From 9ab22e9f8b7dd47ed6bd2dade2e8612c6a909ee2 Mon Sep 17 00:00:00 2001 From: sharinganthief Date: Fri, 6 Jun 2025 08:54:53 -0400 Subject: Add try catch (#14154) --- Jellyfin.Api/Controllers/PlaylistsController.cs | 39 ++++++++++++++++++------- 1 file changed, 29 insertions(+), 10 deletions(-) (limited to 'Jellyfin.Api/Controllers/PlaylistsController.cs') diff --git a/Jellyfin.Api/Controllers/PlaylistsController.cs b/Jellyfin.Api/Controllers/PlaylistsController.cs index ec5fdab38..79c71d23a 100644 --- a/Jellyfin.Api/Controllers/PlaylistsController.cs +++ b/Jellyfin.Api/Controllers/PlaylistsController.cs @@ -450,22 +450,41 @@ public class PlaylistsController : BaseJellyfinApiController { var callingUserId = User.GetUserId(); - var playlist = _playlistManager.GetPlaylistForUser(Guid.Parse(playlistId), callingUserId); - if (playlist is null) + if (!callingUserId.IsEmpty()) { - return NotFound("Playlist not found"); + var playlist = _playlistManager.GetPlaylistForUser(Guid.Parse(playlistId), callingUserId); + if (playlist is null) + { + return NotFound("Playlist not found"); + } + + var isPermitted = playlist.OwnerUserId.Equals(callingUserId) + || playlist.Shares.Any(s => s.CanEdit && s.UserId.Equals(callingUserId)); + + if (!isPermitted) + { + return Forbid(); + } } + else + { + var isApiKey = User.GetIsApiKey(); - var isPermitted = playlist.OwnerUserId.Equals(callingUserId) - || playlist.Shares.Any(s => s.CanEdit && s.UserId.Equals(callingUserId)); + if (!isApiKey) + { + return Forbid(); + } + } - if (!isPermitted) + try { - return Forbid(); + await _playlistManager.RemoveItemFromPlaylistAsync(playlistId, entryIds).ConfigureAwait(false); + return NoContent(); + } + catch (ArgumentException) + { + return NotFound(); } - - await _playlistManager.RemoveItemFromPlaylistAsync(playlistId, entryIds).ConfigureAwait(false); - return NoContent(); } /// -- cgit v1.2.3