From b11de39c34bc5ae2ffc9f8a19f5c017baafa667f Mon Sep 17 00:00:00 2001
From: crobibero <cody@robibe.ro>
Date: Sun, 9 Feb 2025 08:50:53 -0500
Subject: [PATCH] Backport pull request #13499 from jellyfin/release-10.10.z

Allow api key to subscribe to admin websockets

Original-merge: 03082e90f971a44e0967caa16026696b830bdf88

Merged-by: joshuaboniface <joshua@boniface.me>

Backported-by: Bond_009 <bond.009@outlook.com>
---
 .../WebSocketListeners/ActivityLogWebSocketListener.cs       | 5 +++--
 .../WebSocketListeners/SessionInfoWebSocketListener.cs       | 5 +++--
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/Jellyfin.Api/WebSocketListeners/ActivityLogWebSocketListener.cs b/Jellyfin.Api/WebSocketListeners/ActivityLogWebSocketListener.cs
index 3818cc4e2b..97f827fde0 100644
--- a/Jellyfin.Api/WebSocketListeners/ActivityLogWebSocketListener.cs
+++ b/Jellyfin.Api/WebSocketListeners/ActivityLogWebSocketListener.cs
@@ -70,8 +70,9 @@ public class ActivityLogWebSocketListener : BasePeriodicWebSocketListener<Activi
     /// <param name="message">The message.</param>
     protected override void Start(WebSocketMessageInfo message)
     {
-        if (message.Connection.AuthorizationInfo.User is null
-            || !message.Connection.AuthorizationInfo.User.HasPermission(PermissionKind.IsAdministrator))
+        if (!message.Connection.AuthorizationInfo.IsApiKey
+            && (message.Connection.AuthorizationInfo.User is null
+                || !message.Connection.AuthorizationInfo.User.HasPermission(PermissionKind.IsAdministrator)))
         {
             throw new AuthenticationException("Only admin users can retrieve the activity log.");
         }
diff --git a/Jellyfin.Api/WebSocketListeners/SessionInfoWebSocketListener.cs b/Jellyfin.Api/WebSocketListeners/SessionInfoWebSocketListener.cs
index 95e7feab30..6cbab6571e 100644
--- a/Jellyfin.Api/WebSocketListeners/SessionInfoWebSocketListener.cs
+++ b/Jellyfin.Api/WebSocketListeners/SessionInfoWebSocketListener.cs
@@ -79,8 +79,9 @@ public class SessionInfoWebSocketListener : BasePeriodicWebSocketListener<IEnume
     /// <param name="message">The message.</param>
     protected override void Start(WebSocketMessageInfo message)
     {
-        if (message.Connection.AuthorizationInfo.User is null
-            || !message.Connection.AuthorizationInfo.User.HasPermission(PermissionKind.IsAdministrator))
+        if (!message.Connection.AuthorizationInfo.IsApiKey
+            && (message.Connection.AuthorizationInfo.User is null
+                || !message.Connection.AuthorizationInfo.User.HasPermission(PermissionKind.IsAdministrator)))
         {
             throw new AuthenticationException("Only admin users can subscribe to session information.");
         }