From dd4374cec68d0a8071f92d7caafb7f3878128d91 Mon Sep 17 00:00:00 2001 From: Deluan Date: Tue, 7 May 2024 19:35:43 -0400 Subject: [PATCH] Limit access to Jukebox for admins only (configurable). Closes #2849 --- conf/configuration.go | 8 +++++--- server/subsonic/jukebox.go | 9 +++++++++ server/subsonic/users.go | 4 +++- 3 files changed, 17 insertions(+), 4 deletions(-) diff --git a/conf/configuration.go b/conf/configuration.go index 8bf011599..14e040bcd 100644 --- a/conf/configuration.go +++ b/conf/configuration.go @@ -143,9 +143,10 @@ type prometheusOptions struct { type AudioDeviceDefinition []string type jukeboxOptions struct { - Enabled bool - Devices []AudioDeviceDefinition - Default string + Enabled bool + Devices []AudioDeviceDefinition + Default string + AdminOnly bool } var ( @@ -340,6 +341,7 @@ func init() { viper.SetDefault("jukebox.enabled", false) viper.SetDefault("jukebox.devices", []AudioDeviceDefinition{}) viper.SetDefault("jukebox.default", "") + viper.SetDefault("jukebox.adminonly", true) viper.SetDefault("scanner.extractor", consts.DefaultScannerExtractor) viper.SetDefault("scanner.genreseparators", ";/,") diff --git a/server/subsonic/jukebox.go b/server/subsonic/jukebox.go index b61d64294..c7881e4e0 100644 --- a/server/subsonic/jukebox.go +++ b/server/subsonic/jukebox.go @@ -4,6 +4,7 @@ import ( "net/http" "strconv" + "github.com/navidrome/navidrome/conf" "github.com/navidrome/navidrome/core/playback" "github.com/navidrome/navidrome/log" "github.com/navidrome/navidrome/server/subsonic/responses" @@ -29,6 +30,14 @@ func (api *Router) JukeboxControl(r *http.Request) (*responses.Subsonic, error) user := getUser(ctx) p := req.Params(r) + if !conf.Server.Jukebox.Enabled { + return nil, newError(responses.ErrorGeneric, "Jukebox is disabled") + } + + if conf.Server.Jukebox.AdminOnly && !user.IsAdmin { + return nil, newError(responses.ErrorAuthorizationFail, "Jukebox is admin only") + } + actionString, err := p.String("action") if err != nil { return nil, err diff --git a/server/subsonic/users.go b/server/subsonic/users.go index 01f012474..0499b5ee0 100644 --- a/server/subsonic/users.go +++ b/server/subsonic/users.go @@ -40,7 +40,9 @@ func (api *Router) GetUsers(r *http.Request) (*responses.Subsonic, error) { user.ScrobblingEnabled = true user.DownloadRole = conf.Server.EnableDownloads user.ShareRole = conf.Server.EnableSharing - user.JukeboxRole = conf.Server.Jukebox.Enabled + if conf.Server.Jukebox.Enabled { + user.JukeboxRole = !conf.Server.Jukebox.AdminOnly || loggedUser.IsAdmin + } response := newResponse() response.Users = &responses.Users{User: []responses.User{user}} return response, nil