Backport pull request #13499 from jellyfin/release-10.10.z

Allow api key to subscribe to admin websockets

Original-merge: 03082e90f971a44e0967caa16026696b830bdf88

Merged-by: joshuaboniface <joshua@boniface.me>

Backported-by: Bond_009 <bond.009@outlook.com>

Jellyfin.Api/WebSocketListeners/ActivityLogWebSocketListener.cs

@@ -70,8 +70,9 @@ public class ActivityLogWebSocketListener : BasePeriodicWebSocketListener<Activi
     /// <param name="message">The message.</param>
     protected override void Start(WebSocketMessageInfo message)
     {
-        if (message.Connection.AuthorizationInfo.User is null
+        if (!message.Connection.AuthorizationInfo.IsApiKey
-            || !message.Connection.AuthorizationInfo.User.HasPermission(PermissionKind.IsAdministrator))
+            && (message.Connection.AuthorizationInfo.User is null
+                || !message.Connection.AuthorizationInfo.User.HasPermission(PermissionKind.IsAdministrator)))
         {
             throw new AuthenticationException("Only admin users can retrieve the activity log.");
         }

Jellyfin.Api/WebSocketListeners/SessionInfoWebSocketListener.cs

@@ -79,8 +79,9 @@ public class SessionInfoWebSocketListener : BasePeriodicWebSocketListener<IEnume
     /// <param name="message">The message.</param>
     protected override void Start(WebSocketMessageInfo message)
     {
-        if (message.Connection.AuthorizationInfo.User is null
+        if (!message.Connection.AuthorizationInfo.IsApiKey
-            || !message.Connection.AuthorizationInfo.User.HasPermission(PermissionKind.IsAdministrator))
+            && (message.Connection.AuthorizationInfo.User is null
+                || !message.Connection.AuthorizationInfo.User.HasPermission(PermissionKind.IsAdministrator)))
         {
             throw new AuthenticationException("Only admin users can subscribe to session information.");
         }