Make sure we can only set the ApiAlias when using the API Key

2025-08-19 21:03:17 -07:00 · 2019-01-16 21:38:11 +00:00 · 2019-01-16 21:38:11 +00:00 · b16ac27701
commit b16ac27701
parent 3b91392323
3 changed files with 79 additions and 69 deletions
--- a/src/Ombi.Tests/TestStartup.cs
+++ b/src/Ombi.Tests/TestStartup.cs
@ -1,71 +1,71 @@
-using System;
+//using System;
-using Microsoft.AspNetCore.Builder;
+//using Microsoft.AspNetCore.Builder;
-using Microsoft.AspNetCore.Hosting;
+//using Microsoft.AspNetCore.Hosting;
-using Microsoft.AspNetCore.Http;
+//using Microsoft.AspNetCore.Http;
-using Microsoft.AspNetCore.Http.Features.Authentication;
+//using Microsoft.AspNetCore.Http.Features.Authentication;
-using Microsoft.AspNetCore.Identity;
+//using Microsoft.AspNetCore.Identity;
-using Microsoft.Extensions.DependencyInjection;
+//using Microsoft.Extensions.DependencyInjection;
-using Microsoft.Extensions.Options;
+//using Microsoft.Extensions.Options;
-using Moq;
+//using Moq;
-using Ombi.Api.Emby;
+//using Ombi.Api.Emby;
-using Ombi.Api.Plex;
+//using Ombi.Api.Plex;
-using Ombi.Core.Authentication;
+//using Ombi.Core.Authentication;
-using Ombi.Core.Settings;
+//using Ombi.Core.Settings;
-using Ombi.Core.Settings.Models.External;
+//using Ombi.Core.Settings.Models.External;
-using Ombi.Models.Identity;
+//using Ombi.Models.Identity;
-using Ombi.Store.Context;
+//using Ombi.Store.Context;
-using Ombi.Store.Entities;
+//using Ombi.Store.Entities;
-using Ombi.Store.Repository;
+//using Ombi.Store.Repository;
-namespace Ombi.Tests
+//namespace Ombi.Tests
-{
+//{
-    public class TestStartup
+//    public class TestStartup
-    {
+//    {
-        public IServiceProvider ConfigureServices(IServiceCollection services)
+//        public IServiceProvider ConfigureServices(IServiceCollection services)
-        {
+//        {
-            var _plexApi = new Mock<IPlexApi>();
+//            var _plexApi = new Mock<IPlexApi>();
-            var _embyApi = new Mock<IEmbyApi>();
+//            var _embyApi = new Mock<IEmbyApi>();
-            var _tokenSettings = new Mock<IOptions<TokenAuthentication>>();
+//            var _tokenSettings = new Mock<IOptions<TokenAuthentication>>();
-            var _embySettings = new Mock<ISettingsService<EmbySettings>>();
+//            var _embySettings = new Mock<ISettingsService<EmbySettings>>();
-            var _plexSettings = new Mock<ISettingsService<PlexSettings>>();
+//            var _plexSettings = new Mock<ISettingsService<PlexSettings>>();
-            var audit = new Mock<IAuditRepository>();
+//            var audit = new Mock<IAuditRepository>();
-            var tokenRepo = new Mock<ITokenRepository>();
+//            var tokenRepo = new Mock<ITokenRepository>();
-            services.AddEntityFrameworkInMemoryDatabase()
+//            services.AddEntityFrameworkInMemoryDatabase()
-                .AddDbContext<OmbiContext>();
+//                .AddDbContext<OmbiContext>();
-            services.AddIdentity<OmbiUser, IdentityRole>()
+//            services.AddIdentity<OmbiUser, IdentityRole>()
-                .AddEntityFrameworkStores<OmbiContext>().AddUserManager<OmbiUserManager>();
+//                .AddEntityFrameworkStores<OmbiContext>().AddUserManager<OmbiUserManager>();
-            services.AddTransient(x => _plexApi.Object);
+//            services.AddTransient(x => _plexApi.Object);
-            services.AddTransient(x => _embyApi.Object);
+//            services.AddTransient(x => _embyApi.Object);
-            services.AddTransient(x => _tokenSettings.Object);
+//            services.AddTransient(x => _tokenSettings.Object);
-            services.AddTransient(x => _embySettings.Object);
+//            services.AddTransient(x => _embySettings.Object);
-            services.AddTransient(x => _plexSettings.Object);
+//            services.AddTransient(x => _plexSettings.Object);
-            services.AddTransient(x => audit.Object);
+//            services.AddTransient(x => audit.Object);
-            services.AddTransient(x => tokenRepo.Object);
+//            services.AddTransient(x => tokenRepo.Object);
-            // Taken from https://github.com/aspnet/MusicStore/blob/dev/test/MusicStore.Test/ManageControllerTest.cs (and modified)
+//            // Taken from https://github.com/aspnet/MusicStore/blob/dev/test/MusicStore.Test/ManageControllerTest.cs (and modified)
-            var context = new DefaultHttpContext();
+//            var context = new DefaultHttpContext();
-            context.Features.Set<IHttpAuthenticationFeature>(new HttpAuthenticationFeature());
+//            context.Features.Set<IHttpAuthenticationFeature>(new HttpAuthenticationFeature());
-            services.AddSingleton<IHttpContextAccessor>(h => new HttpContextAccessor { HttpContext = context });
+//            services.AddSingleton<IHttpContextAccessor>(h => new HttpContextAccessor { HttpContext = context });
-            services.Configure<IdentityOptions>(options =>
+//            services.Configure<IdentityOptions>(options =>
-            {
+//            {
-                options.Password.RequireDigit = false;
+//                options.Password.RequireDigit = false;
-                options.Password.RequiredLength = 1;
+//                options.Password.RequiredLength = 1;
-                options.Password.RequireLowercase = false;
+//                options.Password.RequireLowercase = false;
-                options.Password.RequireNonAlphanumeric = false;
+//                options.Password.RequireNonAlphanumeric = false;
-                options.Password.RequireUppercase = false;
+//                options.Password.RequireUppercase = false;
-                options.User.AllowedUserNameCharacters = string.Empty;
+//                options.User.AllowedUserNameCharacters = string.Empty;
-            });
+//            });
-            return services.BuildServiceProvider();
+//            return services.BuildServiceProvider();
-        }
+//        }
-        public void Configure(IApplicationBuilder app, IHostingEnvironment env)
+//        public void Configure(IApplicationBuilder app, IHostingEnvironment env)
-        {
+//        {
-        }
+//        }
-    }
+//    }
-}
+//}
--- a/src/Ombi/Controllers/MusicRequestController.cs
+++ b/src/Ombi/Controllers/MusicRequestController.cs
@ -1,4 +1,5 @@
-using Microsoft.AspNetCore.Authorization;
+using System;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using Ombi.Core.Engine;
 using Ombi.Core.Models.Requests;
@ -11,6 +12,7 @@ using Ombi.Core.Models;
 using Ombi.Core.Models.UI;
 using Ombi.Store.Entities;
 using ILogger = Microsoft.Extensions.Logging.ILogger;
 using System.Linq;
 namespace Ombi.Controllers
 {
@ -170,12 +172,15 @@ namespace Ombi.Controllers
            return await _engine.GetRemainingRequests();
        }
        private string GetApiAlias()
        {
            // Make sure this only applies when using the API KEY
            if (HttpContext.Request.Headers.Keys.Contains("ApiKey", StringComparer.InvariantCultureIgnoreCase))
            {
                if (HttpContext.Request.Headers.TryGetValue("ApiAlias", out var apiAlias))
                {
                    return apiAlias;
                }
-
+            }
            return null;
        }
    }
--- a/src/Ombi/Controllers/RequestController.cs
+++ b/src/Ombi/Controllers/RequestController.cs
@ -1,4 +1,5 @@
-using Microsoft.AspNetCore.Authorization;
+using System;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using Ombi.Core.Engine;
 using Ombi.Core.Engine.Interfaces;
@ -527,11 +528,15 @@ namespace Ombi.Controllers
        }
        private string GetApiAlias()
        {
            // Make sure this only applies when using the API KEY
            if (HttpContext.Request.Headers.Keys.Contains("ApiKey", StringComparer.InvariantCultureIgnoreCase))
            {
                if (HttpContext.Request.Headers.TryGetValue("ApiAlias", out var apiAlias))
                {
                    return apiAlias;
                }
            }
            return null;
        }