dvr access "all" should not be restricted by channel numbers

tvheadend · Apr 11, 2016 · e10d32c · e10d32c
1 parent a40989e
commit e10d32c
Showing 1 changed file with 9 additions and 42 deletions.
diff --git a/src/htsp_server.c b/src/htsp_server.c
@@ -1466,8 +1466,7 @@ htsp_method_async(htsp_connection_t *htsp, htsmsg_t *in)
 
   /* Send all DVR entries */
   LIST_FOREACH(de, &dvrentries, de_global_link)
-    if (!dvr_entry_verify(de, htsp->htsp_granted_access, 1) &&
-        htsp_user_access_channel(htsp, de->de_channel))
+    if (!dvr_entry_verify(de, htsp->htsp_granted_access, 1))
       htsp_send_message(htsp, htsp_build_dvrentry(htsp, de, "dvrEntryAdd", htsp->htsp_language), NULL);
 
   /* Send EPG updates */
@@ -1857,7 +1856,7 @@ htsp_method_addDvrEntry(htsp_connection_t *htsp, htsmsg_t *in)
  * Find DVR entry
  */
 static dvr_entry_t *
-htsp_findDvrEntry(htsp_connection_t *htsp, htsmsg_t *in, htsmsg_t **out, int chn)
+htsp_findDvrEntry(htsp_connection_t *htsp, htsmsg_t *in, htsmsg_t **out, int readonly)
 {
   uint32_t dvrEntryId;
   dvr_entry_t *de;
@@ -1872,13 +1871,7 @@ htsp_findDvrEntry(htsp_connection_t *htsp, htsmsg_t *in, htsmsg_t **out, int chn
     return NULL;
   }
 
-  if(dvr_entry_verify(de, htsp->htsp_granted_access, 1)) {
-    *out = htsp_error(htsp, N_("User does not have access"));
-    return NULL;
-  }
-
-  /* Check access */
-  if (chn && de->de_channel && !htsp_user_access_channel(htsp, de->de_channel)) {
+  if(dvr_entry_verify(de, htsp->htsp_granted_access, readonly)) {
     *out = htsp_error(htsp, N_("User does not have access"));
     return NULL;
   }
@@ -1944,7 +1937,7 @@ htsp_method_stopDvrEntry(htsp_connection_t *htsp, htsmsg_t *in)
   htsmsg_t *out = NULL;
   dvr_entry_t *de;
 
-  de = htsp_findDvrEntry(htsp, in, &out, 1);
+  de = htsp_findDvrEntry(htsp, in, &out, 0);
   if (de == NULL)
     return out;
 
@@ -1962,7 +1955,7 @@ htsp_method_cancelDvrEntry(htsp_connection_t *htsp, htsmsg_t *in)
   htsmsg_t *out = NULL;
   dvr_entry_t *de;
 
-  de = htsp_findDvrEntry(htsp, in, &out, 1);
+  de = htsp_findDvrEntry(htsp, in, &out, 0);
   if (de == NULL)
     return out;
 
@@ -1980,7 +1973,7 @@ htsp_method_deleteDvrEntry(htsp_connection_t *htsp, htsmsg_t *in)
   htsmsg_t *out;
   dvr_entry_t *de;
 
-  de = htsp_findDvrEntry(htsp, in, &out, 1);
+  de = htsp_findDvrEntry(htsp, in, &out, 0);
   if (de == NULL)
     return out;
 
@@ -2060,10 +2053,6 @@ htsp_method_updateAutorecEntry(htsp_connection_t *htsp, htsmsg_t *in)
   if(dvr_autorec_entry_verify(dae, htsp->htsp_granted_access, 0))
     return htsp_error(htsp, N_("User does not have access"));
 
-  /* Check access old channel*/
-  if (dae->dae_channel && !htsp_user_access_channel(htsp, dae->dae_channel))
-    return htsp_error(htsp, N_("User does not have access"));
-
   /* Do we have a channel? No = keep old one */
   if (!htsmsg_get_s64(in, "channelId", &s64)) //s64 -> -1 = any channel
   {
@@ -2100,10 +2089,6 @@ htsp_method_deleteAutorecEntry(htsp_connection_t *htsp, htsmsg_t *in)
   if(dvr_autorec_entry_verify(dae, htsp->htsp_granted_access, 0))
     return htsp_error(htsp, N_("User does not have access"));
 
-  /* Check access */
-  if (dae->dae_channel && !htsp_user_access_channel(htsp, dae->dae_channel))
-    return htsp_error(htsp, N_("User does not have access"));
-
   autorec_destroy_by_id(daeId, 1);
 
   return htsp_success();
@@ -2179,10 +2164,6 @@ htsp_method_updateTimerecEntry(htsp_connection_t *htsp, htsmsg_t *in)
   if(dvr_timerec_entry_verify(dte, htsp->htsp_granted_access, 0))
     return htsp_error(htsp, N_("User does not have access"));
 
-  /* Check access old channel */
-  if (dte->dte_channel && !htsp_user_access_channel(htsp, dte->dte_channel))
-    return htsp_error(htsp, N_("User does not have access"));
-
   /* Do we have a channel? No = keep old one */
   if (!htsmsg_get_s64(in, "channelId", &s64)) //s64 -> -1 = any channel
   {
@@ -2218,10 +2199,6 @@ htsp_method_deleteTimerecEntry(htsp_connection_t *htsp, htsmsg_t *in)
   if(dvr_timerec_entry_verify(dte, htsp->htsp_granted_access, 0))
     return htsp_error(htsp, N_("User does not have access"));
 
-  /* Check access */
-  if (dte->dte_channel && !htsp_user_access_channel(htsp, dte->dte_channel))
-    return htsp_error(htsp, N_("User does not have access"));
-
   timerec_destroy_by_id(dteId, 1);
 
   return htsp_success();
@@ -2258,10 +2235,6 @@ htsp_method_getDvrCutpoints(htsp_connection_t *htsp, htsmsg_t *in)
   if(dvr_entry_verify(de, htsp->htsp_granted_access, 1))
     return htsp_error(htsp, N_("User does not have access"));
 
-  /* Check access */
-  if (!htsp_user_access_channel(htsp, de->de_channel))
-    return htsp_error(htsp, N_("User does not have access"));
-
   htsmsg_t *msg = htsmsg_create_map();
 
   dvr_cutpoint_list_t *list = dvr_get_cutpoint_list(de);
@@ -2675,9 +2648,6 @@ htsp_method_file_open(htsp_connection_t *htsp, htsmsg_t *in)
     if (dvr_entry_verify(de, htsp->htsp_granted_access, 1))
       return htsp_error(htsp, N_("User does not have access"));
 
-    if (!htsp_user_access_channel(htsp, de->de_channel))
-      return htsp_error(htsp, N_("User does not have access"));
-
     filename = dvr_get_filename(de);
 
     if (filename == NULL)
@@ -3516,8 +3486,7 @@ _htsp_dvr_entry_update(dvr_entry_t *de, const char *method, htsmsg_t *msg)
   htsp_connection_t *htsp;
   LIST_FOREACH(htsp, &htsp_async_connections, htsp_async_link) {
     if (htsp->htsp_async_mode & HTSP_ASYNC_ON)
-      if (!dvr_entry_verify(de, htsp->htsp_granted_access, 1) &&
-          htsp_user_access_channel(htsp, de->de_channel)) {
+      if (!dvr_entry_verify(de, htsp->htsp_granted_access, 1)) {
         htsmsg_t *m = msg ? htsmsg_copy(msg)
                         : htsp_build_dvrentry(htsp, de, method, htsp->htsp_language);
         htsp_send_message(htsp, m, NULL);
@@ -3567,8 +3536,7 @@ _htsp_autorec_entry_update(dvr_autorec_entry_t *dae, const char *method, htsmsg_
   htsp_connection_t *htsp;
   LIST_FOREACH(htsp, &htsp_async_connections, htsp_async_link) {
     if (htsp->htsp_async_mode & HTSP_ASYNC_ON) {
-      if ((dae->dae_channel == NULL || htsp_user_access_channel(htsp, dae->dae_channel)) &&
-          !dvr_autorec_entry_verify(dae, htsp->htsp_granted_access, 1)) {
+      if (!dvr_autorec_entry_verify(dae, htsp->htsp_granted_access, 1)) {
         htsmsg_t *m = msg ? htsmsg_copy(msg)
                           : htsp_build_autorecentry(htsp, dae, method);
         htsp_send_message(htsp, m, NULL);
@@ -3622,8 +3590,7 @@ _htsp_timerec_entry_update(dvr_timerec_entry_t *dte, const char *method, htsmsg_
   htsp_connection_t *htsp;
   LIST_FOREACH(htsp, &htsp_async_connections, htsp_async_link) {
     if (htsp->htsp_async_mode & HTSP_ASYNC_ON) {
-      if ((dte->dte_channel == NULL || htsp_user_access_channel(htsp, dte->dte_channel)) &&
-          !dvr_timerec_entry_verify(dte, htsp->htsp_granted_access, 1)) {
+      if (!dvr_timerec_entry_verify(dte, htsp->htsp_granted_access, 1)) {
         htsmsg_t *m = msg ? htsmsg_copy(msg)
                           : htsp_build_timerecentry(htsp, dte, method);
         htsp_send_message(htsp, m, NULL);