From d5fec4963ee69460a84025c456eb7d928634e765 Mon Sep 17 00:00:00 2001 From: Shadowghost Date: Wed, 10 May 2023 22:05:27 +0200 Subject: Fix FirstTimeSetupHandler not failing on invalid user if not in setup mode (#9747) --- Jellyfin.Api/Controllers/SystemController.cs | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'Jellyfin.Api/Controllers/SystemController.cs') diff --git a/Jellyfin.Api/Controllers/SystemController.cs b/Jellyfin.Api/Controllers/SystemController.cs index 4ab705f40..9ed69f420 100644 --- a/Jellyfin.Api/Controllers/SystemController.cs +++ b/Jellyfin.Api/Controllers/SystemController.cs @@ -59,10 +59,12 @@ public class SystemController : BaseJellyfinApiController /// Gets information about the server. /// /// Information retrieved. + /// User does not have permission to retrieve information. /// A with info about the system. [HttpGet("Info")] [Authorize(Policy = Policies.FirstTimeSetupOrIgnoreParentalControl)] [ProducesResponseType(StatusCodes.Status200OK)] + [ProducesResponseType(StatusCodes.Status403Forbidden)] public ActionResult GetSystemInfo() { return _appHost.GetSystemInfo(Request); @@ -97,10 +99,12 @@ public class SystemController : BaseJellyfinApiController /// Restarts the application. /// /// Server restarted. + /// User does not have permission to restart server. /// No content. Server restarted. [HttpPost("Restart")] [Authorize(Policy = Policies.LocalAccessOrRequiresElevation)] [ProducesResponseType(StatusCodes.Status204NoContent)] + [ProducesResponseType(StatusCodes.Status403Forbidden)] public ActionResult RestartApplication() { Task.Run(async () => @@ -115,10 +119,12 @@ public class SystemController : BaseJellyfinApiController /// Shuts down the application. /// /// Server shut down. + /// User does not have permission to shutdown server. /// No content. Server shut down. [HttpPost("Shutdown")] [Authorize(Policy = Policies.RequiresElevation)] [ProducesResponseType(StatusCodes.Status204NoContent)] + [ProducesResponseType(StatusCodes.Status403Forbidden)] public ActionResult ShutdownApplication() { Task.Run(async () => @@ -133,10 +139,12 @@ public class SystemController : BaseJellyfinApiController /// Gets a list of available server log files. /// /// Information retrieved. + /// User does not have permission to get server logs. /// An array of with the available log files. [HttpGet("Logs")] [Authorize(Policy = Policies.RequiresElevation)] [ProducesResponseType(StatusCodes.Status200OK)] + [ProducesResponseType(StatusCodes.Status403Forbidden)] public ActionResult GetServerLogs() { IEnumerable files; @@ -170,10 +178,12 @@ public class SystemController : BaseJellyfinApiController /// Gets information about the request endpoint. /// /// Information retrieved. + /// User does not have permission to get endpoint information. /// with information about the endpoint. [HttpGet("Endpoint")] [Authorize] [ProducesResponseType(StatusCodes.Status200OK)] + [ProducesResponseType(StatusCodes.Status403Forbidden)] public ActionResult GetEndpointInfo() { return new EndPointInfo @@ -188,10 +198,12 @@ public class SystemController : BaseJellyfinApiController /// /// The name of the log file to get. /// Log file retrieved. + /// User does not have permission to get log files. /// The log file. [HttpGet("Logs/Log")] [Authorize(Policy = Policies.RequiresElevation)] [ProducesResponseType(StatusCodes.Status200OK)] + [ProducesResponseType(StatusCodes.Status403Forbidden)] [ProducesFile(MediaTypeNames.Text.Plain)] public ActionResult GetLogFile([FromQuery, Required] string name) { -- cgit v1.2.3