MirrorHub/bitwarden_rs
0
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden synced 2024-09-27 12:58:58 +02:00
Code Issues Releases Wiki Activity
2400 commits 1 branch 60 tags 26 MiB
Commit graph

148 commits

Author SHA1 Message Date
Olivier Martin
1db37bf3d0 make error toast display detailed message 
replace invite accept error message with the one from upstream
check if config mail is enabled
 2021-04-12 21:54:57 -04:00
Olivier Martin
d75a80bd2d Resolves dani-garcia/bitwarden_rs#981 
* a user without 2fa trying to join a 2fa org will fail, but user gets an email to enable 2fa
* a user disabling 2fa will be removed from 2fa orgs; user gets an email for each org
* an org enabling 2fa policy will remove users without 2fa; users get an email
 2021-04-11 22:57:17 -04:00
Jake Howard
3ab90259f2
Modify rustfmt file 2021-04-06 21:54:42 +01:00
Jake Howard
0af3956abd
Run cargo fmt on codebase 2021-03-31 21:18:35 +01:00
Jake Howard
3e5971b9db
Remove unnecessary result return types 2021-03-27 15:07:26 +00:00
Jeremy Lin
a75d050001 Fix custom org name in invitation confirmation email 
The org name in the invitation email was made customizable in 8867626, but
the org name is still hardcoded as "bitwarden_rs" in the confirmation email.
 2021-03-03 23:03:55 -08:00
Daniel García
9323c57f49
Remove debug print 2021-02-07 00:22:39 +01:00
Daniel García
85e3c73525
Basic experimental ldap import support with the official directory connector 2021-02-06 20:15:42 +01:00
BlackDex
7dff8c01dd JSON Response updates and small fixes 
Updated several json response models.
Also fixed a few small bugs.

ciphers.rs:
  - post_ciphers_create:
    * Prevent cipher creation to organization without a collection.
  - update_cipher_from_data:
    * ~~Fixed removal of user_uuid which prevent user-owned shared-cipher to be not editable anymore when set to read-only.~~
    * Cleanup the json_data by removing the `Response` key/values from several objects.
  - delete_all:
    * Do not delete all Collections during the Purge of an Organization (same as upstream).

cipher.rs:
  - Cipher::to_json:
    * Updated json response to match upstream.
    * Return empty json object if there is no type_data instead of values which should not be set for the type_data.

organizations.rs:
  * Added two new endpoints to prevent Javascript errors regarding tax

organization.rs:
  - Organization::to_json:
    * Updated response model to match upstream
  - UserOrganization::to_json:
    * Updated response model to match upstream

collection.rs:
  - Collection::{to_json, to_json_details}:
    * Updated the json response model, and added a detailed version used during the sync
  - hide_passwords_for_user:
    * Added this function to return if the passwords should be hidden or not for the user at the specific collection (used by `to_json_details`)

Update 1: Some small changes after comments from @jjlin.
Update 2: Fixed vault purge by user to make sure the cipher is not part of an organization.

Resolves #971
Closes #990, Closes #991
 2021-01-31 21:46:37 +01:00
Jeremy Lin
9f86196a9d Add support for the Personal Ownership policy 
Upstream refs:

* https://github.com/bitwarden/server/pull/1013
* https://bitwarden.com/help/article/policies/#personal-ownership
 2021-01-23 20:50:06 -08:00
BlackDex
7cf8809d77 Adding Manager Role support 
This has been requested a few times (#1136 & #246 & forum), and there already were two
(1:1 duplicate) PR's (#1222 & #1223) which needed some changes and no
followups or further comments unfortunally.

This PR adds two auth headers.
- ManagerHeaders
  Checks if the user-type is Manager or higher and if the manager is
part of that collection or not.
- ManagerHeadersLoose
  Check if the user-type is Manager or higher, but does not check if the
user is part of the collection, needed for a few features like
retreiving all the users of an org.

I think this is the safest way to implement this instead of having to
check this within every function which needs this manually.

Also some extra checks if a manager has access to all collections or
just a selection.

fixes #1136
 2020-12-02 22:50:51 +01:00
BlackDex
9a47821642 Fixed creating a new organization 
- The new web-vault needs a new api endpoint.
- Added this new endpoint.

Fixes #1139
 2020-09-14 08:34:17 +02:00
Jeremy Lin
570d6c8bf9 Add support for restricting org creation to certain users 2020-08-05 22:35:29 -07:00
Daniel García
668d5c23dc
Removed try_trait and some formatting, particularly around imports 2020-07-14 18:34:22 +02:00
Jeremy Lin
979d010dc2 Add support for hiding passwords in a collection 
Ref: https://github.com/bitwarden/server/pull/743
 2020-07-02 21:51:20 -07:00
Jeremy Lin
a314933557 Allow email changes for existing accounts even when signups are disabled 2020-05-24 14:38:19 -07:00
theycallmesteve
6a8c65493f
Rename collection_user_details to collection_read_only to reflect the response model 2020-05-08 13:37:40 -04:00
Jeremy Lin
e4d08836e2 Make org owner invitations respect the email domain whitelist 
This closes a loophole where org owners can invite new users from any domain.
 2020-04-09 01:51:05 -07:00
Daniel García
94341f9f3f
Fix token error while accepting invite 2020-03-20 10:51:17 +01:00
Daniel García
3fa78e7bb1
Initial version of policies 2020-03-14 13:32:28 +01:00
Daniel García
d29b6bee28
Remove unnecessary clones and other clippy fixes 2019-11-02 17:39:01 +01:00
Emil Madsen
e22e290f67 Fix key and type variable names for mysql 2019-05-20 21:24:29 +02:00
Дамјан Георгиевски
473f8b8e31 remove some unneeded mutability 2019-02-22 20:25:50 +01:00
Daniel García
820c8b0dce
Change use of deserialize_with for Option iterator 2019-02-08 19:12:08 +01:00
Daniel García
8b4a6f2a64
Fixed some clippy lints and changed update_uuid_revision to only use one db query 2019-02-08 18:45:07 +01:00
Daniel García
86ed75bf7c
Config can now be serialized / deserialized 2019-02-06 17:34:29 +01:00
Daniel García
a1dc47b826
Change config to thread-safe system, needed for a future config panel. 
Improved some two factor methods.
 2019-01-25 18:24:57 +01:00
Daniel García
86de0ca17b
Fix editing users from collections menu 2019-01-25 17:43:51 +01:00
Stephen White
928ad6c1d8 Fix the list of users with access to a collection to display correctly. 
https://github.com/dani-garcia/bitwarden_rs/issues/364
 2019-01-25 14:18:06 +00:00
Daniel García
834c847746
Implement admin JWT cookie, separate JWT issuers for each type of token and migrate admin page to handlebars template 2019-01-19 21:41:49 +01:00
Daniel García
4309df8334
Only create invitations when SMTP is disabled, and ignore invitations if we have a token. 
Disallow users from accepting invitation twice
 2019-01-08 15:42:26 +01:00
Daniel García
f1161c65fb
Make sure an invitation is created when reinviting 2019-01-08 14:05:05 +01:00
Daniel García
21b85b78b1
Changed reinvite check and removed obsolete comment 2019-01-07 15:29:57 +01:00
Nick Fox
0a74e79cea
Refactor generate_invite_claims, make org_name and org_id optional 2019-01-05 23:03:49 -05:00
Nick Fox
7db66f73f0
Refactor invited_by_email check 2019-01-05 13:46:45 -05:00
Nick Fox
cec28a85ac
Update admin page to work with new invitation flow 2019-01-04 10:32:51 -05:00
Nick Fox
736c0e62f2
Send emails to inviters/invitees when invites are accepted/confirmed 2019-01-02 22:20:39 -05:00
Daniel García
30e768613b
Start using rustfmt and some style changes to make some lines shorter 2018-12-30 23:34:31 +01:00
Daniel García
2bb0b15e04
Implemented better errors for JWT 2018-12-30 21:43:55 +01:00
Daniel García
250a2b340f
Use new Errors in latest changes 2018-12-30 21:43:55 +01:00
Daniel García
b2fc0499f6
Finish invite functionality, and remove virtual organization 2018-12-30 21:40:26 +01:00
Daniel García
6a99849a1e
Implemented proper error handling, now we can do user.save($conn)?; and it works. 
In the future, maybe we can do the same with the `find_by_id` methods that return an Option.
 2018-12-30 21:31:12 +01:00
Nick Fox
f20c4705d9
Refactor invite claims and disallow reinvites to virtual_org 2018-12-30 00:19:01 -05:00
Nick Fox
3142d8d01f
Add more detail to invitation not found error 2018-12-29 23:28:19 -05:00
Nick Fox
84fa5a4ed6
Implement reinvite endpoint 2018-12-29 23:24:38 -05:00
Nick Fox
b0ac640d8b
Use JWT to validate existing user invites 2018-12-23 15:15:44 -05:00
Nick Fox
99256b9b3a
Prefix unused params with underscore 2018-12-20 21:37:03 -05:00
Nick Fox
26bf7bc12f
Use upstream jslib invite/registration workflow 2018-12-18 23:16:03 -05:00
Nick Fox
042c1072d9
Remove CONFIG.email_invitation option 2018-12-17 17:02:15 -05:00
Nick Fox
4910b14d57
Implement email invitations and registration workflow 2018-12-14 21:56:00 -05:00
Daniel García
94810c106a
Migrate to rust 2018 edition 2018-12-07 02:05:45 +01:00
Daniel García
f84cbeaaf8
Merge branch 'master' into rocket-0.4 
# Conflicts:
#	src/db/models/organization.rs
 2018-11-14 16:14:49 +01:00
Miroslav Prasil
66a4c5d48b Implement comparison between i32 and UserOrgType 2018-11-12 17:13:25 +00:00
Daniel García
c673370103
Updated bw_rs to Rocket version 0.4-rc1 2018-11-01 19:25:09 +01:00
janost
e985221b50 User::save() should return QueryResult instead of bool 2018-10-14 19:33:12 +02:00
janost
64f6c60bfd Organization::save() and UserOrganization::save() should return QueryResult instead of bool 2018-10-14 16:04:23 +02:00
Miroslav Prasil
a28caa33ef Implement poor man's admin panel 2018-10-12 15:20:10 +01:00
janost
5292d38c73 CollectionCipher::save() and delete() should return QueryResult instead of bool 2018-10-07 11:06:11 +02:00
janost
c29bc9309a Return proper error message for org reinvite 2018-10-05 12:29:41 +02:00
Daniel García
2aabf14372
Merge pull request #206 from mprasil/collection_revision 
Collection update updates User revision
 2018-10-01 19:31:43 +02:00
Miroslav Prasil
d9457e929c Add continuation token when we return object list 2018-10-01 17:55:48 +01:00
Miroslav Prasil
86b49856a7 Handle return value from Collection::save() 2018-10-01 17:50:31 +01:00
Daniel García
8651df8c2a
Fixed some lint issues 2018-09-13 21:55:23 +02:00
Daniel García
928e2424c0
Updated dependencies and fixed errors 2018-09-13 16:05:13 +02:00
Daniel García
f397f0cbd0
Implement organization import for admins and owners (Fixes #178) 2018-09-13 15:16:24 +02:00
Miroslav Prasil
c1cd4d9a6b Modify User::new to be keyless and paswordless 2018-09-11 14:25:12 +01:00
Miroslav Prasil
ec05f14f5a Implement poor man's invitation via Organization invitation 2018-09-11 13:09:59 +01:00
Miroslav Prasil
c58682e3fb Fix the logic in user edditing 2018-09-04 16:10:26 +01:00
Miroslav Prasil
db111ae2a0 Check properly the user membership in Organization 2018-09-04 13:37:44 +01:00
Miroslav Prasil
049aa33f17 Fix editing users in Organization 2018-09-04 12:15:46 +01:00
Miroslav Prasil
40d09ddd2a Add PUT alias for Organization updates 2018-08-21 13:25:52 +01:00
Miroslav Prasil
00b882935f Deserialize "null" to empty Vec for Collections 2018-08-14 11:06:42 +01:00
Miroslav Prasil
0dfd9c7670 Add couple more aliases for PUTs and DELETEs 2018-08-13 16:45:30 +01:00
Daniel García
a291dea16f Updated dependencies and Docker image to new web-vault 2018-07-21 17:27:00 +02:00
Daniel García
1cb67eee69 Implement leave organization (accessed from the bottom of the user's settings page) 2018-07-11 16:30:03 +02:00
Daniel García
0905355629 Fix wrong case in import struct, invite collections and user Uri back-compat 2018-06-13 14:39:29 +02:00
Daniel García
483066b9a0 Some style changes, removed useless matches and formats 2018-06-11 15:44:37 +02:00
Daniel García
5ec728683e Make sure the inputs are always in the same case (PascalCase, which is what upstream seems to prefer most of the time) 2018-06-01 00:18:50 +02:00
Daniel García
faa26ab8f5 Changed error message 2018-05-31 15:36:51 +02:00
Daniel García
1a4b1a8254 Enabled unused variable warning again, fixed some possible bugs where we didn't check some parameters, and explicitly marked all unused parameters (mostly orgheaders) 2018-05-30 22:30:45 +02:00
Miroslav Prasil
135ab4fb20 Clean up organizations.rs with new request guards 2018-05-30 17:12:18 +01:00
Miroslav Prasil
46f3b229ee Removed unnecessary checks, simplified the code a bit 2018-05-30 16:01:56 +01:00
Miroslav Prasil
62be23b1c0 Support listing and deleting users from collection 2018-05-30 15:40:37 +01:00
Miroslav Prasil
4d50014e35 Implement request guards for organization 2018-05-30 13:35:10 +01:00
Miroslav Prasil
85ecd001a5 Fix user invitation 2018-05-28 17:26:02 +01:00
Miroslav Prasil
941747f9e8 Implement deleting Organization 2018-05-19 22:09:32 +01:00
Miroslav Prasil
a0d2ca3f24 Implement deleting collections 2018-05-16 23:05:50 +01:00
Daniel García
032134aabc Fixed some errors asigning collections to users 2018-05-11 20:08:02 +02:00
Daniel García
79b4ddcae8 Added read_only bit to users_collections 2018-05-04 20:10:35 +02:00
Daniel García
0cb58add54 Implemented some admin methods, inserted CollectionsUsers only when Org accessAll == false, and implemented find_collection when user has access_all in Org 2018-05-04 19:47:31 +02:00
Miroslav Prasil
514a372bc8 Add per-user folder-cipher mapping 2018-04-30 23:38:55 +01:00
Miroslav Prasil
7e9e200d29 Add support for adding and viewing of org ciphers 2018-04-27 12:49:34 +01:00
Miroslav Prasil
c5185ddb83 Adding some oganization features 2018-04-26 17:19:08 +01:00
Daniel García
5210f9b951 Added org user editing 2018-04-25 00:34:40 +02:00
Daniel García
e6132809d2 Implemented delete user from org and added checks to the already existing org methods 2018-04-24 23:04:17 +02:00
Daniel García
4093bf92fe Initial organizations functionality: Creating orgs and inviting users 2018-04-24 22:01:55 +02:00
Daniel García
dfefbf1f31 Fixed cipher import, created missing data structs instead of using generic Value, and fixed some warnings 2018-02-23 00:38:54 +01:00
Daniel García
1bc346688c Some initial work on organizations, nothing works yet 2018-02-17 23:04:34 +01:00