diff options
| author | gnattu <gnattu@users.noreply.github.com> | 2024-09-24 22:15:53 +0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-09-24 08:15:53 -0600 |
| commit | 75bbd3029613829a9b55ac01e27093583fc8cf52 (patch) | |
| tree | 925f7f43c0186b6338bd865d79b5f92a3932f797 /Emby.Server.Implementations/Session/SessionManager.cs | |
| parent | 38d0b004baf4ff80d178a30d720e81e66b532b75 (diff) | |
Fix get sessions with api key (#12696)
Diffstat (limited to 'Emby.Server.Implementations/Session/SessionManager.cs')
| -rw-r--r-- | Emby.Server.Implementations/Session/SessionManager.cs | 44 |
1 files changed, 36 insertions, 8 deletions
diff --git a/Emby.Server.Implementations/Session/SessionManager.cs b/Emby.Server.Implementations/Session/SessionManager.cs index 55e485669..6a8ad2bdc 100644 --- a/Emby.Server.Implementations/Session/SessionManager.cs +++ b/Emby.Server.Implementations/Session/SessionManager.cs @@ -1858,15 +1858,38 @@ namespace Emby.Server.Implementations.Session Guid userId, string deviceId, int? activeWithinSeconds, - Guid? controllableUserToCheck) + Guid? controllableUserToCheck, + bool isApiKey) { var result = Sessions; - var user = _userManager.GetUserById(userId); if (!string.IsNullOrEmpty(deviceId)) { result = result.Where(i => string.Equals(i.DeviceId, deviceId, StringComparison.OrdinalIgnoreCase)); } + var userCanControlOthers = false; + var userIsAdmin = false; + User user = null; + + if (isApiKey) + { + userCanControlOthers = true; + userIsAdmin = true; + } + else if (!userId.IsEmpty()) + { + user = _userManager.GetUserById(userId); + if (user is not null) + { + userCanControlOthers = user.HasPermission(PermissionKind.EnableRemoteControlOfOtherUsers); + userIsAdmin = user.HasPermission(PermissionKind.IsAdministrator); + } + else + { + return []; + } + } + if (!controllableUserToCheck.IsNullOrEmpty()) { result = result.Where(i => i.SupportsRemoteControl); @@ -1883,29 +1906,34 @@ namespace Emby.Server.Implementations.Session result = result.Where(i => !i.UserId.IsEmpty()); } - if (!user.HasPermission(PermissionKind.EnableRemoteControlOfOtherUsers)) + if (!userCanControlOthers) { // User cannot control other user's sessions, validate user id. - result = result.Where(i => i.UserId.IsEmpty() || i.ContainsUser(user.Id)); + result = result.Where(i => i.UserId.IsEmpty() || i.ContainsUser(userId)); } result = result.Where(i => { - if (!string.IsNullOrWhiteSpace(i.DeviceId) && !_deviceManager.CanAccessDevice(user, i.DeviceId)) + if (isApiKey) + { + return true; + } + + if (user is null) { return false; } - return true; + return string.IsNullOrWhiteSpace(i.DeviceId) || _deviceManager.CanAccessDevice(user, i.DeviceId); }); } - else if (!user.HasPermission(PermissionKind.IsAdministrator)) + else if (!userIsAdmin) { // Request isn't from administrator, limit to "own" sessions. result = result.Where(i => i.UserId.IsEmpty() || i.ContainsUser(userId)); } - if (!user.HasPermission(PermissionKind.IsAdministrator)) + if (!userIsAdmin) { // Don't report acceleration type for non-admin users. result = result.Select(r => |