diff options
| author | crobibero <cody@robibe.ro> | 2020-06-30 17:53:20 -0600 |
|---|---|---|
| committer | crobibero <cody@robibe.ro> | 2020-06-30 17:53:20 -0600 |
| commit | 14faebc7fe7a5a75d4d39ef0c70e6ff0106e76f3 (patch) | |
| tree | 0552309271dd0ff99c4db6f97ed0051f4d888591 /Jellyfin.Api/Auth/BaseAuthorizationHandler.cs | |
| parent | 7e94bb786432536e95f4e76ea1f8fe02dd292fef (diff) | |
| parent | d300d80479597faa4a8b6e840f6fcb1efdb63c8c (diff) | |
Merge remote-tracking branch 'upstream/api-migration' into api-livetv
Diffstat (limited to 'Jellyfin.Api/Auth/BaseAuthorizationHandler.cs')
| -rw-r--r-- | Jellyfin.Api/Auth/BaseAuthorizationHandler.cs | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/Jellyfin.Api/Auth/BaseAuthorizationHandler.cs b/Jellyfin.Api/Auth/BaseAuthorizationHandler.cs index 953acac80..50b6468db 100644 --- a/Jellyfin.Api/Auth/BaseAuthorizationHandler.cs +++ b/Jellyfin.Api/Auth/BaseAuthorizationHandler.cs @@ -42,11 +42,13 @@ namespace Jellyfin.Api.Auth /// <param name="claimsPrincipal">Request claims.</param> /// <param name="ignoreSchedule">Whether to ignore parental control.</param> /// <param name="localAccessOnly">Whether access is to be allowed locally only.</param> + /// <param name="requiredDownloadPermission">Whether validation requires download permission.</param> /// <returns>Validated claim status.</returns> protected bool ValidateClaims( ClaimsPrincipal claimsPrincipal, bool ignoreSchedule = false, - bool localAccessOnly = false) + bool localAccessOnly = false, + bool requiredDownloadPermission = false) { // Ensure claim has userId. var userId = ClaimHelpers.GetUserId(claimsPrincipal); @@ -89,6 +91,13 @@ namespace Jellyfin.Api.Auth return false; } + // User attempting to download without permission. + if (requiredDownloadPermission + && !user.HasPermission(PermissionKind.EnableContentDownloading)) + { + return false; + } + return true; } |