immich-app/immich
1
0
Fork 0
mirror of https://github.com/immich-app/immich.git synced 2025-12-29 09:14:59 +03:00
Code Issues Packages Projects Releases 18 Wiki Activity

refactor: access repository (#15490)

Browse Source
This commit is contained in:
Jason Rasmussen
2025-01-21 11:09:24 -05:00
committed by GitHub
parent 318dd32363
commit b0cdd8f475
9 changed files with 75 additions and 152 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
server/src/utils/access.ts
View File

@@ -2,7 +2,7 @@ import { BadRequestException, UnauthorizedException } from '@nestjs/common';
import { AuthDto } from 'src/dtos/auth.dto';
import { SharedLinkEntity } from 'src/entities/shared-link.entity';
import { AlbumUserRole, Permission } from 'src/enum';
import { IAccessRepository } from 'src/interfaces/access.interface';
import { AccessRepository } from 'src/repositories/access.repository';
import { setDifference, setIsEqual, setIsSuperset, setUnion } from 'src/utils/set';
export type GrantedRequest = {
@@ -34,7 +34,7 @@ export const requireUploadAccess = (auth: AuthDto | null): AuthDto => {
return auth;
};
export const requireAccess = async (access: IAccessRepository, request: AccessRequest) => {
export const requireAccess = async (access: AccessRepository, request: AccessRequest) => {
const allowedIds = await checkAccess(access, request);
if (!setIsEqual(new Set(request.ids), allowedIds)) {
throw new BadRequestException(`Not found or no ${request.permission} access`);
@@ -42,7 +42,7 @@ export const requireAccess = async (access: IAccessRepository, request: AccessRe
};
export const checkAccess = async (
access: IAccessRepository,
access: AccessRepository,
{ ids, auth, permission }: AccessRequest,
): Promise<Set<string>> => {
const idSet = Array.isArray(ids) ? new Set(ids) : ids;
@@ -56,7 +56,7 @@ export const checkAccess = async (
};
const checkSharedLinkAccess = async (
access: IAccessRepository,
access: AccessRepository,
request: SharedLinkAccessRequest,
): Promise<Set<string>> => {
const { sharedLink, permission, ids } = request;
@@ -102,7 +102,7 @@ const checkSharedLinkAccess = async (
}
};
const checkOtherAccess = async (access: IAccessRepository, request: OtherAccessRequest): Promise<Set<string>> => {
const checkOtherAccess = async (access: AccessRepository, request: OtherAccessRequest): Promise<Set<string>> => {
const { auth, permission, ids } = request;
switch (permission) {

6
server/src/utils/asset.util.ts
View File

@@ -5,12 +5,12 @@ import { UploadFieldName } from 'src/dtos/asset-media.dto';
import { AuthDto } from 'src/dtos/auth.dto';
import { AssetFileEntity } from 'src/entities/asset-files.entity';
import { AssetFileType, AssetType, Permission } from 'src/enum';
import { IAccessRepository } from 'src/interfaces/access.interface';
import { IAssetRepository } from 'src/interfaces/asset.interface';
import { IEventRepository } from 'src/interfaces/event.interface';
import { IPartnerRepository } from 'src/interfaces/partner.interface';
import { AuthRequest } from 'src/middleware/auth.guard';
import { ImmichFile } from 'src/middleware/file-upload.interceptor';
import { AccessRepository } from 'src/repositories/access.repository';
import { UploadFile } from 'src/services/asset-media.service';
import { checkAccess } from 'src/utils/access';
@@ -31,7 +31,7 @@ export const getAssetFiles = (files?: AssetFileEntity[]) => ({
export const addAssets = async (
auth: AuthDto,
repositories: { access: IAccessRepository; bulk: IBulkAsset },
repositories: { access: AccessRepository; bulk: IBulkAsset },
dto: { parentId: string; assetIds: string[] },
) => {
const { access, bulk } = repositories;
@@ -71,7 +71,7 @@ export const addAssets = async (
export const removeAssets = async (
auth: AuthDto,
repositories: { access: IAccessRepository; bulk: IBulkAsset },
repositories: { access: AccessRepository; bulk: IBulkAsset },
dto: { parentId: string; assetIds: string[]; canAlwaysRemove: Permission },
) => {
const { access, bulk } = repositories;