9f86196a9d
Add support for the Personal Ownership policy
Upstream refs:
* https://github.com/bitwarden/server/pull/1013
* https://bitwarden.com/help/article/policies/#personal-ownership
4 years ago
7cf8809d77
Adding Manager Role support
This has been requested a few times (#1136 & #246 & forum), and there already were two
(1:1 duplicate) PR's (#1222 & #1223 ) which needed some changes and no
followups or further comments unfortunally.
This PR adds two auth headers.
- ManagerHeaders
Checks if the user-type is Manager or higher and if the manager is
part of that collection or not.
- ManagerHeadersLoose
Check if the user-type is Manager or higher, but does not check if the
user is part of the collection, needed for a few features like
retreiving all the users of an org.
I think this is the safest way to implement this instead of having to
check this within every function which needs this manually.
Also some extra checks if a manager has access to all collections or
just a selection.
fixes #1136
4 years ago
9a47821642
Fixed creating a new organization
- The new web-vault needs a new api endpoint.
- Added this new endpoint.
Fixes #1139
4 years ago
570d6c8bf9
Add support for restricting org creation to certain users
5 years ago
668d5c23dc
Removed try_trait and some formatting, particularly around imports
5 years ago
979d010dc2
Add support for hiding passwords in a collection
Ref: https://github.com/bitwarden/server/pull/743
5 years ago
a314933557
Allow email changes for existing accounts even when signups are disabled
5 years ago
6a8c65493f
Rename collection_user_details to collection_read_only to reflect the response model
5 years ago
e4d08836e2
Make org owner invitations respect the email domain whitelist
This closes a loophole where org owners can invite new users from any domain.
5 years ago
94341f9f3f
Fix token error while accepting invite
5 years ago
3fa78e7bb1
Initial version of policies
5 years ago
d29b6bee28
Remove unnecessary clones and other clippy fixes
5 years ago
e22e290f67
Fix key and type variable names for mysql
6 years ago
473f8b8e31
remove some unneeded mutability
6 years ago
820c8b0dce
Change use of deserialize_with for Option iterator
6 years ago
8b4a6f2a64
Fixed some clippy lints and changed update_uuid_revision to only use one db query
6 years ago
86ed75bf7c
Config can now be serialized / deserialized
6 years ago
a1dc47b826
Change config to thread-safe system, needed for a future config panel.
Improved some two factor methods.
6 years ago
86de0ca17b
Fix editing users from collections menu
6 years ago
928ad6c1d8
Fix the list of users with access to a collection to display correctly.
https://github.com/dani-garcia/bitwarden_rs/issues/364
6 years ago
834c847746
Implement admin JWT cookie, separate JWT issuers for each type of token and migrate admin page to handlebars template
6 years ago
4309df8334
Only create invitations when SMTP is disabled, and ignore invitations if we have a token.
Disallow users from accepting invitation twice
6 years ago
f1161c65fb
Make sure an invitation is created when reinviting
6 years ago
21b85b78b1
Changed reinvite check and removed obsolete comment
6 years ago
0a74e79cea
Refactor generate_invite_claims, make org_name and org_id optional
6 years ago
7db66f73f0
Refactor invited_by_email check
6 years ago
cec28a85ac
Update admin page to work with new invitation flow
6 years ago
736c0e62f2
Send emails to inviters/invitees when invites are accepted/confirmed
6 years ago
30e768613b
Start using rustfmt and some style changes to make some lines shorter
6 years ago
2bb0b15e04
Implemented better errors for JWT
6 years ago
250a2b340f
Use new Errors in latest changes
6 years ago
b2fc0499f6
Finish invite functionality, and remove virtual organization
6 years ago
6a99849a1e
Implemented proper error handling, now we can do `user.save($conn)?;` and it works.
In the future, maybe we can do the same with the `find_by_id` methods that return an Option.
6 years ago
f20c4705d9
Refactor invite claims and disallow reinvites to virtual_org
6 years ago
3142d8d01f
Add more detail to invitation not found error
6 years ago
84fa5a4ed6
Implement reinvite endpoint
6 years ago
b0ac640d8b
Use JWT to validate existing user invites
6 years ago
99256b9b3a
Prefix unused params with underscore
6 years ago
26bf7bc12f
Use upstream jslib invite/registration workflow
6 years ago
042c1072d9
Remove CONFIG.email_invitation option
6 years ago
4910b14d57
Implement email invitations and registration workflow
6 years ago
94810c106a
Migrate to rust 2018 edition
6 years ago
66a4c5d48b
Implement comparison between i32 and UserOrgType
6 years ago
c673370103
Updated bw_rs to Rocket version 0.4-rc1
6 years ago
e985221b50
User::save() should return QueryResult instead of bool
6 years ago
64f6c60bfd
Organization::save() and UserOrganization::save() should return QueryResult instead of bool
6 years ago
a28caa33ef
Implement poor man's admin panel
6 years ago
5292d38c73
CollectionCipher::save() and delete() should return QueryResult instead of bool
6 years ago
c29bc9309a
Return proper error message for org reinvite
6 years ago
d9457e929c
Add continuation token when we return object list
6 years ago
Jeremy Lin
BlackDex
Daniel García
theycallmesteve
Emil Madsen
Дамјан Георгиевски
Stephen White
Nick Fox
Miroslav Prasil
janost