Defer standard authentication checks to DefaultAuthorizationHandler

2024-05-29 14:35:41 -04:00 · 2024-05-29 14:35:41 -04:00 · 8fa7ff647a
commit 8fa7ff647a
parent d0336cd67e
2 changed files with 12 additions and 19 deletions
--- a/Jellyfin.Api/Auth/FirstTimeSetupPolicy/FirstTimeSetupHandler.cs
+++ b/Jellyfin.Api/Auth/FirstTimeSetupPolicy/FirstTimeSetupHandler.cs
@ -32,16 +32,8 @@ namespace Jellyfin.Api.Auth.FirstTimeSetupPolicy
            {
                context.Fail();
            }
-            else if (!requirement.RequireAdmin && context.User.IsInRole(UserRoles.Guest))
-            {
-                context.Fail();
-            }
-            else
-            {
-                // Any user-specific checks are handled in the DefaultAuthorizationHandler.
-                context.Succeed(requirement);
-            }

+            // Any user-specific checks are handled in the DefaultAuthorizationHandler.
            return Task.CompletedTask;
        }
    }
--- a/tests/Jellyfin.Api.Tests/Auth/FirstTimeSetupPolicy/FirstTimeSetupHandlerTests.cs
+++ b/tests/Jellyfin.Api.Tests/Auth/FirstTimeSetupPolicy/FirstTimeSetupHandlerTests.cs
@ -52,10 +52,10 @@ namespace Jellyfin.Api.Tests.Auth.FirstTimeSetupPolicy
        }

        [Theory]
-        [InlineData(UserRoles.Administrator, true)]
-        [InlineData(UserRoles.Guest, false)]
-        [InlineData(UserRoles.User, false)]
-        public async Task ShouldRequireAdministratorIfStartupWizardComplete(string userRole, bool shouldSucceed)
+        [InlineData(UserRoles.Administrator, false)]
+        [InlineData(UserRoles.Guest, true)]
+        [InlineData(UserRoles.User, true)]
+        public async Task ShouldRequireAdministratorIfStartupWizardComplete(string userRole, bool shouldFail)
        {
            TestHelpers.SetupConfigurationManager(_configurationManagerMock, true);
            var claims = TestHelpers.SetupUser(
@ -66,14 +66,14 @@ namespace Jellyfin.Api.Tests.Auth.FirstTimeSetupPolicy
            var context = new AuthorizationHandlerContext(_requirements, claims, null);

            await _firstTimeSetupHandler.HandleAsync(context);
-            Assert.Equal(shouldSucceed, context.HasSucceeded);
+            Assert.Equal(shouldFail, context.HasFailed);
        }

        [Theory]
-        [InlineData(UserRoles.Administrator, true)]
-        [InlineData(UserRoles.Guest, false)]
-        [InlineData(UserRoles.User, true)]
-        public async Task ShouldRequireUserIfNotRequiresAdmin(string userRole, bool shouldSucceed)
+        [InlineData(UserRoles.Administrator)]
+        [InlineData(UserRoles.Guest)]
+        [InlineData(UserRoles.User)]
+        public async Task ShouldDeferIfNotRequiresAdmin(string userRole)
        {
            TestHelpers.SetupConfigurationManager(_configurationManagerMock, true);
            var claims = TestHelpers.SetupUser(
@ -87,7 +87,8 @@ namespace Jellyfin.Api.Tests.Auth.FirstTimeSetupPolicy
                null);

            await _firstTimeSetupHandler.HandleAsync(context);
-            Assert.Equal(shouldSucceed, context.HasSucceeded);
+            Assert.False(context.HasSucceeded);
+            Assert.False(context.HasFailed);
        }

        [Fact]