feat: refresh monitored downloads before getting queue items

Currently, we sync with sonarr/radarr with whatever value those return. Radarr/Sonarr syncs the activity from the download clients every few minutes. This leads to inaccurate estimated download times, because of the refresh delay with Jellyseerr and the *arrs. This PR fixes this by making a request to the *arrs to refresh the monitored downloads just before we get these downloads information. re #866
fix(session): set the correct TTL for the cookie store (#992 )
2025-12-24 02:39:18 -05:00 · 2024-10-03 18:04:27 +02:00 · 2024-10-02 20:59:35 +02:00 · 2024-09-30 18:56:25 +02:00 · 2024-09-25 21:25:44 +02:00
17 changed files with 128 additions and 149 deletions
--- a/cypress/config/settings.cypress.json
+++ b/cypress/config/settings.cypress.json
@@ -7,7 +7,6 @@
    "applicationTitle": "Overseerr",
    "applicationUrl": "",
    "csrfProtection": false,
-    "cspFrameAncestorDomains": "",
    "cacheImages": false,
    "defaultPermissions": 32,
    "defaultQuotas": {
--- a/overseerr-api.yml
+++ b/overseerr-api.yml
@@ -168,9 +168,6 @@ components:
        csrfProtection:
          type: boolean
          example: false
-        cspFrameAncestorDomains:
-          type: string
-          example: 'example.com'
        hideAvailable:
          type: boolean
          example: false
--- a/package.json
+++ b/package.json
@@ -61,7 +61,6 @@
    "express-session": "1.17.3",
    "formik": "^2.4.6",
    "gravatar-url": "3.1.0",
-    "helmet": "^7.1.0",
    "lodash": "4.17.21",
    "mime": "3",
    "next": "^14.2.4",
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -95,9 +95,6 @@ importers:
      gravatar-url:
        specifier: 3.1.0
        version: 3.1.0
-      helmet:
-        specifier: ^7.1.0
-        version: 7.1.0
      lodash:
        specifier: 4.17.21
        version: 4.17.21
@@ -5295,10 +5292,6 @@ packages:
    resolution: {integrity: sha512-F/1DnUGPopORZi0ni+CvrCgHQ5FyEAHRLSApuYWMmrbSwoN2Mn/7k+Gl38gJnR7yyDZk6WLXwiGod1JOWNDKGw==}
    hasBin: true

-  helmet@7.1.0:
-    resolution: {integrity: sha512-g+HZqgfbpXdCkme/Cd/mZkV0aV3BZZZSugecH03kl38m/Kmdx8jKjBikpDj2cr+Iynv4KpYEviojNdTJActJAg==}
-    engines: {node: '>=16.0.0'}
-
  hermes-estree@0.19.1:
    resolution: {integrity: sha512-daLGV3Q2MKk8w4evNMKwS8zBE/rcpA800nu1Q5kM08IKijoSnPe9Uo1iIxzPKRkn95IxxsgBMPeYHt3VG4ej2g==}

@@ -15602,8 +15595,6 @@ snapshots:

  he@1.2.0: {}

-  helmet@7.1.0: {}
-
  hermes-estree@0.19.1: {}

  hermes-estree@0.20.1: {}
--- a/server/api/externalapi.ts
+++ b/server/api/externalapi.ts
@@ -76,7 +76,7 @@ class ExternalAPI {
    }
    const data = await this.getDataFromResponse(response);

-    if (this.cache) {
+    if (this.cache && ttl !== 0) {
      this.cache.set(cacheKey, data, ttl ?? DEFAULT_TTL);
    }

@@ -120,7 +120,7 @@ class ExternalAPI {
    }
    const resData = await this.getDataFromResponse(response);

-    if (this.cache) {
+    if (this.cache && ttl !== 0) {
      this.cache.set(cacheKey, resData, ttl ?? DEFAULT_TTL);
    }

@@ -164,7 +164,7 @@ class ExternalAPI {
    }
    const resData = await this.getDataFromResponse(response);

-    if (this.cache) {
+    if (this.cache && ttl !== 0) {
      this.cache.set(cacheKey, resData, ttl ?? DEFAULT_TTL);
    }

--- a/server/api/servarr/base.ts
+++ b/server/api/servarr/base.ts
@@ -157,9 +157,13 @@ class ServarrBase<QueueItemAppendT> extends ExternalAPI {

  public getQueue = async (): Promise<(QueueItem & QueueItemAppendT)[]> => {
    try {
-      const data = await this.get<QueueResponse<QueueItemAppendT>>(`/queue`, {
-        includeEpisode: 'true',
-      });
+      const data = await this.get<QueueResponse<QueueItemAppendT>>(
+        `/queue`,
+        {
+          includeEpisode: 'true',
+        },
+        0
+      );

      return data.records;
    } catch (e) {
@@ -193,15 +197,24 @@ class ServarrBase<QueueItemAppendT> extends ExternalAPI {
    }
  };

+  async refreshMonitoredDownloads(): Promise<void> {
+    await this.runCommand('RefreshMonitoredDownloads', {});
+  }
+
  protected async runCommand(
    commandName: string,
    options: Record<string, unknown>
  ): Promise<void> {
    try {
-      await this.post(`/command`, {
-        name: commandName,
-        ...options,
-      });
+      await this.post(
+        `/command`,
+        {
+          name: commandName,
+          ...options,
+        },
+        {},
+        0
+      );
    } catch (e) {
      throw new Error(`[${this.apiName}] Failed to run command: ${e.message}`);
    }
--- a/server/index.ts
+++ b/server/index.ts
@@ -32,7 +32,6 @@ import express from 'express';
 import * as OpenApiValidator from 'express-openapi-validator';
 import type { Store } from 'express-session';
 import session from 'express-session';
-import helmet from 'helmet';
 import next from 'next';
 import dns from 'node:dns';
 import net from 'node:net';
@@ -160,28 +159,6 @@ app
      });
    }

-    // Setup Content-Security-Policy
-    server.use(
-      helmet.contentSecurityPolicy({
-        useDefaults: false,
-        directives: {
-          'default-src': ["'self'", "'unsafe-inline'"],
-          'script-src': [
-            "'self'",
-            "'unsafe-inline'",
-            ...(dev ? ["'unsafe-eval'"] : []),
-          ],
-          'img-src': ["'self'", "'unsafe-inline'", 'data:', 'blob:', '*'],
-          'frame-ancestors': [
-            "'self'",
-            ...(settings.main.cspFrameAncestorDomains
-              ? [settings.main.cspFrameAncestorDomains]
-              : []),
-          ],
-        },
-      })
-    );
-
    // Set up sessions
    const sessionRespository = getRepository(Session);
    server.use(
@@ -193,16 +170,12 @@ app
        cookie: {
          maxAge: 1000 * 60 * 60 * 24 * 30,
          httpOnly: true,
-          sameSite: settings.main.csrfProtection
-            ? 'strict'
-            : settings.main.cspFrameAncestorDomains
-            ? 'none'
-            : 'lax',
-          secure: settings.main.cspFrameAncestorDomains ? true : 'auto',
+          sameSite: settings.main.csrfProtection ? 'strict' : 'lax',
+          secure: 'auto',
        },
        store: new TypeormStore({
          cleanupLimit: 2,
-          ttl: 1000 * 60 * 60 * 24 * 30,
+          ttl: 60 * 60 * 24 * 30,
        }).connect(sessionRespository) as Store,
      })
    );
--- a/server/lib/downloadtracker.ts
+++ b/server/lib/downloadtracker.ts
@@ -85,6 +85,7 @@ class DownloadTracker {
          });

          try {
+            await radarr.refreshMonitoredDownloads();
            const queueItems = await radarr.getQueue();

            this.radarrServers[server.id] = queueItems.map((item) => ({
@@ -162,6 +163,7 @@ class DownloadTracker {
          });

          try {
+            await sonarr.refreshMonitoredDownloads();
            const queueItems = await sonarr.getQueue();

            this.sonarrServers[server.id] = queueItems.map((item) => ({
--- a/server/lib/settings/index.ts
+++ b/server/lib/settings/index.ts
@@ -104,7 +104,6 @@ export interface MainSettings {
  applicationTitle: string;
  applicationUrl: string;
  csrfProtection: boolean;
-  cspFrameAncestorDomains: string;
  cacheImages: boolean;
  defaultPermissions: number;
  defaultQuotas: {
@@ -311,7 +310,6 @@ class Settings {
        applicationTitle: 'Jellyseerr',
        applicationUrl: '',
        csrfProtection: false,
-        cspFrameAncestorDomains: '',
        cacheImages: false,
        defaultPermissions: Permission.REQUEST,
        defaultQuotas: {
--- a/server/utils/restartFlag.ts
+++ b/server/utils/restartFlag.ts
@@ -13,8 +13,7 @@ class RestartFlag {

    return (
      this.settings.csrfProtection !== settings.csrfProtection ||
-      this.settings.trustProxy !== settings.trustProxy ||
-      this.settings.cspFrameAncestorDomains !== settings.cspFrameAncestorDomains
+      this.settings.trustProxy !== settings.trustProxy
    );
  }
 }
--- a/src/components/Layout/MobileMenu/index.tsx
+++ b/src/components/Layout/MobileMenu/index.tsx
@@ -7,6 +7,7 @@ import {
  CogIcon,
  EllipsisHorizontalIcon,
  ExclamationTriangleIcon,
+  EyeSlashIcon,
  FilmIcon,
  SparklesIcon,
  TvIcon,
@@ -16,6 +17,7 @@ import {
  ClockIcon as FilledClockIcon,
  CogIcon as FilledCogIcon,
  ExclamationTriangleIcon as FilledExclamationTriangleIcon,
+  EyeSlashIcon as FilledEyeSlashIcon,
  FilmIcon as FilledFilmIcon,
  SparklesIcon as FilledSparklesIcon,
  TvIcon as FilledTvIcon,
@@ -84,6 +86,18 @@ const MobileMenu = () => {
      svgIconSelected: <FilledClockIcon className="h-6 w-6" />,
      activeRegExp: /^\/requests/,
    },
+    {
+      href: '/blacklist',
+      content: intl.formatMessage(menuMessages.blacklist),
+      svgIcon: <EyeSlashIcon className="h-6 w-6" />,
+      svgIconSelected: <FilledEyeSlashIcon className="h-6 w-6" />,
+      activeRegExp: /^\/blacklist/,
+      requiredPermission: [
+        Permission.MANAGE_BLACKLIST,
+        Permission.VIEW_BLACKLIST,
+      ],
+      permissionType: 'or',
+    },
    {
      href: '/issues',
      content: intl.formatMessage(menuMessages.issues),
--- a/src/components/RequestList/RequestItem/index.tsx
+++ b/src/components/RequestList/RequestItem/index.tsx
@@ -42,6 +42,7 @@ const messages = defineMessages('components.RequestList.RequestItem', {
  tmdbid: 'TMDB ID',
  tvdbid: 'TheTVDB ID',
  unknowntitle: 'Unknown Title',
+  removearr: 'Remove from {arr}',
  profileName: 'Profile',
 });

@@ -341,6 +342,18 @@ const RequestItem = ({ request, revalidateList }: RequestItemProps) => {
    revalidateList();
  };

+  const deleteMediaFile = async () => {
+    if (request.media) {
+      await fetch(`/api/v1/media/${request.media.id}/file`, {
+        method: 'DELETE',
+      });
+      await fetch(`/api/v1/media/${request.media.id}`, {
+        method: 'DELETE',
+      });
+      revalidateList();
+    }
+  };
+
  const retryRequest = async () => {
    setRetrying(true);

@@ -666,14 +679,28 @@ const RequestItem = ({ request, revalidateList }: RequestItemProps) => {
            )}
          {requestData.status !== MediaRequestStatus.PENDING &&
            hasPermission(Permission.MANAGE_REQUESTS) && (
-              <ConfirmButton
-                onClick={() => deleteRequest()}
-                confirmText={intl.formatMessage(globalMessages.areyousure)}
-                className="w-full"
-              >
-                <TrashIcon />
-                <span>{intl.formatMessage(messages.deleterequest)}</span>
-              </ConfirmButton>
+              <>
+                <ConfirmButton
+                  onClick={() => deleteRequest()}
+                  confirmText={intl.formatMessage(globalMessages.areyousure)}
+                  className="w-full"
+                >
+                  <TrashIcon />
+                  <span>{intl.formatMessage(messages.deleterequest)}</span>
+                </ConfirmButton>
+                <ConfirmButton
+                  onClick={() => deleteMediaFile()}
+                  confirmText={intl.formatMessage(globalMessages.areyousure)}
+                  className="w-full"
+                >
+                  <TrashIcon />
+                  <span>
+                    {intl.formatMessage(messages.removearr, {
+                      arr: request.type === 'movie' ? 'Radarr' : 'Sonarr',
+                    })}
+                  </span>
+                </ConfirmButton>
+              </>
            )}
          {requestData.status === MediaRequestStatus.PENDING &&
            hasPermission(Permission.MANAGE_REQUESTS) && (
--- a/src/components/Settings/SettingsMain/index.tsx
+++ b/src/components/Settings/SettingsMain/index.tsx
@@ -44,9 +44,6 @@ const messages = defineMessages('components.Settings.SettingsMain', {
  csrfProtectionTip: 'Set external API access to read-only (requires HTTPS)',
  csrfProtectionHoverTip:
    'Do NOT enable this setting unless you understand what you are doing!',
-  cspFrameAncestorDomains: 'Frame-Ancestor Domains',
-  cspFrameAncestorDomainsTip:
-    'Domains to allow embedding Jellyseer as iframe, object or embed. Incompatible with CSRF-Protection',
  cacheImages: 'Enable Image Caching',
  cacheImagesTip:
    'Cache externally sourced images (requires a significant amount of disk space)',
@@ -133,7 +130,6 @@ const SettingsMain = () => {
            applicationTitle: data?.applicationTitle,
            applicationUrl: data?.applicationUrl,
            csrfProtection: data?.csrfProtection,
-            cspFrameAncestorDomains: data?.cspFrameAncestorDomains,
            hideAvailable: data?.hideAvailable,
            locale: data?.locale ?? 'en',
            region: data?.region,
@@ -155,7 +151,6 @@ const SettingsMain = () => {
                  applicationTitle: values.applicationTitle,
                  applicationUrl: values.applicationUrl,
                  csrfProtection: values.csrfProtection,
-                  cspFrameAncestorDomains: values.cspFrameAncestorDomains,
                  hideAvailable: values.hideAvailable,
                  locale: values.locale,
                  region: values.region,
@@ -323,31 +318,6 @@ const SettingsMain = () => {
                    </Tooltip>
                  </div>
                </div>
-                <div className="form-row">
-                  <label
-                    htmlFor="cspFrameAncestorDomains"
-                    className="text-label"
-                  >
-                    <span className="mr-2">
-                      {intl.formatMessage(messages.cspFrameAncestorDomains)}
-                    </span>
-                    <SettingsBadge badgeType="advanced" className="mr-2" />
-                    <SettingsBadge badgeType="restartRequired" />
-                    <span className="label-tip">
-                      {intl.formatMessage(messages.cspFrameAncestorDomainsTip)}
-                    </span>
-                  </label>
-                  <div className="form-input-area">
-                    <div className="form-input-field">
-                      <Field
-                        id="cspFrameAncestorDomains"
-                        name="cspFrameAncestorDomains"
-                        type="text"
-                        disabled={values.csrfProtection}
-                      />
-                    </div>
-                  </div>
-                </div>
                <div className="form-row">
                  <label htmlFor="cacheImages" className="checkbox-label">
                    <span className="mr-2">
--- a/src/i18n/locale/en.json
+++ b/src/i18n/locale/en.json
@@ -298,6 +298,7 @@
  "components.ManageSlideOver.plays": "<strong>{playCount, number}</strong> {playCount, plural, one {play} other {plays}}",
  "components.ManageSlideOver.removearr": "Remove from {arr}",
  "components.ManageSlideOver.removearr4k": "Remove from 4K {arr}",
+  "components.RequestList.RequestItem.removearr": "Remove from {arr}",
  "components.ManageSlideOver.tvshow": "series",
  "components.MediaSlider.ShowMoreCard.seemore": "See More",
  "components.MovieDetails.MovieCast.fullcast": "Full Cast",
@@ -873,8 +874,6 @@
  "components.Settings.SettingsMain.applicationurl": "Application URL",
  "components.Settings.SettingsMain.cacheImages": "Enable Image Caching",
  "components.Settings.SettingsMain.cacheImagesTip": "Cache externally sourced images (requires a significant amount of disk space)",
-  "components.Settings.SettingsMain.cspFrameAncestorDomains": "Frame-Ancestor Domains",
-  "components.Settings.SettingsMain.cspFrameAncestorDomainsTip": "Domains to allow embedding Jellyseer as iframe, object or embed. Incompatible with CSRF-Protection",
  "components.Settings.SettingsMain.csrfProtection": "Enable CSRF Protection",
  "components.Settings.SettingsMain.csrfProtectionHoverTip": "Do NOT enable this setting unless you understand what you are doing!",
  "components.Settings.SettingsMain.csrfProtectionTip": "Set external API access to read-only (requires HTTPS)",
@@ -1085,7 +1084,7 @@
  "components.Setup.finishing": "Finishing…",
  "components.Setup.servertype": "Choose Server Type",
  "components.Setup.setup": "Setup",
-  "components.Setup.signin": "Sign In",
+  "components.Setup.signin": "Sign in to your account",
  "components.Setup.signinMessage": "Get started by signing in",
  "components.Setup.signinWithEmby": "Enter your Emby details",
  "components.Setup.signinWithJellyfin": "Enter your Jellyfin details",
--- a/src/pages/_app.tsx
+++ b/src/pages/_app.tsx
@@ -17,13 +17,11 @@ import { MediaServerType } from '@server/constants/server';
 import type { PublicSettingsResponse } from '@server/interfaces/api/settingsInterfaces';
 import type { AppInitialProps, AppProps } from 'next/app';
 import App from 'next/app';
-import { Inter } from 'next/font/google';
 import Head from 'next/head';
 import { useEffect, useState } from 'react';
 import { IntlProvider } from 'react-intl';
 import { ToastProvider } from 'react-toast-notifications';
 import { SWRConfig } from 'swr';
-const inter = Inter({ subsets: ['latin'] });

 // eslint-disable-next-line @typescript-eslint/no-explicit-any
 const loadLocaleData = (locale: AvailableLocale): Promise<any> => {
@@ -138,49 +136,47 @@ const CoreApp: Omit<NextAppComponentType, 'origGetInitialProps'> = ({
  }

  return (
-    <main className={inter.className}>
-      <SWRConfig
-        value={{
-          fetcher: async (resource, init) => {
-            const res = await fetch(resource, init);
-            if (!res.ok) throw new Error();
-            return await res.json();
-          },
-          fallback: {
-            '/api/v1/auth/me': user,
-          },
-        }}
-      >
-        <LanguageContext.Provider value={{ locale: currentLocale, setLocale }}>
-          <IntlProvider
-            locale={currentLocale}
-            defaultLocale="en"
-            messages={loadedMessages}
-          >
-            <LoadingBar />
-            <SettingsProvider currentSettings={currentSettings}>
-              <InteractionProvider>
-                <ToastProvider components={{ Toast, ToastContainer }}>
-                  <Head>
-                    <title>{currentSettings.applicationTitle}</title>
-                    <meta
-                      name="viewport"
-                      content="initial-scale=1, viewport-fit=cover, width=device-width"
-                    ></meta>
-                    <PWAHeader
-                      applicationTitle={currentSettings.applicationTitle}
-                    />
-                  </Head>
-                  <StatusChecker />
-                  <ServiceWorkerSetup />
-                  <UserContext initialUser={user}>{component}</UserContext>
-                </ToastProvider>
-              </InteractionProvider>
-            </SettingsProvider>
-          </IntlProvider>
-        </LanguageContext.Provider>
-      </SWRConfig>
-    </main>
+    <SWRConfig
+      value={{
+        fetcher: async (resource, init) => {
+          const res = await fetch(resource, init);
+          if (!res.ok) throw new Error();
+          return await res.json();
+        },
+        fallback: {
+          '/api/v1/auth/me': user,
+        },
+      }}
+    >
+      <LanguageContext.Provider value={{ locale: currentLocale, setLocale }}>
+        <IntlProvider
+          locale={currentLocale}
+          defaultLocale="en"
+          messages={loadedMessages}
+        >
+          <LoadingBar />
+          <SettingsProvider currentSettings={currentSettings}>
+            <InteractionProvider>
+              <ToastProvider components={{ Toast, ToastContainer }}>
+                <Head>
+                  <title>{currentSettings.applicationTitle}</title>
+                  <meta
+                    name="viewport"
+                    content="initial-scale=1, viewport-fit=cover, width=device-width"
+                  ></meta>
+                  <PWAHeader
+                    applicationTitle={currentSettings.applicationTitle}
+                  />
+                </Head>
+                <StatusChecker />
+                <ServiceWorkerSetup />
+                <UserContext initialUser={user}>{component}</UserContext>
+              </ToastProvider>
+            </InteractionProvider>
+          </SettingsProvider>
+        </IntlProvider>
+      </LanguageContext.Provider>
+    </SWRConfig>
  );
 };

--- a/src/pages/_document.tsx
+++ b/src/pages/_document.tsx
@@ -13,7 +13,13 @@ class MyDocument extends Document {
  render(): JSX.Element {
    return (
      <Html>
-        <Head></Head>
+        <Head>
+          <link rel="preconnect" href="https://fonts.gstatic.com" />
+          <link
+            rel="stylesheet"
+            href="https://fonts.googleapis.com/css2?family=Inter:wght@100..900&display=swap"
+          />
+        </Head>
        <body>
          <Main />
          <NextScript />
--- a/src/styles/globals.css
+++ b/src/styles/globals.css
@@ -53,10 +53,6 @@
 }

@layer components {
-  *:disabled {
-    opacity: 0.7;
-  }
-
  .searchbar {
    padding-top: env(safe-area-inset-top);
    height: calc(4rem + env(safe-area-inset-top));
Author	SHA1	Message	Date
Gauthier	497d629207	feat: refresh monitored downloads before getting queue items Currently, we sync with sonarr/radarr with whatever value those return. Radarr/Sonarr syncs the activity from the download clients every few minutes. This leads to inaccurate estimated download times, because of the refresh delay with Jellyseerr and the arrs. This PR fixes this by making a request to the arrs to refresh the monitored downloads just before we get these downloads information. re #866	2024-10-03 18:04:27 +02:00
Gauthier	96e1d40304	fix(session): set the correct TTL for the cookie store (#992 ) The time-to-live (TTL) of cookies stored in the database was incorrect because the connect-typeorm library takes a TTL in seconds and not milliseconds, making cookies valid for ~82 years instead of 30 days. fix #991	2024-10-02 20:59:35 +02:00
Thomas Loubiou	a5d22ba5b8	feat: allow request managers to delete data from sonarr/radarr (#644 ) * feat: allow requests managers to delete media files * fix(i18n): add missing translations * fix(i18n): remove french translation * refactor: use fetch API	2024-09-30 18:56:25 +02:00
Gauthier	f390da4866	fix(blacklist): add blacklist to mobile menu (#980 ) * fix(blacklist): add blacklist to mobile menu The "Blacklist" menu was only available in the desktop sidebar, not in the mobile menu. fix #979 * fix: export translations	2024-09-25 21:25:44 +02:00