diff options
| author | crobibero <cody@robibe.ro> | 2020-06-25 16:05:15 -0600 |
|---|---|---|
| committer | crobibero <cody@robibe.ro> | 2020-06-25 16:05:15 -0600 |
| commit | 0740ec611211cb121a2ea4f97ab43b92d6411d4d (patch) | |
| tree | bcc5fee8f82e30ebe087966115320dbf66d1fd5c /Jellyfin.Api/Auth/BaseAuthorizationHandler.cs | |
| parent | ccd7b3f52435de880158bc41dec9268dc9acbdd5 (diff) | |
| parent | 7bd91727791d5723e779e63b913e8650380048ce (diff) | |
Merge remote-tracking branch 'upstream/api-migration' into api-image-service
Diffstat (limited to 'Jellyfin.Api/Auth/BaseAuthorizationHandler.cs')
| -rw-r--r-- | Jellyfin.Api/Auth/BaseAuthorizationHandler.cs | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/Jellyfin.Api/Auth/BaseAuthorizationHandler.cs b/Jellyfin.Api/Auth/BaseAuthorizationHandler.cs index 953acac80..50b6468db 100644 --- a/Jellyfin.Api/Auth/BaseAuthorizationHandler.cs +++ b/Jellyfin.Api/Auth/BaseAuthorizationHandler.cs @@ -42,11 +42,13 @@ namespace Jellyfin.Api.Auth /// <param name="claimsPrincipal">Request claims.</param> /// <param name="ignoreSchedule">Whether to ignore parental control.</param> /// <param name="localAccessOnly">Whether access is to be allowed locally only.</param> + /// <param name="requiredDownloadPermission">Whether validation requires download permission.</param> /// <returns>Validated claim status.</returns> protected bool ValidateClaims( ClaimsPrincipal claimsPrincipal, bool ignoreSchedule = false, - bool localAccessOnly = false) + bool localAccessOnly = false, + bool requiredDownloadPermission = false) { // Ensure claim has userId. var userId = ClaimHelpers.GetUserId(claimsPrincipal); @@ -89,6 +91,13 @@ namespace Jellyfin.Api.Auth return false; } + // User attempting to download without permission. + if (requiredDownloadPermission + && !user.HasPermission(PermissionKind.EnableContentDownloading)) + { + return false; + } + return true; } |