mas_config/sections/
account.rs

1// Copyright 2024, 2025 New Vector Ltd.
2// Copyright 2024 The Matrix.org Foundation C.I.C.
3//
4// SPDX-License-Identifier: AGPL-3.0-only OR LicenseRef-Element-Commercial
5// Please see LICENSE files in the repository root for full details.
6
7use schemars::JsonSchema;
8use serde::{Deserialize, Serialize};
9
10use crate::ConfigurationSection;
11
12const fn default_true() -> bool {
13    true
14}
15
16#[allow(clippy::trivially_copy_pass_by_ref)]
17const fn is_default_true(value: &bool) -> bool {
18    *value == default_true()
19}
20
21const fn default_false() -> bool {
22    false
23}
24
25#[allow(clippy::trivially_copy_pass_by_ref)]
26const fn is_default_false(value: &bool) -> bool {
27    *value == default_false()
28}
29
30/// Configuration section to configure features related to account management
31#[allow(clippy::struct_excessive_bools)]
32#[derive(Clone, Debug, Deserialize, JsonSchema, Serialize)]
33pub struct AccountConfig {
34    /// Whether users are allowed to change their email addresses. Defaults to
35    /// `true`.
36    #[serde(default = "default_true", skip_serializing_if = "is_default_true")]
37    pub email_change_allowed: bool,
38
39    /// Whether users are allowed to change their display names. Defaults to
40    /// `true`.
41    ///
42    /// This should be in sync with the policy in the homeserver configuration.
43    #[serde(default = "default_true", skip_serializing_if = "is_default_true")]
44    pub displayname_change_allowed: bool,
45
46    /// Whether to enable self-service password registration. Defaults to
47    /// `false` if password authentication is enabled.
48    ///
49    /// This has no effect if password login is disabled.
50    #[serde(default = "default_false", skip_serializing_if = "is_default_false")]
51    pub password_registration_enabled: bool,
52
53    /// Whether users are allowed to change their passwords. Defaults to `true`.
54    ///
55    /// This has no effect if password login is disabled.
56    #[serde(default = "default_true", skip_serializing_if = "is_default_true")]
57    pub password_change_allowed: bool,
58
59    /// Whether email-based password recovery is enabled. Defaults to `false`.
60    ///
61    /// This has no effect if password login is disabled.
62    #[serde(default = "default_false", skip_serializing_if = "is_default_false")]
63    pub password_recovery_enabled: bool,
64
65    /// Whether users are allowed to delete their own account. Defaults to
66    /// `true`.
67    #[serde(default = "default_true", skip_serializing_if = "is_default_true")]
68    pub account_deactivation_allowed: bool,
69
70    /// Whether users can log in with their email address. Defaults to `false`.
71    ///
72    /// This has no effect if password login is disabled.
73    #[serde(default = "default_false", skip_serializing_if = "is_default_false")]
74    pub login_with_email_allowed: bool,
75
76    /// Whether registration tokens are required for password registrations.
77    /// Defaults to `false`.
78    ///
79    /// When enabled, users must provide a valid registration token during
80    /// password registration. This has no effect if password registration
81    /// is disabled.
82    #[serde(default = "default_false", skip_serializing_if = "is_default_false")]
83    pub registration_token_required: bool,
84}
85
86impl Default for AccountConfig {
87    fn default() -> Self {
88        Self {
89            email_change_allowed: default_true(),
90            displayname_change_allowed: default_true(),
91            password_registration_enabled: default_false(),
92            password_change_allowed: default_true(),
93            password_recovery_enabled: default_false(),
94            account_deactivation_allowed: default_true(),
95            login_with_email_allowed: default_false(),
96            registration_token_required: default_false(),
97        }
98    }
99}
100
101impl AccountConfig {
102    /// Returns true if the configuration is the default one
103    pub(crate) fn is_default(&self) -> bool {
104        is_default_false(&self.password_registration_enabled)
105            && is_default_true(&self.email_change_allowed)
106            && is_default_true(&self.displayname_change_allowed)
107            && is_default_true(&self.password_change_allowed)
108            && is_default_false(&self.password_recovery_enabled)
109            && is_default_true(&self.account_deactivation_allowed)
110            && is_default_false(&self.login_with_email_allowed)
111            && is_default_false(&self.registration_token_required)
112    }
113}
114
115impl ConfigurationSection for AccountConfig {
116    const PATH: Option<&'static str> = Some("account");
117}