Fix access policies to SyncPlay

This commit is contained in:
Ionut Andrei Oanca 2020-12-04 22:03:35 +01:00
parent 1f57b594e6
commit 23473ef8fb
3 changed files with 4 additions and 2 deletions

View File

@ -43,7 +43,7 @@ namespace Jellyfin.Api.Auth.SyncPlayAccessPolicy
var user = _userManager.GetUserById(userId!.Value);
if ((requirement.RequiredAccess.HasValue && user.SyncPlayAccess == requirement.RequiredAccess)
|| (user.SyncPlayAccess == SyncPlayAccess.JoinGroups || user.SyncPlayAccess == SyncPlayAccess.CreateAndJoinGroups))
|| user.SyncPlayAccess == SyncPlayAccess.CreateAndJoinGroups)
{
context.Succeed(requirement);
}

View File

@ -69,6 +69,7 @@ namespace Jellyfin.Api.Controllers
/// <returns>A <see cref="NoContentResult"/> indicating success.</returns>
[HttpPost("Join")]
[ProducesResponseType(StatusCodes.Status204NoContent)]
[Authorize(Policy = Policies.SyncPlayAccess)]
public ActionResult SyncPlayJoinGroup(
[FromBody, Required] JoinGroupRequestDto requestData)
{
@ -100,6 +101,7 @@ namespace Jellyfin.Api.Controllers
/// <returns>An <see cref="IEnumerable{GroupInfoView}"/> containing the available SyncPlay groups.</returns>
[HttpGet("List")]
[ProducesResponseType(StatusCodes.Status200OK)]
[Authorize(Policy = Policies.SyncPlayAccess)]
public ActionResult<IEnumerable<GroupInfoDto>> SyncPlayGetGroups()
{
var currentSession = RequestHelpers.GetSession(_sessionManager, _authorizationContext, Request);

View File

@ -131,7 +131,7 @@ namespace Jellyfin.Server.Extensions
policy =>
{
policy.AddAuthenticationSchemes(AuthenticationSchemes.CustomAuthentication);
policy.AddRequirements(new SyncPlayAccessRequirement());
policy.AddRequirements(new SyncPlayAccessRequirement(SyncPlayAccess.JoinGroups));
});
options.AddPolicy(
Policies.SyncPlayCreateGroupAccess,