mirror of https://github.com/jellyfin/jellyfin.git
Allow administrator to always change password
This commit is contained in:
parent
7efa4e38c1
commit
5f3dbd8294
|
@ -281,6 +281,8 @@ namespace Jellyfin.Api.Controllers
|
|||
await _userManager.ResetPassword(user).ConfigureAwait(false);
|
||||
}
|
||||
else
|
||||
{
|
||||
if (await RequestHelpers.IsUserAdministrator(_authContext, HttpContext.Request).ConfigureAwait(false))
|
||||
{
|
||||
var success = await _userManager.AuthenticateUser(
|
||||
user.Username,
|
||||
|
@ -294,6 +296,7 @@ namespace Jellyfin.Api.Controllers
|
|||
{
|
||||
return StatusCode(StatusCodes.Status403Forbidden, "Invalid user or password entered.");
|
||||
}
|
||||
}
|
||||
|
||||
await _userManager.ChangePassword(user, request.NewPw).ConfigureAwait(false);
|
||||
|
||||
|
|
|
@ -76,6 +76,18 @@ namespace Jellyfin.Api.Helpers
|
|||
return true;
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Checks if the user is administrator.
|
||||
/// </summary>
|
||||
/// <param name="authContext">Instance of the <see cref="IAuthorizationContext"/> interface.</param>
|
||||
/// <param name="requestContext">The <see cref="HttpRequest"/>.</param>
|
||||
/// <returns>A <see cref="bool"/> whether the user can update the entry.</returns>
|
||||
internal static async Task<bool> IsUserAdministrator(IAuthorizationContext authContext, HttpRequest requestContext)
|
||||
{
|
||||
var auth = await authContext.GetAuthorizationInfo(requestContext).ConfigureAwait(false);
|
||||
return auth.User.HasPermission(PermissionKind.IsAdministrator);
|
||||
}
|
||||
|
||||
internal static async Task<SessionInfo> GetSession(ISessionManager sessionManager, IAuthorizationContext authContext, HttpRequest request)
|
||||
{
|
||||
var authorization = await authContext.GetAuthorizationInfo(request).ConfigureAwait(false);
|
||||
|
|
Loading…
Reference in New Issue