From 4629301264356cded2ff56d195f1a1e51adc3fcb Mon Sep 17 00:00:00 2001 From: tidusjar Date: Sun, 20 Nov 2016 19:10:46 +0000 Subject: [PATCH] Implimented auto approve permissions #218 --- .../ISecurityExtensions.cs | 3 +- PlexRequests.Core/PlexRequests.Core.csproj | 7 +- PlexRequests.Core/RequestHelper.cs | 82 ------------------- .../SecurityExtensions.cs | 21 +++-- PlexRequests.Core/packages.config | 1 + .../PlexRequests.Helpers.csproj | 1 + .../SessionKeys.cs | 2 +- .../Jobs/FaultQueueHandler.cs | 39 ++++++++- .../PlexRequests.Services.csproj | 4 + PlexRequests.Services/packages.config | 1 + PlexRequests.UI.Tests/UserLoginModuleTests.cs | 1 + PlexRequests.UI/Helpers/HtmlSecurityHelper.cs | 1 + PlexRequests.UI/Modules/Admin/AdminModule.cs | 1 + .../Modules/Admin/FaultQueueModule.cs | 1 + .../Modules/Admin/SystemStatusModule.cs | 1 + PlexRequests.UI/Modules/ApiDocsModule.cs | 2 + PlexRequests.UI/Modules/ApiRequestModule.cs | 2 + PlexRequests.UI/Modules/ApiSettingsModule.cs | 2 + PlexRequests.UI/Modules/ApiUserModule.cs | 2 + .../Modules/ApplicationTesterModule.cs | 2 + PlexRequests.UI/Modules/ApprovalModule.cs | 1 + PlexRequests.UI/Modules/BaseApiModule.cs | 2 + PlexRequests.UI/Modules/BaseAuthModule.cs | 4 +- PlexRequests.UI/Modules/BaseModule.cs | 6 +- PlexRequests.UI/Modules/CultureModule.cs | 2 + PlexRequests.UI/Modules/DonationLinkModule.cs | 2 + PlexRequests.UI/Modules/IndexModule.cs | 2 + PlexRequests.UI/Modules/IssuesModule.cs | 1 + PlexRequests.UI/Modules/LandingPageModule.cs | 2 + PlexRequests.UI/Modules/LayoutModule.cs | 2 + PlexRequests.UI/Modules/LoginModule.cs | 3 +- PlexRequests.UI/Modules/RequestsModule.cs | 1 + PlexRequests.UI/Modules/SearchModule.cs | 36 ++++++-- PlexRequests.UI/Modules/UserLoginModule.cs | 6 +- .../Modules/UserManagementModule.cs | 3 +- PlexRequests.UI/Modules/UserWizardModule.cs | 3 +- .../NinjectModules/ConfigurationModule.cs | 5 +- PlexRequests.UI/PlexRequests.UI.csproj | 3 - .../Views/Shared/Partial/_Navbar.cshtml | 1 + 39 files changed, 140 insertions(+), 121 deletions(-) rename {PlexRequests.UI/Helpers => PlexRequests.Core}/ISecurityExtensions.cs (91%) delete mode 100644 PlexRequests.Core/RequestHelper.cs rename {PlexRequests.UI/Helpers => PlexRequests.Core}/SecurityExtensions.cs (92%) rename {PlexRequests.UI/Models => PlexRequests.Helpers}/SessionKeys.cs (98%) diff --git a/PlexRequests.UI/Helpers/ISecurityExtensions.cs b/PlexRequests.Core/ISecurityExtensions.cs similarity index 91% rename from PlexRequests.UI/Helpers/ISecurityExtensions.cs rename to PlexRequests.Core/ISecurityExtensions.cs index fb2a8ebf7..b343e63f7 100644 --- a/PlexRequests.UI/Helpers/ISecurityExtensions.cs +++ b/PlexRequests.Core/ISecurityExtensions.cs @@ -3,7 +3,7 @@ using Nancy; using Nancy.Security; using PlexRequests.Helpers.Permissions; -namespace PlexRequests.UI.Helpers +namespace PlexRequests.Core { public interface ISecurityExtensions { @@ -18,5 +18,6 @@ namespace PlexRequests.UI.Helpers bool IsLoggedIn(NancyContext context); bool IsNormalUser(NancyContext context); bool IsPlexUser(NancyContext context); + bool HasPermissions(string userName, Permissions perm); } } \ No newline at end of file diff --git a/PlexRequests.Core/PlexRequests.Core.csproj b/PlexRequests.Core/PlexRequests.Core.csproj index cf47610b6..75e2fb804 100644 --- a/PlexRequests.Core/PlexRequests.Core.csproj +++ b/PlexRequests.Core/PlexRequests.Core.csproj @@ -46,6 +46,10 @@ ..\Assemblies\Mono.Data.Sqlite.dll + + ..\packages\Nancy.Linker.0.3.1\lib\net40-Client\Nancy.Linker.dll + True + ..\packages\Newtonsoft.Json.9.0.1\lib\net45\Newtonsoft.Json.dll True @@ -92,6 +96,7 @@ + @@ -112,7 +117,7 @@ - + diff --git a/PlexRequests.Core/RequestHelper.cs b/PlexRequests.Core/RequestHelper.cs deleted file mode 100644 index 0e99df6ca..000000000 --- a/PlexRequests.Core/RequestHelper.cs +++ /dev/null @@ -1,82 +0,0 @@ -#region Copyright -// /************************************************************************ -// Copyright (c) 2016 Jamie Rees -// File: RequestHelper.cs -// Created By: Jamie Rees -// -// Permission is hereby granted, free of charge, to any person obtaining -// a copy of this software and associated documentation files (the -// "Software"), to deal in the Software without restriction, including -// without limitation the rights to use, copy, modify, merge, publish, -// distribute, sublicense, and/or sell copies of the Software, and to -// permit persons to whom the Software is furnished to do so, subject to -// the following conditions: -// -// The above copyright notice and this permission notice shall be -// included in all copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, -// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF -// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND -// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE -// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION -// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION -// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. -// ************************************************************************/ -#endregion - -using System; -using System.Collections.Generic; -using System.Linq; -using PlexRequests.Core.SettingModels; -using PlexRequests.Store; - -namespace PlexRequests.Core -{ - public static class RequestHelper - { - public static bool ShouldAutoApprove(this RequestType requestType, PlexRequestSettings prSettings, bool isAdmin, string username) - { - // if the user is an admin or they are whitelisted, they go ahead and allow auto-approval - if (isAdmin || prSettings.ApprovalWhiteList.Any(x => x.Equals(username, StringComparison.OrdinalIgnoreCase))) return true; - - // check by request type if the category requires approval or not - switch (requestType) - { - case RequestType.Movie: - return !prSettings.RequireMovieApproval; - case RequestType.TvShow: - return !prSettings.RequireTvShowApproval; - case RequestType.Album: - return !prSettings.RequireMusicApproval; - default: - return false; - } - } - - public static bool ShouldAutoApprove(this RequestType requestType, PlexRequestSettings prSettings, bool isAdmin, List username) - { - // if the user is an admin or they are whitelisted, they go ahead and allow auto-approval - if (isAdmin) return true; - - - if(prSettings.ApprovalWhiteList.Intersect(username).Any()) - { - return true; - } - - // check by request type if the category requires approval or not - switch (requestType) - { - case RequestType.Movie: - return !prSettings.RequireMovieApproval; - case RequestType.TvShow: - return !prSettings.RequireTvShowApproval; - case RequestType.Album: - return !prSettings.RequireMusicApproval; - default: - return false; - } - } - } -} \ No newline at end of file diff --git a/PlexRequests.UI/Helpers/SecurityExtensions.cs b/PlexRequests.Core/SecurityExtensions.cs similarity index 92% rename from PlexRequests.UI/Helpers/SecurityExtensions.cs rename to PlexRequests.Core/SecurityExtensions.cs index 46e1c754d..3bb887cbd 100644 --- a/PlexRequests.UI/Helpers/SecurityExtensions.cs +++ b/PlexRequests.Core/SecurityExtensions.cs @@ -30,11 +30,12 @@ using Nancy; using Nancy.Linker; using Nancy.Responses; using Nancy.Security; +using PlexRequests.Helpers; using PlexRequests.Helpers.Permissions; using PlexRequests.Store.Repository; -using PlexRequests.UI.Models; +using ISecurityExtensions = PlexRequests.Core.ISecurityExtensions; -namespace PlexRequests.UI.Helpers +namespace PlexRequests.Core { public class SecurityExtensions : ISecurityExtensions { @@ -111,6 +112,11 @@ namespace PlexRequests.UI.Helpers var permissions = GetPermissions(user); return permissions.HasFlag(perm); } + public bool HasPermissions(string userName, Permissions perm) + { + var permissions = GetPermissions(userName); + return permissions.HasFlag(perm); + } public bool HasAnyPermissions(IUserIdentity user, params Permissions[] perm) { @@ -193,9 +199,14 @@ namespace PlexRequests.UI.Helpers private Permissions GetPermissions(IUserIdentity user) { - if (user == null) return 0; + return GetPermissions(user.UserName); + } + + private Permissions GetPermissions(string userName) + { + if (string.IsNullOrEmpty(userName)) return 0; - var dbUser = UserRepository.GetUserByUsername(user.UserName); + var dbUser = UserRepository.GetUserByUsername(userName); if (dbUser != null) { @@ -203,7 +214,7 @@ namespace PlexRequests.UI.Helpers return permissions; } - var plexUser = PlexUsers.GetUserByUsername(user.UserName); + var plexUser = PlexUsers.GetUserByUsername(userName); if (plexUser != null) { var permissions = (Permissions)plexUser.Permissions; diff --git a/PlexRequests.Core/packages.config b/PlexRequests.Core/packages.config index d698d0fd5..e343a209e 100644 --- a/PlexRequests.Core/packages.config +++ b/PlexRequests.Core/packages.config @@ -5,6 +5,7 @@ + diff --git a/PlexRequests.Helpers/PlexRequests.Helpers.csproj b/PlexRequests.Helpers/PlexRequests.Helpers.csproj index 90aac0c64..5563d5da5 100644 --- a/PlexRequests.Helpers/PlexRequests.Helpers.csproj +++ b/PlexRequests.Helpers/PlexRequests.Helpers.csproj @@ -90,6 +90,7 @@ + diff --git a/PlexRequests.UI/Models/SessionKeys.cs b/PlexRequests.Helpers/SessionKeys.cs similarity index 98% rename from PlexRequests.UI/Models/SessionKeys.cs rename to PlexRequests.Helpers/SessionKeys.cs index 766a84bf6..fe43a909d 100644 --- a/PlexRequests.UI/Models/SessionKeys.cs +++ b/PlexRequests.Helpers/SessionKeys.cs @@ -24,7 +24,7 @@ // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. // ************************************************************************/ #endregion -namespace PlexRequests.UI.Models +namespace PlexRequests.Helpers { public class SessionKeys { diff --git a/PlexRequests.Services/Jobs/FaultQueueHandler.cs b/PlexRequests.Services/Jobs/FaultQueueHandler.cs index e774043f3..e4de54b29 100644 --- a/PlexRequests.Services/Jobs/FaultQueueHandler.cs +++ b/PlexRequests.Services/Jobs/FaultQueueHandler.cs @@ -54,7 +54,8 @@ namespace PlexRequests.Services.Jobs public FaultQueueHandler(IJobRecord record, IRepository repo, ISonarrApi sonarrApi, ISickRageApi srApi, ISettingsService sonarrSettings, ISettingsService srSettings, ICouchPotatoApi cpApi, ISettingsService cpsettings, IRequestService requestService, - ISettingsService hpSettings, IHeadphonesApi headphonesApi, ISettingsService prSettings) + ISettingsService hpSettings, IHeadphonesApi headphonesApi, ISettingsService prSettings, + ISecurityExtensions security) { Record = record; Repo = repo; @@ -69,6 +70,7 @@ namespace PlexRequests.Services.Jobs SonarrSettings = sonarrSettings; CpSettings = cpsettings; HeadphoneSettings = hpSettings; + Security = security; PrSettings = prSettings.GetSettings(); } @@ -84,6 +86,7 @@ namespace PlexRequests.Services.Jobs private ISettingsService SickrageSettings { get; } private ISettingsService CpSettings { get; } private ISettingsService HeadphoneSettings { get; } + private ISecurityExtensions Security { get; } public void Execute(IJobExecutionContext context) { @@ -235,7 +238,7 @@ namespace PlexRequests.Services.Jobs if (result) { - if (model.Type.ShouldAutoApprove(PrSettings, false, model.RequestedUsers)) + if (ShouldAutoApprove(model.Type, PrSettings, model.RequestedUsers)) // Approve it now model.Approved = true; RequestService.UpdateRequest(model); @@ -296,5 +299,37 @@ namespace PlexRequests.Services.Jobs } } } + + public bool ShouldAutoApprove(RequestType requestType, PlexRequestSettings prSettings, List username) + { + if (prSettings.ApprovalWhiteList.Intersect(username).Any()) + { + return true; + } + + foreach (var user in username) + { + var admin = Security.HasPermissions(user, Permissions.Administrator); + // if the user is an admin or they are whitelisted, they go ahead and allow auto-approval + if (admin) return true; + + // check by request type if the category requires approval or not + switch (requestType) + { + case RequestType.Movie: + return Security.HasPermissions(user, Permissions.AutoApproveMovie) || + !prSettings.RequireMovieApproval; + case RequestType.TvShow: + return Security.HasPermissions(user, Permissions.AutoApproveTv) || + !prSettings.RequireTvShowApproval; + case RequestType.Album: + return Security.HasPermissions(user, Permissions.AutoApproveAlbum) || + !prSettings.RequireMusicApproval; + default: + return false; + } + } + return false; + } } } \ No newline at end of file diff --git a/PlexRequests.Services/PlexRequests.Services.csproj b/PlexRequests.Services/PlexRequests.Services.csproj index d22ed182b..928f56627 100644 --- a/PlexRequests.Services/PlexRequests.Services.csproj +++ b/PlexRequests.Services/PlexRequests.Services.csproj @@ -36,6 +36,10 @@ True + + ..\packages\Nancy.1.4.3\lib\net40\Nancy.dll + True + False ..\packages\Newtonsoft.Json.9.0.1\lib\net45\Newtonsoft.Json.dll diff --git a/PlexRequests.Services/packages.config b/PlexRequests.Services/packages.config index 1e68ad9b9..b847302ae 100644 --- a/PlexRequests.Services/packages.config +++ b/PlexRequests.Services/packages.config @@ -5,6 +5,7 @@ + \ No newline at end of file diff --git a/PlexRequests.UI.Tests/UserLoginModuleTests.cs b/PlexRequests.UI.Tests/UserLoginModuleTests.cs index 22f57750e..dfe72c9ab 100644 --- a/PlexRequests.UI.Tests/UserLoginModuleTests.cs +++ b/PlexRequests.UI.Tests/UserLoginModuleTests.cs @@ -42,6 +42,7 @@ using PlexRequests.Api.Interfaces; using PlexRequests.Api.Models.Plex; using PlexRequests.Core; using PlexRequests.Core.SettingModels; +using PlexRequests.Helpers; using PlexRequests.Helpers.Analytics; using PlexRequests.UI.Models; using PlexRequests.UI.Modules; diff --git a/PlexRequests.UI/Helpers/HtmlSecurityHelper.cs b/PlexRequests.UI/Helpers/HtmlSecurityHelper.cs index dfabdaaff..4f3898dc1 100644 --- a/PlexRequests.UI/Helpers/HtmlSecurityHelper.cs +++ b/PlexRequests.UI/Helpers/HtmlSecurityHelper.cs @@ -32,6 +32,7 @@ using Nancy.ViewEngines.Razor; using Ninject; using PlexRequests.Helpers.Permissions; using PlexRequests.Store.Repository; +using ISecurityExtensions = PlexRequests.Core.ISecurityExtensions; namespace PlexRequests.UI.Helpers { diff --git a/PlexRequests.UI/Modules/Admin/AdminModule.cs b/PlexRequests.UI/Modules/Admin/AdminModule.cs index 6f7f9d051..31f774cda 100644 --- a/PlexRequests.UI/Modules/Admin/AdminModule.cs +++ b/PlexRequests.UI/Modules/Admin/AdminModule.cs @@ -67,6 +67,7 @@ using PlexRequests.UI.Models; using Quartz; using Action = PlexRequests.Helpers.Analytics.Action; using HttpStatusCode = Nancy.HttpStatusCode; +using ISecurityExtensions = PlexRequests.Core.ISecurityExtensions; namespace PlexRequests.UI.Modules { diff --git a/PlexRequests.UI/Modules/Admin/FaultQueueModule.cs b/PlexRequests.UI/Modules/Admin/FaultQueueModule.cs index 1172be7af..996dbdcc6 100644 --- a/PlexRequests.UI/Modules/Admin/FaultQueueModule.cs +++ b/PlexRequests.UI/Modules/Admin/FaultQueueModule.cs @@ -37,6 +37,7 @@ using PlexRequests.Store.Models; using PlexRequests.Store.Repository; using PlexRequests.UI.Helpers; using PlexRequests.UI.Models; +using ISecurityExtensions = PlexRequests.Core.ISecurityExtensions; namespace PlexRequests.UI.Modules.Admin { diff --git a/PlexRequests.UI/Modules/Admin/SystemStatusModule.cs b/PlexRequests.UI/Modules/Admin/SystemStatusModule.cs index ac9745b59..9218df1f7 100644 --- a/PlexRequests.UI/Modules/Admin/SystemStatusModule.cs +++ b/PlexRequests.UI/Modules/Admin/SystemStatusModule.cs @@ -40,6 +40,7 @@ using PlexRequests.Helpers; using PlexRequests.Helpers.Permissions; using PlexRequests.UI.Helpers; using PlexRequests.UI.Models; +using ISecurityExtensions = PlexRequests.Core.ISecurityExtensions; namespace PlexRequests.UI.Modules.Admin { diff --git a/PlexRequests.UI/Modules/ApiDocsModule.cs b/PlexRequests.UI/Modules/ApiDocsModule.cs index a92a0e26a..552dcdf27 100644 --- a/PlexRequests.UI/Modules/ApiDocsModule.cs +++ b/PlexRequests.UI/Modules/ApiDocsModule.cs @@ -29,7 +29,9 @@ using Nancy.Responses.Negotiation; using PlexRequests.Core; using PlexRequests.Core.SettingModels; +using PlexRequests.Helpers.Permissions; using PlexRequests.UI.Helpers; +using ISecurityExtensions = PlexRequests.Core.ISecurityExtensions; namespace PlexRequests.UI.Modules { diff --git a/PlexRequests.UI/Modules/ApiRequestModule.cs b/PlexRequests.UI/Modules/ApiRequestModule.cs index 210ffa300..01c18ba57 100644 --- a/PlexRequests.UI/Modules/ApiRequestModule.cs +++ b/PlexRequests.UI/Modules/ApiRequestModule.cs @@ -36,9 +36,11 @@ using Newtonsoft.Json; using PlexRequests.Core; using PlexRequests.Core.SettingModels; +using PlexRequests.Helpers.Permissions; using PlexRequests.Store; using PlexRequests.UI.Helpers; using PlexRequests.UI.Models; +using ISecurityExtensions = PlexRequests.Core.ISecurityExtensions; namespace PlexRequests.UI.Modules { diff --git a/PlexRequests.UI/Modules/ApiSettingsModule.cs b/PlexRequests.UI/Modules/ApiSettingsModule.cs index bd8f700ca..dc0bbacfd 100644 --- a/PlexRequests.UI/Modules/ApiSettingsModule.cs +++ b/PlexRequests.UI/Modules/ApiSettingsModule.cs @@ -37,7 +37,9 @@ using Newtonsoft.Json; using PlexRequests.Core; using PlexRequests.Core.SettingModels; using PlexRequests.Helpers; +using PlexRequests.Helpers.Permissions; using PlexRequests.UI.Helpers; +using ISecurityExtensions = PlexRequests.Core.ISecurityExtensions; namespace PlexRequests.UI.Modules { diff --git a/PlexRequests.UI/Modules/ApiUserModule.cs b/PlexRequests.UI/Modules/ApiUserModule.cs index 38a77b119..fa6903e1e 100644 --- a/PlexRequests.UI/Modules/ApiUserModule.cs +++ b/PlexRequests.UI/Modules/ApiUserModule.cs @@ -32,9 +32,11 @@ using Nancy.ModelBinding; using PlexRequests.Core; using PlexRequests.Core.SettingModels; +using PlexRequests.Helpers.Permissions; using PlexRequests.Store; using PlexRequests.UI.Helpers; using PlexRequests.UI.Models; +using ISecurityExtensions = PlexRequests.Core.ISecurityExtensions; namespace PlexRequests.UI.Modules { diff --git a/PlexRequests.UI/Modules/ApplicationTesterModule.cs b/PlexRequests.UI/Modules/ApplicationTesterModule.cs index ec3fe6edd..ccdbba720 100644 --- a/PlexRequests.UI/Modules/ApplicationTesterModule.cs +++ b/PlexRequests.UI/Modules/ApplicationTesterModule.cs @@ -36,10 +36,12 @@ using NLog; using PlexRequests.Api.Interfaces; using PlexRequests.Core; using PlexRequests.Core.SettingModels; +using PlexRequests.Helpers.Permissions; using PlexRequests.Store; using PlexRequests.Store.Repository; using PlexRequests.UI.Helpers; using PlexRequests.UI.Models; +using ISecurityExtensions = PlexRequests.Core.ISecurityExtensions; namespace PlexRequests.UI.Modules { diff --git a/PlexRequests.UI/Modules/ApprovalModule.cs b/PlexRequests.UI/Modules/ApprovalModule.cs index c4af80583..6ecc54cd3 100644 --- a/PlexRequests.UI/Modules/ApprovalModule.cs +++ b/PlexRequests.UI/Modules/ApprovalModule.cs @@ -44,6 +44,7 @@ using PlexRequests.Helpers.Permissions; using PlexRequests.Store; using PlexRequests.UI.Helpers; using PlexRequests.UI.Models; +using ISecurityExtensions = PlexRequests.Core.ISecurityExtensions; namespace PlexRequests.UI.Modules { diff --git a/PlexRequests.UI/Modules/BaseApiModule.cs b/PlexRequests.UI/Modules/BaseApiModule.cs index 1652939fa..8dfc9ad2e 100644 --- a/PlexRequests.UI/Modules/BaseApiModule.cs +++ b/PlexRequests.UI/Modules/BaseApiModule.cs @@ -32,8 +32,10 @@ using Nancy.Validation; using PlexRequests.Core; using PlexRequests.Core.SettingModels; +using PlexRequests.Helpers.Permissions; using PlexRequests.Store; using PlexRequests.UI.Helpers; +using ISecurityExtensions = PlexRequests.Core.ISecurityExtensions; namespace PlexRequests.UI.Modules { diff --git a/PlexRequests.UI/Modules/BaseAuthModule.cs b/PlexRequests.UI/Modules/BaseAuthModule.cs index b4cfb6436..675b1c170 100644 --- a/PlexRequests.UI/Modules/BaseAuthModule.cs +++ b/PlexRequests.UI/Modules/BaseAuthModule.cs @@ -28,10 +28,10 @@ using Nancy; using Nancy.Extensions; -using PlexRequests.UI.Models; using PlexRequests.Core; using PlexRequests.Core.SettingModels; -using PlexRequests.UI.Helpers; +using PlexRequests.Helpers; +using ISecurityExtensions = PlexRequests.Core.ISecurityExtensions; namespace PlexRequests.UI.Modules { diff --git a/PlexRequests.UI/Modules/BaseModule.cs b/PlexRequests.UI/Modules/BaseModule.cs index 4dfa98122..b8fcb63e4 100644 --- a/PlexRequests.UI/Modules/BaseModule.cs +++ b/PlexRequests.UI/Modules/BaseModule.cs @@ -30,17 +30,13 @@ using System.Linq; using System.Threading; using Nancy; -using Nancy.Linker; using Nancy.Security; -using Ninject; using PlexRequests.Core; using PlexRequests.Core.SettingModels; using PlexRequests.Helpers; using PlexRequests.Helpers.Permissions; -using PlexRequests.Store; -using PlexRequests.Store.Repository; using PlexRequests.UI.Helpers; -using PlexRequests.UI.Models; +using ISecurityExtensions = PlexRequests.Core.ISecurityExtensions; namespace PlexRequests.UI.Modules { diff --git a/PlexRequests.UI/Modules/CultureModule.cs b/PlexRequests.UI/Modules/CultureModule.cs index d4b57c8e0..adf5c2348 100644 --- a/PlexRequests.UI/Modules/CultureModule.cs +++ b/PlexRequests.UI/Modules/CultureModule.cs @@ -35,7 +35,9 @@ using PlexRequests.Core; using PlexRequests.Core.SettingModels; using PlexRequests.Helpers; using PlexRequests.Helpers.Analytics; +using PlexRequests.Helpers.Permissions; using PlexRequests.UI.Helpers; +using ISecurityExtensions = PlexRequests.Core.ISecurityExtensions; namespace PlexRequests.UI.Modules { diff --git a/PlexRequests.UI/Modules/DonationLinkModule.cs b/PlexRequests.UI/Modules/DonationLinkModule.cs index 4562528d0..dc1a324b0 100644 --- a/PlexRequests.UI/Modules/DonationLinkModule.cs +++ b/PlexRequests.UI/Modules/DonationLinkModule.cs @@ -7,7 +7,9 @@ using NLog; using PlexRequests.Core; using PlexRequests.Core.SettingModels; using PlexRequests.Helpers; +using PlexRequests.Helpers.Permissions; using PlexRequests.UI.Helpers; +using ISecurityExtensions = PlexRequests.Core.ISecurityExtensions; namespace PlexRequests.UI.Modules { diff --git a/PlexRequests.UI/Modules/IndexModule.cs b/PlexRequests.UI/Modules/IndexModule.cs index 9d11a64d3..65cfbaaff 100644 --- a/PlexRequests.UI/Modules/IndexModule.cs +++ b/PlexRequests.UI/Modules/IndexModule.cs @@ -33,7 +33,9 @@ using Nancy.Responses; using PlexRequests.Core; using PlexRequests.Core.SettingModels; +using PlexRequests.Helpers.Permissions; using PlexRequests.UI.Helpers; +using ISecurityExtensions = PlexRequests.Core.ISecurityExtensions; namespace PlexRequests.UI.Modules { diff --git a/PlexRequests.UI/Modules/IssuesModule.cs b/PlexRequests.UI/Modules/IssuesModule.cs index 9611b1bcf..4dd7574e2 100644 --- a/PlexRequests.UI/Modules/IssuesModule.cs +++ b/PlexRequests.UI/Modules/IssuesModule.cs @@ -21,6 +21,7 @@ using PlexRequests.Services.Notification; using PlexRequests.Store; using PlexRequests.UI.Helpers; using PlexRequests.UI.Models; +using ISecurityExtensions = PlexRequests.Core.ISecurityExtensions; namespace PlexRequests.UI.Modules { diff --git a/PlexRequests.UI/Modules/LandingPageModule.cs b/PlexRequests.UI/Modules/LandingPageModule.cs index 36199f598..8f070764d 100644 --- a/PlexRequests.UI/Modules/LandingPageModule.cs +++ b/PlexRequests.UI/Modules/LandingPageModule.cs @@ -33,8 +33,10 @@ using Nancy.Linker; using PlexRequests.Api.Interfaces; using PlexRequests.Core; using PlexRequests.Core.SettingModels; +using PlexRequests.Helpers.Permissions; using PlexRequests.UI.Helpers; using PlexRequests.UI.Models; +using ISecurityExtensions = PlexRequests.Core.ISecurityExtensions; namespace PlexRequests.UI.Modules { diff --git a/PlexRequests.UI/Modules/LayoutModule.cs b/PlexRequests.UI/Modules/LayoutModule.cs index 46e03fc26..69e8b81ff 100644 --- a/PlexRequests.UI/Modules/LayoutModule.cs +++ b/PlexRequests.UI/Modules/LayoutModule.cs @@ -36,10 +36,12 @@ using PlexRequests.Core; using PlexRequests.Core.SettingModels; using PlexRequests.Core.StatusChecker; using PlexRequests.Helpers; +using PlexRequests.Helpers.Permissions; using PlexRequests.Services.Interfaces; using PlexRequests.Services.Jobs; using PlexRequests.UI.Helpers; using PlexRequests.UI.Models; +using ISecurityExtensions = PlexRequests.Core.ISecurityExtensions; namespace PlexRequests.UI.Modules { diff --git a/PlexRequests.UI/Modules/LoginModule.cs b/PlexRequests.UI/Modules/LoginModule.cs index 7c8c46f82..27b638eff 100644 --- a/PlexRequests.UI/Modules/LoginModule.cs +++ b/PlexRequests.UI/Modules/LoginModule.cs @@ -43,9 +43,8 @@ using PlexRequests.Helpers.Permissions; using PlexRequests.Store; using PlexRequests.Store.Repository; using PlexRequests.UI.Authentication; -using PlexRequests.UI.Helpers; using PlexRequests.UI.Models; -using ModuleExtensions = Nancy.Authentication.Forms.ModuleExtensions; +using ISecurityExtensions = PlexRequests.Core.ISecurityExtensions; namespace PlexRequests.UI.Modules { diff --git a/PlexRequests.UI/Modules/RequestsModule.cs b/PlexRequests.UI/Modules/RequestsModule.cs index 006efe026..c9442d26a 100644 --- a/PlexRequests.UI/Modules/RequestsModule.cs +++ b/PlexRequests.UI/Modules/RequestsModule.cs @@ -50,6 +50,7 @@ using PlexRequests.Helpers.Analytics; using PlexRequests.Helpers.Permissions; using PlexRequests.UI.Helpers; using Action = PlexRequests.Helpers.Analytics.Action; +using ISecurityExtensions = PlexRequests.Core.ISecurityExtensions; namespace PlexRequests.UI.Modules { diff --git a/PlexRequests.UI/Modules/SearchModule.cs b/PlexRequests.UI/Modules/SearchModule.cs index 53c4016b2..01ac48e64 100644 --- a/PlexRequests.UI/Modules/SearchModule.cs +++ b/PlexRequests.UI/Modules/SearchModule.cs @@ -68,6 +68,7 @@ using TMDbLib.Objects.General; using Action = PlexRequests.Helpers.Analytics.Action; using EpisodesModel = PlexRequests.Store.EpisodesModel; +using ISecurityExtensions = PlexRequests.Core.ISecurityExtensions; namespace PlexRequests.UI.Modules { @@ -139,7 +140,7 @@ namespace PlexRequests.UI.Modules Get["/episodes", true] = async (x, ct) => await GetEpisodes(); } - private IRepository PlexContentRepository { get; } + private IRepository PlexContentRepository { get; } private TvMazeApi TvApi { get; } private IPlexApi PlexApi { get; } private TheMovieDbApi MovieApi { get; } @@ -563,7 +564,7 @@ namespace PlexRequests.UI.Modules }; try { - if (RequestType.Movie.ShouldAutoApprove(settings, IsAdmin, Username)) + if (ShouldAutoApprove(RequestType.Movie, settings, Username)) { var cpSettings = await CpService.GetSettingsAsync(); model.Approved = true; @@ -888,7 +889,7 @@ namespace PlexRequests.UI.Modules try { - if (RequestType.TvShow.ShouldAutoApprove(settings, IsAdmin, Username)) + if (ShouldAutoApprove(RequestType.TvShow, settings, Username)) { model.Approved = true; var s = await sonarrSettings; @@ -984,10 +985,10 @@ namespace PlexRequests.UI.Modules private bool ShouldSendNotification(RequestType type, PlexRequestSettings prSettings) { - var sendNotification = type.ShouldAutoApprove(prSettings, IsAdmin, Username) + var sendNotification = ShouldAutoApprove(type, prSettings, Username) ? !prSettings.IgnoreNotifyForAutoApprovedRequests : true; - + if (IsAdmin) { sendNotification = false; // Don't bother sending a notification if the user is an admin @@ -1092,7 +1093,7 @@ namespace PlexRequests.UI.Modules try { - if (RequestType.Album.ShouldAutoApprove(settings, IsAdmin, Username)) + if (ShouldAutoApprove(RequestType.Album, settings, Username)) { model.Approved = true; var hpSettings = HeadphonesService.GetSettings(); @@ -1424,5 +1425,28 @@ namespace PlexRequests.UI.Modules var diff = model.Episodes.Except(available); return diff; } + + public bool ShouldAutoApprove(RequestType requestType, PlexRequestSettings prSettings, string username) + { + var admin = Security.HasPermissions(Context.CurrentUser, Permissions.Administrator); + // if the user is an admin or they are whitelisted, they go ahead and allow auto-approval + if (admin || prSettings.ApprovalWhiteList.Any(x => x.Equals(username, StringComparison.OrdinalIgnoreCase))) return true; + + // check by request type if the category requires approval or not + switch (requestType) + { + case RequestType.Movie: + return Security.HasPermissions(User, Permissions.AutoApproveMovie) || + !prSettings.RequireMovieApproval; + case RequestType.TvShow: + return Security.HasPermissions(User, Permissions.AutoApproveTv) || + !prSettings.RequireTvShowApproval; + case RequestType.Album: + return Security.HasPermissions(User, Permissions.AutoApproveAlbum) || + !prSettings.RequireMusicApproval; + default: + return false; + } + } } } diff --git a/PlexRequests.UI/Modules/UserLoginModule.cs b/PlexRequests.UI/Modules/UserLoginModule.cs index 760d4b267..547b902f7 100644 --- a/PlexRequests.UI/Modules/UserLoginModule.cs +++ b/PlexRequests.UI/Modules/UserLoginModule.cs @@ -32,8 +32,6 @@ using System.Threading.Tasks; using Nancy; using Nancy.Extensions; using Nancy.Linker; -using Nancy.Responses.Negotiation; - using NLog; using PlexRequests.Api.Interfaces; @@ -45,9 +43,7 @@ using PlexRequests.Helpers.Analytics; using PlexRequests.Store; using PlexRequests.Store.Repository; using PlexRequests.UI.Authentication; -using PlexRequests.UI.Helpers; -using PlexRequests.UI.Models; -using ModuleExtensions = Nancy.Authentication.Forms.ModuleExtensions; +using ISecurityExtensions = PlexRequests.Core.ISecurityExtensions; namespace PlexRequests.UI.Modules diff --git a/PlexRequests.UI/Modules/UserManagementModule.cs b/PlexRequests.UI/Modules/UserManagementModule.cs index bae4b5740..34f6c5ce7 100644 --- a/PlexRequests.UI/Modules/UserManagementModule.cs +++ b/PlexRequests.UI/Modules/UserManagementModule.cs @@ -17,9 +17,10 @@ using PlexRequests.Helpers.Permissions; using PlexRequests.Store; using PlexRequests.Store.Models; using PlexRequests.Store.Repository; -using PlexRequests.UI.Helpers; using PlexRequests.UI.Models; +using ISecurityExtensions = PlexRequests.Core.ISecurityExtensions; + namespace PlexRequests.UI.Modules { public class UserManagementModule : BaseModule diff --git a/PlexRequests.UI/Modules/UserWizardModule.cs b/PlexRequests.UI/Modules/UserWizardModule.cs index b05b190ab..0abee15d4 100644 --- a/PlexRequests.UI/Modules/UserWizardModule.cs +++ b/PlexRequests.UI/Modules/UserWizardModule.cs @@ -29,10 +29,8 @@ using System.Linq; using System.Threading.Tasks; using Nancy; -using Nancy.Authentication.Forms; using Nancy.Extensions; using Nancy.ModelBinding; -using Nancy.Responses.Negotiation; using Nancy.Validation; using NLog; using PlexRequests.Api.Interfaces; @@ -44,6 +42,7 @@ using PlexRequests.Helpers.Permissions; using PlexRequests.UI.Authentication; using PlexRequests.UI.Helpers; using PlexRequests.UI.Models; +using ISecurityExtensions = PlexRequests.Core.ISecurityExtensions; using Action = PlexRequests.Helpers.Analytics.Action; diff --git a/PlexRequests.UI/NinjectModules/ConfigurationModule.cs b/PlexRequests.UI/NinjectModules/ConfigurationModule.cs index 5efb59832..bbf57a660 100644 --- a/PlexRequests.UI/NinjectModules/ConfigurationModule.cs +++ b/PlexRequests.UI/NinjectModules/ConfigurationModule.cs @@ -25,8 +25,6 @@ // ************************************************************************/ #endregion using Mono.Data.Sqlite; - -using Nancy; using Nancy.Authentication.Forms; using Ninject.Modules; @@ -38,7 +36,8 @@ using PlexRequests.Helpers; using PlexRequests.Services.Interfaces; using PlexRequests.Services.Notification; using PlexRequests.Store; -using PlexRequests.UI.Helpers; +using ISecurityExtensions = PlexRequests.Core.ISecurityExtensions; +using SecurityExtensions = PlexRequests.Core.SecurityExtensions; namespace PlexRequests.UI.NinjectModules { diff --git a/PlexRequests.UI/PlexRequests.UI.csproj b/PlexRequests.UI/PlexRequests.UI.csproj index 2b4845cb0..9e02ae2f6 100644 --- a/PlexRequests.UI/PlexRequests.UI.csproj +++ b/PlexRequests.UI/PlexRequests.UI.csproj @@ -215,8 +215,6 @@ - - @@ -326,7 +324,6 @@ - diff --git a/PlexRequests.UI/Views/Shared/Partial/_Navbar.cshtml b/PlexRequests.UI/Views/Shared/Partial/_Navbar.cshtml index 008884542..b3bba3bba 100644 --- a/PlexRequests.UI/Views/Shared/Partial/_Navbar.cshtml +++ b/PlexRequests.UI/Views/Shared/Partial/_Navbar.cshtml @@ -2,6 +2,7 @@ @using Nancy.Session @using Nancy; @using PlexRequests.Core.SettingModels +@using PlexRequests.Helpers @using PlexRequests.UI.Helpers @using PlexRequests.UI.Models @using PlexRequests.UI.Resources