ember/continuwuity
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
6301 commits 143 branches 32 tags 16 MiB
Commit graph

6301 commits

This branch
This branch
All branches
Author SHA1 Message Date
ember
bba5318ce8 Merge pull request 'feat/space-permission-cascading' (#2) from feat/space-permission-cascading into deployment
Some checks failed
Documentation / Build and Deploy Documentation (pull_request) Has been skipped
Details
Checks / Prek / Pre-commit & Formatting (pull_request) Failing after 4s
Details
Checks / Prek / Clippy and Cargo Tests (pull_request) Failing after 5s
Details 
Reviewed-on: #2
 2026-03-20 08:03:10 +00:00
ember33
1f91a74b27 feat(spaces): wire up enforcement hooks in join, append, and build paths
Some checks failed
Documentation / Build and Deploy Documentation (pull_request) Has been skipped
Details
Checks / Prek / Pre-commit & Formatting (pull_request) Failing after 5s
Details
Checks / Prek / Clippy and Cargo Tests (pull_request) Failing after 6s
Details
Update flake hashes / update-flake-hashes (pull_request) Failing after 6s
Details 
Add minimal integration points in existing files:
- append.rs: call on_pdu_appended for event-driven enforcement
- build.rs: call validate_pl_change to protect space-managed PLs
- join.rs: call check_join_allowed to gate joins on role requirements
- timeline/mod.rs: add roles service dependency
 2026-03-20 08:52:23 +01:00
ember33
5f901a560b feat(spaces): add admin commands for space role management 
Add !admin space roles subcommands: list, add, remove, assign, revoke,
require, unrequire, user, room, enable, disable, status. The remove
command uses cascade_remove_role macro to deduplicate member and room
cleanup loops. Role definitions, assignments, and room requirements
are managed via state events.
 2026-03-20 08:52:13 +01:00
ember33
59401e1786 feat(spaces): add space roles service with enforcement and caching 
Implement the roles service with well-factored helper methods:
- Cache population via load_user_roles, load_room_requirements,
  load_child_rooms_index helpers
- Enforcement dispatch via enforce_roles_change, enforce_member_change,
  enforce_room_change, enforce_cascading_toggle
- Child management via handle_child_added, handle_child_removed
- Kick logic via user_qualifies_in_any_parent, kick_user_from_room
- PL computation via compute_effective_pl (highest-wins across spaces)
- Per-space enable/disable, graceful shutdown guards
 2026-03-20 08:52:05 +01:00
ember33
95fa3b022a feat(spaces): add custom state event types and config for space permission cascading 
Add four custom Matrix state event content types for space role
management: space roles definitions, per-user role assignments,
per-room role requirements, and per-space cascading override.

Add server config options: space_permission_cascading (default false)
as the server-wide toggle, and space_roles_cache_flush_threshold
(default 1000) for cache management.
 2026-03-20 08:51:57 +01:00
Jade Ellis
6b013bcf60
chore: Update funding links 2026-03-19 12:45:12 +00:00
Ginger
05a49ceb60
chore: Whitelist cognitive_complexity lint 2026-03-18 13:59:48 -04:00
Ginger
728c5828ba
feat: Add a panic handler and clean up error page 2026-03-18 13:43:34 -04:00
Ginger
50c94d85a1
fix: Code cleanup 2026-03-18 13:18:53 -04:00
Ginger
0cc188f62c
fix: Remove redirect on index 2026-03-18 12:42:55 -04:00
Ginger
6451671f66
fix: Update doc comment 2026-03-18 12:42:55 -04:00
theS1LV3R
ca21a885d5
chore: Rename option index_page_allow_indexing to allow_web_indexing 2026-03-18 12:42:55 -04:00
Ginger
4af4110f6d
chore: Update news fragment 2026-03-18 12:42:55 -04:00
Ginger
51b450c05c
feat: Use a context struct to store global template context 2026-03-18 12:42:55 -04:00
theS1LV3R
f9d1f71343
fix: Fix logic error 2026-03-18 12:42:55 -04:00
theS1LV3R
7901e4b996
chore: Add news fragment for !1527 2026-03-18 12:42:55 -04:00
theS1LV3R
7b6bf4b78e
feat: Add option for a noindex meta tag on the HTML index page 
Adds a new config option `index_page_allow_indexing` which defaults to false.

Fixes: !1527
 2026-03-18 12:42:55 -04:00
Ginger
67d5619ccb
fix: Fix password reset page appearance in light mode 2026-03-18 12:42:55 -04:00
Ginger
bf001f96d6
feat: Restrict reset token command 2026-03-18 12:42:55 -04:00
Ginger
ae2b87f03f
fix: Fix M_NOT_FOUND for users with no origin set 2026-03-18 12:42:55 -04:00
Ginger
957cd3502f
fix: Evil CSS hackery 2026-03-18 12:42:55 -04:00
Ginger
a109542eb8
fix: Disable text selection on k10y 2026-03-18 12:42:55 -04:00
Ginger
8c4844b00b
fix: Use error page for extractor rejections 2026-03-18 12:42:55 -04:00
Ginger
eec7103910
feat: Implement dedicated 404 page for routes under /_continuwuity/ 2026-03-18 12:42:55 -04:00
Ginger
43aa172829
feat: Move index to /_continuwuity/ 2026-03-18 12:42:55 -04:00
Ginger
9b4c483b6d
chore: Remove unnecessary database map left over from refactor 2026-03-18 12:42:55 -04:00
Ginger
b885e206ce
fix: Use server name in index again 2026-03-18 12:42:55 -04:00
Ginger
07a935f625
fix: Add CSRF protection 2026-03-18 12:42:55 -04:00
Ginger
d13801e976
fix: Disallow issuing password reset tokens for deactivated users 2026-03-18 12:42:55 -04:00
Ginger
5716c36b47
chore: Change password reset page path 2026-03-18 12:42:55 -04:00
Ginger
f11943b956
chore: News fragment 2026-03-18 12:42:55 -04:00
Ginger
8b726a9c94
chore: Cleanup 2026-03-18 12:42:55 -04:00
Ginger
ffa3c53847
feat: Implement a webpage for self-service password resets 2026-03-18 12:42:55 -04:00
Ginger
da8833fca4
feat: Implement a command for issuing password reset links 2026-03-18 12:42:55 -04:00
Ginger
267feb3c09
feat: Add a new service for handling password resets 2026-03-18 12:42:55 -04:00
Ginger
3d50af0943
refactor: Split web code into multiple files, improve static resource loading 2026-03-18 12:42:55 -04:00
Ginger
9515019641
fix: Allow cognitive_complexity on two particularly large functions 2026-03-18 10:57:50 -04:00
Renovate Bot
f0f53dfada chore(deps): lock file maintenance 2026-03-18 05:05:56 +00:00
ember33
3bfd10efab docs: add implementation plan for space permission cascading 
15-task plan covering config flag, custom event types, service layer,
cache, enforcement hooks, admin commands, and testing.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-17 15:04:32 +01:00
ember33
835d434d92 docs: add design doc for space permission cascading 
Covers power level cascading from Spaces to child rooms, role-based
room access control, continuous enforcement, and admin room commands.
Feature will be behind a server-wide config flag.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-17 14:59:48 +01:00
Renovate Bot
acef746d26 fix(deps): Update rust crate recaptcha-verify to 0.2.0 2026-03-17 13:20:50 +00:00
Jade Ellis
3356b60e97
chore: Remove git.nexy7574.co.uk mirror 
This mirror seems to have some issues preventing regsync from working.
 2026-03-16 18:13:26 +00:00
Jade Ellis
c988c2b387
chore: Release 2026-03-16 16:48:53 +00:00
theS1LV3R
3121229707 docs: Update docker documentation to add /sbin/conduwuit to examples 
These will likely have to be updated when !1485 goes through.

Fixes: !1529
 2026-03-15 00:21:37 +00:00
Shane Jaroch
ff85145ee8
fix: missing logic inversion for acquired keys (should speed up room joins) 2026-03-13 20:54:38 -04:00
lveneris
f61d1a11e0 chore: set correct commit types for all renovate PRs 2026-03-09 21:51:21 +00:00
lveneris
11ba8979ff chore: batch non-major non-zerover cargo renovate PRs 2026-03-09 21:51:21 +00:00
Ginger
f6956ccf12 fix: Nuke all remaining references to MSC3575 in docs and code 2026-03-09 17:11:19 +00:00
Kimiblock Moe
977a5ac8c1 Enable the reloading of systemd credentials 
systemd v260 has introduced a new option: RefreshOnReload, of which when set to true automatically reloads all confext and credential files. This should eliminate the full restart requirement to reload a changed configuration.
 2026-03-09 16:08:47 +00:00
timedout
906c3df953 style: Reduce migration warning verbosity to info 
They aren't actually warning of anything
 2026-03-09 13:30:24 +00:00