Move LibraryService.cs to Jellyfin.Api

1 files changed, 10 insertions, 1 deletions

diff --git a/Jellyfin.Api/Auth/BaseAuthorizationHandler.cs b/Jellyfin.Api/Auth/BaseAuthorizationHandler.cs
index b5b9d89041..c66b841fae 100644
--- a/Jellyfin.Api/Auth/BaseAuthorizationHandler.cs
+++ b/Jellyfin.Api/Auth/BaseAuthorizationHandler.cs
@@ -44,11 +44,13 @@ namespace Jellyfin.Api.Auth
         /// <param name="claimsPrincipal">Request claims.</param>
         /// <param name="ignoreSchedule">Whether to ignore parental control.</param>
         /// <param name="localAccessOnly">Whether access is to be allowed locally only.</param>
+        /// <param name="requiredDownloadPermission">Whether validation requires download permission.</param>
         /// <returns>Validated claim status.</returns>
         protected bool ValidateClaims(
             ClaimsPrincipal claimsPrincipal,
             bool ignoreSchedule = false,
-            bool localAccessOnly = false)
+            bool localAccessOnly = false,
+            bool requiredDownloadPermission = false)
         {
             // Ensure claim has userId.
             var userId = ClaimHelpers.GetUserId(claimsPrincipal);
@@ -91,6 +93,13 @@ namespace Jellyfin.Api.Auth
                 return false;
             }
 
+            // User attempting to download without permission.
+            if (requiredDownloadPermission
+                && !user.HasPermission(PermissionKind.EnableContentDownloading))
+            {
+                return false;
+            }
+
             return true;
         }