Hi,
Are there any plans to implement the Disable Personal Vault Export Policy?
Just asking as I don’t see it listed on the GitHub feature requests page.
Thanks
That feature via the the organization settings is part of the Bitwarden license. Which i think does not allow Vaultwarden to use that feature via the web-vault. At least, i think we aren’t allowed to build a web-vault with that feature included.
That doesn’t mean it can’t be implemented at all, but maybe different or something. But it probably will not be something on the top of the list.
It’s a shame they are moving new features away from GPL3 to a “Source Available” licence which only allows the code to be reused for “internal development and internal testing, and only in a non-production environment”.
My interpretation of the licence is that it only prevents the reuse of the code and someone could recode the features in the admin panel or the parts of the web vault that are licenced under the Bitwarden License v1.0. and release that code as GPLv3, or base it upon already GPLv3 code.
IANAL but my understanding of GPLv3 is that you can’t compile and release non-GPLv3 code which you have written with GPLv3 code without releasing the entire code under GPLv3. So Bitwarden could be in breach of GPLv3 with that licence anyway, but I could be wrong, you would need a GPL legal expert to confirm that.
Unfortunately, I don’t code in any of the languages used by vaultwarden or the web vault, so I am unable to test it or do any pull requests, but it looks like for Disable Personal Vault Export all that needs to be done in Vaultwarden is to add the Policy ID to “vaultwarden/src/db/models/org_policy.rs”. Under the “SendOptions = 7,” line add “DisablePersonalVaultExport = 10,”. I created a policy with ID 10 manually in SQL and the feature worked as expected.
Recoding the features in the web vault is possible but would require typescript knowledge, creation of new web vault files and modification of existing web vault files. If the general policy of vaultwarden is as little modification to the web vault as possible it could be implemented in the admin panel instead.