Commit Graph

714 Commits

Author SHA1 Message Date
BlackDex
c64560016e Add /api/accounts/verify-password endpoint
If for some reason the hashed password is cleared from memory within a
bitwarden client it will try to verify the password at the server side.

This endpoint was missing.

Resolves #1156
2020-09-25 18:26:48 +02:00
Daniel García
2f3e18caa9
Merge pull request #1146 from BlackDex/user-orgs-table-enhancement
Enhanced user and orgs tables in admin view.
2020-09-20 16:48:19 +02:00
BlackDex
6a291040bd As requested here: https://bitwardenrs.discourse.group/t/searchable-user-list-on-admin-panel/299
- Changed the table layout a bit.
- Added functions to the tables:
  + Search
  + Sort
  + Paginate
2020-09-19 22:19:55 +02:00
BlackDex
f847c6e225 Updated the config options descriptions.
Made some small changes to the description of the config options for
SMTP. Some were a bit cryptic and missing some extra descriptions.

Also made it more clear which type of secured smtp connection is going
to used.
2020-09-19 17:09:58 +02:00
Daniel García
99da5fbebb
Merge pull request #1143 from BlackDex/better-lettre-errors
Format some common Lettre errors a bit simpler
2020-09-14 22:18:47 +02:00
BlackDex
6a0d024c69 Format some common Lettre errors a bit simpler
Currently when for example using the admin interface to send out a test e-mail just
returns `SmtpError`. This is not very helpful. What i have done.

- Match some common Lettre errors to return the error message.
- Other errors will just be passed on as before.

Some small other changes:
- Fixed a clippy warning about using clone().
- Fixed a typo where Lettere was spelled with one t.
2020-09-14 20:47:46 +02:00
BlackDex
9a47821642 Fixed creating a new organization
- The new web-vault needs a new api endpoint.
- Added this new endpoint.

Fixes #1139
2020-09-14 08:34:17 +02:00
Daniel García
d69968313b
Merge pull request #1140 from jjlin/UserOrgType-cmp
Simplify implementation of `UserOrgType::cmp()`
2020-09-13 15:10:54 +02:00
Daniel García
3c377d97dc
Merge pull request #1137 from BlackDex/smtp-multi-auth-mechanism
Allow multiple SMTP Auth meganisms.
2020-09-13 15:09:58 +02:00
Jeremy Lin
0eee907c88 Simplify implementation of UserOrgType::cmp()
Also move `UserOrgType::from_str()` closer to the definition of `UserOrgType`
since it references specific enum values.
2020-09-13 02:03:16 -07:00
BlackDex
c877583979 Allow multiple SMTP Auth meganisms.
- Allow all SMTP Auth meganisms supported by Lettre.
- The config value order is leading and values can be separated by a
  comma ','
- Case doesn't matter, and invalid values are ignored.
- Warning is printed when no valid value is found at all.
2020-09-12 21:47:24 +02:00
BlackDex
844cf70345 Updated lettre (and other crates) and workflow.
General:
- Updated several dependancies

Lettre:
- Updateded lettere and the workflow
- Changed encoding to base64
- Convert unix newlines to dos newlines for e-mails.
- Created custom e-mail boundary (auto generated could cause errors)

Tested the e-mails sent using several clients (Linux, Windows, MacOS, Web).
Run msglint (https://tools.ietf.org/tools/msglint/) on the generated e-mails until all errors were gone.

Lettre has changed quite some stuff compared between alpha.1 and alpha.2, i haven't noticed any issues sending e-mails during my tests.
2020-09-11 23:52:20 +02:00
Daniel García
a0d92a167c
Merge pull request #1125 from jjlin/org-cipher-visibility
Hide ciphers from non-selected collections for org owners/admins
2020-09-10 23:19:14 +02:00
Jeremy Lin
4c3b328aca Hide ciphers from non-selected collections for org owners/admins
If org owners/admins set their org access to only include selected
collections, then ciphers from non-selected collections shouldn't
appear in "My Vault". This matches the upstream behavior.
2020-09-01 02:20:25 -07:00
aaxdev
260ffee093 Improving code 2020-08-31 22:20:21 +02:00
aaxdev
c59cfe3371 Fix MsgPack headers and support mobile SignalR 2020-08-31 19:05:07 +02:00
Daniel García
0822c0c128
Update admin page dependencies 2020-08-31 16:40:21 +02:00
Daniel García
aaba1e8368
Fix some clippy warnings and remove unused function 2020-08-28 22:10:28 +02:00
Jeremy Lin
175d647e47 Delete associated favorites when deleting a cipher or user
This prevents foreign key constraint violations.
2020-08-26 01:27:38 -07:00
Daniel García
0365b7c6a4
Add support for multiple simultaneous database features by using macros.
Diesel requires the following changes:
- Separate connection and pool types per connection, the generate_connections! macro generates an enum with a variant per db type
- Separate migrations and schemas, these were always imported as one type depending on db feature, now they are all imported under different module names
- Separate model objects per connection, the db_object! macro generates one object for each connection with the diesel macros, a generic object, and methods to convert between the connection-specific and the generic ones
- Separate connection queries, the db_run! macro allows writing only one that gets compiled for all databases or multiple ones
2020-08-24 20:11:17 +02:00
Daniel García
19889187a5
Merge pull request #1106 from jjlin/favorites
Track favorites on a per-user basis
2020-08-24 00:31:48 +02:00
Daniel García
9571277c44
Merge pull request #1112 from jjlin/token-size-docs
Add more docs on the `email_token_size` setting
2020-08-24 00:25:47 +02:00
Daniel García
a202da9e23
Merge pull request #1099 from jjlin/global-domains
Sync global_domains.json with upstream
2020-08-24 00:25:33 +02:00
Jeremy Lin
c05dc50f53 Add more docs on the email_token_size setting 2020-08-22 17:35:55 -07:00
Jeremy Lin
d9684bef6b Generate tokens more simply and uniformly 2020-08-22 16:07:53 -07:00
Jeremy Lin
db0c45c172 Sync global_domains.json to bitwarden/server@8383a08 (Yandex) 2020-08-20 03:31:21 -07:00
Jeremy Lin
ad4393e3f7 Sync global_domains.json to bitwarden/server@80f57d2 (Amazon updates) 2020-08-20 03:30:39 -07:00
Jeremy Lin
f83a8a36d1 Track favorites on a per-user basis
Currently, favorites are tracked at the cipher level. For org-owned ciphers,
this means that if one user sets it as a favorite, it automatically becomes a
favorite for all other users that the cipher has been shared with.
2020-08-19 02:32:58 -07:00
Jeremy Lin
0e9eba8c8b Maximize similarity between MySQL and SQLite/PostgreSQL schemas
In particular, Diesel aliases `Varchar` to `Text`, and `Blob` to `Binary`:

* https://docs.diesel.rs/diesel/sql_types/struct.Text.html
* https://docs.diesel.rs/diesel/sql_types/struct.Binary.html
2020-08-19 02:32:56 -07:00
Jeremy Lin
d5c760960a Sync global_domains.json to bitwarden/server@af85e17 (eBay India updates) 2020-08-19 00:40:59 -07:00
Jeremy Lin
2c6ef2bc68 Sync global_domains.json to bitwarden/server@2c43019 (eBay updates) 2020-08-15 01:34:12 -07:00
Jeremy Lin
7032ae5587 Sync global_domains.json to bitwarden/server@6aed80a (Amazon updates) 2020-08-15 01:32:56 -07:00
Jeremy Lin
6d9f03e84b Sync global_domains.json to bitwarden/server@61b11e3 2020-08-12 21:10:31 -07:00
Daniel García
6a972e4b19
Make the admin URL redirect try to use the referrer first, and use /admin when DOMAIN is not configured and the referrer check doesn't work, to allow users without DOMAIN configured to use the admin page correctly 2020-08-12 19:07:52 +02:00
Daniel García
93b7ded1e6
Remove unneccessary shim for backtrace 2020-08-12 18:45:26 +02:00
Daniel García
29c6b145ca
Remove redundant user fetching from login 2020-08-11 16:48:15 +02:00
Daniel García
a7a479623c
Merge pull request #1087 from jjlin/org-creation-users
Add support for restricting org creation to certain users
2020-08-08 16:20:15 +02:00
Jeremy Lin
05b308b8b4 Sync global_domains.json with upstream 2020-08-06 12:13:40 -07:00
Jeremy Lin
570d6c8bf9 Add support for restricting org creation to certain users 2020-08-05 22:35:29 -07:00
Daniel García
ad48e9ed0f
Fix unlock on desktop clients 2020-08-04 15:12:04 +02:00
Jeremy Lin
a846f6c610 Fix soft delete notifications
A soft-deleted entry should now show up in the trash folder immediately
(previously, an extra sync was required).
2020-07-26 16:19:47 -07:00
Daniel García
fd1354d00e
Merge pull request #1067 from jjlin/log-time-fmt
Add config option for log timestamp format
2020-07-24 16:42:10 +02:00
Jeremy Lin
071a3b2a32 Log timestamps with milliseconds by default 2020-07-23 14:19:51 -07:00
Daniel García
32cfaab5ee
Updated dependencies and changed rocket request imports 2020-07-23 21:07:04 +02:00
Jeremy Lin
d348f12a0e Add config option for log timestamp format 2020-07-22 21:50:49 -07:00
Jeremy Lin
de70fbf88a Use strip_prefix() instead of trim_start_matches() as appropriate
As of Rust 1.45.0, `strip_prefix()` is now stable.
2020-07-20 22:33:13 -07:00
Daniel García
1e950c7dbc
Replace IP support in preparation for compiling on stable, included some tests to check that the code matches the unstable implementation 2020-07-15 00:00:03 +02:00
Daniel García
f14e19a3d8
Don't compile the regexes each time 2020-07-14 21:58:27 +02:00
Daniel García
668d5c23dc
Removed try_trait and some formatting, particularly around imports 2020-07-14 18:34:22 +02:00
Jeremy Lin
790146bfac Fix error in PostgreSQL build 2020-07-10 17:23:02 -07:00