| | 1 | | using System.Threading.Tasks; |
| | 2 | | using Jellyfin.Api.Extensions; |
| | 3 | | using Jellyfin.Data; |
| | 4 | | using Jellyfin.Extensions; |
| | 5 | | using MediaBrowser.Common.Extensions; |
| | 6 | | using MediaBrowser.Controller.Library; |
| | 7 | | using Microsoft.AspNetCore.Authorization; |
| | 8 | |
|
| | 9 | | namespace Jellyfin.Api.Auth.UserPermissionPolicy |
| | 10 | | { |
| | 11 | | /// <summary> |
| | 12 | | /// User permission authorization handler. |
| | 13 | | /// </summary> |
| | 14 | | public class UserPermissionHandler : AuthorizationHandler<UserPermissionRequirement> |
| | 15 | | { |
| | 16 | | private readonly IUserManager _userManager; |
| | 17 | |
|
| | 18 | | /// <summary> |
| | 19 | | /// Initializes a new instance of the <see cref="UserPermissionHandler"/> class. |
| | 20 | | /// </summary> |
| | 21 | | /// <param name="userManager">Instance of the <see cref="IUserManager"/> interface.</param> |
| 16 | 22 | | public UserPermissionHandler(IUserManager userManager) |
| | 23 | | { |
| 16 | 24 | | _userManager = userManager; |
| 16 | 25 | | } |
| | 26 | |
|
| | 27 | | /// <inheritdoc /> |
| | 28 | | protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, UserPermissionRequirement re |
| | 29 | | { |
| | 30 | | // Api keys have global permissions, so just succeed the requirement. |
| 5 | 31 | | if (context.User.GetIsApiKey()) |
| | 32 | | { |
| 0 | 33 | | context.Succeed(requirement); |
| | 34 | | } |
| | 35 | | else |
| | 36 | | { |
| 5 | 37 | | var userId = context.User.GetUserId(); |
| 5 | 38 | | if (!userId.IsEmpty()) |
| | 39 | | { |
| 4 | 40 | | var user = _userManager.GetUserById(context.User.GetUserId()); |
| 4 | 41 | | if (user is null) |
| | 42 | | { |
| 0 | 43 | | throw new ResourceNotFoundException(); |
| | 44 | | } |
| | 45 | |
|
| 4 | 46 | | if (user.HasPermission(requirement.RequiredPermission)) |
| | 47 | | { |
| 4 | 48 | | context.Succeed(requirement); |
| | 49 | | } |
| | 50 | | } |
| | 51 | | } |
| | 52 | |
|
| 5 | 53 | | return Task.CompletedTask; |
| | 54 | | } |
| | 55 | | } |
| | 56 | | } |