Cutlery/jellyfin
1
0
Fork 0
mirror of https://github.com/jellyfin/jellyfin.git synced 2025-07-09 03:04:24 -04:00
Code Issues Packages Projects Releases Wiki Activity

Enable nullable for AuthorizationInfo (#13485)

Browse Source
This commit is contained in:
Bond-009 2025-02-05 01:10:39 +01:00 committed by GitHub
parent 2de04cb07c
commit 00b66a06ea
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
6 changed files with 25 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
Jellyfin.Api/Auth/CustomAuthenticationHandler.cs
View File

@ -50,20 +50,21 @@ namespace Jellyfin.Api.Auth
} }
var role = UserRoles.User; var role = UserRoles.User;
if (authorizationInfo.IsApiKey || authorizationInfo.User.HasPermission(PermissionKind.IsAdministrator)) if (authorizationInfo.IsApiKey
|| (authorizationInfo.User?.HasPermission(PermissionKind.IsAdministrator) ?? false))
{ {
role = UserRoles.Administrator; role = UserRoles.Administrator;
} }
var claims = new[] var claims = new[]
{ {
new Claim(ClaimTypes.Name, authorizationInfo.User.Username), new Claim(ClaimTypes.Name, authorizationInfo.User?.Username ?? string.Empty),
new Claim(ClaimTypes.Role, role), new Claim(ClaimTypes.Role, role),
new Claim(InternalClaimTypes.UserId, authorizationInfo.UserId.ToString("N", CultureInfo.InvariantCulture)), new Claim(InternalClaimTypes.UserId, authorizationInfo.UserId.ToString("N", CultureInfo.InvariantCulture)),
new Claim(InternalClaimTypes.DeviceId, authorizationInfo.DeviceId), new Claim(InternalClaimTypes.DeviceId, authorizationInfo.DeviceId ?? string.Empty),
new Claim(InternalClaimTypes.Device, authorizationInfo.Device), new Claim(InternalClaimTypes.Device, authorizationInfo.Device ?? string.Empty),
new Claim(InternalClaimTypes.Client, authorizationInfo.Client), new Claim(InternalClaimTypes.Client, authorizationInfo.Client ?? string.Empty),
new Claim(InternalClaimTypes.Version, authorizationInfo.Version), new Claim(InternalClaimTypes.Version, authorizationInfo.Version ?? string.Empty),
new Claim(InternalClaimTypes.Token, authorizationInfo.Token), new Claim(InternalClaimTypes.Token, authorizationInfo.Token),
new Claim(InternalClaimTypes.IsApiKey, authorizationInfo.IsApiKey.ToString(CultureInfo.InvariantCulture)) new Claim(InternalClaimTypes.IsApiKey, authorizationInfo.IsApiKey.ToString(CultureInfo.InvariantCulture))
}; };

3
Jellyfin.Api/WebSocketListeners/ActivityLogWebSocketListener.cs
View File

@ -70,7 +70,8 @@ public class ActivityLogWebSocketListener : BasePeriodicWebSocketListener<Activi
/// <param name="message">The message.</param> /// <param name="message">The message.</param>
protected override void Start(WebSocketMessageInfo message) protected override void Start(WebSocketMessageInfo message)
{ {
if (!message.Connection.AuthorizationInfo.User.HasPermission(PermissionKind.IsAdministrator)) if (message.Connection.AuthorizationInfo.User is null
|| !message.Connection.AuthorizationInfo.User.HasPermission(PermissionKind.IsAdministrator))
{ {
throw new AuthenticationException("Only admin users can retrieve the activity log."); throw new AuthenticationException("Only admin users can retrieve the activity log.");
} }

3
Jellyfin.Api/WebSocketListeners/SessionInfoWebSocketListener.cs
View File

@ -79,7 +79,8 @@ public class SessionInfoWebSocketListener : BasePeriodicWebSocketListener<IEnume
/// <param name="message">The message.</param> /// <param name="message">The message.</param>
protected override void Start(WebSocketMessageInfo message) protected override void Start(WebSocketMessageInfo message)
{ {
if (!message.Connection.AuthorizationInfo.User.HasPermission(PermissionKind.IsAdministrator)) if (message.Connection.AuthorizationInfo.User is null
|| !message.Connection.AuthorizationInfo.User.HasPermission(PermissionKind.IsAdministrator))
{ {
throw new AuthenticationException("Only admin users can subscribe to session information."); throw new AuthenticationException("Only admin users can subscribe to session information.");
} }

6
Jellyfin.Server.Implementations/Security/AuthorizationContext.cs
View File

@ -116,17 +116,15 @@ namespace Jellyfin.Server.Implementations.Security
DeviceId = deviceId, DeviceId = deviceId,
Version = version, Version = version,
Token = token, Token = token,
IsAuthenticated = false, IsAuthenticated = false
HasToken = false
}; };
if (string.IsNullOrWhiteSpace(token)) if (!authInfo.HasToken)
{ {
// Request doesn't contain a token. // Request doesn't contain a token.
return authInfo; return authInfo;
} }
authInfo.HasToken = true;
var dbContext = await _jellyfinDbProvider.CreateDbContextAsync().ConfigureAwait(false); var dbContext = await _jellyfinDbProvider.CreateDbContextAsync().ConfigureAwait(false);
await using (dbContext.ConfigureAwait(false)) await using (dbContext.ConfigureAwait(false))
{ {

20
MediaBrowser.Controller/Net/AuthorizationInfo.cs
View File

@ -1,6 +1,5 @@
#nullable disable
using System; using System;
using System.Diagnostics.CodeAnalysis;
using Jellyfin.Data.Entities; using Jellyfin.Data.Entities;
namespace MediaBrowser.Controller.Net namespace MediaBrowser.Controller.Net
@ -20,31 +19,31 @@ namespace MediaBrowser.Controller.Net
/// Gets or sets the device identifier. /// Gets or sets the device identifier.
/// </summary> /// </summary>
/// <value>The device identifier.</value> /// <value>The device identifier.</value>
public string DeviceId { get; set; } public string? DeviceId { get; set; }
/// <summary> /// <summary>
/// Gets or sets the device. /// Gets or sets the device.
/// </summary> /// </summary>
/// <value>The device.</value> /// <value>The device.</value>
public string Device { get; set; } public string? Device { get; set; }
/// <summary> /// <summary>
/// Gets or sets the client. /// Gets or sets the client.
/// </summary> /// </summary>
/// <value>The client.</value> /// <value>The client.</value>
public string Client { get; set; } public string? Client { get; set; }
/// <summary> /// <summary>
/// Gets or sets the version. /// Gets or sets the version.
/// </summary> /// </summary>
/// <value>The version.</value> /// <value>The version.</value>
public string Version { get; set; } public string? Version { get; set; }
/// <summary> /// <summary>
/// Gets or sets the token. /// Gets or sets the token.
/// </summary> /// </summary>
/// <value>The token.</value> /// <value>The token.</value>
public string Token { get; set; } public string? Token { get; set; }
/// <summary> /// <summary>
/// Gets or sets a value indicating whether the authorization is from an api key. /// Gets or sets a value indicating whether the authorization is from an api key.
@ -54,7 +53,7 @@ namespace MediaBrowser.Controller.Net
/// <summary> /// <summary>
/// Gets or sets the user making the request. /// Gets or sets the user making the request.
/// </summary> /// </summary>
public User User { get; set; } public User? User { get; set; }
/// <summary> /// <summary>
/// Gets or sets a value indicating whether the token is authenticated. /// Gets or sets a value indicating whether the token is authenticated.
@ -62,8 +61,9 @@ namespace MediaBrowser.Controller.Net
public bool IsAuthenticated { get; set; } public bool IsAuthenticated { get; set; }
/// <summary> /// <summary>
/// Gets or sets a value indicating whether the request has a token. /// Gets a value indicating whether the request has a token.
/// </summary> /// </summary>
public bool HasToken { get; set; } [MemberNotNullWhen(true, nameof(Token))]
public bool HasToken => !string.IsNullOrWhiteSpace(Token);
} }
} }

3
tests/Jellyfin.Api.Tests/Auth/CustomAuthenticationHandlerTests.cs
View File

@ -100,6 +100,7 @@ namespace Jellyfin.Api.Tests.Auth
var authorizationInfo = SetupUser(); var authorizationInfo = SetupUser();
var authenticateResult = await _sut.AuthenticateAsync(); var authenticateResult = await _sut.AuthenticateAsync();
Assert.NotNull(authorizationInfo.User);
Assert.True(authenticateResult.Principal?.HasClaim(ClaimTypes.Name, authorizationInfo.User.Username)); Assert.True(authenticateResult.Principal?.HasClaim(ClaimTypes.Name, authorizationInfo.User.Username));
} }
@ -111,6 +112,7 @@ namespace Jellyfin.Api.Tests.Auth
var authorizationInfo = SetupUser(isAdmin); var authorizationInfo = SetupUser(isAdmin);
var authenticateResult = await _sut.AuthenticateAsync(); var authenticateResult = await _sut.AuthenticateAsync();
Assert.NotNull(authorizationInfo.User);
var expectedRole = authorizationInfo.User.HasPermission(PermissionKind.IsAdministrator) ? UserRoles.Administrator : UserRoles.User; var expectedRole = authorizationInfo.User.HasPermission(PermissionKind.IsAdministrator) ? UserRoles.Administrator : UserRoles.User;
Assert.True(authenticateResult.Principal?.HasClaim(ClaimTypes.Role, expectedRole)); Assert.True(authenticateResult.Principal?.HasClaim(ClaimTypes.Role, expectedRole));
} }
@ -132,7 +134,6 @@ namespace Jellyfin.Api.Tests.Auth
authorizationInfo.User.AddDefaultPreferences(); authorizationInfo.User.AddDefaultPreferences();
authorizationInfo.User.SetPermission(PermissionKind.IsAdministrator, isAdmin); authorizationInfo.User.SetPermission(PermissionKind.IsAdministrator, isAdmin);
authorizationInfo.IsApiKey = false; authorizationInfo.IsApiKey = false;
authorizationInfo.HasToken = true;
authorizationInfo.Token = "fake-token"; authorizationInfo.Token = "fake-token";
_jellyfinAuthServiceMock.Setup( _jellyfinAuthServiceMock.Setup(