jellyfin-server/Jellyfin.Api/Helpers/RequestHelpers.cs

180 lines
6.3 KiB
C#
Raw Normal View History

using System;
using System.Collections.Generic;
2020-04-23 14:54:28 +00:00
using System.Linq;
using System.Security.Claims;
2021-04-10 20:57:25 +00:00
using System.Threading.Tasks;
using Jellyfin.Api.Constants;
using Jellyfin.Api.Extensions;
using Jellyfin.Data.Entities;
using Jellyfin.Data.Enums;
using MediaBrowser.Common.Extensions;
using MediaBrowser.Controller.Dto;
using MediaBrowser.Controller.Entities;
using MediaBrowser.Controller.Library;
2023-02-17 22:16:08 +00:00
using MediaBrowser.Controller.Net;
2020-06-12 16:54:25 +00:00
using MediaBrowser.Controller.Session;
using MediaBrowser.Model.Dto;
2020-06-24 16:54:25 +00:00
using MediaBrowser.Model.Querying;
using Microsoft.AspNetCore.Http;
2020-04-23 14:54:28 +00:00
2023-01-31 11:18:10 +00:00
namespace Jellyfin.Api.Helpers;
/// <summary>
/// Request Extensions.
/// </summary>
public static class RequestHelpers
2020-04-23 14:54:28 +00:00
{
/// <summary>
2023-01-31 11:18:10 +00:00
/// Get Order By.
2020-04-23 14:54:28 +00:00
/// </summary>
2023-01-31 11:18:10 +00:00
/// <param name="sortBy">Sort By. Comma delimited string.</param>
/// <param name="requestedSortOrder">Sort Order. Comma delimited string.</param>
/// <returns>Order By.</returns>
public static (string, SortOrder)[] GetOrderBy(IReadOnlyList<string> sortBy, IReadOnlyList<SortOrder> requestedSortOrder)
2020-04-23 14:54:28 +00:00
{
2023-01-31 11:18:10 +00:00
if (sortBy.Count == 0)
2020-04-23 14:54:28 +00:00
{
2023-01-31 11:18:10 +00:00
return Array.Empty<(string, SortOrder)>();
}
2020-04-23 14:54:28 +00:00
2023-01-31 11:18:10 +00:00
var result = new (string, SortOrder)[sortBy.Count];
var i = 0;
// Add elements which have a SortOrder specified
for (; i < requestedSortOrder.Count; i++)
{
result[i] = (sortBy[i], requestedSortOrder[i]);
2020-04-23 14:54:28 +00:00
}
2023-01-31 11:18:10 +00:00
// Add remaining elements with the first specified SortOrder
// or the default one if no SortOrders are specified
var order = requestedSortOrder.Count > 0 ? requestedSortOrder[0] : SortOrder.Ascending;
for (; i < sortBy.Count; i++)
{
2023-01-31 11:18:10 +00:00
result[i] = (sortBy[i], order);
}
2023-01-31 11:18:10 +00:00
return result;
}
2023-02-17 22:16:08 +00:00
/// <summary>
/// Checks if the user can access a user.
/// </summary>
/// <param name="claimsPrincipal">The <see cref="ClaimsPrincipal"/> for the current request.</param>
/// <param name="userId">The user id.</param>
/// <returns>A <see cref="bool"/> whether the user can access the user.</returns>
internal static Guid GetUserId(ClaimsPrincipal claimsPrincipal, Guid? userId)
{
var authenticatedUserId = claimsPrincipal.GetUserId();
// UserId not provided, fall back to authenticated user id.
if (userId is null || userId.Value.Equals(default))
{
return authenticatedUserId;
}
// User must be administrator to access another user.
var isAdministrator = claimsPrincipal.IsInRole(UserRoles.Administrator);
if (!userId.Value.Equals(authenticatedUserId) && !isAdministrator)
{
throw new SecurityException("Forbidden");
}
return userId.Value;
}
2023-01-31 11:18:10 +00:00
/// <summary>
/// Checks if the user can update an entry.
/// </summary>
/// <param name="userManager">An instance of the <see cref="IUserManager"/> interface.</param>
/// <param name="claimsPrincipal">The <see cref="ClaimsPrincipal"/> for the current request.</param>
/// <param name="userId">The user id.</param>
/// <param name="restrictUserPreferences">Whether to restrict the user preferences.</param>
/// <returns>A <see cref="bool"/> whether the user can update the entry.</returns>
internal static bool AssertCanUpdateUser(IUserManager userManager, ClaimsPrincipal claimsPrincipal, Guid userId, bool restrictUserPreferences)
{
var authenticatedUserId = claimsPrincipal.GetUserId();
var isAdministrator = claimsPrincipal.IsInRole(UserRoles.Administrator);
2023-01-31 11:18:10 +00:00
// If they're going to update the record of another user, they must be an administrator
if (!userId.Equals(authenticatedUserId) && !isAdministrator)
{
return false;
}
2023-01-31 11:18:10 +00:00
// TODO the EnableUserPreferenceAccess policy does not seem to be used elsewhere
if (!restrictUserPreferences || isAdministrator)
2020-06-12 16:54:25 +00:00
{
2023-01-31 11:18:10 +00:00
return true;
2020-06-12 16:54:25 +00:00
}
2020-06-20 22:03:19 +00:00
2023-01-31 11:18:10 +00:00
var user = userManager.GetUserById(userId);
if (user is null)
{
throw new ResourceNotFoundException();
}
2023-01-31 11:18:10 +00:00
return user.EnableUserPreferenceAccess;
}
2021-04-10 20:57:25 +00:00
2023-01-31 11:18:10 +00:00
internal static async Task<SessionInfo> GetSession(ISessionManager sessionManager, IUserManager userManager, HttpContext httpContext)
{
var userId = httpContext.User.GetUserId();
var user = userManager.GetUserById(userId);
var session = await sessionManager.LogSessionActivity(
httpContext.User.GetClient(),
httpContext.User.GetVersion(),
httpContext.User.GetDeviceId(),
httpContext.User.GetDevice(),
httpContext.GetNormalizedRemoteIp().ToString(),
user).ConfigureAwait(false);
if (session is null)
{
throw new ResourceNotFoundException("Session not found.");
2021-04-10 20:57:25 +00:00
}
2023-01-31 11:18:10 +00:00
return session;
}
internal static async Task<string> GetSessionId(ISessionManager sessionManager, IUserManager userManager, HttpContext httpContext)
{
var session = await GetSession(sessionManager, userManager, httpContext).ConfigureAwait(false);
return session.Id;
}
internal static QueryResult<BaseItemDto> CreateQueryResult(
QueryResult<(BaseItem Item, ItemCounts ItemCounts)> result,
DtoOptions dtoOptions,
IDtoService dtoService,
bool includeItemTypes,
User? user)
{
var dtos = result.Items.Select(i =>
{
2023-01-31 11:18:10 +00:00
var (baseItem, counts) = i;
var dto = dtoService.GetItemByNameDto(baseItem, dtoOptions, null, user);
if (includeItemTypes)
{
2023-01-31 11:18:10 +00:00
dto.ChildCount = counts.ItemCount;
dto.ProgramCount = counts.ProgramCount;
dto.SeriesCount = counts.SeriesCount;
dto.EpisodeCount = counts.EpisodeCount;
dto.MovieCount = counts.MovieCount;
dto.TrailerCount = counts.TrailerCount;
dto.AlbumCount = counts.AlbumCount;
dto.SongCount = counts.SongCount;
dto.ArtistCount = counts.ArtistCount;
}
return dto;
});
return new QueryResult<BaseItemDto>(
result.StartIndex,
result.TotalRecordCount,
dtos.ToArray());
2020-04-23 14:54:28 +00:00
}
}