aboutsummaryrefslogtreecommitdiff
path: root/MediaBrowser.Api/BaseApiService.cs
diff options
context:
space:
mode:
authorAnthony Lavado <anthony@lavado.ca>2020-06-14 22:50:49 -0400
committerGitHub <noreply@github.com>2020-06-14 22:50:49 -0400
commitcf9223b8cb2f1ebccf20cb1dcd99d19b78cf3e61 (patch)
tree95ec837fa654622732ba950859190bb3a16b8619 /MediaBrowser.Api/BaseApiService.cs
parente2b2f74b47cc1d281c0819795b83f8d49d1f3b09 (diff)
parent524243a9340bfccd2c9ae708be70a5e49f5f53f1 (diff)
Merge pull request #3340 from crobibero/api-migration-merge
Merge master into api-migration
Diffstat (limited to 'MediaBrowser.Api/BaseApiService.cs')
-rw-r--r--MediaBrowser.Api/BaseApiService.cs5
1 files changed, 3 insertions, 2 deletions
diff --git a/MediaBrowser.Api/BaseApiService.cs b/MediaBrowser.Api/BaseApiService.cs
index 2cd68ac1b..2ece16ee1 100644
--- a/MediaBrowser.Api/BaseApiService.cs
+++ b/MediaBrowser.Api/BaseApiService.cs
@@ -1,6 +1,7 @@
using System;
using System.IO;
using System.Linq;
+using Jellyfin.Data.Enums;
using MediaBrowser.Controller.Configuration;
using MediaBrowser.Controller.Dto;
using MediaBrowser.Controller.Entities;
@@ -94,8 +95,8 @@ namespace MediaBrowser.Api
var authenticatedUser = auth.User;
// If they're going to update the record of another user, they must be an administrator
- if ((!userId.Equals(auth.UserId) && !authenticatedUser.Policy.IsAdministrator)
- || (restrictUserPreferences && !authenticatedUser.Policy.EnableUserPreferenceAccess))
+ if ((!userId.Equals(auth.UserId) && !authenticatedUser.HasPermission(PermissionKind.IsAdministrator))
+ || (restrictUserPreferences && !authenticatedUser.EnableUserPreferenceAccess))
{
throw new SecurityException("Unauthorized access.");
}
generated by cgit v1.2.3 (git 2.46.0) at 2025-12-06 21:12:37 +0000