_of_commons_at_institution_x": "You are a <0>manager of the Overleaf Commons subscription at <0>__institutionName__", + "you_are_a_manager_of_publisher_x": "You are a <0>manager of <0>__publisherName__", + "you_are_a_manager_of_x_plan_as_member_of_group_subscription_y_administered_by_z": "You are a <1>manager of the <0>__planName__ group subscription <1>__groupName__ administered by <1>__adminEmail__.", + "you_are_a_manager_of_x_plan_as_member_of_group_subscription_y_administered_by_z_you": "You are a <1>manager of the <0>__planName__ group subscription <1>__groupName__ administered by <1>you (__adminEmail__).", + "you_are_currently_logged_in_as": "You are currently logged in as __email__.", + "you_are_on_a_paid_plan_contact_support_to_find_out_more": "You’re on an __appName__ Paid plan. <0>Contact support to find out more.", + "you_are_on_x_plan_as_a_confirmed_member_of_institution_y": "You are on our <0>__planName__ plan as a <1>confirmed member of <1>__institutionName__", + "you_are_on_x_plan_as_member_of_group_subscription_y_administered_by_z": "You are on our <0>__planName__ plan as a <1>member of the group subscription <1>__groupName__ administered by <1>__adminEmail__", + "you_can_also_choose_to_view_anonymously_or_leave_the_project": "You can also choose to <0>view anonymously (you will lose edit access) or <1>leave the project.", + "you_can_now_enable_sso": "You can now enable SSO on your Group settings page.", + "you_can_now_log_in_sso": "You can now log in through your institution and if eligible you will receive <0>__appName__ Professional features.", + "you_can_only_add_n_people_to_edit_a_project": "You can only add __count__ person to edit a project with you on your current plan. Upgrade to add more.", + "you_can_only_add_n_people_to_edit_a_project_plural": "You can only add __count__ people to edit a project with you on your current plan. Upgrade to add more.", + "you_can_opt_in_and_out_of_the_program_at_any_time_on_this_page": "You can <0>opt in and out of the program at any time on this page", + "you_can_request_a_maximum_of_limit_fixes_per_day": "You can request a maximum of __limit__ fixes per day. Please try again tomorrow.", + "you_cant_add_or_change_password_due_to_sso": "You can’t add or change your password because your group or organization uses <0>single sign-on (SSO).", + "you_cant_join_this_group_subscription": "You can’t join this group subscription", + "you_cant_reset_password_due_to_sso": "You can’t reset your password because your group or organization uses SSO. <0>Log in with SSO.", + "you_dont_have_any_repositories": "You don’t have any repositories", + "you_get_access_to": "You get access to", + "you_get_access_to_info": "These features are available only to you (the subscriber).", + "you_have_added_x_of_group_size_y": "You have added <0>__addedUsersSize__ of <1>__groupSize__ available members", + "you_have_been_invited_to_transfer_management_of_your_account": "You have been invited to transfer management of your account.", + "you_have_been_invited_to_transfer_management_of_your_account_to": "You have been invited to transfer management of your account to __groupName__.", + "you_have_been_removed_from_this_project_and_will_be_redirected_to_project_dashboard": "You have been removed from this project, and will no longer have access to it. You will be redirected to your project dashboard momentarily.", + "you_need_to_configure_your_sso_settings": "You need to configure and test your SSO settings before enabling SSO", + "you_plus_1": "You + 1", + "you_plus_10": "You + 10", + "you_plus_6": "You + 6", + "you_will_be_able_to_contact_us_any_time_to_share_your_feedback": "<0>You will be able to contact us any time to share your feedback", + "you_will_be_able_to_reassign_subscription": "You will be able to reassign their subscription membership to another person in your organization", + "youll_get_best_results_in_visual_but_can_be_used_in_source": "You’ll get the best results from using this tool in the <0>Visual Editor, although you can still use it to insert tables in the <1>Code Editor. Once you’ve selected the number of rows and columns you need, the table will appear in your document and you can double click in a cell to add contents to it.", + "youll_need_to_ask_the_github_repository_owner": "You’ll need to ask the GitHub repository owner (<0>__repoOwnerEmail__) to reconnect the project.", + "youll_no_longer_need_to_remember_credentials": "You’ll no longer need to remember a separate email address and password. Instead, you will use single-sign on to login to Overleaf. <0>Read more about SSO.", + "your_account_is_managed_by_admin_cant_join_additional_group": "Your __appName__ account is managed by your current group admin (__admin__). This means you can’t join additional group subscriptions. <0>Read more about Managed Users.", + "your_account_is_managed_by_your_group_admin": "Your account is managed by your group admin. You can’t change or delete your email address.", + "your_account_is_suspended": "Your account is suspended", + "your_affiliation_is_confirmed": "Your <0>__institutionName__ affiliation is confirmed.", + "your_browser_does_not_support_this_feature": "Sorry, your browser doesn’t support this feature. Please update your browser to its latest version.", + "your_compile_timed_out": "Your compile timed out", + "your_git_access_info": "Your Git authentication tokens should be entered whenever you’re prompted for a password.", + "your_git_access_info_bullet_1": "You can have up to 10 tokens.", + "your_git_access_info_bullet_2": "If you reach the maximum limit, you’ll need to delete a token before you can generate a new one.", + "your_git_access_info_bullet_3": "You can generate a token using the <0>Generate token button.", + "your_git_access_info_bullet_4": "You won’t be able to view the full token after the first time you generate it. Please copy it and keep it safe", + "your_git_access_info_bullet_5": "Previously generated tokens will be shown here.", + "your_git_access_tokens": "Your Git authentication tokens", + "your_message_to_collaborators": "Send a message to your collaborators", + "your_name_and_email_address_will_be_visible_to_the_project_owner_and_other_editors": "Your name and email address will be visible to the project owner and other editors.", + "your_new_plan": "Your new plan", + "your_password_has_been_successfully_changed": "Your password has been successfully changed", + "your_password_was_detected": "Your password is on a <0>public list of known compromised passwords. Keep your account safe by changing your password now.", + "your_plan": "Your plan", + "your_plan_is_changing_at_term_end": "Your plan is changing to <0>__pendingPlanName__ at the end of the current billing period.", + "your_plan_is_limited_to_n_editors": "Your plan allows __count__ collaborator with edit access and unlimited viewers.", + "your_plan_is_limited_to_n_editors_plural": "Your plan allows __count__ collaborators with edit access and unlimited viewers.", + "your_project_exceeded_compile_timeout_limit_on_free_plan": "Your project exceeded the compile timeout limit on our free plan.", + "your_project_near_compile_timeout_limit": "Your project is near the compile timeout limit for our free plan.", + "your_projects": "Your Projects", + "your_questions_answered": "Your questions answered", + "your_role": "Your role", + "your_sessions": "Your Sessions", + "your_subscription": "Your Subscription", + "your_subscription_has_expired": "Your subscription has expired.", + "youre_a_member_of_overleaf_labs": "You’re a member of Overleaf Labs. Don’t forget to check in regularly to see what experiments you can sign up to.", + "youre_about_to_disable_single_sign_on": "You’re about to disable single sign-on for all group members.", + "youre_about_to_enable_single_sign_on": "You’re about to enable single sign-on (SSO). Before you do this, you should ensure you’re confident the SSO configuration is correct and all your group members have managed user accounts.", + "youre_about_to_enable_single_sign_on_sso_only": "You’re about to enable single sign-on (SSO). Before you do this, you should ensure you’re confident the SSO configuration is correct.", + "youre_already_setup_for_sso": "You’re already set up for SSO", + "youre_joining": "You’re joining", + "youre_on_free_trial_which_ends_on": "You’re on a free trial which ends on <0>__date__.", + "youre_signed_in_as_logout": "You’re signed in as <0>__email__. <1>Log out.", + "youre_signed_up": "You’re signed up", + "youve_unlinked_all_users": "You’ve unlinked all users", + "zh-CN": "Chinese", + "zip_contents_too_large": "Zip contents too large", + "zoom_in": "Zoom in", + "zoom_out": "Zoom out", + "zoom_to": "Zoom to", + "zotero": "Zotero", + "zotero_and_mendeley_integrations": "<0>Zotero and <0>Mendeley integrations", + "zotero_cta": "Get Zotero integration", + "zotero_groups_loading_error": "There was an error loading groups from Zotero", + "zotero_groups_relink": "There was an error accessing your Zotero data. This was likely caused by lack of permissions. Please re-link your account and try again.", + "zotero_integration": "Zotero Integration", + "zotero_integration_lowercase": "Zotero integration", + "zotero_integration_lowercase_info": "Manage your reference library in Zotero, and link it directly to .bib files in Overleaf, so you can easily cite anything from your libraries.", + "zotero_is_premium": "Zotero integration is a premium feature", + "zotero_reference_loading_error": "Error, could not load references from Zotero", + "zotero_reference_loading_error_expired": "Zotero token expired, please re-link your account", + "zotero_reference_loading_error_forbidden": "Could not load references from Zotero, please re-link your account and try again", + "zotero_sync_description": "With the Zotero integration you can import your references from Zotero into your __appName__ projects." +} diff --git a/overleafserver/ldap/modules/launchpad/app/src/LaunchpadController.js b/overleafserver/ldap/modules/launchpad/app/src/LaunchpadController.js new file mode 100644 index 0000000..15a12a8 --- /dev/null +++ b/overleafserver/ldap/modules/launchpad/app/src/LaunchpadController.js @@ -0,0 +1,240 @@ +const OError = require('@overleaf/o-error') +const { expressify } = require('@overleaf/promise-utils') +const Settings = require('@overleaf/settings') +const Path = require('path') +const logger = require('@overleaf/logger') +const UserRegistrationHandler = require('../../../../app/src/Features/User/UserRegistrationHandler') +const EmailHandler = require('../../../../app/src/Features/Email/EmailHandler') +const UserGetter = require('../../../../app/src/Features/User/UserGetter') +const { User } = require('../../../../app/src/models/User') +const AuthenticationManager = require('../../../../app/src/Features/Authentication/AuthenticationManager') +const AuthenticationController = require('../../../../app/src/Features/Authentication/AuthenticationController') +const SessionManager = require('../../../../app/src/Features/Authentication/SessionManager') +const { + hasAdminAccess, +} = require('../../../../app/src/Features/Helpers/AdminAuthorizationHelper') + +const _LaunchpadController = { + _getAuthMethod() { + if (Settings.ldap?.enable) { + return 'ldap' + } else if (Settings.saml) { + return 'saml' + } else { + return 'local' + } + }, + + async launchpadPage(req, res) { + // TODO: check if we're using external auth? + // * how does all this work with ldap and saml? + const sessionUser = SessionManager.getSessionUser(req.session) + const authMethod = LaunchpadController._getAuthMethod() + const adminUserExists = await LaunchpadController._atLeastOneAdminExists() + if (!sessionUser) { + if (!adminUserExists) { + res.render(Path.resolve(__dirname, '../views/launchpad'), { + adminUserExists, + authMethod, + }) + } else { + AuthenticationController.setRedirectInSession(req) + res.redirect('/login') + } + } else { + const user = await UserGetter.promises.getUser(sessionUser._id, { + isAdmin: 1, + }) + if (hasAdminAccess(user)) { + res.render(Path.resolve(__dirname, '../views/launchpad'), { + wsUrl: Settings.wsUrl, + adminUserExists, + authMethod, + }) + } else { + res.redirect('/restricted') + } + } + }, + + async _atLeastOneAdminExists() { + const user = await UserGetter.promises.getUser( + { isAdmin: true }, + { _id: 1, isAdmin: 1 } + ) + return Boolean(user) + }, + + async sendTestEmail(req, res) { + const { email } = req.body + if (!email) { + logger.debug({}, 'no email address supplied') + return res.status(400).json({ + message: 'no email address supplied', + }) + } + logger.debug({ email }, 'sending test email') + const emailOptions = { to: email } + try { + await EmailHandler.promises.sendEmail('testEmail', emailOptions) + logger.debug({ email }, 'sent test email') + res.json({ message: res.locals.translate('email_sent') }) + } catch (err) { + OError.tag(err, 'error sending test email', { + email, + }) + throw err + } + }, + + registerExternalAuthAdmin(authMethod) { + return expressify(async function (req, res) { + if (LaunchpadController._getAuthMethod() !== authMethod) { + logger.debug( + { authMethod }, + 'trying to register external admin, but that auth service is not enabled, disallow' + ) + return res.sendStatus(403) + } + const email = req.body.email.toLowerCase() + if (!email) { + logger.debug({ authMethod }, 'no email supplied, disallow') + return res.sendStatus(400) + } + + logger.debug({ email }, 'attempted register first admin user') + + const exists = await LaunchpadController._atLeastOneAdminExists() + + if (exists) { + logger.debug( + { email }, + 'already have at least one admin user, disallow' + ) + return res.sendStatus(403) + } + + const body = { + email, + password: 'password_here', + first_name: email, + last_name: '', + } + logger.debug( + { body, authMethod }, + 'creating admin account for specified external-auth user' + ) + + let user + try { + user = await UserRegistrationHandler.promises.registerNewUser(body) + } catch (err) { + OError.tag(err, 'error with registerNewUser', { + email, + authMethod, + }) + throw err + } + + try { + await User.updateOne( + { _id: user._id }, + { + $set: { isAdmin: true, emails: [{ email, reversedHostname, 'confirmedAt' : Date.now() }] }, // no email confirmation is required + $unset: { 'hashedPassword': "" }, // external-auth user must not have a hashedPassword + emails: [{ email }], + } + ).exec() + } catch (err) { + OError.tag(err, 'error setting user to admin', { + user_id: user._id, + }) + throw err + } + + AuthenticationController.setRedirectInSession(req, '/launchpad') + logger.debug( + { email, userId: user._id, authMethod }, + 'created first admin account' + ) + + res.json({ redir: '/launchpad', email }) + }) + }, + + async registerAdmin(req, res) { + const { email } = req.body + const { password } = req.body + if (!email || !password) { + logger.debug({}, 'must supply both email and password, disallow') + return res.sendStatus(400) + } + + logger.debug({ email }, 'attempted register first admin user') + const exists = await LaunchpadController._atLeastOneAdminExists() + + if (exists) { + logger.debug( + { email: req.body.email }, + 'already have at least one admin user, disallow' + ) + return res.status(403).json({ + message: { type: 'error', text: 'admin user already exists' }, + }) + } + + const invalidEmail = AuthenticationManager.validateEmail(email) + if (invalidEmail) { + return res + .status(400) + .json({ message: { type: 'error', text: invalidEmail.message } }) + } + + const invalidPassword = AuthenticationManager.validatePassword( + password, + email + ) + if (invalidPassword) { + return res + .status(400) + .json({ message: { type: 'error', text: invalidPassword.message } }) + } + + const body = { email, password } + + const user = await UserRegistrationHandler.promises.registerNewUser(body) + + logger.debug({ userId: user._id }, 'making user an admin') + + try { + await User.updateOne( + { _id: user._id }, + { + $set: { + isAdmin: true, + emails: [{ email }], + }, + } + ).exec() + } catch (err) { + OError.tag(err, 'error setting user to admin', { + user_id: user._id, + }) + throw err + } + + logger.debug({ email, userId: user._id }, 'created first admin account') + res.json({ redir: '/launchpad' }) + }, +} + +const LaunchpadController = { + launchpadPage: expressify(_LaunchpadController.launchpadPage), + registerAdmin: expressify(_LaunchpadController.registerAdmin), + registerExternalAuthAdmin: _LaunchpadController.registerExternalAuthAdmin, + sendTestEmail: expressify(_LaunchpadController.sendTestEmail), + _atLeastOneAdminExists: _LaunchpadController._atLeastOneAdminExists, + _getAuthMethod: _LaunchpadController._getAuthMethod, +} + +module.exports = LaunchpadController diff --git a/overleafserver/ldap/modules/launchpad/app/views/launchpad.pug b/overleafserver/ldap/modules/launchpad/app/views/launchpad.pug new file mode 100644 index 0000000..52e7472 --- /dev/null +++ b/overleafserver/ldap/modules/launchpad/app/views/launchpad.pug @@ -0,0 +1,264 @@ +extends ../../../../app/views/layout-marketing + +mixin launchpad-check(section) + div(data-ol-launchpad-check=section) + span(data-ol-inflight="pending") + i.fa.fa-fw.fa-spinner.fa-spin + span  #{translate('checking')} + + span(hidden data-ol-inflight="idle") + div(data-ol-result="success") + i.fa.fa-check + span  #{translate('ok')} + button.btn.btn-inline-link + span.text-danger  #{translate('retry')} + div(hidden data-ol-result="error") + i.fa.fa-exclamation + span  #{translate('error')} + button.btn.btn-inline-link + span.text-danger  #{translate('retry')} + div.alert.alert-danger + span(data-ol-error) + +block entrypointVar + - entrypoint = 'modules/launchpad/pages/launchpad' + +block vars + - metadata = metadata || {} + +block append meta + meta(name="ol-adminUserExists" data-type="boolean" content=adminUserExists) + meta(name="ol-ideJsPath" content=buildJsPath('ide-detached.js')) + +block content + script(type="text/javascript", nonce=scriptNonce, src=(wsUrl || '/socket.io') + '/socket.io.js') + + .content.content-alt#main-content + .container + .row + .col-md-8.col-md-offset-2 + .card.launchpad-body + .row + .col-md-12 + .text-center + h1 #{translate('welcome_to_sl')} + p + img(src=buildImgPath('/ol-brand/overleaf-o.svg')) + + + .row + .col-md-8.col-md-offset-2 + + + + if !adminUserExists + .row(data-ol-not-sent) + .col-md-12 + h2 #{translate('create_first_admin_account')} + + // Local Auth Form + if authMethod === 'local' + form( + data-ol-async-form + data-ol-register-admin + action="/launchpad/register_admin" + method="POST" + ) + input(name='_csrf', type='hidden', value=csrfToken) + +formMessages() + .form-group + label(for='email') #{translate("email")} + input.form-control( + type='email', + name='email', + placeholder="email@example.com" + autocomplete="username" + required, + autofocus="true" + ) + .form-group + label(for='password') #{translate("password")} + input.form-control#passwordField( + type='password', + name='password', + placeholder="********", + autocomplete="new-password" + required, + ) + .actions + button.btn-primary.btn( + type='submit' + data-ol-disabled-inflight + ) + span(data-ol-inflight="idle") #{translate("register")} + span(hidden data-ol-inflight="pending") #{translate("registering")}… + + // Ldap Form + if authMethod === 'ldap' + h3 #{translate('ldap')} + p + | #{translate('ldap_create_admin_instructions')} + + form( + data-ol-async-form + data-ol-register-admin + action="/launchpad/register_ldap_admin" + method="POST" + ) + input(name='_csrf', type='hidden', value=csrfToken) + +formMessages() + .form-group + label(for='email') #{translate("email")} + input.form-control( + type='email', + name='email', + placeholder="email@example.com" + autocomplete="username" + required, + autofocus="true" + ) + .actions + button.btn-primary.btn( + type='submit' + data-ol-disabled-inflight + ) + span(data-ol-inflight="idle") #{translate("register")} + span(hidden data-ol-inflight="pending") #{translate("registering")}… + + h3 #{translate('local_account')} + p + | #{translate('alternatively_create_local_admin_account')} + + form( + data-ol-async-form + data-ol-register-admin + action="/launchpad/register_admin" + method="POST" + ) + input(name='_csrf', type='hidden', value=csrfToken) + +formMessages() + .form-group + label(for='email') #{translate("email")} + input.form-control( + type='email', + name='email', + placeholder="email@example.com" + autocomplete="username" + required, + autofocus="true" + ) + .form-group + label(for='password') #{translate("password")} + input.form-control#passwordField( + type='password', + name='password', + placeholder="********", + autocomplete="new-password" + required, + ) + .actions + button.btn-primary.btn( + type='submit' + data-ol-disabled-inflight + ) + span(data-ol-inflight="idle") #{translate("register")} + span(hidden data-ol-inflight="pending") #{translate("registering")}… + + // Saml Form + if authMethod === 'saml' + h3 #{translate('saml')} + p + | #{translate('saml_create_admin_instructions')} + + form( + data-ol-async-form + data-ol-register-admin + action="/launchpad/register_saml_admin" + method="POST" + ) + input(name='_csrf', type='hidden', value=csrfToken) + +formMessages() + .form-group + label(for='email') #{translate("email")} + input.form-control( + type='email', + name='email', + placeholder="email@example.com" + autocomplete="username" + required, + autofocus="true" + ) + .actions + button.btn-primary.btn( + type='submit' + data-ol-disabled-inflight + ) + span(data-ol-inflight="idle") #{translate("register")} + span(hidden data-ol-inflight="pending") #{translate("registering")}… + + br + + + if adminUserExists + .row + .col-md-12.status-indicators + + h2 #{translate('status_checks')} + + + .row.row-spaced-small + .col-sm-5 + | #{translate('websockets')} + .col-sm-7 + +launchpad-check('websocket') + + + hr.thin + + + .row + .col-md-12 + h2 #{translate('other_actions')} + + h3 #{translate('send_test_email')} + form.form( + data-ol-async-form + action="/launchpad/send_test_email" + method="POST" + ) + .form-group + label(for="email") Email + input.form-control( + type="text" + id="email" + name="email" + required + ) + button.btn-primary.btn( + type='submit' + data-ol-disabled-inflight + ) + span(data-ol-inflight="idle") #{translate("send")} + span(hidden data-ol-inflight="pending") #{translate("sending")}… + + p + +formMessages() + + + + + hr.thin + + + + .row + .col-md-12 + .text-center + br + p + a(href="/admin").btn.btn-info + | Go To Admin Panel + p + a(href="/project").btn.btn-primary + | Start Using #{settings.appName} + br diff --git a/overleafserver/ldap/patches/ldapauth-fork+4.3.3.patch b/overleafserver/ldap/patches/ldapauth-fork+4.3.3.patch new file mode 100644 index 0000000..4d31210 --- /dev/null +++ b/overleafserver/ldap/patches/ldapauth-fork+4.3.3.patch @@ -0,0 +1,64 @@ +diff --git a/node_modules/ldapauth-fork/lib/ldapauth.js b/node_modules/ldapauth-fork/lib/ldapauth.js +index 85ecf36a8b..a7d07e0f78 100644 +--- a/node_modules/ldapauth-fork/lib/ldapauth.js ++++ b/node_modules/ldapauth-fork/lib/ldapauth.js +@@ -69,6 +69,7 @@ function LdapAuth(opts) { + this.opts.bindProperty || (this.opts.bindProperty = 'dn'); + this.opts.groupSearchScope || (this.opts.groupSearchScope = 'sub'); + this.opts.groupDnProperty || (this.opts.groupDnProperty = 'dn'); ++ this.opts.tlsStarted = false; + + EventEmitter.call(this); + +@@ -108,21 +109,7 @@ function LdapAuth(opts) { + this._userClient.on('error', this._handleError.bind(this)); + + var self = this; +- if (this.opts.starttls) { +- // When starttls is enabled, this callback supplants the 'connect' callback +- this._adminClient.starttls(this.opts.tlsOptions, this._adminClient.controls, function(err) { +- if (err) { +- self._handleError(err); +- } else { +- self._onConnectAdmin(); +- } +- }); +- this._userClient.starttls(this.opts.tlsOptions, this._userClient.controls, function(err) { +- if (err) { +- self._handleError(err); +- } +- }); +- } else if (opts.reconnect) { ++ if (opts.reconnect && !this.opts.starttls) { + this.once('_installReconnectListener', function() { + self.log && self.log.trace('install reconnect listener'); + self._adminClient.on('connect', function() { +@@ -384,6 +371,28 @@ LdapAuth.prototype._findGroups = function(user, callback) { + */ + LdapAuth.prototype.authenticate = function(username, password, callback) { + var self = this; ++ if (this.opts.starttls && !this.opts.tlsStarted) { ++ // When starttls is enabled, this callback supplants the 'connect' callback ++ this._adminClient.starttls(this.opts.tlsOptions, this._adminClient.controls, function (err) { ++ if (err) { ++ self._handleError(err); ++ } else { ++ self._onConnectAdmin(function(){self._handleAuthenticate(username, password, callback);}); ++ } ++ }); ++ this._userClient.starttls(this.opts.tlsOptions, this._userClient.controls, function (err) { ++ if (err) { ++ self._handleError(err); ++ } ++ }); ++ } else { ++ self._handleAuthenticate(username, password, callback); ++ } ++}; ++ ++LdapAuth.prototype._handleAuthenticate = function (username, password, callback) { ++ this.opts.tlsStarted = true; ++ var self = this; + + if (typeof password === 'undefined' || password === null || password === '') { + return callback(new Error('no password given')); diff --git a/overleafserver/ldap/web/config/settings.defaults.js b/overleafserver/ldap/web/config/settings.defaults.js new file mode 100644 index 0000000..f583178 --- /dev/null +++ b/overleafserver/ldap/web/config/settings.defaults.js @@ -0,0 +1,938 @@ +const Path = require('path') +const { merge } = require('@overleaf/settings/merge') + +let defaultFeatures, siteUrl + +// Make time interval config easier. +const seconds = 1000 +const minutes = 60 * seconds + +// These credentials are used for authenticating api requests +// between services that may need to go over public channels +const httpAuthUser = process.env.WEB_API_USER +const httpAuthPass = process.env.WEB_API_PASSWORD +const httpAuthUsers = {} +if (httpAuthUser && httpAuthPass) { + httpAuthUsers[httpAuthUser] = httpAuthPass +} + +const intFromEnv = function (name, defaultValue) { + if ( + [null, undefined].includes(defaultValue) || + typeof defaultValue !== 'number' + ) { + throw new Error( + `Bad default integer value for setting: ${name}, ${defaultValue}` + ) + } + return parseInt(process.env[name], 10) || defaultValue +} + +const defaultTextExtensions = [ + 'tex', + 'latex', + 'sty', + 'cls', + 'bst', + 'bib', + 'bibtex', + 'txt', + 'tikz', + 'mtx', + 'rtex', + 'md', + 'asy', + 'lbx', + 'bbx', + 'cbx', + 'm', + 'lco', + 'dtx', + 'ins', + 'ist', + 'def', + 'clo', + 'ldf', + 'rmd', + 'lua', + 'gv', + 'mf', + 'yml', + 'yaml', + 'lhs', + 'mk', + 'xmpdata', + 'cfg', + 'rnw', + 'ltx', + 'inc', +] + +const parseTextExtensions = function (extensions) { + if (extensions) { + return extensions.split(',').map(ext => ext.trim()) + } else { + return [] + } +} + +const httpPermissionsPolicy = { + blocked: [ + 'accelerometer', + 'attribution-reporting', + 'browsing-topics', + 'camera', + 'display-capture', + 'encrypted-media', + 'gamepad', + 'geolocation', + 'gyroscope', + 'hid', + 'identity-credentials-get', + 'idle-detection', + 'local-fonts', + 'magnetometer', + 'microphone', + 'midi', + 'otp-credentials', + 'payment', + 'picture-in-picture', + 'screen-wake-lock', + 'serial', + 'storage-access', + 'usb', + 'window-management', + 'xr-spatial-tracking', + ], + allowed: { + autoplay: 'self "https://videos.ctfassets.net"', + fullscreen: 'self', + }, +} + +module.exports = { + env: 'server-ce', + + limits: { + httpGlobalAgentMaxSockets: 300, + httpsGlobalAgentMaxSockets: 300, + }, + + allowAnonymousReadAndWriteSharing: + process.env.OVERLEAF_ALLOW_ANONYMOUS_READ_AND_WRITE_SHARING === 'true', + + // Databases + // --------- + mongo: { + options: { + appname: 'web', + maxPoolSize: parseInt(process.env.MONGO_POOL_SIZE, 10) || 100, + serverSelectionTimeoutMS: + parseInt(process.env.MONGO_SERVER_SELECTION_TIMEOUT, 10) || 60000, + // Setting socketTimeoutMS to 0 means no timeout + socketTimeoutMS: parseInt( + process.env.MONGO_SOCKET_TIMEOUT ?? '60000', + 10 + ), + monitorCommands: true, + }, + url: + process.env.MONGO_CONNECTION_STRING || + process.env.MONGO_URL || + `mongodb://${process.env.MONGO_HOST || '127.0.0.1'}/sharelatex`, + hasSecondaries: process.env.MONGO_HAS_SECONDARIES === 'true', + }, + + redis: { + web: { + host: process.env.REDIS_HOST || '127.0.0.1', + port: process.env.REDIS_PORT || '6379', + password: process.env.REDIS_PASSWORD || '', + db: process.env.REDIS_DB, + maxRetriesPerRequest: parseInt( + process.env.REDIS_MAX_RETRIES_PER_REQUEST || '20' + ), + }, + + // websessions: + // cluster: [ + // {host: '127.0.0.1', port: 7000} + // {host: '127.0.0.1', port: 7001} + // {host: '127.0.0.1', port: 7002} + // {host: '127.0.0.1', port: 7003} + // {host: '127.0.0.1', port: 7004} + // {host: '127.0.0.1', port: 7005} + // ] + + // ratelimiter: + // cluster: [ + // {host: '127.0.0.1', port: 7000} + // {host: '127.0.0.1', port: 7001} + // {host: '127.0.0.1', port: 7002} + // {host: '127.0.0.1', port: 7003} + // {host: '127.0.0.1', port: 7004} + // {host: '127.0.0.1', port: 7005} + // ] + + // cooldown: + // cluster: [ + // {host: '127.0.0.1', port: 7000} + // {host: '127.0.0.1', port: 7001} + // {host: '127.0.0.1', port: 7002} + // {host: '127.0.0.1', port: 7003} + // {host: '127.0.0.1', port: 7004} + // {host: '127.0.0.1', port: 7005} + // ] + + api: { + host: process.env.REDIS_HOST || '127.0.0.1', + port: process.env.REDIS_PORT || '6379', + password: process.env.REDIS_PASSWORD || '', + maxRetriesPerRequest: parseInt( + process.env.REDIS_MAX_RETRIES_PER_REQUEST || '20' + ), + }, + }, + + // Service locations + // ----------------- + + // Configure which ports to run each service on. Generally you + // can leave these as they are unless you have some other services + // running which conflict, or want to run the web process on port 80. + internal: { + web: { + port: process.env.WEB_PORT || 3000, + host: process.env.LISTEN_ADDRESS || '127.0.0.1', + }, + }, + + // Tell each service where to find the other services. If everything + // is running locally then this is easy, but they exist as separate config + // options incase you want to run some services on remote hosts. + apis: { + web: { + url: `http://${ + process.env.WEB_API_HOST || process.env.WEB_HOST || '127.0.0.1' + }:${process.env.WEB_API_PORT || process.env.WEB_PORT || 3000}`, + user: httpAuthUser, + pass: httpAuthPass, + }, + documentupdater: { + url: `http://${ + process.env.DOCUPDATER_HOST || + process.env.DOCUMENT_UPDATER_HOST || + '127.0.0.1' + }:3003`, + }, + spelling: { + url: `http://${process.env.SPELLING_HOST || '127.0.0.1'}:3005`, + host: process.env.SPELLING_HOST, + }, + docstore: { + url: `http://${process.env.DOCSTORE_HOST || '127.0.0.1'}:3016`, + pubUrl: `http://${process.env.DOCSTORE_HOST || '127.0.0.1'}:3016`, + }, + chat: { + internal_url: `http://${process.env.CHAT_HOST || '127.0.0.1'}:3010`, + }, + filestore: { + url: `http://${process.env.FILESTORE_HOST || '127.0.0.1'}:3009`, + }, + clsi: { + url: `http://${process.env.CLSI_HOST || '127.0.0.1'}:3013`, + // url: "http://#{process.env['CLSI_LB_HOST']}:3014" + backendGroupName: undefined, + submissionBackendClass: + process.env.CLSI_SUBMISSION_BACKEND_CLASS || 'n2d', + }, + project_history: { + sendProjectStructureOps: true, + url: `http://${process.env.PROJECT_HISTORY_HOST || '127.0.0.1'}:3054`, + }, + realTime: { + url: `http://${process.env.REALTIME_HOST || '127.0.0.1'}:3026`, + }, + contacts: { + url: `http://${process.env.CONTACTS_HOST || '127.0.0.1'}:3036`, + }, + notifications: { + url: `http://${process.env.NOTIFICATIONS_HOST || '127.0.0.1'}:3042`, + }, + webpack: { + url: `http://${process.env.WEBPACK_HOST || '127.0.0.1'}:3808`, + }, + wiki: { + url: process.env.WIKI_URL || 'https://learn.sharelatex.com', + maxCacheAge: parseInt(process.env.WIKI_MAX_CACHE_AGE || 5 * minutes, 10), + }, + + haveIBeenPwned: { + enabled: process.env.HAVE_I_BEEN_PWNED_ENABLED === 'true', + url: + process.env.HAVE_I_BEEN_PWNED_URL || 'https://api.pwnedpasswords.com', + timeout: parseInt(process.env.HAVE_I_BEEN_PWNED_TIMEOUT, 10) || 5 * 1000, + }, + + // For legacy reasons, we need to populate the below objects. + v1: {}, + recurly: {}, + }, + + // Defines which features are allowed in the + // Permissions-Policy HTTP header + httpPermissions: httpPermissionsPolicy, + useHttpPermissionsPolicy: true, + + jwt: { + key: process.env.OT_JWT_AUTH_KEY, + algorithm: process.env.OT_JWT_AUTH_ALG || 'HS256', + }, + + devToolbar: { + enabled: false, + }, + + splitTests: [], + + // Where your instance of Overleaf Community Edition/Server Pro can be found publicly. Used in emails + // that are sent out, generated links, etc. + siteUrl: (siteUrl = process.env.PUBLIC_URL || 'http://127.0.0.1:3000'), + + lockManager: { + lockTestInterval: intFromEnv('LOCK_MANAGER_LOCK_TEST_INTERVAL', 50), + maxTestInterval: intFromEnv('LOCK_MANAGER_MAX_TEST_INTERVAL', 1000), + maxLockWaitTime: intFromEnv('LOCK_MANAGER_MAX_LOCK_WAIT_TIME', 10000), + redisLockExpiry: intFromEnv('LOCK_MANAGER_REDIS_LOCK_EXPIRY', 30), + slowExecutionThreshold: intFromEnv( + 'LOCK_MANAGER_SLOW_EXECUTION_THRESHOLD', + 5000 + ), + }, + + // Optional separate location for websocket connections, if unset defaults to siteUrl. + wsUrl: process.env.WEBSOCKET_URL, + wsUrlV2: process.env.WEBSOCKET_URL_V2, + wsUrlBeta: process.env.WEBSOCKET_URL_BETA, + + wsUrlV2Percentage: parseInt( + process.env.WEBSOCKET_URL_V2_PERCENTAGE || '0', + 10 + ), + wsRetryHandshake: parseInt(process.env.WEBSOCKET_RETRY_HANDSHAKE || '5', 10), + + // cookie domain + // use full domain for cookies to only be accessible from that domain, + // replace subdomain with dot to have them accessible on all subdomains + cookieDomain: process.env.COOKIE_DOMAIN, + cookieName: process.env.COOKIE_NAME || 'overleaf.sid', + cookieRollingSession: true, + + // this is only used if cookies are used for clsi backend + // clsiCookieKey: "clsiserver" + + robotsNoindex: process.env.ROBOTS_NOINDEX === 'true' || false, + + maxEntitiesPerProject: parseInt( + process.env.MAX_ENTITIES_PER_PROJECT || '2000', + 10 + ), + + projectUploadTimeout: parseInt( + process.env.PROJECT_UPLOAD_TIMEOUT || '120000', + 10 + ), + maxUploadSize: 50 * 1024 * 1024, // 50 MB + multerOptions: { + preservePath: process.env.MULTER_PRESERVE_PATH, + }, + + // start failing the health check if active handles exceeds this limit + maxActiveHandles: process.env.MAX_ACTIVE_HANDLES + ? parseInt(process.env.MAX_ACTIVE_HANDLES, 10) + : undefined, + + // Security + // -------- + security: { + sessionSecret: process.env.SESSION_SECRET, + sessionSecretUpcoming: process.env.SESSION_SECRET_UPCOMING, + sessionSecretFallback: process.env.SESSION_SECRET_FALLBACK, + bcryptRounds: parseInt(process.env.BCRYPT_ROUNDS, 10) || 12, + }, // number of rounds used to hash user passwords (raised to power 2) + + adminUrl: process.env.ADMIN_URL, + adminOnlyLogin: process.env.ADMIN_ONLY_LOGIN === 'true', + adminPrivilegeAvailable: process.env.ADMIN_PRIVILEGE_AVAILABLE === 'true', + blockCrossOriginRequests: process.env.BLOCK_CROSS_ORIGIN_REQUESTS === 'true', + allowedOrigins: (process.env.ALLOWED_ORIGINS || siteUrl).split(','), + + httpAuthUsers, + + // Default features + // ---------------- + // + // You can select the features that are enabled by default for new + // new users. + defaultFeatures: (defaultFeatures = { + collaborators: -1, + dropbox: true, + github: true, + gitBridge: true, + versioning: true, + compileTimeout: 180, + compileGroup: 'standard', + references: true, + trackChanges: true, + }), + + // featuresEpoch: 'YYYY-MM-DD', + + features: { + personal: defaultFeatures, + }, + + groupPlanModalOptions: { + plan_codes: [], + currencies: [], + sizes: [], + usages: [], + }, + plans: [ + { + planCode: 'personal', + name: 'Personal', + price_in_cents: 0, + features: defaultFeatures, + }, + ], + + enableSubscriptions: false, + restrictedCountries: [], + enableOnboardingEmails: process.env.ENABLE_ONBOARDING_EMAILS === 'true', + + enabledLinkedFileTypes: (process.env.ENABLED_LINKED_FILE_TYPES || '').split( + ',' + ), + + // i18n + // ------ + // + i18n: { + checkForHTMLInVars: process.env.I18N_CHECK_FOR_HTML_IN_VARS === 'true', + escapeHTMLInVars: process.env.I18N_ESCAPE_HTML_IN_VARS === 'true', + subdomainLang: { + www: { lngCode: 'en', url: siteUrl }, + }, + defaultLng: 'en', + }, + + // Spelling languages + // ------------------ + // + // You must have the corresponding aspell package installed to + // be able to use a language. + languages: [ + { code: 'en', name: 'English' }, + { code: 'en_US', name: 'English (American)' }, + { code: 'en_GB', name: 'English (British)' }, + { code: 'en_CA', name: 'English (Canadian)' }, + { code: 'af', name: 'Afrikaans' }, + { code: 'ar', name: 'Arabic' }, + { code: 'gl', name: 'Galician' }, + { code: 'eu', name: 'Basque' }, + { code: 'br', name: 'Breton' }, + { code: 'bg', name: 'Bulgarian' }, + { code: 'ca', name: 'Catalan' }, + { code: 'hr', name: 'Croatian' }, + { code: 'cs', name: 'Czech' }, + { code: 'da', name: 'Danish' }, + { code: 'nl', name: 'Dutch' }, + { code: 'eo', name: 'Esperanto' }, + { code: 'et', name: 'Estonian' }, + { code: 'fo', name: 'Faroese' }, + { code: 'fr', name: 'French' }, + { code: 'de', name: 'German' }, + { code: 'el', name: 'Greek' }, + { code: 'id', name: 'Indonesian' }, + { code: 'ga', name: 'Irish' }, + { code: 'it', name: 'Italian' }, + { code: 'kk', name: 'Kazakh' }, + { code: 'ku', name: 'Kurdish' }, + { code: 'lv', name: 'Latvian' }, + { code: 'lt', name: 'Lithuanian' }, + { code: 'nr', name: 'Ndebele' }, + { code: 'ns', name: 'Northern Sotho' }, + { code: 'no', name: 'Norwegian' }, + { code: 'fa', name: 'Persian' }, + { code: 'pl', name: 'Polish' }, + { code: 'pt_BR', name: 'Portuguese (Brazilian)' }, + { code: 'pt_PT', name: 'Portuguese (European)' }, + { code: 'pa', name: 'Punjabi' }, + { code: 'ro', name: 'Romanian' }, + { code: 'ru', name: 'Russian' }, + { code: 'sk', name: 'Slovak' }, + { code: 'sl', name: 'Slovenian' }, + { code: 'st', name: 'Southern Sotho' }, + { code: 'es', name: 'Spanish' }, + { code: 'sv', name: 'Swedish' }, + { code: 'tl', name: 'Tagalog' }, + { code: 'ts', name: 'Tsonga' }, + { code: 'tn', name: 'Tswana' }, + { code: 'hsb', name: 'Upper Sorbian' }, + { code: 'cy', name: 'Welsh' }, + { code: 'xh', name: 'Xhosa' }, + ], + + translatedLanguages: { + cn: '简体中文', + cs: 'Čeština', + da: 'Dansk', + de: 'Deutsch', + en: 'English', + es: 'Español', + fi: 'Suomi', + fr: 'Français', + it: 'Italiano', + ja: '日本語', + ko: '한국어', + nl: 'Nederlands', + no: 'Norsk', + pl: 'Polski', + pt: 'Português', + ro: 'Română', + ru: 'Русский', + sv: 'Svenska', + tr: 'Türkçe', + uk: 'Українська', + 'zh-CN': '简体中文', + }, + + maxDictionarySize: 1024 * 1024, // 1 MB + + // Password Settings + // ----------- + // These restrict the passwords users can use when registering + // opts are from http://antelle.github.io/passfield + passwordStrengthOptions: { + length: { + min: 8, + // Bcrypt does not support longer passwords than that. + max: 72, + }, + }, + + elevateAccountSecurityAfterFailedLogin: + parseInt(process.env.ELEVATED_ACCOUNT_SECURITY_AFTER_FAILED_LOGIN_MS, 10) || + 24 * 60 * 60 * 1000, + + deviceHistory: { + cookieName: process.env.DEVICE_HISTORY_COOKIE_NAME || 'deviceHistory', + entryExpiry: + parseInt(process.env.DEVICE_HISTORY_ENTRY_EXPIRY_MS, 10) || + 90 * 24 * 60 * 60 * 1000, + maxEntries: parseInt(process.env.DEVICE_HISTORY_MAX_ENTRIES, 10) || 10, + secret: process.env.DEVICE_HISTORY_SECRET, + }, + + // Email support + // ------------- + // + // Overleaf uses nodemailer (http://www.nodemailer.com/) to send transactional emails. + // To see the range of transport and options they support, see http://www.nodemailer.com/docs/transports + // email: + // fromAddress: "" + // replyTo: "" + // lifecycle: false + // # Example transport and parameter settings for Amazon SES + // transport: "SES" + // parameters: + // AWSAccessKeyID: "" + // AWSSecretKey: "" + + // For legacy reasons, we need to populate this object. + sentry: {}, + + // Production Settings + // ------------------- + debugPugTemplates: process.env.DEBUG_PUG_TEMPLATES === 'true', + precompilePugTemplatesAtBootTime: process.env + .PRECOMPILE_PUG_TEMPLATES_AT_BOOT_TIME + ? process.env.PRECOMPILE_PUG_TEMPLATES_AT_BOOT_TIME === 'true' + : process.env.NODE_ENV === 'production', + + // Should javascript assets be served minified or not. + useMinifiedJs: process.env.MINIFIED_JS === 'true' || false, + + // Should static assets be sent with a header to tell the browser to cache + // them. + cacheStaticAssets: false, + + // If you are running Overleaf over https, set this to true to send the + // cookie with a secure flag (recommended). + secureCookie: false, + + // 'SameSite' cookie setting. Can be set to 'lax', 'none' or 'strict' + // 'lax' is recommended, as 'strict' will prevent people linking to projects + // https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-03#section-4.1.2.7 + sameSiteCookie: 'lax', + + // If you are running Overleaf behind a proxy (like Apache, Nginx, etc) + // then set this to true to allow it to correctly detect the forwarded IP + // address and http/https protocol information. + behindProxy: false, + + // Delay before closing the http server upon receiving a SIGTERM process signal. + gracefulShutdownDelayInMs: + parseInt(process.env.GRACEFUL_SHUTDOWN_DELAY_SECONDS ?? '5', 10) * seconds, + + // Expose the hostname in the `X-Served-By` response header + exposeHostname: process.env.EXPOSE_HOSTNAME === 'true', + + // Cookie max age (in milliseconds). Set to false for a browser session. + cookieSessionLength: 5 * 24 * 60 * 60 * 1000, // 5 days + + // When true, only allow invites to be sent to email addresses that + // already have user accounts + restrictInvitesToExistingAccounts: false, + + // Should we allow access to any page without logging in? This includes + // public projects, /learn, /templates, about pages, etc. + allowPublicAccess: process.env.OVERLEAF_ALLOW_PUBLIC_ACCESS === 'true', + + // editor should be open by default + editorIsOpen: process.env.EDITOR_OPEN !== 'false', + + // site should be open by default + siteIsOpen: process.env.SITE_OPEN !== 'false', + // status file for closing/opening the site at run-time, polled every 5s + siteMaintenanceFile: process.env.SITE_MAINTENANCE_FILE, + + // Use a single compile directory for all users in a project + // (otherwise each user has their own directory) + // disablePerUserCompiles: true + + // Domain the client (pdfjs) should download the compiled pdf from + pdfDownloadDomain: process.env.COMPILES_USER_CONTENT_DOMAIN, // "http://clsi-lb:3014" + + // By default turn on feature flag, can be overridden per request. + enablePdfCaching: process.env.ENABLE_PDF_CACHING === 'true', + + // Maximum size of text documents in the real-time editing system. + max_doc_length: 2 * 1024 * 1024, // 2mb + + primary_email_check_expiration: 1000 * 60 * 60 * 24 * 90, // 90 days + + // Maximum JSON size in HTTP requests + // We should be able to process twice the max doc length, to allow for + // - the doc content + // - text ranges spanning the whole doc + // + // There's also overhead required for the JSON encoding and the UTF-8 encoding, + // theoretically up to 3 times the max doc length. On the other hand, we don't + // want to block the event loop with JSON parsing, so we try to find a + // practical compromise. + max_json_request_size: + parseInt(process.env.MAX_JSON_REQUEST_SIZE) || 6 * 1024 * 1024, // 6 MB + + // Internal configs + // ---------------- + path: { + // If we ever need to write something to disk (e.g. incoming requests + // that need processing but may be too big for memory, then write + // them to disk here). + dumpFolder: Path.resolve(__dirname, '../data/dumpFolder'), + uploadFolder: Path.resolve(__dirname, '../data/uploads'), + }, + + // Automatic Snapshots + // ------------------- + automaticSnapshots: { + // How long should we wait after the user last edited to + // take a snapshot? + waitTimeAfterLastEdit: 5 * minutes, + // Even if edits are still taking place, this is maximum + // time to wait before taking another snapshot. + maxTimeBetweenSnapshots: 30 * minutes, + }, + + // Smoke test + // ---------- + // Provide log in credentials and a project to be able to run + // some basic smoke tests to check the core functionality. + // + smokeTest: { + user: process.env.SMOKE_TEST_USER, + userId: process.env.SMOKE_TEST_USER_ID, + password: process.env.SMOKE_TEST_PASSWORD, + projectId: process.env.SMOKE_TEST_PROJECT_ID, + rateLimitSubject: process.env.SMOKE_TEST_RATE_LIMIT_SUBJECT || '127.0.0.1', + stepTimeout: parseInt(process.env.SMOKE_TEST_STEP_TIMEOUT || '10000', 10), + }, + + appName: process.env.APP_NAME || 'Overleaf (Community Edition)', + + adminEmail: process.env.ADMIN_EMAIL || 'placeholder@example.com', + adminDomains: process.env.ADMIN_DOMAINS + ? JSON.parse(process.env.ADMIN_DOMAINS) + : undefined, + + nav: { + title: process.env.APP_NAME || 'Overleaf Community Edition', + + hide_powered_by: process.env.NAV_HIDE_POWERED_BY === 'true', + left_footer: [], + + right_footer: [ + { + text: " Fork on GitHub!", + url: 'https://github.com/overleaf/overleaf', + }, + ], + + showSubscriptionLink: false, + + header_extras: [], + }, + // Example: + // header_extras: [{text: "Some Page", url: "http://example.com/some/page", class: "subdued"}] + + recaptcha: { + endpoint: + process.env.RECAPTCHA_ENDPOINT || + 'https://www.google.com/recaptcha/api/siteverify', + trustedUsers: (process.env.CAPTCHA_TRUSTED_USERS || '') + .split(',') + .map(x => x.trim()) + .filter(x => x !== ''), + disabled: { + invite: true, + login: true, + passwordReset: true, + register: true, + addEmail: true, + }, + }, + + customisation: {}, + + redirects: { + '/templates/index': '/templates/', + }, + + reloadModuleViewsOnEachRequest: process.env.NODE_ENV === 'development', + + rateLimit: { + autoCompile: { + everyone: process.env.RATE_LIMIT_AUTO_COMPILE_EVERYONE || 100, + standard: process.env.RATE_LIMIT_AUTO_COMPILE_STANDARD || 25, + }, + }, + + analytics: { + enabled: false, + }, + + compileBodySizeLimitMb: process.env.COMPILE_BODY_SIZE_LIMIT_MB || 7, + + textExtensions: defaultTextExtensions.concat( + parseTextExtensions(process.env.ADDITIONAL_TEXT_EXTENSIONS) + ), + + // case-insensitive file names that is editable (doc) in the editor + editableFilenames: ['latexmkrc', '.latexmkrc', 'makefile', 'gnumakefile'], + + fileIgnorePattern: + process.env.FILE_IGNORE_PATTERN || + '**/{{__MACOSX,.git,.texpadtmp,.R}{,/**},.!(latexmkrc),*.{dvi,aux,log,toc,out,pdfsync,synctex,synctex(busy),fdb_latexmk,fls,nlo,ind,glo,gls,glg,bbl,blg,doc,docx,gz,swp}}', + + validRootDocExtensions: ['tex', 'Rtex', 'ltx', 'Rnw'], + + emailConfirmationDisabled: + process.env.EMAIL_CONFIRMATION_DISABLED === 'true' || false, + + emailAddressLimit: intFromEnv('EMAIL_ADDRESS_LIMIT', 10), + + enabledServices: (process.env.ENABLED_SERVICES || 'web,api') + .split(',') + .map(s => s.trim()), + + // module options + // ---------- + modules: { + sanitize: { + options: { + allowedTags: [ + 'h1', + 'h2', + 'h3', + 'h4', + 'h5', + 'h6', + 'blockquote', + 'p', + 'a', + 'ul', + 'ol', + 'nl', + 'li', + 'b', + 'i', + 'strong', + 'em', + 'strike', + 'code', + 'hr', + 'br', + 'div', + 'table', + 'thead', + 'col', + 'caption', + 'tbody', + 'tr', + 'th', + 'td', + 'tfoot', + 'pre', + 'iframe', + 'img', + 'figure', + 'figcaption', + 'span', + 'source', + 'video', + 'del', + ], + allowedAttributes: { + a: [ + 'href', + 'name', + 'target', + 'class', + 'event-tracking', + 'event-tracking-ga', + 'event-tracking-label', + 'event-tracking-trigger', + ], + div: ['class', 'id', 'style'], + h1: ['class', 'id'], + h2: ['class', 'id'], + h3: ['class', 'id'], + h4: ['class', 'id'], + h5: ['class', 'id'], + h6: ['class', 'id'], + p: ['class'], + col: ['width'], + figure: ['class', 'id', 'style'], + figcaption: ['class', 'id', 'style'], + i: ['aria-hidden', 'aria-label', 'class', 'id'], + iframe: [ + 'allowfullscreen', + 'frameborder', + 'height', + 'src', + 'style', + 'width', + ], + img: ['alt', 'class', 'src', 'style'], + source: ['src', 'type'], + span: ['class', 'id', 'style'], + strong: ['style'], + table: ['border', 'class', 'id', 'style'], + td: ['colspan', 'rowspan', 'headers', 'style'], + th: [ + 'abbr', + 'headers', + 'colspan', + 'rowspan', + 'scope', + 'sorted', + 'style', + ], + tr: ['class'], + video: ['alt', 'class', 'controls', 'height', 'width'], + }, + }, + }, + }, + + overleafModuleImports: { + // modules to import (an empty array for each set of modules) + // + // Restart webpack after making changes. + // + createFileModes: [], + devToolbar: [], + gitBridge: [], + publishModal: [], + tprFileViewInfo: [], + tprFileViewRefreshError: [], + tprFileViewRefreshButton: [], + tprFileViewNotOriginalImporter: [], + newFilePromotions: [], + contactUsModal: [], + editorToolbarButtons: [], + sourceEditorExtensions: [], + sourceEditorComponents: [], + pdfLogEntryComponents: [], + pdfLogEntriesComponents: [], + diagnosticActions: [], + sourceEditorCompletionSources: [], + sourceEditorSymbolPalette: [], + sourceEditorToolbarComponents: [], + editorPromotions: [], + langFeedbackLinkingWidgets: [], + labsExperiments: [], + integrationLinkingWidgets: [], + referenceLinkingWidgets: [], + importProjectFromGithubModalWrapper: [], + importProjectFromGithubMenu: [], + editorLeftMenuSync: [], + editorLeftMenuManageTemplate: [], + oauth2Server: [], + managedGroupSubscriptionEnrollmentNotification: [], + userNotifications: [], + managedGroupEnrollmentInvite: [], + ssoCertificateInfo: [], + }, + + moduleImportSequence: [ + 'history-v1', + 'launchpad', + 'server-ce-scripts', + 'user-activate', + 'track-changes', + 'ldap-authentication', + ], + viewIncludes: {}, + + csp: { + enabled: process.env.CSP_ENABLED === 'true', + reportOnly: process.env.CSP_REPORT_ONLY === 'true', + reportPercentage: parseFloat(process.env.CSP_REPORT_PERCENTAGE) || 0, + reportUri: process.env.CSP_REPORT_URI, + exclude: [], + viewDirectives: { + 'app/views/project/ide-react': [`img-src 'self' data: blob:`], + }, + }, + + unsupportedBrowsers: { + ie: '<=11', + safari: '<=13', + }, + + // ID of the IEEE brand in the rails app + ieeeBrandId: intFromEnv('IEEE_BRAND_ID', 15), + + managedUsers: { + enabled: false, + }, + + enableRegistrationPage: false, +} + +module.exports.mergeWith = function (overrides) { + return merge(overrides, module.exports) +} diff --git a/overleafserver/track/web/app/src/Features/Project/ProjectEditorHandler.js b/overleafserver/track/web/app/src/Features/Project/ProjectEditorHandler.js new file mode 100644 index 0000000..f8b226c --- /dev/null +++ b/overleafserver/track/web/app/src/Features/Project/ProjectEditorHandler.js @@ -0,0 +1,156 @@ +let ProjectEditorHandler +const _ = require('lodash') +const Path = require('path') + +function mergeDeletedDocs(a, b) { + const docIdsInA = new Set(a.map(doc => doc._id.toString())) + return a.concat(b.filter(doc => !docIdsInA.has(doc._id.toString()))) +} + +module.exports = ProjectEditorHandler = { + trackChangesAvailable: true, + + buildProjectModelView(project, members, invites, deletedDocsFromDocstore) { + let owner, ownerFeatures + if (!Array.isArray(project.deletedDocs)) { + project.deletedDocs = [] + } + project.deletedDocs.forEach(doc => { + // The frontend does not use this field. + delete doc.deletedAt + }) + const result = { + _id: project._id, + name: project.name, + rootDoc_id: project.rootDoc_id, + rootFolder: [this.buildFolderModelView(project.rootFolder[0])], + publicAccesLevel: project.publicAccesLevel, + dropboxEnabled: !!project.existsInDropbox, + compiler: project.compiler, + description: project.description, + spellCheckLanguage: project.spellCheckLanguage, + deletedByExternalDataSource: project.deletedByExternalDataSource || false, + deletedDocs: mergeDeletedDocs( + project.deletedDocs, + deletedDocsFromDocstore + ), + members: [], + invites: this.buildInvitesView(invites), + imageName: + project.imageName != null + ? Path.basename(project.imageName) + : undefined, + } + + ;({ owner, ownerFeatures, members } = + this.buildOwnerAndMembersViews(members)) + result.owner = owner + result.members = members + + result.features = _.defaults(ownerFeatures || {}, { + collaborators: -1, // Infinite + versioning: false, + dropbox: false, + compileTimeout: 60, + compileGroup: 'standard', + templates: false, + references: false, + referencesSearch: false, + mendeley: false, + trackChanges: true, + trackChangesVisible: ProjectEditorHandler.trackChangesAvailable, + symbolPalette: false, + }) + + if (result.features.trackChanges) { + result.trackChangesState = project.track_changes || false + } + + // Originally these two feature flags were both signalled by the now-deprecated `references` flag. + // For older users, the presence of the `references` feature flag should still turn on these features. + result.features.referencesSearch = + result.features.referencesSearch || result.features.references + result.features.mendeley = + result.features.mendeley || result.features.references + + return result + }, + + buildOwnerAndMembersViews(members) { + let owner = null + let ownerFeatures = null + const filteredMembers = [] + for (const member of members || []) { + if (member.privilegeLevel === 'owner') { + ownerFeatures = member.user.features + owner = this.buildUserModelView(member.user, 'owner') + } else { + filteredMembers.push( + this.buildUserModelView(member.user, member.privilegeLevel) + ) + } + } + return { + owner, + ownerFeatures, + members: filteredMembers, + } + }, + + buildUserModelView(user, privileges) { + return { + _id: user._id, + first_name: user.first_name, + last_name: user.last_name, + email: user.email, + privileges, + signUpDate: user.signUpDate, + } + }, + + buildFolderModelView(folder) { + const fileRefs = _.filter(folder.fileRefs || [], file => file != null) + return { + _id: folder._id, + name: folder.name, + folders: (folder.folders || []).map(childFolder => + this.buildFolderModelView(childFolder) + ), + fileRefs: fileRefs.map(file => this.buildFileModelView(file)), + docs: (folder.docs || []).map(doc => this.buildDocModelView(doc)), + } + }, + + buildFileModelView(file) { + return { + _id: file._id, + name: file.name, + linkedFileData: file.linkedFileData, + created: file.created, + } + }, + + buildDocModelView(doc) { + return { + _id: doc._id, + name: doc.name, + } + }, + + buildInvitesView(invites) { + if (invites == null) { + return [] + } + return invites.map(invite => + _.pick(invite, [ + '_id', + 'createdAt', + 'email', + 'expires', + 'privileges', + 'projectId', + 'sendingUserId', + ]) + ) + }, +} diff --git a/overleafserver/track/web/config/settings.defaults.js b/overleafserver/track/web/config/settings.defaults.js new file mode 100644 index 0000000..c611387 --- /dev/null +++ b/overleafserver/track/web/config/settings.defaults.js @@ -0,0 +1,935 @@ +const Path = require('path') +const { merge } = require('@overleaf/settings/merge') + +let defaultFeatures, siteUrl + +// Make time interval config easier. +const seconds = 1000 +const minutes = 60 * seconds + +// These credentials are used for authenticating api requests +// between services that may need to go over public channels +const httpAuthUser = process.env.WEB_API_USER +const httpAuthPass = process.env.WEB_API_PASSWORD +const httpAuthUsers = {} +if (httpAuthUser && httpAuthPass) { + httpAuthUsers[httpAuthUser] = httpAuthPass +} + +const intFromEnv = function (name, defaultValue) { + if ( + [null, undefined].includes(defaultValue) || + typeof defaultValue !== 'number' + ) { + throw new Error( + `Bad default integer value for setting: ${name}, ${defaultValue}` + ) + } + return parseInt(process.env[name], 10) || defaultValue +} + +const defaultTextExtensions = [ + 'tex', + 'latex', + 'sty', + 'cls', + 'bst', + 'bib', + 'bibtex', + 'txt', + 'tikz', + 'mtx', + 'rtex', + 'md', + 'asy', + 'lbx', + 'bbx', + 'cbx', + 'm', + 'lco', + 'dtx', + 'ins', + 'ist', + 'def', + 'clo', + 'ldf', + 'rmd', + 'lua', + 'gv', + 'mf', + 'yml', + 'yaml', + 'lhs', + 'mk', + 'xmpdata', + 'cfg', + 'rnw', + 'ltx', + 'inc', +] + +const parseTextExtensions = function (extensions) { + if (extensions) { + return extensions.split(',').map(ext => ext.trim()) + } else { + return [] + } +} + +const httpPermissionsPolicy = { + blocked: [ + 'accelerometer', + 'attribution-reporting', + 'browsing-topics', + 'camera', + 'display-capture', + 'encrypted-media', + 'gamepad', + 'geolocation', + 'gyroscope', + 'hid', + 'identity-credentials-get', + 'idle-detection', + 'local-fonts', + 'magnetometer', + 'microphone', + 'midi', + 'otp-credentials', + 'payment', + 'picture-in-picture', + 'screen-wake-lock', + 'serial', + 'storage-access', + 'usb', + 'window-management', + 'xr-spatial-tracking', + ], + allowed: { + autoplay: 'self "https://videos.ctfassets.net"', + fullscreen: 'self', + }, +} + +module.exports = { + env: 'server-ce', + + limits: { + httpGlobalAgentMaxSockets: 300, + httpsGlobalAgentMaxSockets: 300, + }, + + allowAnonymousReadAndWriteSharing: + process.env.OVERLEAF_ALLOW_ANONYMOUS_READ_AND_WRITE_SHARING === 'true', + + // Databases + // --------- + mongo: { + options: { + appname: 'web', + maxPoolSize: parseInt(process.env.MONGO_POOL_SIZE, 10) || 100, + serverSelectionTimeoutMS: + parseInt(process.env.MONGO_SERVER_SELECTION_TIMEOUT, 10) || 60000, + // Setting socketTimeoutMS to 0 means no timeout + socketTimeoutMS: parseInt( + process.env.MONGO_SOCKET_TIMEOUT ?? '60000', + 10 + ), + monitorCommands: true, + }, + url: + process.env.MONGO_CONNECTION_STRING || + process.env.MONGO_URL || + `mongodb://${process.env.MONGO_HOST || '127.0.0.1'}/sharelatex`, + hasSecondaries: process.env.MONGO_HAS_SECONDARIES === 'true', + }, + + redis: { + web: { + host: process.env.REDIS_HOST || '127.0.0.1', + port: process.env.REDIS_PORT || '6379', + password: process.env.REDIS_PASSWORD || '', + db: process.env.REDIS_DB, + maxRetriesPerRequest: parseInt( + process.env.REDIS_MAX_RETRIES_PER_REQUEST || '20' + ), + }, + + // websessions: + // cluster: [ + // {host: '127.0.0.1', port: 7000} + // {host: '127.0.0.1', port: 7001} + // {host: '127.0.0.1', port: 7002} + // {host: '127.0.0.1', port: 7003} + // {host: '127.0.0.1', port: 7004} + // {host: '127.0.0.1', port: 7005} + // ] + + // ratelimiter: + // cluster: [ + // {host: '127.0.0.1', port: 7000} + // {host: '127.0.0.1', port: 7001} + // {host: '127.0.0.1', port: 7002} + // {host: '127.0.0.1', port: 7003} + // {host: '127.0.0.1', port: 7004} + // {host: '127.0.0.1', port: 7005} + // ] + + // cooldown: + // cluster: [ + // {host: '127.0.0.1', port: 7000} + // {host: '127.0.0.1', port: 7001} + // {host: '127.0.0.1', port: 7002} + // {host: '127.0.0.1', port: 7003} + // {host: '127.0.0.1', port: 7004} + // {host: '127.0.0.1', port: 7005} + // ] + + api: { + host: process.env.REDIS_HOST || '127.0.0.1', + port: process.env.REDIS_PORT || '6379', + password: process.env.REDIS_PASSWORD || '', + maxRetriesPerRequest: parseInt( + process.env.REDIS_MAX_RETRIES_PER_REQUEST || '20' + ), + }, + }, + + // Service locations + // ----------------- + + // Configure which ports to run each service on. Generally you + // can leave these as they are unless you have some other services + // running which conflict, or want to run the web process on port 80. + internal: { + web: { + port: process.env.WEB_PORT || 3000, + host: process.env.LISTEN_ADDRESS || '127.0.0.1', + }, + }, + + // Tell each service where to find the other services. If everything + // is running locally then this is easy, but they exist as separate config + // options incase you want to run some services on remote hosts. + apis: { + web: { + url: `http://${ + process.env.WEB_API_HOST || process.env.WEB_HOST || '127.0.0.1' + }:${process.env.WEB_API_PORT || process.env.WEB_PORT || 3000}`, + user: httpAuthUser, + pass: httpAuthPass, + }, + documentupdater: { + url: `http://${ + process.env.DOCUPDATER_HOST || + process.env.DOCUMENT_UPDATER_HOST || + '127.0.0.1' + }:3003`, + }, + spelling: { + url: `http://${process.env.SPELLING_HOST || '127.0.0.1'}:3005`, + host: process.env.SPELLING_HOST, + }, + docstore: { + url: `http://${process.env.DOCSTORE_HOST || '127.0.0.1'}:3016`, + pubUrl: `http://${process.env.DOCSTORE_HOST || '127.0.0.1'}:3016`, + }, + chat: { + internal_url: `http://${process.env.CHAT_HOST || '127.0.0.1'}:3010`, + }, + filestore: { + url: `http://${process.env.FILESTORE_HOST || '127.0.0.1'}:3009`, + }, + clsi: { + url: `http://${process.env.CLSI_HOST || '127.0.0.1'}:3013`, + // url: "http://#{process.env['CLSI_LB_HOST']}:3014" + backendGroupName: undefined, + submissionBackendClass: + process.env.CLSI_SUBMISSION_BACKEND_CLASS || 'n2d', + }, + project_history: { + sendProjectStructureOps: true, + url: `http://${process.env.PROJECT_HISTORY_HOST || '127.0.0.1'}:3054`, + }, + realTime: { + url: `http://${process.env.REALTIME_HOST || '127.0.0.1'}:3026`, + }, + contacts: { + url: `http://${process.env.CONTACTS_HOST || '127.0.0.1'}:3036`, + }, + notifications: { + url: `http://${process.env.NOTIFICATIONS_HOST || '127.0.0.1'}:3042`, + }, + webpack: { + url: `http://${process.env.WEBPACK_HOST || '127.0.0.1'}:3808`, + }, + wiki: { + url: process.env.WIKI_URL || 'https://learn.sharelatex.com', + maxCacheAge: parseInt(process.env.WIKI_MAX_CACHE_AGE || 5 * minutes, 10), + }, + + haveIBeenPwned: { + enabled: process.env.HAVE_I_BEEN_PWNED_ENABLED === 'true', + url: + process.env.HAVE_I_BEEN_PWNED_URL || 'https://api.pwnedpasswords.com', + timeout: parseInt(process.env.HAVE_I_BEEN_PWNED_TIMEOUT, 10) || 5 * 1000, + }, + + // For legacy reasons, we need to populate the below objects. + v1: {}, + recurly: {}, + }, + + // Defines which features are allowed in the + // Permissions-Policy HTTP header + httpPermissions: httpPermissionsPolicy, + useHttpPermissionsPolicy: true, + + jwt: { + key: process.env.OT_JWT_AUTH_KEY, + algorithm: process.env.OT_JWT_AUTH_ALG || 'HS256', + }, + + devToolbar: { + enabled: false, + }, + + splitTests: [], + + // Where your instance of Overleaf Community Edition/Server Pro can be found publicly. Used in emails + // that are sent out, generated links, etc. + siteUrl: (siteUrl = process.env.PUBLIC_URL || 'http://127.0.0.1:3000'), + + lockManager: { + lockTestInterval: intFromEnv('LOCK_MANAGER_LOCK_TEST_INTERVAL', 50), + maxTestInterval: intFromEnv('LOCK_MANAGER_MAX_TEST_INTERVAL', 1000), + maxLockWaitTime: intFromEnv('LOCK_MANAGER_MAX_LOCK_WAIT_TIME', 10000), + redisLockExpiry: intFromEnv('LOCK_MANAGER_REDIS_LOCK_EXPIRY', 30), + slowExecutionThreshold: intFromEnv( + 'LOCK_MANAGER_SLOW_EXECUTION_THRESHOLD', + 5000 + ), + }, + + // Optional separate location for websocket connections, if unset defaults to siteUrl. + wsUrl: process.env.WEBSOCKET_URL, + wsUrlV2: process.env.WEBSOCKET_URL_V2, + wsUrlBeta: process.env.WEBSOCKET_URL_BETA, + + wsUrlV2Percentage: parseInt( + process.env.WEBSOCKET_URL_V2_PERCENTAGE || '0', + 10 + ), + wsRetryHandshake: parseInt(process.env.WEBSOCKET_RETRY_HANDSHAKE || '5', 10), + + // cookie domain + // use full domain for cookies to only be accessible from that domain, + // replace subdomain with dot to have them accessible on all subdomains + cookieDomain: process.env.COOKIE_DOMAIN, + cookieName: process.env.COOKIE_NAME || 'overleaf.sid', + cookieRollingSession: true, + + // this is only used if cookies are used for clsi backend + // clsiCookieKey: "clsiserver" + + robotsNoindex: process.env.ROBOTS_NOINDEX === 'true' || false, + + maxEntitiesPerProject: parseInt( + process.env.MAX_ENTITIES_PER_PROJECT || '2000', + 10 + ), + + projectUploadTimeout: parseInt( + process.env.PROJECT_UPLOAD_TIMEOUT || '120000', + 10 + ), + maxUploadSize: 50 * 1024 * 1024, // 50 MB + multerOptions: { + preservePath: process.env.MULTER_PRESERVE_PATH, + }, + + // start failing the health check if active handles exceeds this limit + maxActiveHandles: process.env.MAX_ACTIVE_HANDLES + ? parseInt(process.env.MAX_ACTIVE_HANDLES, 10) + : undefined, + + // Security + // -------- + security: { + sessionSecret: process.env.SESSION_SECRET, + sessionSecretUpcoming: process.env.SESSION_SECRET_UPCOMING, + sessionSecretFallback: process.env.SESSION_SECRET_FALLBACK, + bcryptRounds: parseInt(process.env.BCRYPT_ROUNDS, 10) || 12, + }, // number of rounds used to hash user passwords (raised to power 2) + + adminUrl: process.env.ADMIN_URL, + adminOnlyLogin: process.env.ADMIN_ONLY_LOGIN === 'true', + adminPrivilegeAvailable: process.env.ADMIN_PRIVILEGE_AVAILABLE === 'true', + blockCrossOriginRequests: process.env.BLOCK_CROSS_ORIGIN_REQUESTS === 'true', + allowedOrigins: (process.env.ALLOWED_ORIGINS || siteUrl).split(','), + + httpAuthUsers, + + // Default features + // ---------------- + // + // You can select the features that are enabled by default for new + // new users. + defaultFeatures: (defaultFeatures = { + collaborators: -1, + dropbox: true, + github: true, + gitBridge: true, + versioning: true, + compileTimeout: 180, + compileGroup: 'standard', + references: true, + trackChanges: true, + }), + + // featuresEpoch: 'YYYY-MM-DD', + + features: { + personal: defaultFeatures, + }, + + groupPlanModalOptions: { + plan_codes: [], + currencies: [], + sizes: [], + usages: [], + }, + plans: [ + { + planCode: 'personal', + name: 'Personal', + price_in_cents: 0, + features: defaultFeatures, + }, + ], + + enableSubscriptions: false, + restrictedCountries: [], + enableOnboardingEmails: process.env.ENABLE_ONBOARDING_EMAILS === 'true', + + enabledLinkedFileTypes: (process.env.ENABLED_LINKED_FILE_TYPES || '').split( + ',' + ), + + // i18n + // ------ + // + i18n: { + checkForHTMLInVars: process.env.I18N_CHECK_FOR_HTML_IN_VARS === 'true', + escapeHTMLInVars: process.env.I18N_ESCAPE_HTML_IN_VARS === 'true', + subdomainLang: { + www: { lngCode: 'en', url: siteUrl }, + }, + defaultLng: 'en', + }, + + // Spelling languages + // ------------------ + // + // You must have the corresponding aspell package installed to + // be able to use a language. + languages: [ + { code: 'en', name: 'English' }, + { code: 'en_US', name: 'English (American)' }, + { code: 'en_GB', name: 'English (British)' }, + { code: 'en_CA', name: 'English (Canadian)' }, + { code: 'af', name: 'Afrikaans' }, + { code: 'ar', name: 'Arabic' }, + { code: 'gl', name: 'Galician' }, + { code: 'eu', name: 'Basque' }, + { code: 'br', name: 'Breton' }, + { code: 'bg', name: 'Bulgarian' }, + { code: 'ca', name: 'Catalan' }, + { code: 'hr', name: 'Croatian' }, + { code: 'cs', name: 'Czech' }, + { code: 'da', name: 'Danish' }, + { code: 'nl', name: 'Dutch' }, + { code: 'eo', name: 'Esperanto' }, + { code: 'et', name: 'Estonian' }, + { code: 'fo', name: 'Faroese' }, + { code: 'fr', name: 'French' }, + { code: 'de', name: 'German' }, + { code: 'el', name: 'Greek' }, + { code: 'id', name: 'Indonesian' }, + { code: 'ga', name: 'Irish' }, + { code: 'it', name: 'Italian' }, + { code: 'kk', name: 'Kazakh' }, + { code: 'ku', name: 'Kurdish' }, + { code: 'lv', name: 'Latvian' }, + { code: 'lt', name: 'Lithuanian' }, + { code: 'nr', name: 'Ndebele' }, + { code: 'ns', name: 'Northern Sotho' }, + { code: 'no', name: 'Norwegian' }, + { code: 'fa', name: 'Persian' }, + { code: 'pl', name: 'Polish' }, + { code: 'pt_BR', name: 'Portuguese (Brazilian)' }, + { code: 'pt_PT', name: 'Portuguese (European)' }, + { code: 'pa', name: 'Punjabi' }, + { code: 'ro', name: 'Romanian' }, + { code: 'ru', name: 'Russian' }, + { code: 'sk', name: 'Slovak' }, + { code: 'sl', name: 'Slovenian' }, + { code: 'st', name: 'Southern Sotho' }, + { code: 'es', name: 'Spanish' }, + { code: 'sv', name: 'Swedish' }, + { code: 'tl', name: 'Tagalog' }, + { code: 'ts', name: 'Tsonga' }, + { code: 'tn', name: 'Tswana' }, + { code: 'hsb', name: 'Upper Sorbian' }, + { code: 'cy', name: 'Welsh' }, + { code: 'xh', name: 'Xhosa' }, + ], + + translatedLanguages: { + cn: '简体中文', + cs: 'Čeština', + da: 'Dansk', + de: 'Deutsch', + en: 'English', + es: 'Español', + fi: 'Suomi', + fr: 'Français', + it: 'Italiano', + ja: '日本語', + ko: '한국어', + nl: 'Nederlands', + no: 'Norsk', + pl: 'Polski', + pt: 'Português', + ro: 'Română', + ru: 'Русский', + sv: 'Svenska', + tr: 'Türkçe', + uk: 'Українська', + 'zh-CN': '简体中文', + }, + + maxDictionarySize: 1024 * 1024, // 1 MB + + // Password Settings + // ----------- + // These restrict the passwords users can use when registering + // opts are from http://antelle.github.io/passfield + passwordStrengthOptions: { + length: { + min: 8, + // Bcrypt does not support longer passwords than that. + max: 72, + }, + }, + + elevateAccountSecurityAfterFailedLogin: + parseInt(process.env.ELEVATED_ACCOUNT_SECURITY_AFTER_FAILED_LOGIN_MS, 10) || + 24 * 60 * 60 * 1000, + + deviceHistory: { + cookieName: process.env.DEVICE_HISTORY_COOKIE_NAME || 'deviceHistory', + entryExpiry: + parseInt(process.env.DEVICE_HISTORY_ENTRY_EXPIRY_MS, 10) || + 90 * 24 * 60 * 60 * 1000, + maxEntries: parseInt(process.env.DEVICE_HISTORY_MAX_ENTRIES, 10) || 10, + secret: process.env.DEVICE_HISTORY_SECRET, + }, + + // Email support + // ------------- + // + // Overleaf uses nodemailer (http://www.nodemailer.com/) to send transactional emails. + // To see the range of transport and options they support, see http://www.nodemailer.com/docs/transports + // email: + // fromAddress: "" + // replyTo: "" + // lifecycle: false + // # Example transport and parameter settings for Amazon SES + // transport: "SES" + // parameters: + // AWSAccessKeyID: "" + // AWSSecretKey: "" + + // For legacy reasons, we need to populate this object. + sentry: {}, + + // Production Settings + // ------------------- + debugPugTemplates: process.env.DEBUG_PUG_TEMPLATES === 'true', + precompilePugTemplatesAtBootTime: process.env + .PRECOMPILE_PUG_TEMPLATES_AT_BOOT_TIME + ? process.env.PRECOMPILE_PUG_TEMPLATES_AT_BOOT_TIME === 'true' + : process.env.NODE_ENV === 'production', + + // Should javascript assets be served minified or not. + useMinifiedJs: process.env.MINIFIED_JS === 'true' || false, + + // Should static assets be sent with a header to tell the browser to cache + // them. + cacheStaticAssets: false, + + // If you are running Overleaf over https, set this to true to send the + // cookie with a secure flag (recommended). + secureCookie: false, + + // 'SameSite' cookie setting. Can be set to 'lax', 'none' or 'strict' + // 'lax' is recommended, as 'strict' will prevent people linking to projects + // https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-03#section-4.1.2.7 + sameSiteCookie: 'lax', + + // If you are running Overleaf behind a proxy (like Apache, Nginx, etc) + // then set this to true to allow it to correctly detect the forwarded IP + // address and http/https protocol information. + behindProxy: false, + + // Delay before closing the http server upon receiving a SIGTERM process signal. + gracefulShutdownDelayInMs: + parseInt(process.env.GRACEFUL_SHUTDOWN_DELAY_SECONDS ?? '5', 10) * seconds, + + // Expose the hostname in the `X-Served-By` response header + exposeHostname: process.env.EXPOSE_HOSTNAME === 'true', + + // Cookie max age (in milliseconds). Set to false for a browser session. + cookieSessionLength: 5 * 24 * 60 * 60 * 1000, // 5 days + + // When true, only allow invites to be sent to email addresses that + // already have user accounts + restrictInvitesToExistingAccounts: false, + + // Should we allow access to any page without logging in? This includes + // public projects, /learn, /templates, about pages, etc. + allowPublicAccess: process.env.OVERLEAF_ALLOW_PUBLIC_ACCESS === 'true', + + // editor should be open by default + editorIsOpen: process.env.EDITOR_OPEN !== 'false', + + // site should be open by default + siteIsOpen: process.env.SITE_OPEN !== 'false', + // status file for closing/opening the site at run-time, polled every 5s + siteMaintenanceFile: process.env.SITE_MAINTENANCE_FILE, + + // Use a single compile directory for all users in a project + // (otherwise each user has their own directory) + // disablePerUserCompiles: true + + // Domain the client (pdfjs) should download the compiled pdf from + pdfDownloadDomain: process.env.COMPILES_USER_CONTENT_DOMAIN, // "http://clsi-lb:3014" + + // By default turn on feature flag, can be overridden per request. + enablePdfCaching: process.env.ENABLE_PDF_CACHING === 'true', + + // Maximum size of text documents in the real-time editing system. + max_doc_length: 2 * 1024 * 1024, // 2mb + + primary_email_check_expiration: 1000 * 60 * 60 * 24 * 90, // 90 days + + // Maximum JSON size in HTTP requests + // We should be able to process twice the max doc length, to allow for + // - the doc content + // - text ranges spanning the whole doc + // + // There's also overhead required for the JSON encoding and the UTF-8 encoding, + // theoretically up to 3 times the max doc length. On the other hand, we don't + // want to block the event loop with JSON parsing, so we try to find a + // practical compromise. + max_json_request_size: + parseInt(process.env.MAX_JSON_REQUEST_SIZE) || 6 * 1024 * 1024, // 6 MB + + // Internal configs + // ---------------- + path: { + // If we ever need to write something to disk (e.g. incoming requests + // that need processing but may be too big for memory, then write + // them to disk here). + dumpFolder: Path.resolve(__dirname, '../data/dumpFolder'), + uploadFolder: Path.resolve(__dirname, '../data/uploads'), + }, + + // Automatic Snapshots + // ------------------- + automaticSnapshots: { + // How long should we wait after the user last edited to + // take a snapshot? + waitTimeAfterLastEdit: 5 * minutes, + // Even if edits are still taking place, this is maximum + // time to wait before taking another snapshot. + maxTimeBetweenSnapshots: 30 * minutes, + }, + + // Smoke test + // ---------- + // Provide log in credentials and a project to be able to run + // some basic smoke tests to check the core functionality. + // + smokeTest: { + user: process.env.SMOKE_TEST_USER, + userId: process.env.SMOKE_TEST_USER_ID, + password: process.env.SMOKE_TEST_PASSWORD, + projectId: process.env.SMOKE_TEST_PROJECT_ID, + rateLimitSubject: process.env.SMOKE_TEST_RATE_LIMIT_SUBJECT || '127.0.0.1', + stepTimeout: parseInt(process.env.SMOKE_TEST_STEP_TIMEOUT || '10000', 10), + }, + + appName: process.env.APP_NAME || 'Overleaf (Community Edition)', + + adminEmail: process.env.ADMIN_EMAIL || 'placeholder@example.com', + adminDomains: process.env.ADMIN_DOMAINS + ? JSON.parse(process.env.ADMIN_DOMAINS) + : undefined, + + nav: { + title: process.env.APP_NAME || 'Overleaf Community Edition', + + hide_powered_by: process.env.NAV_HIDE_POWERED_BY === 'true', + left_footer: [], + + right_footer: [ + { + text: " Fork on GitHub!", + url: 'https://github.com/overleaf/overleaf', + }, + ], + + showSubscriptionLink: false, + + header_extras: [], + }, + // Example: + // header_extras: [{text: "Some Page", url: "http://example.com/some/page", class: "subdued"}] + + recaptcha: { + endpoint: + process.env.RECAPTCHA_ENDPOINT || + 'https://www.google.com/recaptcha/api/siteverify', + trustedUsers: (process.env.CAPTCHA_TRUSTED_USERS || '') + .split(',') + .map(x => x.trim()) + .filter(x => x !== ''), + disabled: { + invite: true, + login: true, + passwordReset: true, + register: true, + addEmail: true, + }, + }, + + customisation: {}, + + redirects: { + '/templates/index': '/templates/', + }, + + reloadModuleViewsOnEachRequest: process.env.NODE_ENV === 'development', + + rateLimit: { + autoCompile: { + everyone: process.env.RATE_LIMIT_AUTO_COMPILE_EVERYONE || 100, + standard: process.env.RATE_LIMIT_AUTO_COMPILE_STANDARD || 25, + }, + }, + + analytics: { + enabled: false, + }, + + compileBodySizeLimitMb: process.env.COMPILE_BODY_SIZE_LIMIT_MB || 7, + + textExtensions: defaultTextExtensions.concat( + parseTextExtensions(process.env.ADDITIONAL_TEXT_EXTENSIONS) + ), + + // case-insensitive file names that is editable (doc) in the editor + editableFilenames: ['latexmkrc', '.latexmkrc', 'makefile', 'gnumakefile'], + + fileIgnorePattern: + process.env.FILE_IGNORE_PATTERN || + '**/{{__MACOSX,.git,.texpadtmp,.R}{,/**},.!(latexmkrc),*.{dvi,aux,log,toc,out,pdfsync,synctex,synctex(busy),fdb_latexmk,fls,nlo,ind,glo,gls,glg,bbl,blg,doc,docx,gz,swp}}', + + validRootDocExtensions: ['tex', 'Rtex', 'ltx', 'Rnw'], + + emailConfirmationDisabled: + process.env.EMAIL_CONFIRMATION_DISABLED === 'true' || false, + + emailAddressLimit: intFromEnv('EMAIL_ADDRESS_LIMIT', 10), + + enabledServices: (process.env.ENABLED_SERVICES || 'web,api') + .split(',') + .map(s => s.trim()), + + // module options + // ---------- + modules: { + sanitize: { + options: { + allowedTags: [ + 'h1', + 'h2', + 'h3', + 'h4', + 'h5', + 'h6', + 'blockquote', + 'p', + 'a', + 'ul', + 'ol', + 'nl', + 'li', + 'b', + 'i', + 'strong', + 'em', + 'strike', + 'code', + 'hr', + 'br', + 'div', + 'table', + 'thead', + 'col', + 'caption', + 'tbody', + 'tr', + 'th', + 'td', + 'tfoot', + 'pre', + 'iframe', + 'img', + 'figure', + 'figcaption', + 'span', + 'source', + 'video', + 'del', + ], + allowedAttributes: { + a: [ + 'href', + 'name', + 'target', + 'class', + 'event-tracking', + 'event-tracking-ga', + 'event-tracking-label', + 'event-tracking-trigger', + ], + div: ['class', 'id', 'style'], + h1: ['class', 'id'], + h2: ['class', 'id'], + h3: ['class', 'id'], + h4: ['class', 'id'], + h5: ['class', 'id'], + h6: ['class', 'id'], + p: ['class'], + col: ['width'], + figure: ['class', 'id', 'style'], + figcaption: ['class', 'id', 'style'], + i: ['aria-hidden', 'aria-label', 'class', 'id'], + iframe: [ + 'allowfullscreen', + 'frameborder', + 'height', + 'src', + 'style', + 'width', + ], + img: ['alt', 'class', 'src', 'style'], + source: ['src', 'type'], + span: ['class', 'id', 'style'], + strong: ['style'], + table: ['border', 'class', 'id', 'style'], + td: ['colspan', 'rowspan', 'headers', 'style'], + th: [ + 'abbr', + 'headers', + 'colspan', + 'rowspan', + 'scope', + 'sorted', + 'style', + ], + tr: ['class'], + video: ['alt', 'class', 'controls', 'height', 'width'], + }, + }, + }, + }, + + overleafModuleImports: { + // modules to import (an empty array for each set of modules) + // + // Restart webpack after making changes. + // + createFileModes: [], + devToolbar: [], + gitBridge: [], + publishModal: [], + tprFileViewInfo: [], + tprFileViewRefreshError: [], + tprFileViewRefreshButton: [], + tprFileViewNotOriginalImporter: [], + newFilePromotions: [], + contactUsModal: [], + editorToolbarButtons: [], + sourceEditorExtensions: [], + sourceEditorComponents: [], + pdfLogEntryComponents: [], + pdfLogEntriesComponents: [], + diagnosticActions: [], + sourceEditorCompletionSources: [], + sourceEditorSymbolPalette: [], + sourceEditorToolbarComponents: [], + editorPromotions: [], + langFeedbackLinkingWidgets: [], + labsExperiments: [], + integrationLinkingWidgets: [], + referenceLinkingWidgets: [], + importProjectFromGithubModalWrapper: [], + importProjectFromGithubMenu: [], + editorLeftMenuSync: [], + editorLeftMenuManageTemplate: [], + oauth2Server: [], + managedGroupSubscriptionEnrollmentNotification: [], + userNotifications: [], + managedGroupEnrollmentInvite: [], + ssoCertificateInfo: [], + }, + + moduleImportSequence: [ + 'history-v1', + 'launchpad', + 'server-ce-scripts', + 'user-activate', + 'track-changes', + ], + viewIncludes: {}, + + csp: { + enabled: process.env.CSP_ENABLED === 'true', + reportOnly: process.env.CSP_REPORT_ONLY === 'true', + reportPercentage: parseFloat(process.env.CSP_REPORT_PERCENTAGE) || 0, + reportUri: process.env.CSP_REPORT_URI, + exclude: [], + viewDirectives: { + 'app/views/project/ide-react': [`img-src 'self' data: blob:`], + }, + }, + + unsupportedBrowsers: { + ie: '<=11', + safari: '<=13', + }, + + // ID of the IEEE brand in the rails app + ieeeBrandId: intFromEnv('IEEE_BRAND_ID', 15), + + managedUsers: { + enabled: false, + }, +} + +module.exports.mergeWith = function (overrides) { + return merge(overrides, module.exports) +} diff --git a/overleafserver/track/web/modules/track-changes/app/src/TrackChangesController.js b/overleafserver/track/web/modules/track-changes/app/src/TrackChangesController.js new file mode 100644 index 0000000..6cf3645 --- /dev/null +++ b/overleafserver/track/web/modules/track-changes/app/src/TrackChangesController.js @@ -0,0 +1,308 @@ +const ChatApiHandler = require('../../../../app/src/Features/Chat/ChatApiHandler') +const ChatManager = require('../../../../app/src/Features/Chat/ChatManager') +const EditorRealTimeController = require('../../../../app/src/Features/Editor/EditorRealTimeController') +const SessionManager = require('../../../../app/src/Features/Authentication/SessionManager') +const UserInfoManager = require('../../../../app/src/Features/User/UserInfoManager') +const DocstoreManager = require('../../../../app/src/Features/Docstore/DocstoreManager') +const DocumentUpdaterHandler = require('../../../../app/src/Features/DocumentUpdater/DocumentUpdaterHandler') +const CollaboratorsGetter = require('../../../../app/src/Features/Collaborators/CollaboratorsGetter') +const { Project } = require('../../../../app/src/models/Project') +const pLimit = require('p-limit') + +async function _updateTCState (projectId, state, callback) { + await Project.updateOne({_id: projectId}, {track_changes: state}).exec() + callback() +} +function _transformId(doc) { + if (doc._id) { + doc.id = doc._id; + delete doc._id; + } + return doc; +} + +const TrackChangesController = { + trackChanges(req, res, next) { + const { project_id } = req.params + let state = req.body.on || req.body.on_for + if ( req.body.on_for_guests && !req.body.on ) state.__guests__ = true + + return _updateTCState(project_id, state, + function (err, message) { + if (err != null) { + return next(err) + } + EditorRealTimeController.emitToRoom( + project_id, + 'toggle-track-changes', + state + ) + return res.sendStatus(204) + } + ) + }, + acceptChanges(req, res, next) { + const { project_id, doc_id } = req.params + const change_ids = req.body.change_ids + return DocumentUpdaterHandler.acceptChanges( + project_id, + doc_id, + change_ids, + function (err, message) { + if (err != null) { + return next(err) + } + EditorRealTimeController.emitToRoom( + project_id, + 'accept-changes', + doc_id, + change_ids, + ) + return res.sendStatus(204) + } + ) + }, + async getAllRanges(req, res, next) { + const { project_id } = req.params + // FIXME: ranges are from mongodb, probably already outdated + const ranges = await DocstoreManager.promises.getAllRanges(project_id) +// frontend expects 'id', not '_id' + return res.json(ranges.map(_transformId)) + }, + async getChangesUsers(req, res, next) { + const { project_id } = req.params + const memberIds = await CollaboratorsGetter.promises.getMemberIds(project_id) + // FIXME: Does not work properly if the user is no longer a member of the project + // memberIds from DocstoreManager.getAllRanges(project_id) is not a remedy + // because ranges are not updated in real-time + const limit = pLimit(3) + const users = await Promise.all( + memberIds.map(memberId => + limit(async () => { + const user = await UserInfoManager.promises.getPersonalInfo(memberId) + return user + }) + ) + ) + users.push({_id: null}) // An anonymous user won't cause any harm +// frontend expects 'id', not '_id' + return res.json(users.map(_transformId)) + }, + getThreads(req, res, next) { + const { project_id } = req.params + return ChatApiHandler.getThreads( + project_id, + function (err, messages) { + if (err != null) { + return next(err) + } + return ChatManager.injectUserInfoIntoThreads( + messages, + function (err) { + if (err != null) { + return next(err) + } + return res.json(messages) + } + ) + } + ) + }, + sendComment(req, res, next) { + const { project_id, thread_id } = req.params + const { content } = req.body + const user_id = SessionManager.getLoggedInUserId(req.session) + if (user_id == null) { + const err = new Error('no logged-in user') + return next(err) + } + return ChatApiHandler.sendComment( + project_id, + thread_id, + user_id, + content, + function (err, message) { + if (err != null) { + return next(err) + } + return UserInfoManager.getPersonalInfo( + user_id, + function (err, user) { + if (err != null) { + return next(err) + } + message.user = user + EditorRealTimeController.emitToRoom( + project_id, + 'new-comment', + thread_id, message + ) + return res.sendStatus(204) + } + ) + } + ) + }, + editMessage(req, res, next) { + const { project_id, thread_id, message_id } = req.params + const { content } = req.body + const user_id = SessionManager.getLoggedInUserId(req.session) + if (user_id == null) { + const err = new Error('no logged-in user') + return next(err) + } + return ChatApiHandler.editMessage( + project_id, + thread_id, + message_id, + user_id, + content, + function (err, message) { + if (err != null) { + return next(err) + } + EditorRealTimeController.emitToRoom( + project_id, + 'edit-message', + thread_id, + message_id, + content + ) + return res.sendStatus(204) + } + ) + }, + deleteMessage(req, res, next) { + const { project_id, thread_id, message_id } = req.params + return ChatApiHandler.deleteMessage( + project_id, + thread_id, + message_id, + function (err, message) { + if (err != null) { + return next(err) + } + EditorRealTimeController.emitToRoom( + project_id, + 'delete-message', + thread_id, + message_id + ) + return res.sendStatus(204) + } + ) + }, + resolveThread(req, res, next) { + const { project_id, doc_id, thread_id } = req.params + const user_id = SessionManager.getLoggedInUserId(req.session) + if (user_id == null) { + const err = new Error('no logged-in user') + return next(err) + } + DocumentUpdaterHandler.resolveThread( + project_id, + doc_id, + thread_id, + user_id, + function (err, message) { + if (err != null) { + return next(err) + } + } + ) + return ChatApiHandler.resolveThread( + project_id, + thread_id, + user_id, + function (err, message) { + if (err != null) { + return next(err) + } + return UserInfoManager.getPersonalInfo( + user_id, + function (err, user) { + if (err != null) { + return next(err) + } + EditorRealTimeController.emitToRoom( + project_id, + 'resolve-thread', + thread_id, + user + ) + return res.sendStatus(204) + } + ) + } + ) + }, + reopenThread(req, res, next) { + const { project_id, doc_id, thread_id } = req.params + const user_id = SessionManager.getLoggedInUserId(req.session) + if (user_id == null) { + const err = new Error('no logged-in user') + return next(err) + } + DocumentUpdaterHandler.reopenThread( + project_id, + doc_id, + thread_id, + user_id, + function (err, message) { + if (err != null) { + return next(err) + } + } + ) + return ChatApiHandler.reopenThread( + project_id, + thread_id, + function (err, message) { + if (err != null) { + return next(err) + } + EditorRealTimeController.emitToRoom( + project_id, + 'reopen-thread', + thread_id + ) + return res.sendStatus(204) + } + ) + }, + deleteThread(req, res, next) { + const { project_id, doc_id, thread_id } = req.params + const user_id = SessionManager.getLoggedInUserId(req.session) + if (user_id == null) { + const err = new Error('no logged-in user') + return next(err) + } + return DocumentUpdaterHandler.deleteThread( + project_id, + doc_id, + thread_id, + user_id, + function (err, message) { + if (err != null) { + return next(err) + } + ChatApiHandler.deleteThread( + project_id, + thread_id, + function (err, message) { + if (err != null) { + return next(err) + } + EditorRealTimeController.emitToRoom( + project_id, + 'delete-thread', + thread_id + ) + return res.sendStatus(204) + } + ) + } + ) + }, +} +module.exports = TrackChangesController diff --git a/overleafserver/track/web/modules/track-changes/app/src/TrackChangesRouter.js b/overleafserver/track/web/modules/track-changes/app/src/TrackChangesRouter.js new file mode 100644 index 0000000..3791e25 --- /dev/null +++ b/overleafserver/track/web/modules/track-changes/app/src/TrackChangesRouter.js @@ -0,0 +1,72 @@ +const logger = require('@overleaf/logger') +const AuthorizationMiddleware = require('../../../../app/src/Features/Authorization/AuthorizationMiddleware') +const TrackChangesController = require('./TrackChangesController') + +module.exports = { + apply(webRouter) { + logger.debug({}, 'Init track-changes router') + + webRouter.post('/project/:project_id/track_changes', + AuthorizationMiddleware.blockRestrictedUserFromProject, + AuthorizationMiddleware.ensureUserCanReadProject, + TrackChangesController.trackChanges + ) + webRouter.post('/project/:project_id/doc/:doc_id/changes/accept', + AuthorizationMiddleware.blockRestrictedUserFromProject, + AuthorizationMiddleware.ensureUserCanReadProject, + TrackChangesController.acceptChanges + ) + webRouter.get('/project/:project_id/ranges', + AuthorizationMiddleware.blockRestrictedUserFromProject, + AuthorizationMiddleware.ensureUserCanReadProject, + TrackChangesController.getAllRanges + ) + webRouter.get('/project/:project_id/changes/users', + AuthorizationMiddleware.blockRestrictedUserFromProject, + AuthorizationMiddleware.ensureUserCanReadProject, + TrackChangesController.getChangesUsers + ) + webRouter.get( + '/project/:project_id/threads', + AuthorizationMiddleware.blockRestrictedUserFromProject, + AuthorizationMiddleware.ensureUserCanReadProject, + TrackChangesController.getThreads + ) + webRouter.post( + '/project/:project_id/thread/:thread_id/messages', + AuthorizationMiddleware.blockRestrictedUserFromProject, + AuthorizationMiddleware.ensureUserCanReadProject, + TrackChangesController.sendComment + ) + webRouter.post( + '/project/:project_id/thread/:thread_id/messages/:message_id/edit', + AuthorizationMiddleware.blockRestrictedUserFromProject, + AuthorizationMiddleware.ensureUserCanReadProject, + TrackChangesController.editMessage + ) + webRouter.delete( + '/project/:project_id/thread/:thread_id/messages/:message_id', + AuthorizationMiddleware.blockRestrictedUserFromProject, + AuthorizationMiddleware.ensureUserCanReadProject, + TrackChangesController.deleteMessage + ) + webRouter.post( + '/project/:project_id/doc/:doc_id/thread/:thread_id/resolve', + AuthorizationMiddleware.blockRestrictedUserFromProject, + AuthorizationMiddleware.ensureUserCanReadProject, + TrackChangesController.resolveThread + ) + webRouter.post( + '/project/:project_id/doc/:doc_id/thread/:thread_id/reopen', + AuthorizationMiddleware.blockRestrictedUserFromProject, + AuthorizationMiddleware.ensureUserCanReadProject, + TrackChangesController.reopenThread + ) + webRouter.delete( + '/project/:project_id/doc/:doc_id/thread/:thread_id', + AuthorizationMiddleware.blockRestrictedUserFromProject, + AuthorizationMiddleware.ensureUserCanReadProject, + TrackChangesController.deleteThread + ) + }, +} diff --git a/overleafserver/track/web/modules/track-changes/index.js b/overleafserver/track/web/modules/track-changes/index.js new file mode 100644 index 0000000..aa9e6a7 --- /dev/null +++ b/overleafserver/track/web/modules/track-changes/index.js @@ -0,0 +1,2 @@ +const TrackChangesRouter = require('./app/src/TrackChangesRouter') +module.exports = { router : TrackChangesRouter }