Spiegel von
https://github.com/dani-garcia/vaultwarden.git
synchronisiert 2024-05-18 15:00:04 +02:00
Commits vergleichen
3 Commits
f39bcf15e0
...
7b59c17e3f
Autor | SHA1 | Datum | |
---|---|---|---|
7b59c17e3f | |||
ea78965651 | |||
0fe93edea6 |
|
@ -366,6 +366,13 @@
|
|||
## routes and static file, websocket and alive requests
|
||||
# LOG_LEVEL=info
|
||||
|
||||
## log level target override
|
||||
## Change the verbosity of specific log output
|
||||
## Format is a line for each "target=log_level"
|
||||
#LOG_LEVEL_OVERRIDE="
|
||||
#routes=warn
|
||||
#"
|
||||
|
||||
## Token for the admin interface, preferably an Argon2 PCH string
|
||||
## Vaultwarden has a built-in generator by calling `vaultwarden hash`
|
||||
## For details see: https://github.com/dani-garcia/vaultwarden/wiki/Enabling-admin-page#secure-the-admin_token
|
||||
|
|
|
@ -10,6 +10,7 @@ use rocket::{
|
|||
};
|
||||
use serde_json::Value;
|
||||
|
||||
use crate::util::NumberOrString;
|
||||
use crate::{
|
||||
api::{self, core::log_event, EmptyResult, JsonResult, JsonUpcase, Notify, PasswordOrOtpData, UpdateType},
|
||||
auth::Headers,
|
||||
|
@ -964,7 +965,7 @@ async fn get_attachment(uuid: &str, attachment_id: &str, headers: Headers, mut c
|
|||
struct AttachmentRequestData {
|
||||
Key: String,
|
||||
FileName: String,
|
||||
FileSize: i64,
|
||||
FileSize: NumberOrString,
|
||||
AdminRequest: Option<bool>, // true when attaching from an org vault view
|
||||
}
|
||||
|
||||
|
@ -994,12 +995,14 @@ async fn post_attachment_v2(
|
|||
}
|
||||
|
||||
let data: AttachmentRequestData = data.into_inner().data;
|
||||
if data.FileSize < 0 {
|
||||
let file_size = data.FileSize.into_i64()?;
|
||||
|
||||
if file_size < 0 {
|
||||
err!("Attachment size can't be negative")
|
||||
}
|
||||
let attachment_id = crypto::generate_attachment_id();
|
||||
let attachment =
|
||||
Attachment::new(attachment_id.clone(), cipher.uuid.clone(), data.FileName, data.FileSize, Some(data.Key));
|
||||
Attachment::new(attachment_id.clone(), cipher.uuid.clone(), data.FileName, file_size, Some(data.Key));
|
||||
attachment.save(&mut conn).await.expect("Error saving attachment");
|
||||
|
||||
let url = format!("/ciphers/{}/attachment/{}", cipher.uuid, attachment_id);
|
||||
|
|
|
@ -295,7 +295,12 @@ async fn _password_login(
|
|||
"KdfIterations": user.client_kdf_iter,
|
||||
"KdfMemory": user.client_kdf_memory,
|
||||
"KdfParallelism": user.client_kdf_parallelism,
|
||||
"ResetMasterPassword": false,// TODO: Same as above
|
||||
"ResetMasterPassword": false, // TODO: Same as above
|
||||
"ForcePasswordReset": false,
|
||||
"MasterPasswordPolicy": {
|
||||
"object": "masterPasswordPolicy",
|
||||
},
|
||||
|
||||
"scope": scope,
|
||||
"unofficialServer": true,
|
||||
"UserDecryptionOptions": {
|
||||
|
|
|
@ -1,8 +1,10 @@
|
|||
use std::env::consts::EXE_SUFFIX;
|
||||
use std::process::exit;
|
||||
use std::str::FromStr;
|
||||
use std::sync::RwLock;
|
||||
|
||||
use job_scheduler_ng::Schedule;
|
||||
use log::LevelFilter;
|
||||
use once_cell::sync::Lazy;
|
||||
use reqwest::Url;
|
||||
|
||||
|
@ -566,6 +568,8 @@ make_config! {
|
|||
log_file: String, false, option;
|
||||
/// Log level
|
||||
log_level: String, false, def, "Info".to_string();
|
||||
/// Override individual log level
|
||||
log_level_override: String, false, def, String::new();
|
||||
|
||||
/// Enable DB WAL |> Turning this off might lead to worse performance, but might help if using vaultwarden on some exotic filesystems,
|
||||
/// that do not support WAL. Please make sure you read project wiki on the topic before changing this setting.
|
||||
|
@ -1060,6 +1064,26 @@ fn smtp_convert_deprecated_ssl_options(smtp_ssl: Option<bool>, smtp_explicit_tls
|
|||
"starttls".to_string()
|
||||
}
|
||||
|
||||
/// Allow to parse a multiline list of Key/Values (`key=value`)
|
||||
/// Will ignore comment lines (starting with `//`)
|
||||
fn parse_param_list(config: String) -> Vec<(String, String)> {
|
||||
config
|
||||
.lines()
|
||||
.map(|l| l.trim())
|
||||
.filter(|l| !l.is_empty() && !l.starts_with("//"))
|
||||
.filter_map(|l| {
|
||||
let split = l.split('=').collect::<Vec<&str>>();
|
||||
match &split[..] {
|
||||
[key, value] => Some(((*key).to_string(), (*value).to_string())),
|
||||
_ => {
|
||||
println!("[WARNING] Failed to parse ({l}). Expected key=value");
|
||||
None
|
||||
}
|
||||
}
|
||||
})
|
||||
.collect()
|
||||
}
|
||||
|
||||
impl Config {
|
||||
pub fn load() -> Result<Self, Error> {
|
||||
// Loading from env and file
|
||||
|
@ -1249,6 +1273,19 @@ impl Config {
|
|||
}
|
||||
}
|
||||
}
|
||||
|
||||
pub fn log_overrides(&self) -> Vec<(String, LevelFilter)> {
|
||||
parse_param_list(self.log_level_override())
|
||||
.into_iter()
|
||||
.filter_map(|(k, v)| match LevelFilter::from_str(&v) {
|
||||
Ok(lv) => Some((k, lv)),
|
||||
Err(_) => {
|
||||
println!("[WARNING] Invalid log level: {k}={v}");
|
||||
None
|
||||
}
|
||||
})
|
||||
.collect()
|
||||
}
|
||||
}
|
||||
|
||||
use handlebars::{
|
||||
|
|
|
@ -344,6 +344,25 @@ impl UserOrganization {
|
|||
pub async fn to_json(&self, conn: &mut DbConn) -> Value {
|
||||
let org = Organization::find_by_uuid(&self.org_uuid, conn).await.unwrap();
|
||||
|
||||
let permissions = json!({
|
||||
// TODO: Add support for Custom User Roles
|
||||
// See: https://bitwarden.com/help/article/user-types-access-control/#custom-role
|
||||
"accessEventLogs": false,
|
||||
"accessImportExport": false,
|
||||
"accessReports": false,
|
||||
"createNewCollections": false,
|
||||
"editAnyCollection": false,
|
||||
"deleteAnyCollection": false,
|
||||
"editAssignedCollections": false,
|
||||
"deleteAssignedCollections": false,
|
||||
"manageGroups": false,
|
||||
"managePolicies": false,
|
||||
"manageSso": false, // Not supported
|
||||
"manageUsers": false,
|
||||
"manageResetPassword": false,
|
||||
"manageScim": false // Not supported (Not AGPLv3 Licensed)
|
||||
});
|
||||
|
||||
// https://github.com/bitwarden/server/blob/13d1e74d6960cf0d042620b72d85bf583a4236f7/src/Api/Models/Response/ProfileOrganizationResponseModel.cs
|
||||
json!({
|
||||
"Id": self.org_uuid,
|
||||
|
@ -371,27 +390,7 @@ impl UserOrganization {
|
|||
// "KeyConnectorEnabled": false,
|
||||
// "KeyConnectorUrl": null,
|
||||
|
||||
// TODO: Add support for Custom User Roles
|
||||
// See: https://bitwarden.com/help/article/user-types-access-control/#custom-role
|
||||
// "Permissions": {
|
||||
// "AccessEventLogs": false,
|
||||
// "AccessImportExport": false,
|
||||
// "AccessReports": false,
|
||||
// "ManageAllCollections": false,
|
||||
// "CreateNewCollections": false,
|
||||
// "EditAnyCollection": false,
|
||||
// "DeleteAnyCollection": false,
|
||||
// "ManageAssignedCollections": false,
|
||||
// "editAssignedCollections": false,
|
||||
// "deleteAssignedCollections": false,
|
||||
// "ManageCiphers": false,
|
||||
// "ManageGroups": false,
|
||||
// "ManagePolicies": false,
|
||||
// "ManageResetPassword": false,
|
||||
// "ManageSso": false, // Not supported
|
||||
// "ManageUsers": false,
|
||||
// "ManageScim": false, // Not supported (Not AGPLv3 Licensed)
|
||||
// },
|
||||
"permissions": permissions,
|
||||
|
||||
"MaxStorageGb": 10, // The value doesn't matter, we don't check server-side
|
||||
|
||||
|
|
|
@ -246,6 +246,7 @@ impl User {
|
|||
"Email": self.email,
|
||||
"EmailVerified": !CONFIG.mail_enabled() || self.verified_at.is_some(),
|
||||
"Premium": true,
|
||||
"PremiumFromOrganization": false,
|
||||
"MasterPasswordHint": self.password_hint,
|
||||
"Culture": "en-US",
|
||||
"TwoFactorEnabled": twofactor_enabled,
|
||||
|
@ -257,6 +258,7 @@ impl User {
|
|||
"ProviderOrganizations": [],
|
||||
"ForcePasswordReset": false,
|
||||
"AvatarColor": self.avatar_color,
|
||||
"UsesKeyConnector": false,
|
||||
"Object": "profile",
|
||||
})
|
||||
}
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
// The more key/value pairs there are the more recursion occurs.
|
||||
// We want to keep this as low as possible, but not higher then 128.
|
||||
// If you go above 128 it will cause rust-analyzer to fail,
|
||||
#![recursion_limit = "87"]
|
||||
#![recursion_limit = "90"]
|
||||
|
||||
// When enabled use MiMalloc as malloc instead of the default malloc
|
||||
#[cfg(feature = "enable_mimalloc")]
|
||||
|
@ -284,6 +284,10 @@ fn init_logging(level: log::LevelFilter) -> Result<(), fern::InitError> {
|
|||
logger = logger.level_for("lettre::transport::smtp", log::LevelFilter::Off)
|
||||
}
|
||||
|
||||
for (path, level) in CONFIG.log_overrides() {
|
||||
logger = logger.level_for(path, level);
|
||||
}
|
||||
|
||||
if CONFIG.extended_logging() {
|
||||
logger = logger.format(|out, message, record| {
|
||||
out.finish(format_args!(
|
||||
|
|
Laden …
In neuem Issue referenzieren