Commit Graph

2421 Commits

Author SHA1 Message Date
Daniel García
a54065420c
Merge branch 'stefan0xC-fix-invitation-of-new-users' 2022-10-19 20:20:14 +02:00
Stefan Melmuk
aa5a05960e
allow registration without invite link
if signups are allowed invited users should be able to complete their
registration even when they don't have the invite link at hand.
2022-10-18 12:49:07 +02:00
BlackDex
f41ba2a60f
Fix master password hint update not working.
- The Master Password Hint input has changed it's location to the
password update form. This PR updates the the code to process this.

- Also changed the `ProfileData` struct to exclude `Culture` and
`MasterPasswordHint`, since both are not used at all, and when not
defined they will also not be allocated.

Fixes #2833
2022-10-17 17:23:21 +02:00
Stefan Melmuk
2215cfefb9
fix invitations of new users when mail is disabled
If you add a new user that has already been Invited to another
organization they will be Accepted automatically. This should not be
possible because they cannot be Confirmed until they have completed
their registration. It is also not necessary because their invitation
will be accepted automatically once they register.
2022-10-15 16:19:26 +02:00
Stefan Melmuk
4289663a16
use static_files() for email attachments
Apply suggestions from code review

Co-authored-by: Mathijs van Veluw <black.dex@gmail.com>
2022-10-15 04:59:33 +02:00
Stefan Melmuk
ea19c2250e
attach images to email
Set SMTP_EMBED_IMAGES option to false if you don't want to attach images
to the mail.

NOTE: If you have customized the template files `email_header.hbs` and
`email_footer.hbs` you can replace `{url}/vw_static/` to `{img_url}`
to support both URL schemes
2022-10-15 04:59:31 +02:00
Daniel García
638766b346
Update web-vault to 2022.10.0 and dependencies 2022-10-14 18:21:01 +02:00
Daniel García
d1ff136552
Merge branch 'stefan0xC-check-data-folder-permissions' 2022-10-14 17:56:48 +02:00
Jeremy Lin
46ec11de12
Update CSP for DuckDuckGo email forwarding
Upstream PR: https://github.com/bitwarden/clients/pull/3630
2022-10-14 17:56:42 +02:00
Jeremy Lin
4283a49e0b
Reformat CSP header for readability 2022-10-14 17:56:42 +02:00
Jeremy Lin
1e32db8c41
Add CreationDate to cipher response JSON
Upstream PR: https://github.com/bitwarden/server/pull/2142
2022-10-14 17:56:42 +02:00
Stefan Melmuk
0f944ec7e2
fix link of license badge
master branch has been renamed to main.
2022-10-14 17:56:41 +02:00
Daniel García
736dbc9553
Merge branch 'jjlin-csp' 2022-10-14 17:56:03 +02:00
Jeremy Lin
b4a38f1f63
Add CreationDate to cipher response JSON
Upstream PR: https://github.com/bitwarden/server/pull/2142
2022-10-14 17:56:00 +02:00
Stefan Melmuk
646186fe38
fix link of license badge
master branch has been renamed to main.
2022-10-14 17:55:59 +02:00
Daniel García
c2725916f4
Merge branch 'jjlin-creation-date' 2022-10-14 17:55:31 +02:00
Stefan Melmuk
fd334e2b7d
fix link of license badge
master branch has been renamed to main.
2022-10-14 17:55:27 +02:00
Daniel García
f9feca1ce4
Merge branch 'stefan0xC-fix-link-in-license-badge' 2022-10-14 17:54:57 +02:00
Stefan Melmuk
677fd2ff32
fix link of license badge
master branch has been renamed to main.
2022-10-12 20:18:18 +02:00
Jeremy Lin
f49eb8eb4d
Add CreationDate to cipher response JSON
Upstream PR: https://github.com/bitwarden/server/pull/2142
2022-10-12 00:17:09 -07:00
Jeremy Lin
b0e0d68632
Update CSP for DuckDuckGo email forwarding
Upstream PR: https://github.com/bitwarden/clients/pull/3630
2022-10-11 21:39:12 -07:00
Jeremy Lin
f3c8c16d79
Reformat CSP header for readability 2022-10-11 21:39:02 -07:00
Stefan Melmuk
2dd5086916
more verbose permission denied error
be a bit more verbose about why a file could not be created when it is
caused by a permission denied error.
2022-10-12 01:31:10 +02:00
Stefan Melmuk
7532072d50
add check if data folder is a directory 2022-10-12 01:26:28 +02:00
Daniel García
382e6107fe
Update dependencies 2022-10-09 17:40:45 +02:00
Daniel García
e6c6609e19
8bit Solutions LLC. -> Bitwarden, Inc. 2022-10-09 17:13:46 +02:00
Daniel García
4cb5918950
Update web vault to v2022.9.2 2022-10-09 17:13:32 +02:00
Daniel García
55030f3687
Merge branch 'stefan0xC-return-token-expired-message' 2022-10-09 16:22:33 +02:00
Stefan Melmuk
ef4072e4ff
improve spelling of minimum expiration hours check
Co-authored-by: Helmut K. C. Tessarek <tessarek@evermeet.cx>
2022-10-09 16:21:13 +02:00
Stefan Melmuk
c78d383ed1
make invitation expiration time configurable
configure the number of hours after which organization invites,
emergency access invites, email verification emails and account deletion
requests expire (defaults to 5 days or 120 hours and must be atleast 1)
2022-10-09 16:21:13 +02:00
Stefan Melmuk
5b96270874
return "Object" for consistency
Co-authored-by: Jeremy Lin <jjlin@users.noreply.github.com>
2022-10-09 16:21:12 +02:00
Stefan Melmuk
2c0742387b
return CaptchaBypassToken and register object 2022-10-09 16:21:12 +02:00
Stefan Melmuk
1704d14f29
v2022.9.2 expects a json response when registering 2022-10-09 16:21:12 +02:00
Stefan Melmuk
2d7ffbf378
allow the removal of non-confirmed owners
ensure user_to_edit and user_to_delete are actually confirmed users,
before checking if they are the last owner of an organization.
2022-10-09 16:21:11 +02:00
Daniel García
dfd63f85c0
Merge branch 'stefan0xC-configure-expirations' 2022-10-09 16:20:07 +02:00
Stefan Melmuk
cd0c49eaf6
return "Object" for consistency
Co-authored-by: Jeremy Lin <jjlin@users.noreply.github.com>
2022-10-09 16:19:33 +02:00
Stefan Melmuk
080e38d227
return CaptchaBypassToken and register object 2022-10-09 16:19:32 +02:00
Stefan Melmuk
1a664fba6a
v2022.9.2 expects a json response when registering 2022-10-09 16:19:32 +02:00
Stefan Melmuk
c915ef815d
allow the removal of non-confirmed owners
ensure user_to_edit and user_to_delete are actually confirmed users,
before checking if they are the last owner of an organization.
2022-10-09 16:19:32 +02:00
Daniel García
adea4ec54d
Merge branch 'stefan0xC-update-to-v2022.9.2' 2022-10-09 16:17:16 +02:00
Stefan Melmuk
387b5eb2dd
allow the removal of non-confirmed owners
ensure user_to_edit and user_to_delete are actually confirmed users,
before checking if they are the last owner of an organization.
2022-10-09 16:17:11 +02:00
Daniel García
6337af59ed
Merge branch 'stefan0xC-allow-removal-of-invited-owners' 2022-10-09 16:13:57 +02:00
Stefan Melmuk
475c7b8f16
return more descriptive JWT validation messages 2022-10-09 13:55:22 +02:00
Stefan Melmuk
ac120be1c6
improve spelling of minimum expiration hours check
Co-authored-by: Helmut K. C. Tessarek <tessarek@evermeet.cx>
2022-10-09 05:50:43 +02:00
Stefan Melmuk
b70316e6d3
make invitation expiration time configurable
configure the number of hours after which organization invites,
emergency access invites, email verification emails and account deletion
requests expire (defaults to 5 days or 120 hours and must be atleast 1)
2022-10-08 18:37:16 +02:00
Stefan Melmuk
0a0f620d0b
return "Object" for consistency
Co-authored-by: Jeremy Lin <jjlin@users.noreply.github.com>
2022-10-08 10:27:33 +02:00
Stefan Melmuk
9132cc4a30
return CaptchaBypassToken and register object 2022-10-07 08:06:55 +02:00
Stefan Melmuk
e50edcadfb
v2022.9.2 expects a json response when registering 2022-10-07 03:00:52 +02:00
Stefan Melmuk
2685099720
allow the removal of non-confirmed owners
ensure user_to_edit and user_to_delete are actually confirmed users,
before checking if they are the last owner of an organization.
2022-09-27 10:21:23 +02:00
Daniel García
6fa6eb18e8
Remove unused value in config endpoint 2022-09-25 19:22:05 +02:00