0
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden synced 2024-11-15 22:42:51 +01:00
Commit graph

37 commits

Author SHA1 Message Date
Yip Rui Fung
84bcac0112 Apply rustfmt.
Because apparently CLion's default formatting is not the same as rustfmt for some reason.
2022-07-09 10:49:51 +08:00
Yip Rui Fung
31595888ea Use match to avoid ownership issues on the TempFile / file_path variables in closures. 2022-07-09 10:33:27 +08:00
Yip Rui Fung
5c38b2c4eb Remove option and use unwrap_or_else to fall back to copy behavior. 2022-07-09 08:53:00 +08:00
Yip Rui Fung
ebe9162af9 Add option to make file uploads use move_copy_to instead of persist_to
This is to support scenarios where the attachments and sends folder are to be stored on a separate device from the tmp_folder (i.e. fuse-mounted S3 storage), due to having the tmp_dir on the same device being undesirable.

Example being fuse-mounted S3 storage with the reasoning that because S3 basically requires a copy+delete operations to rename files, it's inefficient to rename files on device, if it's even allowed.
2022-07-09 01:19:00 +08:00
Daniel García
54c78cf06d
Migrate old ws crate to tungstenite, which is async and also removes over 20 old dependencies 2022-06-04 19:13:39 +02:00
BlackDex
87e08b9e50
Async/Awaited all db methods
This is a rather large PR which updates the async branch to have all the
database methods as an async fn.

Some iter/map logic needed to be changed to a stream::iter().then(), but
besides that most changes were just adding async/await where needed.
2022-02-27 21:37:23 +01:00
Daniel García
0b7d6bf6df
Update to rocket 0.5 and made code async, missing updating all db calls, that are currently blocking 2022-02-27 21:36:31 +01:00
Tomek Mańko
9713a3a555 Add IP address to missing/invalid password message for Sends 2022-02-13 13:13:42 +01:00
BlackDex
bf5aefd129
Fix issue with Bitwarden CLI.
The CLI seems to send a String instead of an Integer for the maximum access count.
It now accepts both types and converts it to an i32 in all cases.

Fixes #2196
2021-12-31 15:59:58 +01:00
Fabian Thies
42ba817a4c Fix errors that occurred in the nightly build 2021-08-04 13:25:41 +02:00
Fabian Thies
dd98fe860b Send create, update and delete notifications for Sends in the correct format.
Add endpoints to get all sends or a specific send by its uuid.
2021-08-03 17:39:38 +02:00
Mathijs van Veluw
340d42a1ca
Merge branch 'main' into future-web-vault 2021-07-15 21:43:23 +02:00
Daniel García
f16d56cb27
Merge branch 'attachment-storage' of https://github.com/BlackDex/vaultwarden into BlackDex-attachment-storage 2021-07-15 19:20:52 +02:00
Daniel García
e5ec245626
Protect namedfile against path traversal, rocket only does it for pathbuf 2021-07-15 19:15:55 +02:00
BlackDex
6ea95d1ede Updated attachment limit descriptions
The user and org attachment limit use `size` as wording while it should
have been `storage` since it isn't per attachment, but the sum of all attachments.

- Changed the wording in the config/env
- Changed the wording of the error messages.

Resolves #1818
2021-07-13 15:17:03 +02:00
BlackDex
403f35b571 Added web-vault v2.21.x support + some misc fixes
- The new web-vault v2.21.0+ has support for Master Password Reset. For
this to work it generates a public/private key-pair which needs to be
stored in the database. Currently the Master Password Reset is not
fixed, but there are endpoints which are needed even if we do not
support this feature (yet). This PR fixes those endpoints, and stores
the keys already in the database.

- There was an issue when you want to do a key-rotate when you change
your password, it also called an Emergency Access endpoint, which we do
not yet support. Because this endpoint failed to reply correctly
produced some errors, and also prevent the user from being forced to
logout. This resolves #1826 by adding at least that endpoint.

Because of that extra endpoint check to Emergency Access is done using
an old user stamp, i also modified the stamp exception to allow multiple
rocket routes to be called, and added an expiration timestamp to it.

During these tests i stumbled upon an issue that after my key-change was
done, it triggered the websockets to try and reload my ciphers, because
they were updated. This shouldn't happen when rotating they keys, since
all access should be invalided. Now there will be no websocket
notification for this, which also prevents error toasts.

- Increased Send Size limit to 500MB (with a litle overhead)

As a side note, i tested these changes on both v2.20.4 and v2.21.1 web-vault versions, all keeps working.
2021-07-04 23:02:56 +02:00
Daniel García
2cd17fe7af
Add token with short expiration time to send url 2021-06-25 20:53:26 +02:00
Jeremy Lin
c2ef331df9 Rework file ID generation 2021-05-25 23:15:24 -07:00
Jeremy Lin
29ed82a359 Add support for v2 attachment upload APIs
Upstream PR: https://github.com/bitwarden/server/pull/1229
2021-05-25 04:14:51 -07:00
Daniel García
8e6c6a1dc4
Merge pull request #1689 from jjlin/hide-email
Add support for hiding the sender's email address in Bitwarden Sends
2021-05-12 23:05:53 +02:00
Jeremy Lin
029008bad5 Add support for the Send Options policy
Upstream refs:

* https://github.com/bitwarden/server/pull/1234
* https://bitwarden.com/help/article/policies/#send-options
2021-05-12 01:22:12 -07:00
Jeremy Lin
d3449bfa00 Add support for hiding the sender's email address in Bitwarden Sends
Note: The original Vaultwarden implementation of Bitwarden Send would always
hide the email address, while the upstream implementation would always show it.

Upstream PR: https://github.com/bitwarden/server/pull/1234
2021-05-11 22:51:12 -07:00
Jeremy Lin
3ff8014add Add sends_allowed config setting
This provides global control over whether users can create Bitwarden Sends.
2021-05-11 20:07:32 -07:00
Jake Howard
994669fb69
Merge remote-tracking branch 'origin/master' into fmt 2021-04-06 21:55:28 +01:00
Jake Howard
3ab90259f2
Modify rustfmt file 2021-04-06 21:54:42 +01:00
Jeremy Lin
73ff8d79f7 Add a generic job scheduler
Also rewrite deletion of old sends using the job scheduler.
2021-04-05 23:07:15 -07:00
Miro Prasil
aa5cc642e1 Use constant for the "inaccessible" error message 2021-03-25 11:40:32 +00:00
Miro Prasil
4b6a574ee0 Return generic message when Send not available
This should help avoid leaking information about (non)existence of Send
and be more in line with what official server returns.
2021-03-23 13:39:09 +00:00
Daniel García
1fc6c30652
Send deletion thread and updated users revision 2021-03-22 19:57:35 +01:00
Daniel García
551810c486
Fix updating file send 2021-03-17 19:39:48 +01:00
Daniel García
b987ba506d
Merge pull request #1493 from jjlin/send
Add support for the Disable Send policy
2021-03-16 18:13:55 +01:00
Daniel García
84810f2bb2
Remove unnecessary fields from send access 2021-03-16 18:11:25 +01:00
Jeremy Lin
424d666a50 Add support for the Disable Send policy
Upstream refs:

* https://github.com/bitwarden/server/pull/1130
* https://bitwarden.com/help/article/policies/#disable-send
2021-03-16 02:07:45 -07:00
Daniel García
b9c3213b90
Merge pull request #1487 from jjlin/send
Send access check fixes
2021-03-15 16:47:14 +01:00
Daniel García
95e24ffc51
rename send key -> akey 2021-03-15 16:42:20 +01:00
Jeremy Lin
00d56d7295 Send access check fixes
Adjust checks for max access count, expiration date, and deletion date.
The date checks aren't that important, but the access count check
currently allows one more access than it should.
2021-03-14 23:20:49 -07:00
Daniel García
8da5b99482
Send API 2021-03-14 23:35:55 +01:00