< Summary - Jellyfin

Information

Class:	Jellyfin.Server.Implementations.Users.UserManager
Assembly:	Jellyfin.Server.Implementations
File(s):	/srv/git/jellyfin/Jellyfin.Server.Implementations/Users/UserManager.cs

Line coverage

46%

Covered lines:	245
Uncovered lines:	284
Coverable lines:	529
Total lines:	993
Line coverage:	46.3%

Branch coverage

37%

Covered branches:	61
Total branches:	164
Branch coverage:	37.1%

Method coverage

Feature is only available for sponsors

Upgrade to PRO version

Coverage history

Coverage delta

Metrics

Method	Branch coverage	Crap Score	Cyclomatic complexity	Line coverage
.ctor(...)	100%	1	1	100%
GetUsers()	100%	1	1	100%
GetUsersIds()	100%	2	1	0%
GetUserById(...)	50%	2	2	83.33%
UserQuery(...)	100%	1	1	100%
GetFirstUser()	100%	1	1	100%
GetUserByName(...)	50%	2	2	83.33%
RenameUser()	0%	72	8	0%
UpdateUserAsync()	100%	1	1	100%
CreateUserInternalAsync()	100%	2	2	100%
CreateUserAsync()	50%	2	2	75%
DeleteUserAsync()	0%	72	8	0%
ResetPassword(...)	100%	2	1	0%
ChangePassword()	66.66%	6	6	93.75%
GetUserDto(...)	28.57%	14	14	100%
AuthenticateUser()	64.58%	509	48	41.53%
StartForgotPasswordProcess()	0%	20	4	0%
RedeemPasswordResetPin()	0%	20	4	0%
InitializeAsync()	66.66%	6	6	92.85%
GetAuthenticationProviders()	100%	2	1	0%
GetPasswordResetProviders()	100%	2	1	0%
UpdateConfigurationAsync()	0%	72	8	0%
UpdatePolicyAsync()	0%	156	12	0%
ClearProfileImageAsync()	0%	20	4	0%
ThrowIfInvalidUsername(...)	100%	4	4	100%
GetAuthenticationProvider(...)	100%	1	1	100%
GetPasswordResetProvider(...)	0%	6	2	0%
GetAuthenticationProviders(...)	30%	29	10	42.85%
GetPasswordResetProviders(...)	0%	20	4	0%
AuthenticateLocalUser()	75%	4	4	92.85%
AuthenticateWithProvider()	50%	6	4	54.54%
IncrementInvalidLoginAttemptCount()	0%	20	4	0%
UpdateUserInternalAsync()	100%	1	1	100%
UpdateUserInternalAsync()	100%	1	1	100%
Dispose()	100%	1	1	100%
Dispose(...)	50%	2	2	100%

File(s)

/srv/git/jellyfin/Jellyfin.Server.Implementations/Users/UserManager.cs

#	Line	Line coverage
	`1`	`#pragma warning disable CA1307`
	`2`	`#pragma warning disable RS0030 // Do not use banned APIs`
	`3`
	`4`	`using System;`
	`5`	`using System.Collections.Generic;`
	`6`	`using System.Globalization;`
	`7`	`using System.Linq;`
	`8`	`using System.Text.RegularExpressions;`
	`9`	`using System.Threading;`
	`10`	`using System.Threading.Tasks;`
	`11`	`using AsyncKeyedLock;`
	`12`	`using Jellyfin.Data;`
	`13`	`using Jellyfin.Data.Enums;`
	`14`	`using Jellyfin.Data.Events;`
	`15`	`using Jellyfin.Data.Events.Users;`
	`16`	`using Jellyfin.Database.Implementations;`
	`17`	`using Jellyfin.Database.Implementations.Entities;`
	`18`	`using Jellyfin.Database.Implementations.Enums;`
	`19`	`using Jellyfin.Extensions;`
	`20`	`using MediaBrowser.Common;`
	`21`	`using MediaBrowser.Common.Extensions;`
	`22`	`using MediaBrowser.Common.Net;`
	`23`	`using MediaBrowser.Controller.Authentication;`
	`24`	`using MediaBrowser.Controller.Configuration;`
	`25`	`using MediaBrowser.Controller.Drawing;`
	`26`	`using MediaBrowser.Controller.Events;`
	`27`	`using MediaBrowser.Controller.Library;`
	`28`	`using MediaBrowser.Controller.Net;`
	`29`	`using MediaBrowser.Model.Configuration;`
	`30`	`using MediaBrowser.Model.Dto;`
	`31`	`using MediaBrowser.Model.Users;`
	`32`	`using Microsoft.EntityFrameworkCore;`
	`33`	`using Microsoft.Extensions.Logging;`
	`34`
	`35`	`namespace Jellyfin.Server.Implementations.Users`
	`36`	`{`
	`37`	`/// <summary>`
	`38`	`/// Manages the creation and retrieval of <see cref="User"/> instances.`
	`39`	`/// </summary>`
	`40`	`public partial class UserManager : IUserManager, IDisposable`
	`41`	`{`
	`42`	`private readonly IDbContextFactory<JellyfinDbContext> _dbProvider;`
	`43`	`private readonly IEventManager _eventManager;`
	`44`	`private readonly INetworkManager _networkManager;`
	`45`	`private readonly IApplicationHost _appHost;`
	`46`	`private readonly IImageProcessor _imageProcessor;`
	`47`	`private readonly ILogger<UserManager> _logger;`
	`48`	`private readonly IReadOnlyCollection<IPasswordResetProvider> _passwordResetProviders;`
	`49`	`private readonly IReadOnlyCollection<IAuthenticationProvider> _authenticationProviders;`
	`50`	`private readonly InvalidAuthProvider _invalidAuthProvider;`
	`51`	`private readonly DefaultAuthenticationProvider _defaultAuthenticationProvider;`
	`52`	`private readonly DefaultPasswordResetProvider _defaultPasswordResetProvider;`
	`53`	`private readonly IServerConfigurationManager _serverConfigurationManager;`
	`54`
21	`55`	`private readonly AsyncKeyedLocker<Guid> _userLock = new();`
	`56`
	`57`	`/// <summary>`
	`58`	`/// Initializes a new instance of the <see cref="UserManager"/> class.`
	`59`	`/// </summary>`
	`60`	`/// <param name="dbProvider">The database provider.</param>`
	`61`	`/// <param name="eventManager">The event manager.</param>`
	`62`	`/// <param name="networkManager">The network manager.</param>`
	`63`	`/// <param name="appHost">The application host.</param>`
	`64`	`/// <param name="imageProcessor">The image processor.</param>`
	`65`	`/// <param name="logger">The logger.</param>`
	`66`	`/// <param name="serverConfigurationManager">The system config manager.</param>`
	`67`	`/// <param name="passwordResetProviders">The password reset providers.</param>`
	`68`	`/// <param name="authenticationProviders">The authentication providers.</param>`
	`69`	`public UserManager(`
	`70`	`IDbContextFactory<JellyfinDbContext> dbProvider,`
	`71`	`IEventManager eventManager,`
	`72`	`INetworkManager networkManager,`
	`73`	`IApplicationHost appHost,`
	`74`	`IImageProcessor imageProcessor,`
	`75`	`ILogger<UserManager> logger,`
	`76`	`IServerConfigurationManager serverConfigurationManager,`
	`77`	`IEnumerable<IPasswordResetProvider> passwordResetProviders,`
	`78`	`IEnumerable<IAuthenticationProvider> authenticationProviders)`
	`79`	`{`
21	`80`	`_dbProvider = dbProvider;`
21	`81`	`_eventManager = eventManager;`
21	`82`	`_networkManager = networkManager;`
21	`83`	`_appHost = appHost;`
21	`84`	`_imageProcessor = imageProcessor;`
21	`85`	`_logger = logger;`
21	`86`	`_serverConfigurationManager = serverConfigurationManager;`
	`87`
21	`88`	`_passwordResetProviders = passwordResetProviders.ToList();`
21	`89`	`_authenticationProviders = authenticationProviders.ToList();`
	`90`
21	`91`	`_invalidAuthProvider = _authenticationProviders.OfType<InvalidAuthProvider>().First();`
21	`92`	`_defaultAuthenticationProvider = _authenticationProviders.OfType<DefaultAuthenticationProvider>().First();`
21	`93`	`_defaultPasswordResetProvider = _passwordResetProviders.OfType<DefaultPasswordResetProvider>().First();`
21	`94`	`}`
	`95`
	`96`	`/// <inheritdoc/>`
	`97`	`public event EventHandler<GenericEventArgs<User>>? OnUserUpdated;`
	`98`
	`99`	`/// <inheritdoc/>`
	`100`	`public IEnumerable<User> GetUsers()`
	`101`	`{`
3	`102`	`using var dbContext = _dbProvider.CreateDbContext();`
3	`103`	`return UserQuery(dbContext)`
3	`104`	`.ToArray();`
3	`105`	`}`
	`106`
	`107`	`/// <inheritdoc/>`
	`108`	`public IEnumerable<Guid> GetUsersIds()`
	`109`	`{`
0	`110`	`using var dbContext = _dbProvider.CreateDbContext();`
0	`111`	`return dbContext.Users`
0	`112`	`.AsNoTracking()`
0	`113`	`.Select(user => user.Id)`
0	`114`	`.ToArray();`
0	`115`	`}`
	`116`
	`117`	`// This is some regex that matches only on unicode "word" characters, as well as -, _ and @`
	`118`	`// In theory this will cut out most if not all 'control' characters which should help minimize any weirdness`
	`119`	`// Usernames can contain letters (a-z + whatever else unicode is cool with), numbers (0-9), at-signs (@), dashes`
	`120`	`[GeneratedRegex(@"^(?!\s)[\w\ \-'._@+]+(?<!\s)$")]`
	`121`	`private static partial Regex ValidUsernameRegex();`
	`122`
	`123`	`/// <inheritdoc/>`
	`124`	`public User? GetUserById(Guid id)`
	`125`	`{`
252	`126`	`if (id.IsEmpty())`
	`127`	`{`
0	`128`	`throw new ArgumentException("Guid can't be empty", nameof(id));`
	`129`	`}`
	`130`
252	`131`	`using var dbContext = _dbProvider.CreateDbContext();`
252	`132`	`return UserQuery(dbContext)`
252	`133`	`.FirstOrDefault(user => user.Id == id);`
252	`134`	`}`
	`135`
	`136`	`private static IQueryable<User> UserQuery(JellyfinDbContext dbContext)`
	`137`	`{`
306	`138`	`return dbContext.Users`
306	`139`	`.AsSingleQuery()`
306	`140`	`.Include(user => user.Permissions)`
306	`141`	`.Include(user => user.Preferences)`
306	`142`	`.Include(user => user.AccessSchedules)`
306	`143`	`.Include(user => user.ProfileImage)`
306	`144`	`.AsNoTracking();`
	`145`	`}`
	`146`
	`147`	`/// <inheritdoc/>`
	`148`	`public User? GetFirstUser()`
	`149`	`{`
18	`150`	`using var dbContext = _dbProvider.CreateDbContext();`
18	`151`	`return UserQuery(dbContext).FirstOrDefault();`
18	`152`	`}`
	`153`
	`154`	`/// <inheritdoc/>`
	`155`	`public User? GetUserByName(string name)`
	`156`	`{`
30	`157`	`if (string.IsNullOrWhiteSpace(name))`
	`158`	`{`
0	`159`	`throw new ArgumentException("Invalid username", nameof(name));`
	`160`	`}`
	`161`
30	`162`	`using var dbContext = _dbProvider.CreateDbContext();`
	`163`	`#pragma warning disable CA1862 // Use the 'StringComparison' method overloads to perform case-insensitive string compari`
	`164`	`#pragma warning disable CA1311 // Specify a culture or use an invariant version to avoid implicit dependency on current`
	`165`	`#pragma warning disable CA1304 // The behavior of 'string.ToUpper()' could vary based on the current user's locale setti`
30	`166`	`return UserQuery(dbContext)`
30	`167`	`.FirstOrDefault(u => u.Username.ToUpper() == name.ToUpper());`
	`168`	`#pragma warning restore CA1304 // The behavior of 'string.ToUpper()' could vary based on the current user's locale setti`
	`169`	`#pragma warning restore CA1311 // Specify a culture or use an invariant version to avoid implicit dependency on current`
	`170`	`#pragma warning restore CA1862 // Use the 'StringComparison' method overloads to perform case-insensitive string compari`
30	`171`	`}`
	`172`
	`173`	`/// <inheritdoc/>`
	`174`	`public async Task RenameUser(Guid userId, string oldName, string newName)`
	`175`	`{`
0	`176`	`ThrowIfInvalidUsername(newName);`
	`177`
0	`178`	`if (oldName.Equals(newName, StringComparison.OrdinalIgnoreCase))`
	`179`	`{`
0	`180`	`throw new ArgumentException("The new and old names must be different.");`
	`181`	`}`
	`182`
0	`183`	`User user = null!; // user is never actually null where its used afterwards so we can just ignore.`
0	`184`	`using (await _userLock.LockAsync(userId).ConfigureAwait(false))`
	`185`	`{`
0	`186`	`var dbContext = await _dbProvider.CreateDbContextAsync().ConfigureAwait(false);`
0	`187`	`await using (dbContext.ConfigureAwait(false))`
	`188`	`{`
	`189`	`#pragma warning disable CA1862 // Use the 'StringComparison' method overloads to perform case-insensitive string compari`
	`190`	`#pragma warning disable CA1311 // Specify a culture or use an invariant version to avoid implicit dependency on current`
	`191`	`#pragma warning disable CA1304 // The behavior of 'string.ToUpper()' could vary based on the current user's locale setti`
0	`192`	`if (await dbContext.Users`
0	`193`	`.AnyAsync(u => u.Username.ToUpper() == newName.ToUpper() && u.Id != userId)`
0	`194`	`.ConfigureAwait(false))`
	`195`	`{`
0	`196`	`throw new ArgumentException(string.Format(`
0	`197`	`CultureInfo.InvariantCulture,`
0	`198`	`"A user with the name '{0}' already exists.",`
0	`199`	`newName));`
	`200`	`}`
	`201`	`#pragma warning restore CA1304 // The behavior of 'string.ToUpper()' could vary based on the current user's locale setti`
	`202`	`#pragma warning restore CA1311 // Specify a culture or use an invariant version to avoid implicit dependency on current`
	`203`	`#pragma warning restore CA1862 // Use the 'StringComparison' method overloads to perform case-insensitive string compari`
	`204`
0	`205`	`user = await UserQuery(dbContext)`
0	`206`	`.AsTracking()`
0	`207`	`.FirstOrDefaultAsync(u => u.Id == userId)`
0	`208`	`.ConfigureAwait(false)`
0	`209`	`?? throw new ResourceNotFoundException(nameof(userId));`
0	`210`	`user.Username = newName;`
0	`211`	`await UpdateUserInternalAsync(dbContext, user).ConfigureAwait(false);`
	`212`	`}`
0	`213`	`}`
	`214`
0	`215`	`var eventArgs = new UserUpdatedEventArgs(user);`
0	`216`	`await _eventManager.PublishAsync(eventArgs).ConfigureAwait(false);`
0	`217`	`OnUserUpdated?.Invoke(this, eventArgs);`
0	`218`	`}`
	`219`
	`220`	`/// <inheritdoc/>`
	`221`	`public async Task UpdateUserAsync(User user)`
	`222`	`{`
1	`223`	`using (await _userLock.LockAsync(user.Id).ConfigureAwait(false))`
	`224`	`{`
1	`225`	`await UpdateUserInternalAsync(user).ConfigureAwait(false);`
1	`226`	`}`
1	`227`	`}`
	`228`
	`229`	`internal async Task<User> CreateUserInternalAsync(string name, JellyfinDbContext dbContext)`
	`230`	`{`
	`231`	`// TODO: Remove after user item data is migrated.`
17	`232`	`var max = await dbContext.Users.AsQueryable().AnyAsync().ConfigureAwait(false)`
17	`233`	`? await dbContext.Users.AsQueryable().Select(u => u.InternalId).MaxAsync().ConfigureAwait(false)`
17	`234`	`: 0;`
	`235`
17	`236`	`var user = new User(`
17	`237`	`name,`
17	`238`	`_defaultAuthenticationProvider.GetType().FullName!,`
17	`239`	`_defaultPasswordResetProvider.GetType().FullName!)`
17	`240`	`{`
17	`241`	`InternalId = max + 1`
17	`242`	`};`
	`243`
17	`244`	`user.AddDefaultPermissions();`
17	`245`	`user.AddDefaultPreferences();`
	`246`
17	`247`	`return user;`
17	`248`	`}`
	`249`
	`250`	`/// <inheritdoc/>`
	`251`	`public async Task<User> CreateUserAsync(string name)`
	`252`	`{`
2	`253`	`ThrowIfInvalidUsername(name);`
	`254`
	`255`	`User newUser;`
1	`256`	`var dbContext = await _dbProvider.CreateDbContextAsync().ConfigureAwait(false);`
1	`257`	`await using (dbContext.ConfigureAwait(false))`
	`258`	`{`
	`259`	`#pragma warning disable CA1862 // Use the 'StringComparison' method overloads to perform case-insensitive string compari`
	`260`	`#pragma warning disable CA1311 // Specify a culture or use an invariant version to avoid implicit dependency on current`
	`261`	`#pragma warning disable CA1304 // The behavior of 'string.ToUpper()' could vary based on the current user's locale setti`
1	`262`	`if (await dbContext.Users`
1	`263`	`.AnyAsync(u => u.Username.ToUpper() == name.ToUpper())`
1	`264`	`.ConfigureAwait(false))`
	`265`	`{`
0	`266`	`throw new ArgumentException(string.Format(`
0	`267`	`CultureInfo.InvariantCulture,`
0	`268`	`"A user with the name '{0}' already exists.",`
0	`269`	`name));`
	`270`	`}`
	`271`	`#pragma warning restore CA1304 // The behavior of 'string.ToUpper()' could vary based on the current user's locale setti`
	`272`	`#pragma warning restore CA1311 // Specify a culture or use an invariant version to avoid implicit dependency on current`
	`273`	`#pragma warning restore CA1862 // Use the 'StringComparison' method overloads to perform case-insensitive string compari`
	`274`
1	`275`	`newUser = await CreateUserInternalAsync(name, dbContext).ConfigureAwait(false);`
	`276`
1	`277`	`dbContext.Users.Add(newUser);`
1	`278`	`await dbContext.SaveChangesAsync().ConfigureAwait(false);`
	`279`	`}`
	`280`
1	`281`	`await _eventManager.PublishAsync(new UserCreatedEventArgs(newUser)).ConfigureAwait(false);`
	`282`
1	`283`	`return newUser;`
1	`284`	`}`
	`285`
	`286`	`/// <inheritdoc/>`
	`287`	`public async Task DeleteUserAsync(Guid userId)`
	`288`	`{`
	`289`	`User? user;`
0	`290`	`using (await _userLock.LockAsync(userId).ConfigureAwait(false))`
	`291`	`{`
0	`292`	`var dbContext = await _dbProvider.CreateDbContextAsync().ConfigureAwait(false);`
0	`293`	`await using (dbContext.ConfigureAwait(false))`
	`294`	`{`
0	`295`	`user = await dbContext.Users`
0	`296`	`.Include(u => u.Permissions)`
0	`297`	`.FirstOrDefaultAsync(u => u.Id.Equals(userId))`
0	`298`	`.ConfigureAwait(false);`
0	`299`	`if (user is null)`
	`300`	`{`
0	`301`	`throw new ResourceNotFoundException(nameof(userId));`
	`302`	`}`
	`303`
0	`304`	`var userCount = await dbContext.Users.CountAsync().ConfigureAwait(false);`
0	`305`	`if (userCount == 1)`
	`306`	`{`
0	`307`	`throw new InvalidOperationException(string.Format(`
0	`308`	`CultureInfo.InvariantCulture,`
0	`309`	`"The user '{0}' cannot be deleted because there must be at least one user in the system.",`
0	`310`	`user.Username));`
	`311`	`}`
	`312`
0	`313`	`if (user.HasPermission(PermissionKind.IsAdministrator)`
0	`314`	`&& await dbContext.Users`
0	`315`	`.CountAsync(i => i.Permissions.Any(p => p.Kind == PermissionKind.IsAdministrator && p.Value)`
0	`316`	`.ConfigureAwait(false) == 1)`
	`317`	`{`
0	`318`	`throw new ArgumentException(`
0	`319`	`string.Format(`
0	`320`	`CultureInfo.InvariantCulture,`
0	`321`	`"The user '{0}' cannot be deleted because there must be at least one admin user in the s`
0	`322`	`user.Username),`
0	`323`	`nameof(userId));`
	`324`	`}`
	`325`
0	`326`	`dbContext.Users.Remove(user);`
0	`327`	`await dbContext.SaveChangesAsync().ConfigureAwait(false);`
	`328`	`}`
0	`329`	`}`
	`330`
0	`331`	`await _eventManager.PublishAsync(new UserDeletedEventArgs(user)).ConfigureAwait(false);`
0	`332`	`}`
	`333`
	`334`	`/// <inheritdoc/>`
	`335`	`public Task ResetPassword(Guid userId)`
	`336`	`{`
0	`337`	`return ChangePassword(userId, string.Empty);`
	`338`	`}`
	`339`
	`340`	`/// <inheritdoc/>`
	`341`	`public async Task ChangePassword(Guid userId, string newPassword)`
	`342`	`{`
3	`343`	`User dbUser = null!;`
3	`344`	`using (await _userLock.LockAsync(userId).ConfigureAwait(false))`
	`345`	`{`
3	`346`	`var dbContext = await _dbProvider.CreateDbContextAsync().ConfigureAwait(false);`
3	`347`	`await using (dbContext.ConfigureAwait(false))`
	`348`	`{`
3	`349`	`dbUser = await UserQuery(dbContext)`
3	`350`	`.AsTracking()`
3	`351`	`.FirstOrDefaultAsync(u => u.Id == userId)`
3	`352`	`.ConfigureAwait(false)`
3	`353`	`?? throw new ResourceNotFoundException(nameof(userId));`
3	`354`	`if (dbUser.HasPermission(PermissionKind.IsAdministrator) && string.IsNullOrWhiteSpace(newPassword))`
	`355`	`{`
0	`356`	`throw new ArgumentException("Admin user passwords must not be empty", nameof(newPassword));`
	`357`	`}`
	`358`
3	`359`	`await GetAuthenticationProvider(dbUser).ChangePassword(dbUser, newPassword).ConfigureAwait(false);`
3	`360`	`await dbContext.SaveChangesAsync().ConfigureAwait(false);`
	`361`	`}`
3	`362`	`}`
	`363`
3	`364`	`await _eventManager.PublishAsync(new UserPasswordChangedEventArgs(dbUser)).ConfigureAwait(false);`
3	`365`	`}`
	`366`
	`367`	`/// <inheritdoc/>`
	`368`	`public UserDto GetUserDto(User user, string? remoteEndPoint = null)`
	`369`	`{`
34	`370`	`var castReceiverApplications = _serverConfigurationManager.Configuration.CastReceiverApplications;`
34	`371`	`return new UserDto`
34	`372`	`{`
34	`373`	`Name = user.Username,`
34	`374`	`Id = user.Id,`
34	`375`	`ServerId = _appHost.SystemId,`
34	`376`	`EnableAutoLogin = user.EnableAutoLogin,`
34	`377`	`LastLoginDate = user.LastLoginDate,`
34	`378`	`LastActivityDate = user.LastActivityDate,`
34	`379`	`PrimaryImageTag = user.ProfileImage is not null ? _imageProcessor.GetImageCacheTag(user) : null,`
34	`380`	`Configuration = new UserConfiguration`
34	`381`	`{`
34	`382`	`SubtitleMode = user.SubtitleMode,`
34	`383`	`HidePlayedInLatest = user.HidePlayedInLatest,`
34	`384`	`EnableLocalPassword = user.EnableLocalPassword,`
34	`385`	`PlayDefaultAudioTrack = user.PlayDefaultAudioTrack,`
34	`386`	`DisplayCollectionsView = user.DisplayCollectionsView,`
34	`387`	`DisplayMissingEpisodes = user.DisplayMissingEpisodes,`
34	`388`	`AudioLanguagePreference = user.AudioLanguagePreference,`
34	`389`	`RememberAudioSelections = user.RememberAudioSelections,`
34	`390`	`EnableNextEpisodeAutoPlay = user.EnableNextEpisodeAutoPlay,`
34	`391`	`RememberSubtitleSelections = user.RememberSubtitleSelections,`
34	`392`	`SubtitleLanguagePreference = user.SubtitleLanguagePreference ?? string.Empty,`
34	`393`	`OrderedViews = user.GetPreferenceValues<Guid>(PreferenceKind.OrderedViews),`
34	`394`	`GroupedFolders = user.GetPreferenceValues<Guid>(PreferenceKind.GroupedFolders),`
34	`395`	`MyMediaExcludes = user.GetPreferenceValues<Guid>(PreferenceKind.MyMediaExcludes),`
34	`396`	`LatestItemsExcludes = user.GetPreferenceValues<Guid>(PreferenceKind.LatestItemExcludes),`
34	`397`	`CastReceiverId = string.IsNullOrEmpty(user.CastReceiverId)`
34	`398`	`? castReceiverApplications.FirstOrDefault()?.Id`
34	`399`	`: castReceiverApplications.FirstOrDefault(c => string.Equals(c.Id, user.CastReceiverId, StringCo`
34	`400`	`?? castReceiverApplications.FirstOrDefault()?.Id`
34	`401`	`},`
34	`402`	`Policy = new UserPolicy`
34	`403`	`{`
34	`404`	`MaxParentalRating = user.MaxParentalRatingScore,`
34	`405`	`MaxParentalSubRating = user.MaxParentalRatingSubScore,`
34	`406`	`EnableUserPreferenceAccess = user.EnableUserPreferenceAccess,`
34	`407`	`RemoteClientBitrateLimit = user.RemoteClientBitrateLimit ?? 0,`
34	`408`	`AuthenticationProviderId = user.AuthenticationProviderId,`
34	`409`	`PasswordResetProviderId = user.PasswordResetProviderId,`
34	`410`	`InvalidLoginAttemptCount = user.InvalidLoginAttemptCount,`
34	`411`	`LoginAttemptsBeforeLockout = user.LoginAttemptsBeforeLockout ?? -1,`
34	`412`	`MaxActiveSessions = user.MaxActiveSessions,`
34	`413`	`IsAdministrator = user.HasPermission(PermissionKind.IsAdministrator),`
34	`414`	`IsHidden = user.HasPermission(PermissionKind.IsHidden),`
34	`415`	`IsDisabled = user.HasPermission(PermissionKind.IsDisabled),`
34	`416`	`EnableSharedDeviceControl = user.HasPermission(PermissionKind.EnableSharedDeviceControl),`
34	`417`	`EnableRemoteAccess = user.HasPermission(PermissionKind.EnableRemoteAccess),`
34	`418`	`EnableLiveTvManagement = user.HasPermission(PermissionKind.EnableLiveTvManagement),`
34	`419`	`EnableLiveTvAccess = user.HasPermission(PermissionKind.EnableLiveTvAccess),`
34	`420`	`EnableMediaPlayback = user.HasPermission(PermissionKind.EnableMediaPlayback),`
34	`421`	`EnableAudioPlaybackTranscoding = user.HasPermission(PermissionKind.EnableAudioPlaybackTranscoding),`
34	`422`	`EnableVideoPlaybackTranscoding = user.HasPermission(PermissionKind.EnableVideoPlaybackTranscoding),`
34	`423`	`EnableContentDeletion = user.HasPermission(PermissionKind.EnableContentDeletion),`
34	`424`	`EnableContentDownloading = user.HasPermission(PermissionKind.EnableContentDownloading),`
34	`425`	`EnableSyncTranscoding = user.HasPermission(PermissionKind.EnableSyncTranscoding),`
34	`426`	`EnableMediaConversion = user.HasPermission(PermissionKind.EnableMediaConversion),`
34	`427`	`EnableAllChannels = user.HasPermission(PermissionKind.EnableAllChannels),`
34	`428`	`EnableAllDevices = user.HasPermission(PermissionKind.EnableAllDevices),`
34	`429`	`EnableAllFolders = user.HasPermission(PermissionKind.EnableAllFolders),`
34	`430`	`EnableRemoteControlOfOtherUsers = user.HasPermission(PermissionKind.EnableRemoteControlOfOtherUsers)`
34	`431`	`EnablePlaybackRemuxing = user.HasPermission(PermissionKind.EnablePlaybackRemuxing),`
34	`432`	`ForceRemoteSourceTranscoding = user.HasPermission(PermissionKind.ForceRemoteSourceTranscoding),`
34	`433`	`EnablePublicSharing = user.HasPermission(PermissionKind.EnablePublicSharing),`
34	`434`	`EnableCollectionManagement = user.HasPermission(PermissionKind.EnableCollectionManagement),`
34	`435`	`EnableSubtitleManagement = user.HasPermission(PermissionKind.EnableSubtitleManagement),`
34	`436`	`AccessSchedules = user.AccessSchedules.ToArray(),`
34	`437`	`BlockedTags = user.GetPreference(PreferenceKind.BlockedTags),`
34	`438`	`AllowedTags = user.GetPreference(PreferenceKind.AllowedTags),`
34	`439`	`EnabledChannels = user.GetPreferenceValues<Guid>(PreferenceKind.EnabledChannels),`
34	`440`	`EnabledDevices = user.GetPreference(PreferenceKind.EnabledDevices),`
34	`441`	`EnabledFolders = user.GetPreferenceValues<Guid>(PreferenceKind.EnabledFolders),`
34	`442`	`EnableContentDeletionFromFolders = user.GetPreference(PreferenceKind.EnableContentDeletionFromFolder`
34	`443`	`SyncPlayAccess = user.SyncPlayAccess,`
34	`444`	`BlockedChannels = user.GetPreferenceValues<Guid>(PreferenceKind.BlockedChannels),`
34	`445`	`BlockedMediaFolders = user.GetPreferenceValues<Guid>(PreferenceKind.BlockedMediaFolders),`
34	`446`	`BlockUnratedItems = user.GetPreferenceValues<UnratedItem>(PreferenceKind.BlockUnratedItems)`
34	`447`	`}`
34	`448`	`};`
	`449`	`}`
	`450`
	`451`	`/// <inheritdoc/>`
	`452`	`public async Task<User?> AuthenticateUser(`
	`453`	`string username,`
	`454`	`string password,`
	`455`	`string remoteEndPoint,`
	`456`	`bool isUserSession)`
	`457`	`{`
15	`458`	`if (string.IsNullOrWhiteSpace(username))`
	`459`	`{`
0	`460`	`_logger.LogInformation("Authentication request without username has been denied (IP: {IP}).", remoteEndP`
0	`461`	`throw new ArgumentNullException(nameof(username));`
	`462`	`}`
	`463`
	`464`	`bool success;`
15	`465`	`var user = GetUserByName(username);`
15	`466`	`using (await _userLock.LockAsync(user?.Id ?? Guid.Empty).ConfigureAwait(false))`
	`467`	`{`
	`468`	`// Reload the user now that we hold the lock so the RowVersion is current.`
	`469`	`// GetUserByName uses AsNoTracking and the snapshot may be stale if another`
	`470`	`// write (e.g. a concurrent login) incremented RowVersion after our initial load.`
15	`471`	`if (user is not null)`
	`472`	`{`
15	`473`	`user = GetUserById(user.Id) ?? user;`
	`474`	`}`
	`475`
15	`476`	`var authResult = await AuthenticateLocalUser(username, password, user)`
15	`477`	`.ConfigureAwait(false);`
15	`478`	`var authenticationProvider = authResult.AuthenticationProvider;`
15	`479`	`success = authResult.Success;`
	`480`
15	`481`	`if (user is null)`
	`482`	`{`
0	`483`	`string updatedUsername = authResult.Username;`
	`484`
0	`485`	`if (success`
0	`486`	`&& authenticationProvider is not null`
0	`487`	`&& authenticationProvider is not DefaultAuthenticationProvider)`
	`488`	`{`
	`489`	`// Trust the username returned by the authentication provider`
0	`490`	`username = updatedUsername;`
	`491`
	`492`	`// Search the database for the user again`
	`493`	`// the authentication provider might have created it`
0	`494`	`user = GetUserByName(username);`
	`495`
0	`496`	`if (authenticationProvider is IHasNewUserPolicy hasNewUserPolicy && user is not null)`
	`497`	`{`
0	`498`	`await UpdatePolicyAsync(user.Id, hasNewUserPolicy.GetNewUserPolicy()).ConfigureAwait(false);`
	`499`	`}`
	`500`	`}`
	`501`	`}`
	`502`
15	`503`	`if (success && user is not null && authenticationProvider is not null)`
	`504`	`{`
15	`505`	`var providerId = authenticationProvider.GetType().FullName;`
	`506`
15	`507`	`if (providerId is not null && !string.Equals(providerId, user.AuthenticationProviderId, StringCompar`
	`508`	`{`
0	`509`	`user.AuthenticationProviderId = providerId;`
0	`510`	`await UpdateUserInternalAsync(user).ConfigureAwait(false);`
	`511`	`}`
	`512`	`}`
	`513`
15	`514`	`if (user is null)`
	`515`	`{`
0	`516`	`_logger.LogInformation(`
0	`517`	`"Authentication request for {UserName} has been denied (IP: {IP}).",`
0	`518`	`username,`
0	`519`	`remoteEndPoint);`
0	`520`	`throw new AuthenticationException("Invalid username or password entered.");`
	`521`	`}`
	`522`
15	`523`	`if (user.HasPermission(PermissionKind.IsDisabled))`
	`524`	`{`
0	`525`	`_logger.LogInformation(`
0	`526`	`"Authentication request for {UserName} has been denied because this account is currently disable`
0	`527`	`username,`
0	`528`	`remoteEndPoint);`
0	`529`	`throw new SecurityException(`
0	`530`	`$"The {user.Username} account is currently disabled. Please consult with your administrator.");`
	`531`	`}`
	`532`
15	`533`	`if (!user.HasPermission(PermissionKind.EnableRemoteAccess) &&`
15	`534`	`!_networkManager.IsInLocalNetwork(remoteEndPoint))`
	`535`	`{`
0	`536`	`_logger.LogInformation(`
0	`537`	`"Authentication request for {UserName} forbidden: remote access disabled and user not in local n`
0	`538`	`username,`
0	`539`	`remoteEndPoint);`
0	`540`	`throw new SecurityException("Forbidden.");`
	`541`	`}`
	`542`
15	`543`	`if (!user.IsParentalScheduleAllowed())`
	`544`	`{`
0	`545`	`_logger.LogInformation(`
0	`546`	`"Authentication request for {UserName} is not allowed at this time due parental restrictions (IP`
0	`547`	`username,`
0	`548`	`remoteEndPoint);`
0	`549`	`throw new SecurityException("User is not allowed access at this time.");`
	`550`	`}`
	`551`
	`552`	`// Update LastActivityDate and LastLoginDate, then save`
15	`553`	`if (success)`
	`554`	`{`
15	`555`	`if (isUserSession)`
	`556`	`{`
15	`557`	`user.LastActivityDate = user.LastLoginDate = DateTime.UtcNow;`
	`558`	`}`
	`559`
15	`560`	`user.InvalidLoginAttemptCount = 0;`
15	`561`	`await UpdateUserInternalAsync(user).ConfigureAwait(false);`
15	`562`	`_logger.LogInformation("Authentication request for {UserName} has succeeded.", user.Username);`
	`563`	`}`
	`564`	`else`
	`565`	`{`
0	`566`	`await IncrementInvalidLoginAttemptCount(user).ConfigureAwait(false);`
0	`567`	`_logger.LogInformation(`
0	`568`	`"Authentication request for {UserName} has been denied (IP: {IP}).",`
0	`569`	`user.Username,`
0	`570`	`remoteEndPoint);`
	`571`	`}`
15	`572`	`}`
	`573`
15	`574`	`return success ? user : null;`
15	`575`	`}`
	`576`
	`577`	`/// <inheritdoc/>`
	`578`	`public async Task<ForgotPasswordResult> StartForgotPasswordProcess(string enteredUsername, bool isInNetwork)`
	`579`	`{`
0	`580`	`var user = string.IsNullOrWhiteSpace(enteredUsername) ? null : GetUserByName(enteredUsername);`
0	`581`	`var passwordResetProvider = GetPasswordResetProvider(user);`
	`582`
0	`583`	`var result = await passwordResetProvider`
0	`584`	`.StartForgotPasswordProcess(user, enteredUsername, isInNetwork)`
0	`585`	`.ConfigureAwait(false);`
	`586`
0	`587`	`if (user is not null && isInNetwork)`
	`588`	`{`
0	`589`	`await UpdateUserAsync(user).ConfigureAwait(false);`
	`590`	`}`
	`591`
0	`592`	`return result;`
0	`593`	`}`
	`594`
	`595`	`/// <inheritdoc/>`
	`596`	`public async Task<PinRedeemResult> RedeemPasswordResetPin(string pin)`
	`597`	`{`
0	`598`	`foreach (var provider in _passwordResetProviders)`
	`599`	`{`
0	`600`	`var result = await provider.RedeemPasswordResetPin(pin).ConfigureAwait(false);`
	`601`
0	`602`	`if (result.Success)`
	`603`	`{`
0	`604`	`return result;`
	`605`	`}`
	`606`	`}`
	`607`
0	`608`	`return new PinRedeemResult();`
0	`609`	`}`
	`610`
	`611`	`/// <inheritdoc />`
	`612`	`public async Task InitializeAsync()`
	`613`	`{`
	`614`	`// TODO: Refactor the startup wizard so that it doesn't require a user to already exist.`
17	`615`	`var dbContext = await _dbProvider.CreateDbContextAsync().ConfigureAwait(false);`
17	`616`	`await using (dbContext.ConfigureAwait(false))`
	`617`	`{`
17	`618`	`if (await dbContext.Users.AnyAsync().ConfigureAwait(false))`
	`619`	`{`
	`620`	`return;`
	`621`	`}`
	`622`
16	`623`	`var defaultName = Environment.UserName;`
16	`624`	`if (string.IsNullOrWhiteSpace(defaultName) \|\| !ValidUsernameRegex().IsMatch(defaultName))`
	`625`	`{`
0	`626`	`defaultName = "MyJellyfinUser";`
	`627`	`}`
	`628`
16	`629`	`_logger.LogWarning("No users, creating one with username {UserName}", defaultName);`
	`630`
16	`631`	`var newUser = await CreateUserInternalAsync(defaultName, dbContext).ConfigureAwait(false);`
16	`632`	`newUser.SetPermission(PermissionKind.IsAdministrator, true);`
16	`633`	`newUser.SetPermission(PermissionKind.EnableContentDeletion, true);`
16	`634`	`newUser.SetPermission(PermissionKind.EnableRemoteControlOfOtherUsers, true);`
	`635`
16	`636`	`dbContext.Users.Add(newUser);`
16	`637`	`await dbContext.SaveChangesAsync().ConfigureAwait(false);`
	`638`	`}`
17	`639`	`}`
	`640`
	`641`	`/// <inheritdoc/>`
	`642`	`public NameIdPair[] GetAuthenticationProviders()`
	`643`	`{`
0	`644`	`return _authenticationProviders`
0	`645`	`.Where(provider => provider.IsEnabled)`
0	`646`	`.OrderBy(i => i is DefaultAuthenticationProvider ? 0 : 1)`
0	`647`	`.ThenBy(i => i.Name)`
0	`648`	`.Select(i => new NameIdPair`
0	`649`	`{`
0	`650`	`Name = i.Name,`
0	`651`	`Id = i.GetType().FullName`
0	`652`	`})`
0	`653`	`.ToArray();`
	`654`	`}`
	`655`
	`656`	`/// <inheritdoc/>`
	`657`	`public NameIdPair[] GetPasswordResetProviders()`
	`658`	`{`
0	`659`	`return _passwordResetProviders`
0	`660`	`.Where(provider => provider.IsEnabled)`
0	`661`	`.OrderBy(i => i is DefaultPasswordResetProvider ? 0 : 1)`
0	`662`	`.ThenBy(i => i.Name)`
0	`663`	`.Select(i => new NameIdPair`
0	`664`	`{`
0	`665`	`Name = i.Name,`
0	`666`	`Id = i.GetType().FullName`
0	`667`	`})`
0	`668`	`.ToArray();`
	`669`	`}`
	`670`
	`671`	`/// <inheritdoc/>`
	`672`	`public async Task UpdateConfigurationAsync(Guid userId, UserConfiguration config)`
	`673`	`{`
0	`674`	`using (await _userLock.LockAsync(userId).ConfigureAwait(false))`
	`675`	`{`
0	`676`	`var dbContext = await _dbProvider.CreateDbContextAsync().ConfigureAwait(false);`
0	`677`	`await using (dbContext.ConfigureAwait(false))`
	`678`	`{`
0	`679`	`var user = UserQuery(dbContext)`
0	`680`	`.AsTracking()`
0	`681`	`.FirstOrDefault(u => u.Id.Equals(userId))`
0	`682`	`?? throw new ArgumentException("No user exists with given Id!");`
	`683`
0	`684`	`user.SubtitleMode = config.SubtitleMode;`
0	`685`	`user.HidePlayedInLatest = config.HidePlayedInLatest;`
0	`686`	`user.EnableLocalPassword = config.EnableLocalPassword;`
0	`687`	`user.PlayDefaultAudioTrack = config.PlayDefaultAudioTrack;`
0	`688`	`user.DisplayCollectionsView = config.DisplayCollectionsView;`
0	`689`	`user.DisplayMissingEpisodes = config.DisplayMissingEpisodes;`
0	`690`	`user.AudioLanguagePreference = config.AudioLanguagePreference;`
0	`691`	`user.RememberAudioSelections = config.RememberAudioSelections;`
0	`692`	`user.EnableNextEpisodeAutoPlay = config.EnableNextEpisodeAutoPlay;`
0	`693`	`user.RememberSubtitleSelections = config.RememberSubtitleSelections;`
0	`694`	`user.SubtitleLanguagePreference = config.SubtitleLanguagePreference;`
	`695`
	`696`	`// Only set cast receiver id if it is passed in and it exists in the server config.`
0	`697`	`if (!string.IsNullOrEmpty(config.CastReceiverId)`
0	`698`	`&& _serverConfigurationManager.Configuration.CastReceiverApplications.Any(c => string.Equals(c.I`
	`699`	`{`
0	`700`	`user.CastReceiverId = config.CastReceiverId;`
	`701`	`}`
	`702`
0	`703`	`user.SetPreference(PreferenceKind.OrderedViews, config.OrderedViews);`
0	`704`	`user.SetPreference(PreferenceKind.GroupedFolders, config.GroupedFolders);`
0	`705`	`user.SetPreference(PreferenceKind.MyMediaExcludes, config.MyMediaExcludes);`
0	`706`	`user.SetPreference(PreferenceKind.LatestItemExcludes, config.LatestItemsExcludes);`
	`707`
0	`708`	`dbContext.Update(user);`
0	`709`	`await dbContext.SaveChangesAsync().ConfigureAwait(false);`
	`710`	`}`
0	`711`	`}`
0	`712`	`}`
	`713`
	`714`	`/// <inheritdoc/>`
	`715`	`public async Task UpdatePolicyAsync(Guid userId, UserPolicy policy)`
	`716`	`{`
0	`717`	`using (await _userLock.LockAsync(userId).ConfigureAwait(false))`
	`718`	`{`
0	`719`	`var dbContext = await _dbProvider.CreateDbContextAsync().ConfigureAwait(false);`
0	`720`	`await using (dbContext.ConfigureAwait(false))`
	`721`	`{`
0	`722`	`var user = UserQuery(dbContext)`
0	`723`	`.AsTracking()`
0	`724`	`.FirstOrDefault(u => u.Id.Equals(userId))`
0	`725`	`?? throw new ArgumentException("No user exists with given Id!");`
	`726`
	`727`	`// The default number of login attempts is 3, but for some god forsaken reason it's sent to the serv`
0	`728`	`int? maxLoginAttempts = policy.LoginAttemptsBeforeLockout switch`
0	`729`	`{`
0	`730`	`-1 => null,`
0	`731`	`0 => 3,`
0	`732`	`_ => policy.LoginAttemptsBeforeLockout`
0	`733`	`};`
	`734`
0	`735`	`user.MaxParentalRatingScore = policy.MaxParentalRating;`
0	`736`	`user.MaxParentalRatingSubScore = policy.MaxParentalSubRating;`
0	`737`	`user.EnableUserPreferenceAccess = policy.EnableUserPreferenceAccess;`
0	`738`	`user.RemoteClientBitrateLimit = policy.RemoteClientBitrateLimit;`
0	`739`	`user.AuthenticationProviderId = policy.AuthenticationProviderId;`
0	`740`	`user.PasswordResetProviderId = policy.PasswordResetProviderId;`
0	`741`	`user.InvalidLoginAttemptCount = policy.InvalidLoginAttemptCount;`
0	`742`	`user.LoginAttemptsBeforeLockout = maxLoginAttempts;`
0	`743`	`user.MaxActiveSessions = policy.MaxActiveSessions;`
0	`744`	`user.SyncPlayAccess = policy.SyncPlayAccess;`
0	`745`	`user.SetPermission(PermissionKind.IsAdministrator, policy.IsAdministrator);`
0	`746`	`user.SetPermission(PermissionKind.IsHidden, policy.IsHidden);`
0	`747`	`user.SetPermission(PermissionKind.IsDisabled, policy.IsDisabled);`
0	`748`	`user.SetPermission(PermissionKind.EnableSharedDeviceControl, policy.EnableSharedDeviceControl);`
0	`749`	`user.SetPermission(PermissionKind.EnableRemoteAccess, policy.EnableRemoteAccess);`
0	`750`	`user.SetPermission(PermissionKind.EnableLiveTvManagement, policy.EnableLiveTvManagement);`
0	`751`	`user.SetPermission(PermissionKind.EnableLiveTvAccess, policy.EnableLiveTvAccess);`
0	`752`	`user.SetPermission(PermissionKind.EnableMediaPlayback, policy.EnableMediaPlayback);`
0	`753`	`user.SetPermission(PermissionKind.EnableAudioPlaybackTranscoding, policy.EnableAudioPlaybackTranscod`
0	`754`	`user.SetPermission(PermissionKind.EnableVideoPlaybackTranscoding, policy.EnableVideoPlaybackTranscod`
0	`755`	`user.SetPermission(PermissionKind.EnableContentDeletion, policy.EnableContentDeletion);`
0	`756`	`user.SetPermission(PermissionKind.EnableContentDownloading, policy.EnableContentDownloading);`
0	`757`	`user.SetPermission(PermissionKind.EnableSyncTranscoding, policy.EnableSyncTranscoding);`
0	`758`	`user.SetPermission(PermissionKind.EnableMediaConversion, policy.EnableMediaConversion);`
0	`759`	`user.SetPermission(PermissionKind.EnableAllChannels, policy.EnableAllChannels);`
0	`760`	`user.SetPermission(PermissionKind.EnableAllDevices, policy.EnableAllDevices);`
0	`761`	`user.SetPermission(PermissionKind.EnableAllFolders, policy.EnableAllFolders);`
0	`762`	`user.SetPermission(PermissionKind.EnableRemoteControlOfOtherUsers, policy.EnableRemoteControlOfOther`
0	`763`	`user.SetPermission(PermissionKind.EnablePlaybackRemuxing, policy.EnablePlaybackRemuxing);`
0	`764`	`user.SetPermission(PermissionKind.EnableCollectionManagement, policy.EnableCollectionManagement);`
0	`765`	`user.SetPermission(PermissionKind.EnableSubtitleManagement, policy.EnableSubtitleManagement);`
0	`766`	`user.SetPermission(PermissionKind.EnableLyricManagement, policy.EnableLyricManagement);`
0	`767`	`user.SetPermission(PermissionKind.ForceRemoteSourceTranscoding, policy.ForceRemoteSourceTranscoding)`
0	`768`	`user.SetPermission(PermissionKind.EnablePublicSharing, policy.EnablePublicSharing);`
	`769`
0	`770`	`user.AccessSchedules.Clear();`
0	`771`	`foreach (var policyAccessSchedule in policy.AccessSchedules)`
	`772`	`{`
0	`773`	`user.AccessSchedules.Add(policyAccessSchedule);`
	`774`	`}`
	`775`
	`776`	`// TODO: fix this at some point`
0	`777`	`user.SetPreference(PreferenceKind.BlockUnratedItems, policy.BlockUnratedItems ?? Array.Empty<Unrated`
0	`778`	`user.SetPreference(PreferenceKind.BlockedTags, policy.BlockedTags);`
0	`779`	`user.SetPreference(PreferenceKind.AllowedTags, policy.AllowedTags);`
0	`780`	`user.SetPreference(PreferenceKind.EnabledChannels, policy.EnabledChannels);`
0	`781`	`user.SetPreference(PreferenceKind.EnabledDevices, policy.EnabledDevices);`
0	`782`	`user.SetPreference(PreferenceKind.EnabledFolders, policy.EnabledFolders);`
0	`783`	`user.SetPreference(PreferenceKind.EnableContentDeletionFromFolders, policy.EnableContentDeletionFrom`
	`784`
0	`785`	`dbContext.Update(user);`
0	`786`	`await dbContext.SaveChangesAsync().ConfigureAwait(false);`
	`787`	`}`
0	`788`	`}`
0	`789`	`}`
	`790`
	`791`	`/// <inheritdoc/>`
	`792`	`public async Task ClearProfileImageAsync(User user)`
	`793`	`{`
0	`794`	`if (user.ProfileImage is null)`
	`795`	`{`
0	`796`	`return;`
	`797`	`}`
	`798`
0	`799`	`using (await _userLock.LockAsync(user.Id).ConfigureAwait(false))`
	`800`	`{`
0	`801`	`var dbContext = await _dbProvider.CreateDbContextAsync().ConfigureAwait(false);`
0	`802`	`await using (dbContext.ConfigureAwait(false))`
	`803`	`{`
0	`804`	`dbContext.Remove(user.ProfileImage);`
0	`805`	`await dbContext.SaveChangesAsync().ConfigureAwait(false);`
	`806`	`}`
	`807`
0	`808`	`user.ProfileImage = null;`
0	`809`	`}`
0	`810`	`}`
	`811`
	`812`	`internal static void ThrowIfInvalidUsername(string name)`
	`813`	`{`
15	`814`	`if (!string.IsNullOrWhiteSpace(name) && ValidUsernameRegex().IsMatch(name))`
	`815`	`{`
7	`816`	`return;`
	`817`	`}`
	`818`
8	`819`	`throw new ArgumentException("Usernames can contain unicode symbols, numbers (0-9), dashes (-), underscores (`
	`820`	`}`
	`821`
	`822`	`private IAuthenticationProvider GetAuthenticationProvider(User user)`
	`823`	`{`
3	`824`	`return GetAuthenticationProviders(user)[0];`
	`825`	`}`
	`826`
	`827`	`private IPasswordResetProvider GetPasswordResetProvider(User? user)`
	`828`	`{`
0	`829`	`if (user is null)`
	`830`	`{`
0	`831`	`return _defaultPasswordResetProvider;`
	`832`	`}`
	`833`
0	`834`	`return GetPasswordResetProviders(user)[0];`
	`835`	`}`
	`836`
	`837`	`private List<IAuthenticationProvider> GetAuthenticationProviders(User? user)`
	`838`	`{`
18	`839`	`var authenticationProviderId = user?.AuthenticationProviderId;`
	`840`
18	`841`	`var providers = _authenticationProviders.Where(i => i.IsEnabled).ToList();`
	`842`
18	`843`	`if (!string.IsNullOrEmpty(authenticationProviderId))`
	`844`	`{`
18	`845`	`providers = providers.Where(i => string.Equals(authenticationProviderId, i.GetType().FullName, StringCom`
	`846`	`}`
	`847`
18	`848`	`if (providers.Count == 0)`
	`849`	`{`
	`850`	`// Assign the user to the InvalidAuthProvider since no configured auth provider was valid/found`
0	`851`	`_logger.LogWarning(`
0	`852`	`"User {Username} was found with invalid/missing Authentication Provider {AuthenticationProviderId}.`
0	`853`	`user?.Username,`
0	`854`	`user?.AuthenticationProviderId);`
0	`855`	`providers = new List<IAuthenticationProvider>`
0	`856`	`{`
0	`857`	`_invalidAuthProvider`
0	`858`	`};`
	`859`	`}`
	`860`
18	`861`	`return providers;`
	`862`	`}`
	`863`
	`864`	`private IPasswordResetProvider[] GetPasswordResetProviders(User user)`
	`865`	`{`
0	`866`	`var passwordResetProviderId = user.PasswordResetProviderId;`
0	`867`	`var providers = _passwordResetProviders.Where(i => i.IsEnabled).ToArray();`
	`868`
0	`869`	`if (!string.IsNullOrEmpty(passwordResetProviderId))`
	`870`	`{`
0	`871`	`providers = providers.Where(i =>`
0	`872`	`string.Equals(passwordResetProviderId, i.GetType().FullName, StringComparison.OrdinalIgnoreCase)`
0	`873`	`.ToArray();`
	`874`	`}`
	`875`
0	`876`	`if (providers.Length == 0)`
	`877`	`{`
0	`878`	`providers = new IPasswordResetProvider[]`
0	`879`	`{`
0	`880`	`_defaultPasswordResetProvider`
0	`881`	`};`
	`882`	`}`
	`883`
0	`884`	`return providers;`
	`885`	`}`
	`886`
	`887`	`private async Task<(IAuthenticationProvider? AuthenticationProvider, string Username, bool Success)> Authenticat`
	`888`	`string username,`
	`889`	`string password,`
	`890`	`User? user)`
	`891`	`{`
15	`892`	`bool success = false;`
15	`893`	`IAuthenticationProvider? authenticationProvider = null;`
	`894`
45	`895`	`foreach (var provider in GetAuthenticationProviders(user))`
	`896`	`{`
15	`897`	`var providerAuthResult =`
15	`898`	`await AuthenticateWithProvider(provider, username, password, user).ConfigureAwait(false);`
15	`899`	`var updatedUsername = providerAuthResult.Username;`
15	`900`	`success = providerAuthResult.Success;`
	`901`
15	`902`	`if (success)`
	`903`	`{`
15	`904`	`authenticationProvider = provider;`
15	`905`	`username = updatedUsername;`
15	`906`	`break;`
	`907`	`}`
0	`908`	`}`
	`909`
15	`910`	`return (authenticationProvider, username, success);`
15	`911`	`}`
	`912`
	`913`	`private async Task<(string Username, bool Success)> AuthenticateWithProvider(`
	`914`	`IAuthenticationProvider provider,`
	`915`	`string username,`
	`916`	`string password,`
	`917`	`User? resolvedUser)`
	`918`	`{`
	`919`	`try`
	`920`	`{`
15	`921`	`var authenticationResult = provider is IRequiresResolvedUser requiresResolvedUser`
15	`922`	`? await requiresResolvedUser.Authenticate(username, password, resolvedUser).ConfigureAwait(false)`
15	`923`	`: await provider.Authenticate(username, password).ConfigureAwait(false);`
	`924`
15	`925`	`if (authenticationResult.Username != username)`
	`926`	`{`
0	`927`	`_logger.LogDebug("Authentication provider provided updated username {1}", authenticationResult.Usern`
0	`928`	`username = authenticationResult.Username;`
	`929`	`}`
	`930`
15	`931`	`return (username, true);`
	`932`	`}`
0	`933`	`catch (AuthenticationException ex)`
	`934`	`{`
0	`935`	`_logger.LogDebug(ex, "Error authenticating with provider {Provider}", provider.Name);`
	`936`
0	`937`	`return (username, false);`
	`938`	`}`
15	`939`	`}`
	`940`
	`941`	`private async Task IncrementInvalidLoginAttemptCount(User user)`
	`942`	`{`
0	`943`	`user.InvalidLoginAttemptCount++;`
0	`944`	`int? maxInvalidLogins = user.LoginAttemptsBeforeLockout;`
0	`945`	`if (maxInvalidLogins.HasValue && user.InvalidLoginAttemptCount >= maxInvalidLogins)`
	`946`	`{`
0	`947`	`user.SetPermission(PermissionKind.IsDisabled, true);`
0	`948`	`await _eventManager.PublishAsync(new UserLockedOutEventArgs(user)).ConfigureAwait(false);`
0	`949`	`_logger.LogWarning(`
0	`950`	`"Disabling user {Username} due to {Attempts} unsuccessful login attempts.",`
0	`951`	`user.Username,`
0	`952`	`user.InvalidLoginAttemptCount);`
	`953`	`}`
	`954`
0	`955`	`await UpdateUserInternalAsync(user).ConfigureAwait(false);`
0	`956`	`}`
	`957`
	`958`	`private async Task UpdateUserInternalAsync(User user)`
	`959`	`{`
16	`960`	`var dbContext = await _dbProvider.CreateDbContextAsync().ConfigureAwait(false);`
16	`961`	`await using (dbContext.ConfigureAwait(false))`
	`962`	`{`
16	`963`	`await UpdateUserInternalAsync(dbContext, user).ConfigureAwait(false);`
	`964`	`}`
16	`965`	`}`
	`966`
	`967`	`private async Task UpdateUserInternalAsync(JellyfinDbContext dbContext, User user)`
	`968`	`{`
16	`969`	`dbContext.Users.Attach(user);`
16	`970`	`dbContext.Entry(user).State = EntityState.Modified;`
16	`971`	`await dbContext.SaveChangesAsync().ConfigureAwait(false);`
16	`972`	`}`
	`973`
	`974`	`/// <inheritdoc/>`
	`975`	`public void Dispose()`
	`976`	`{`
21	`977`	`Dispose(true);`
21	`978`	`GC.SuppressFinalize(this);`
21	`979`	`}`
	`980`
	`981`	`/// <summary>`
	`982`	`/// Disposes all members of this class.`
	`983`	`/// </summary>`
	`984`	`/// <param name="disposing">Defines if the class has been cleaned up by a dispose or finalizer.</param>`
	`985`	`protected virtual void Dispose(bool disposing)`
	`986`	`{`
21	`987`	`if (disposing)`
	`988`	`{`
21	`989`	`_userLock.Dispose();`
	`990`	`}`
21	`991`	`}`
	`992`	`}`
	`993`	`}`

< Summary - Jellyfin

Coverage history

Coverage delta

Metrics

File(s)

/srv/git/jellyfin/Jellyfin.Server.Implementations/Users/UserManager.cs

Methods/Properties