Merge pull request #3420 from Ullmie02/api-missing-policy

Add missing authorization policies (new Web Api)
author: Patrick Barron <18354464+barronpm@users.noreply.github.com> 2020-06-23 01:33:13 +0000
committer: GitHub <noreply@github.com> 2020-06-23 01:33:13 +0000
commit: 57bf8c17d62d58aa0f09c86da2c2a232e20dbbd6 (patch)
tree: 3f88453265917bea00e13270ce663ce6698fc127 /Jellyfin.Api/Controllers/SessionController.cs
parent: 68e89be3494eb4d348f464bfcd8c07b49ddaca21 (diff)
parent: 5c6e9f4db58883db43055cd37b2cecd9fa2c12b2 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/Jellyfin.Api/Controllers/SessionController.cs b/Jellyfin.Api/Controllers/SessionController.cs
index 315bc9728..39da4178d 100644
--- a/Jellyfin.Api/Controllers/SessionController.cs
+++ b/Jellyfin.Api/Controllers/SessionController.cs
@@ -5,6 +5,7 @@ using System.Collections.Generic;
 using System.ComponentModel.DataAnnotations;
 using System.Linq;
 using System.Threading;
+using Jellyfin.Api.Constants;
 using Jellyfin.Api.Helpers;
 using Jellyfin.Data.Enums;
 using MediaBrowser.Controller.Devices;
@@ -57,7 +58,7 @@ namespace Jellyfin.Api.Controllers
         /// <response code="200">List of sessions returned.</response>
         /// <returns>An <see cref="IEnumerable{SessionInfo}"/> with the available sessions.</returns>
         [HttpGet("/Sessions")]
-        [Authorize]
+        [Authorize(Policy = Policies.DefaultAuthorization)]
         [ProducesResponseType(StatusCodes.Status200OK)]
         public ActionResult<IEnumerable<SessionInfo>> GetSessions(
             [FromQuery] Guid controllableByUserId,
author	Patrick Barron <18354464+barronpm@users.noreply.github.com>	2020-06-23 01:33:13 +0000
committer	GitHub <noreply@github.com>	2020-06-23 01:33:13 +0000
commit	57bf8c17d62d58aa0f09c86da2c2a232e20dbbd6 (patch)
tree	3f88453265917bea00e13270ce663ce6698fc127 /Jellyfin.Api/Controllers/SessionController.cs
parent	68e89be3494eb4d348f464bfcd8c07b49ddaca21 (diff)
parent	5c6e9f4db58883db43055cd37b2cecd9fa2c12b2 (diff)