groove/audiobookshelf
1
0
Fork 0
mirror of https://github.com/advplyr/audiobookshelf.git synced 2026-05-13 06:51:29 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

Add canStream user permission to control streaming access

Browse source 
Adds a per-user "Can Stream" permission mirroring the existing "Can Download"
pattern. Server admins can now disable streaming for specific users, encouraging
local downloads instead. Addresses #2572.

Changes:
- User model: stream permission in mapping, defaults, and getter
- ApiKey model: stream permission in defaults
- Controller: 403 enforcement on playback session creation endpoints
- Frontend: permission toggle in admin UI, play button gated by canStream,
  download button shown when streaming disabled, message when neither allowed
- Tests: 11 Mocha tests (model + controller), 1 Cypress test (card UI)
- Localization: English strings for toggle label and fallback message

The getter uses !== false (rather than !!) so existing users without the
stream key in their permissions JSON default to allowed on upgrade.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
zriddle 2026-04-02 14:12:08 -06:00
parent 64cbf59609
commit 464b720d9e
11 changed files with 236 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
server/models/ApiKey.js
View file

@ -6,6 +6,7 @@ const Logger = require('../Logger')
/**
* @typedef {Object} ApiKeyPermissions
* @property {boolean} download
* @property {boolean} stream
* @property {boolean} update
* @property {boolean} delete
* @property {boolean} upload
@ -84,6 +85,7 @@ class ApiKey extends Model {
static getDefaultPermissions() {
return {
download: true,
stream: true,
update: true,
delete: true,
upload: true,