1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
|
using System;
using Jellyfin.Data.Enums;
using MediaBrowser.Controller.Net;
using MediaBrowser.Controller.Session;
using Microsoft.AspNetCore.Http;
namespace Jellyfin.Api.Helpers
{
/// <summary>
/// Request Extensions.
/// </summary>
public static class RequestHelpers
{
/// <summary>
/// Splits a string at a separating character into an array of substrings.
/// </summary>
/// <param name="value">The string to split.</param>
/// <param name="separator">The char that separates the substrings.</param>
/// <param name="removeEmpty">Option to remove empty substrings from the array.</param>
/// <returns>An array of the substrings.</returns>
internal static string[] Split(string value, char separator, bool removeEmpty)
{
if (string.IsNullOrWhiteSpace(value))
{
return Array.Empty<string>();
}
return removeEmpty
? value.Split(new[] { separator }, StringSplitOptions.RemoveEmptyEntries)
: value.Split(separator);
}
/// <summary>
/// Checks if the user can update an entry.
/// </summary>
/// <param name="authContext">Instance of the <see cref="IAuthorizationContext"/> interface.</param>
/// <param name="requestContext">The <see cref="HttpRequest"/>.</param>
/// <param name="userId">The user id.</param>
/// <param name="restrictUserPreferences">Whether to restrict the user preferences.</param>
/// <returns>A <see cref="bool"/> whether the user can update the entry.</returns>
internal static bool AssertCanUpdateUser(IAuthorizationContext authContext, HttpRequest requestContext, Guid userId, bool restrictUserPreferences)
{
var auth = authContext.GetAuthorizationInfo(requestContext);
var authenticatedUser = auth.User;
// If they're going to update the record of another user, they must be an administrator
if ((!userId.Equals(auth.UserId) && !authenticatedUser.HasPermission(PermissionKind.IsAdministrator))
|| (restrictUserPreferences && !authenticatedUser.EnableUserPreferenceAccess))
{
return false;
}
return true;
}
internal static SessionInfo GetSession(ISessionManager sessionManager, IAuthorizationContext authContext, HttpRequest request)
{
var authorization = authContext.GetAuthorizationInfo(request);
var user = authorization.User;
var session = sessionManager.LogSessionActivity(
authorization.Client,
authorization.Version,
authorization.DeviceId,
authorization.Device,
request.HttpContext.Connection.RemoteIpAddress.ToString(),
user);
if (session == null)
{
throw new ArgumentException("Session not found.");
}
return session;
}
}
}
|
