From 5c6e9f4db58883db43055cd37b2cecd9fa2c12b2 Mon Sep 17 00:00:00 2001
From: David <daullmer@gmail.com>
Date: Mon, 22 Jun 2020 15:44:11 +0200
Subject: Add missing authorization policies

---
 Jellyfin.Api/Controllers/SessionController.cs | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'Jellyfin.Api/Controllers/SessionController.cs')

diff --git a/Jellyfin.Api/Controllers/SessionController.cs b/Jellyfin.Api/Controllers/SessionController.cs
index 315bc9728..39da4178d 100644
--- a/Jellyfin.Api/Controllers/SessionController.cs
+++ b/Jellyfin.Api/Controllers/SessionController.cs
@@ -5,6 +5,7 @@ using System.Collections.Generic;
 using System.ComponentModel.DataAnnotations;
 using System.Linq;
 using System.Threading;
+using Jellyfin.Api.Constants;
 using Jellyfin.Api.Helpers;
 using Jellyfin.Data.Enums;
 using MediaBrowser.Controller.Devices;
@@ -57,7 +58,7 @@ namespace Jellyfin.Api.Controllers
         /// <response code="200">List of sessions returned.</response>
         /// <returns>An <see cref="IEnumerable{SessionInfo}"/> with the available sessions.</returns>
         [HttpGet("/Sessions")]
-        [Authorize]
+        [Authorize(Policy = Policies.DefaultAuthorization)]
         [ProducesResponseType(StatusCodes.Status200OK)]
         public ActionResult<IEnumerable<SessionInfo>> GetSessions(
             [FromQuery] Guid controllableByUserId,
-- 
cgit v1.2.3