< Summary - Jellyfin

Information
Class: Jellyfin.Api.Auth.UserPermissionPolicy.UserPermissionHandler
Assembly: Jellyfin.Api
File(s): /srv/git/jellyfin/Jellyfin.Api/Auth/UserPermissionPolicy/UserPermissionHandler.cs
Line coverage
84%
Covered lines: 11
Uncovered lines: 2
Coverable lines: 13
Total lines: 56
Line coverage: 84.6%
Branch coverage
75%
Covered branches: 6
Total branches: 8
Branch coverage: 75%
Method coverage

Feature is only available for sponsors

Upgrade to PRO version

Coverage history

Coverage history 0 25 50 75 100 8/14/2025 - 12:11:05 AM Line coverage: 84.6% (11/13) Branch coverage: 75% (6/8) Total lines: 56 8/14/2025 - 12:11:05 AM Line coverage: 84.6% (11/13) Branch coverage: 75% (6/8) Total lines: 56

Metrics

MethodBranch coverage Crap Score Cyclomatic complexity Line coverage
.ctor(...)100%11100%
HandleRequirementAsync(...)75%9880%

File(s)

/srv/git/jellyfin/Jellyfin.Api/Auth/UserPermissionPolicy/UserPermissionHandler.cs

#LineLine coverage
 1using System.Threading.Tasks;
 2using Jellyfin.Api.Extensions;
 3using Jellyfin.Data;
 4using Jellyfin.Extensions;
 5using MediaBrowser.Common.Extensions;
 6using MediaBrowser.Controller.Library;
 7using Microsoft.AspNetCore.Authorization;
 8
 9namespace Jellyfin.Api.Auth.UserPermissionPolicy
 10{
 11    /// <summary>
 12    /// User permission authorization handler.
 13    /// </summary>
 14    public class UserPermissionHandler : AuthorizationHandler<UserPermissionRequirement>
 15    {
 16        private readonly IUserManager _userManager;
 17
 18        /// <summary>
 19        /// Initializes a new instance of the <see cref="UserPermissionHandler"/> class.
 20        /// </summary>
 21        /// <param name="userManager">Instance of the <see cref="IUserManager"/> interface.</param>
 1622        public UserPermissionHandler(IUserManager userManager)
 23        {
 1624            _userManager = userManager;
 1625        }
 26
 27        /// <inheritdoc />
 28        protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, UserPermissionRequirement re
 29        {
 30            // Api keys have global permissions, so just succeed the requirement.
 531            if (context.User.GetIsApiKey())
 32            {
 033                context.Succeed(requirement);
 34            }
 35            else
 36            {
 537                var userId = context.User.GetUserId();
 538                if (!userId.IsEmpty())
 39                {
 440                    var user = _userManager.GetUserById(context.User.GetUserId());
 441                    if (user is null)
 42                    {
 043                        throw new ResourceNotFoundException();
 44                    }
 45
 446                    if (user.HasPermission(requirement.RequiredPermission))
 47                    {
 448                        context.Succeed(requirement);
 49                    }
 50                }
 51            }
 52
 553            return Task.CompletedTask;
 54        }
 55    }
 56}
Generated by: ReportGenerator 5.4.18.0
11/22/2025 - 12:10:00 AM
GitHub | reportgenerator.io

Methods/Properties

.ctor(MediaBrowser.Controller.Library.IUserManager)
HandleRequirementAsync(Microsoft.AspNetCore.Authorization.AuthorizationHandlerContext,Jellyfin.Api.Auth.UserPermissionPolicy.UserPermissionRequirement)