From f87e49992612353aaa8359ac0955002b35b14807 Mon Sep 17 00:00:00 2001
From: Tom Moor <tom.moor@gmail.com>
Date: Sat, 18 Aug 2018 23:16:08 -0700
Subject: [PATCH 1/5] Share restrictions

---
 app/components/Checkbox.js                    | 45 +++++++++++
 app/components/HelpText/HelpText.js           |  1 +
 app/components/Sidebar/Settings.js            |  6 ++
 app/menus/DocumentMenu.js                     | 11 ++-
 app/routes.js                                 |  2 +
 app/scenes/Document/components/Header.js      | 11 ++-
 app/scenes/Settings/Details.js                |  2 +-
 app/scenes/Settings/Security.js               | 80 +++++++++++++++++++
 app/scenes/Settings/Shares.js                 | 17 +++-
 app/stores/AuthStore.js                       |  6 +-
 app/types/index.js                            |  1 +
 server/api/shares.js                          |  4 +-
 server/api/team.js                            |  3 +-
 .../20180819054252-disable-sharing.js         | 12 +++
 server/models/Team.js                         | 16 ++--
 server/policies/team.js                       |  5 ++
 server/presenters/team.js                     |  1 +
 17 files changed, 204 insertions(+), 19 deletions(-)
 create mode 100644 app/components/Checkbox.js
 create mode 100644 app/scenes/Settings/Security.js
 create mode 100644 server/migrations/20180819054252-disable-sharing.js

diff --git a/app/components/Checkbox.js b/app/components/Checkbox.js
new file mode 100644
index 000000000000..6f17e645ed3a
--- /dev/null
+++ b/app/components/Checkbox.js
@@ -0,0 +1,45 @@
+// @flow
+import * as React from 'react';
+import styled from 'styled-components';
+import HelpText from 'components/HelpText';
+
+export type Props = {
+  checked?: boolean,
+  label?: string,
+  className?: string,
+  note?: string,
+};
+
+const LabelText = styled.span`
+  font-weight: 500;
+  margin-left: 10px;
+`;
+
+const Wrapper = styled.div`
+  padding-bottom: 8px;
+`;
+
+const Label = styled.label`
+  display: flex;
+  align-items: center;
+`;
+
+export default function Checkbox({
+  label,
+  note,
+  className,
+  short,
+  ...rest
+}: Props) {
+  return (
+    <React.Fragment>
+      <Wrapper>
+        <Label>
+          <input type="checkbox" {...rest} />
+          {label && <LabelText>{label}</LabelText>}
+        </Label>
+        {note && <HelpText small>{note}</HelpText>}
+      </Wrapper>
+    </React.Fragment>
+  );
+}
diff --git a/app/components/HelpText/HelpText.js b/app/components/HelpText/HelpText.js
index f096c9f20075..9a0df7f6ff59 100644
--- a/app/components/HelpText/HelpText.js
+++ b/app/components/HelpText/HelpText.js
@@ -4,6 +4,7 @@ import styled from 'styled-components';
 const HelpText = styled.p`
   margin-top: 0;
   color: ${props => props.theme.slateDark};
+  font-size: ${props => (props.small ? '13px' : 'auto')};
 `;
 
 export default HelpText;
diff --git a/app/components/Sidebar/Settings.js b/app/components/Sidebar/Settings.js
index 8a38ba73f036..a5b9d6fe7b15 100644
--- a/app/components/Sidebar/Settings.js
+++ b/app/components/Sidebar/Settings.js
@@ -5,6 +5,7 @@ import {
   DocumentIcon,
   ProfileIcon,
   SettingsIcon,
+  PadlockIcon,
   CodeIcon,
   UserIcon,
   LinkIcon,
@@ -61,6 +62,11 @@ class SettingsSidebar extends React.Component<Props> {
                   Details
                 </SidebarLink>
               )}
+              {user.isAdmin && (
+                <SidebarLink to="/settings/security" icon={<PadlockIcon />}>
+                  Security
+                </SidebarLink>
+              )}
               <SidebarLink to="/settings/people" icon={<UserIcon />}>
                 People
               </SidebarLink>
diff --git a/app/menus/DocumentMenu.js b/app/menus/DocumentMenu.js
index 026891b47a40..b471110c2874 100644
--- a/app/menus/DocumentMenu.js
+++ b/app/menus/DocumentMenu.js
@@ -6,11 +6,13 @@ import { MoreIcon } from 'outline-icons';
 
 import Document from 'models/Document';
 import UiStore from 'stores/UiStore';
+import AuthStore from 'stores/AuthStore';
 import { documentMoveUrl } from 'utils/routeHelpers';
 import { DropdownMenu, DropdownMenuItem } from 'components/DropdownMenu';
 
 type Props = {
   ui: UiStore,
+  auth: AuthStore,
   label?: React.Node,
   history: Object,
   document: Document,
@@ -69,7 +71,8 @@ class DocumentMenu extends React.Component<Props> {
   };
 
   render() {
-    const { document, label, className, showPrint } = this.props;
+    const { document, label, className, showPrint, auth } = this.props;
+    const canShareDocuments = auth.team && auth.team.sharing;
 
     return (
       <DropdownMenu label={label || <MoreIcon />} className={className}>
@@ -91,12 +94,12 @@ class DocumentMenu extends React.Component<Props> {
                 Star
               </DropdownMenuItem>
             )}
-            <DropdownMenuItem
+            {canShareDocuments && <DropdownMenuItem
               onClick={this.handleShareLink}
               title="Create a public share link"
             >
               Share link…
-            </DropdownMenuItem>
+            </DropdownMenuItem>}
             <hr />
             <DropdownMenuItem
               onClick={this.handleNewChild}
@@ -123,4 +126,4 @@ class DocumentMenu extends React.Component<Props> {
   }
 }
 
-export default withRouter(inject('ui')(DocumentMenu));
+export default withRouter(inject('ui', 'auth')(DocumentMenu));
diff --git a/app/routes.js b/app/routes.js
index b2be2b83936d..5450806dec7f 100644
--- a/app/routes.js
+++ b/app/routes.js
@@ -11,6 +11,7 @@ import Document from 'scenes/Document';
 import Search from 'scenes/Search';
 import Settings from 'scenes/Settings';
 import Details from 'scenes/Settings/Details';
+import Security from 'scenes/Settings/Security';
 import People from 'scenes/Settings/People';
 import Slack from 'scenes/Settings/Slack';
 import Shares from 'scenes/Settings/Shares';
@@ -43,6 +44,7 @@ export default function Routes() {
             <Route exact path="/drafts" component={Drafts} />
             <Route exact path="/settings" component={Settings} />
             <Route exact path="/settings/details" component={Details} />
+            <Route exact path="/settings/security" component={Security} />
             <Route exact path="/settings/people" component={People} />
             <Route exact path="/settings/shares" component={Shares} />
             <Route exact path="/settings/tokens" component={Tokens} />
diff --git a/app/scenes/Document/components/Header.js b/app/scenes/Document/components/Header.js
index 4ae8202defd6..2b9c4668a409 100644
--- a/app/scenes/Document/components/Header.js
+++ b/app/scenes/Document/components/Header.js
@@ -2,11 +2,12 @@
 import * as React from 'react';
 import { throttle } from 'lodash';
 import { observable } from 'mobx';
-import { observer } from 'mobx-react';
+import { observer, inject } from 'mobx-react';
 import styled from 'styled-components';
 import breakpoint from 'styled-components-breakpoint';
 import { NewDocumentIcon } from 'outline-icons';
 import Document from 'models/Document';
+import AuthStore from 'stores/AuthStore';
 import { documentEditUrl } from 'utils/routeHelpers';
 
 import Flex from 'shared/components/Flex';
@@ -32,6 +33,7 @@ type Props = {
     autosave?: boolean,
   }) => *,
   history: Object,
+  auth: AuthStore,
 };
 
 @observer
@@ -90,7 +92,9 @@ class Header extends React.Component<Props> {
       isPublishing,
       isSaving,
       savingIsDisabled,
+      auth,
     } = this.props;
+    const canShareDocuments = auth.team && auth.team.sharing;
 
     return (
       <Actions
@@ -134,7 +138,8 @@ class Header extends React.Component<Props> {
             </Action>
           )}
           {!isDraft &&
-            !isEditing && (
+            !isEditing &&
+            canShareDocuments && (
               <Action>
                 <Link onClick={this.handleShareLink} title="Share document">
                   Share
@@ -251,4 +256,4 @@ const Link = styled.a`
   cursor: ${props => (props.disabled ? 'default' : 'pointer')};
 `;
 
-export default Header;
+export default inject('auth')(Header);
diff --git a/app/scenes/Settings/Details.js b/app/scenes/Settings/Details.js
index 4854e4800cb1..686d6d74588f 100644
--- a/app/scenes/Settings/Details.js
+++ b/app/scenes/Settings/Details.js
@@ -44,7 +44,7 @@ class Details extends React.Component<Props> {
       name: this.name,
       avatarUrl: this.avatarUrl,
     });
-    this.props.ui.showToast('Details saved', 'success');
+    this.props.ui.showToast('Settings saved', 'success');
   };
 
   handleNameChange = (ev: SyntheticInputEvent<*>) => {
diff --git a/app/scenes/Settings/Security.js b/app/scenes/Settings/Security.js
new file mode 100644
index 000000000000..9ccb8793e82e
--- /dev/null
+++ b/app/scenes/Settings/Security.js
@@ -0,0 +1,80 @@
+// @flow
+import * as React from 'react';
+import { observable } from 'mobx';
+import { observer, inject } from 'mobx-react';
+
+import AuthStore from 'stores/AuthStore';
+import UiStore from 'stores/UiStore';
+import Checkbox from 'components/Checkbox';
+import Button from 'components/Button';
+import CenteredContent from 'components/CenteredContent';
+import PageTitle from 'components/PageTitle';
+import HelpText from 'components/HelpText';
+
+type Props = {
+  auth: AuthStore,
+  ui: UiStore,
+};
+
+@observer
+class Security extends React.Component<Props> {
+  form: ?HTMLFormElement;
+
+  @observable sharing: boolean;
+
+  componentDidMount() {
+    const { auth } = this.props;
+    if (auth.team) {
+      this.sharing = auth.team.sharing;
+    }
+  }
+
+  handleSubmit = async (ev: SyntheticEvent<*>) => {
+    ev.preventDefault();
+
+    await this.props.auth.updateTeam({
+      sharing: this.sharing,
+    });
+    this.props.ui.showToast('Settings saved', 'success');
+  };
+
+  handleChange = (ev: SyntheticInputEvent<*>) => {
+    if (ev.target.name === 'sharing') {
+      this.sharing = ev.target.checked;
+    }
+  };
+
+  get isValid() {
+    return this.form && this.form.checkValidity();
+  }
+
+  render() {
+    const { isSaving } = this.props.auth;
+
+    return (
+      <CenteredContent>
+        <PageTitle title="Security" />
+        <h1>Security</h1>
+        <HelpText>
+          Settings that impact the access, security and privacy of your
+          knowledgebase.
+        </HelpText>
+
+        <form onSubmit={this.handleSubmit} ref={ref => (this.form = ref)}>
+          <Checkbox
+            label="Allow public document sharing"
+            name="sharing"
+            checked={this.sharing}
+            onChange={this.handleChange}
+            note="When enabled all documents can be publicly shared by any team member"
+          />
+          <Button type="submit" disabled={isSaving || !this.isValid}>
+            {isSaving ? 'Saving…' : 'Save'}
+          </Button>
+        </form>
+      </CenteredContent>
+    );
+  }
+}
+
+export default inject('auth', 'ui')(Security);
diff --git a/app/scenes/Settings/Shares.js b/app/scenes/Settings/Shares.js
index cefaaac20ed8..86ea10a4fefe 100644
--- a/app/scenes/Settings/Shares.js
+++ b/app/scenes/Settings/Shares.js
@@ -1,7 +1,9 @@
 // @flow
 import * as React from 'react';
 import { observer, inject } from 'mobx-react';
+import { Link } from 'react-router-dom';
 import SharesStore from 'stores/SharesStore';
+import AuthStore from 'stores/AuthStore';
 
 import ShareListItem from './components/ShareListItem';
 import List from 'components/List';
@@ -11,6 +13,7 @@ import HelpText from 'components/HelpText';
 
 type Props = {
   shares: SharesStore,
+  auth: AuthStore,
 };
 
 @observer
@@ -20,7 +23,9 @@ class Shares extends React.Component<Props> {
   }
 
   render() {
-    const { shares } = this.props;
+    const { shares, auth } = this.props;
+    const { user } = auth;
+    const canShareDocuments = auth.team && auth.team.sharing;
 
     return (
       <CenteredContent>
@@ -31,7 +36,13 @@ class Shares extends React.Component<Props> {
           can access a read-only version of the document until the link has been
           revoked.
         </HelpText>
-
+        {user &&
+          user.isAdmin && (
+            <HelpText>
+              {!canShareDocuments && <strong>Sharing is currently disabled.</strong>} You can turn {canShareDocuments ? 'off' : 'on'} public document
+              sharing in <Link to="/settings/security">security settings</Link>.
+            </HelpText>
+          )}
         <List>
           {shares.orderedData.map(share => (
             <ShareListItem key={share.id} share={share} />
@@ -42,4 +53,4 @@ class Shares extends React.Component<Props> {
   }
 }
 
-export default inject('shares')(Shares);
+export default inject('shares', 'auth')(Shares);
diff --git a/app/stores/AuthStore.js b/app/stores/AuthStore.js
index ba9cd30d70a1..02672538a348 100644
--- a/app/stores/AuthStore.js
+++ b/app/stores/AuthStore.js
@@ -78,7 +78,11 @@ class AuthStore {
   };
 
   @action
-  updateTeam = async (params: { name: string, avatarUrl: ?string }) => {
+  updateTeam = async (params: {
+    name?: string,
+    avatarUrl?: ?string,
+    sharing?: boolean,
+  }) => {
     this.isSaving = true;
 
     try {
diff --git a/app/types/index.js b/app/types/index.js
index f1d0ce770a4d..a461d79363f2 100644
--- a/app/types/index.js
+++ b/app/types/index.js
@@ -31,6 +31,7 @@ export type Team = {
   avatarUrl: string,
   slackConnected: boolean,
   googleConnected: boolean,
+  sharing: boolean,
 };
 
 export type NavigationNode = {
diff --git a/server/api/shares.js b/server/api/shares.js
index 35b9f34563c4..be3c8c267dd2 100644
--- a/server/api/shares.js
+++ b/server/api/shares.js
@@ -4,7 +4,7 @@ import Sequelize from 'sequelize';
 import auth from '../middlewares/authentication';
 import pagination from './middlewares/pagination';
 import { presentShare } from '../presenters';
-import { Document, User, Share } from '../models';
+import { Document, User, Share, Team } from '../models';
 import policy from '../policies';
 
 const Op = Sequelize.Op;
@@ -57,7 +57,9 @@ router.post('shares.create', auth(), async ctx => {
 
   const user = ctx.state.user;
   const document = await Document.findById(documentId);
+  const team = await Team.findById(user.teamId);
   authorize(user, 'share', document);
+  authorize(user, 'share', team);
 
   const [share] = await Share.findOrCreate({
     where: {
diff --git a/server/api/team.js b/server/api/team.js
index d04c729ca0ee..3bc4a1b8af78 100644
--- a/server/api/team.js
+++ b/server/api/team.js
@@ -12,7 +12,7 @@ const { authorize } = policy;
 const router = new Router();
 
 router.post('team.update', auth(), async ctx => {
-  const { name, avatarUrl } = ctx.body;
+  const { name, avatarUrl, sharing } = ctx.body;
   const endpoint = publicS3Endpoint();
 
   const user = ctx.state.user;
@@ -20,6 +20,7 @@ router.post('team.update', auth(), async ctx => {
   authorize(user, 'update', team);
 
   if (name) team.name = name;
+  if (sharing !== undefined) team.sharing = sharing;
   if (avatarUrl && avatarUrl.startsWith(`${endpoint}/uploads/${user.id}`)) {
     team.avatarUrl = avatarUrl;
   }
diff --git a/server/migrations/20180819054252-disable-sharing.js b/server/migrations/20180819054252-disable-sharing.js
new file mode 100644
index 000000000000..38246eee7925
--- /dev/null
+++ b/server/migrations/20180819054252-disable-sharing.js
@@ -0,0 +1,12 @@
+module.exports = {
+  up: async (queryInterface, Sequelize) => {
+    await queryInterface.addColumn('teams', 'sharing', {
+      type: Sequelize.BOOLEAN,
+      allowNull: false,
+      defaultValue: true
+    });
+  },
+  down: async (queryInterface, Sequelize) => {
+    await queryInterface.removeColumn('teams', 'sharing');
+  }
+}
\ No newline at end of file
diff --git a/server/models/Team.js b/server/models/Team.js
index 808e85b5b202..933303854cdb 100644
--- a/server/models/Team.js
+++ b/server/models/Team.js
@@ -17,6 +17,7 @@ const Team = sequelize.define(
     slackId: { type: DataTypes.STRING, allowNull: true },
     googleId: { type: DataTypes.STRING, allowNull: true },
     avatarUrl: { type: DataTypes.STRING, allowNull: true },
+    sharing: { type: DataTypes.BOOLEAN, allowNull: false, defaultValue: true },
     slackData: DataTypes.JSONB,
   },
   {
@@ -39,11 +40,16 @@ const uploadAvatar = async model => {
   const endpoint = publicS3Endpoint();
 
   if (model.avatarUrl && !model.avatarUrl.startsWith(endpoint)) {
-    const newUrl = await uploadToS3FromUrl(
-      model.avatarUrl,
-      `avatars/${model.id}/${uuid.v4()}`
-    );
-    if (newUrl) model.avatarUrl = newUrl;
+    try {
+      const newUrl = await uploadToS3FromUrl(
+        model.avatarUrl,
+        `avatars/${model.id}/${uuid.v4()}`
+      );
+      if (newUrl) model.avatarUrl = newUrl;
+    } catch (err) {
+      // we can try again next time
+      console.error(err);
+    }
   }
 };
 
diff --git a/server/policies/team.js b/server/policies/team.js
index acd077770ab8..414a9cc39fb4 100644
--- a/server/policies/team.js
+++ b/server/policies/team.js
@@ -7,6 +7,11 @@ const { allow } = policy;
 
 allow(User, 'read', Team, (user, team) => team && user.teamId === team.id);
 
+allow(User, 'share', Team, (user, team) => {
+  if (!team || user.teamId !== team.id) return false;
+  return team.sharing;
+});
+
 allow(User, ['update', 'export'], Team, (user, team) => {
   if (!team || user.teamId !== team.id) return false;
   if (user.isAdmin) return true;
diff --git a/server/presenters/team.js b/server/presenters/team.js
index 863de4a3f0fe..a600ac2cba18 100644
--- a/server/presenters/team.js
+++ b/server/presenters/team.js
@@ -11,6 +11,7 @@ function present(ctx: Object, team: Team) {
       team.avatarUrl || (team.slackData ? team.slackData.image_88 : null),
     slackConnected: !!team.slackId,
     googleConnected: !!team.googleId,
+    sharing: team.sharing,
   };
 }
 

From c3ea96d6c96c7574bd1d18da31b41ea2252b3dc0 Mon Sep 17 00:00:00 2001
From: Tom Moor <tom.moor@gmail.com>
Date: Sun, 19 Aug 2018 01:18:28 -0700
Subject: [PATCH 2/5] Tweak language, add spec

---
 app/components/Toasts/components/Toast.js |  2 +-
 app/scenes/Settings/Security.js           |  4 ++--
 server/api/shares.js                      |  5 +++--
 server/api/shares.test.js                 | 10 ++++++++++
 shared/styles/theme.js                    |  2 +-
 5 files changed, 17 insertions(+), 6 deletions(-)

diff --git a/app/components/Toasts/components/Toast.js b/app/components/Toasts/components/Toast.js
index e2b603551aa2..9bc3ab7d5852 100644
--- a/app/components/Toasts/components/Toast.js
+++ b/app/components/Toasts/components/Toast.js
@@ -49,7 +49,7 @@ const Container = styled.li`
   align-items: center;
   animation: ${fadeAndScaleIn} 100ms ease;
   margin: 8px 0;
-  padding: 8px;
+  padding: 10px 12px;
   color: ${props => props.theme.white};
   background: ${props => props.theme[props.type]};
   font-size: 15px;
diff --git a/app/scenes/Settings/Security.js b/app/scenes/Settings/Security.js
index 9ccb8793e82e..35f31dcc765e 100644
--- a/app/scenes/Settings/Security.js
+++ b/app/scenes/Settings/Security.js
@@ -62,11 +62,11 @@ class Security extends React.Component<Props> {
 
         <form onSubmit={this.handleSubmit} ref={ref => (this.form = ref)}>
           <Checkbox
-            label="Allow public document sharing"
+            label="Allow sharing documents"
             name="sharing"
             checked={this.sharing}
             onChange={this.handleChange}
-            note="When enabled all documents can be publicly shared by any team member"
+            note="When enabled documents can be shared publicly by any team member"
           />
           <Button type="submit" disabled={isSaving || !this.isValid}>
             {isSaving ? 'Saving…' : 'Save'}
diff --git a/server/api/shares.js b/server/api/shares.js
index be3c8c267dd2..9aed4d82ee2a 100644
--- a/server/api/shares.js
+++ b/server/api/shares.js
@@ -18,12 +18,13 @@ router.post('shares.list', auth(), pagination(), async ctx => {
   const user = ctx.state.user;
   const where = {
     teamId: user.teamId,
-    userId: user.id,
     // $FlowFixMe
     revokedAt: { [Op.eq]: null },
   };
 
-  if (user.isAdmin) delete where.userId;
+  if (!user.isAdmin) {
+    where.userId = user.id;
+  }
 
   const shares = await Share.findAll({
     where,
diff --git a/server/api/shares.test.js b/server/api/shares.test.js
index fd65a08eeb7c..bace31fe9474 100644
--- a/server/api/shares.test.js
+++ b/server/api/shares.test.js
@@ -122,6 +122,16 @@ describe('#shares.create', async () => {
     expect(body.data.id).toBe(share.id);
   });
 
+  it('should not allow creating a share record if disabled', async () => {
+    const { user, document, team } = await seed();
+    await team.update({ sharing: false });
+    const res = await server.post('/api/shares.create', {
+      body: { token: user.getJwtToken(), documentId: document.id },
+    });
+    const body = await res.json();
+    expect(res.status).toEqual(403);
+  });
+
   it('should require authentication', async () => {
     const { document } = await seed();
     const res = await server.post('/api/shares.create', {
diff --git a/shared/styles/theme.js b/shared/styles/theme.js
index cfa9b4b49358..b8dc020c0e12 100644
--- a/shared/styles/theme.js
+++ b/shared/styles/theme.js
@@ -11,7 +11,7 @@ const theme = {
   placeholder: '#b1becc',
   danger: '#D0021B',
   warning: '#f08a24',
-  success: '#1AB6FF',
+  success: '#2f3336',
   info: '#a0d3e8',
 
   slate: '#9BA6B2',

From 579cad275b906ed00d4028e3177a373edddc6d1a Mon Sep 17 00:00:00 2001
From: Tom Moor <tom.moor@gmail.com>
Date: Sun, 19 Aug 2018 15:00:22 -0700
Subject: [PATCH 3/5] :shirt:

---
 flow-typed/npm/react-router-dom_v4.x.x.js | 160 ----------------------
 server/api/shares.js                      |   1 +
 server/api/shares.test.js                 |   1 -
 3 files changed, 1 insertion(+), 161 deletions(-)
 delete mode 100644 flow-typed/npm/react-router-dom_v4.x.x.js

diff --git a/flow-typed/npm/react-router-dom_v4.x.x.js b/flow-typed/npm/react-router-dom_v4.x.x.js
deleted file mode 100644
index c573be564887..000000000000
--- a/flow-typed/npm/react-router-dom_v4.x.x.js
+++ /dev/null
@@ -1,160 +0,0 @@
-// flow-typed signature: cf916fca23433d4bbcb7a75f2604407d
-// flow-typed version: f821d89401/react-router-dom_v4.x.x/flow_>=v0.53.x
-
-declare module "react-router-dom" {
-  declare export class BrowserRouter extends React$Component<{
-    basename?: string,
-    forceRefresh?: boolean,
-    getUserConfirmation?: GetUserConfirmation,
-    keyLength?: number,
-    children?: React$Node
-  }> {}
-
-  declare export class HashRouter extends React$Component<{
-    basename?: string,
-    getUserConfirmation?: GetUserConfirmation,
-    hashType?: "slash" | "noslash" | "hashbang",
-    children?: React$Node
-  }> {}
-
-  declare export class Link extends React$Component<{
-    className?: string,
-    to: string | LocationShape,
-    replace?: boolean,
-    children?: React$Node
-  }> {}
-
-  declare export class NavLink extends React$Component<{
-    to: string | LocationShape,
-    activeClassName?: string,
-    className?: string,
-    activeStyle?: Object,
-    style?: Object,
-    isActive?: (match: Match, location: Location) => boolean,
-    children?: React$Node,
-    exact?: boolean,
-    strict?: boolean
-  }> {}
-
-  // NOTE: Below are duplicated from react-router. If updating these, please
-  // update the react-router and react-router-native types as well.
-  declare export type Location = {
-    pathname: string,
-    search: string,
-    hash: string,
-    state?: any,
-    key?: string
-  };
-
-  declare export type LocationShape = {
-    pathname?: string,
-    search?: string,
-    hash?: string,
-    state?: any
-  };
-
-  declare export type HistoryAction = "PUSH" | "REPLACE" | "POP";
-
-  declare export type RouterHistory = {
-    length: number,
-    location: Location,
-    action: HistoryAction,
-    listen(
-      callback: (location: Location, action: HistoryAction) => void
-    ): () => void,
-    push(path: string | LocationShape, state?: any): void,
-    replace(path: string | LocationShape, state?: any): void,
-    go(n: number): void,
-    goBack(): void,
-    goForward(): void,
-    canGo?: (n: number) => boolean,
-    block(
-      callback: (location: Location, action: HistoryAction) => boolean
-    ): void,
-    // createMemoryHistory
-    index?: number,
-    entries?: Array<Location>
-  };
-
-  declare export type Match = {
-    params: { [key: string]: ?string },
-    isExact: boolean,
-    path: string,
-    url: string
-  };
-
-  declare export type ContextRouter = {|
-    history: RouterHistory,
-    location: Location,
-    match: Match,
-    staticContext?: StaticRouterContext,
-|};
-
-  declare export type GetUserConfirmation = (
-    message: string,
-    callback: (confirmed: boolean) => void
-  ) => void;
-
-  declare type StaticRouterContext = {
-    url?: string
-  };
-
-  declare export class StaticRouter extends React$Component<{
-    basename?: string,
-    location?: string | Location,
-    context: StaticRouterContext,
-    children?: React$Node
-  }> {}
-
-  declare export class MemoryRouter extends React$Component<{
-    initialEntries?: Array<LocationShape | string>,
-    initialIndex?: number,
-    getUserConfirmation?: GetUserConfirmation,
-    keyLength?: number,
-    children?: React$Node
-  }> {}
-
-  declare export class Router extends React$Component<{
-    history: RouterHistory,
-    children?: React$Node
-  }> {}
-
-  declare export class Prompt extends React$Component<{
-    message: string | ((location: Location) => string | boolean),
-    when?: boolean
-  }> {}
-
-  declare export class Redirect extends React$Component<{
-    to: string | LocationShape,
-    push?: boolean
-  }> {}
-
-  declare export class Route extends React$Component<{
-    component?: React$ComponentType<*>,
-    render?: (router: ContextRouter) => React$Node,
-    children?: React$ComponentType<ContextRouter> | React$Node,
-    path?: string,
-    exact?: boolean,
-    strict?: boolean
-  }> {}
-
-  declare export class Switch extends React$Component<{
-    children?: React$Node
-  }> {}
-
-  declare export function withRouter<P>(
-    Component: React$ComponentType<{| ...ContextRouter, ...P |}>
-  ): React$ComponentType<P>;
-
-  declare type MatchPathOptions = {
-    path?: string,
-    exact?: boolean,
-    sensitive?: boolean,
-    strict?: boolean
-  };
-
-  declare export function matchPath(
-    pathname: string,
-    options?: MatchPathOptions | string
-  ): null | Match;
-}
diff --git a/server/api/shares.js b/server/api/shares.js
index 9aed4d82ee2a..a2745f8f2ddd 100644
--- a/server/api/shares.js
+++ b/server/api/shares.js
@@ -18,6 +18,7 @@ router.post('shares.list', auth(), pagination(), async ctx => {
   const user = ctx.state.user;
   const where = {
     teamId: user.teamId,
+    userId: undefined,
     // $FlowFixMe
     revokedAt: { [Op.eq]: null },
   };
diff --git a/server/api/shares.test.js b/server/api/shares.test.js
index bace31fe9474..b5c01e3308f3 100644
--- a/server/api/shares.test.js
+++ b/server/api/shares.test.js
@@ -128,7 +128,6 @@ describe('#shares.create', async () => {
     const res = await server.post('/api/shares.create', {
       body: { token: user.getJwtToken(), documentId: document.id },
     });
-    const body = await res.json();
     expect(res.status).toEqual(403);
   });
 

From fa15ecde23d8e4f6d7b8e305c058ee39a05f583c Mon Sep 17 00:00:00 2001
From: Tom Moor <tom.moor@gmail.com>
Date: Sun, 19 Aug 2018 15:11:57 -0700
Subject: [PATCH 4/5] :green_heart:

---
 server/api/shares.js | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/server/api/shares.js b/server/api/shares.js
index a2745f8f2ddd..be3c8c267dd2 100644
--- a/server/api/shares.js
+++ b/server/api/shares.js
@@ -18,14 +18,12 @@ router.post('shares.list', auth(), pagination(), async ctx => {
   const user = ctx.state.user;
   const where = {
     teamId: user.teamId,
-    userId: undefined,
+    userId: user.id,
     // $FlowFixMe
     revokedAt: { [Op.eq]: null },
   };
 
-  if (!user.isAdmin) {
-    where.userId = user.id;
-  }
+  if (user.isAdmin) delete where.userId;
 
   const shares = await Share.findAll({
     where,

From efea46a6f13c0bb9025bc016c111ad3023df8c78 Mon Sep 17 00:00:00 2001
From: Tom Moor <tom.moor@gmail.com>
Date: Sun, 19 Aug 2018 15:17:22 -0700
Subject: [PATCH 5/5] =?UTF-8?q?:shirt:=20=E2=80=93=20urg,=20editor=20linti?=
 =?UTF-8?q?ng=20wasn't=20working?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/menus/DocumentMenu.js     | 14 ++++++++------
 app/scenes/Settings/Shares.js |  5 ++++-
 2 files changed, 12 insertions(+), 7 deletions(-)

diff --git a/app/menus/DocumentMenu.js b/app/menus/DocumentMenu.js
index b471110c2874..cc2889a87ce1 100644
--- a/app/menus/DocumentMenu.js
+++ b/app/menus/DocumentMenu.js
@@ -94,12 +94,14 @@ class DocumentMenu extends React.Component<Props> {
                 Star
               </DropdownMenuItem>
             )}
-            {canShareDocuments && <DropdownMenuItem
-              onClick={this.handleShareLink}
-              title="Create a public share link"
-            >
-              Share link…
-            </DropdownMenuItem>}
+            {canShareDocuments && (
+              <DropdownMenuItem
+                onClick={this.handleShareLink}
+                title="Create a public share link"
+              >
+                Share link…
+              </DropdownMenuItem>
+            )}
             <hr />
             <DropdownMenuItem
               onClick={this.handleNewChild}
diff --git a/app/scenes/Settings/Shares.js b/app/scenes/Settings/Shares.js
index 86ea10a4fefe..73382373b53a 100644
--- a/app/scenes/Settings/Shares.js
+++ b/app/scenes/Settings/Shares.js
@@ -39,7 +39,10 @@ class Shares extends React.Component<Props> {
         {user &&
           user.isAdmin && (
             <HelpText>
-              {!canShareDocuments && <strong>Sharing is currently disabled.</strong>} You can turn {canShareDocuments ? 'off' : 'on'} public document
+              {!canShareDocuments && (
+                <strong>Sharing is currently disabled.</strong>
+              )}{' '}
+              You can turn {canShareDocuments ? 'off' : 'on'} public document
               sharing in <Link to="/settings/security">security settings</Link>.
             </HelpText>
           )}