Home Explore Help
Sign In
mirrors
/
jellyfin
mirror of https://github.com/jellyfin/jellyfin
2
0
Fork 0
Files Issues 0 Wiki
Tree: e2dac35ef2
Branches Tags
jellyfin
/
Jellyfin.Api
/
Auth
/
LocalAccessOrRequiresElevationPolicy
/
LocalAccessOrRequiresElevationHandler.cs

LocalAccessOrRequiresElevationHandler.cs 2.0 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556 
  1. using System.Threading.Tasks;
    2. 

  2. using Jellyfin.Api.Constants;
    3. 

  3. using MediaBrowser.Common.Extensions;
    4. 

  4. using MediaBrowser.Common.Net;
    5. 

  5. using Microsoft.AspNetCore.Authorization;
    6. 

  6. using Microsoft.AspNetCore.Http;
    7. 

  7. 

  8. namespace Jellyfin.Api.Auth.LocalAccessOrRequiresElevationPolicy
    9. 

  9. {
    10. 

  10.     /// <summary>
    11. 

  11.     /// Local access or require elevated privileges handler.
    12. 

  12.     /// </summary>
    13. 

  13.     public class LocalAccessOrRequiresElevationHandler : AuthorizationHandler<LocalAccessOrRequiresElevationRequirement>
    14. 

  14.     {
    15. 

  15.         private readonly INetworkManager _networkManager;
    16. 

  16.         private readonly IHttpContextAccessor _httpContextAccessor;
    17. 

  17. 

  18.         /// <summary>
    19. 

  19.         /// Initializes a new instance of the <see cref="LocalAccessOrRequiresElevationHandler"/> class.
    20. 

  20.         /// </summary>
    21. 

  21.         /// <param name="networkManager">Instance of the <see cref="INetworkManager"/> interface.</param>
    22. 

  22.         /// <param name="httpContextAccessor">Instance of the <see cref="IHttpContextAccessor"/> interface.</param>
    23. 

  23.         public LocalAccessOrRequiresElevationHandler(
    24. 

  24.             INetworkManager networkManager,
    25. 

  25.             IHttpContextAccessor httpContextAccessor)
    26. 

  26.         {
    27. 

  27.             _networkManager = networkManager;
    28. 

  28.             _httpContextAccessor = httpContextAccessor;
    29. 

  29.         }
    30. 

  30. 

  31.         /// <inheritdoc />
    32. 

  32.         protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, LocalAccessOrRequiresElevationRequirement requirement)
    33. 

  33.         {
    34. 

  34.             var ip = _httpContextAccessor.HttpContext?.GetNormalizedRemoteIP();
    35. 

  35. 

  36.             // Loopback will be on LAN, so we can accept null.
    37. 

  37.             if (ip is null || _networkManager.IsInLocalNetwork(ip))
    38. 

  38.             {
    39. 

  39.                 context.Succeed(requirement);
    40. 

  40. 

  41.                 return Task.CompletedTask;
    42. 

  42.             }
    43. 

  43. 

  44.             if (context.User.IsInRole(UserRoles.Administrator))
    45. 

  45.             {
    46. 

  46.                 context.Succeed(requirement);
    47. 

  47.             }
    48. 

  48.             else
    49. 

  49.             {
    50. 

  50.                 context.Fail();
    51. 

  51.             }
    52. 

  52. 

  53.             return Task.CompletedTask;
    54. 

  54.         }
    55. 

  55.     }
    56. 

  56. }
    57.