aboutsummaryrefslogtreecommitdiff
path: root/Jellyfin.Api/Controllers/UserLibraryController.cs
diff options
context:
space:
mode:
Diffstat (limited to 'Jellyfin.Api/Controllers/UserLibraryController.cs')
-rw-r--r--Jellyfin.Api/Controllers/UserLibraryController.cs116
1 files changed, 26 insertions, 90 deletions
diff --git a/Jellyfin.Api/Controllers/UserLibraryController.cs b/Jellyfin.Api/Controllers/UserLibraryController.cs
index c19ad33c8..421f1bfb5 100644
--- a/Jellyfin.Api/Controllers/UserLibraryController.cs
+++ b/Jellyfin.Api/Controllers/UserLibraryController.cs
@@ -77,8 +77,8 @@ public class UserLibraryController : BaseJellyfinApiController
[FromQuery] Guid? userId,
[FromRoute, Required] Guid itemId)
{
- var requestUserId = RequestHelpers.GetUserId(User, userId);
- var user = _userManager.GetUserById(requestUserId);
+ userId = RequestHelpers.GetUserId(User, userId);
+ var user = _userManager.GetUserById(userId.Value);
if (user is null)
{
return NotFound();
@@ -86,20 +86,12 @@ public class UserLibraryController : BaseJellyfinApiController
var item = itemId.IsEmpty()
? _libraryManager.GetUserRootFolder()
- : _libraryManager.GetItemById(itemId);
-
+ : _libraryManager.GetItemById<BaseItem>(itemId, user);
if (item is null)
{
return NotFound();
}
- if (item is not UserRootFolder
- // Check the item is visible for the user
- && !item.IsVisible(user))
- {
- return Unauthorized($"{user.Username} is not permitted to access item {item.Name}.");
- }
-
await RefreshItemOnDemandIfNeeded(item).ConfigureAwait(false);
var dtoOptions = new DtoOptions().AddClientFields(User);
@@ -133,8 +125,8 @@ public class UserLibraryController : BaseJellyfinApiController
[ProducesResponseType(StatusCodes.Status200OK)]
public ActionResult<BaseItemDto> GetRootFolder([FromQuery] Guid? userId)
{
- var requestUserId = RequestHelpers.GetUserId(User, userId);
- var user = _userManager.GetUserById(requestUserId);
+ userId = RequestHelpers.GetUserId(User, userId);
+ var user = _userManager.GetUserById(userId.Value);
if (user is null)
{
return NotFound();
@@ -172,8 +164,8 @@ public class UserLibraryController : BaseJellyfinApiController
[FromQuery] Guid? userId,
[FromRoute, Required] Guid itemId)
{
- var requestUserId = RequestHelpers.GetUserId(User, userId);
- var user = _userManager.GetUserById(requestUserId);
+ userId = RequestHelpers.GetUserId(User, userId);
+ var user = _userManager.GetUserById(userId.Value);
if (user is null)
{
return NotFound();
@@ -181,20 +173,12 @@ public class UserLibraryController : BaseJellyfinApiController
var item = itemId.IsEmpty()
? _libraryManager.GetUserRootFolder()
- : _libraryManager.GetItemById(itemId);
-
+ : _libraryManager.GetItemById<BaseItem>(itemId, user);
if (item is null)
{
return NotFound();
}
- if (item is not UserRootFolder
- // Check the item is visible for the user
- && !item.IsVisible(user))
- {
- return Unauthorized($"{user.Username} is not permitted to access item {item.Name}.");
- }
-
var items = await _libraryManager.GetIntros(item, user).ConfigureAwait(false);
var dtoOptions = new DtoOptions().AddClientFields(User);
var dtos = items.Select(i => _dtoService.GetBaseItemDto(i, dtoOptions, user)).ToArray();
@@ -231,8 +215,8 @@ public class UserLibraryController : BaseJellyfinApiController
[FromQuery] Guid? userId,
[FromRoute, Required] Guid itemId)
{
- var requestUserId = RequestHelpers.GetUserId(User, userId);
- var user = _userManager.GetUserById(requestUserId);
+ userId = RequestHelpers.GetUserId(User, userId);
+ var user = _userManager.GetUserById(userId.Value);
if (user is null)
{
return NotFound();
@@ -240,20 +224,12 @@ public class UserLibraryController : BaseJellyfinApiController
var item = itemId.IsEmpty()
? _libraryManager.GetUserRootFolder()
- : _libraryManager.GetItemById(itemId);
-
+ : _libraryManager.GetItemById<BaseItem>(itemId, user);
if (item is null)
{
return NotFound();
}
- if (item is not UserRootFolder
- // Check the item is visible for the user
- && !item.IsVisible(user))
- {
- return Unauthorized($"{user.Username} is not permitted to access item {item.Name}.");
- }
-
return MarkFavorite(user, item, true);
}
@@ -286,8 +262,8 @@ public class UserLibraryController : BaseJellyfinApiController
[FromQuery] Guid? userId,
[FromRoute, Required] Guid itemId)
{
- var requestUserId = RequestHelpers.GetUserId(User, userId);
- var user = _userManager.GetUserById(requestUserId);
+ userId = RequestHelpers.GetUserId(User, userId);
+ var user = _userManager.GetUserById(userId.Value);
if (user is null)
{
return NotFound();
@@ -295,20 +271,12 @@ public class UserLibraryController : BaseJellyfinApiController
var item = itemId.IsEmpty()
? _libraryManager.GetUserRootFolder()
- : _libraryManager.GetItemById(itemId);
-
+ : _libraryManager.GetItemById<BaseItem>(itemId, user);
if (item is null)
{
return NotFound();
}
- if (item is not UserRootFolder
- // Check the item is visible for the user
- && !item.IsVisible(user))
- {
- return Unauthorized($"{user.Username} is not permitted to access item {item.Name}.");
- }
-
return MarkFavorite(user, item, false);
}
@@ -341,8 +309,8 @@ public class UserLibraryController : BaseJellyfinApiController
[FromQuery] Guid? userId,
[FromRoute, Required] Guid itemId)
{
- var requestUserId = RequestHelpers.GetUserId(User, userId);
- var user = _userManager.GetUserById(requestUserId);
+ userId = RequestHelpers.GetUserId(User, userId);
+ var user = _userManager.GetUserById(userId.Value);
if (user is null)
{
return NotFound();
@@ -350,20 +318,12 @@ public class UserLibraryController : BaseJellyfinApiController
var item = itemId.IsEmpty()
? _libraryManager.GetUserRootFolder()
- : _libraryManager.GetItemById(itemId);
-
+ : _libraryManager.GetItemById<BaseItem>(itemId, user);
if (item is null)
{
return NotFound();
}
- if (item is not UserRootFolder
- // Check the item is visible for the user
- && !item.IsVisible(user))
- {
- return Unauthorized($"{user.Username} is not permitted to access item {item.Name}.");
- }
-
return UpdateUserItemRatingInternal(user, item, null);
}
@@ -398,8 +358,8 @@ public class UserLibraryController : BaseJellyfinApiController
[FromRoute, Required] Guid itemId,
[FromQuery] bool? likes)
{
- var requestUserId = RequestHelpers.GetUserId(User, userId);
- var user = _userManager.GetUserById(requestUserId);
+ userId = RequestHelpers.GetUserId(User, userId);
+ var user = _userManager.GetUserById(userId.Value);
if (user is null)
{
return NotFound();
@@ -407,20 +367,12 @@ public class UserLibraryController : BaseJellyfinApiController
var item = itemId.IsEmpty()
? _libraryManager.GetUserRootFolder()
- : _libraryManager.GetItemById(itemId);
-
+ : _libraryManager.GetItemById<BaseItem>(itemId, user);
if (item is null)
{
return NotFound();
}
- if (item is not UserRootFolder
- // Check the item is visible for the user
- && !item.IsVisible(user))
- {
- return Unauthorized($"{user.Username} is not permitted to access item {item.Name}.");
- }
-
return UpdateUserItemRatingInternal(user, item, likes);
}
@@ -455,8 +407,8 @@ public class UserLibraryController : BaseJellyfinApiController
[FromQuery] Guid? userId,
[FromRoute, Required] Guid itemId)
{
- var requestUserId = RequestHelpers.GetUserId(User, userId);
- var user = _userManager.GetUserById(requestUserId);
+ userId = RequestHelpers.GetUserId(User, userId);
+ var user = _userManager.GetUserById(userId.Value);
if (user is null)
{
return NotFound();
@@ -464,20 +416,12 @@ public class UserLibraryController : BaseJellyfinApiController
var item = itemId.IsEmpty()
? _libraryManager.GetUserRootFolder()
- : _libraryManager.GetItemById(itemId);
-
+ : _libraryManager.GetItemById<BaseItem>(itemId, user);
if (item is null)
{
return NotFound();
}
- if (item is not UserRootFolder
- // Check the item is visible for the user
- && !item.IsVisible(user))
- {
- return Unauthorized($"{user.Username} is not permitted to access item {item.Name}.");
- }
-
var dtoOptions = new DtoOptions().AddClientFields(User);
if (item is IHasTrailers hasTrailers)
{
@@ -519,8 +463,8 @@ public class UserLibraryController : BaseJellyfinApiController
[FromQuery] Guid? userId,
[FromRoute, Required] Guid itemId)
{
- var requestUserId = RequestHelpers.GetUserId(User, userId);
- var user = _userManager.GetUserById(requestUserId);
+ userId = RequestHelpers.GetUserId(User, userId);
+ var user = _userManager.GetUserById(userId.Value);
if (user is null)
{
return NotFound();
@@ -528,20 +472,12 @@ public class UserLibraryController : BaseJellyfinApiController
var item = itemId.IsEmpty()
? _libraryManager.GetUserRootFolder()
- : _libraryManager.GetItemById(itemId);
-
+ : _libraryManager.GetItemById<BaseItem>(itemId, user);
if (item is null)
{
return NotFound();
}
- if (item is not UserRootFolder
- // Check the item is visible for the user
- && !item.IsVisible(user))
- {
- return Unauthorized($"{user.Username} is not permitted to access item {item.Name}.");
- }
-
var dtoOptions = new DtoOptions().AddClientFields(User);
return Ok(item
generated by cgit v1.2.3 (git 2.46.0) at 2025-12-06 20:06:55 +0000