mirror of
https://github.com/Ombi-app/Ombi.git
synced 2025-07-12 08:16:05 -07:00
Jamie.Rees
parent
e39512905a
commit
e46c43610f
11 changed files with 159 additions and 100 deletions
|
|
@ -46,6 +46,9 @@ namespace PlexRequests.Helpers.Permissions
|
||||||
RequestMusic = 8,
|
RequestMusic = 8,
|
||||||
|
|
||||||
[Display(Name = "Report Issue")]
|
[Display(Name = "Report Issue")]
|
||||||
ReportIssue = 16
|
ReportIssue = 16,
|
||||||
|
|
||||||
|
[Display(Name = "Read Only User")]
|
||||||
|
ReadOnlyUser = 32,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -39,6 +39,10 @@
|
||||||
<HintPath>..\packages\Newtonsoft.Json.9.0.1\lib\net45\Newtonsoft.Json.dll</HintPath>
|
<HintPath>..\packages\Newtonsoft.Json.9.0.1\lib\net45\Newtonsoft.Json.dll</HintPath>
|
||||||
<Private>True</Private>
|
<Private>True</Private>
|
||||||
</Reference>
|
</Reference>
|
||||||
|
<Reference Include="Ninject, Version=3.2.0.0, Culture=neutral, PublicKeyToken=c7192dc5380945e7, processorArchitecture=MSIL">
|
||||||
|
<HintPath>..\packages\Ninject.3.2.0.0\lib\net45-full\Ninject.dll</HintPath>
|
||||||
|
<Private>True</Private>
|
||||||
|
</Reference>
|
||||||
<Reference Include="NLog, Version=4.0.0.0, Culture=neutral, PublicKeyToken=5120e14c03d0593c, processorArchitecture=MSIL">
|
<Reference Include="NLog, Version=4.0.0.0, Culture=neutral, PublicKeyToken=5120e14c03d0593c, processorArchitecture=MSIL">
|
||||||
<HintPath>..\packages\NLog.4.3.6\lib\net45\NLog.dll</HintPath>
|
<HintPath>..\packages\NLog.4.3.6\lib\net45\NLog.dll</HintPath>
|
||||||
<Private>True</Private>
|
<Private>True</Private>
|
||||||
|
|
|
||||||
|
|
@ -2,6 +2,7 @@
|
||||||
<packages>
|
<packages>
|
||||||
<package id="Nancy" version="1.4.3" targetFramework="net45" />
|
<package id="Nancy" version="1.4.3" targetFramework="net45" />
|
||||||
<package id="Newtonsoft.Json" version="9.0.1" targetFramework="net45" />
|
<package id="Newtonsoft.Json" version="9.0.1" targetFramework="net45" />
|
||||||
|
<package id="Ninject" version="3.2.0.0" targetFramework="net45" />
|
||||||
<package id="NLog" version="4.3.6" targetFramework="net45" />
|
<package id="NLog" version="4.3.6" targetFramework="net45" />
|
||||||
<package id="Owin" version="1.0" targetFramework="net45" />
|
<package id="Owin" version="1.0" targetFramework="net45" />
|
||||||
</packages>
|
</packages>
|
||||||
|
|
@ -49,21 +49,21 @@ namespace PlexRequests.Store.Repository
|
||||||
|
|
||||||
public UsersModel GetUser(string userGuid)
|
public UsersModel GetUser(string userGuid)
|
||||||
{
|
{
|
||||||
var sql = @"SELECT * FROM UsersModel
|
var sql = @"SELECT * FROM Users
|
||||||
WHERE Userguid = @UserGuid";
|
WHERE Userguid = @UserGuid";
|
||||||
return Db.QueryFirstOrDefault<UsersModel>(sql, new {UserGuid = userGuid});
|
return Db.QueryFirstOrDefault<UsersModel>(sql, new {UserGuid = userGuid});
|
||||||
}
|
}
|
||||||
|
|
||||||
public UsersModel GetUserByUsername(string username)
|
public UsersModel GetUserByUsername(string username)
|
||||||
{
|
{
|
||||||
var sql = @"SELECT * FROM UsersModel
|
var sql = @"SELECT * FROM Users
|
||||||
WHERE UserName = @UserName";
|
WHERE UserName = @UserName";
|
||||||
return Db.QueryFirstOrDefault<UsersModel>(sql, new {UserName = username});
|
return Db.QueryFirstOrDefault<UsersModel>(sql, new {UserName = username});
|
||||||
}
|
}
|
||||||
|
|
||||||
public async Task<UsersModel> GetUserAsync(string userguid)
|
public async Task<UsersModel> GetUserAsync(string userguid)
|
||||||
{
|
{
|
||||||
var sql = @"SELECT * FROM UsersModel
|
var sql = @"SELECT * FROM Users
|
||||||
WHERE UserGuid = @UserGuid";
|
WHERE UserGuid = @UserGuid";
|
||||||
return await Db.QueryFirstOrDefaultAsync<UsersModel>(sql, new {UserGuid = userguid});
|
return await Db.QueryFirstOrDefaultAsync<UsersModel>(sql, new {UserGuid = userguid});
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -27,23 +27,36 @@
|
||||||
|
|
||||||
using Nancy.Security;
|
using Nancy.Security;
|
||||||
using Nancy.ViewEngines.Razor;
|
using Nancy.ViewEngines.Razor;
|
||||||
|
using Ninject;
|
||||||
|
using PlexRequests.Helpers.Permissions;
|
||||||
|
using PlexRequests.Store.Repository;
|
||||||
|
|
||||||
namespace PlexRequests.UI.Helpers
|
namespace PlexRequests.UI.Helpers
|
||||||
{
|
{
|
||||||
public static class HtmlSecurityHelper
|
public static class HtmlSecurityHelper
|
||||||
{
|
{
|
||||||
public static bool HasAnyPermission(this HtmlHelpers helper, params string[] claims)
|
private static SecurityExtensions Security
|
||||||
{
|
{
|
||||||
if (!helper.CurrentUser.IsAuthenticated())
|
|
||||||
|
get
|
||||||
{
|
{
|
||||||
return false;
|
var userRepo = ServiceLocator.Instance.Resolve<IUserRepository>();
|
||||||
|
return _security ?? (_security = new SecurityExtensions(userRepo, null));
|
||||||
}
|
}
|
||||||
return helper.CurrentUser.HasAnyClaim(claims);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public static bool DoesNotHaveAnyPermission(this HtmlHelpers helper, params string[] claims)
|
private static SecurityExtensions _security;
|
||||||
|
|
||||||
|
|
||||||
|
public static bool HasAnyPermission(this HtmlHelpers helper, int permission)
|
||||||
{
|
{
|
||||||
return SecurityExtensions.DoesNotHaveClaims(claims, helper.CurrentUser);
|
return helper.CurrentUser.IsAuthenticated()
|
||||||
|
&& Security.HasPermissions(helper.CurrentUser, (Permissions) permission);
|
||||||
|
}
|
||||||
|
|
||||||
|
public static bool DoesNotHavePermission(this HtmlHelpers helper, int permission)
|
||||||
|
{
|
||||||
|
return Security.DoesNotHavePermissions(permission, helper.CurrentUser);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -31,14 +31,25 @@ using System.Linq;
|
||||||
using Nancy;
|
using Nancy;
|
||||||
using Nancy.Extensions;
|
using Nancy.Extensions;
|
||||||
using Nancy.Security;
|
using Nancy.Security;
|
||||||
|
using Ninject;
|
||||||
|
using PlexRequests.Helpers.Permissions;
|
||||||
|
using PlexRequests.Store.Repository;
|
||||||
using PlexRequests.UI.Models;
|
using PlexRequests.UI.Models;
|
||||||
|
|
||||||
namespace PlexRequests.UI.Helpers
|
namespace PlexRequests.UI.Helpers
|
||||||
{
|
{
|
||||||
public static class SecurityExtensions
|
public class SecurityExtensions
|
||||||
{
|
{
|
||||||
|
public SecurityExtensions(IUserRepository userRepository, NancyModule context)
|
||||||
|
{
|
||||||
|
UserRepository = userRepository;
|
||||||
|
Module = context;
|
||||||
|
}
|
||||||
|
|
||||||
public static bool IsLoggedIn(this NancyContext context)
|
private IUserRepository UserRepository { get; }
|
||||||
|
private NancyModule Module { get; }
|
||||||
|
|
||||||
|
public bool IsLoggedIn(NancyContext context)
|
||||||
{
|
{
|
||||||
var userName = context.Request.Session[SessionKeys.UsernameKey];
|
var userName = context.Request.Session[SessionKeys.UsernameKey];
|
||||||
var realUser = false;
|
var realUser = false;
|
||||||
|
|
@ -52,7 +63,7 @@ namespace PlexRequests.UI.Helpers
|
||||||
return realUser || plexUser;
|
return realUser || plexUser;
|
||||||
}
|
}
|
||||||
|
|
||||||
public static bool IsPlexUser(this NancyContext context)
|
public bool IsPlexUser(NancyContext context)
|
||||||
{
|
{
|
||||||
var userName = context.Request.Session[SessionKeys.UsernameKey];
|
var userName = context.Request.Session[SessionKeys.UsernameKey];
|
||||||
var plexUser = userName != null;
|
var plexUser = userName != null;
|
||||||
|
|
@ -62,7 +73,7 @@ namespace PlexRequests.UI.Helpers
|
||||||
return plexUser && !isAuth;
|
return plexUser && !isAuth;
|
||||||
}
|
}
|
||||||
|
|
||||||
public static bool IsNormalUser(this NancyContext context)
|
public bool IsNormalUser(NancyContext context)
|
||||||
{
|
{
|
||||||
var userName = context.Request.Session[SessionKeys.UsernameKey];
|
var userName = context.Request.Session[SessionKeys.UsernameKey];
|
||||||
var plexUser = userName != null;
|
var plexUser = userName != null;
|
||||||
|
|
@ -72,63 +83,72 @@ namespace PlexRequests.UI.Helpers
|
||||||
return isAuth && !plexUser;
|
return isAuth && !plexUser;
|
||||||
}
|
}
|
||||||
|
|
||||||
/// <summary>
|
|
||||||
/// This module requires authentication and NO certain claims to be present.
|
|
||||||
/// </summary>
|
|
||||||
/// <param name="module">Module to enable</param>
|
|
||||||
/// <param name="requiredClaims">Claim(s) required</param>
|
|
||||||
public static void DoesNotHaveClaim(this INancyModule module, params string[] bannedClaims)
|
|
||||||
{
|
|
||||||
module.AddBeforeHookOrExecute(SecurityHooks.RequiresAuthentication(), "Requires Authentication");
|
|
||||||
module.AddBeforeHookOrExecute(DoesNotHaveClaims(bannedClaims), "Has Banned Claims");
|
|
||||||
}
|
|
||||||
|
|
||||||
public static bool DoesNotHaveClaimCheck(this INancyModule module, params string[] bannedClaims)
|
|
||||||
{
|
|
||||||
if (!module.Context?.CurrentUser?.IsAuthenticated() ?? false)
|
|
||||||
{
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
if (DoesNotHaveClaims(bannedClaims, module.Context))
|
|
||||||
{
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
|
|
||||||
public static bool DoesNotHaveClaimCheck(this NancyContext context, params string[] bannedClaims)
|
|
||||||
{
|
|
||||||
if (!context?.CurrentUser?.IsAuthenticated() ?? false)
|
|
||||||
{
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
if (DoesNotHaveClaims(bannedClaims, context))
|
|
||||||
{
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
|
|
||||||
/// <summary>
|
/// <summary>
|
||||||
/// Creates a hook to be used in a pipeline before a route handler to ensure
|
/// Creates a hook to be used in a pipeline before a route handler to ensure
|
||||||
/// that the request was made by an authenticated user does not have the claims.
|
/// that the request was made by an authenticated user does not have the claims.
|
||||||
/// </summary>
|
/// </summary>
|
||||||
/// <param name="claims">Claims the authenticated user needs to have</param>
|
/// <param name="perm">Claims the authenticated user needs to have</param>
|
||||||
/// <returns>Hook that returns an Unauthorized response if the user is not
|
/// <returns>Hook that returns an Unauthorized response if the user is not
|
||||||
/// authenticated or does have the claims, null otherwise</returns>
|
/// authenticated or does have the claims, null otherwise</returns>
|
||||||
private static Func<NancyContext, Response> DoesNotHaveClaims(IEnumerable<string> claims)
|
private Func<NancyContext, Response> DoesNotHavePermissions(int perm)
|
||||||
{
|
{
|
||||||
return ForbiddenIfNot(ctx => !ctx.CurrentUser.HasAnyClaim(claims));
|
return ForbiddenIfNot(ctx =>
|
||||||
|
{
|
||||||
|
var dbUser = UserRepository.GetUserByUsername(ctx.CurrentUser.UserName);
|
||||||
|
|
||||||
|
if (dbUser == null) return false;
|
||||||
|
|
||||||
|
var permissions = (Permissions)dbUser.Permissions;
|
||||||
|
var result = permissions.HasFlag((Permissions)perm);
|
||||||
|
return !result;
|
||||||
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
public static bool DoesNotHaveClaims(IEnumerable<string> claims, NancyContext ctx)
|
public bool DoesNotHavePermissions(int perm, IUserIdentity currentUser)
|
||||||
{
|
{
|
||||||
return !ctx.CurrentUser.HasAnyClaim(claims);
|
return DoesNotHavePermissions((Permissions) perm, currentUser);
|
||||||
}
|
}
|
||||||
|
|
||||||
public static bool DoesNotHaveClaims(IEnumerable<string> claims, IUserIdentity identity)
|
public bool DoesNotHavePermissions(Permissions perm, IUserIdentity currentUser)
|
||||||
{
|
{
|
||||||
return !identity?.HasAnyClaim(claims) ?? true;
|
var dbUser = UserRepository.GetUserByUsername(currentUser.UserName);
|
||||||
|
|
||||||
|
if (dbUser == null) return false;
|
||||||
|
|
||||||
|
var permissions = (Permissions)dbUser.Permissions;
|
||||||
|
var result = permissions.HasFlag((Permissions)perm);
|
||||||
|
return !result;
|
||||||
|
}
|
||||||
|
|
||||||
|
public bool HasPermissions(IUserIdentity user, Permissions perm)
|
||||||
|
{
|
||||||
|
if (user == null) return false;
|
||||||
|
|
||||||
|
var dbUser = UserRepository.GetUserByUsername(user.UserName);
|
||||||
|
|
||||||
|
if (dbUser == null) return false;
|
||||||
|
|
||||||
|
var permissions = (Permissions)dbUser.Permissions;
|
||||||
|
var result = permissions.HasFlag(perm);
|
||||||
|
return result;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void HasPermissionsResponse(Permissions perm)
|
||||||
|
{
|
||||||
|
Module.AddBeforeHookOrExecute(
|
||||||
|
ForbiddenIfNot(ctx =>
|
||||||
|
{
|
||||||
|
if (ctx.CurrentUser == null) return false;
|
||||||
|
|
||||||
|
var dbUser = UserRepository.GetUserByUsername(ctx.CurrentUser.UserName);
|
||||||
|
|
||||||
|
if (dbUser == null) return false;
|
||||||
|
|
||||||
|
var permissions = (Permissions)dbUser.Permissions;
|
||||||
|
var result = permissions.HasFlag(perm);
|
||||||
|
return result;
|
||||||
|
}), "Requires Claims");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -140,7 +160,7 @@ namespace PlexRequests.UI.Helpers
|
||||||
/// </summary>
|
/// </summary>
|
||||||
/// <param name="test">Test that must return true for the request to continue</param>
|
/// <param name="test">Test that must return true for the request to continue</param>
|
||||||
/// <returns>Hook that returns an Forbidden response if the test fails, null otherwise</returns>
|
/// <returns>Hook that returns an Forbidden response if the test fails, null otherwise</returns>
|
||||||
private static Func<NancyContext, Response> ForbiddenIfNot(Func<NancyContext, bool> test)
|
public Func<NancyContext, Response> ForbiddenIfNot(Func<NancyContext, bool> test)
|
||||||
{
|
{
|
||||||
return HttpStatusCodeIfNot(HttpStatusCode.Forbidden, test);
|
return HttpStatusCodeIfNot(HttpStatusCode.Forbidden, test);
|
||||||
}
|
}
|
||||||
|
|
@ -152,7 +172,7 @@ namespace PlexRequests.UI.Helpers
|
||||||
/// <param name="statusCode">HttpStatusCode to use for the response</param>
|
/// <param name="statusCode">HttpStatusCode to use for the response</param>
|
||||||
/// <param name="test">Test that must return true for the request to continue</param>
|
/// <param name="test">Test that must return true for the request to continue</param>
|
||||||
/// <returns>Hook that returns a response with a specific HttpStatusCode if the test fails, null otherwise</returns>
|
/// <returns>Hook that returns a response with a specific HttpStatusCode if the test fails, null otherwise</returns>
|
||||||
private static Func<NancyContext, Response> HttpStatusCodeIfNot(HttpStatusCode statusCode, Func<NancyContext, bool> test)
|
public Func<NancyContext, Response> HttpStatusCodeIfNot(HttpStatusCode statusCode, Func<NancyContext, bool> test)
|
||||||
{
|
{
|
||||||
return ctx =>
|
return ctx =>
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -56,6 +56,7 @@ using PlexRequests.Core.SettingModels;
|
||||||
using PlexRequests.Helpers;
|
using PlexRequests.Helpers;
|
||||||
using PlexRequests.Helpers.Analytics;
|
using PlexRequests.Helpers.Analytics;
|
||||||
using PlexRequests.Helpers.Exceptions;
|
using PlexRequests.Helpers.Exceptions;
|
||||||
|
using PlexRequests.Helpers.Permissions;
|
||||||
using PlexRequests.Services.Interfaces;
|
using PlexRequests.Services.Interfaces;
|
||||||
using PlexRequests.Services.Jobs;
|
using PlexRequests.Services.Jobs;
|
||||||
using PlexRequests.Services.Notification;
|
using PlexRequests.Services.Notification;
|
||||||
|
|
@ -153,7 +154,7 @@ namespace PlexRequests.UI.Modules
|
||||||
NotifySettings = notifyService;
|
NotifySettings = notifyService;
|
||||||
RecentlyAdded = recentlyAdded;
|
RecentlyAdded = recentlyAdded;
|
||||||
|
|
||||||
this.RequiresClaims(UserClaims.Admin);
|
Security.HasPermissionsResponse(Permissions.Administrator);
|
||||||
|
|
||||||
Get["/"] = _ => Admin();
|
Get["/"] = _ => Admin();
|
||||||
|
|
||||||
|
|
@ -849,7 +850,8 @@ namespace PlexRequests.UI.Modules
|
||||||
|
|
||||||
private Response CreateApiKey()
|
private Response CreateApiKey()
|
||||||
{
|
{
|
||||||
this.RequiresClaims(UserClaims.Admin);
|
Security.HasPermissionsResponse(Permissions.Administrator);
|
||||||
|
|
||||||
Analytics.TrackEventAsync(Category.Admin, Action.Create, "Created API Key", Username, CookieHelper.GetAnalyticClientId(Cookies));
|
Analytics.TrackEventAsync(Category.Admin, Action.Create, "Created API Key", Username, CookieHelper.GetAnalyticClientId(Cookies));
|
||||||
var apiKey = Guid.NewGuid().ToString("N");
|
var apiKey = Guid.NewGuid().ToString("N");
|
||||||
var settings = PrService.GetSettings();
|
var settings = PrService.GetSettings();
|
||||||
|
|
|
||||||
|
|
@ -30,6 +30,7 @@ using System.Linq;
|
||||||
using System.Threading;
|
using System.Threading;
|
||||||
|
|
||||||
using Nancy;
|
using Nancy;
|
||||||
|
using Nancy.Security;
|
||||||
using Ninject;
|
using Ninject;
|
||||||
using PlexRequests.Core;
|
using PlexRequests.Core;
|
||||||
using PlexRequests.Core.SettingModels;
|
using PlexRequests.Core.SettingModels;
|
||||||
|
|
@ -121,10 +122,6 @@ namespace PlexRequests.UI.Modules
|
||||||
|
|
||||||
protected IDictionary<string, string> Cookies => Request?.Cookies;
|
protected IDictionary<string, string> Cookies => Request?.Cookies;
|
||||||
|
|
||||||
// This is not ideal, but it's cleaner than having to pass it down through each module.
|
|
||||||
[Inject]
|
|
||||||
protected IUserRepository UserRepository { get; set; }
|
|
||||||
|
|
||||||
protected bool IsAdmin
|
protected bool IsAdmin
|
||||||
{
|
{
|
||||||
get
|
get
|
||||||
|
|
@ -134,7 +131,9 @@ namespace PlexRequests.UI.Modules
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
var user = UserRepository.GetUserByUsername(Context?.CurrentUser?.UserName);
|
var userRepo = ServiceLocator.Instance.Resolve<IUserRepository>();
|
||||||
|
|
||||||
|
var user = userRepo.GetUserByUsername(Context?.CurrentUser?.UserName);
|
||||||
|
|
||||||
if (user == null) return false;
|
if (user == null) return false;
|
||||||
|
|
||||||
|
|
@ -144,6 +143,22 @@ namespace PlexRequests.UI.Modules
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
protected IUserIdentity User => Context?.CurrentUser;
|
||||||
|
|
||||||
|
protected SecurityExtensions Security
|
||||||
|
{
|
||||||
|
|
||||||
|
get
|
||||||
|
{
|
||||||
|
var userRepo = ServiceLocator.Instance.Resolve<IUserRepository>();
|
||||||
|
return _security ?? (_security = new SecurityExtensions(userRepo, this));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private SecurityExtensions _security;
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
protected bool LoggedIn => Context?.CurrentUser != null;
|
protected bool LoggedIn => Context?.CurrentUser != null;
|
||||||
|
|
||||||
protected string Culture { get; set; }
|
protected string Culture { get; set; }
|
||||||
|
|
|
||||||
|
|
@ -55,6 +55,7 @@ using PlexRequests.Api.Models.Sonarr;
|
||||||
using PlexRequests.Api.Models.Tv;
|
using PlexRequests.Api.Models.Tv;
|
||||||
using PlexRequests.Core.Models;
|
using PlexRequests.Core.Models;
|
||||||
using PlexRequests.Helpers.Analytics;
|
using PlexRequests.Helpers.Analytics;
|
||||||
|
using PlexRequests.Helpers.Permissions;
|
||||||
using PlexRequests.Store.Models;
|
using PlexRequests.Store.Models;
|
||||||
using PlexRequests.Store.Repository;
|
using PlexRequests.Store.Repository;
|
||||||
|
|
||||||
|
|
@ -444,7 +445,7 @@ namespace PlexRequests.UI.Modules
|
||||||
|
|
||||||
private async Task<Response> RequestMovie(int movieId)
|
private async Task<Response> RequestMovie(int movieId)
|
||||||
{
|
{
|
||||||
if (this.DoesNotHaveClaimCheck(UserClaims.ReadOnlyUser))
|
if (Security.DoesNotHavePermissions(Permissions.ReadOnlyUser, User))
|
||||||
{
|
{
|
||||||
return
|
return
|
||||||
Response.AsJson(new JsonResponseModel()
|
Response.AsJson(new JsonResponseModel()
|
||||||
|
|
@ -553,7 +554,7 @@ namespace PlexRequests.UI.Modules
|
||||||
/// <returns></returns>
|
/// <returns></returns>
|
||||||
private async Task<Response> RequestTvShow(int showId, string seasons)
|
private async Task<Response> RequestTvShow(int showId, string seasons)
|
||||||
{
|
{
|
||||||
if (this.DoesNotHaveClaimCheck(UserClaims.ReadOnlyUser))
|
if (Security.DoesNotHavePermissions(Permissions.ReadOnlyUser, User))
|
||||||
{
|
{
|
||||||
return
|
return
|
||||||
Response.AsJson(new JsonResponseModel()
|
Response.AsJson(new JsonResponseModel()
|
||||||
|
|
|
||||||
|
|
@ -33,7 +33,6 @@ using NLog;
|
||||||
|
|
||||||
using Owin;
|
using Owin;
|
||||||
using PlexRequests.Core.Migration;
|
using PlexRequests.Core.Migration;
|
||||||
using PlexRequests.Services.Jobs;
|
|
||||||
using PlexRequests.UI.Helpers;
|
using PlexRequests.UI.Helpers;
|
||||||
using PlexRequests.UI.Jobs;
|
using PlexRequests.UI.Jobs;
|
||||||
using PlexRequests.UI.NinjectModules;
|
using PlexRequests.UI.NinjectModules;
|
||||||
|
|
@ -57,7 +56,7 @@ namespace PlexRequests.UI
|
||||||
|
|
||||||
|
|
||||||
Debug.WriteLine("Modules found finished.");
|
Debug.WriteLine("Modules found finished.");
|
||||||
var kernel = new StandardKernel(modules);
|
var kernel = new StandardKernel(new NinjectSettings { InjectNonPublic = true }, modules);
|
||||||
Debug.WriteLine("Created Kernel and Injected Modules");
|
Debug.WriteLine("Created Kernel and Injected Modules");
|
||||||
|
|
||||||
Debug.WriteLine("Added Contravariant Binder");
|
Debug.WriteLine("Added Contravariant Binder");
|
||||||
|
|
|
||||||
|
|
@ -57,7 +57,8 @@
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<label for="ApiKey" class="control-label">Api Key</label>
|
<label for="ApiKey" class="control-label">Api Key</label>
|
||||||
<div class="input-group">
|
<div class="input-group">
|
||||||
<input type="text" disabled="disabled" class="form-control form-control-custom" id="apiKey" name="ApiKey" value="@Model.ApiKey">
|
<input type="text" hidden="hidden" name="ApiKey" value="@Model.ApiKey"/>
|
||||||
|
<input type="text" disabled="disabled" class="form-control form-control-custom" id="ApiKey" name="ApiKey" value="@Model.ApiKey">
|
||||||
|
|
||||||
<div class="input-group-addon">
|
<div class="input-group-addon">
|
||||||
<div id="refreshKey" class="fa fa-refresh" title="Reset API Key"></div>
|
<div id="refreshKey" class="fa fa-refresh" title="Reset API Key"></div>
|
||||||
|
|
@ -65,16 +66,16 @@
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<label for="select" class="control-label">Theme</label>
|
<label for="select" class="control-label">Theme</label>
|
||||||
<div id="themes">
|
<div id="themes">
|
||||||
<select class="form-control form-control-custom" id="select">
|
<select class="form-control form-control-custom" id="select">
|
||||||
<option @plexTheme class="form-control form-control-custom" value="@Themes.PlexTheme">Plex</option>
|
<option @plexTheme class="form-control form-control-custom" value="@Themes.PlexTheme">Plex</option>
|
||||||
<option @originalTheme class="form-control form-control-custom" value="@Themes.OriginalTheme">Original Blue</option>
|
<option @originalTheme class="form-control form-control-custom" value="@Themes.OriginalTheme">Original Blue</option>
|
||||||
</select>
|
</select>
|
||||||
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
<div class="form-group">
|
||||||
<div class="form-group">
|
|
||||||
<div class="checkbox">
|
<div class="checkbox">
|
||||||
|
|
||||||
@if (Model.SearchForMovies)
|
@if (Model.SearchForMovies)
|
||||||
|
|
@ -283,7 +284,7 @@
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
<p class="form-group">A comma separated list of users whose requests do not require approval (These users also do not have a request limit).</p>
|
<p class="form-group">A comma separated list of users whose requests do not require approval (These users also do not have a request limit).</p>
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<label for="NoApprovalUsers" class="control-label">Approval White listed Users</label>
|
<label for="NoApprovalUsers" class="control-label">Approval White listed Users</label>
|
||||||
<div>
|
<div>
|
||||||
|
|
@ -293,23 +294,23 @@
|
||||||
|
|
||||||
|
|
||||||
<p class="form-group">If the request limits are set to 0 then no request limit is applied.</p>
|
<p class="form-group">If the request limits are set to 0 then no request limit is applied.</p>
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<label for="MovieWeeklyRequestLimit" class="control-label">Movie Weekly Request Limit</label>
|
<label for="MovieWeeklyRequestLimit" class="control-label">Movie Weekly Request Limit</label>
|
||||||
<div>
|
<div>
|
||||||
<label>
|
<label>
|
||||||
<input type="number" id="MovieWeeklyRequestLimit" name="MovieWeeklyRequestLimit" class="form-control form-control-custom " value="@Model.MovieWeeklyRequestLimit">
|
<input type="number" id="MovieWeeklyRequestLimit" name="MovieWeeklyRequestLimit" class="form-control form-control-custom " value="@Model.MovieWeeklyRequestLimit">
|
||||||
</label>
|
</label>
|
||||||
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
|
||||||
|
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<label for="TvWeeklyRequestLimit" class="control-label">TV Show Weekly Request Limit</label>
|
<label for="TvWeeklyRequestLimit" class="control-label">TV Show Weekly Request Limit</label>
|
||||||
<div>
|
<div>
|
||||||
<label>
|
<label>
|
||||||
<input type="number" id="TvWeeklyRequestLimit" name="TvWeeklyRequestLimit" class="form-control form-control-custom " value="@Model.TvWeeklyRequestLimit">
|
<input type="number" id="TvWeeklyRequestLimit" name="TvWeeklyRequestLimit" class="form-control form-control-custom " value="@Model.TvWeeklyRequestLimit">
|
||||||
</label>
|
</label>
|
||||||
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
|
||||||
|
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<label for="AlbumWeeklyRequestLimit" class="control-label">Album Weekly Request Limit</label>
|
<label for="AlbumWeeklyRequestLimit" class="control-label">Album Weekly Request Limit</label>
|
||||||
|
|
@ -320,7 +321,7 @@
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<div>
|
<div>
|
||||||
</div>
|
</div>
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<div>
|
<div>
|
||||||
|
|
@ -373,7 +374,7 @@
|
||||||
success: function(response) {
|
success: function(response) {
|
||||||
if (response) {
|
if (response) {
|
||||||
generateNotify("Success!", "success");
|
generateNotify("Success!", "success");
|
||||||
$('#apiKey').val(response);
|
$('#ApiKey').val(response);
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
error: function(e) {
|
error: function(e) {
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue