diff options
author | Mathijs van Veluw <[email protected]> | 2024-08-30 21:37:59 +0200 |
---|---|---|
committer | GitHub <[email protected]> | 2024-08-30 21:37:59 +0200 |
commit | 544b7229e8cc49436d3872ba2022e09231552fa7 (patch) | |
tree | c322a0e2e9147f02185eafb2ecac6d37bedaa694 /.env.template | |
parent | 978f0092937c3a62f2de4ddc487137429754d3c0 (diff) | |
download | vaultwarden-544b7229e8cc49436d3872ba2022e09231552fa7.tar.gz vaultwarden-544b7229e8cc49436d3872ba2022e09231552fa7.zip |
Allow enforcing Single Org with pw reset policy (#4903)
* Allow enforcing Single Org with pw reset policy
Bitwarden only allows the Reset Password policy to be set when the Single Org policy is enabled already.
This PR adds a check so that this can be enforced when a config option is enabled.
Since Vaultwarden encouraged to use multiple orgs when groups were not available yet we should not enable this by default now.
This might be something to do in the future.
When enabled, it will prevent the Reset Password policy to be enabled if the Single Org policy is not enabled.
It will also prevent the Single Org policy to be disabled if the Reset Password policy is enabled.
Fixes #4855
Signed-off-by: BlackDex <[email protected]>
* Removed some extra if checks
Signed-off-by: BlackDex <[email protected]>
---------
Signed-off-by: BlackDex <[email protected]>
Diffstat (limited to '.env.template')
-rw-r--r-- | .env.template | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/.env.template b/.env.template index 45239f68..fb624703 100644 --- a/.env.template +++ b/.env.template @@ -425,6 +425,12 @@ ## KNOW WHAT YOU ARE DOING! # INCREASE_NOTE_SIZE_LIMIT=false +## Enforce Single Org with Reset Password Policy +## Enforce that the Single Org policy is enabled before setting the Reset Password policy +## Bitwarden enforces this by default. In Vaultwarden we encouraged to use multiple organizations because groups were not available. +## Setting this to true will enforce the Single Org Policy to be enabled before you can enable the Reset Password policy. +# ENFORCE_SINGLE_ORG_WITH_RESET_PW_POLICY=false + ######################## ### MFA/2FA settings ### ######################## |