Olivier Martin
1db37bf3d0
make error toast display detailed message
...
replace invite accept error message with the one from upstream
check if config mail is enabled
2021-04-12 21:54:57 -04:00
Olivier Martin
d75a80bd2d
Resolves dani-garcia/bitwarden_rs#981
...
* a user without 2fa trying to join a 2fa org will fail, but user gets an email to enable 2fa
* a user disabling 2fa will be removed from 2fa orgs; user gets an email for each org
* an org enabling 2fa policy will remove users without 2fa; users get an email
2021-04-11 22:57:17 -04:00
Jake Howard
3ab90259f2
Modify rustfmt file
2021-04-06 21:54:42 +01:00
Jake Howard
0af3956abd
Run cargo fmt
on codebase
2021-03-31 21:18:35 +01:00
Jake Howard
3e5971b9db
Remove unnecessary result return types
2021-03-27 15:07:26 +00:00
Jeremy Lin
a75d050001
Fix custom org name in invitation confirmation email
...
The org name in the invitation email was made customizable in 8867626
, but
the org name is still hardcoded as "bitwarden_rs" in the confirmation email.
2021-03-03 23:03:55 -08:00
Daniel García
9323c57f49
Remove debug print
2021-02-07 00:22:39 +01:00
Daniel García
85e3c73525
Basic experimental ldap import support with the official directory connector
2021-02-06 20:15:42 +01:00
BlackDex
7dff8c01dd
JSON Response updates and small fixes
...
Updated several json response models.
Also fixed a few small bugs.
ciphers.rs:
- post_ciphers_create:
* Prevent cipher creation to organization without a collection.
- update_cipher_from_data:
* ~~Fixed removal of user_uuid which prevent user-owned shared-cipher to be not editable anymore when set to read-only.~~
* Cleanup the json_data by removing the `Response` key/values from several objects.
- delete_all:
* Do not delete all Collections during the Purge of an Organization (same as upstream).
cipher.rs:
- Cipher::to_json:
* Updated json response to match upstream.
* Return empty json object if there is no type_data instead of values which should not be set for the type_data.
organizations.rs:
* Added two new endpoints to prevent Javascript errors regarding tax
organization.rs:
- Organization::to_json:
* Updated response model to match upstream
- UserOrganization::to_json:
* Updated response model to match upstream
collection.rs:
- Collection::{to_json, to_json_details}:
* Updated the json response model, and added a detailed version used during the sync
- hide_passwords_for_user:
* Added this function to return if the passwords should be hidden or not for the user at the specific collection (used by `to_json_details`)
Update 1: Some small changes after comments from @jjlin.
Update 2: Fixed vault purge by user to make sure the cipher is not part of an organization.
Resolves #971
Closes #990 , Closes #991
2021-01-31 21:46:37 +01:00
Jeremy Lin
9f86196a9d
Add support for the Personal Ownership policy
...
Upstream refs:
* https://github.com/bitwarden/server/pull/1013
* https://bitwarden.com/help/article/policies/#personal-ownership
2021-01-23 20:50:06 -08:00
BlackDex
7cf8809d77
Adding Manager Role support
...
This has been requested a few times (#1136 & #246 & forum), and there already were two
(1:1 duplicate) PR's (#1222 & #1223 ) which needed some changes and no
followups or further comments unfortunally.
This PR adds two auth headers.
- ManagerHeaders
Checks if the user-type is Manager or higher and if the manager is
part of that collection or not.
- ManagerHeadersLoose
Check if the user-type is Manager or higher, but does not check if the
user is part of the collection, needed for a few features like
retreiving all the users of an org.
I think this is the safest way to implement this instead of having to
check this within every function which needs this manually.
Also some extra checks if a manager has access to all collections or
just a selection.
fixes #1136
2020-12-02 22:50:51 +01:00
BlackDex
9a47821642
Fixed creating a new organization
...
- The new web-vault needs a new api endpoint.
- Added this new endpoint.
Fixes #1139
2020-09-14 08:34:17 +02:00
Jeremy Lin
570d6c8bf9
Add support for restricting org creation to certain users
2020-08-05 22:35:29 -07:00
Daniel García
668d5c23dc
Removed try_trait and some formatting, particularly around imports
2020-07-14 18:34:22 +02:00
Jeremy Lin
979d010dc2
Add support for hiding passwords in a collection
...
Ref: https://github.com/bitwarden/server/pull/743
2020-07-02 21:51:20 -07:00
Jeremy Lin
a314933557
Allow email changes for existing accounts even when signups are disabled
2020-05-24 14:38:19 -07:00
theycallmesteve
6a8c65493f
Rename collection_user_details to collection_read_only to reflect the response model
2020-05-08 13:37:40 -04:00
Jeremy Lin
e4d08836e2
Make org owner invitations respect the email domain whitelist
...
This closes a loophole where org owners can invite new users from any domain.
2020-04-09 01:51:05 -07:00
Daniel García
94341f9f3f
Fix token error while accepting invite
2020-03-20 10:51:17 +01:00
Daniel García
3fa78e7bb1
Initial version of policies
2020-03-14 13:32:28 +01:00
Daniel García
d29b6bee28
Remove unnecessary clones and other clippy fixes
2019-11-02 17:39:01 +01:00
Emil Madsen
e22e290f67
Fix key and type variable names for mysql
2019-05-20 21:24:29 +02:00
Дамјан Георгиевски
473f8b8e31
remove some unneeded mutability
2019-02-22 20:25:50 +01:00
Daniel García
820c8b0dce
Change use of deserialize_with for Option iterator
2019-02-08 19:12:08 +01:00
Daniel García
8b4a6f2a64
Fixed some clippy lints and changed update_uuid_revision to only use one db query
2019-02-08 18:45:07 +01:00
Daniel García
86ed75bf7c
Config can now be serialized / deserialized
2019-02-06 17:34:29 +01:00
Daniel García
a1dc47b826
Change config to thread-safe system, needed for a future config panel.
...
Improved some two factor methods.
2019-01-25 18:24:57 +01:00
Daniel García
86de0ca17b
Fix editing users from collections menu
2019-01-25 17:43:51 +01:00
Stephen White
928ad6c1d8
Fix the list of users with access to a collection to display correctly.
...
https://github.com/dani-garcia/bitwarden_rs/issues/364
2019-01-25 14:18:06 +00:00
Daniel García
834c847746
Implement admin JWT cookie, separate JWT issuers for each type of token and migrate admin page to handlebars template
2019-01-19 21:41:49 +01:00
Daniel García
4309df8334
Only create invitations when SMTP is disabled, and ignore invitations if we have a token.
...
Disallow users from accepting invitation twice
2019-01-08 15:42:26 +01:00
Daniel García
f1161c65fb
Make sure an invitation is created when reinviting
2019-01-08 14:05:05 +01:00
Daniel García
21b85b78b1
Changed reinvite check and removed obsolete comment
2019-01-07 15:29:57 +01:00
Nick Fox
0a74e79cea
Refactor generate_invite_claims, make org_name and org_id optional
2019-01-05 23:03:49 -05:00
Nick Fox
7db66f73f0
Refactor invited_by_email check
2019-01-05 13:46:45 -05:00
Nick Fox
cec28a85ac
Update admin page to work with new invitation flow
2019-01-04 10:32:51 -05:00
Nick Fox
736c0e62f2
Send emails to inviters/invitees when invites are accepted/confirmed
2019-01-02 22:20:39 -05:00
Daniel García
30e768613b
Start using rustfmt and some style changes to make some lines shorter
2018-12-30 23:34:31 +01:00
Daniel García
2bb0b15e04
Implemented better errors for JWT
2018-12-30 21:43:55 +01:00
Daniel García
250a2b340f
Use new Errors in latest changes
2018-12-30 21:43:55 +01:00
Daniel García
b2fc0499f6
Finish invite functionality, and remove virtual organization
2018-12-30 21:40:26 +01:00
Daniel García
6a99849a1e
Implemented proper error handling, now we can do user.save($conn)?;
and it works.
...
In the future, maybe we can do the same with the `find_by_id` methods that return an Option.
2018-12-30 21:31:12 +01:00
Nick Fox
f20c4705d9
Refactor invite claims and disallow reinvites to virtual_org
2018-12-30 00:19:01 -05:00
Nick Fox
3142d8d01f
Add more detail to invitation not found error
2018-12-29 23:28:19 -05:00
Nick Fox
84fa5a4ed6
Implement reinvite endpoint
2018-12-29 23:24:38 -05:00
Nick Fox
b0ac640d8b
Use JWT to validate existing user invites
2018-12-23 15:15:44 -05:00
Nick Fox
99256b9b3a
Prefix unused params with underscore
2018-12-20 21:37:03 -05:00
Nick Fox
26bf7bc12f
Use upstream jslib invite/registration workflow
2018-12-18 23:16:03 -05:00
Nick Fox
042c1072d9
Remove CONFIG.email_invitation option
2018-12-17 17:02:15 -05:00
Nick Fox
4910b14d57
Implement email invitations and registration workflow
2018-12-14 21:56:00 -05:00
Daniel García
94810c106a
Migrate to rust 2018 edition
2018-12-07 02:05:45 +01:00
Daniel García
f84cbeaaf8
Merge branch 'master' into rocket-0.4
...
# Conflicts:
# src/db/models/organization.rs
2018-11-14 16:14:49 +01:00
Miroslav Prasil
66a4c5d48b
Implement comparison between i32 and UserOrgType
2018-11-12 17:13:25 +00:00
Daniel García
c673370103
Updated bw_rs to Rocket version 0.4-rc1
2018-11-01 19:25:09 +01:00
janost
e985221b50
User::save() should return QueryResult instead of bool
2018-10-14 19:33:12 +02:00
janost
64f6c60bfd
Organization::save() and UserOrganization::save() should return QueryResult instead of bool
2018-10-14 16:04:23 +02:00
Miroslav Prasil
a28caa33ef
Implement poor man's admin panel
2018-10-12 15:20:10 +01:00
janost
5292d38c73
CollectionCipher::save() and delete() should return QueryResult instead of bool
2018-10-07 11:06:11 +02:00
janost
c29bc9309a
Return proper error message for org reinvite
2018-10-05 12:29:41 +02:00
Daniel García
2aabf14372
Merge pull request #206 from mprasil/collection_revision
...
Collection update updates User revision
2018-10-01 19:31:43 +02:00
Miroslav Prasil
d9457e929c
Add continuation token when we return object list
2018-10-01 17:55:48 +01:00
Miroslav Prasil
86b49856a7
Handle return value from Collection::save()
2018-10-01 17:50:31 +01:00
Daniel García
8651df8c2a
Fixed some lint issues
2018-09-13 21:55:23 +02:00
Daniel García
928e2424c0
Updated dependencies and fixed errors
2018-09-13 16:05:13 +02:00
Daniel García
f397f0cbd0
Implement organization import for admins and owners ( Fixes #178 )
2018-09-13 15:16:24 +02:00
Miroslav Prasil
c1cd4d9a6b
Modify User::new to be keyless and paswordless
2018-09-11 14:25:12 +01:00
Miroslav Prasil
ec05f14f5a
Implement poor man's invitation via Organization invitation
2018-09-11 13:09:59 +01:00
Miroslav Prasil
c58682e3fb
Fix the logic in user edditing
2018-09-04 16:10:26 +01:00
Miroslav Prasil
db111ae2a0
Check properly the user membership in Organization
2018-09-04 13:37:44 +01:00
Miroslav Prasil
049aa33f17
Fix editing users in Organization
2018-09-04 12:15:46 +01:00
Miroslav Prasil
40d09ddd2a
Add PUT alias for Organization updates
2018-08-21 13:25:52 +01:00
Miroslav Prasil
00b882935f
Deserialize "null" to empty Vec for Collections
2018-08-14 11:06:42 +01:00
Miroslav Prasil
0dfd9c7670
Add couple more aliases for PUTs and DELETEs
2018-08-13 16:45:30 +01:00
Daniel García
a291dea16f
Updated dependencies and Docker image to new web-vault
2018-07-21 17:27:00 +02:00
Daniel García
1cb67eee69
Implement leave organization (accessed from the bottom of the user's settings page)
2018-07-11 16:30:03 +02:00
Daniel García
0905355629
Fix wrong case in import struct, invite collections and user Uri back-compat
2018-06-13 14:39:29 +02:00
Daniel García
483066b9a0
Some style changes, removed useless matches and formats
2018-06-11 15:44:37 +02:00
Daniel García
5ec728683e
Make sure the inputs are always in the same case (PascalCase, which is what upstream seems to prefer most of the time)
2018-06-01 00:18:50 +02:00
Daniel García
faa26ab8f5
Changed error message
2018-05-31 15:36:51 +02:00
Daniel García
1a4b1a8254
Enabled unused variable warning again, fixed some possible bugs where we didn't check some parameters, and explicitly marked all unused parameters (mostly orgheaders)
2018-05-30 22:30:45 +02:00
Miroslav Prasil
135ab4fb20
Clean up organizations.rs with new request guards
2018-05-30 17:12:18 +01:00
Miroslav Prasil
46f3b229ee
Removed unnecessary checks, simplified the code a bit
2018-05-30 16:01:56 +01:00
Miroslav Prasil
62be23b1c0
Support listing and deleting users from collection
2018-05-30 15:40:37 +01:00
Miroslav Prasil
4d50014e35
Implement request guards for organization
2018-05-30 13:35:10 +01:00
Miroslav Prasil
85ecd001a5
Fix user invitation
2018-05-28 17:26:02 +01:00
Miroslav Prasil
941747f9e8
Implement deleting Organization
2018-05-19 22:09:32 +01:00
Miroslav Prasil
a0d2ca3f24
Implement deleting collections
2018-05-16 23:05:50 +01:00
Daniel García
032134aabc
Fixed some errors asigning collections to users
2018-05-11 20:08:02 +02:00
Daniel García
79b4ddcae8
Added read_only bit to users_collections
2018-05-04 20:10:35 +02:00
Daniel García
0cb58add54
Implemented some admin methods, inserted CollectionsUsers only when Org accessAll == false, and implemented find_collection when user has access_all in Org
2018-05-04 19:47:31 +02:00
Miroslav Prasil
514a372bc8
Add per-user folder-cipher mapping
2018-04-30 23:38:55 +01:00
Miroslav Prasil
7e9e200d29
Add support for adding and viewing of org ciphers
2018-04-27 12:49:34 +01:00
Miroslav Prasil
c5185ddb83
Adding some oganization features
2018-04-26 17:19:08 +01:00
Daniel García
5210f9b951
Added org user editing
2018-04-25 00:34:40 +02:00
Daniel García
e6132809d2
Implemented delete user from org and added checks to the already existing org methods
2018-04-24 23:04:17 +02:00
Daniel García
4093bf92fe
Initial organizations functionality: Creating orgs and inviting users
2018-04-24 22:01:55 +02:00
Daniel García
dfefbf1f31
Fixed cipher import, created missing data structs instead of using generic Value, and fixed some warnings
2018-02-23 00:38:54 +01:00
Daniel García
1bc346688c
Some initial work on organizations, nothing works yet
2018-02-17 23:04:34 +01:00