From e22e4f6fb67f99421f88757920d55b24f9f43f63 Mon Sep 17 00:00:00 2001
From: Mike Mueller <mike.mueller@cstudio.ch>
Date: Mon, 18 May 2026 18:25:29 +0200
Subject: [PATCH] Implement RUSTDESK_UNATTENDED_PWD_VISIBILITY to enable
 visibility of unattended passwords within the Admin UI even when User is
 logged in.

---
 .env.example                   |  5 +++++
 docker-compose.yml             |  3 +++
 docs/CONFIGURATION.md          |  3 +++
 src/api/admin/pages/devices.rs | 23 +++++++++++++++++++----
 src/main.rs                    |  1 +
 5 files changed, 31 insertions(+), 4 deletions(-)

diff --git a/.env.example b/.env.example
index 80911b2..a3d6bd8 100644
--- a/.env.example
+++ b/.env.example
@@ -25,6 +25,11 @@ RUSTDESK_BOOTSTRAP_ADMIN_PASSWORD=changeme
 # Force relay for all sessions even on LAN.
 #RUSTDESK_ALWAYS_USE_RELAY=Y
 
+# When the admin UI shows a device's unattended (per-boot) password.
+#   logged-out  only when nobody is logged in on the device (default)
+#   always      also while an interactive user is logged in
+#RUSTDESK_UNATTENDED_PWD_VISIBILITY=logged-out
+
 #RUST_LOG=info
 
 # --- Optional build source ---------------------------------------------------
diff --git a/docker-compose.yml b/docker-compose.yml
index c25f5ac..5caa503 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -55,6 +55,9 @@ services:
       - --bootstrap-admin-password=${RUSTDESK_BOOTSTRAP_ADMIN_PASSWORD:-changeme}
       # - --key=-                # "-" auto-generates a key; "_" forces encrypted-only with no explicit key
       # - --http-port=21114      # admin HTTP API/UI port; 0 disables
+      # When the admin UI shows a device's unattended password.
+      # logged-out (default) = only when nobody is logged in; always = also while a user is logged in.
+      - --unattended-pwd-visibility=${RUSTDESK_UNATTENDED_PWD_VISIBILITY:-logged-out}
     environment: *rustdesk-env
     ports:
       - 21114:21114
diff --git a/docs/CONFIGURATION.md b/docs/CONFIGURATION.md
index 31f8926..e8757b4 100644
--- a/docs/CONFIGURATION.md
+++ b/docs/CONFIGURATION.md
@@ -298,6 +298,9 @@ order per peer:
 The peer's `Config::get_option` calls reflect the resolved values within
 ~15 s of any change to `modified_at` on the strategy row.
 
+See [STRATEGIES.md](STRATEGIES.md) for the full list of `config_options`
+keys and what each one does.
+
 ---
 
 ## Address books
diff --git a/src/api/admin/pages/devices.rs b/src/api/admin/pages/devices.rs
index a5d5656..7184378 100644
--- a/src/api/admin/pages/devices.rs
+++ b/src/api/admin/pages/devices.rs
@@ -211,8 +211,9 @@ async fn render_table(state: &Arc<AppState>, lang: Lang) -> Result<String, ApiEr
             t(lang, "devices.no_devices"),
         );
     }
+    let always_show_pwd = unattended_pwd_always_visible();
     for d in &devices {
-        render_device_row(&mut s, lang, d, now);
+        render_device_row(&mut s, lang, d, now, always_show_pwd);
     }
     let _ = write!(
         s,
@@ -225,11 +226,24 @@ async fn render_table(state: &Arc<AppState>, lang: Lang) -> Result<String, ApiEr
     Ok(s)
 }
 
+/// Resolves the `--unattended-pwd-visibility` setting (env key
+/// `UNATTENDED-PWD-VISIBILITY`, also settable via `.env`). Returns `true`
+/// when the admin UI should surface the unattended password even while an
+/// interactive user is logged in. Default (`logged-out`, or any
+/// unrecognised value) keeps the original behaviour: shown only when nobody
+/// is logged in.
+fn unattended_pwd_always_visible() -> bool {
+    crate::common::get_arg_or("unattended-pwd-visibility", "logged-out".to_owned())
+        .trim()
+        .eq_ignore_ascii_case("always")
+}
+
 fn render_device_row(
     s: &mut String,
     lang: Lang,
     d: &DashboardDeviceRow,
     now: chrono::DateTime<chrono::Utc>,
+    always_show_pwd: bool,
 ) {
     let parsed: serde_json::Value =
         serde_json::from_str(&d.sysinfo_payload).unwrap_or(serde_json::Value::Null);
@@ -290,11 +304,12 @@ fn render_device_row(
     // Per-boot unattended-access password reported by hello-agent. Visible
     // only when (a) the device is online (offline rows show stale data),
     // (b) no interactive user is logged in (otherwise the supporter
-    // should be using the per-session approval popup, not the password),
-    // and (c) the agent has actually reported one (vanilla rustdesk
+    // should be using the per-session approval popup, not the password)
+    // — unless `--unattended-pwd-visibility=always` overrides (b), and
+    // (c) the agent has actually reported one (vanilla rustdesk
     // never will). Otherwise show a neutral dash so the column lines up.
     let unattended_pwd_cell = if is_online
-        && active_user.is_empty()
+        && (always_show_pwd || active_user.is_empty())
         && !d.unattended_password.is_empty()
     {
         format!(
diff --git a/src/main.rs b/src/main.rs
index a83586e..737bcda 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -40,6 +40,7 @@ fn main() -> ResultType<()> {
         --public-base-url=[URL] 'Externally reachable HTTP base URL (e.g. https://rustdesk.example.com:21114) — required for OIDC redirect callbacks'
         --oidc-config=[PATH] 'TOML file describing OIDC providers (upserted into oidc_providers at startup)'
         --admin-ui-dir=[PATH] 'Directory of static admin-dashboard files served at /admin/ (default: ./admin_ui; empty disables)'
+        --unattended-pwd-visibility=[always|logged-out] 'When the admin UI shows a device unattended password. logged-out (default) = only when nobody is logged in; always = also while a user is logged in'
         , --mask=[MASK] 'Determine if the connection comes from LAN, e.g. 192.168.0.0/16'
         -k, --key=[KEY] 'Only allow the client with the same key'",
     );