aboutsummaryrefslogtreecommitdiff
path: root/Jellyfin.Api/Auth/DefaultAuthorizationPolicy
diff options
context:
space:
mode:
Diffstat (limited to 'Jellyfin.Api/Auth/DefaultAuthorizationPolicy')
-rw-r--r--Jellyfin.Api/Auth/DefaultAuthorizationPolicy/DefaultAuthorizationHandler.cs5
1 files changed, 3 insertions, 2 deletions
diff --git a/Jellyfin.Api/Auth/DefaultAuthorizationPolicy/DefaultAuthorizationHandler.cs b/Jellyfin.Api/Auth/DefaultAuthorizationPolicy/DefaultAuthorizationHandler.cs
index 0f3c69abc..2d9ce0631 100644
--- a/Jellyfin.Api/Auth/DefaultAuthorizationPolicy/DefaultAuthorizationHandler.cs
+++ b/Jellyfin.Api/Auth/DefaultAuthorizationPolicy/DefaultAuthorizationHandler.cs
@@ -38,9 +38,10 @@ namespace Jellyfin.Api.Auth.DefaultAuthorizationPolicy
/// <inheritdoc />
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, DefaultAuthorizationRequirement requirement)
{
+ var isApiKey = context.User.GetIsApiKey();
var userId = context.User.GetUserId();
// This likely only happens during the wizard, so skip the default checks and let any other handlers do it
- if (userId.Equals(default))
+ if (!isApiKey && userId.Equals(default))
{
return Task.CompletedTask;
}
@@ -56,7 +57,7 @@ namespace Jellyfin.Api.Auth.DefaultAuthorizationPolicy
}
// Admins can do everything
- if (context.User.GetIsApiKey() || context.User.IsInRole(UserRoles.Administrator))
+ if (isApiKey || context.User.IsInRole(UserRoles.Administrator))
{
context.Succeed(requirement);
return Task.CompletedTask;
generated by cgit v1.2.3 (git 2.46.0) at 2025-12-06 13:57:40 +0000