feat(playlists): permalink-only access to private playlists#843
Open
dylanjeffers wants to merge 1 commit into
Open
feat(playlists): permalink-only access to private playlists#843dylanjeffers wants to merge 1 commit into
dylanjeffers wants to merge 1 commit into
Conversation
Add an `is_private` filter to `get_playlists.sql` with an `@include_private` bypass, mirroring the existing `is_unlisted` pattern for tracks. The flag is set to true on permalink-driven entry points (by_permalink route, bulk endpoint when ?permalink= is used, and the /resolve redirect target), so possessing a valid permalink is treated as proof of access for unauthenticated callers. Caller-supplied IDs in the bulk endpoint are kept in a separate query from permalink-derived IDs to avoid leaking a private playlist when both are mixed in one request. Also: extend the by_permalink route to accept both /playlist/ and /album/ URL variants so /v1/resolve can redirect there for albums. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
dylanjeffers
force-pushed
the
claude/sad-swirles-f24794
branch
from
ec22c3c to
95e844a
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
is_unlistedmodel for tracks.is_privatefilter is added toget_playlists.sqlwith an@include_privatebypass flag. Permalink-driven entry points (theby_permalinkroute, the bulk/v1/full/playlists?permalink=…endpoint, and the/v1/resolveredirect target) setIncludePrivate: true; bare ID lookups do not.Playlists()calls so a request mixing?id=PRIVATE_ID&permalink=any_publiccannot leak a private playlist by piggy-backing on the permalink trust.v1_playlist_by_permalinknow accepts both/playlist/and/album/URL variants, so/v1/resolvecan redirect album URLs there.IncludeUnlisted: true); no code change there, just a regression test.Behavior change
Anonymous (and non-owner) requests to
/v1/full/playlists/:idor/v1/full/playlists?id=…for a private playlist will now return 404 / empty. Owners (myID == owner_id) and any callers using the permalink continue to see the playlist.Test plan
TestV1PlaylistByPermalinkandTestV1AlbumByPermalinkstill passTestV1PrivatePlaylistByPermalinkAnonymous— anon caller gets private playlist via permalinkTestV1PrivateAlbumByPermalinkAnonymous— anon caller gets private album via permalinkTestPlaylistsEndpointPrivatePermalinkAnonymous— same via bulk endpointTestPlaylistsEndpointPrivateByIdHiddenFromAnonymous—?id=does not leak privateTestGetPlaylistPrivateAnonymous404—/playlists/:idreturns 404 for anon on privateTestGetPlaylistPrivateOwnerAllowed— owner can still fetch their private playlist by IDTestGetUnlistedTrackByPermalinkAnonymous— regression lock-in for track permalink behaviorTestResolvePlaylistURL) still 302 (redirect target changed toby_permalink, still ok)🤖 Generated with Claude Code