From d9c0c23819fdd327750931103a1ec3e625a257a4 Mon Sep 17 00:00:00 2001 From: BlackDex Date: Mon, 12 Dec 2022 12:21:48 +0100 Subject: [PATCH 1/7] Revert collection queries back to `left_join` Using the `inner_join` seems to cause issues, even though i have tested it. Strangely it does cause issues. Reverting it back to `left_join` seems to solve the issue for me. Fixes #2975 --- src/db/models/collection.rs | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/src/db/models/collection.rs b/src/db/models/collection.rs index 14eef617..eba0ffee 100644 --- a/src/db/models/collection.rs +++ b/src/db/models/collection.rs @@ -167,15 +167,15 @@ impl Collection { users_collections::user_uuid.eq(user_uuid.clone()) ) )) - .inner_join(users_organizations::table.on( + .left_join(users_organizations::table.on( collections::org_uuid.eq(users_organizations::org_uuid).and( users_organizations::user_uuid.eq(user_uuid.clone()) ) )) - .inner_join(groups_users::table.on( + .left_join(groups_users::table.on( groups_users::users_organizations_uuid.eq(users_organizations::uuid) )) - .inner_join(groups::table.on( + .left_join(groups::table.on( groups::uuid.eq(groups_users::groups_uuid) )) .left_join(collections_groups::table.on( @@ -252,15 +252,15 @@ impl Collection { users_collections::user_uuid.eq(user_uuid.clone()) ) )) - .inner_join(users_organizations::table.on( + .left_join(users_organizations::table.on( collections::org_uuid.eq(users_organizations::org_uuid).and( users_organizations::user_uuid.eq(user_uuid) ) )) - .inner_join(groups_users::table.on( + .left_join(groups_users::table.on( groups_users::users_organizations_uuid.eq(users_organizations::uuid) )) - .inner_join(groups::table.on( + .left_join(groups::table.on( groups::uuid.eq(groups_users::groups_uuid) )) .left_join(collections_groups::table.on( From cd3e2d7a5a79f91a314f0b75172c182df75df505 Mon Sep 17 00:00:00 2001 From: BlackDex Date: Thu, 8 Dec 2022 13:35:53 +0100 Subject: [PATCH 2/7] Increase privacy of masked config This changes the masking function to hide a bit more information from the generated support string. It will still keep showing the `://` for example, and `,`, but other characters will be hidden. Also did some small changes on some key's which all showed up as `Internal` on the Settings page. Fixes #2929 --- src/config.rs | 31 ++++++++++++++++++++----------- 1 file changed, 20 insertions(+), 11 deletions(-) diff --git a/src/config.rs b/src/config.rs index eb776bb9..edf5bbfe 100644 --- a/src/config.rs +++ b/src/config.rs @@ -232,14 +232,23 @@ macro_rules! make_config { /// We map over the string and remove all alphanumeric, _ and - characters. /// This is the fastest way (within micro-seconds) instead of using a regex (which takes mili-seconds) fn _privacy_mask(value: &str) -> String { - value.chars().map(|c| - match c { - c if c.is_alphanumeric() => '*', - '_' => '*', - '-' => '*', - _ => c - } - ).collect::() + let mut n: u16 = 0; + let mut colon_match = false; + value + .chars() + .map(|c| { + n += 1; + match c { + ':' if n <= 11 => { + colon_match = true; + c + } + '/' if n <= 13 && colon_match => c, + ',' => c, + _ => '*', + } + }) + .collect::() } serde_json::Value::Object({ @@ -475,9 +484,9 @@ make_config! { /// service is set, an icon request to Vaultwarden will return an HTTP redirect to the /// corresponding icon at the external service. icon_service: String, false, def, "internal".to_string(); - /// Internal + /// _icon_service_url _icon_service_url: String, false, gen, |c| generate_icon_service_url(&c.icon_service); - /// Internal + /// _icon_service_csp _icon_service_csp: String, false, gen, |c| generate_icon_service_csp(&c.icon_service, &c._icon_service_url); /// Icon redirect code |> The HTTP status code to use for redirects to an external icon service. /// The supported codes are 301 (legacy permanent), 302 (legacy temporary), 307 (temporary), and 308 (permanent). @@ -613,7 +622,7 @@ make_config! { helo_name: String, true, option; /// Embed images as email attachments. smtp_embed_images: bool, true, def, true; - /// Internal + /// _smtp_img_src _smtp_img_src: String, false, gen, |c| generate_smtp_img_src(c.smtp_embed_images, &c.domain); /// Enable SMTP debugging (Know the risks!) |> DANGEROUS: Enabling this will output very detailed SMTP messages. This could contain sensitive information like passwords and usernames! Only enable this during troubleshooting! smtp_debug: bool, false, def, false; From 4db42b07c48ad7e69d66f8c5aa3414ef72a4f4b6 Mon Sep 17 00:00:00 2001 From: "Helmut K. C. Tessarek" Date: Fri, 9 Dec 2022 16:31:40 -0500 Subject: [PATCH 3/7] Improve comments - The first one was not a proper sentence. - The second one mixed passive and active form in the secon d part of the sentence. --- .env.template | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.env.template b/.env.template index 22877f15..7ccdacd3 100644 --- a/.env.template +++ b/.env.template @@ -83,11 +83,11 @@ ## Controls whether event logging is enabled for organizations ## This setting applies to organizations. -## Default this is disabled. Also check the EVENT_CLEANUP_SCHEDULE and EVENTS_DAYS_RETAIN settings. +## Disabled by default. Also check the EVENT_CLEANUP_SCHEDULE and EVENTS_DAYS_RETAIN settings. # ORG_EVENTS_ENABLED=false ## Number of days to retain events stored in the database. -## If unset (the default), events are kept indefently and also disables the scheduled job! +## If unset (the default), events are kept indefinitely and the scheduled job is disabled! # EVENTS_DAYS_RETAIN= ## Job scheduler settings From 5fcba3d7f5d1327bb525680c188cb0bc3f0b16bd Mon Sep 17 00:00:00 2001 From: "Helmut K. C. Tessarek" Date: Fri, 9 Dec 2022 17:32:59 -0500 Subject: [PATCH 4/7] use black favicon for /admin --- src/api/web.rs | 1 + src/static/images/vaultwarden-favicon.png | Bin 0 -> 1615 bytes src/static/templates/404.hbs | 2 +- src/static/templates/admin/base.hbs | 2 +- 4 files changed, 3 insertions(+), 2 deletions(-) create mode 100644 src/static/images/vaultwarden-favicon.png diff --git a/src/api/web.rs b/src/api/web.rs index a7640cd9..72bb66d0 100644 --- a/src/api/web.rs +++ b/src/api/web.rs @@ -101,6 +101,7 @@ pub fn static_files(filename: String) -> Result<(ContentType, &'static [u8]), Er "error-x.svg" => Ok((ContentType::SVG, include_bytes!("../static/images/error-x.svg"))), "hibp.png" => Ok((ContentType::PNG, include_bytes!("../static/images/hibp.png"))), "vaultwarden-icon.png" => Ok((ContentType::PNG, include_bytes!("../static/images/vaultwarden-icon.png"))), + "vaultwarden-favicon.png" => Ok((ContentType::PNG, include_bytes!("../static/images/vaultwarden-favicon.png"))), "bootstrap.css" => Ok((ContentType::CSS, include_bytes!("../static/scripts/bootstrap.css"))), "bootstrap-native.js" => Ok((ContentType::JavaScript, include_bytes!("../static/scripts/bootstrap-native.js"))), "jdenticon.js" => Ok((ContentType::JavaScript, include_bytes!("../static/scripts/jdenticon.js"))), diff --git a/src/static/images/vaultwarden-favicon.png b/src/static/images/vaultwarden-favicon.png new file mode 100644 index 0000000000000000000000000000000000000000..bb0e169a1e008dc0e41548c87a8b83c7fbdb6488 GIT binary patch literal 1615 zcmV-V2C(^wP)uwr$(CZQHhO+qQl4W^LQ4`d-rAwb{B_J&dQm^vNmw zt4<+{`SITrP+BDXQi~)IJlptQXa~VFpN*HATzO^v$N0~JrUe(!qGd4qPm{0VYniq` zgZ-uj63|-9#C_fpc??b;v;*ug=nQyF>PkETBcnLoDych;;76c+sk^C?k(O zcBCjDhRF`m2r+kg9%{7wg##t;;R4|Dt~4B2KR%@r7T*(PI|$}~$74_5B(O-1(?lC4 z%pVt%2O!2KrysjxRkS6bq#YnmHbsPv-5DX;USQ*(3lUOT;sEWUYzH;DoTZawAq9B6 zBG!B>c^41Am?gP1mrKodAR<-D6uInRdO$CZ)M7h0jW+1PA(v64Ow}HPI)6WWa0xAG zR#wm9LL|!|(epk(g6*Y&Mu|F#-q6b4bF3~LNiXVOM=2Qvbjz*4Tb2X4nO2V7m^(#Y z!vpgCt7$>YAm5kAt0H%@@v*dWlW1!Y`@@?udK-qz2ojy3!UIhKB~Rf(rvxKpINOYo zH=)0^kOn`tHB1({v0>qC9O%K;Gn>OWXD?d8;p~Qi8$~9=){hM~0!lsuN<1+8w{55%uk|>fhq;S<3o|7S?{;m4^RR=6XgqN8Gis3;;adK3=o-ECJH5PYYN;?1)`KE ziVWBj)+A1a{p-X9UC=V^3^KUv@o7!8mTM?Lk~OCWeb6#m5in=4ejfXMIvo;A+u< zz%7&@#ro6zhB@*oUWy&QmbqQH5|X&QW!~{_$`GY8F~E7sswAMy-KPE)E=hdHO#!^7 zz;6@*kB=J-O1{Jeiu~3T@B#s=3ob93VV}JlE#Po|;NS}K(86xB&7{1D+w6iF#C)0i zLIEXD;zE6E9Mc%~2@YMs<%zlF`zYrb6b_=9#&jPp5N$1ezf-EQuq?o}oKGJ!jm?E* zEne*-ndPKL^&A`@L{pQQThqfVq~=nN(|ixrm?-Gb!Z4B1L^}l_s!(7cS>k3X8<@5t z?()*y*NpO!^mtL^4Ll#jQKFk;824eaan5Hr$N;PZBr_bUXoDV@P)hKs2SFDUstQ`Qw(>hQk?VphF}*-gzG{1ksdE$D!?yTiQNAH!6G` zrkD`PR*pWFbO>T-;A<*$Yi_F6w%(Hsr-{-^DT8DJ5(dQjhgLFeLwZ`4#P&%nk6!THUMa2fXJ++)>R_=v#g0Ye;cxRZv4aW zk%$~i79h*9BJwdjJpNfs$okuu_x>gTF*xA4QO{8VDDm9r=MVH7VUzbw%=`PGxzaKo z9UNdCA^;KA2AmFf%dBLA=7L0BFGB|a=s?~D - + Page not found!