Brendon/gameyfin
1
0
Fork 0
mirror of https://github.com/BrenBroZAYT/gameyfin.git synced 2026-06-16 16:20:04 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix public access permissions

Browse Source
This commit is contained in:
grimsi
2025-07-17 00:10:59 +02:00
parent edf7a569df
commit e506ad1bc2
2 changed files with 7 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/src/main/kotlin/org/gameyfin/app/core/security/DynamicPublicAccessAuthorizationManager.kt
+3 -1
View File
@@ -17,7 +17,9 @@ class DynamicPublicAccessAuthorizationManager(
authentication: Supplier<Authentication?>?, authentication: Supplier<Authentication?>?,
`object`: RequestAuthorizationContext? `object`: RequestAuthorizationContext?
): AuthorizationDecision? { ): AuthorizationDecision? {
val allow = config.get(ConfigProperties.Libraries.AllowPublicAccess) == true val auth = authentication?.get()
val allow = (auth?.isAuthenticated == true && auth.principal != "anonymousUser") ||
config.get(ConfigProperties.Libraries.AllowPublicAccess) == true
return AuthorizationDecision(allow) return AuthorizationDecision(allow)
} }
} }
app/src/main/kotlin/org/gameyfin/app/core/security/SecurityConfig.kt
+4 -2
View File
@@ -44,13 +44,15 @@ class SecurityConfig(
.requestMatchers("/reset-password").permitAll() .requestMatchers("/reset-password").permitAll()
.requestMatchers("/accept-invitation").permitAll() .requestMatchers("/accept-invitation").permitAll()
.requestMatchers("/public/**").permitAll() .requestMatchers("/public/**").permitAll()
.requestMatchers("/images/**").permitAll()
// Dynamic public access for certain endpoints // Dynamic public access for certain endpoints
auth.requestMatchers("/game/**").access(DynamicPublicAccessAuthorizationManager(config)) auth.requestMatchers("/").access(DynamicPublicAccessAuthorizationManager(config))
.requestMatchers("/game/**").access(DynamicPublicAccessAuthorizationManager(config))
.requestMatchers("/library/**").access(DynamicPublicAccessAuthorizationManager(config)) .requestMatchers("/library/**").access(DynamicPublicAccessAuthorizationManager(config))
.requestMatchers("/search/**").access(DynamicPublicAccessAuthorizationManager(config)) .requestMatchers("/search/**").access(DynamicPublicAccessAuthorizationManager(config))
.requestMatchers("/download/**").access(DynamicPublicAccessAuthorizationManager(config)) .requestMatchers("/download/**").access(DynamicPublicAccessAuthorizationManager(config))
.requestMatchers("/images/**").access(DynamicPublicAccessAuthorizationManager(config))
.requestMatchers("/images/**").access(DynamicPublicAccessAuthorizationManager(config))
} }
http.sessionManagement { sessionManagement -> http.sessionManagement { sessionManagement ->