Fixed issue where using the API to request a movie/tv show would throw an exception when only using the API Key #3091

pull/3200/head
tidusjar 5 years ago
parent 25186ba149
commit 769343a128

@ -1,4 +1,5 @@
using System.Security.Principal; using System;
using System.Security.Principal;
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.EntityFrameworkCore; using Microsoft.EntityFrameworkCore;
using Ombi.Core.Authentication; using Ombi.Core.Authentication;
@ -23,8 +24,8 @@ namespace Ombi.Core.Rule.Rules.Request
public async Task<RuleResult> Execute(BaseRequest obj) public async Task<RuleResult> Execute(BaseRequest obj)
{ {
var user = await _manager.Users.FirstOrDefaultAsync(x => x.UserName == User.Identity.Name); var user = await _manager.Users.FirstOrDefaultAsync(x => x.UserName.Equals(User.Identity.Name, StringComparison.InvariantCultureIgnoreCase));
if (await _manager.IsInRoleAsync(user, OmbiRoles.Admin)) if (await _manager.IsInRoleAsync(user, OmbiRoles.Admin) || user.IsSystemUser)
{ {
obj.Approved = true; obj.Approved = true;
return Success(); return Success();

@ -1,3 +1,4 @@
using System;
using Ombi.Store.Entities; using Ombi.Store.Entities;
using System.IO; using System.IO;
using System.Security.Claims; using System.Security.Claims;
@ -25,8 +26,8 @@ namespace Ombi.Core.Rule.Rules.Request
public async Task<RuleResult> Execute(BaseRequest obj) public async Task<RuleResult> Execute(BaseRequest obj)
{ {
var user = await _manager.Users.FirstOrDefaultAsync(x => x.UserName == User.Identity.Name); var user = await _manager.Users.FirstOrDefaultAsync(x => x.UserName.Equals(User.Identity.Name, StringComparison.InvariantCultureIgnoreCase));
if (await _manager.IsInRoleAsync(user, OmbiRoles.Admin)) if (await _manager.IsInRoleAsync(user, OmbiRoles.Admin) || user.IsSystemUser)
return Success(); return Success();
if (obj.RequestType == RequestType.Movie) if (obj.RequestType == RequestType.Movie)

@ -50,7 +50,7 @@ namespace Ombi.Core.Rule.Rules.Specific
} }
} }
if (await UserManager.IsInRoleAsync(requestedUser, OmbiRoles.Admin)) if (await UserManager.IsInRoleAsync(requestedUser, OmbiRoles.Admin) || requestedUser.IsSystemUser)
{ {
sendNotification = false; // Don't bother sending a notification if the user is an admin sendNotification = false; // Don't bother sending a notification if the user is an admin
} }

@ -101,7 +101,6 @@ namespace Ombi.Store.Context
UserName = "Api", UserName = "Api",
UserType = UserType.SystemUser, UserType = UserType.SystemUser,
NormalizedUserName = "API", NormalizedUserName = "API",
}); });
SaveChanges(); SaveChanges();
tran.Commit(); tran.Commit();

@ -233,6 +233,8 @@ namespace Ombi.Controllers
await CreateRole(OmbiRoles.AutoApproveMovie); await CreateRole(OmbiRoles.AutoApproveMovie);
await CreateRole(OmbiRoles.Admin); await CreateRole(OmbiRoles.Admin);
await CreateRole(OmbiRoles.AutoApproveTv); await CreateRole(OmbiRoles.AutoApproveTv);
await CreateRole(OmbiRoles.AutoApproveMusic);
await CreateRole(OmbiRoles.RequestMusic);
await CreateRole(OmbiRoles.PowerUser); await CreateRole(OmbiRoles.PowerUser);
await CreateRole(OmbiRoles.RequestMovie); await CreateRole(OmbiRoles.RequestMovie);
await CreateRole(OmbiRoles.RequestTv); await CreateRole(OmbiRoles.RequestTv);
@ -279,7 +281,7 @@ namespace Ombi.Controllers
[Authorize] [Authorize]
public async Task<UserViewModel> GetCurrentUser() public async Task<UserViewModel> GetCurrentUser()
{ {
var user = await UserManager.Users.FirstOrDefaultAsync(x => x.UserName == User.Identity.Name); var user = await UserManager.Users.FirstOrDefaultAsync(x => x.UserName.Equals(User.Identity.Name, StringComparison.InvariantCultureIgnoreCase));
return await GetUserWithRoles(user); return await GetUserWithRoles(user);
} }
@ -873,7 +875,7 @@ namespace Ombi.Controllers
[ApiExplorerSettings(IgnoreApi = true)] [ApiExplorerSettings(IgnoreApi = true)]
public async Task<string> GetUserAccessToken() public async Task<string> GetUserAccessToken()
{ {
var user = await UserManager.Users.FirstOrDefaultAsync(x => x.UserName == User.Identity.Name); var user = await UserManager.Users.FirstOrDefaultAsync(x => x.UserName.Equals(User.Identity.Name, StringComparison.InvariantCultureIgnoreCase));
if (user == null) if (user == null)
{ {
return Guid.Empty.ToString("N"); return Guid.Empty.ToString("N");
@ -895,7 +897,7 @@ namespace Ombi.Controllers
[HttpGet("notificationpreferences")] [HttpGet("notificationpreferences")]
public async Task<List<UserNotificationPreferences>> GetUserPreferences() public async Task<List<UserNotificationPreferences>> GetUserPreferences()
{ {
var user = await UserManager.Users.FirstOrDefaultAsync(x => x.UserName == User.Identity.Name); var user = await UserManager.Users.FirstOrDefaultAsync(x => x.UserName.Equals(User.Identity.Name, StringComparison.InvariantCultureIgnoreCase));
return await GetPreferences(user); return await GetPreferences(user);
} }
@ -948,7 +950,7 @@ namespace Ombi.Controllers
return NotFound(); return NotFound();
} }
// Check if we are editing a different user than ourself, if we are then we need to power user role // Check if we are editing a different user than ourself, if we are then we need to power user role
var me = await UserManager.Users.FirstOrDefaultAsync(x => x.UserName == User.Identity.Name); var me = await UserManager.Users.FirstOrDefaultAsync(x => x.UserName.Equals(User.Identity.Name, StringComparison.InvariantCultureIgnoreCase));
if (!me.Id.Equals(user.Id, StringComparison.InvariantCultureIgnoreCase)) if (!me.Id.Equals(user.Id, StringComparison.InvariantCultureIgnoreCase))
{ {
var isPowerUser = await UserManager.IsInRoleAsync(me, OmbiRoles.PowerUser); var isPowerUser = await UserManager.IsInRoleAsync(me, OmbiRoles.PowerUser);

@ -187,7 +187,7 @@ namespace Ombi.Controllers
Comment = c.Comment, Comment = c.Comment,
Date = c.Date, Date = c.Date,
Username = c.User.UserAlias, Username = c.User.UserAlias,
AdminComment = roles.Contains(OmbiRoles.PowerUser) || roles.Contains(OmbiRoles.Admin) AdminComment = roles.Contains(OmbiRoles.PowerUser) || roles.Contains(OmbiRoles.Admin) || c.User.IsSystemUser
}); });
} }
return vm; return vm;
@ -223,7 +223,7 @@ namespace Ombi.Controllers
UserId = user.Id UserId = user.Id
}; };
var isAdmin = await _userManager.IsInRoleAsync(user, OmbiRoles.Admin); var isAdmin = await _userManager.IsInRoleAsync(user, OmbiRoles.Admin) || user.IsSystemUser;
AddIssueNotificationSubstitutes(notificationModel, issue, issue.UserReported.UserAlias); AddIssueNotificationSubstitutes(notificationModel, issue, issue.UserReported.UserAlias);
notificationModel.Substitutes.Add("NewIssueComment", comment.Comment); notificationModel.Substitutes.Add("NewIssueComment", comment.Comment);
notificationModel.Substitutes.Add("AdminComment", isAdmin.ToString()); notificationModel.Substitutes.Add("AdminComment", isAdmin.ToString());

@ -40,7 +40,7 @@ namespace Ombi.Controllers
{ {
if (body?.PlayerId.HasValue() ?? false) if (body?.PlayerId.HasValue() ?? false)
{ {
var user = await _userManager.Users.FirstOrDefaultAsync(x => x.UserName == User.Identity.Name); var user = await _userManager.Users.FirstOrDefaultAsync(x => x.UserName.Equals(User.Identity.Name, StringComparison.InvariantCultureIgnoreCase));
// Check if we already have this notification id // Check if we already have this notification id
var alreadyExists = await _notification.GetAll().AnyAsync(x => x.PlayerId == body.PlayerId && x.UserId == user.Id); var alreadyExists = await _notification.GetAll().AnyAsync(x => x.PlayerId == body.PlayerId && x.UserId == user.Id);

Loading…
Cancel
Save