From 41b48d1104e2923977814e76ccde09c944efaae9 Mon Sep 17 00:00:00 2001 From: Flaminel Date: Mon, 2 Mar 2026 13:00:23 +0200 Subject: [PATCH] Enforce authorize attribute explicitely (#485) --- .../Cleanuparr.Api/Controllers/ApiDocumentationController.cs | 2 ++ code/backend/Cleanuparr.Api/Controllers/EventsController.cs | 2 ++ .../Cleanuparr.Api/Controllers/HealthCheckController.cs | 2 ++ code/backend/Cleanuparr.Api/Controllers/HealthController.cs | 4 ++++ code/backend/Cleanuparr.Api/Controllers/JobsController.cs | 2 ++ .../Cleanuparr.Api/Controllers/ManualEventsController.cs | 2 ++ code/backend/Cleanuparr.Api/Controllers/StatsController.cs | 2 ++ code/backend/Cleanuparr.Api/Controllers/StatusController.cs | 2 ++ code/backend/Cleanuparr.Api/Controllers/StrikesController.cs | 2 ++ .../Features/Arr/Controllers/ArrConfigController.cs | 2 ++ .../Controllers/BlacklistSyncConfigController.cs | 2 ++ .../Controllers/DownloadCleanerConfigController.cs | 2 ++ .../DownloadClient/Controllers/DownloadClientController.cs | 2 ++ .../Features/General/Controllers/GeneralConfigController.cs | 2 ++ .../Controllers/MalwareBlockerConfigController.cs | 2 ++ .../Controllers/NotificationProvidersController.cs | 2 ++ .../QueueCleaner/Controllers/QueueCleanerConfigController.cs | 2 ++ .../Features/QueueCleaner/Controllers/QueueRulesController.cs | 2 ++ 18 files changed, 38 insertions(+) diff --git a/code/backend/Cleanuparr.Api/Controllers/ApiDocumentationController.cs b/code/backend/Cleanuparr.Api/Controllers/ApiDocumentationController.cs index 2ddfea3f..6315b3f3 100644 --- a/code/backend/Cleanuparr.Api/Controllers/ApiDocumentationController.cs +++ b/code/backend/Cleanuparr.Api/Controllers/ApiDocumentationController.cs @@ -1,9 +1,11 @@ +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; namespace Cleanuparr.Api.Controllers; [ApiController] [Route("api")] +[Authorize] public class ApiDocumentationController : ControllerBase { [HttpGet] diff --git a/code/backend/Cleanuparr.Api/Controllers/EventsController.cs b/code/backend/Cleanuparr.Api/Controllers/EventsController.cs index f758d553..f512e9d4 100644 --- a/code/backend/Cleanuparr.Api/Controllers/EventsController.cs +++ b/code/backend/Cleanuparr.Api/Controllers/EventsController.cs @@ -2,6 +2,7 @@ using System.Text.Json.Serialization; using Cleanuparr.Domain.Enums; using Cleanuparr.Persistence; using Cleanuparr.Persistence.Models.Events; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Microsoft.EntityFrameworkCore; @@ -9,6 +10,7 @@ namespace Cleanuparr.Api.Controllers; [ApiController] [Route("api/[controller]")] +[Authorize] public class EventsController : ControllerBase { private readonly EventsContext _context; diff --git a/code/backend/Cleanuparr.Api/Controllers/HealthCheckController.cs b/code/backend/Cleanuparr.Api/Controllers/HealthCheckController.cs index 5766c1c7..f1eac330 100644 --- a/code/backend/Cleanuparr.Api/Controllers/HealthCheckController.cs +++ b/code/backend/Cleanuparr.Api/Controllers/HealthCheckController.cs @@ -1,4 +1,5 @@ using Cleanuparr.Infrastructure.Health; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; namespace Cleanuparr.Api.Controllers; @@ -8,6 +9,7 @@ namespace Cleanuparr.Api.Controllers; /// [ApiController] [Route("api/health")] +[Authorize] public class HealthCheckController : ControllerBase { private readonly ILogger _logger; diff --git a/code/backend/Cleanuparr.Api/Controllers/HealthController.cs b/code/backend/Cleanuparr.Api/Controllers/HealthController.cs index da4b5c61..6f9741b1 100644 --- a/code/backend/Cleanuparr.Api/Controllers/HealthController.cs +++ b/code/backend/Cleanuparr.Api/Controllers/HealthController.cs @@ -1,3 +1,4 @@ +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Microsoft.Extensions.Diagnostics.HealthChecks; @@ -8,6 +9,7 @@ namespace Cleanuparr.Api.Controllers; /// [ApiController] [Route("[controller]")] +[Authorize] public class HealthController : ControllerBase { private readonly HealthCheckService _healthCheckService; @@ -23,6 +25,7 @@ public class HealthController : ControllerBase /// Basic liveness probe - checks if the application is running /// Used by Docker HEALTHCHECK and Kubernetes liveness probes /// + [AllowAnonymous] [HttpGet] [Route("/health")] public async Task GetHealth() @@ -47,6 +50,7 @@ public class HealthController : ControllerBase /// Readiness probe - checks if the application is ready to serve traffic /// Used by Kubernetes readiness probes /// + [AllowAnonymous] [HttpGet] [Route("/health/ready")] public async Task GetReadiness() diff --git a/code/backend/Cleanuparr.Api/Controllers/JobsController.cs b/code/backend/Cleanuparr.Api/Controllers/JobsController.cs index fd6c0425..193dfa66 100644 --- a/code/backend/Cleanuparr.Api/Controllers/JobsController.cs +++ b/code/backend/Cleanuparr.Api/Controllers/JobsController.cs @@ -2,12 +2,14 @@ using Cleanuparr.Api.Models; using Cleanuparr.Domain.Enums; using Cleanuparr.Infrastructure.Models; using Cleanuparr.Infrastructure.Services.Interfaces; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; namespace Cleanuparr.Api.Controllers; [ApiController] [Route("api/[controller]")] +[Authorize] public class JobsController : ControllerBase { private readonly IJobManagementService _jobManagementService; diff --git a/code/backend/Cleanuparr.Api/Controllers/ManualEventsController.cs b/code/backend/Cleanuparr.Api/Controllers/ManualEventsController.cs index 6e407262..dbf0fb77 100644 --- a/code/backend/Cleanuparr.Api/Controllers/ManualEventsController.cs +++ b/code/backend/Cleanuparr.Api/Controllers/ManualEventsController.cs @@ -1,6 +1,7 @@ using Cleanuparr.Domain.Enums; using Cleanuparr.Persistence; using Cleanuparr.Persistence.Models.Events; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Microsoft.EntityFrameworkCore; @@ -8,6 +9,7 @@ namespace Cleanuparr.Api.Controllers; [ApiController] [Route("api/[controller]")] +[Authorize] public class ManualEventsController : ControllerBase { private readonly EventsContext _context; diff --git a/code/backend/Cleanuparr.Api/Controllers/StatsController.cs b/code/backend/Cleanuparr.Api/Controllers/StatsController.cs index 7edd922b..133349c6 100644 --- a/code/backend/Cleanuparr.Api/Controllers/StatsController.cs +++ b/code/backend/Cleanuparr.Api/Controllers/StatsController.cs @@ -1,4 +1,5 @@ using Cleanuparr.Infrastructure.Stats; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; namespace Cleanuparr.Api.Controllers; @@ -8,6 +9,7 @@ namespace Cleanuparr.Api.Controllers; /// [ApiController] [Route("api/[controller]")] +[Authorize] public class StatsController : ControllerBase { private readonly ILogger _logger; diff --git a/code/backend/Cleanuparr.Api/Controllers/StatusController.cs b/code/backend/Cleanuparr.Api/Controllers/StatusController.cs index 5e0fe4da..1ab16274 100644 --- a/code/backend/Cleanuparr.Api/Controllers/StatusController.cs +++ b/code/backend/Cleanuparr.Api/Controllers/StatusController.cs @@ -2,6 +2,7 @@ using System.Diagnostics; using Cleanuparr.Domain.Enums; using Cleanuparr.Infrastructure.Features.Arr.Interfaces; using Cleanuparr.Persistence; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Microsoft.EntityFrameworkCore; @@ -9,6 +10,7 @@ namespace Cleanuparr.Api.Controllers; [ApiController] [Route("api/[controller]")] +[Authorize] public class StatusController : ControllerBase { private readonly ILogger _logger; diff --git a/code/backend/Cleanuparr.Api/Controllers/StrikesController.cs b/code/backend/Cleanuparr.Api/Controllers/StrikesController.cs index 588b7604..01ca1d99 100644 --- a/code/backend/Cleanuparr.Api/Controllers/StrikesController.cs +++ b/code/backend/Cleanuparr.Api/Controllers/StrikesController.cs @@ -1,6 +1,7 @@ using Cleanuparr.Domain.Enums; using Cleanuparr.Persistence; using Cleanuparr.Persistence.Models.State; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Microsoft.EntityFrameworkCore; @@ -8,6 +9,7 @@ namespace Cleanuparr.Api.Controllers; [ApiController] [Route("api/[controller]")] +[Authorize] public class StrikesController : ControllerBase { private readonly EventsContext _context; diff --git a/code/backend/Cleanuparr.Api/Features/Arr/Controllers/ArrConfigController.cs b/code/backend/Cleanuparr.Api/Features/Arr/Controllers/ArrConfigController.cs index 93a6b16c..0fe6c00f 100644 --- a/code/backend/Cleanuparr.Api/Features/Arr/Controllers/ArrConfigController.cs +++ b/code/backend/Cleanuparr.Api/Features/Arr/Controllers/ArrConfigController.cs @@ -4,6 +4,7 @@ using Cleanuparr.Infrastructure.Features.Arr.Dtos; using Cleanuparr.Infrastructure.Features.Arr.Interfaces; using Cleanuparr.Persistence; using Mapster; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Microsoft.EntityFrameworkCore; @@ -11,6 +12,7 @@ namespace Cleanuparr.Api.Features.Arr.Controllers; [ApiController] [Route("api/configuration")] +[Authorize] public sealed class ArrConfigController : ControllerBase { private readonly ILogger _logger; diff --git a/code/backend/Cleanuparr.Api/Features/BlacklistSync/Controllers/BlacklistSyncConfigController.cs b/code/backend/Cleanuparr.Api/Features/BlacklistSync/Controllers/BlacklistSyncConfigController.cs index 91c24461..08094e7f 100644 --- a/code/backend/Cleanuparr.Api/Features/BlacklistSync/Controllers/BlacklistSyncConfigController.cs +++ b/code/backend/Cleanuparr.Api/Features/BlacklistSync/Controllers/BlacklistSyncConfigController.cs @@ -6,6 +6,7 @@ using Cleanuparr.Domain.Enums; using Cleanuparr.Infrastructure.Services.Interfaces; using Cleanuparr.Persistence; using Cleanuparr.Persistence.Models.Configuration.BlacklistSync; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Microsoft.EntityFrameworkCore; using Microsoft.Extensions.Logging; @@ -14,6 +15,7 @@ namespace Cleanuparr.Api.Features.BlacklistSync.Controllers; [ApiController] [Route("api/configuration")] +[Authorize] public sealed class BlacklistSyncConfigController : ControllerBase { private readonly ILogger _logger; diff --git a/code/backend/Cleanuparr.Api/Features/DownloadCleaner/Controllers/DownloadCleanerConfigController.cs b/code/backend/Cleanuparr.Api/Features/DownloadCleaner/Controllers/DownloadCleanerConfigController.cs index 648fb272..a4d2f38d 100644 --- a/code/backend/Cleanuparr.Api/Features/DownloadCleaner/Controllers/DownloadCleanerConfigController.cs +++ b/code/backend/Cleanuparr.Api/Features/DownloadCleaner/Controllers/DownloadCleanerConfigController.cs @@ -9,6 +9,7 @@ using Cleanuparr.Infrastructure.Utilities; using Cleanuparr.Persistence; using Cleanuparr.Persistence.Models.Configuration; using Cleanuparr.Persistence.Models.Configuration.DownloadCleaner; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Microsoft.EntityFrameworkCore; using Microsoft.Extensions.Logging; @@ -17,6 +18,7 @@ namespace Cleanuparr.Api.Features.DownloadCleaner.Controllers; [ApiController] [Route("api/configuration")] +[Authorize] public sealed class DownloadCleanerConfigController : ControllerBase { private readonly ILogger _logger; diff --git a/code/backend/Cleanuparr.Api/Features/DownloadClient/Controllers/DownloadClientController.cs b/code/backend/Cleanuparr.Api/Features/DownloadClient/Controllers/DownloadClientController.cs index 9a2aff55..50968213 100644 --- a/code/backend/Cleanuparr.Api/Features/DownloadClient/Controllers/DownloadClientController.cs +++ b/code/backend/Cleanuparr.Api/Features/DownloadClient/Controllers/DownloadClientController.cs @@ -5,6 +5,7 @@ using Cleanuparr.Api.Features.DownloadClient.Contracts.Requests; using Cleanuparr.Infrastructure.Features.DownloadClient; using Cleanuparr.Infrastructure.Http.DynamicHttpClientSystem; using Cleanuparr.Persistence; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Microsoft.EntityFrameworkCore; @@ -12,6 +13,7 @@ namespace Cleanuparr.Api.Features.DownloadClient.Controllers; [ApiController] [Route("api/configuration")] +[Authorize] public sealed class DownloadClientController : ControllerBase { private readonly ILogger _logger; diff --git a/code/backend/Cleanuparr.Api/Features/General/Controllers/GeneralConfigController.cs b/code/backend/Cleanuparr.Api/Features/General/Controllers/GeneralConfigController.cs index 8814c522..056d62f2 100644 --- a/code/backend/Cleanuparr.Api/Features/General/Controllers/GeneralConfigController.cs +++ b/code/backend/Cleanuparr.Api/Features/General/Controllers/GeneralConfigController.cs @@ -4,6 +4,7 @@ using System.Threading.Tasks; using Cleanuparr.Api.Features.General.Contracts.Requests; using Cleanuparr.Persistence; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Microsoft.EntityFrameworkCore; using Microsoft.Extensions.Logging; @@ -12,6 +13,7 @@ namespace Cleanuparr.Api.Features.General.Controllers; [ApiController] [Route("api/configuration")] +[Authorize] public sealed class GeneralConfigController : ControllerBase { private readonly ILogger _logger; diff --git a/code/backend/Cleanuparr.Api/Features/MalwareBlocker/Controllers/MalwareBlockerConfigController.cs b/code/backend/Cleanuparr.Api/Features/MalwareBlocker/Controllers/MalwareBlockerConfigController.cs index 6804e03c..f4090164 100644 --- a/code/backend/Cleanuparr.Api/Features/MalwareBlocker/Controllers/MalwareBlockerConfigController.cs +++ b/code/backend/Cleanuparr.Api/Features/MalwareBlocker/Controllers/MalwareBlockerConfigController.cs @@ -8,6 +8,7 @@ using Cleanuparr.Infrastructure.Utilities; using Cleanuparr.Persistence; using Cleanuparr.Persistence.Models.Configuration; using Cleanuparr.Persistence.Models.Configuration.MalwareBlocker; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Microsoft.EntityFrameworkCore; using Microsoft.Extensions.Logging; @@ -16,6 +17,7 @@ namespace Cleanuparr.Api.Features.MalwareBlocker.Controllers; [ApiController] [Route("api/configuration")] +[Authorize] public sealed class MalwareBlockerConfigController : ControllerBase { private readonly ILogger _logger; diff --git a/code/backend/Cleanuparr.Api/Features/Notifications/Controllers/NotificationProvidersController.cs b/code/backend/Cleanuparr.Api/Features/Notifications/Controllers/NotificationProvidersController.cs index 22f5bf72..6af926e9 100644 --- a/code/backend/Cleanuparr.Api/Features/Notifications/Controllers/NotificationProvidersController.cs +++ b/code/backend/Cleanuparr.Api/Features/Notifications/Controllers/NotificationProvidersController.cs @@ -11,6 +11,7 @@ using Cleanuparr.Infrastructure.Features.Notifications.Telegram; using Cleanuparr.Infrastructure.Features.Notifications.Gotify; using Cleanuparr.Persistence; using Cleanuparr.Persistence.Models.Configuration.Notification; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Microsoft.EntityFrameworkCore; @@ -18,6 +19,7 @@ namespace Cleanuparr.Api.Features.Notifications.Controllers; [ApiController] [Route("api/configuration/notification_providers")] +[Authorize] public sealed class NotificationProvidersController : ControllerBase { private readonly ILogger _logger; diff --git a/code/backend/Cleanuparr.Api/Features/QueueCleaner/Controllers/QueueCleanerConfigController.cs b/code/backend/Cleanuparr.Api/Features/QueueCleaner/Controllers/QueueCleanerConfigController.cs index aea2e37f..d9eeb30e 100644 --- a/code/backend/Cleanuparr.Api/Features/QueueCleaner/Controllers/QueueCleanerConfigController.cs +++ b/code/backend/Cleanuparr.Api/Features/QueueCleaner/Controllers/QueueCleanerConfigController.cs @@ -7,6 +7,7 @@ using Cleanuparr.Infrastructure.Utilities; using Cleanuparr.Persistence; using Cleanuparr.Persistence.Models.Configuration; using Cleanuparr.Persistence.Models.Configuration.QueueCleaner; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Microsoft.EntityFrameworkCore; using Microsoft.Extensions.Logging; @@ -15,6 +16,7 @@ namespace Cleanuparr.Api.Features.QueueCleaner.Controllers; [ApiController] [Route("api/configuration")] +[Authorize] public sealed class QueueCleanerConfigController : ControllerBase { private readonly ILogger _logger; diff --git a/code/backend/Cleanuparr.Api/Features/QueueCleaner/Controllers/QueueRulesController.cs b/code/backend/Cleanuparr.Api/Features/QueueCleaner/Controllers/QueueRulesController.cs index eb6b8439..5deb1b1c 100644 --- a/code/backend/Cleanuparr.Api/Features/QueueCleaner/Controllers/QueueRulesController.cs +++ b/code/backend/Cleanuparr.Api/Features/QueueCleaner/Controllers/QueueRulesController.cs @@ -3,6 +3,7 @@ using Cleanuparr.Domain.Exceptions; using Cleanuparr.Infrastructure.Services.Interfaces; using Cleanuparr.Persistence; using Cleanuparr.Persistence.Models.Configuration.QueueCleaner; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Microsoft.EntityFrameworkCore; using Microsoft.Extensions.Logging; @@ -11,6 +12,7 @@ namespace Cleanuparr.Api.Features.QueueCleaner.Controllers; [ApiController] [Route("api/queue-rules")] +[Authorize] public class QueueRulesController : ControllerBase { private readonly ILogger _logger;