| | 1 | | using System.Threading.Tasks; |
| | 2 | | using Jellyfin.Api.Constants; |
| | 3 | | using Jellyfin.Api.Extensions; |
| | 4 | | using MediaBrowser.Common.Configuration; |
| | 5 | | using Microsoft.AspNetCore.Authorization; |
| | 6 | |
|
| | 7 | | namespace Jellyfin.Api.Auth.FirstTimeSetupPolicy |
| | 8 | | { |
| | 9 | | /// <summary> |
| | 10 | | /// Authorization handler for requiring first time setup or default privileges. |
| | 11 | | /// </summary> |
| | 12 | | public class FirstTimeSetupHandler : AuthorizationHandler<FirstTimeSetupRequirement> |
| | 13 | | { |
| | 14 | | private readonly IConfigurationManager _configurationManager; |
| | 15 | |
|
| | 16 | | /// <summary> |
| | 17 | | /// Initializes a new instance of the <see cref="FirstTimeSetupHandler" /> class. |
| | 18 | | /// </summary> |
| | 19 | | /// <param name="configurationManager">Instance of the <see cref="IConfigurationManager"/> interface.</param> |
| 26 | 20 | | public FirstTimeSetupHandler(IConfigurationManager configurationManager) |
| | 21 | | { |
| 26 | 22 | | _configurationManager = configurationManager; |
| 26 | 23 | | } |
| | 24 | |
|
| | 25 | | /// <inheritdoc /> |
| | 26 | | protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, FirstTimeSetupRequirement re |
| | 27 | | { |
| | 28 | | // Succeed if the startup wizard / first time setup is not complete |
| 61 | 29 | | if (!_configurationManager.CommonConfiguration.IsStartupWizardCompleted) |
| | 30 | | { |
| 39 | 31 | | context.Succeed(requirement); |
| | 32 | | } |
| | 33 | |
|
| | 34 | | // Succeed if user is admin |
| 22 | 35 | | else if (context.User.IsInRole(UserRoles.Administrator)) |
| | 36 | | { |
| 16 | 37 | | context.Succeed(requirement); |
| | 38 | | } |
| | 39 | |
|
| | 40 | | // Fail if admin is required and user is not admin |
| 6 | 41 | | else if (requirement.RequireAdmin) |
| | 42 | | { |
| 3 | 43 | | context.Fail(); |
| | 44 | | } |
| | 45 | |
|
| | 46 | | // Succeed if admin is not required and user is not guest |
| 3 | 47 | | else if (context.User.IsInRole(UserRoles.User)) |
| | 48 | | { |
| 2 | 49 | | context.Succeed(requirement); |
| | 50 | | } |
| | 51 | |
|
| | 52 | | // Any user-specific checks are handled in the DefaultAuthorizationHandler. |
| 61 | 53 | | return Task.CompletedTask; |
| | 54 | | } |
| | 55 | | } |
| | 56 | | } |