From bd1bd5e87e1744b363279577a6550afc5f2229c1 Mon Sep 17 00:00:00 2001 From: Luke Pulverenti Date: Tue, 14 Oct 2014 20:05:09 -0400 Subject: fixes #552 - Add parental control usage limits --- .../HttpServer/Security/AuthService.cs | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) (limited to 'MediaBrowser.Server.Implementations/HttpServer') diff --git a/MediaBrowser.Server.Implementations/HttpServer/Security/AuthService.cs b/MediaBrowser.Server.Implementations/HttpServer/Security/AuthService.cs index cae2cead4..ac8e37902 100644 --- a/MediaBrowser.Server.Implementations/HttpServer/Security/AuthService.cs +++ b/MediaBrowser.Server.Implementations/HttpServer/Security/AuthService.cs @@ -67,7 +67,7 @@ namespace MediaBrowser.Server.Implementations.HttpServer.Security { if (!_config.Configuration.InsecureApps.Contains(auth.Client ?? string.Empty, StringComparer.OrdinalIgnoreCase)) { - //SessionManager.ValidateSecurityToken(auth.Token); + SessionManager.ValidateSecurityToken(auth.Token); } } @@ -80,9 +80,17 @@ namespace MediaBrowser.Server.Implementations.HttpServer.Security throw new ArgumentException("User with Id " + auth.UserId + " not found"); } - if (user != null && user.Configuration.IsDisabled) + if (user != null) { - throw new AuthenticationException("User account has been disabled."); + if (user.Configuration.IsDisabled) + { + throw new AuthenticationException("User account has been disabled."); + } + + if (!user.Configuration.IsAdministrator && !user.IsParentalScheduleAllowed()) + { + throw new AuthenticationException("This user account is not allowed access at this time."); + } } if (roles.Contains("admin", StringComparer.OrdinalIgnoreCase)) -- cgit v1.2.3