aboutsummaryrefslogtreecommitdiff
path: root/Jellyfin.Api
diff options
context:
space:
mode:
Diffstat (limited to 'Jellyfin.Api')
-rw-r--r--Jellyfin.Api/Auth/UserPermissionPolicy/UserPermissionHandler.cs3
-rw-r--r--Jellyfin.Api/Auth/UserPermissionPolicy/UserPermissionRequirement.cs2
-rw-r--r--Jellyfin.Api/Constants/Policies.cs5
-rw-r--r--Jellyfin.Api/Controllers/CollectionController.cs3
4 files changed, 9 insertions, 4 deletions
diff --git a/Jellyfin.Api/Auth/UserPermissionPolicy/UserPermissionHandler.cs b/Jellyfin.Api/Auth/UserPermissionPolicy/UserPermissionHandler.cs
index ba2b1b657e..e72bec46fd 100644
--- a/Jellyfin.Api/Auth/UserPermissionPolicy/UserPermissionHandler.cs
+++ b/Jellyfin.Api/Auth/UserPermissionPolicy/UserPermissionHandler.cs
@@ -1,5 +1,4 @@
using System.Threading.Tasks;
-using Jellyfin.Api.Auth.DownloadPolicy;
using Jellyfin.Api.Extensions;
using MediaBrowser.Common.Extensions;
using MediaBrowser.Controller.Library;
@@ -8,7 +7,7 @@ using Microsoft.AspNetCore.Authorization;
namespace Jellyfin.Api.Auth.UserPermissionPolicy
{
/// <summary>
- /// Download authorization handler.
+ /// User permission authorization handler.
/// </summary>
public class UserPermissionHandler : AuthorizationHandler<UserPermissionRequirement>
{
diff --git a/Jellyfin.Api/Auth/UserPermissionPolicy/UserPermissionRequirement.cs b/Jellyfin.Api/Auth/UserPermissionPolicy/UserPermissionRequirement.cs
index 195a611992..4694556eb7 100644
--- a/Jellyfin.Api/Auth/UserPermissionPolicy/UserPermissionRequirement.cs
+++ b/Jellyfin.Api/Auth/UserPermissionPolicy/UserPermissionRequirement.cs
@@ -1,7 +1,7 @@
using Jellyfin.Api.Auth.DefaultAuthorizationPolicy;
using Jellyfin.Data.Enums;
-namespace Jellyfin.Api.Auth.DownloadPolicy
+namespace Jellyfin.Api.Auth.UserPermissionPolicy
{
/// <summary>
/// The user permission requirement.
diff --git a/Jellyfin.Api/Constants/Policies.cs b/Jellyfin.Api/Constants/Policies.cs
index adc95e57b2..1ef38ca072 100644
--- a/Jellyfin.Api/Constants/Policies.cs
+++ b/Jellyfin.Api/Constants/Policies.cs
@@ -69,4 +69,9 @@ public static class Policies
/// Policy name for accessing a SyncPlay group.
/// </summary>
public const string SyncPlayIsInGroup = "SyncPlayIsInGroup";
+
+ /// <summary>
+ /// Policy name for accessing collection management.
+ /// </summary>
+ public const string CollectionManagement = "CollectionManagement";
}
diff --git a/Jellyfin.Api/Controllers/CollectionController.cs b/Jellyfin.Api/Controllers/CollectionController.cs
index f9f9be7ce4..2db04afb80 100644
--- a/Jellyfin.Api/Controllers/CollectionController.cs
+++ b/Jellyfin.Api/Controllers/CollectionController.cs
@@ -1,6 +1,7 @@
using System;
using System.ComponentModel.DataAnnotations;
using System.Threading.Tasks;
+using Jellyfin.Api.Constants;
using Jellyfin.Api.Extensions;
using Jellyfin.Api.ModelBinders;
using MediaBrowser.Controller.Collections;
@@ -16,7 +17,7 @@ namespace Jellyfin.Api.Controllers;
/// The collection controller.
/// </summary>
[Route("Collections")]
-[Authorize]
+[Authorize(Policy = Policies.CollectionManagement)]
public class CollectionController : BaseJellyfinApiController
{
private readonly ICollectionManager _collectionManager;
generated by cgit v1.2.3 (git 2.46.0) at 2026-05-02 15:51:45 +0000