From d184c8f08cfdbc567d47d8edd473b8d22ebe8bd9 Mon Sep 17 00:00:00 2001 From: Daniel GarcĂ­a Date: Fri, 20 Sep 2024 21:39:00 +0200 Subject: Fix keyword collision in Rust 2024 and add new api/config value (#4975) * Avoid keyword collision with gen in Rust 2024 * Include new api/config setting to disable user registration, not yet used by clients * Actually qualify CONFIG --- src/api/core/mod.rs | 3 +++ src/config.rs | 20 ++++++++++---------- 2 files changed, 13 insertions(+), 10 deletions(-) diff --git a/src/api/core/mod.rs b/src/api/core/mod.rs index 8a9bb79c..ee5db190 100644 --- a/src/api/core/mod.rs +++ b/src/api/core/mod.rs @@ -204,6 +204,9 @@ fn config() -> Json { "name": "Vaultwarden", "url": "https://github.com/dani-garcia/vaultwarden" }, + "settings": { + "disableUserRegistration": !crate::CONFIG.signups_allowed() && crate::CONFIG.signups_domains_whitelist().is_empty(), + }, "environment": { "vault": domain, "api": format!("{domain}/api"), diff --git a/src/config.rs b/src/config.rs index f5466e86..d7fb7d3e 100644 --- a/src/config.rs +++ b/src/config.rs @@ -331,7 +331,7 @@ macro_rules! make_config { } } }}; - ( @build $value:expr, $config:expr, gen, $default_fn:expr ) => {{ + ( @build $value:expr, $config:expr, generated, $default_fn:expr ) => {{ let f: &dyn Fn(&ConfigItems) -> _ = &$default_fn; f($config) }}; @@ -349,10 +349,10 @@ macro_rules! make_config { // } // // Where action applied when the value wasn't provided and can be: -// def: Use a default value -// auto: Value is auto generated based on other values -// option: Value is optional -// gen: Value is always autogenerated and it's original value ignored +// def: Use a default value +// auto: Value is auto generated based on other values +// option: Value is optional +// generated: Value is always autogenerated and it's original value ignored make_config! { folders { /// Data folder |> Main data folder @@ -515,7 +515,7 @@ make_config! { /// Set to the string "none" (without quotes), to disable any headers and just use the remote IP ip_header: String, true, def, "X-Real-IP".to_string(); /// Internal IP header property, used to avoid recomputing each time - _ip_header_enabled: bool, false, gen, |c| &c.ip_header.trim().to_lowercase() != "none"; + _ip_header_enabled: bool, false, generated, |c| &c.ip_header.trim().to_lowercase() != "none"; /// Icon service |> The predefined icon services are: internal, bitwarden, duckduckgo, google. /// To specify a custom icon service, set a URL template with exactly one instance of `{}`, /// which is replaced with the domain. For example: `https://icon.example.com/domain/{}`. @@ -524,9 +524,9 @@ make_config! { /// corresponding icon at the external service. icon_service: String, false, def, "internal".to_string(); /// _icon_service_url - _icon_service_url: String, false, gen, |c| generate_icon_service_url(&c.icon_service); + _icon_service_url: String, false, generated, |c| generate_icon_service_url(&c.icon_service); /// _icon_service_csp - _icon_service_csp: String, false, gen, |c| generate_icon_service_csp(&c.icon_service, &c._icon_service_url); + _icon_service_csp: String, false, generated, |c| generate_icon_service_csp(&c.icon_service, &c._icon_service_url); /// Icon redirect code |> The HTTP status code to use for redirects to an external icon service. /// The supported codes are 301 (legacy permanent), 302 (legacy temporary), 307 (temporary), and 308 (permanent). /// Temporary redirects are useful while testing different icon services, but once a service @@ -624,7 +624,7 @@ make_config! { /// WARNING: This could cause issues with clients. Also exports will not work on Bitwarden servers! increase_note_size_limit: bool, true, def, false; /// Generated max_note_size value to prevent if..else matching during every check - _max_note_size: usize, false, gen, |c| if c.increase_note_size_limit {100_000} else {10_000}; + _max_note_size: usize, false, generated, |c| if c.increase_note_size_limit {100_000} else {10_000}; /// Enforce Single Org with Reset Password Policy |> Enforce that the Single Org policy is enabled before setting the Reset Password policy /// Bitwarden enforces this by default. In Vaultwarden we encouraged to use multiple organizations because groups were not available. @@ -695,7 +695,7 @@ make_config! { /// Embed images as email attachments. smtp_embed_images: bool, true, def, true; /// _smtp_img_src - _smtp_img_src: String, false, gen, |c| generate_smtp_img_src(c.smtp_embed_images, &c.domain); + _smtp_img_src: String, false, generated, |c| generate_smtp_img_src(c.smtp_embed_images, &c.domain); /// Enable SMTP debugging (Know the risks!) |> DANGEROUS: Enabling this will output very detailed SMTP messages. This could contain sensitive information like passwords and usernames! Only enable this during troubleshooting! smtp_debug: bool, false, def, false; /// Accept Invalid Certs (Know the risks!) |> DANGEROUS: Allow invalid certificates. This option introduces significant vulnerabilities to man-in-the-middle attacks! -- cgit v1.2.3