From c7489c9fdf08878c71f9dfd5263abc9e8e43056e Mon Sep 17 00:00:00 2001 From: BlackDex Date: Wed, 11 Jan 2023 22:13:20 +0100 Subject: [PATCH 1/4] Add MFA icon to org member overview The Organization member overview supports showing an icon if the user has MFA enabled or not. This PR adds this feature. This is very useful if you want to enable force mfa for example. --- src/db/models/organization.rs | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/db/models/organization.rs b/src/db/models/organization.rs index a2ab75a7..331e1007 100644 --- a/src/db/models/organization.rs +++ b/src/db/models/organization.rs @@ -2,7 +2,7 @@ use num_traits::FromPrimitive; use serde_json::Value; use std::cmp::Ordering; -use super::{CollectionUser, GroupUser, OrgPolicy, OrgPolicyType, User}; +use super::{CollectionUser, GroupUser, OrgPolicy, OrgPolicyType, TwoFactor, User}; use crate::CONFIG; db_object! { @@ -365,6 +365,8 @@ impl UserOrganization { self.status }; + let twofactor_enabled = !TwoFactor::find_by_user(&user.uuid, conn).await.is_empty(); + json!({ "Id": self.uuid, "UserId": self.user_uuid, @@ -374,6 +376,7 @@ impl UserOrganization { "Status": status, "Type": self.atype, "AccessAll": self.access_all, + "TwoFactorEnabled": twofactor_enabled, "Object": "organizationUserUserDetails", }) From c36b870c54986ae8015d9e9be84b8ca42a565eb2 Mon Sep 17 00:00:00 2001 From: Rychart Redwerkz Date: Tue, 10 Jan 2023 00:24:37 +0100 Subject: [PATCH 2/4] Use more modern meta tag for charset encoding --- src/static/templates/admin/base.hbs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/static/templates/admin/base.hbs b/src/static/templates/admin/base.hbs index e296b114..2fe1ee54 100644 --- a/src/static/templates/admin/base.hbs +++ b/src/static/templates/admin/base.hbs @@ -1,7 +1,7 @@ - + From 80eb15d46aaaf5782b7c2eb45f7924a1a736221d Mon Sep 17 00:00:00 2001 From: BlackDex Date: Mon, 9 Jan 2023 20:32:56 +0100 Subject: [PATCH 3/4] Fix remaning inline format --- src/config.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/config.rs b/src/config.rs index fa8bea66..f8990dc0 100644 --- a/src/config.rs +++ b/src/config.rs @@ -1222,7 +1222,7 @@ fn to_json<'reg, 'rc>( ) -> HelperResult { let param = h.param(0).ok_or_else(|| RenderError::new("Expected 1 parameter for \"to_json\""))?.value(); let json = serde_json::to_string(param) - .map_err(|e| RenderError::new(format!("Can't serialize parameter to JSON: {}", e)))?; + .map_err(|e| RenderError::new(format!("Can't serialize parameter to JSON: {e}")))?; out.write(&json)?; Ok(()) } From ff919039c9e5d608003e32a4a5b95661e3411a99 Mon Sep 17 00:00:00 2001 From: GeekCorner <45696571+GeekCornerGH@users.noreply.github.com> Date: Tue, 10 Jan 2023 09:41:35 +0100 Subject: [PATCH 4/4] fix (2fa.directory): Allow api.2fa.directory, and remove 2fa.directory --- src/util.rs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/util.rs b/src/util.rs index 3297fad5..fe99e2d3 100644 --- a/src/util.rs +++ b/src/util.rs @@ -50,7 +50,7 @@ impl Fairing for AppHeaders { // Have I Been Pwned and Gravator to allow those calls to work. // # Connect src: // Leaked Passwords check: api.pwnedpasswords.com - // 2FA/MFA Site check: 2fa.directory + // 2FA/MFA Site check: api.2fa.directory // # Mail Relay: https://bitwarden.com/blog/add-privacy-and-security-using-email-aliases-with-bitwarden/ // app.simplelogin.io, app.anonaddy.com, api.fastmail.com, quack.duckduckgo.com let csp = format!( @@ -73,7 +73,7 @@ impl Fairing for AppHeaders { {icon_service_csp}; \ connect-src 'self' \ https://api.pwnedpasswords.com \ - https://2fa.directory \ + https://api.2fa.directory \ https://app.simplelogin.io/api/ \ https://app.anonaddy.com/api/ \ https://api.fastmail.com/ \