diff options
| author | Claus Vium <cvium@users.noreply.github.com> | 2020-12-08 10:11:14 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-12-08 10:11:14 +0100 |
| commit | 80ff564143b0745cba4b01b5378df6415f4072af (patch) | |
| tree | 8694967d7d0a5c6576ff39f25333d34dbedc6b55 /Jellyfin.Api/Controllers/UserController.cs | |
| parent | 0aad17554c737404aaf9492d4cb16eee2ccbd4e7 (diff) | |
| parent | 5150598c6d3d0ddb4435d73d5bea80d4b1fd2769 (diff) | |
Merge pull request #4722 from crobibero/forbid
Fix API forbidden response
Diffstat (limited to 'Jellyfin.Api/Controllers/UserController.cs')
| -rw-r--r-- | Jellyfin.Api/Controllers/UserController.cs | 18 |
1 files changed, 9 insertions, 9 deletions
diff --git a/Jellyfin.Api/Controllers/UserController.cs b/Jellyfin.Api/Controllers/UserController.cs index df55b8185..8256e3782 100644 --- a/Jellyfin.Api/Controllers/UserController.cs +++ b/Jellyfin.Api/Controllers/UserController.cs @@ -169,7 +169,7 @@ namespace Jellyfin.Api.Controllers if (!string.IsNullOrEmpty(password) && string.IsNullOrEmpty(pw)) { - return Forbid("Only sha1 password is not allowed."); + return StatusCode(StatusCodes.Status403Forbidden, "Only sha1 password is not allowed."); } // Password should always be null @@ -271,7 +271,7 @@ namespace Jellyfin.Api.Controllers { if (!RequestHelpers.AssertCanUpdateUser(_authContext, HttpContext.Request, userId, true)) { - return Forbid("User is not allowed to update the password."); + return StatusCode(StatusCodes.Status403Forbidden, "User is not allowed to update the password."); } var user = _userManager.GetUserById(userId); @@ -296,7 +296,7 @@ namespace Jellyfin.Api.Controllers if (success == null) { - return Forbid("Invalid user or password entered."); + return StatusCode(StatusCodes.Status403Forbidden, "Invalid user or password entered."); } await _userManager.ChangePassword(user, request.NewPw).ConfigureAwait(false); @@ -329,7 +329,7 @@ namespace Jellyfin.Api.Controllers { if (!RequestHelpers.AssertCanUpdateUser(_authContext, HttpContext.Request, userId, true)) { - return Forbid("User is not allowed to update the easy password."); + return StatusCode(StatusCodes.Status403Forbidden, "User is not allowed to update the easy password."); } var user = _userManager.GetUserById(userId); @@ -371,7 +371,7 @@ namespace Jellyfin.Api.Controllers { if (!RequestHelpers.AssertCanUpdateUser(_authContext, HttpContext.Request, userId, false)) { - return Forbid("User update not allowed."); + return StatusCode(StatusCodes.Status403Forbidden, "User update not allowed."); } var user = _userManager.GetUserById(userId); @@ -411,14 +411,14 @@ namespace Jellyfin.Api.Controllers { if (_userManager.Users.Count(i => i.HasPermission(PermissionKind.IsAdministrator)) == 1) { - return Forbid("There must be at least one user in the system with administrative access."); + return StatusCode(StatusCodes.Status403Forbidden, "There must be at least one user in the system with administrative access."); } } // If disabling if (newPolicy.IsDisabled && user.HasPermission(PermissionKind.IsAdministrator)) { - return Forbid("Administrators cannot be disabled."); + return StatusCode(StatusCodes.Status403Forbidden, "Administrators cannot be disabled."); } // If disabling @@ -426,7 +426,7 @@ namespace Jellyfin.Api.Controllers { if (_userManager.Users.Count(i => !i.HasPermission(PermissionKind.IsDisabled)) == 1) { - return Forbid("There must be at least one enabled user in the system."); + return StatusCode(StatusCodes.Status403Forbidden, "There must be at least one enabled user in the system."); } var currentToken = _authContext.GetAuthorizationInfo(Request).Token; @@ -456,7 +456,7 @@ namespace Jellyfin.Api.Controllers { if (!RequestHelpers.AssertCanUpdateUser(_authContext, HttpContext.Request, userId, false)) { - return Forbid("User configuration update not allowed"); + return StatusCode(StatusCodes.Status403Forbidden, "User configuration update not allowed"); } await _userManager.UpdateConfigurationAsync(userId, userConfig).ConfigureAwait(false); |