fix(core-editor): make inbound port optional and improve VLESS encryption handling

Author: x0sina

dashboard/src/features/core-editor/kit/inbound-dialog-schema.ts

@@ -65,15 +65,10 @@ export function validateRealityServerNamesFormRaw(raw: unknown, t: TFunction): s
 }
 
 /** Basics validated like host port/remark: required fields + numeric port range. Dynamic form keys pass through. */
-function allowsPortlessInboundListen(value: unknown): boolean {
-  return typeof value === 'string' && value.trim().startsWith('@')
-}
-
 export function createInboundDialogSchema(caps: Caps, t: TFunction) {
   const allowedProtocols = caps.protocolOrder.filter(p => caps.protocols[p])
   const protocolLabel = t('coreEditor.field.protocol', { defaultValue: 'Protocol' })
   const tagLabel = t('coreEditor.field.tag', { defaultValue: 'Tag' })
-  const portLabel = t('coreEditor.field.port', { defaultValue: 'Port' })
 
   const required = (fieldLabel: string) =>
     t('validation.required', { field: fieldLabel, defaultValue: `${fieldLabel} is required` })
@@ -95,18 +90,9 @@ export function createInboundDialogSchema(caps: Caps, t: TFunction) {
     })
     .passthrough()
     .superRefine((data, ctx) => {
-      const p = typeof data.protocol === 'string' ? data.protocol.trim() : ''
-      if (p === 'tun') return
       const rawPort = typeof data.port === 'string' ? data.port.trim() : ''
-      if (rawPort.length === 0) {
-        if (allowsPortlessInboundListen((data as Record<string, unknown>).listen)) return
-        ctx.addIssue({
-          code: z.ZodIssueCode.custom,
-          message: required(portLabel),
-          path: ['port'],
-        })
-        return
-      }
+      // Inbound port is optional; only validate format when a value is provided.
+      if (rawPort.length === 0) return
       if (!isValidXrayPortList(rawPort)) {
         ctx.addIssue({
           code: z.ZodIssueCode.custom,

dashboard/src/features/core-editor/kit/xray-adapter.ts

@@ -26,6 +26,49 @@ function isJsonValue(value: unknown): value is JsonValue {
   return Object.values(value).every(v => v === undefined || isJsonValue(v))
 }
 
+function asRecord(value: unknown): Record<string, unknown> | null {
+  return isRecord(value) ? value : null
+}
+
+function inboundSettingString(rawInbound: unknown, key: string): string | undefined {
+  const settings = asRecord(asRecord(rawInbound)?.settings)
+  const value = settings?.[key]
+  return typeof value === 'string' ? value : undefined
+}
+
+function patchVlessInboundEncryptionFromRaw(profile: Profile, raw: unknown): Profile {
+  if (!isRecord(raw)) return profile
+  const rawInbounds = raw.inbounds
+  if (!Array.isArray(rawInbounds)) return profile
+
+  const inbounds = profile.inbounds.map((inbound, index) => {
+    if (inbound.protocol !== 'vless') return inbound
+    const rawInbound = rawInbounds[index]
+    const encryption = inboundSettingString(rawInbound, 'encryption')
+    if (encryption === undefined) return inbound
+    return { ...inbound, encryption } as typeof inbound
+  })
+
+  return { ...profile, inbounds }
+}
+
+function applyVlessInboundEncryptionToCompiledConfig(profile: Profile, config: Record<string, unknown>): Record<string, unknown> {
+  if (!Array.isArray(config.inbounds)) return config
+  const inbounds = config.inbounds.map((compiledInbound, index) => {
+    if (!isRecord(compiledInbound) || compiledInbound.protocol !== 'vless') return compiledInbound
+    const profileInbound = profile.inbounds?.[index]
+    if (profileInbound?.protocol !== 'vless') return compiledInbound
+    const encryption = typeof profileInbound.encryption === 'string' ? profileInbound.encryption : undefined
+    if (encryption === undefined) return compiledInbound
+    const normalizedEncryption = encryption.trim()
+    if (normalizedEncryption === '' || normalizedEncryption === 'none') return compiledInbound
+    const settings = isRecord(compiledInbound.settings) ? { ...compiledInbound.settings } : {}
+    settings.encryption = encryption
+    return { ...compiledInbound, settings }
+  })
+  return { ...config, inbounds }
+}
+
 const UNMODELED_TOP_LEVEL_KEYS_TO_PRESERVE = [
   'policy',
   'api',
@@ -94,7 +137,7 @@ export type XrayPersistValidationResult =
 export function importRawToProfile(raw: unknown): { profile: Profile; issues: Issue[] } {
   const imported = importXrayConfig(raw)
   const profile = preserveUnmodeledTopLevelSections(
-    sanitizeProfileInbounds(normalizeProfile(imported.profile)),
+    patchVlessInboundEncryptionFromRaw(sanitizeProfileInbounds(normalizeProfile(imported.profile)), raw),
     raw,
   )
 
@@ -104,7 +147,10 @@ export function importRawToProfile(raw: unknown): { profile: Profile; issues: Is
 export function profileToPersistedConfig(profile: Profile): Record<string, unknown> {
   const prepared = prepareProfileForKit(profile)
   const { config } = buildXrayConfig(prepared, { mode: 'permissive' })
-  const result = applyInboundSockoptToCompiledConfig(prepared, config as Record<string, unknown>)
+  const result = applyVlessInboundEncryptionToCompiledConfig(
+    prepared,
+    applyInboundSockoptToCompiledConfig(prepared, config as Record<string, unknown>),
+  )
 
   return result
 }
@@ -116,16 +162,19 @@ export function validateProfileForSave(profile: Profile) {
 
 /**
  * Persist validation: strict-mode Xray compile blockers from xray-config-kit plus core-kit checks on permissive JSON
- * (inbound clients noise filtered out).
+ * (inbound clients noise filtered out). Warnings and info-level issues do not block save.
  */
 export function validateProfileForPersist(profile: Profile): XrayPersistValidationResult {
   const strictBlockers = getXrayStrictCompileBlockers(profile)
   const config = profileToPersistedConfig(profile)
   const r = validateCoreConfig('xray', config)
   const coreKitIssues = r.ok ? [] : filterCoreKitIssuesHidingInboundClients([...r.issues])
 
-  if (strictBlockers.length > 0 || coreKitIssues.length > 0) {
-    return { ok: false, strictBlockers, coreKitIssues }
+  const blockingStrict = strictBlockers.filter(i => i.severity !== 'warning' && i.severity !== 'info')
+  const blockingCoreKit = coreKitIssues.filter(i => i.severity !== 'warning' && i.severity !== 'info')
+
+  if (blockingStrict.length > 0 || blockingCoreKit.length > 0) {
+    return { ok: false, strictBlockers: blockingStrict, coreKitIssues: blockingCoreKit }
   }
   return { ok: true, config }
 }

dashboard/src/features/core-editor/routes/core-editor-page.tsx

@@ -8,7 +8,7 @@ import { Select, SelectContent, SelectItem, SelectTrigger, SelectValue } from '@
 import { CoreCommandMenu } from '@/features/core-editor/components/shared/core-command-menu'
 import { CoreEditorLayout } from '@/features/core-editor/components/shell/core-editor-layout'
 import { CoreSectionTabsPlaceholder } from '@/features/core-editor/components/shell/core-section-sidebar'
-import { ValidationSummary, type ValidationListItem } from '@/features/core-editor/components/shared/validation-summary'
+import { filterValidationListBlockingErrors, ValidationSummary, type ValidationListItem } from '@/features/core-editor/components/shared/validation-summary'
 import type { SectionHeaderAddPulse } from '@/features/core-editor/hooks/use-section-header-add-pulse'
 import { useXrayPersistValidationItems } from '@/features/core-editor/hooks/use-xray-persist-validation-items'
 import { WireGuardCoreEditor } from '@/features/core-editor/components/wg/wireguard-core-editor'
@@ -284,7 +284,8 @@ export default function CoreEditorPage() {
       toast.error(t('coreEditor.nameRequired', { defaultValue: 'Name is required' }))
       return
     }
-    if (preSaveIssues.length > 0) {
+    const blockingPreSaveIssues = filterValidationListBlockingErrors(preSaveIssues)
+    if (blockingPreSaveIssues.length > 0) {
       toast.error(t('coreEditor.fixValidation', { defaultValue: 'Fix validation errors before saving' }))
       return
     }
@@ -382,7 +383,14 @@ export default function CoreEditorPage() {
         }
       }
     } catch (e: unknown) {
-      const msg = e instanceof Error ? e.message : String(e)
+      const err = e as { data?: { detail?: unknown }; response?: { _data?: { detail?: unknown }; data?: { detail?: unknown } }; message?: string }
+      const detail = err?.data?.detail ?? err?.response?._data?.detail ?? err?.response?.data?.detail
+      const msg =
+        typeof detail === 'string'
+          ? detail
+          : detail
+            ? JSON.stringify(detail)
+            : err?.message ?? String(e)
       toast.error(msg)
     } finally {
       setSaving(false)