diff options
| author | Shadowghost <Ghost_of_Stone@web.de> | 2023-03-03 10:42:24 +0100 |
|---|---|---|
| committer | Shadowghost <Ghost_of_Stone@web.de> | 2023-03-03 10:42:24 +0100 |
| commit | 80b8661008f271efad595e75de7b0c50971b131b (patch) | |
| tree | b756d3993b4482fbf4ef91102be322cc542596ec /Jellyfin.Api/Auth | |
| parent | 7af6694594cfc71644b336a2bba459c2f439369b (diff) | |
| parent | 0de37e2ac2fcde85171336ac70d721060012fd78 (diff) | |
Merge branch 'master' into network-rewrite
Diffstat (limited to 'Jellyfin.Api/Auth')
| -rw-r--r-- | Jellyfin.Api/Auth/DefaultAuthorizationPolicy/DefaultAuthorizationHandler.cs | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/Jellyfin.Api/Auth/DefaultAuthorizationPolicy/DefaultAuthorizationHandler.cs b/Jellyfin.Api/Auth/DefaultAuthorizationPolicy/DefaultAuthorizationHandler.cs index c0db4d1fc..cf3cb6905 100644 --- a/Jellyfin.Api/Auth/DefaultAuthorizationPolicy/DefaultAuthorizationHandler.cs +++ b/Jellyfin.Api/Auth/DefaultAuthorizationPolicy/DefaultAuthorizationHandler.cs @@ -46,6 +46,13 @@ namespace Jellyfin.Api.Auth.DefaultAuthorizationPolicy return Task.CompletedTask; } + if (isApiKey) + { + // Api keys are unrestricted. + context.Succeed(requirement); + return Task.CompletedTask; + } + var isInLocalNetwork = _httpContextAccessor.HttpContext is not null && _networkManager.IsInLocalNetwork(_httpContextAccessor.HttpContext.GetNormalizedRemoteIP()); var user = _userManager.GetUserById(userId); @@ -62,7 +69,7 @@ namespace Jellyfin.Api.Auth.DefaultAuthorizationPolicy } // Admins can do everything - if (isApiKey || context.User.IsInRole(UserRoles.Administrator)) + if (context.User.IsInRole(UserRoles.Administrator)) { context.Succeed(requirement); return Task.CompletedTask; |