Cutlery/jellyfin
1
0
Fork 0
mirror of https://github.com/jellyfin/jellyfin.git synced 2025-11-03 19:17:24 -05:00
Code Issues Packages Projects Releases Wiki Activity
jellyfin/Jellyfin.Api/Auth/FirstTimeSetupPolicy/FirstTimeSetupHandler.cs
thornbill dc2db22c3d Backport pull request #11873 from jellyfin/release-10.9.z 
Fix FirstTimeSetupHandler allowing public access

Original-merge: 869dab2ba2900c18f9de817607e1b0d3681f8ac9

Merged-by: joshuaboniface <joshua@boniface.me>

Backported-by: Joshua M. Boniface <joshua@boniface.me>
2024-06-01 18:41:08 -04:00

57 lines
2.0 KiB
C#
Raw Blame History

using System.Threading.Tasks;
using Jellyfin.Api.Constants;
using Jellyfin.Api.Extensions;
using MediaBrowser.Common.Configuration;
using Microsoft.AspNetCore.Authorization;
namespace Jellyfin.Api.Auth.FirstTimeSetupPolicy
{
/// <summary>
/// Authorization handler for requiring first time setup or default privileges.
/// </summary>
public class FirstTimeSetupHandler : AuthorizationHandler<FirstTimeSetupRequirement>
{
private readonly IConfigurationManager _configurationManager;
/// <summary>
/// Initializes a new instance of the <see cref="FirstTimeSetupHandler" /> class.
/// </summary>
/// <param name="configurationManager">Instance of the <see cref="IConfigurationManager"/> interface.</param>
public FirstTimeSetupHandler(IConfigurationManager configurationManager)
{
_configurationManager = configurationManager;
}
/// <inheritdoc />
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, FirstTimeSetupRequirement requirement)
{
// Succeed if the startup wizard / first time setup is not complete
if (!_configurationManager.CommonConfiguration.IsStartupWizardCompleted)
{
context.Succeed(requirement);
}
// Succeed if user is admin
else if (context.User.IsInRole(UserRoles.Administrator))
{
context.Succeed(requirement);
}
// Fail if admin is required and user is not admin
else if (requirement.RequireAdmin)
{
context.Fail();
}
// Succeed if admin is not required and user is not guest
else if (context.User.IsInRole(UserRoles.User))
{
context.Succeed(requirement);
}
// Any user-specific checks are handled in the DefaultAuthorizationHandler.
return Task.CompletedTask;
}
}
}
Reference in New Issue View Git Blame Copy Permalink