mirror of
https://github.com/jellyfin/jellyfin.git
synced 2025-12-16 14:03:03 +03:00
Return NotFound when itemId isn't found
This commit is contained in:
Bond_009
@@ -99,12 +99,17 @@ public class ImageController : BaseJellyfinApiController
|
||||
[FromRoute, Required] ImageType imageType,
|
||||
[FromQuery] int? index = null)
|
||||
{
|
||||
var user = _userManager.GetUserById(userId);
|
||||
if (user is null)
|
||||
{
|
||||
return NotFound();
|
||||
}
|
||||
|
||||
if (!RequestHelpers.AssertCanUpdateUser(_userManager, HttpContext.User, userId, true))
|
||||
{
|
||||
return StatusCode(StatusCodes.Status403Forbidden, "User is not allowed to update the image.");
|
||||
}
|
||||
|
||||
var user = _userManager.GetUserById(userId);
|
||||
var memoryStream = await GetMemoryStream(Request.Body).ConfigureAwait(false);
|
||||
await using (memoryStream.ConfigureAwait(false))
|
||||
{
|
||||
@@ -148,12 +153,17 @@ public class ImageController : BaseJellyfinApiController
|
||||
[FromRoute, Required] ImageType imageType,
|
||||
[FromRoute] int index)
|
||||
{
|
||||
var user = _userManager.GetUserById(userId);
|
||||
if (user is null)
|
||||
{
|
||||
return NotFound();
|
||||
}
|
||||
|
||||
if (!RequestHelpers.AssertCanUpdateUser(_userManager, HttpContext.User, userId, true))
|
||||
{
|
||||
return StatusCode(StatusCodes.Status403Forbidden, "User is not allowed to update the image.");
|
||||
}
|
||||
|
||||
var user = _userManager.GetUserById(userId);
|
||||
var memoryStream = await GetMemoryStream(Request.Body).ConfigureAwait(false);
|
||||
await using (memoryStream.ConfigureAwait(false))
|
||||
{
|
||||
|
||||
@@ -815,6 +815,11 @@ public class ItemsController : BaseJellyfinApiController
|
||||
[FromQuery] bool excludeActiveSessions = false)
|
||||
{
|
||||
var user = _userManager.GetUserById(userId);
|
||||
if (user is null)
|
||||
{
|
||||
return NotFound();
|
||||
}
|
||||
|
||||
var parentIdGuid = parentId ?? Guid.Empty;
|
||||
var dtoOptions = new DtoOptions { Fields = fields }
|
||||
.AddClientFields(User)
|
||||
|
||||
@@ -452,6 +452,10 @@ public class LibraryController : BaseJellyfinApiController
|
||||
if (user is not null)
|
||||
{
|
||||
parent = TranslateParentItem(parent, user);
|
||||
if (parent is null)
|
||||
{
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
baseItemDtos.Add(_dtoService.GetBaseItemDto(parent, dtoOptions, user));
|
||||
|
||||
@@ -1211,7 +1211,7 @@ public class LiveTvController : BaseJellyfinApiController
|
||||
|
||||
private async Task AssertUserCanManageLiveTv()
|
||||
{
|
||||
var user = _userManager.GetUserById(User.GetUserId());
|
||||
var user = _userManager.GetUserById(User.GetUserId()) ?? throw new ResourceNotFoundException();
|
||||
var session = await _sessionManager.LogSessionActivity(
|
||||
User.GetClient(),
|
||||
User.GetVersion(),
|
||||
|
||||
@@ -158,6 +158,11 @@ public class MusicGenresController : BaseJellyfinApiController
|
||||
item = _libraryManager.GetMusicGenre(genreName);
|
||||
}
|
||||
|
||||
if (item is null)
|
||||
{
|
||||
return NotFound();
|
||||
}
|
||||
|
||||
if (userId.HasValue && !userId.Value.Equals(default))
|
||||
{
|
||||
var user = _userManager.GetUserById(userId.Value);
|
||||
|
||||
@@ -77,6 +77,11 @@ public class PlaystateController : BaseJellyfinApiController
|
||||
[FromQuery, ModelBinder(typeof(LegacyDateTimeModelBinder))] DateTime? datePlayed)
|
||||
{
|
||||
var user = _userManager.GetUserById(userId);
|
||||
if (user is null)
|
||||
{
|
||||
return NotFound();
|
||||
}
|
||||
|
||||
var session = await RequestHelpers.GetSession(_sessionManager, _userManager, HttpContext).ConfigureAwait(false);
|
||||
|
||||
var item = _libraryManager.GetItemById(itemId);
|
||||
@@ -89,6 +94,11 @@ public class PlaystateController : BaseJellyfinApiController
|
||||
foreach (var additionalUserInfo in session.AdditionalUsers)
|
||||
{
|
||||
var additionalUser = _userManager.GetUserById(additionalUserInfo.UserId);
|
||||
if (additionalUser is null)
|
||||
{
|
||||
return NotFound();
|
||||
}
|
||||
|
||||
UpdatePlayedStatus(additionalUser, item, true, datePlayed);
|
||||
}
|
||||
|
||||
@@ -109,6 +119,11 @@ public class PlaystateController : BaseJellyfinApiController
|
||||
public async Task<ActionResult<UserItemDataDto>> MarkUnplayedItem([FromRoute, Required] Guid userId, [FromRoute, Required] Guid itemId)
|
||||
{
|
||||
var user = _userManager.GetUserById(userId);
|
||||
if (user is null)
|
||||
{
|
||||
return NotFound();
|
||||
}
|
||||
|
||||
var session = await RequestHelpers.GetSession(_sessionManager, _userManager, HttpContext).ConfigureAwait(false);
|
||||
var item = _libraryManager.GetItemById(itemId);
|
||||
|
||||
@@ -121,6 +136,11 @@ public class PlaystateController : BaseJellyfinApiController
|
||||
foreach (var additionalUserInfo in session.AdditionalUsers)
|
||||
{
|
||||
var additionalUser = _userManager.GetUserById(additionalUserInfo.UserId);
|
||||
if (additionalUser is null)
|
||||
{
|
||||
return NotFound();
|
||||
}
|
||||
|
||||
UpdatePlayedStatus(additionalUser, item, false, null);
|
||||
}
|
||||
|
||||
|
||||
@@ -75,6 +75,10 @@ public class SessionController : BaseJellyfinApiController
|
||||
result = result.Where(i => i.SupportsRemoteControl);
|
||||
|
||||
var user = _userManager.GetUserById(controllableByUserId.Value);
|
||||
if (user is null)
|
||||
{
|
||||
return NotFound();
|
||||
}
|
||||
|
||||
if (!user.HasPermission(PermissionKind.EnableRemoteControlOfOtherUsers))
|
||||
{
|
||||
|
||||
@@ -147,6 +147,11 @@ public class UserController : BaseJellyfinApiController
|
||||
public async Task<ActionResult> DeleteUser([FromRoute, Required] Guid userId)
|
||||
{
|
||||
var user = _userManager.GetUserById(userId);
|
||||
if (user is null)
|
||||
{
|
||||
return NotFound();
|
||||
}
|
||||
|
||||
await _sessionManager.RevokeUserTokens(user.Id, null).ConfigureAwait(false);
|
||||
await _userManager.DeleteUserAsync(userId).ConfigureAwait(false);
|
||||
return NoContent();
|
||||
@@ -281,8 +286,8 @@ public class UserController : BaseJellyfinApiController
|
||||
{
|
||||
var success = await _userManager.AuthenticateUser(
|
||||
user.Username,
|
||||
request.CurrentPw,
|
||||
request.CurrentPw,
|
||||
request.CurrentPw ?? string.Empty,
|
||||
request.CurrentPw ?? string.Empty,
|
||||
HttpContext.GetNormalizedRemoteIp().ToString(),
|
||||
false).ConfigureAwait(false);
|
||||
|
||||
@@ -292,7 +297,7 @@ public class UserController : BaseJellyfinApiController
|
||||
}
|
||||
}
|
||||
|
||||
await _userManager.ChangePassword(user, request.NewPw).ConfigureAwait(false);
|
||||
await _userManager.ChangePassword(user, request.NewPw ?? string.Empty).ConfigureAwait(false);
|
||||
|
||||
var currentToken = User.GetToken();
|
||||
|
||||
@@ -338,7 +343,7 @@ public class UserController : BaseJellyfinApiController
|
||||
}
|
||||
else
|
||||
{
|
||||
await _userManager.ChangeEasyPassword(user, request.NewPw, request.NewPassword).ConfigureAwait(false);
|
||||
await _userManager.ChangeEasyPassword(user, request.NewPw ?? string.Empty, request.NewPassword ?? string.Empty).ConfigureAwait(false);
|
||||
}
|
||||
|
||||
return NoContent();
|
||||
@@ -362,13 +367,17 @@ public class UserController : BaseJellyfinApiController
|
||||
[FromRoute, Required] Guid userId,
|
||||
[FromBody, Required] UserDto updateUser)
|
||||
{
|
||||
var user = _userManager.GetUserById(userId);
|
||||
if (user is null)
|
||||
{
|
||||
return NotFound();
|
||||
}
|
||||
|
||||
if (!RequestHelpers.AssertCanUpdateUser(_userManager, User, userId, true))
|
||||
{
|
||||
return StatusCode(StatusCodes.Status403Forbidden, "User update not allowed.");
|
||||
}
|
||||
|
||||
var user = _userManager.GetUserById(userId);
|
||||
|
||||
if (!string.Equals(user.Username, updateUser.Name, StringComparison.Ordinal))
|
||||
{
|
||||
await _userManager.RenameUser(user, updateUser.Name).ConfigureAwait(false);
|
||||
@@ -398,6 +407,10 @@ public class UserController : BaseJellyfinApiController
|
||||
[FromBody, Required] UserPolicy newPolicy)
|
||||
{
|
||||
var user = _userManager.GetUserById(userId);
|
||||
if (user is null)
|
||||
{
|
||||
return NotFound();
|
||||
}
|
||||
|
||||
// If removing admin access
|
||||
if (!newPolicy.IsAdministrator && user.HasPermission(PermissionKind.IsAdministrator))
|
||||
|
||||
@@ -79,10 +79,18 @@ public class UserLibraryController : BaseJellyfinApiController
|
||||
public async Task<ActionResult<BaseItemDto>> GetItem([FromRoute, Required] Guid userId, [FromRoute, Required] Guid itemId)
|
||||
{
|
||||
var user = _userManager.GetUserById(userId);
|
||||
if (user is null)
|
||||
{
|
||||
return NotFound();
|
||||
}
|
||||
|
||||
var item = itemId.Equals(default)
|
||||
? _libraryManager.GetUserRootFolder()
|
||||
: _libraryManager.GetItemById(itemId);
|
||||
if (item is null)
|
||||
{
|
||||
return NotFound();
|
||||
}
|
||||
|
||||
await RefreshItemOnDemandIfNeeded(item).ConfigureAwait(false);
|
||||
|
||||
@@ -102,6 +110,11 @@ public class UserLibraryController : BaseJellyfinApiController
|
||||
public ActionResult<BaseItemDto> GetRootFolder([FromRoute, Required] Guid userId)
|
||||
{
|
||||
var user = _userManager.GetUserById(userId);
|
||||
if (user is null)
|
||||
{
|
||||
return NotFound();
|
||||
}
|
||||
|
||||
var item = _libraryManager.GetUserRootFolder();
|
||||
var dtoOptions = new DtoOptions().AddClientFields(User);
|
||||
return _dtoService.GetBaseItemDto(item, dtoOptions, user);
|
||||
@@ -119,10 +132,18 @@ public class UserLibraryController : BaseJellyfinApiController
|
||||
public async Task<ActionResult<QueryResult<BaseItemDto>>> GetIntros([FromRoute, Required] Guid userId, [FromRoute, Required] Guid itemId)
|
||||
{
|
||||
var user = _userManager.GetUserById(userId);
|
||||
if (user is null)
|
||||
{
|
||||
return NotFound();
|
||||
}
|
||||
|
||||
var item = itemId.Equals(default)
|
||||
? _libraryManager.GetUserRootFolder()
|
||||
: _libraryManager.GetItemById(itemId);
|
||||
if (item is null)
|
||||
{
|
||||
return NotFound();
|
||||
}
|
||||
|
||||
var items = await _libraryManager.GetIntros(item, user).ConfigureAwait(false);
|
||||
var dtoOptions = new DtoOptions().AddClientFields(User);
|
||||
@@ -200,10 +221,18 @@ public class UserLibraryController : BaseJellyfinApiController
|
||||
public ActionResult<IEnumerable<BaseItemDto>> GetLocalTrailers([FromRoute, Required] Guid userId, [FromRoute, Required] Guid itemId)
|
||||
{
|
||||
var user = _userManager.GetUserById(userId);
|
||||
if (user is null)
|
||||
{
|
||||
return NotFound();
|
||||
}
|
||||
|
||||
var item = itemId.Equals(default)
|
||||
? _libraryManager.GetUserRootFolder()
|
||||
: _libraryManager.GetItemById(itemId);
|
||||
if (item is null)
|
||||
{
|
||||
return NotFound();
|
||||
}
|
||||
|
||||
var dtoOptions = new DtoOptions().AddClientFields(User);
|
||||
|
||||
@@ -230,10 +259,18 @@ public class UserLibraryController : BaseJellyfinApiController
|
||||
public ActionResult<IEnumerable<BaseItemDto>> GetSpecialFeatures([FromRoute, Required] Guid userId, [FromRoute, Required] Guid itemId)
|
||||
{
|
||||
var user = _userManager.GetUserById(userId);
|
||||
if (user is null)
|
||||
{
|
||||
return NotFound();
|
||||
}
|
||||
|
||||
var item = itemId.Equals(default)
|
||||
? _libraryManager.GetUserRootFolder()
|
||||
: _libraryManager.GetItemById(itemId);
|
||||
if (item is null)
|
||||
{
|
||||
return NotFound();
|
||||
}
|
||||
|
||||
var dtoOptions = new DtoOptions().AddClientFields(User);
|
||||
|
||||
@@ -275,6 +312,10 @@ public class UserLibraryController : BaseJellyfinApiController
|
||||
[FromQuery] bool groupItems = true)
|
||||
{
|
||||
var user = _userManager.GetUserById(userId);
|
||||
if (user is null)
|
||||
{
|
||||
return NotFound();
|
||||
}
|
||||
|
||||
if (!isPlayed.HasValue)
|
||||
{
|
||||
|
||||
@@ -155,7 +155,12 @@ public class VideosController : BaseJellyfinApiController
|
||||
|
||||
if (video.LinkedAlternateVersions.Length == 0)
|
||||
{
|
||||
video = (Video)_libraryManager.GetItemById(video.PrimaryVersionId);
|
||||
video = (Video?)_libraryManager.GetItemById(video.PrimaryVersionId);
|
||||
}
|
||||
|
||||
if (video is null)
|
||||
{
|
||||
return NotFound();
|
||||
}
|
||||
|
||||
foreach (var link in video.GetLinkedAlternateVersions())
|
||||
|
||||
Reference in New Issue
Block a user