diff options
| author | KGT1 <kilian.gamn@gmx.de> | 2025-09-12 22:15:00 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-09-12 14:15:00 -0600 |
| commit | 7c6cedd90ac26d6b18fd518f25421b2b71c74993 (patch) | |
| tree | d78bf31007e4bbd326e34b77452495937a28e92a /Jellyfin.Api/WebSocketListeners | |
| parent | 96590eea8516173d6983c164bb29743eaea6f8d7 (diff) | |
Allow non-admin users to subscribe to their own Sessions (#13767)
Diffstat (limited to 'Jellyfin.Api/WebSocketListeners')
| -rw-r--r-- | Jellyfin.Api/WebSocketListeners/SessionInfoWebSocketListener.cs | 23 |
1 files changed, 19 insertions, 4 deletions
diff --git a/Jellyfin.Api/WebSocketListeners/SessionInfoWebSocketListener.cs b/Jellyfin.Api/WebSocketListeners/SessionInfoWebSocketListener.cs index 9d149cc85..143d82bac 100644 --- a/Jellyfin.Api/WebSocketListeners/SessionInfoWebSocketListener.cs +++ b/Jellyfin.Api/WebSocketListeners/SessionInfoWebSocketListener.cs @@ -1,4 +1,5 @@ using System.Collections.Generic; +using System.Linq; using System.Threading.Tasks; using Jellyfin.Data; using Jellyfin.Database.Implementations.Enums; @@ -57,6 +58,21 @@ public class SessionInfoWebSocketListener : BasePeriodicWebSocketListener<IEnume } /// <inheritdoc /> + protected override Task<IEnumerable<SessionInfo>> GetDataToSendForConnection(IWebSocketConnection connection) + { + // For non-admin users, filter the sessions to only include their own sessions + if (connection.AuthorizationInfo?.User is not null && + !connection.AuthorizationInfo.IsApiKey && + !connection.AuthorizationInfo.User.HasPermission(PermissionKind.IsAdministrator)) + { + var userId = connection.AuthorizationInfo.User.Id; + return Task.FromResult(_sessionManager.Sessions.Where(s => s.UserId.Equals(userId) || s.ContainsUser(userId))); + } + + return Task.FromResult(_sessionManager.Sessions); + } + + /// <inheritdoc /> protected override async ValueTask DisposeAsyncCore() { if (!_disposed) @@ -80,11 +96,10 @@ public class SessionInfoWebSocketListener : BasePeriodicWebSocketListener<IEnume /// <param name="message">The message.</param> protected override void Start(WebSocketMessageInfo message) { - if (!message.Connection.AuthorizationInfo.IsApiKey - && (message.Connection.AuthorizationInfo.User is null - || !message.Connection.AuthorizationInfo.User.HasPermission(PermissionKind.IsAdministrator))) + // Allow all authenticated users to subscribe to session information + if (message.Connection.AuthorizationInfo.User is null && !message.Connection.AuthorizationInfo.IsApiKey) { - throw new AuthenticationException("Only admin users can subscribe to session information."); + throw new AuthenticationException("User must be authenticated to subscribe to session Information."); } base.Start(message); |