2 files changed, 76 insertions, 32 deletions

diff --git a/Jellyfin.Api/Controllers/PlaylistsController.cs b/Jellyfin.Api/Controllers/PlaylistsController.cs
index 862e5235e..de4c542d9 100644
--- a/Jellyfin.Api/Controllers/PlaylistsController.cs
+++ b/Jellyfin.Api/Controllers/PlaylistsController.cs
@@ -101,72 +101,82 @@ public class PlaylistsController : BaseJellyfinApiController
     }
 
     /// <summary>
-    /// Get a playlist's users.
+    /// Updates a playlist.
     /// </summary>
     /// <param name="playlistId">The playlist id.</param>
-    /// <response code="200">Found shares.</response>
+    /// <param name="updatePlaylistRequest">The <see cref="UpdatePlaylistDto"/> id.</param>
+    /// <response code="204">Playlist updated.</response>
     /// <response code="401">Unauthorized access.</response>
     /// <response code="404">Playlist not found.</response>
     /// <returns>
-    /// A list of <see cref="PlaylistUserPermissions"/> objects.
+    /// A <see cref="Task" /> that represents the asynchronous operation to update a playlist.
+    /// The task result contains an <see cref="OkResult"/> indicating success.
     /// </returns>
-    [HttpGet("{playlistId}/User")]
+    [HttpPost("{playlistId}")]
     [ProducesResponseType(StatusCodes.Status200OK)]
     [ProducesResponseType(StatusCodes.Status401Unauthorized)]
-    [ProducesResponseType(StatusCodes.Status404NotFound)]
-    public ActionResult<IReadOnlyList<PlaylistUserPermissions>> GetPlaylistUsers(
-        [FromRoute, Required] Guid playlistId)
+    public async Task<ActionResult> UpdatePlaylist(
+        [FromRoute, Required] Guid playlistId,
+        [FromBody(EmptyBodyBehavior = EmptyBodyBehavior.Disallow)] UpdatePlaylistDto updatePlaylistRequest)
     {
-        var userId = User.GetUserId();
+        var callingUserId = User.GetUserId();
 
-        var playlist = _playlistManager.GetPlaylist(userId, playlistId);
+        var playlist = _playlistManager.GetPlaylist(callingUserId, playlistId);
         if (playlist is null)
         {
             return NotFound("Playlist not found");
         }
 
-        var isPermitted = playlist.OwnerUserId.Equals(userId)
-            || playlist.Shares.Any(s => s.CanEdit && s.UserId.Equals(userId));
+        var isPermitted = playlist.OwnerUserId.Equals(callingUserId)
+            || playlist.Shares.Any(s => s.CanEdit && s.UserId.Equals(callingUserId));
 
-        return isPermitted ? playlist.Shares.ToList() : Unauthorized("Unauthorized Access");
+        if (!isPermitted)
+        {
+            return Unauthorized("Unauthorized access");
+        }
+
+        await _playlistManager.UpdatePlaylist(new PlaylistUpdateRequest
+        {
+            UserId = callingUserId,
+            Id = playlistId,
+            Name = updatePlaylistRequest.Name,
+            Ids = updatePlaylistRequest.Ids,
+            Users = updatePlaylistRequest.Users,
+            Public = updatePlaylistRequest.Public
+        }).ConfigureAwait(false);
+
+        return NoContent();
     }
 
     /// <summary>
-    /// Toggles public access of a playlist.
+    /// Get a playlist's users.
     /// </summary>
     /// <param name="playlistId">The playlist id.</param>
-    /// <response code="204">Public access toggled.</response>
+    /// <response code="200">Found shares.</response>
     /// <response code="401">Unauthorized access.</response>
     /// <response code="404">Playlist not found.</response>
     /// <returns>
-    /// A <see cref="Task" /> that represents the asynchronous operation to toggle public access of a playlist.
-    /// The task result contains an <see cref="OkResult"/> indicating success.
+    /// A list of <see cref="PlaylistUserPermissions"/> objects.
     /// </returns>
-    [HttpPost("{playlistId}/TogglePublic")]
-    [ProducesResponseType(StatusCodes.Status204NoContent)]
+    [HttpGet("{playlistId}/User")]
+    [ProducesResponseType(StatusCodes.Status200OK)]
     [ProducesResponseType(StatusCodes.Status401Unauthorized)]
-    public async Task<ActionResult> TogglePublicAccess(
+    [ProducesResponseType(StatusCodes.Status404NotFound)]
+    public ActionResult<IReadOnlyList<PlaylistUserPermissions>> GetPlaylistUsers(
         [FromRoute, Required] Guid playlistId)
     {
-        var callingUserId = User.GetUserId();
+        var userId = User.GetUserId();
 
-        var playlist = _playlistManager.GetPlaylist(callingUserId, playlistId);
+        var playlist = _playlistManager.GetPlaylist(userId, playlistId);
         if (playlist is null)
         {
             return NotFound("Playlist not found");
         }
 
-        var isPermitted = playlist.OwnerUserId.Equals(callingUserId)
-            || playlist.Shares.Any(s => s.CanEdit && s.UserId.Equals(callingUserId));
-
-        if (!isPermitted)
-        {
-            return Unauthorized("Unauthorized access");
-        }
-
-        await _playlistManager.ToggleOpenAccess(playlistId, callingUserId).ConfigureAwait(false);
+        var isPermitted = playlist.OwnerUserId.Equals(userId)
+            || playlist.Shares.Any(s => s.CanEdit && s.UserId.Equals(userId));
 
-        return NoContent();
+        return isPermitted ? playlist.Shares.ToList() : Unauthorized("Unauthorized Access");
     }
 
     /// <summary>
@@ -206,7 +216,7 @@ public class PlaylistsController : BaseJellyfinApiController
             return Unauthorized("Unauthorized access");
         }
 
-        await _playlistManager.AddToShares(playlistId, callingUserId, new PlaylistUserPermissions(userId.ToString(), canEdit)).ConfigureAwait(false);
+        await _playlistManager.AddToShares(playlistId, callingUserId, new PlaylistUserPermissions(userId, canEdit)).ConfigureAwait(false);
 
         return NoContent();
     }
diff --git a/Jellyfin.Api/Models/PlaylistDtos/UpdatePlaylistDto.cs b/Jellyfin.Api/Models/PlaylistDtos/UpdatePlaylistDto.cs
new file mode 100644
index 000000000..93e544eed
--- /dev/null
+++ b/Jellyfin.Api/Models/PlaylistDtos/UpdatePlaylistDto.cs
@@ -0,0 +1,34 @@
+using System;
+using System.Collections.Generic;
+using System.Text.Json.Serialization;
+using Jellyfin.Extensions.Json.Converters;
+using MediaBrowser.Model.Entities;
+
+namespace Jellyfin.Api.Models.PlaylistDtos;
+
+/// <summary>
+/// Updateexisting playlist dto.
+/// </summary>
+public class UpdatePlaylistDto
+{
+    /// <summary>
+    /// Gets or sets the name of the new playlist.
+    /// </summary>
+    public string? Name { get; set; }
+
+    /// <summary>
+    /// Gets or sets item ids of the playlist.
+    /// </summary>
+    [JsonConverter(typeof(JsonCommaDelimitedArrayConverterFactory))]
+    public IReadOnlyList<Guid>? Ids { get; set; }
+
+    /// <summary>
+    /// Gets or sets the playlist users.
+    /// </summary>
+    public IReadOnlyList<PlaylistUserPermissions>? Users { get; set; }
+
+    /// <summary>
+    /// Gets or sets a value indicating whether the playlist is public.
+    /// </summary>
+    public bool? Public { get; set; }
+}