diff options
| author | Daniel GarcĂa <[email protected]> | 2024-01-27 02:43:26 +0100 |
|---|---|---|
| committer | GitHub <[email protected]> | 2024-01-27 02:43:26 +0100 |
| commit | edf7484a70942de387d59c5d5cf849f24180ba66 (patch) | |
| tree | b5cd3c96048e8bd77c895a099f9fbca147ac244e /src/config.rs | |
| parent | 8b66e3441571fdb71f0610882d1ee47dccc8c0a3 (diff) | |
| download | vaultwarden-edf7484a70942de387d59c5d5cf849f24180ba66.tar.gz vaultwarden-edf7484a70942de387d59c5d5cf849f24180ba66.zip | |
Improve file limit handling (#4242)
* Improve file limit handling
* Oops
* Update PostgreSQL migration
* Review comments
---------
Co-authored-by: BlackDex <[email protected]>
Diffstat (limited to 'src/config.rs')
| -rw-r--r-- | src/config.rs | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/src/config.rs b/src/config.rs index 8a8c8e35..e99518a7 100644 --- a/src/config.rs +++ b/src/config.rs @@ -442,6 +442,8 @@ make_config! { user_attachment_limit: i64, true, option; /// Per-organization attachment storage limit (KB) |> Max kilobytes of attachment storage allowed per org. When this limit is reached, org members will not be allowed to upload further attachments for ciphers owned by that org. org_attachment_limit: i64, true, option; + /// Per-user send storage limit (KB) |> Max kilobytes of sends storage allowed per user. When this limit is reached, the user will not be allowed to upload further sends. + user_send_limit: i64, true, option; /// Trash auto-delete days |> Number of days to wait before auto-deleting a trashed item. /// If unset, trashed items are not auto-deleted. This setting applies globally, so make @@ -784,6 +786,26 @@ fn validate_config(cfg: &ConfigItems) -> Result<(), Error> { } } + const MAX_FILESIZE_KB: i64 = i64::MAX >> 10; + + if let Some(limit) = cfg.user_attachment_limit { + if !(0i64..=MAX_FILESIZE_KB).contains(&limit) { + err!("`USER_ATTACHMENT_LIMIT` is out of bounds"); + } + } + + if let Some(limit) = cfg.org_attachment_limit { + if !(0i64..=MAX_FILESIZE_KB).contains(&limit) { + err!("`ORG_ATTACHMENT_LIMIT` is out of bounds"); + } + } + + if let Some(limit) = cfg.user_send_limit { + if !(0i64..=MAX_FILESIZE_KB).contains(&limit) { + err!("`USER_SEND_LIMIT` is out of bounds"); + } + } + if cfg._enable_duo && (cfg.duo_host.is_some() || cfg.duo_ikey.is_some() || cfg.duo_skey.is_some()) && !(cfg.duo_host.is_some() && cfg.duo_ikey.is_some() && cfg.duo_skey.is_some()) |