From 981f000437467832d78b1eb36d9c449adb38e814 Mon Sep 17 00:00:00 2001
From: crobibero <cody@robibe.ro>
Date: Wed, 28 Oct 2020 08:40:11 -0600
Subject: Use proper IsApiKey flag

---
 Jellyfin.Api/Auth/BaseAuthorizationHandler.cs | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

(limited to 'Jellyfin.Api/Auth/BaseAuthorizationHandler.cs')

diff --git a/Jellyfin.Api/Auth/BaseAuthorizationHandler.cs b/Jellyfin.Api/Auth/BaseAuthorizationHandler.cs
index c4567d058c..7d68aecf99 100644
--- a/Jellyfin.Api/Auth/BaseAuthorizationHandler.cs
+++ b/Jellyfin.Api/Auth/BaseAuthorizationHandler.cs
@@ -1,5 +1,4 @@
-using System;
-using System.Security.Claims;
+using System.Security.Claims;
 using Jellyfin.Api.Helpers;
 using Jellyfin.Data.Enums;
 using MediaBrowser.Common.Extensions;
@@ -51,6 +50,13 @@ namespace Jellyfin.Api.Auth
             bool localAccessOnly = false,
             bool requiredDownloadPermission = false)
         {
+            // ApiKey is currently global admin, always allow.
+            var isApiKey = ClaimHelpers.GetIsApiKey(claimsPrincipal);
+            if (isApiKey)
+            {
+                return true;
+            }
+
             // Ensure claim has userId.
             var userId = ClaimHelpers.GetUserId(claimsPrincipal);
             if (!userId.HasValue)
@@ -58,12 +64,6 @@ namespace Jellyfin.Api.Auth
                 return false;
             }
 
-            // UserId of Guid.Empty means token is an apikey.
-            if (userId.Equals(Guid.Empty))
-            {
-                return true;
-            }
-
             // Ensure userId links to a valid user.
             var user = _userManager.GetUserById(userId.Value);
             if (user == null)
-- 
cgit v1.2.3