Merge pull request #4411 from crobibero/fix-auth

Fix endpoint authorization requirements
author: Bond-009 <bond.009@outlook.com> 2020-11-06 16:27:51 +0100
committer: GitHub <noreply@github.com> 2020-11-06 16:27:51 +0100
commit: 3e819eeb028a7b460ba88fb639fa2e0acf1967df (patch)
tree: 87e8258db9f4ae0a0e683c60241d6b718413bbd6 /Jellyfin.Api/Controllers/SuggestionsController.cs
parent: 83d7e0a2657f4fb955366d71ab93d17f5a769cd4 (diff)
parent: 6a07e93ddd934420620297d510d4c4b9122463cb (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/Jellyfin.Api/Controllers/SuggestionsController.cs b/Jellyfin.Api/Controllers/SuggestionsController.cs
index d7c81a3ab..ad64adfba 100644
--- a/Jellyfin.Api/Controllers/SuggestionsController.cs
+++ b/Jellyfin.Api/Controllers/SuggestionsController.cs
@@ -1,6 +1,7 @@
 using System;
 using System.ComponentModel.DataAnnotations;
 using System.Linq;
+using Jellyfin.Api.Constants;
 using Jellyfin.Api.Extensions;
 using Jellyfin.Api.Helpers;
 using Jellyfin.Data.Enums;
@@ -9,6 +10,7 @@ using MediaBrowser.Controller.Entities;
 using MediaBrowser.Controller.Library;
 using MediaBrowser.Model.Dto;
 using MediaBrowser.Model.Querying;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
 
@@ -18,6 +20,7 @@ namespace Jellyfin.Api.Controllers
     /// The suggestions controller.
     /// </summary>
     [Route("")]
+    [Authorize(Policy = Policies.DefaultAuthorization)]
     public class SuggestionsController : BaseJellyfinApiController
     {
         private readonly IDtoService _dtoService;
author	Bond-009 <bond.009@outlook.com>	2020-11-06 16:27:51 +0100
committer	GitHub <noreply@github.com>	2020-11-06 16:27:51 +0100
commit	3e819eeb028a7b460ba88fb639fa2e0acf1967df (patch)
tree	87e8258db9f4ae0a0e683c60241d6b718413bbd6 /Jellyfin.Api/Controllers/SuggestionsController.cs
parent	83d7e0a2657f4fb955366d71ab93d17f5a769cd4 (diff)
parent	6a07e93ddd934420620297d510d4c4b9122463cb (diff)