1 files changed, 69 insertions, 29 deletions

diff --git a/MediaBrowser.Api/UserService.cs b/MediaBrowser.Api/UserService.cs
index 48bd2fc1e..9bd85426d 100644
--- a/MediaBrowser.Api/UserService.cs
+++ b/MediaBrowser.Api/UserService.cs
@@ -12,6 +12,7 @@ using ServiceStack;
 using ServiceStack.Text.Controller;
 using System;
 using System.Collections.Generic;
+using System.IO;
 using System.Linq;
 using System.Threading.Tasks;
 
@@ -43,7 +44,7 @@ namespace MediaBrowser.Api
     /// Class GetUser
     /// </summary>
     [Route("/Users/{Id}", "GET", Summary = "Gets a user by Id")]
-    [Authenticated]
+    [Authenticated(EscapeParentalControl = true)]
     public class GetUser : IReturn<UserDto>
     {
         /// <summary>
@@ -165,6 +166,31 @@ namespace MediaBrowser.Api
     }
 
     /// <summary>
+    /// Class CreateUser
+    /// </summary>
+    [Route("/Users/New", "POST", Summary = "Creates a user")]
+    [Authenticated]
+    public class CreateUserByName : IReturn<UserDto>
+    {
+        [ApiMember(Name = "Name", IsRequired = true, DataType = "string", ParameterType = "body", Verb = "POST")]
+        public string Name { get; set; }
+    }
+
+    [Route("/Users/ForgotPassword", "POST", Summary = "Initiates the forgot password process for a local user")]
+    public class ForgotPassword : IReturn<ForgotPasswordResult>
+    {
+        [ApiMember(Name = "EnteredUsername", IsRequired = false, DataType = "string", ParameterType = "body", Verb = "POST")]
+        public string EnteredUsername { get; set; }
+    }
+
+    [Route("/Users/ForgotPassword/Pin", "POST", Summary = "Redeems a forgot password pin")]
+    public class ForgotPasswordPin : IReturn<PinRedeemResult>
+    {
+        [ApiMember(Name = "Pin", IsRequired = false, DataType = "string", ParameterType = "body", Verb = "POST")]
+        public string Pin { get; set; }
+    }
+
+    /// <summary>
     /// Class UsersService
     /// </summary>
     public class UserService : BaseApiService, IHasAuthorization
@@ -206,35 +232,16 @@ namespace MediaBrowser.Api
                 });
             }
 
-            var authInfo = AuthorizationContext.GetAuthorizationInfo(Request);
-            var isDashboard = string.Equals(authInfo.Client, "Dashboard", StringComparison.OrdinalIgnoreCase);
-
-            if (Request.IsLocal && isDashboard)
+            // TODO: Uncomment once clients can handle an empty user list (and below)
+            //if (Request.IsLocal || IsInLocalNetwork(Request.RemoteIp))
             {
-                var users = _userManager.Users
-                    .Where(i => !i.Configuration.IsDisabled && !(i.ConnectLinkType.HasValue && i.ConnectLinkType.Value == UserLinkType.Guest))
-                    .ToList();
-
-                return ToOptimizedResult(users);
+                return Get(new GetUsers
+                {
+                    IsHidden = false,
+                    IsDisabled = false
+                });
             }
 
-            // TODO: Uncomment this once all clients can handle an empty user list.
-            return Get(new GetUsers
-            {
-                IsHidden = false,
-                IsDisabled = false
-            });
-
-            //// TODO: Add or is authenticated
-            //if (Request.IsLocal || IsInLocalNetwork(Request.RemoteIp))
-            //{
-            //    return Get(new GetUsers
-            //    {
-            //        IsHidden = false,
-            //        IsDisabled = false
-            //    });
-            //}
-
             //// Return empty when external
             //return ToOptimizedResult(new List<UserDto>());
         }
@@ -368,7 +375,7 @@ namespace MediaBrowser.Api
                 RemoteEndPoint = Request.RemoteIp,
                 Username = request.Username
 
-            }, Request.IsLocal).ConfigureAwait(false);
+            }).ConfigureAwait(false);
 
             return ToOptimizedResult(result);
         }
@@ -408,7 +415,7 @@ namespace MediaBrowser.Api
                 await _userManager.ChangePassword(user, request.NewPassword).ConfigureAwait(false);
             }
         }
-        
+
         /// <summary>
         /// Posts the specified request.
         /// </summary>
@@ -483,5 +490,38 @@ namespace MediaBrowser.Api
 
             return ToOptimizedResult(result);
         }
+
+        /// <summary>
+        /// Posts the specified request.
+        /// </summary>
+        /// <param name="request">The request.</param>
+        /// <returns>System.Object.</returns>
+        public object Post(CreateUserByName request)
+        {
+            var dtoUser = request;
+
+            var newUser = _userManager.CreateUser(dtoUser.Name).Result;
+
+            var result = _userManager.GetUserDto(newUser, Request.RemoteIp);
+
+            return ToOptimizedResult(result);
+        }
+
+        /// <summary>
+        /// Posts the specified request.
+        /// </summary>
+        /// <param name="request">The request.</param>
+        /// <returns>System.Object.</returns>
+        public object Post(ForgotPassword request)
+        {
+            var isLocal = Request.IsLocal || _networkManager.IsInLocalNetwork(Request.RemoteIp);
+
+            return _userManager.StartForgotPasswordProcess(request.EnteredUsername, isLocal);
+        }
+
+        public object Post(ForgotPasswordPin request)
+        {
+            return _userManager.RedeemPasswordResetPin(request.Pin);
+        }
     }
 }