mas_config/sections/
account.rs

1// Copyright 2024, 2025 New Vector Ltd.
2// Copyright 2024 The Matrix.org Foundation C.I.C.
3//
4// SPDX-License-Identifier: AGPL-3.0-only OR LicenseRef-Element-Commercial
5// Please see LICENSE files in the repository root for full details.
6
7use schemars::JsonSchema;
8use serde::{Deserialize, Serialize};
9
10use crate::ConfigurationSection;
11
12const fn default_true() -> bool {
13    true
14}
15
16#[allow(clippy::trivially_copy_pass_by_ref)]
17const fn is_default_true(value: &bool) -> bool {
18    *value == default_true()
19}
20
21const fn default_false() -> bool {
22    false
23}
24
25#[allow(clippy::trivially_copy_pass_by_ref)]
26const fn is_default_false(value: &bool) -> bool {
27    *value == default_false()
28}
29
30/// Configuration section to configure features related to account management
31#[allow(clippy::struct_excessive_bools)]
32#[derive(Clone, Debug, Deserialize, JsonSchema, Serialize)]
33pub struct AccountConfig {
34    /// Whether users are allowed to change their email addresses. Defaults to
35    /// `true`.
36    #[serde(default = "default_true", skip_serializing_if = "is_default_true")]
37    pub email_change_allowed: bool,
38
39    /// Whether users are allowed to change their display names. Defaults to
40    /// `true`.
41    ///
42    /// This should be in sync with the policy in the homeserver configuration.
43    #[serde(default = "default_true", skip_serializing_if = "is_default_true")]
44    pub displayname_change_allowed: bool,
45
46    /// Whether to enable self-service password registration. Defaults to
47    /// `false` if password authentication is enabled.
48    ///
49    /// This has no effect if password login is disabled.
50    #[serde(default = "default_false", skip_serializing_if = "is_default_false")]
51    pub password_registration_enabled: bool,
52
53    /// Whether self-service password registrations require a valid email.
54    /// Defaults to `true`.
55    ///
56    /// This has no effect if password registration is disabled.
57    #[serde(default = "default_true", skip_serializing_if = "is_default_true")]
58    pub password_registration_email_required: bool,
59
60    /// Whether users are allowed to change their passwords. Defaults to `true`.
61    ///
62    /// This has no effect if password login is disabled.
63    #[serde(default = "default_true", skip_serializing_if = "is_default_true")]
64    pub password_change_allowed: bool,
65
66    /// Whether email-based password recovery is enabled. Defaults to `false`.
67    ///
68    /// This has no effect if password login is disabled.
69    #[serde(default = "default_false", skip_serializing_if = "is_default_false")]
70    pub password_recovery_enabled: bool,
71
72    /// Whether users are allowed to delete their own account. Defaults to
73    /// `true`.
74    #[serde(default = "default_true", skip_serializing_if = "is_default_true")]
75    pub account_deactivation_allowed: bool,
76
77    /// Whether users can log in with their email address. Defaults to `false`.
78    ///
79    /// This has no effect if password login is disabled.
80    #[serde(default = "default_false", skip_serializing_if = "is_default_false")]
81    pub login_with_email_allowed: bool,
82
83    /// Whether registration tokens are required for password registrations.
84    /// Defaults to `false`.
85    ///
86    /// When enabled, users must provide a valid registration token during
87    /// password registration. This has no effect if password registration
88    /// is disabled.
89    #[serde(default = "default_false", skip_serializing_if = "is_default_false")]
90    pub registration_token_required: bool,
91}
92
93impl Default for AccountConfig {
94    fn default() -> Self {
95        Self {
96            email_change_allowed: default_true(),
97            displayname_change_allowed: default_true(),
98            password_registration_enabled: default_false(),
99            password_registration_email_required: default_true(),
100            password_change_allowed: default_true(),
101            password_recovery_enabled: default_false(),
102            account_deactivation_allowed: default_true(),
103            login_with_email_allowed: default_false(),
104            registration_token_required: default_false(),
105        }
106    }
107}
108
109impl AccountConfig {
110    /// Returns true if the configuration is the default one
111    pub(crate) fn is_default(&self) -> bool {
112        is_default_false(&self.password_registration_enabled)
113            && is_default_true(&self.email_change_allowed)
114            && is_default_true(&self.displayname_change_allowed)
115            && is_default_true(&self.password_change_allowed)
116            && is_default_false(&self.password_recovery_enabled)
117            && is_default_true(&self.account_deactivation_allowed)
118            && is_default_false(&self.login_with_email_allowed)
119            && is_default_false(&self.registration_token_required)
120    }
121}
122
123impl ConfigurationSection for AccountConfig {
124    const PATH: Option<&'static str> = Some("account");
125}