diff options
| author | Davide Polonio <poloniodavide@gmail.com> | 2020-03-01 21:38:34 +0100 |
|---|---|---|
| committer | Davide Polonio <poloniodavide@gmail.com> | 2020-03-01 21:46:01 +0100 |
| commit | 5d760b7ee806d3fb00ac5aa7d0981362526f1d11 (patch) | |
| tree | 9ca14af31618c2aebeb10b371f7fb52865cf09f1 /MediaBrowser.Model | |
| parent | 03a294a706d2610e263fa2621e50b2da0f27f34f (diff) | |
Fix emby/user/public API leaking private data
This commit fixes the emby/user/public API that was returning more data
than necessary. Now only the following information are returned:
- the account name
- the primary image tag
- the field hasPassword
- the field hasConfiguredPassword, useful for the first wizard only
(see
https://github.com/jellyfin/jellyfin/issues/880#issuecomment-465370051)
- the primary image aspect ratio
A new DTO class, PrivateUserDTO has been created, and the route has been
modified in order to return that data object.
Diffstat (limited to 'MediaBrowser.Model')
| -rw-r--r-- | MediaBrowser.Model/Dto/PublicUserDto.cs | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/MediaBrowser.Model/Dto/PublicUserDto.cs b/MediaBrowser.Model/Dto/PublicUserDto.cs new file mode 100644 index 000000000..bf529a2d0 --- /dev/null +++ b/MediaBrowser.Model/Dto/PublicUserDto.cs @@ -0,0 +1,48 @@ +using System; +using MediaBrowser.Model.Configuration; +using MediaBrowser.Model.Users; + +namespace MediaBrowser.Model.Dto +{ + /// <summary> + /// Class PublicUserDto. Its goal is to show only public information about a user + /// </summary> + public class PublicUserDto : IItemDto + { + /// <summary> + /// Gets or sets the name. + /// </summary> + /// <value>The name.</value> + public string Name { get; set; } + + /// <summary> + /// Gets or sets the primary image tag. + /// </summary> + /// <value>The primary image tag.</value> + public string PrimaryImageTag { get; set; } + + /// <summary> + /// Gets or sets a value indicating whether this instance has password. + /// </summary> + /// <value><c>true</c> if this instance has password; otherwise, <c>false</c>.</value> + public bool HasPassword { get; set; } + + /// <summary> + /// Gets or sets a value indicating whether this instance has configured password. + /// </summary> + /// <value><c>true</c> if this instance has configured password; otherwise, <c>false</c>.</value> + public bool HasConfiguredPassword { get; set; } + + /// <summary> + /// Gets or sets the primary image aspect ratio. + /// </summary> + /// <value>The primary image aspect ratio.</value> + public double? PrimaryImageAspectRatio { get; set; } + + /// <inheritdoc /> + public override string ToString() + { + return Name ?? base.ToString(); + } + } +}
\ No newline at end of file |