saret/vaultwarden
1
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2025-10-28 17:00:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

Allow email changes for existing accounts even when signups are disabled

Browse Source
This commit is contained in:
Jeremy Lin
2020-05-24 14:00:26 -07:00
parent c5d7e3f2bc
commit a314933557
3 changed files with 9 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/api/core/accounts.rs
View File

@@ -379,8 +379,8 @@ fn post_email_token(data: JsonUpcase<EmailTokenData>, headers: Headers, conn: Db
err!("Email already in use"); err!("Email already in use");
} }
if !CONFIG.is_signup_allowed(&data.NewEmail) { if !CONFIG.is_email_domain_allowed(&data.NewEmail) {
err!("Email cannot be changed to this address"); err!("Email domain not allowed");
} }
let token = crypto::generate_token(6)?; let token = crypto::generate_token(6)?;

2
src/api/core/organizations.rs
View File

@@ -488,7 +488,7 @@ fn send_invite(org_id: String, data: JsonUpcase<InviteData>, headers: AdminHeade
err!(format!("User does not exist: {}", email)) err!(format!("User does not exist: {}", email))
} }
if !CONFIG.signups_domains_whitelist().is_empty() && !CONFIG.is_email_domain_whitelisted(&email) { if !CONFIG.is_email_domain_allowed(&email) {
err!("Email domain not eligible for invitations") err!("Email domain not eligible for invitations")
} }

11
src/config.rs
View File

@@ -558,9 +558,10 @@ impl Config {
self.update_config(builder) self.update_config(builder)
} }
/// Tests whether an email's domain is in signups_domains_whitelist. /// Tests whether an email's domain is allowed. A domain is allowed if it
/// Returns false if no whitelist is set. /// is in signups_domains_whitelist, or if no whitelist is set (so there
pub fn is_email_domain_whitelisted(&self, email: &str) -> bool { /// are no domain restrictions in effect).
pub fn is_email_domain_allowed(&self, email: &str) -> bool {
let e: Vec<&str> = email.rsplitn(2, '@').collect(); let e: Vec<&str> = email.rsplitn(2, '@').collect();
if e.len() != 2 || e[0].is_empty() || e[1].is_empty() { if e.len() != 2 || e[0].is_empty() || e[1].is_empty() {
warn!("Failed to parse email address '{}'", email); warn!("Failed to parse email address '{}'", email);
@@ -569,7 +570,7 @@ impl Config {
let email_domain = e[0].to_lowercase(); let email_domain = e[0].to_lowercase();
let whitelist = self.signups_domains_whitelist(); let whitelist = self.signups_domains_whitelist();
!whitelist.is_empty() && whitelist.split(',').any(|d| d.trim() == email_domain) whitelist.is_empty() || whitelist.split(',').any(|d| d.trim() == email_domain)
} }
/// Tests whether signup is allowed for an email address, taking into /// Tests whether signup is allowed for an email address, taking into
@@ -577,7 +578,7 @@ impl Config {
pub fn is_signup_allowed(&self, email: &str) -> bool { pub fn is_signup_allowed(&self, email: &str) -> bool {
if !self.signups_domains_whitelist().is_empty() { if !self.signups_domains_whitelist().is_empty() {
// The whitelist setting overrides the signups_allowed setting. // The whitelist setting overrides the signups_allowed setting.
self.is_email_domain_whitelisted(email) self.is_email_domain_allowed(email)
} else { } else {
self.signups_allowed() self.signups_allowed()
} }