Commit Graph

1409 Commits (25439563440f90949f8463dd99c8657b983860cd)

Author SHA1 Message Date
BlackDex d892880dd2
Fix UserOrg status during LDAP Import
1 year ago
BlackDex 4395e8e888
Fix .env.template file
1 year ago
BlackDex 4ec2507073
Remove debug code during attachment download
1 year ago
Daniel García ab65d7989b
Merge pull request #3690 from BlackDex/fix-issue-3685
1 year ago
BlackDex 631d022e17
Fix some external_id issues
1 year ago
GeekCorner 211f4492fa
feat: Add support for forwardemail
1 year ago
BlackDex a8e5384c4a
Fix Org API Key generation on PosgreSQL
1 year ago
BlackDex 08f37b9935
Fix org creation regresion
1 year ago
Daniel García a6cfdddfd8
Merge pull request #3649 from BlackDex/update-crates
1 year ago
Daniel García 814ce9a6ac
Merge pull request #3632 from sirux88/fix-reset-password-check-issue
1 year ago
Daniel García 1bee46f64b
Merge pull request #3623 from fashberg/main
1 year ago
Jan Jansen 84e901b7d2 add user to collection during creation
1 year ago
Folke Ashberg 839b2bc950 fix format error
1 year ago
Folke Ashberg 6050c8dac5 Added-External_id for Collections
1 year ago
BlackDex 0a6b797e6e
Update crates and small clippy fix
1 year ago
sirux88 fb6f441a4f fixed unnecessary variable usage
1 year ago
sirux88 9876aedd67 added password check for manual reset
1 year ago
Daniel García 19e671ff25
Fix dataurl parse panic when icon is malformed
1 year ago
Daniel García 60964c07e6
Add some extra access checks for attachments and groups
1 year ago
GeekCornerGH 1074315a87
feat: Support for storing passkeys in the vault
1 year ago
BlackDex 3c0cac623d
Fix send access regression
1 year ago
Jan Jansen e818a0bf37 Add group import on invite
1 year ago
BlackDex 84a23008f4
Update crates and workflow
1 year ago
Bernd Schoolmann e4606431d1
Fix mobile push blocking requests and spamming push server
1 year ago
BlackDex a05187c0ff
Some code changes and optimizations
1 year ago
BlackDex 8e34495e73
Merge and modify PR from @Kurnihil
1 year ago
BlackDex 4219249e11
Add support for Organization token
1 year ago
GeekCornerGH 2d66292350
feat: Push Notifications
1 year ago
BlackDex 83376544d8 Fix collection change ws notifications
2 years ago
BlackDex 636f16dc66
Prevent 401 on main admin page
2 years ago
Jeremy Lin 23aa9088f3
Sync global_domains.json to bitwarden/server@8dda73a (Pinterest)
2 years ago
Stefan Melmuk 4d5c047ddc
policy data should be `null` not an empty object
2 years ago
BlackDex 4a2ed553df
Use Rocket `v0.5` branch to fix endpoints
2 years ago
BlackDex f906f6230a
Change `String` to `&str` for all Rocket functions
2 years ago
BlackDex 951ba55123
Prevent some `::_` logs from outputting
2 years ago
BlackDex 18abf226be
Fix admin post endpoints
2 years ago
Tim Vilgot Mikael Fredenberg 55c1b6e8d5 inline static rsa keys
2 years ago
Daniel García 3d7e80a7aa
Merge pull request #3440 from BlackDex/switch-ws-to-streams
2 years ago
kennymc-c 271e3ae757 Changed permissions back to 644
2 years ago
BlackDex 48cc31a59f
Small update to Rocket WebSockets
2 years ago
kennymc-c 6a7cee4e7e Fixed footer to footer_text
2 years ago
kennymc-c f850dbb310 Fixed some missing footer_text partials and a few inconsistencies between plain text and html email templates
2 years ago
Daniel García 07099df41a
Merge pull request #3436 from BlackDex/fix-admin-base-url
2 years ago
BlackDex ae437f70a3
Several config and admin interface fixes
2 years ago
BlackDex 3d11f4cd16
WebSockets via Rocket's Upgrade connection
2 years ago
Stefan Melmuk 89e94b1d91
check if reset policy is enabled
2 years ago
BlackDex bff54fbfdb
Fix sending out multiple websocket notifications
2 years ago
Daniel García 867c6ba056
Merge pull request #3398 from stefan0xC/dont-expect-kdf-memory-or-parallelism
2 years ago
Daniel García d1ecf03f44
Merge pull request #3397 from nikolaevn/feature/add-admin-reinvite-endpoint
2 years ago
Nikolay Nikolaev aa6f774f65 add check user state
2 years ago
Nikolay Nikolaev 379f885354 add mail check
2 years ago
Stefan Melmuk 39a5f2dbe8
clear kdf memory and parallelism with pbkdf2
2 years ago
Stefan Melmuk 0daaa9b175
always return KdfMemory and KdfParallelism
2 years ago
Nikolay Nikolaev 0c085d21ce fmt
2 years ago
Nikolay Nikolaev dcaaa430f0 support `/users/<uuid>/invite/resend` admin api
2 years ago
BlackDex 2cda54ceff
Fix password reset issues
2 years ago
Jeremy Lin 62cebebd3d
Decode knowndevice `X-Request-Email` as base64url with no padding
2 years ago
BlackDex 8bcd0ab0c6
Some small fixes and updates
2 years ago
Stefan Melmuk ed8091a994
don't use `assert()` in production code
2 years ago
Stefan Melmuk 56cad93e0f
add endpoint to bulk delete collections
2 years ago
Stefan Melmuk 3cf67e0b8d
add endpoint to bulk delete groups
2 years ago
Daniel García 729b563160
Merge pull request #3332 from BlackDex/merge-clientip-with-headers
2 years ago
Jeremy Lin daaa03d1b3 Add support for `/api/devices/knowndevice` with HTTP header params
2 years ago
BlackDex 9e5b94924f
Merge ClientIp with Headers.
2 years ago
BlackDex 0c0e632bc9
Upd Crates, Rust, MSRV, GHA and remove Backtrace
2 years ago
Daniel García a13a5bd1d8
Merge pull request #3315 from BlackDex/issue-3311
2 years ago
Daniel García 3b34b429f3
Merge pull request #3307 from jjlin/head-routes
2 years ago
BlackDex 10c5476d31
Fix web-vault Member UI show/edit/save
2 years ago
Jeremy Lin d3626eba2a Add HEAD routes to avoid spurious error messages
2 years ago
BlackDex de157b2654
Admin token Argon2 hashing support
2 years ago
Dylan Pinsonneault f88b6d961e Fix confirmation for removing 2FA and deauthing sessions in admin panel
2 years ago
Daniel García 0426051541
Merge pull request #3281 from BlackDex/fix-web-vault-issues
2 years ago
Daniel García 4556f668de
Merge pull request #3288 from BlackDex/admin-interface-updates
2 years ago
BlackDex f10e6b6ac2
Some Admin Interface updates
2 years ago
BlackDex 7ec00d3850
Fix the web-vault v2023.2.0 API calls
2 years ago
Jonathan Elias Caicedo 8f8d7418ed
Add confirmation for removing 2FA and deauth sessions in admin panel
2 years ago
Jeremy Lin 61183d001c Fix vault item display in org vault view
2 years ago
Daniel García dc7951efaf
Add missing collections/details endpoint, based on the existing one
2 years ago
Nils Mittler 0f656b4889
Apply rewording
2 years ago
Nils Mittler 6fa1dc50be
Apply Admin Session Lifetime to JWT
2 years ago
Nils Mittler 2bb41367bc
Make the admin cookie lifetime adjustable
2 years ago
Misterbabou 20d8886bfa
Fix Collection Read Only access for groups
2 years ago
BlackDex 59ef82b740
Fix Organization delete when groups are configured
2 years ago
BlackDex fc543154c0
Validate all needed fields for client API login
2 years ago
Nils Mittler 8ae799a771 Add function to fetch user by email address
2 years ago
Daniel García f92efda0f0
Merge branch 'main' into main
2 years ago
Daniel García 5bcee24f88
Merge branch 'main' into feature/kdf-options
2 years ago
soruh 9e3d7ea44c add EXE_SUFFIX to sendmail executable when not specified
2 years ago
soruh 8cc6dac893 check if SENDMAIL_COMMAND is valid using 'which' crate
2 years ago
soruh b7c4316c77 Add support for sendmail as a mail transport
2 years ago
Daniel García bc49d1f90d
Merge branch 'main' into issue-3166
2 years ago
Daniel García cef5dd4a46
Merge branch 'main' into allow-editing/unhiding-by-group
2 years ago
Daniel García 6e2c3fc1cc
Merge branch 'main' into icon-blacklist-improvements
2 years ago
Daniel García af69c83db2
Merge branch 'main' into fix-domain-description
2 years ago
Daniel García c58aac585b
Merge branch 'main' into fix-post-emergency-access
2 years ago
Daniel García a20a641de3
Merge branch 'main' into spell-jack_mitigation
2 years ago
Helmut K. C. Tessarek 68bcc7a4b8
add argon2 kdf fields
2 years ago
BlockListed c04a1352cb
remove warn when sanitizing domain
2 years ago
BlockListed 5d1c11ceba
fix trailing slash in configuration builder
2 years ago
BlockListed a2aa7c9bc2
Revert "fix trailing slash not being removed from domain"
2 years ago
Jan Jansen b3a351ccb2 allow editing/unhiding by group
2 years ago
BlockListed 679bc7a59b
fix trailing slash not being removed from domain
2 years ago
BlockListed a72d0b518f
remove documentation of bug since I'm fixing it
2 years ago
Kevin P. Fleming 6741b25907 Ensure that all results from check_domain_blacklist_reason are cached.
2 years ago
Kevin P. Fleming 24b5784f02 Generate distinct log messages for regex vs. IP blacklisting.
2 years ago
BlockListed eb9b481eba
improve wording of domain description
2 years ago
BlockListed 64edc49392
change description of domain configuration
2 years ago
sirux88 0d1753ac74 completly hide reset password policy
2 years ago
sirux88 a6558f5548 rust lang specific improvements
2 years ago
sirux88 62dfeb80f2 improved security, disabling policy usage on
2 years ago
Stefan Melmuk e65fbbfc21
don't nullify key when editing emergency access
2 years ago
BlackDex c9ed9aa733
Fix Javascript issue on non sqlite databases
2 years ago
Daniel Hammer 9b20decdc1 "Spell-Jacking" mitigation ~ prevent sensitive data leak from spell checker.
2 years ago
sirux88 adaefc8628 fixes for current upstream main
2 years ago
sirux88 c6c45c4c49 working implementation
2 years ago
sirux88 95494083f2 added database migration
2 years ago
BlackDex e38e1a5d5f
Validate note sizes on key-rotation.
2 years ago
sirux88 cc91ac6cc0
include key into user.set_password
2 years ago
BlackDex 2d8c8e18f7
Update KDF Configuration and processing
2 years ago
BlackDex acc1474394
Add avatar color support
2 years ago
BlackDex aaffb2e007
Add MFA icon to org member overview
2 years ago
GeekCorner e0e95e95e4
fix (2fa.directory): Allow api.2fa.directory, and remove 2fa.directory
2 years ago
BlackDex fa70b440d0
Fix remaning inline format
2 years ago
Rychart Redwerkz 42acb2ebb6
Use more modern meta tag for charset encoding
2 years ago
BlackDex 3181e4e96e
Optimize CipherSyncData for very large vaults
2 years ago
BlackDex 7390f34355
Resolve uninlined_format_args clippy warnings
2 years ago
Daniel García c47d9f6593
Fix some lints: explicit Arc::clone, and unnecessary return after unreachable!
2 years ago
pjsier 7dd1959eba
Log message to stderr if LOG_FILE is not writable
2 years ago
pjsier e266b39254
Log message to stderr if LOG_FILE is not writable
2 years ago
BlackDex e935989fee
Resolve uninlined_format_args clippy warnings
2 years ago
Rychart Redwerkz 25c401f64d
Remove `shrink-to-fit=no`
2 years ago
Jeremy Lin 18b72da657
Change `text/plain` API responses to `application/json`
2 years ago
BlackDex 6be26f0a38
Fix failing large note imports
2 years ago
BlackDex e945d16fcf
Optimize config loading messages
2 years ago
BlackDex f1c0aa4f83
Update WebSocket Notifications
2 years ago
pjsier 68362d06b3
Log message to stderr if LOG_FILE is not writable
2 years ago
BlackDex f65c0e2ac8
Validate YUBICO_SERVER string (#3003)
2 years ago
BlackDex 0f588ced03
Removed unsafe-inline JS from CSP and other fixes
2 years ago
Alex Martel b0f03bb49c
Remove patched multer-rs
2 years ago
Andrés Maldonado 2897c24e83 Percent-encode org_name in links
2 years ago
BlackDex 67a584c1d4
Disable groups by default and Some optimizations
2 years ago
BlackDex 8e5f03972e
Fix recover-2fa not working.
2 years ago
BlackDex b60a4a68c7
Fix a panic during Yubikey register/login
2 years ago
BlackDex 8d1bc2e539
Fix org export (again)
2 years ago
BlackDex 50c46f6e9a
Remove ctrlc crate and some updates
2 years ago
Helmut K. C. Tessarek 4f1928778a
use 32x32 favicon for consistency
2 years ago
Helmut K. C. Tessarek 5fcba3d7f5
use black favicon for /admin
2 years ago
BlackDex cd3e2d7a5a
Increase privacy of masked config
2 years ago
BlackDex d9c0c23819
Revert collection queries back to `left_join`
2 years ago
BlackDex 2d90c6ac24
Fix managers and groups link
2 years ago
Stefan Melmuk d209df9e10
use a custom 404 page
2 years ago
BlackDex d6dc6070f3
Fix admin repost warning.
2 years ago
BlackDex d66323b742
Limit Cipher Note encrypted string size
2 years ago
BlackDex 7b09d74b1f
Update dependencies for Rust and Admin interface.
2 years ago
BlackDex c0e3c2c5e1
Cleanups and Fixes for Emergency Access
2 years ago
BlackDex 1b64b9e164
Add dev-only query logging support
2 years ago
Stefan Melmuk d5e54cb576
only check sqlite parent if there could be one
2 years ago
Stefan Melmuk 8837660ba7
check if sqlite folder exists
2 years ago
BlackDex 464a489b44
Update Vaultwarden Logo's
2 years ago
BlackDex 7035700c8d
Add Organizational event logging feature
2 years ago
Stefan Melmuk 0aa33a2cb4
don't use param for passing the redirect info
2 years ago
Stefan Melmuk fa7dbedd5d
redirect to admin login page when forward fails
2 years ago
Daniel García f3beaea9e9
Merge pull request #2933 from stefan0xC/fix-manager-issue
2 years ago
Daniel García 39ae2f1f76
Merge pull request #2928 from karbobc/settings-description
2 years ago
Daniel García 366b1050ec
Merge pull request #2921 from BlackDex/issue-2909
2 years ago
Daniel García b3aab7a6ad
Merge pull request #2920 from BlackDex/issue-2889
2 years ago
Daniel García aa8d050d6b
Merge pull request #2919 from BlackDex/issue-2828
2 years ago
Daniel García 5200f0e98d
Merge pull request #2918 from BlackDex/issue-2761
2 years ago
Stefan Melmuk e27a5be47a
allow managers to set groups of a collection
2 years ago
Karbob 56786a18f1 Update settings description
2 years ago
BlackDex 0d2399d485
Prevent DNS leak when icon regex is configured
2 years ago
BlackDex 5bfc7cfde3
Added missing `register` endpoint to `identity`
2 years ago
BlackDex 723f0cbc1e
Fully remove DuckDuckGo email service.
2 years ago
BlackDex b141f789f6
Set "Bypass admin page security" as read-only
2 years ago
Samuel Tardieu 7445ee40f8 Remove get_random_64()
2 years ago
Samuel Tardieu d0baa23f9a Use constant size generic parameter for random bytes generation
2 years ago
GeekCorner 05d4788d1d
fix: removed a double space
2 years ago
BlackDex 6f0dea1b56
Add `/devices/knowndevice` endpoint
2 years ago
BlackDex 439ef44973
Update Rust version, deps and workflow
2 years ago
BlackDex c9ec389b24
Support Org Export for v2022.11 clients
2 years ago
Jeremy Lin b59809af46
Sync global_domains.json to bitwarden/server@7c783c9 (Atlassian)
2 years ago
Stefan Melmuk ed24d51d3e
validate cron expressions on startup
2 years ago
Stefan Melmuk 870f0d0932
validate billing_email on save
2 years ago
Daniel García 8409b31d6b
Update to diesel2
2 years ago
MFijak 21bc3bfd53 group support
2 years ago
Stefan Melmuk 64ae5d4f81
verify email on registration via invite link
2 years ago
Jeremy Lin 0c267d073f
Sync global_domains.json to bitwarden/server@ea300b2 (Amazon)
2 years ago
Stefan Melmuk 23f1f8a576
allow registration without invite link
2 years ago
Stefan Melmuk 0e6f6e612a
use static_files() for email attachments
2 years ago
Stefan Melmuk 4d1b860dad
attach images to email
2 years ago
Stefan Melmuk 6576914e55
fix invitations of new users when mail is disabled
2 years ago
BlackDex f41ba2a60f
Fix master password hint update not working.
2 years ago
Jeremy Lin 46ec11de12
Update CSP for DuckDuckGo email forwarding
2 years ago
Jeremy Lin 4283a49e0b
Reformat CSP header for readability
2 years ago
Jeremy Lin 1e32db8c41
Add `CreationDate` to cipher response JSON
2 years ago
Stefan Melmuk 2dd5086916
more verbose permission denied error
2 years ago
Stefan Melmuk 7532072d50
add check if data folder is a directory
2 years ago
Stefan Melmuk ef4072e4ff
improve spelling of minimum expiration hours check
2 years ago
Stefan Melmuk c78d383ed1
make invitation expiration time configurable
2 years ago
Stefan Melmuk 5b96270874
return "Object" for consistency
2 years ago