diff options
| author | Cody Robibero <cody@robibe.ro> | 2022-03-18 16:52:59 -0600 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-03-18 16:52:59 -0600 |
| commit | 6a567e8c76a37331f193359cdc090627ab02e244 (patch) | |
| tree | e230fdcf8fffd089ef6bc919649abc27e14b9b1c /Jellyfin.Api/Controllers | |
| parent | 4b5148c69ec05a265e21af2eae09c43479e1d80c (diff) | |
| parent | 8a827ba995f2998b138d6df07dadbeceec83ea94 (diff) | |
Merge pull request #7474 from nielsvanvelzen/api-secure
Diffstat (limited to 'Jellyfin.Api/Controllers')
| -rw-r--r-- | Jellyfin.Api/Controllers/DashboardController.cs | 3 | ||||
| -rw-r--r-- | Jellyfin.Api/Controllers/UserViewsController.cs | 3 |
2 files changed, 6 insertions, 0 deletions
diff --git a/Jellyfin.Api/Controllers/DashboardController.cs b/Jellyfin.Api/Controllers/DashboardController.cs index 87cb418d97..c8411f44ba 100644 --- a/Jellyfin.Api/Controllers/DashboardController.cs +++ b/Jellyfin.Api/Controllers/DashboardController.cs @@ -4,10 +4,12 @@ using System.IO; using System.Linq; using System.Net.Mime; using Jellyfin.Api.Attributes; +using Jellyfin.Api.Constants; using Jellyfin.Api.Models; using MediaBrowser.Common.Plugins; using MediaBrowser.Model.Net; using MediaBrowser.Model.Plugins; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using Microsoft.Extensions.Logging; @@ -46,6 +48,7 @@ namespace Jellyfin.Api.Controllers [HttpGet("web/ConfigurationPages")] [ProducesResponseType(StatusCodes.Status200OK)] [ProducesResponseType(StatusCodes.Status404NotFound)] + [Authorize(Policy = Policies.DefaultAuthorization)] public ActionResult<IEnumerable<ConfigurationPageInfo>> GetConfigurationPages( [FromQuery] bool? enableInMainMenu) { diff --git a/Jellyfin.Api/Controllers/UserViewsController.cs b/Jellyfin.Api/Controllers/UserViewsController.cs index 96d81b49aa..5cc8c906fb 100644 --- a/Jellyfin.Api/Controllers/UserViewsController.cs +++ b/Jellyfin.Api/Controllers/UserViewsController.cs @@ -4,6 +4,7 @@ using System.ComponentModel.DataAnnotations; using System.Globalization; using System.Linq; using System.Threading.Tasks; +using Jellyfin.Api.Constants; using Jellyfin.Api.Extensions; using Jellyfin.Api.ModelBinders; using Jellyfin.Api.Models.UserViewDtos; @@ -15,6 +16,7 @@ using MediaBrowser.Model.Dto; using MediaBrowser.Model.Entities; using MediaBrowser.Model.Library; using MediaBrowser.Model.Querying; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; @@ -24,6 +26,7 @@ namespace Jellyfin.Api.Controllers /// User views controller. /// </summary> [Route("")] + [Authorize(Policy = Policies.DefaultAuthorization)] public class UserViewsController : BaseJellyfinApiController { private readonly IUserManager _userManager; |