pt
/
jellyfin
mirror of https://github.com/jellyfin/jellyfin.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix password change during parental schedule

This commit is contained in:
David Ullmer 2022-06-26 12:43:17 +02:00
parent d342b79218
commit 7efa4e38c1
No known key found for this signature in database
GPG Key ID: 4AEABE3359D5883C
3 changed files with 8 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
Jellyfin.Api/Controllers/UserController.cs
View File

@ -256,7 +256,7 @@ namespace Jellyfin.Api.Controllers
/// <response code="404">User not found.</response> /// <response code="404">User not found.</response>
/// <returns>A <see cref="NoContentResult"/> indicating success or a <see cref="ForbidResult"/> or a <see cref="NotFoundResult"/> on failure.</returns> /// <returns>A <see cref="NoContentResult"/> indicating success or a <see cref="ForbidResult"/> or a <see cref="NotFoundResult"/> on failure.</returns>
[HttpPost("{userId}/Password")] [HttpPost("{userId}/Password")]
[Authorize(Policy = Policies.DefaultAuthorization)] [Authorize(Policy = Policies.IgnoreParentalControl)]
[ProducesResponseType(StatusCodes.Status204NoContent)] [ProducesResponseType(StatusCodes.Status204NoContent)]
[ProducesResponseType(StatusCodes.Status403Forbidden)] [ProducesResponseType(StatusCodes.Status403Forbidden)]
[ProducesResponseType(StatusCodes.Status404NotFound)] [ProducesResponseType(StatusCodes.Status404NotFound)]
@ -287,7 +287,8 @@ namespace Jellyfin.Api.Controllers
request.CurrentPw, request.CurrentPw,
request.CurrentPw, request.CurrentPw,
HttpContext.GetNormalizedRemoteIp().ToString(), HttpContext.GetNormalizedRemoteIp().ToString(),
false).ConfigureAwait(false); false,
ignoreParentalSchedule: true).ConfigureAwait(false);
if (success == null) if (success == null)
{ {

5
Jellyfin.Server.Implementations/Users/UserManager.cs
View File

@ -382,7 +382,8 @@ namespace Jellyfin.Server.Implementations.Users
string password, string password,
string passwordSha1, string passwordSha1,
string remoteEndPoint, string remoteEndPoint,
bool isUserSession) bool isUserSession,
bool ignoreParentalSchedule = false)
{ {
if (string.IsNullOrWhiteSpace(username)) if (string.IsNullOrWhiteSpace(username))
{ {
@ -458,7 +459,7 @@ namespace Jellyfin.Server.Implementations.Users
throw new SecurityException("Forbidden."); throw new SecurityException("Forbidden.");
} }
if (!user.IsParentalScheduleAllowed()) if (!ignoreParentalSchedule && !user.IsParentalScheduleAllowed())
{ {
_logger.LogInformation( _logger.LogInformation(
"Authentication request for {UserName} is not allowed at this time due parental restrictions (IP: {IP}).", "Authentication request for {UserName} is not allowed at this time due parental restrictions (IP: {IP}).",

3
MediaBrowser.Controller/Library/IUserManager.cs
View File

@ -138,8 +138,9 @@ namespace MediaBrowser.Controller.Library
/// <param name="passwordSha1">Hash of password.</param> /// <param name="passwordSha1">Hash of password.</param>
/// <param name="remoteEndPoint">Remove endpoint to use.</param> /// <param name="remoteEndPoint">Remove endpoint to use.</param>
/// <param name="isUserSession">Specifies if a user session.</param> /// <param name="isUserSession">Specifies if a user session.</param>
/// <param name="ignoreParentalSchedule">Ignore parental control schedule during authentication.</param>
/// <returns>User wrapped in awaitable task.</returns> /// <returns>User wrapped in awaitable task.</returns>
Task<User> AuthenticateUser(string username, string password, string passwordSha1, string remoteEndPoint, bool isUserSession); Task<User> AuthenticateUser(string username, string password, string passwordSha1, string remoteEndPoint, bool isUserSession, bool ignoreParentalSchedule = false);
/// <summary> /// <summary>
/// Starts the forgot password process. /// Starts the forgot password process.