diff options
| author | crobibero <cody@robibe.ro> | 2020-06-14 20:15:26 -0600 |
|---|---|---|
| committer | crobibero <cody@robibe.ro> | 2020-06-14 20:15:26 -0600 |
| commit | 589735f60ce36197be9d1c4609b0ee6e3fd3c291 (patch) | |
| tree | c5dad758fee4f4eb7727780fd7eab0fa60630a71 /MediaBrowser.Api/BaseApiService.cs | |
| parent | e2b2f74b47cc1d281c0819795b83f8d49d1f3b09 (diff) | |
| parent | f026a1d7217c69b4eeadd258980e254702f6dde6 (diff) | |
Merge remote-tracking branch 'upstream/master' into HEAD
Diffstat (limited to 'MediaBrowser.Api/BaseApiService.cs')
| -rw-r--r-- | MediaBrowser.Api/BaseApiService.cs | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/MediaBrowser.Api/BaseApiService.cs b/MediaBrowser.Api/BaseApiService.cs index 2cd68ac1b..2ece16ee1 100644 --- a/MediaBrowser.Api/BaseApiService.cs +++ b/MediaBrowser.Api/BaseApiService.cs @@ -1,6 +1,7 @@ using System; using System.IO; using System.Linq; +using Jellyfin.Data.Enums; using MediaBrowser.Controller.Configuration; using MediaBrowser.Controller.Dto; using MediaBrowser.Controller.Entities; @@ -94,8 +95,8 @@ namespace MediaBrowser.Api var authenticatedUser = auth.User; // If they're going to update the record of another user, they must be an administrator - if ((!userId.Equals(auth.UserId) && !authenticatedUser.Policy.IsAdministrator) - || (restrictUserPreferences && !authenticatedUser.Policy.EnableUserPreferenceAccess)) + if ((!userId.Equals(auth.UserId) && !authenticatedUser.HasPermission(PermissionKind.IsAdministrator)) + || (restrictUserPreferences && !authenticatedUser.EnableUserPreferenceAccess)) { throw new SecurityException("Unauthorized access."); } |