Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix FirstTimeSetupHandler not failing on invalid user if not in setup mode #9747

Merged
merged 3 commits into from
May 10, 2023

Conversation

Shadowghost
Copy link
Contributor

@Shadowghost Shadowghost commented May 9, 2023

FirstTimeSetupHandler did not prevent unauthed access after checking if the server is in setup mode.

This PR fixes that and adds 401 response annotations to applicable SystemController endpoints.

@github-actions
Copy link

github-actions bot commented May 9, 2023

Changes in OpenAPI specification found. Expand to see details.

What's Changed


GET /System/Logs/Log
Return Type:

Changed response : 403 Forbidden

User does not have permission to get log files.

  • New content type : application/json

  • New content type : application/json; profile="CamelCase"

  • New content type : application/json; profile="PascalCase"

POST /System/Restart
Return Type:

Changed response : 403 Forbidden

User does not have permission to restart server.

  • New content type : application/json

  • New content type : application/json; profile="CamelCase"

  • New content type : application/json; profile="PascalCase"

POST /System/Shutdown
Return Type:

Changed response : 403 Forbidden

User does not have permission to shutdown server.

  • New content type : application/json

  • New content type : application/json; profile="CamelCase"

  • New content type : application/json; profile="PascalCase"

GET /System/Endpoint
Return Type:

Changed response : 403 Forbidden

User does not have permission to get endpoint information.

  • New content type : application/json

  • New content type : application/json; profile="CamelCase"

  • New content type : application/json; profile="PascalCase"

GET /System/Logs
Return Type:

Changed response : 403 Forbidden

User does not have permission to get server logs.

  • New content type : application/json

  • New content type : application/json; profile="CamelCase"

  • New content type : application/json; profile="PascalCase"

GET /System/Info
Return Type:

Changed response : 403 Forbidden

User does not have permission to retrieve information.

  • New content type : application/json

  • New content type : application/json; profile="CamelCase"

  • New content type : application/json; profile="PascalCase"

@crobibero crobibero merged commit d5fec49 into jellyfin:master May 10, 2023
18 checks passed
@Shadowghost Shadowghost deleted the fix-firsttimesetup branch May 25, 2023 06:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

4 participants