alteropen/jellyfin
1
0
Fork 0
mirror of https://github.com/jellyfin/jellyfin.git synced 2026-03-15 14:46:19 +00:00
Code Issues Actions 7 Packages Projects Releases Wiki Activity

enable user device access

Browse Source
This commit is contained in:
Luke Pulverenti
2014-12-29 15:18:48 -05:00
parent 800a16a213
commit 8a9f16ff6a
26 changed files with 223 additions and 100 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
MediaBrowser.Server.Implementations/Devices/DeviceManager.cs
View File

@@ -5,6 +5,7 @@ using MediaBrowser.Controller.Devices;
using MediaBrowser.Controller.Library;
using MediaBrowser.Model.Devices;
using MediaBrowser.Model.Events;
using MediaBrowser.Model.Extensions;
using MediaBrowser.Model.Logging;
using MediaBrowser.Model.Querying;
using MediaBrowser.Model.Session;
@@ -13,6 +14,7 @@ using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Threading.Tasks;
using MediaBrowser.Model.Users;
namespace MediaBrowser.Server.Implementations.Devices
{
@@ -188,6 +190,41 @@ namespace MediaBrowser.Server.Implementations.Devices
EventHelper.FireEventIfNotNull(DeviceOptionsUpdated, this, new GenericEventArgs<DeviceInfo>(device), _logger);
}
public bool CanAccessDevice(string userId, string deviceId)
{
if (string.IsNullOrWhiteSpace(userId))
{
throw new ArgumentNullException("userId");
}
if (string.IsNullOrWhiteSpace(deviceId))
{
throw new ArgumentNullException("deviceId");
}
var user = _userManager.GetUserById(userId);
if (!CanAccessDevice(user.Policy, deviceId))
{
var capabilities = GetCapabilities(deviceId);
if (capabilities.SupportsUniqueIdentifier)
{
return false;
}
}
return true;
}
private bool CanAccessDevice(UserPolicy policy, string id)
{
if (policy.EnableAllDevices)
{
return true;
}
return ListHelper.ContainsIgnoreCase(policy.EnabledDevices, id);
}
}
public class DevicesConfigStore : IConfigurationFactory

60
MediaBrowser.Server.Implementations/HttpServer/Security/AuthService.cs
View File

@@ -1,5 +1,6 @@
using MediaBrowser.Controller.Configuration;
using MediaBrowser.Controller.Connect;
using MediaBrowser.Controller.Devices;
using MediaBrowser.Controller.Entities;
using MediaBrowser.Controller.Library;
using MediaBrowser.Controller.Net;
@@ -15,10 +16,11 @@ namespace MediaBrowser.Server.Implementations.HttpServer.Security
{
private readonly IServerConfigurationManager _config;
public AuthService(IUserManager userManager, IAuthorizationContext authorizationContext, IServerConfigurationManager config, IConnectManager connectManager, ISessionManager sessionManager)
public AuthService(IUserManager userManager, IAuthorizationContext authorizationContext, IServerConfigurationManager config, IConnectManager connectManager, ISessionManager sessionManager, IDeviceManager deviceManager)
{
AuthorizationContext = authorizationContext;
_config = config;
DeviceManager = deviceManager;
SessionManager = sessionManager;
ConnectManager = connectManager;
UserManager = userManager;
@@ -28,6 +30,7 @@ namespace MediaBrowser.Server.Implementations.HttpServer.Security
public IAuthorizationContext AuthorizationContext { get; private set; }
public IConnectManager ConnectManager { get; private set; }
public ISessionManager SessionManager { get; private set; }
public IDeviceManager DeviceManager { get; private set; }
/// <summary>
/// Redirect the client to a specific URL if authentication failed.
@@ -68,24 +71,7 @@ namespace MediaBrowser.Server.Implementations.HttpServer.Security
if (user != null)
{
if (user.Policy.IsDisabled)
{
throw new SecurityException("User account has been disabled.")
{
SecurityExceptionType = SecurityExceptionType.Unauthenticated
};
}
if (!user.Policy.IsAdministrator &&
!authAttribtues.EscapeParentalControl &&
!user.IsParentalScheduleAllowed())
{
request.AddResponseHeader("X-Application-Error-Code", "ParentalControl");
throw new SecurityException("This user account is not allowed access at this time.")
{
SecurityExceptionType = SecurityExceptionType.ParentalControl
};
}
ValidateUserAccess(user, request, authAttribtues, auth);
}
if (!IsExemptFromRoles(auth, authAttribtues))
@@ -108,6 +94,42 @@ namespace MediaBrowser.Server.Implementations.HttpServer.Security
}
}
private void ValidateUserAccess(User user, IServiceRequest request,
IAuthenticationAttributes authAttribtues,
AuthorizationInfo auth)
{
if (user.Policy.IsDisabled)
{
throw new SecurityException("User account has been disabled.")
{
SecurityExceptionType = SecurityExceptionType.Unauthenticated
};
}
if (!user.Policy.IsAdministrator &&
!authAttribtues.EscapeParentalControl &&
!user.IsParentalScheduleAllowed())
{
request.AddResponseHeader("X-Application-Error-Code", "ParentalControl");
throw new SecurityException("This user account is not allowed access at this time.")
{
SecurityExceptionType = SecurityExceptionType.ParentalControl
};
}
if (!string.IsNullOrWhiteSpace(auth.DeviceId))
{
if (!DeviceManager.CanAccessDevice(user.Id.ToString("N"), auth.DeviceId))
{
throw new SecurityException("User is not allowed access from this device.")
{
SecurityExceptionType = SecurityExceptionType.ParentalControl
};
}
}
}
private bool IsExemptFromAuthenticationToken(AuthorizationInfo auth, IAuthenticationAttributes authAttribtues)
{
if (!_config.Configuration.IsStartupWizardCompleted &&

5
MediaBrowser.Server.Implementations/Library/Resolvers/Movies/BoxSetResolver.cs
View File

@@ -25,11 +25,6 @@ namespace MediaBrowser.Server.Implementations.Library.Resolvers.Movies
// Contains [boxset] in the path
if (args.IsDirectory)
{
if (IsInvalid(args.GetCollectionType()))
{
return null;
}
var filename = Path.GetFileName(args.Path);
if (string.IsNullOrEmpty(filename))

57
MediaBrowser.Server.Implementations/Library/Resolvers/Movies/MovieResolver.cs
View File

@@ -1,12 +1,9 @@
using MediaBrowser.Common.IO;
using MediaBrowser.Controller;
using MediaBrowser.Controller.Entities;
using MediaBrowser.Controller.Entities;
using MediaBrowser.Controller.Entities.Movies;
using MediaBrowser.Controller.Library;
using MediaBrowser.Controller.Providers;
using MediaBrowser.Controller.Resolvers;
using MediaBrowser.Model.Entities;
using MediaBrowser.Model.Logging;
using MediaBrowser.Naming.Common;
using MediaBrowser.Naming.IO;
using MediaBrowser.Naming.Video;
@@ -22,16 +19,8 @@ namespace MediaBrowser.Server.Implementations.Library.Resolvers.Movies
/// </summary>
public class MovieResolver : BaseVideoResolver<Video>, IMultiItemResolver
{
private readonly IServerApplicationPaths _applicationPaths;
private readonly ILogger _logger;
private readonly IFileSystem _fileSystem;
public MovieResolver(ILibraryManager libraryManager, IServerApplicationPaths applicationPaths, ILogger logger, IFileSystem fileSystem)
: base(libraryManager)
public MovieResolver(ILibraryManager libraryManager) : base(libraryManager)
{
_applicationPaths = applicationPaths;
_logger = logger;
_fileSystem = fileSystem;
}
/// <summary>
@@ -62,12 +51,12 @@ namespace MediaBrowser.Server.Implementations.Library.Resolvers.Movies
if (string.Equals(collectionType, CollectionType.MusicVideos, StringComparison.OrdinalIgnoreCase))
{
return ResolveVideos<MusicVideo>(parent, files, directoryService, collectionType);
return ResolveVideos<MusicVideo>(parent, files, directoryService, collectionType, false);
}
if (string.Equals(collectionType, CollectionType.HomeVideos, StringComparison.OrdinalIgnoreCase))
{
return ResolveVideos<Video>(parent, files, directoryService, collectionType);
return ResolveVideos<Video>(parent, files, directoryService, collectionType, false);
}
if (string.IsNullOrEmpty(collectionType))
@@ -75,21 +64,21 @@ namespace MediaBrowser.Server.Implementations.Library.Resolvers.Movies
// Owned items should just use the plain video type
if (parent == null)
{
return ResolveVideos<Video>(parent, files, directoryService, collectionType);
return ResolveVideos<Video>(parent, files, directoryService, collectionType, false);
}
return ResolveVideos<Video>(parent, files, directoryService, collectionType);
return ResolveVideos<Video>(parent, files, directoryService, collectionType, false);
}
if (string.Equals(collectionType, CollectionType.Movies, StringComparison.OrdinalIgnoreCase))
{
return ResolveVideos<Movie>(parent, files, directoryService, collectionType);
return ResolveVideos<Movie>(parent, files, directoryService, collectionType, false);
}
return null;
}
private MultiItemResolverResult ResolveVideos<T>(Folder parent, IEnumerable<FileSystemInfo> fileSystemEntries, IDirectoryService directoryService, string collectionType)
private MultiItemResolverResult ResolveVideos<T>(Folder parent, IEnumerable<FileSystemInfo> fileSystemEntries, IDirectoryService directoryService, string collectionType, bool suppportMultiEditions)
where T : Video, new()
{
var files = new List<FileSystemInfo>();
@@ -115,7 +104,7 @@ namespace MediaBrowser.Server.Implementations.Library.Resolvers.Movies
FullName = i.FullName,
Type = FileInfoType.File
}).ToList(), false).ToList();
}).ToList(), suppportMultiEditions).ToList();
var result = new MultiItemResolverResult
{
@@ -135,7 +124,8 @@ namespace MediaBrowser.Server.Implementations.Library.Resolvers.Movies
IsInMixedFolder = isInMixedFolder,
ProductionYear = video.Year,
Name = video.Name,
AdditionalParts = video.Files.Skip(1).Select(i => i.Path).ToList()
AdditionalParts = video.Files.Skip(1).Select(i => i.Path).ToList(),
LocalAlternateVersions = video.AlternateVersions.Select(i => i.Path).ToList()
};
SetVideoType(videoItem, firstVideo);
@@ -314,32 +304,11 @@ namespace MediaBrowser.Server.Implementations.Library.Resolvers.Movies
return movie;
}
}
var result = ResolveVideos<T>(parent, fileSystemEntries, directoryService, collectionType);
var supportsMultiVersion = !string.Equals(collectionType, CollectionType.HomeVideos) &&
!string.Equals(collectionType, CollectionType.MusicVideos);
!string.Equals(collectionType, CollectionType.MusicVideos);
// Test for multi-editions
if (result.Items.Count > 1 && supportsMultiVersion)
{
var filenamePrefix = Path.GetFileName(path);
if (!string.IsNullOrWhiteSpace(filenamePrefix))
{
if (result.Items.All(i => _fileSystem.GetFileNameWithoutExtension(i.Path).StartsWith(filenamePrefix + " - ", StringComparison.OrdinalIgnoreCase)))
{
var movie = (T)result.Items[0];
movie.Name = filenamePrefix;
movie.LocalAlternateVersions = result.Items.Skip(1).Select(i => i.Path).ToList();
movie.IsInMixedFolder = false;
_logger.Debug("Multi-version video found: " + movie.Path);
return movie;
}
}
}
var result = ResolveVideos<T>(parent, fileSystemEntries, directoryService, collectionType, supportsMultiVersion);
if (result.Items.Count == 1)
{

4
MediaBrowser.Server.Implementations/Localization/JavaScript/javascript.json
View File

@@ -41,6 +41,10 @@
"LabelCancelled": "(cancelled)",
"LabelFailed": "(failed)",
"ButtonHelp": "Help",
"HeaderLibraryAccess": "Library Access",
"HeaderChannelAccess": "Channel Access",
"HeaderDeviceAccess": "Device Access",
"HeaderSelectDevices": "Select Devices",
"LabelAbortedByServerShutdown": "(Aborted by server shutdown)",
"LabelScheduledTaskLastRan": "Last ran {0}, taking {1}.",
"HeaderDeleteTaskTrigger": "Delete Task Trigger",

4
MediaBrowser.Server.Implementations/Localization/Server/server.json
View File

@@ -63,12 +63,16 @@
"TabPreferences": "Preferences",
"TabPassword": "Password",
"TabLibraryAccess": "Library Access",
"TabAccess": "Access",
"TabImage": "Image",
"TabProfile": "Profile",
"TabMetadata": "Metadata",
"TabImages": "Images",
"TabNotifications": "Notifications",
"TabCollectionTitles": "Titles",
"HeaderDeviceAccess": "Device Access",
"OptionEnableAccessFromAllDevices": "Enable access from all devices",
"DeviceAccessHelp": "This only applies to devices that can be uniquely identified and will not prevent browser access.",
"LabelDisplayMissingEpisodesWithinSeasons": "Display missing episodes within seasons",
"LabelUnairedMissingEpisodesWithinSeasons": "Display unaired episodes within seasons",
"HeaderVideoPlaybackSettings": "Video Playback Settings",

2
MediaBrowser.Server.Implementations/MediaBrowser.Server.Implementations.csproj
View File

@@ -51,7 +51,7 @@
</Reference>
<Reference Include="MediaBrowser.Naming, Version=1.0.0.0, Culture=neutral, processorArchitecture=MSIL">
<SpecificVersion>False</SpecificVersion>
<HintPath>..\packages\MediaBrowser.Naming.1.0.0.23\lib\portable-net45+sl4+wp71+win8+wpa81\MediaBrowser.Naming.dll</HintPath>
<HintPath>..\packages\MediaBrowser.Naming.1.0.0.24\lib\portable-net45+sl4+wp71+win8+wpa81\MediaBrowser.Naming.dll</HintPath>
</Reference>
<Reference Include="Mono.Nat, Version=1.2.21.0, Culture=neutral, processorArchitecture=MSIL">
<SpecificVersion>False</SpecificVersion>

8
MediaBrowser.Server.Implementations/Session/SessionManager.cs
View File

@@ -1191,6 +1191,14 @@ namespace MediaBrowser.Server.Implementations.Session
var user = _userManager.Users
.FirstOrDefault(i => string.Equals(request.Username, i.Name, StringComparison.OrdinalIgnoreCase));
if (user != null && !string.IsNullOrWhiteSpace(request.DeviceId))
{
if (!_deviceManager.CanAccessDevice(user.Id.ToString("N"), request.DeviceId))
{
throw new UnauthorizedAccessException("User is not allowed access from this device.");
}
}
var result = await _userManager.AuthenticateUser(request.Username, request.PasswordSha1, request.PasswordMd5, request.RemoteEndPoint).ConfigureAwait(false);
if (!result)

2
MediaBrowser.Server.Implementations/packages.config
View File

@@ -1,6 +1,6 @@
<?xml version="1.0" encoding="utf-8"?>
<packages>
<package id="MediaBrowser.Naming" version="1.0.0.23" targetFramework="net45" />
<package id="MediaBrowser.Naming" version="1.0.0.24" targetFramework="net45" />
<package id="Mono.Nat" version="1.2.21.0" targetFramework="net45" />
<package id="morelinq" version="1.1.0" targetFramework="net45" />
</packages>