cotugno/jellyfin
2
Fork 0
mirror of https://github.com/jellyfin/jellyfin.git synced 2024-11-15 09:59:06 -07:00
Code Issues Packages Projects Releases Wiki Activity

fix empty user id check for api keys

Browse Source
This commit is contained in:
cvium 2023-02-09 12:51:20 +01:00
parent f984f31896
commit f4a7583c46
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
Jellyfin.Api/Auth/DefaultAuthorizationPolicy/DefaultAuthorizationHandler.cs
View File

@ -38,9 +38,10 @@ namespace Jellyfin.Api.Auth.DefaultAuthorizationPolicy
/// <inheritdoc />
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, DefaultAuthorizationRequirement requirement)
{
var isApiKey = context.User.GetIsApiKey();
var userId = context.User.GetUserId();
// This likely only happens during the wizard, so skip the default checks and let any other handlers do it
if (userId.Equals(default))
if (!isApiKey && userId.Equals(default))
{
return Task.CompletedTask;
}
@ -56,7 +57,7 @@ namespace Jellyfin.Api.Auth.DefaultAuthorizationPolicy
}
// Admins can do everything
if (context.User.GetIsApiKey() || context.User.IsInRole(UserRoles.Administrator))
if (isApiKey || context.User.IsInRole(UserRoles.Administrator))
{
context.Succeed(requirement);
return Task.CompletedTask;