aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJoshua Boniface <joshua@boniface.me>2022-07-20 19:29:06 -0400
committerJoshua Boniface <joshua@boniface.me>2022-07-20 19:29:06 -0400
commitb7206b4816b5faf697035d2a80554069e452edfb (patch)
tree8aca448aa4ff901cc2817ca0420ad1da62e21c0c
parent81e164ebc8b7ca7fedbcedb49dc6db939dcde189 (diff)
Backport pull request #8013 from jellyfin/release-10.8.z
Fix password change during parental control schedule Authored-by: David Ullmer <davidullmer@outlook.de> Merged-by: Bond-009 <bond.009@outlook.com> Original-merge: 84a1674f391d344c251c2c949cb227a9318536eb
Diffstat
-rw-r--r--Jellyfin.Api/Controllers/UserController.cs21
1 files changed, 12 insertions, 9 deletions
diff --git a/Jellyfin.Api/Controllers/UserController.cs b/Jellyfin.Api/Controllers/UserController.cs
index 6d15d9185..82c8563a8 100644
--- a/Jellyfin.Api/Controllers/UserController.cs
+++ b/Jellyfin.Api/Controllers/UserController.cs
@@ -282,16 +282,19 @@ namespace Jellyfin.Api.Controllers
}
else
{
- var success = await _userManager.AuthenticateUser(
- user.Username,
- request.CurrentPw,
- request.CurrentPw,
- HttpContext.GetNormalizedRemoteIp().ToString(),
- false).ConfigureAwait(false);
-
- if (success == null)
+ if (!HttpContext.User.IsInRole(UserRoles.Administrator))
{
- return StatusCode(StatusCodes.Status403Forbidden, "Invalid user or password entered.");
+ var success = await _userManager.AuthenticateUser(
+ user.Username,
+ request.CurrentPw,
+ request.CurrentPw,
+ HttpContext.GetNormalizedRemoteIp().ToString(),
+ false).ConfigureAwait(false);
+
+ if (success == null)
+ {
+ return StatusCode(StatusCodes.Status403Forbidden, "Invalid user or password entered.");
+ }
}
await _userManager.ChangePassword(user, request.NewPw).ConfigureAwait(false);
generated by cgit v1.2.3 (git 2.46.0) at 2025-12-06 18:22:00 +0000