diff --git a/surfsense_backend/app/routes/podcasts_routes.py b/surfsense_backend/app/routes/podcasts_routes.py index fa8326096..f991f698f 100644 --- a/surfsense_backend/app/routes/podcasts_routes.py +++ b/surfsense_backend/app/routes/podcasts_routes.py @@ -23,7 +23,7 @@ from app.db import ( get_async_session, ) from app.schemas import PodcastRead -from app.users import current_active_user, current_optional_user +from app.users import current_active_user from app.utils.rbac import check_permission router = APIRouter() @@ -82,17 +82,14 @@ async def read_podcasts( async def read_podcast( podcast_id: int, session: AsyncSession = Depends(get_async_session), - user: User | None = Depends(current_optional_user), + user: User = Depends(current_active_user), ): """ Get a specific podcast by ID. - Access is allowed if: - - User is authenticated with PODCASTS_READ permission, OR - - Podcast belongs to a publicly shared thread + Requires authentication with PODCASTS_READ permission. + For public podcast access, use /public/{share_token}/podcasts/{podcast_id}/stream """ - from app.services.public_chat_service import is_podcast_publicly_accessible - try: result = await session.execute(select(Podcast).filter(Podcast.id == podcast_id)) podcast = result.scalars().first() @@ -103,18 +100,13 @@ async def read_podcast( detail="Podcast not found", ) - is_public = await is_podcast_publicly_accessible(session, podcast_id) - - if not is_public: - if not user: - raise HTTPException(status_code=401, detail="Authentication required") - await check_permission( - session, - user, - podcast.search_space_id, - Permission.PODCASTS_READ.value, - "You don't have permission to read podcasts in this search space", - ) + await check_permission( + session, + user, + podcast.search_space_id, + Permission.PODCASTS_READ.value, + "You don't have permission to read podcasts in this search space", + ) return PodcastRead.from_orm_with_entries(podcast) except HTTPException as he: @@ -168,19 +160,16 @@ async def delete_podcast( async def stream_podcast( podcast_id: int, session: AsyncSession = Depends(get_async_session), - user: User | None = Depends(current_optional_user), + user: User = Depends(current_active_user), ): """ Stream a podcast audio file. - Access is allowed if: - - User is authenticated with PODCASTS_READ permission, OR - - Podcast belongs to a publicly shared thread + Requires authentication with PODCASTS_READ permission. + For public podcast access, use /public/{share_token}/podcasts/{podcast_id}/stream Note: Both /stream and /audio endpoints are supported for compatibility. """ - from app.services.public_chat_service import is_podcast_publicly_accessible - try: result = await session.execute(select(Podcast).filter(Podcast.id == podcast_id)) podcast = result.scalars().first() @@ -188,19 +177,13 @@ async def stream_podcast( if not podcast: raise HTTPException(status_code=404, detail="Podcast not found") - is_public = await is_podcast_publicly_accessible(session, podcast_id) - - if not is_public: - if not user: - raise HTTPException(status_code=401, detail="Authentication required") - - await check_permission( - session, - user, - podcast.search_space_id, - Permission.PODCASTS_READ.value, - "You don't have permission to access podcasts in this search space", - ) + await check_permission( + session, + user, + podcast.search_space_id, + Permission.PODCASTS_READ.value, + "You don't have permission to access podcasts in this search space", + ) file_path = podcast.file_location