From 4677ae4ac63549929bd3545e4808f82285592c1c Mon Sep 17 00:00:00 2001
From: mqus <8398165+mqus@users.noreply.github.com>
Date: Sun, 15 Jul 2018 00:42:17 +0200
Subject: [PATCH 1/7] Reflect changes in Archlinux packaging

I changed the way bitwarden_rs is packaged (the web interface is now an addon-package instead of bundled) and added a 'stable' package which follows recent releases.
 I assume that following releases instead of the master branch is encouraged so I removed the link to the (still existing) bitwarden_rs-git package which does the latter.
---
 README.md | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index be2b1623..f47c44c7 100644
--- a/README.md
+++ b/README.md
@@ -254,8 +254,7 @@ For building binary outside the Docker environment and running it locally withou
 
 ### Arch Linux
 
-Bitwarden_rs is already packaged for Archlinux thanks to @mqus. There is an AUR package [with](https://aur.archlinux.org/packages/bitwarden_rs-vault-git/) and 
-[without](https://aur.archlinux.org/packages/bitwarden_rs-git/) the vault web interface available.
+Bitwarden_rs is already packaged for Archlinux thanks to @mqus. There is an [AUR package](https://aur.archlinux.org/packages/bitwarden_rs) (optionally with the [vault web interface](https://aur.archlinux.org/packages/bitwarden_rs-vault/) ) available.
 
 ## Backing up your vault
 
@@ -303,4 +302,4 @@ docker run -d --name bitwarden \
 
 To ask an question, [raising an issue](https://github.com/dani-garcia/bitwarden_rs/issues/new) is fine, also please report any bugs spotted here.
 
-If you prefer to chat, we're usually hanging around at [#bitwarden_rs:matrix.org](https://matrix.to/#/!cASGtOHlSftdScFNMs:matrix.org) room on Matrix. Feel free to join us!
\ No newline at end of file
+If you prefer to chat, we're usually hanging around at [#bitwarden_rs:matrix.org](https://matrix.to/#/!cASGtOHlSftdScFNMs:matrix.org) room on Matrix. Feel free to join us!

From de72655bb11246b6b4b4c0debfd4ff381ff552e1 Mon Sep 17 00:00:00 2001
From: Miroslav Prasil <miroslav@prasil.info>
Date: Mon, 16 Jul 2018 10:23:45 +0100
Subject: [PATCH 2/7] Add confirmed check to the OrgHeaders request guard

---
 src/auth.rs | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/src/auth.rs b/src/auth.rs
index d401c386..2f7faf25 100644
--- a/src/auth.rs
+++ b/src/auth.rs
@@ -95,7 +95,7 @@ use rocket::Outcome;
 use rocket::request::{self, Request, FromRequest};
 
 use db::DbConn;
-use db::models::{User, UserOrganization, UserOrgType, Device};
+use db::models::{User, UserOrganization, UserOrgType, UserOrgStatus, Device};
 
 pub struct Headers {
     pub host: String,
@@ -205,7 +205,13 @@ impl<'a, 'r> FromRequest<'a, 'r> for OrgHeaders {
                         };
 
                         let org_user = match UserOrganization::find_by_user_and_org(&headers.user.uuid, &org_id, &conn) {
-                            Some(user) => user,
+                            Some(user) => {
+                                if user.status == UserOrgStatus::Confirmed as i32 {
+                                    user
+                                } else {
+                                    err_handler!("The current user isn't confirmed member of the organization")
+                                }
+                            }
                             None => err_handler!("The current user isn't member of the organization")
                         };
 

From 06f7bd7c976b78c5e490c03f016c9713026c161f Mon Sep 17 00:00:00 2001
From: Miroslav Prasil <miroslav@prasil.info>
Date: Wed, 18 Jul 2018 10:40:46 +0100
Subject: [PATCH 3/7] Change number of workers in image, document the setting
 (fixes #90)

---
 Dockerfile |  1 +
 README.md  | 15 +++++++++++++++
 2 files changed, 16 insertions(+)

diff --git a/Dockerfile b/Dockerfile
index a68a82a8..91e1d951 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -68,6 +68,7 @@ RUN cargo build --release
 FROM debian:stretch-slim
 
 ENV ROCKET_ENV "staging"
+ENV ROCKET_WORKERS=10
 
 # Install needed libraries
 RUN apt-get update && apt-get install -y\
diff --git a/README.md b/README.md
index f47c44c7..f05a6e96 100644
--- a/README.md
+++ b/README.md
@@ -21,6 +21,7 @@ _*Note, that this project is not associated with the [Bitwarden](https://bitward
     - [attachments location](#attachments-location)
     - [icons cache](#icons-cache)
   - [Changing the API request size limit](#changing-the-api-request-size-limit)
+  - [Changing the number of workers](#changing-the-number-of-workers)
   - [Other configuration](#other-configuration)
 - [Building your own image](#building-your-own-image)
 - [Building binary](#building-binary)
@@ -233,6 +234,20 @@ docker run -d --name bitwarden \
   mprasil/bitwarden:latest
 ```
 
+### Changing the number of workers
+
+When you run bitwarden_rs, it spawns `2 * <number of cpu cores>` workers to handle requests. On some systems this might lead to low number of workers and hence slow performance, so the default in the docker image is changed to spawn 10 threads. You can override this setting to increase or decrease the number of workers by setting the `ROCKET_WORKERS` variable.
+
+In the example bellow, we're starting with 20 workers:
+
+```sh
+docker run -d --name bitwarden \
+  -e ROCKET_WORKERS=20 \
+  -v /bw-data/:/data/ \
+  -p 80:80 \
+  mprasil/bitwarden:latest
+```
+
 ### Other configuration
 
 Though this is unlikely to be required in small deployment, you can fine-tune some other settings like number of workers using environment variables that are processed by [Rocket](https://rocket.rs), please see details in [documentation](https://rocket.rs/guide/configuration/#environment-variables).

From 233d23a527f6eebd29324618e1c53de574256f39 Mon Sep 17 00:00:00 2001
From: Miroslav Prasil <miroslav@prasil.info>
Date: Wed, 18 Jul 2018 11:54:33 +0100
Subject: [PATCH 4/7] Return 404 in case the path doesn't match instead of 500

---
 src/api/web.rs | 21 +++++++++++++--------
 1 file changed, 13 insertions(+), 8 deletions(-)

diff --git a/src/api/web.rs b/src/api/web.rs
index 8c4ae0a5..33a8d308 100644
--- a/src/api/web.rs
+++ b/src/api/web.rs
@@ -4,7 +4,7 @@ use std::path::{Path, PathBuf};
 use rocket::request::Request;
 use rocket::response::{self, NamedFile, Responder};
 use rocket::response::content::Content;
-use rocket::http::ContentType;
+use rocket::http::{ContentType, Status};
 use rocket::Route;
 use rocket_contrib::{Json, Value};
 
@@ -49,14 +49,19 @@ struct WebHeaders<R>(R);
 
 impl<'r, R: Responder<'r>> Responder<'r> for WebHeaders<R> {
     fn respond_to(self, req: &Request) -> response::Result<'r> {
-        let mut res = self.0.respond_to(req)?;
+        match self.0.respond_to(req) {
+            Ok(mut res) => {
+                res.set_raw_header("Referrer-Policy", "same-origin");
+                res.set_raw_header("X-Frame-Options", "SAMEORIGIN");
+                res.set_raw_header("X-Content-Type-Options", "nosniff");
+                res.set_raw_header("X-XSS-Protection", "1; mode=block");
 
-        res.set_raw_header("Referrer-Policy", "same-origin");
-        res.set_raw_header("X-Frame-Options", "SAMEORIGIN");
-        res.set_raw_header("X-Content-Type-Options", "nosniff");
-        res.set_raw_header("X-XSS-Protection", "1; mode=block");
-
-        Ok(res)
+                Ok(res)
+            },
+            Err(_) => {
+                Err(Status::NotFound)
+            }
+        } 
     }
 }
 

From 2dc1427027cb2c5436ec8ebc4d11d6b0964d803a Mon Sep 17 00:00:00 2001
From: Miroslav Prasil <miroslav@prasil.info>
Date: Wed, 18 Jul 2018 12:04:48 +0100
Subject: [PATCH 5/7] Bump the version

---
 Cargo.toml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Cargo.toml b/Cargo.toml
index 2fda83d6..31445dd1 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "bitwarden_rs"
-version = "0.10.0"
+version = "0.11.0"
 authors = ["Daniel García <dani-garcia@users.noreply.github.com>"]
 
 [dependencies]

From 51450a0df96425721e49fbb08a9f8d2a5347d45f Mon Sep 17 00:00:00 2001
From: Miroslav Prasil <miroslav@prasil.info>
Date: Tue, 24 Jul 2018 12:32:41 +0100
Subject: [PATCH 6/7] Fixed the documentation for https (resolves #101)

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index f05a6e96..cf526b5a 100644
--- a/README.md
+++ b/README.md
@@ -138,7 +138,7 @@ docker run -d --name bitwarden \
   -v /ssl/keys/:/ssl/ \
   -v /bw-data/:/data/ \
   -v /icon_cache/ \
-  -p 443:443 \
+  -p 443:80 \
   mprasil/bitwarden:latest
 ```
 Note that you need to mount ssl files and you need to forward appropriate port.

From d073f06652c4b90dacfcefa4464cee06f97ab5f4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jan=20Christian=20Gr=C3=BCnhage?= <jcgruenhage@matrix.org>
Date: Thu, 26 Jul 2018 22:42:02 +0100
Subject: [PATCH 7/7] Update matrix.to link in the README

Using the room ID instead of an alias isn't supposed to be working for joining rooms, and doesn't work when joining over federation. It only works when your server is already participating in the room.
---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index cf526b5a..aa0790a8 100644
--- a/README.md
+++ b/README.md
@@ -317,4 +317,4 @@ docker run -d --name bitwarden \
 
 To ask an question, [raising an issue](https://github.com/dani-garcia/bitwarden_rs/issues/new) is fine, also please report any bugs spotted here.
 
-If you prefer to chat, we're usually hanging around at [#bitwarden_rs:matrix.org](https://matrix.to/#/!cASGtOHlSftdScFNMs:matrix.org) room on Matrix. Feel free to join us!
+If you prefer to chat, we're usually hanging around at [#bitwarden_rs:matrix.org](https://matrix.to/#/#bitwarden_rs:matrix.org) room on Matrix. Feel free to join us!