Commit Graph

2172 Commits

Author SHA1 Message Date
Stefan Melmuk ed6e852904
fix invitations of new users when mail is disabled
If you add a new user that has already been Invited to another
organization they will be Accepted automatically. This should not be
possible because they cannot be Confirmed until they have completed
their registration. It is also not necessary because their invitation
will be accepted automatically once they register.
2022-10-19 20:21:58 +02:00
Daniel García a54065420c
Merge branch 'stefan0xC-fix-invitation-of-new-users' 2022-10-19 20:20:14 +02:00
Stefan Melmuk aa5a05960e
allow registration without invite link
if signups are allowed invited users should be able to complete their
registration even when they don't have the invite link at hand.
2022-10-18 12:49:07 +02:00
BlackDex f41ba2a60f
Fix master password hint update not working.
- The Master Password Hint input has changed it's location to the
password update form. This PR updates the the code to process this.

- Also changed the `ProfileData` struct to exclude `Culture` and
`MasterPasswordHint`, since both are not used at all, and when not
defined they will also not be allocated.

Fixes #2833
2022-10-17 17:23:21 +02:00
Stefan Melmuk 2215cfefb9
fix invitations of new users when mail is disabled
If you add a new user that has already been Invited to another
organization they will be Accepted automatically. This should not be
possible because they cannot be Confirmed until they have completed
their registration. It is also not necessary because their invitation
will be accepted automatically once they register.
2022-10-15 16:19:26 +02:00
Stefan Melmuk 4289663a16
use static_files() for email attachments
Apply suggestions from code review

Co-authored-by: Mathijs van Veluw <black.dex@gmail.com>
2022-10-15 04:59:33 +02:00
Stefan Melmuk ea19c2250e
attach images to email
Set SMTP_EMBED_IMAGES option to false if you don't want to attach images
to the mail.

NOTE: If you have customized the template files `email_header.hbs` and
`email_footer.hbs` you can replace `{url}/vw_static/` to `{img_url}`
to support both URL schemes
2022-10-15 04:59:31 +02:00
Daniel García 638766b346
Update web-vault to 2022.10.0 and dependencies 2022-10-14 18:21:01 +02:00
Daniel García d1ff136552
Merge branch 'stefan0xC-check-data-folder-permissions' 2022-10-14 17:56:48 +02:00
Jeremy Lin 46ec11de12
Update CSP for DuckDuckGo email forwarding
Upstream PR: https://github.com/bitwarden/clients/pull/3630
2022-10-14 17:56:42 +02:00
Jeremy Lin 4283a49e0b
Reformat CSP header for readability 2022-10-14 17:56:42 +02:00
Jeremy Lin 1e32db8c41
Add `CreationDate` to cipher response JSON
Upstream PR: https://github.com/bitwarden/server/pull/2142
2022-10-14 17:56:42 +02:00
Stefan Melmuk 0f944ec7e2
fix link of license badge
master branch has been renamed to main.
2022-10-14 17:56:41 +02:00
Daniel García 736dbc9553
Merge branch 'jjlin-csp' 2022-10-14 17:56:03 +02:00
Jeremy Lin b4a38f1f63
Add `CreationDate` to cipher response JSON
Upstream PR: https://github.com/bitwarden/server/pull/2142
2022-10-14 17:56:00 +02:00
Stefan Melmuk 646186fe38
fix link of license badge
master branch has been renamed to main.
2022-10-14 17:55:59 +02:00
Daniel García c2725916f4
Merge branch 'jjlin-creation-date' 2022-10-14 17:55:31 +02:00
Stefan Melmuk fd334e2b7d
fix link of license badge
master branch has been renamed to main.
2022-10-14 17:55:27 +02:00
Daniel García f9feca1ce4
Merge branch 'stefan0xC-fix-link-in-license-badge' 2022-10-14 17:54:57 +02:00
Stefan Melmuk 677fd2ff32
fix link of license badge
master branch has been renamed to main.
2022-10-12 20:18:18 +02:00
Jeremy Lin f49eb8eb4d
Add `CreationDate` to cipher response JSON
Upstream PR: https://github.com/bitwarden/server/pull/2142
2022-10-12 00:17:09 -07:00
Jeremy Lin b0e0d68632
Update CSP for DuckDuckGo email forwarding
Upstream PR: https://github.com/bitwarden/clients/pull/3630
2022-10-11 21:39:12 -07:00
Jeremy Lin f3c8c16d79
Reformat CSP header for readability 2022-10-11 21:39:02 -07:00
Stefan Melmuk 2dd5086916
more verbose permission denied error
be a bit more verbose about why a file could not be created when it is
caused by a permission denied error.
2022-10-12 01:31:10 +02:00
Stefan Melmuk 7532072d50
add check if data folder is a directory 2022-10-12 01:26:28 +02:00
Daniel García 382e6107fe
Update dependencies 2022-10-09 17:40:45 +02:00
Daniel García e6c6609e19
8bit Solutions LLC. -> Bitwarden, Inc. 2022-10-09 17:13:46 +02:00
Daniel García 4cb5918950
Update web vault to v2022.9.2 2022-10-09 17:13:32 +02:00
Daniel García 55030f3687
Merge branch 'stefan0xC-return-token-expired-message' 2022-10-09 16:22:33 +02:00
Stefan Melmuk ef4072e4ff
improve spelling of minimum expiration hours check
Co-authored-by: Helmut K. C. Tessarek <tessarek@evermeet.cx>
2022-10-09 16:21:13 +02:00
Stefan Melmuk c78d383ed1
make invitation expiration time configurable
configure the number of hours after which organization invites,
emergency access invites, email verification emails and account deletion
requests expire (defaults to 5 days or 120 hours and must be atleast 1)
2022-10-09 16:21:13 +02:00
Stefan Melmuk 5b96270874
return "Object" for consistency
Co-authored-by: Jeremy Lin <jjlin@users.noreply.github.com>
2022-10-09 16:21:12 +02:00
Stefan Melmuk 2c0742387b
return CaptchaBypassToken and register object 2022-10-09 16:21:12 +02:00
Stefan Melmuk 1704d14f29
v2022.9.2 expects a json response when registering 2022-10-09 16:21:12 +02:00
Stefan Melmuk 2d7ffbf378
allow the removal of non-confirmed owners
ensure user_to_edit and user_to_delete are actually confirmed users,
before checking if they are the last owner of an organization.
2022-10-09 16:21:11 +02:00
Daniel García dfd63f85c0
Merge branch 'stefan0xC-configure-expirations' 2022-10-09 16:20:07 +02:00
Stefan Melmuk cd0c49eaf6
return "Object" for consistency
Co-authored-by: Jeremy Lin <jjlin@users.noreply.github.com>
2022-10-09 16:19:33 +02:00
Stefan Melmuk 080e38d227
return CaptchaBypassToken and register object 2022-10-09 16:19:32 +02:00
Stefan Melmuk 1a664fba6a
v2022.9.2 expects a json response when registering 2022-10-09 16:19:32 +02:00
Stefan Melmuk c915ef815d
allow the removal of non-confirmed owners
ensure user_to_edit and user_to_delete are actually confirmed users,
before checking if they are the last owner of an organization.
2022-10-09 16:19:32 +02:00
Daniel García adea4ec54d
Merge branch 'stefan0xC-update-to-v2022.9.2' 2022-10-09 16:17:16 +02:00
Stefan Melmuk 387b5eb2dd
allow the removal of non-confirmed owners
ensure user_to_edit and user_to_delete are actually confirmed users,
before checking if they are the last owner of an organization.
2022-10-09 16:17:11 +02:00
Daniel García 6337af59ed
Merge branch 'stefan0xC-allow-removal-of-invited-owners' 2022-10-09 16:13:57 +02:00
Stefan Melmuk 475c7b8f16
return more descriptive JWT validation messages 2022-10-09 13:55:22 +02:00
Stefan Melmuk ac120be1c6
improve spelling of minimum expiration hours check
Co-authored-by: Helmut K. C. Tessarek <tessarek@evermeet.cx>
2022-10-09 05:50:43 +02:00
Stefan Melmuk b70316e6d3
make invitation expiration time configurable
configure the number of hours after which organization invites,
emergency access invites, email verification emails and account deletion
requests expire (defaults to 5 days or 120 hours and must be atleast 1)
2022-10-08 18:37:16 +02:00
Stefan Melmuk 0a0f620d0b
return "Object" for consistency
Co-authored-by: Jeremy Lin <jjlin@users.noreply.github.com>
2022-10-08 10:27:33 +02:00
Stefan Melmuk 9132cc4a30
return CaptchaBypassToken and register object 2022-10-07 08:06:55 +02:00
Stefan Melmuk e50edcadfb
v2022.9.2 expects a json response when registering 2022-10-07 03:00:52 +02:00
Stefan Melmuk 2685099720
allow the removal of non-confirmed owners
ensure user_to_edit and user_to_delete are actually confirmed users,
before checking if they are the last owner of an organization.
2022-09-27 10:21:23 +02:00