#pragma warning disable CA1801 using System; using System.Collections.Generic; using System.ComponentModel.DataAnnotations; using System.Linq; using System.Threading; using Jellyfin.Api.Constants; using Jellyfin.Api.Helpers; using Jellyfin.Data.Enums; using MediaBrowser.Controller.Devices; using MediaBrowser.Controller.Library; using MediaBrowser.Controller.Net; using MediaBrowser.Controller.Session; using MediaBrowser.Model.Dto; using MediaBrowser.Model.Session; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; namespace Jellyfin.Api.Controllers { /// /// The session controller. /// [Route("")] public class SessionController : BaseJellyfinApiController { private readonly ISessionManager _sessionManager; private readonly IUserManager _userManager; private readonly IAuthorizationContext _authContext; private readonly IDeviceManager _deviceManager; /// /// Initializes a new instance of the class. /// /// Instance of interface. /// Instance of interface. /// Instance of interface. /// Instance of interface. public SessionController( ISessionManager sessionManager, IUserManager userManager, IAuthorizationContext authContext, IDeviceManager deviceManager) { _sessionManager = sessionManager; _userManager = userManager; _authContext = authContext; _deviceManager = deviceManager; } /// /// Gets a list of sessions. /// /// Filter by sessions that a given user is allowed to remote control. /// Filter by device Id. /// Optional. Filter by sessions that were active in the last n seconds. /// List of sessions returned. /// An with the available sessions. [HttpGet("Sessions")] [Authorize(Policy = Policies.DefaultAuthorization)] [ProducesResponseType(StatusCodes.Status200OK)] public ActionResult> GetSessions( [FromQuery] Guid? controllableByUserId, [FromQuery] string? deviceId, [FromQuery] int? activeWithinSeconds) { var result = _sessionManager.Sessions; if (!string.IsNullOrEmpty(deviceId)) { result = result.Where(i => string.Equals(i.DeviceId, deviceId, StringComparison.OrdinalIgnoreCase)); } if (controllableByUserId.HasValue && !controllableByUserId.Equals(Guid.Empty)) { result = result.Where(i => i.SupportsRemoteControl); var user = _userManager.GetUserById(controllableByUserId.Value); if (!user.HasPermission(PermissionKind.EnableRemoteControlOfOtherUsers)) { result = result.Where(i => i.UserId.Equals(Guid.Empty) || i.ContainsUser(controllableByUserId.Value)); } if (!user.HasPermission(PermissionKind.EnableSharedDeviceControl)) { result = result.Where(i => !i.UserId.Equals(Guid.Empty)); } if (activeWithinSeconds.HasValue && activeWithinSeconds.Value > 0) { var minActiveDate = DateTime.UtcNow.AddSeconds(0 - activeWithinSeconds.Value); result = result.Where(i => i.LastActivityDate >= minActiveDate); } result = result.Where(i => { if (!string.IsNullOrWhiteSpace(i.DeviceId)) { if (!_deviceManager.CanAccessDevice(user, i.DeviceId)) { return false; } } return true; }); } return Ok(result); } /// /// Instructs a session to browse to an item or view. /// /// The session Id. /// The type of item to browse to. /// The Id of the item. /// The name of the item. /// Instruction sent to session. /// A . [HttpPost("Sessions/{sessionId}/Viewing")] [Authorize(Policy = Policies.DefaultAuthorization)] [ProducesResponseType(StatusCodes.Status204NoContent)] public ActionResult DisplayContent( [FromRoute, Required] string sessionId, [FromQuery, Required] string itemType, [FromQuery, Required] string itemId, [FromQuery, Required] string itemName) { var command = new BrowseRequest { ItemId = itemId, ItemName = itemName, ItemType = itemType }; _sessionManager.SendBrowseCommand( RequestHelpers.GetSession(_sessionManager, _authContext, Request).Id, sessionId, command, CancellationToken.None); return NoContent(); } /// /// Instructs a session to play an item. /// /// The session id. /// The type of play command to issue (PlayNow, PlayNext, PlayLast). Clients who have not yet implemented play next and play last may play now. /// The ids of the items to play, comma delimited. /// The starting position of the first item. /// Instruction sent to session. /// A . [HttpPost("Sessions/{sessionId}/Playing")] [Authorize(Policy = Policies.DefaultAuthorization)] [ProducesResponseType(StatusCodes.Status204NoContent)] public ActionResult Play( [FromRoute, Required] string sessionId, [FromRoute, Required] PlayCommand command, [FromQuery] Guid itemIds, [FromQuery] long? startPositionTicks) { var playRequest = new PlayRequest { ItemIds = itemIds.Split(','), StartPositionTicks = startPositionTicks, PlayCommand = command }; _sessionManager.SendPlayCommand( RequestHelpers.GetSession(_sessionManager, _authContext, Request).Id, sessionId, playRequest, CancellationToken.None); return NoContent(); } /// /// Issues a playstate command to a client. /// /// The session id. /// The . /// Playstate command sent to session. /// A . [HttpPost("Sessions/{sessionId}/Playing/{command}")] [Authorize(Policy = Policies.DefaultAuthorization)] [ProducesResponseType(StatusCodes.Status204NoContent)] public ActionResult SendPlaystateCommand( [FromRoute, Required] string sessionId, [FromBody] PlaystateRequest playstateRequest) { _sessionManager.SendPlaystateCommand( RequestHelpers.GetSession(_sessionManager, _authContext, Request).Id, sessionId, playstateRequest, CancellationToken.None); return NoContent(); } /// /// Issues a system command to a client. /// /// The session id. /// The command to send. /// System command sent to session. /// A . [HttpPost("Sessions/{sessionId}/System/{command}")] [Authorize(Policy = Policies.DefaultAuthorization)] [ProducesResponseType(StatusCodes.Status204NoContent)] public ActionResult SendSystemCommand( [FromRoute, Required] string sessionId, [FromRoute, Required] string command) { var name = command; if (Enum.TryParse(name, true, out GeneralCommandType commandType)) { name = commandType.ToString(); } var currentSession = RequestHelpers.GetSession(_sessionManager, _authContext, Request); var generalCommand = new GeneralCommand { Name = name, ControllingUserId = currentSession.UserId }; _sessionManager.SendGeneralCommand(currentSession.Id, sessionId, generalCommand, CancellationToken.None); return NoContent(); } /// /// Issues a general command to a client. /// /// The session id. /// The command to send. /// General command sent to session. /// A . [HttpPost("Sessions/{sessionId}/Command/{command}")] [Authorize(Policy = Policies.DefaultAuthorization)] [ProducesResponseType(StatusCodes.Status204NoContent)] public ActionResult SendGeneralCommand( [FromRoute, Required] string sessionId, [FromRoute, Required] string command) { var currentSession = RequestHelpers.GetSession(_sessionManager, _authContext, Request); var generalCommand = new GeneralCommand { Name = command, ControllingUserId = currentSession.UserId }; _sessionManager.SendGeneralCommand(currentSession.Id, sessionId, generalCommand, CancellationToken.None); return NoContent(); } /// /// Issues a full general command to a client. /// /// The session id. /// The . /// Full general command sent to session. /// A . [HttpPost("Sessions/{sessionId}/Command")] [Authorize(Policy = Policies.DefaultAuthorization)] [ProducesResponseType(StatusCodes.Status204NoContent)] public ActionResult SendFullGeneralCommand( [FromRoute, Required] string sessionId, [FromBody, Required] GeneralCommand command) { var currentSession = RequestHelpers.GetSession(_sessionManager, _authContext, Request); if (command == null) { throw new ArgumentException("Request body may not be null"); } command.ControllingUserId = currentSession.UserId; _sessionManager.SendGeneralCommand( currentSession.Id, sessionId, command, CancellationToken.None); return NoContent(); } /// /// Issues a command to a client to display a message to the user. /// /// The session id. /// The message test. /// The message header. /// The message timeout. If omitted the user will have to confirm viewing the message. /// Message sent. /// A . [HttpPost("Sessions/{sessionId}/Message")] [Authorize(Policy = Policies.DefaultAuthorization)] [ProducesResponseType(StatusCodes.Status204NoContent)] public ActionResult SendMessageCommand( [FromRoute, Required] string sessionId, [FromQuery, Required] string text, [FromQuery] string? header, [FromQuery] long? timeoutMs) { var command = new MessageCommand { Header = string.IsNullOrEmpty(header) ? "Message from Server" : header, TimeoutMs = timeoutMs, Text = text }; _sessionManager.SendMessageCommand(RequestHelpers.GetSession(_sessionManager, _authContext, Request).Id, sessionId, command, CancellationToken.None); return NoContent(); } /// /// Adds an additional user to a session. /// /// The session id. /// The user id. /// User added to session. /// A . [HttpPost("Sessions/{sessionId}/User/{userId}")] [Authorize(Policy = Policies.DefaultAuthorization)] [ProducesResponseType(StatusCodes.Status204NoContent)] public ActionResult AddUserToSession( [FromRoute, Required] string sessionId, [FromRoute, Required] Guid userId) { _sessionManager.AddAdditionalUser(sessionId, userId); return NoContent(); } /// /// Removes an additional user from a session. /// /// The session id. /// The user id. /// User removed from session. /// A . [HttpDelete("Sessions/{sessionId}/User/{userId}")] [Authorize(Policy = Policies.DefaultAuthorization)] [ProducesResponseType(StatusCodes.Status204NoContent)] public ActionResult RemoveUserFromSession( [FromRoute, Required] string sessionId, [FromRoute, Required] Guid userId) { _sessionManager.RemoveAdditionalUser(sessionId, userId); return NoContent(); } /// /// Updates capabilities for a device. /// /// The session id. /// A list of playable media types, comma delimited. Audio, Video, Book, Photo. /// A list of supported remote control commands, comma delimited. /// Determines whether media can be played remotely.. /// Determines whether sync is supported. /// Determines whether the device supports a unique identifier. /// Capabilities posted. /// A . [HttpPost("Sessions/Capabilities")] [Authorize(Policy = Policies.DefaultAuthorization)] [ProducesResponseType(StatusCodes.Status204NoContent)] public ActionResult PostCapabilities( [FromQuery] string? id, [FromQuery] string? playableMediaTypes, [FromQuery] string? supportedCommands, [FromQuery] bool supportsMediaControl = false, [FromQuery] bool supportsSync = false, [FromQuery] bool supportsPersistentIdentifier = true) { if (string.IsNullOrWhiteSpace(id)) { id = RequestHelpers.GetSession(_sessionManager, _authContext, Request).Id; } _sessionManager.ReportCapabilities(id, new ClientCapabilities { PlayableMediaTypes = RequestHelpers.Split(playableMediaTypes, ',', true), SupportedCommands = RequestHelpers.Split(supportedCommands, ',', true), SupportsMediaControl = supportsMediaControl, SupportsSync = supportsSync, SupportsPersistentIdentifier = supportsPersistentIdentifier }); return NoContent(); } /// /// Updates capabilities for a device. /// /// The session id. /// The . /// Capabilities updated. /// A . [HttpPost("Sessions/Capabilities/Full")] [Authorize(Policy = Policies.DefaultAuthorization)] [ProducesResponseType(StatusCodes.Status204NoContent)] public ActionResult PostFullCapabilities( [FromQuery] string? id, [FromBody, Required] ClientCapabilities capabilities) { if (string.IsNullOrWhiteSpace(id)) { id = RequestHelpers.GetSession(_sessionManager, _authContext, Request).Id; } _sessionManager.ReportCapabilities(id, capabilities); return NoContent(); } /// /// Reports that a session is viewing an item. /// /// The session id. /// The item id. /// Session reported to server. /// A . [HttpPost("Sessions/Viewing")] [Authorize(Policy = Policies.DefaultAuthorization)] [ProducesResponseType(StatusCodes.Status204NoContent)] public ActionResult ReportViewing( [FromQuery] string? sessionId, [FromQuery] string? itemId) { string session = RequestHelpers.GetSession(_sessionManager, _authContext, Request).Id; _sessionManager.ReportNowViewingItem(session, itemId); return NoContent(); } /// /// Reports that a session has ended. /// /// Session end reported to server. /// A . [HttpPost("Sessions/Logout")] [Authorize(Policy = Policies.DefaultAuthorization)] [ProducesResponseType(StatusCodes.Status204NoContent)] public ActionResult ReportSessionEnded() { AuthorizationInfo auth = _authContext.GetAuthorizationInfo(Request); _sessionManager.Logout(auth.Token); return NoContent(); } /// /// Get all auth providers. /// /// Auth providers retrieved. /// An with the auth providers. [HttpGet("Auth/Providers")] [Authorize(Policy = Policies.RequiresElevation)] [ProducesResponseType(StatusCodes.Status200OK)] public ActionResult> GetAuthProviders() { return _userManager.GetAuthenticationProviders(); } /// /// Get all password reset providers. /// /// Password reset providers retrieved. /// An with the password reset providers. [HttpGet("Auth/PasswordResetProviders")] [ProducesResponseType(StatusCodes.Status200OK)] [Authorize(Policy = Policies.RequiresElevation)] public ActionResult> GetPasswordResetProviders() { return _userManager.GetPasswordResetProviders(); } } }