The claims contains the current rights of which orgs the user belongs
to and what rights it has. This is usefull for requests which do not
provide any organization ID in the requests, but we need it to verify if
that request is allowed to be executed. This saves complex database
calls since it is already in the claims.
There is one downside. If the user level has been changed, or is added
to a new org, the claims are not updated instantly. A user should log
out and back in to receive the correct claims/rights.
Ignore a missing `id` query param; it's unclear what this ID represents,
but it wasn't being used in the existing bitwarden_rs code, and no longer
seems to be sent in the latest versions of the official clients.
* Switch healthcheck interval/timeout from 30s/3s to 60s/10s.
30s interval is arguably overkill, and 3s timeout is definitely too short
for lower end machines.
* Use HEALTHCHECK CMD exec form to avoid superfluous `sh` invocations.
* Add `--silent --show-error` flags to curl call to avoid progress meter being
shown in healthcheck logs.
The organization uuid is most of the time within the uri path as a
parameter. But sometimes it only is there as a query value.
This fix checks both, and returns the uuid when possible.
During migrations some queries are out of order regarding to foreign
keys.
Because of this the migrations fail when the sql database has this
enforced by default.
Turning of this check during the migrations will fix this and this is
only per session.
If SSL is disabled, the SMTP ClientSecurity of the lettre crate
defaults to None, that is, an insecure connection. This is changed to
Opportunistic, which uses TLS if available. If TLS is not available,
the insecure connection is used (i.e., this change is backward
compatible).
BlackDex
Daniel García
Jeremy Lin
Jeremy Lin
Ymage
Lukas Eßmann
Samuel Leweke