mirrored/vaultwarden
1
0
Fork 1
Spiegel von https://github.com/dani-garcia/vaultwarden.git synchronisiert 2024-07-01 03:34:41 +02:00
Code Issues Releases Aktivität
1507 Commits 1 Branch 58 Tags 12 MiB
Commit-Graph

219 Commits

Autor SHA1 Nachricht Datum
Jeremy Lin 979d010dc2 Add support for hiding passwords in a collection 
Ref: https://github.com/bitwarden/server/pull/743
 2020-07-02 21:51:20 -07:00
BlackDex ac2723f898 Updated Organizations overview 
- Changed HTML to match users overview
- Added User count
- Added Org cipher amount
- Added Attachment count and size
 2020-06-03 20:37:31 +02:00
BlackDex 2fffaec226 Added attachment info per user and some layout fix 
- Added the amount and size of the attachments per user
- Changed the items count function a bit
- Some small layout changes
 2020-06-03 17:57:03 +02:00
BlackDex 3c66deb5cc Redesign of the admin interface. 
Main changes:
 - Splitted up settings and users into two separate pages.
 - Added verified shield when the e-mail address has been verified.
 - Added the amount of personal items in the database to the users overview.
 - Added Organizations and Diagnostics pages.
   - Shows if DNS resolving works.
   - Shows if there is a posible time drift.
   - Shows current versions of server and web-vault.
 - Optimized logo-gray.png using optipng

Items which can be added later:
 - Amount of cipher items accessible for a user, not only his personal items.
 - Amount of users per Org
 - Version update check in the diagnostics overview.
 - Copy/Pasteable runtime config which has sensitive data changed or removed for support questions either on the forum or github issues.
 - Option to delete Orgs and all its passwords (when there are no members anymore).
 - Etc....
 2020-05-28 10:46:25 +02:00
Daniel García aee1ea032b
Merge pull request #989 from theycallmesteve/update_responses 
Update responses
 2020-05-13 22:34:16 +02:00
theycallmesteve 08afc312c3
Add missing items to profileOrganization response model 2020-05-08 13:39:17 -04:00
theycallmesteve 6a8c65493f
Rename collection_user_details to collection_read_only to reflect the response model 2020-05-08 13:37:40 -04:00
theycallmesteve dfdf4473ea
Rename to_json_list to to_json_provder to reflect the response model 2020-05-08 13:36:35 -04:00
theycallmesteve 632f4d5453
Whitespace fixes 2020-05-07 18:02:37 -04:00
Daniel García 9cca64003a
Remove unused dependency and simple feature, update dependencies and fix some clippy lints 2020-05-03 17:24:51 +02:00
Daniel García e3b00b59a7
Initial support for soft deletes 2020-04-17 22:35:27 +02:00
BlackDex 1ee8e44912 Fixed issue #965 
PostgreSQL updates/inserts ignored None/null values.
This is nice for new entries, but not for updates.
Added derive option to allways add these none/null values for Option<>
variables.

This solves issue #965
 2020-04-15 16:49:33 +02:00
Daniel García adf47827c9
Make sure the data field is always returned, otherwise the mobile apps seem to have issues 2020-03-30 22:19:50 +02:00
BlackDex 078234d8b3 Small change for rocket compatibilty 2020-03-16 16:36:44 +01:00
Daniel García 40c339db9b
Fix postgres policies, second try 2020-03-14 23:53:12 +01:00
Daniel García 819f340f39
Fix issue with postgres 2020-03-14 23:35:34 +01:00
Daniel García 3fa78e7bb1
Initial version of policies 2020-03-14 13:32:28 +01:00
Daniel García 325039c316
Attachment size limits, per-user and per-organization 2020-02-17 22:56:26 +01:00
Miro Prasil 03233429f4 Remove check from Invitation:take() 
I've checked the spots when `Invitation::new()` and `Invitation::take()`
are used and it seems like all spots are already correctly gated. So to
enable invitations via admin API even when invitations are otherwise
disabled, this check can be removed.
 2020-02-16 20:28:50 +00:00
Michael Powers e196ba6e86
Switch error handling to ? operator instead of explicit handling. 2020-01-16 08:14:25 -05:00
Michael Powers 76743aee48
Fixes #635 - Unique constraint violation when using U2F tokens on PostgreSQL 
Because of differences in how .on_conflict() works compared to .replace_into() the PostgreSQL backend wasn't correctly ensuring the unique constraint on user_uuid and atype wasn't getting violated.

This change simply issues a DELETE on the unique constraint prior to the insert to ensure uniqueness. PostgreSQL does not support multiple constraints in ON CONFLICT clauses.
 2020-01-13 21:53:57 -05:00
tomuta bd1e8be328 Implement change-email, email-verification, account-recovery, and welcome notifications 2019-11-24 22:28:49 -07:00
BlackDex 3442eb1b9d Trying to fix issue #687 
- Using an older commit from rocket repo
 2019-11-04 14:30:24 +01:00
Daniel García fccc0a4b05
Update rocket to latest master 
Downgrade rust version to fix cargo issue
Set rustup profile to minimal
 2019-10-25 21:48:10 +02:00
Daniel García dc515b83f3
Merge pull request #657 from BlackDex/totp-timedrift 
Updated authenticator TOTP
 2019-10-12 16:33:43 +02:00
BlackDex 2cde814aaa Fixed a bug with the sqlite backup feature. 
When a custom path is used the backup feature does not work.
Changed it so it will take the path of the sqlite file and use that.
 2019-10-11 12:08:40 +02:00
BlackDex ebf40099f2 Updated authenticator TOTP 
- Added security check for previouse used codes
- Allow TOTP codes with 1 step back and forward when there is a time
drift. This means in total 3 codes could be valid. But only newer codes
then the previouse used codes are excepted after that.
 2019-10-10 17:32:20 +02:00
Daniel García 4c07f05b3a
Remove Result<T, E: Debug> in preparation of deprecation as Rocket responder. 
Removed unnecessary returns
 2019-09-17 21:05:56 +02:00
Michael Powers f5f9861a78
Adds support for PostgreSQL which resolves #87 and is mentioned in #246. 
This includes migrations as well as Dockerfile's for amd64.

The biggest change is that replace_into isn't supported by Diesel for the
PostgreSQL backend, instead requiring the use of on_conflict. This
unfortunately requires a branch for save() on all of the models currently
using replace_into.
 2019-09-12 16:12:22 -04:00
Daniel García df8114f8be
Updated client kdf iterations to 100000 and fixed some lints 2019-09-05 21:56:12 +02:00
vpl 6d460b44b0 Use saved token for email 2fa codes 2019-08-04 17:21:57 +02:00
vpl 29aedd388e Add email code logic and move two_factor into separate modules 2019-08-04 16:56:41 +02:00
Daniel García 05a1137828
Move backend checks to build.rs to fail fast, and updated dependencies 2019-07-09 17:26:34 +02:00
Daniel García 76f38621de
Update dependencies and remove unwraps from Cipher::to_json 2019-06-14 22:51:50 +02:00
Daniel García 12af32b9ea
Don't print DB URL 2019-06-02 13:39:16 +02:00
Daniel García 1322b876e9
Merge pull request #493 from endyman/feature/initial_mysql_support 
Initial support for mysql
 2019-06-01 23:33:06 +02:00
Nils Domrose dc36f0cb6c re-added sqlite check_db code, cleanup 2019-05-27 22:58:52 +02:00
Nils Domrose ff759397f6 initial mysql support 2019-05-26 23:03:05 +02:00
Emil Madsen 233b48bdad Fix missing joinable in schema 2019-05-20 21:30:31 +02:00
Emil Madsen e22e290f67 Fix key and type variable names for mysql 2019-05-20 21:24:29 +02:00
Emil Madsen ab95a69dc8 Rework migrations for MySQL 2019-05-20 21:12:41 +02:00
Emil Madsen 85c8a01f4a Merge branch 'master' of github.com:Skeen/bitwarden_rs 2019-05-20 19:53:18 +02:00
Emil Madsen 42af7c6dab MySQL database 2019-05-20 19:53:14 +02:00
TheMardy ef551f4cc6 Create Backup funcitonality 
Added create backup functionality to the admin panel
 2019-05-03 15:46:29 +02:00
Daniel García bf20355c5e
Merge branch 'duo' 2019-04-14 22:02:55 +02:00
Daniel García 0136c793b4
Implement better user status API, in the future we'll probably want a way to disable users. 
We should migrate from the empty password hash to a separate column then.
 2019-04-13 00:01:52 +02:00
Daniel García 621f607297
Update dependencies and fix some warnings 2019-04-11 15:40:19 +02:00
Daniel García 43f9038325
Add option to force resync clients in admin panel 2019-03-07 21:08:33 +01:00
Daniel García 7d2bc9e162
Added option to force 2fa at logins and made some changes to two factor code. 
Added newlines to config options to keep them a reasonable length.
 2019-03-03 16:09:15 +01:00
Дамјан Георгиевски 473f8b8e31 remove some unneeded mutability 2019-02-22 20:25:50 +01:00
Daniel García 9636f33fdb
Implement constant time equal check for admin, 2fa recover and 2fa remember tokens 2019-02-11 23:45:55 +01:00
Daniel García 8b4a6f2a64
Fixed some clippy lints and changed update_uuid_revision to only use one db query 2019-02-08 18:45:07 +01:00
Miroslav Prasil 08ca47cadb Update revision when adding or removing cipher from collection 2019-02-06 14:47:47 +00:00
Miroslav Prasil 5272b465cc Update revision of affected users when deleting Collection 2019-02-06 13:39:32 +00:00
Miroslav Prasil bce656c787 Retry updating revision - fixes #383 2019-02-05 11:52:11 +00:00
Daniel García bef1183c49
Only send one notification per vault import and purge, improve move ciphers functions 2019-01-28 00:39:14 +01:00
Daniel García 69036cc6a4
Add disabled user badge (no password) and deauthorize button to admin page. 2019-01-26 19:28:54 +01:00
Daniel García 700e084101
Add 2FA icon to admin panel 2019-01-25 18:50:57 +01:00
Daniel García a1dc47b826
Change config to thread-safe system, needed for a future config panel. 
Improved some two factor methods.
 2019-01-25 18:24:57 +01:00
Daniel García 86de0ca17b
Fix editing users from collections menu 2019-01-25 17:43:51 +01:00
Stephen White fc0e239bdf No point calling find_by_uuid now we don't use the result. 2019-01-25 14:25:15 +00:00
Stephen White 928ad6c1d8 Fix the list of users with access to a collection to display correctly. 
https://github.com/dani-garcia/bitwarden_rs/issues/364
 2019-01-25 14:18:06 +00:00
Daniel García ddd49596ba
Fix invite empty email 2019-01-22 17:26:17 +01:00
Daniel García 834c847746
Implement admin JWT cookie, separate JWT issuers for each type of token and migrate admin page to handlebars template 2019-01-19 21:41:49 +01:00
Daniel García 6f52104324
Fix casing error in Attachment, should fix 'Attachment doesn't exist' errors 2019-01-11 01:35:15 +01:00
Daniel García 30e768613b
Start using rustfmt and some style changes to make some lines shorter 2018-12-30 23:34:31 +01:00
Daniel García acb9d1b3c6
Remove config option for admin email, embdedded admin page, managed IO::Error, and added security and cache headers globally 2018-12-30 21:43:56 +01:00
Daniel García b2fc0499f6
Finish invite functionality, and remove virtual organization 2018-12-30 21:40:26 +01:00
Daniel García 6a99849a1e
Implemented proper error handling, now we can do user.save($conn)?; and it works. 
In the future, maybe we can do the same with the `find_by_id` methods that return an Option.
 2018-12-30 21:31:12 +01:00
Daniel García 1b5134dfe2
Fixed delete user when 2FA is enabled, implemented delete user for admin panel, and the front-end part for invite user. Secured admin panel behind a configurable token. 2018-12-30 21:31:11 +01:00
Daniel García 004a3f891f
Merge pull request #315 from aksdb/master 
Restrict join on users_collections to current user (fixes #313)
 2018-12-28 21:06:30 +01:00
Andreas Schneider e7ea5097f4 Restrict join on users_collections to current user (fixes #313) 2018-12-28 15:25:51 +01:00
Miroslav Prasil 8451a70de6 Rewrite find_by_user_uuid to use one query 2018-12-27 18:56:01 +01:00
Daniel García 4e827e4f8a
Implement better retry and use it while saving device 2018-12-12 22:15:54 +01:00
Daniel García 7adc045b80
Updated IP logging to use client_ip, to match old remote behavior. 
Improved error logging, now it won't show a generic error message in some situations.
Removed delete device, which is not needed as it will be overwritten later.
Logged more info when an error occurs saving a device.
Added orgmanager to JWT claims.
 2018-12-09 17:58:38 +01:00
Daniel García 738ad2127b
Fixed some clippy linting issues 2018-12-07 15:01:29 +01:00
Daniel García cb930a0858
Remove some required values during login, now uses default values 2018-12-07 14:32:40 +01:00
Daniel García 94810c106a
Migrate to rust 2018 edition 2018-12-07 02:05:45 +01:00
Daniel García 2fde4e6933
Implemented proper logging, with support for file logging, timestamp and syslog (this last one is untested) 2018-12-06 20:35:25 +01:00
Daniel García 6364c05789
Fix attachments during key rotation, add individual attachment key 2018-11-27 17:24:12 +01:00
Daniel García f71f10eac6
Implemented key rotation with the latest vault 2018-11-24 23:00:41 +01:00
Daniel García 5edbd0e952
Merge branch 'master' into rocket-0.4 
# Conflicts:
#	Cargo.lock
#	Cargo.toml
#	src/api/core/mod.rs
 2018-11-19 19:52:43 +01:00
Miroslav Prasil 044cf19913 Prevent accepted user from seeing ciphers until confirmed (fixes #196) 2018-11-16 14:21:26 +00:00
Daniel García f84cbeaaf8
Merge branch 'master' into rocket-0.4 
# Conflicts:
#	src/db/models/organization.rs
 2018-11-14 16:14:49 +01:00
Miroslav Prasil dd684753d0 Fix gt() 2018-11-13 21:38:56 +00:00
Miroslav Prasil f3e6cc6ffd Set PartialOrd to consider invalid i32 UserOrgType lower than anything 2018-11-13 16:34:21 +00:00
Miroslav Prasil 66a4c5d48b Implement comparison between i32 and UserOrgType 2018-11-12 17:13:25 +00:00
Daniel García c673370103
Updated bw_rs to Rocket version 0.4-rc1 2018-11-01 19:25:09 +01:00
Daniel García 02fd68d63b
Merge pull request #218 from janost/refactor-folder-save 
Folder::save() should return QueryResult instead of bool
 2018-10-14 20:07:27 +02:00
janost e985221b50 User::save() should return QueryResult instead of bool 2018-10-14 19:33:12 +02:00
janost 77cf63c06d Folder::save() should return QueryResult instead of bool 2018-10-14 18:25:04 +02:00
Daniel García faec050a6d
Merge pull request #217 from janost/refactor-device-save 
Device::save() should return QueryResult instead of bool
 2018-10-14 17:35:59 +02:00
janost 58a78ffa54 Device::save() should return QueryResult instead of bool 2018-10-14 16:17:37 +02:00
janost 64f6c60bfd Organization::save() and UserOrganization::save() should return QueryResult instead of bool 2018-10-14 16:04:23 +02:00
Miroslav Prasil a28caa33ef Implement poor man's admin panel 2018-10-12 15:20:10 +01:00
janost 5292d38c73 CollectionCipher::save() and delete() should return QueryResult instead of bool 2018-10-07 11:06:11 +02:00
janost 380cf06211 Cipher::save() should return QueryResult instead of bool 2018-10-06 14:13:49 +02:00
Miroslav Prasil 54f54ee845 Update revision for users on collection save 2018-10-01 17:04:15 +01:00
Miroslav Prasil c3c74506a7 Add missing fields to returned Org json 2018-10-01 16:00:11 +01:00
Daniel García ebb66c374e
Implement KDF iterations change (Fixes #195) 2018-09-19 17:30:14 +02:00