mirror of
https://github.com/immich-app/immich.git
synced 2025-12-16 09:13:13 +03:00
15e00f82f0
* feat: add a `maintenance.enabled` config flag
* feat: implement graceful restart
feat: restart when maintenance config is toggled
* feat: boot a stripped down maintenance api if enabled
* feat: cli command to toggle maintenance mode
* chore: fallback IMMICH_SERVER_URL environment variable in process
* chore: add additional routes to maintenance controller
* fix: don't wait for nest application to close to finish request response
* chore: add a failsafe on restart to prevent other exit codes from preventing restart
* feat: redirect into/from maintenance page
* refactor: use system metadata for maintenance status
* refactor: wait on WebSocket connection to refresh
* feat: broadcast websocket event on server restart
refactor: listen to WS instead of polling
* refactor: bubble up maintenance information instead of hijacking in fetch function
feat: show modal when server is restarting
* chore: increase timeout for ungraceful restart
* refactor: deduplicate code between api/maintenance workers
* fix: skip config check if database is not initialised
* fix: add `maintenanceMode` field to system config test
* refactor: move maintenance resolution code to static method in service
* chore: clean up linter issues
* chore: generate dart openapi
* refactor: use try{} block for maintenance mode check
* fix: logic error in server redirect
* chore: include `maintenanceMode` key in e2e test
* chore: add i18n entries for maintenance screens
* chore: remove negated condition from hook
* fix: should set default value not override in service
* fix: minor error in page
* feat: initial draft of maintenance module, repo., worker controller, worker service
* refactor: move broadcast code into notification service
* chore: connect websocket on client if in maintenance
* chore: set maintenance module app name
* refactor: rename repository to include worker
chore: configure websocket adapter
* feat: reimplement maintenance mode exit with new module
* refactor: add a constant enum for ExitCode
* refactor: remove redundant route for maintenance
* refactor: only spin up kysely on boot (rather than a Nest app)
* refactor(web): move redirect logic into +layout file where modal is setup
* feat: add Maintenance permission
* refactor: merge common code between api/maintenance
* fix: propagate changes from the CLI to servers
* feat: maintenance authentication guard
* refactor: unify maintenance code into repository
feat: add a step to generate maintenance mode token
* feat: jwt auth for maintenance
* refactor: switch from nest jwt to just jsonwebtokens
* feat: log into maintenance mode from CLI command
* refactor: use `secret` instead of `token` in jwt terminology
chore: log maintenance mode login URL on boot
chore: don't make CLI actions reload if already in target state
* docs: initial draft for maintenance mode page
* refactor: always validate the maintenance auth on the server
* feat: add a link to maintenance mode documentation
* feat: redirect users back to the last page they were on when exiting maintenance
* refactor: provide closeFn in both maintenance repos.
* refactor: ensure the user is also redirected by the server
* chore: swap jsonwebtoken for jose
* refactor: introduce AppRestartEvent w/o secret passing
* refactor: use navigation goto
* refactor: use `continue` instead of `next`
* chore: lint fixes for server
* chore: lint fixes for web
* test: add mock for maintenance repository
* test: add base service dependency to maintenance
* chore: remove @types/jsonwebtoken
* refactor: close database connection after startup check
* refactor: use `request#auth` key
* refactor: use service instead of repository
chore: read token from cookie if possible
chore: rename client event to AppRestartV1
* refactor: more concise redirect logic on web
* refactor: move redirect check into utils
refactor: update translation strings to be more sensible
* refactor: always validate login (i.e. check cookie)
* refactor: lint, open-api, remove old dto
* refactor: encode at point of usage
* refactor: remove business logic from repositories
* chore: fix server/web lints
* refactor: remove repository mock
* chore: fix formatting
* test: write service mocks for maintenance mode
* test: write cli service tests
* fix: catch errors when closing app
* fix: always report no maintenance when usual API is available
* test: api e2e maintenance spec
* chore: add response builder
* chore: add helper to set maint. auth cookie
* feat: add SSR to maintenance API
* test(e2e): write web spec for maintenance
* chore: clean up lint issues
* chore: format files
* feat: perform 302 redirect at server level during maintenance
* fix: keep trying to stop immich until it succeeds (CLI issue)
* chore: lint/format
* refactor: annotate references to other services in worker service
* chore: lint
* refactor: remove unnecessary await
Co-authored-by: Daniel Dietzler <36593685+danieldietzler@users.noreply.github.com>
* refactor: move static methods into util
* refactor: assert secret exists in maintenance worker
* refactor: remove assertion which isn't necessary anymore
* refactor: remove assertion
* refactor: remove outer try {} catch block from loadMaintenanceAuth
* refactor: undo earlier change to vite.config.ts
* chore: update tests due to refactors
* revert: vite.config.ts
* test: expect string jwt
* chore: move blanket exceptions into controllers
* test: update tests according with last change
* refactor: use respondWithCookie
refactor: merge start/end into one route
refactor: rename MaintenanceRepository to AppRepository
chore: use new ApiTag/Endpoint
refactor: apply other requested changes
* chore: regenerate openapi
* chore: lint/format
* chore: remove secureOnly for maint. cookie
* refactor: move maintenance worker code into src/maintenance\nfix: various test fixes
* refactor: use `action` property for setting maint. mode
* refactor: remove Websocket#restartApp in favour of individual methods
* chore: incomplete commit
* chore: remove stray log
* fix: call exitApp from maintenance worker on exit
* fix: add app repository mock
* fix: ensure maintenance cookies are secure
* fix: run playwright tests over secure context (localhost)
* test: update other references to 127.0.0.1
* refactor: use serverSideEmitWithAck
* chore: correct the logic in tryTerminate
* test: juggle cookies ourselves
* chore: fix lint error for e2e spec
* chore: format e2e test
* fix: set cookie secure/non-secure depending on context
* chore: format files
---------
Co-authored-by: Daniel Dietzler <36593685+danieldietzler@users.noreply.github.com>
320 lines
11 KiB
TypeScript
320 lines
11 KiB
TypeScript
import { LoginResponseDto } from '@immich/sdk';
|
|
import { createUserDto } from 'src/fixtures';
|
|
import { errorDto } from 'src/responses';
|
|
import { app, utils } from 'src/utils';
|
|
import request from 'supertest';
|
|
import { beforeAll, describe, expect, it } from 'vitest';
|
|
|
|
const serverLicense = {
|
|
licenseKey: 'IMSV-6ECZ-91TE-WZRM-Q7AQ-MBN4-UW48-2CPT-71X9',
|
|
activationKey:
|
|
'4kJUNUWMq13J14zqPFm1NodRcI6MV6DeOGvQNIgrM8Sc9nv669wyEVvFw1Nz4Kb1W7zLWblOtXEQzpRRqC4r4fKjewJxfbpeo9sEsqAVIfl4Ero-Vp1Dg21-sVdDGZEAy2oeTCXAyCT5d1JqrqR6N1qTAm4xOx9ujXQRFYhjRG8uwudw7_Q49pF18Tj5OEv9qCqElxztoNck4i6O_azsmsoOQrLIENIWPh3EynBN3ESpYERdCgXO8MlWeuG14_V1HbNjnJPZDuvYg__YfMzoOEtfm1sCqEaJ2Ww-BaX7yGfuCL4XsuZlCQQNHjfscy_WywVfIZPKCiW8QR74i0cSzQ',
|
|
};
|
|
|
|
describe('/server', () => {
|
|
let admin: LoginResponseDto;
|
|
let nonAdmin: LoginResponseDto;
|
|
|
|
beforeAll(async () => {
|
|
await utils.resetDatabase();
|
|
admin = await utils.adminSetup({ onboarding: false });
|
|
nonAdmin = await utils.userSetup(admin.accessToken, createUserDto.user1);
|
|
});
|
|
|
|
describe('GET /server/about', () => {
|
|
it('should require authentication', async () => {
|
|
const { status, body } = await request(app).get('/server/about');
|
|
expect(status).toBe(401);
|
|
expect(body).toEqual(errorDto.unauthorized);
|
|
});
|
|
|
|
it('should return about information', async () => {
|
|
const { status, body } = await request(app)
|
|
.get('/server/about')
|
|
.set('Authorization', `Bearer ${admin.accessToken}`);
|
|
expect(status).toBe(200);
|
|
expect(body).toEqual({
|
|
version: expect.any(String),
|
|
versionUrl: expect.any(String),
|
|
repository: 'immich-app/immich',
|
|
repositoryUrl: 'https://github.com/immich-app/immich',
|
|
build: '1234567890',
|
|
buildUrl: 'https://github.com/immich-app/immich/actions/runs/1234567890',
|
|
buildImage: 'e2e',
|
|
buildImageUrl: 'https://github.com/immich-app/immich/pkgs/container/immich-server',
|
|
sourceRef: 'e2e',
|
|
sourceCommit: 'e2eeeeeeeeeeeeeeeeee',
|
|
sourceUrl: 'https://github.com/immich-app/immich/commit/e2eeeeeeeeeeeeeeeeee',
|
|
nodejs: expect.any(String),
|
|
ffmpeg: expect.any(String),
|
|
imagemagick: expect.any(String),
|
|
libvips: expect.any(String),
|
|
exiftool: expect.any(String),
|
|
licensed: false,
|
|
});
|
|
});
|
|
});
|
|
|
|
describe('GET /server/storage', () => {
|
|
it('should require authentication', async () => {
|
|
const { status, body } = await request(app).get('/server/storage');
|
|
expect(status).toBe(401);
|
|
expect(body).toEqual(errorDto.unauthorized);
|
|
});
|
|
|
|
it('should return the disk information', async () => {
|
|
const { status, body } = await request(app)
|
|
.get('/server/storage')
|
|
.set('Authorization', `Bearer ${admin.accessToken}`);
|
|
expect(status).toBe(200);
|
|
expect(body).toEqual({
|
|
diskAvailable: expect.any(String),
|
|
diskAvailableRaw: expect.any(Number),
|
|
diskSize: expect.any(String),
|
|
diskSizeRaw: expect.any(Number),
|
|
diskUsagePercentage: expect.any(Number),
|
|
diskUse: expect.any(String),
|
|
diskUseRaw: expect.any(Number),
|
|
});
|
|
});
|
|
});
|
|
|
|
describe('GET /server/ping', () => {
|
|
it('should respond with pong', async () => {
|
|
const { status, body } = await request(app).get('/server/ping');
|
|
expect(status).toBe(200);
|
|
expect(body).toEqual({ res: 'pong' });
|
|
});
|
|
});
|
|
|
|
describe('GET /server/version', () => {
|
|
it('should respond with the server version', async () => {
|
|
const { status, body } = await request(app).get('/server/version');
|
|
expect(status).toBe(200);
|
|
expect(body).toEqual({
|
|
major: expect.any(Number),
|
|
minor: expect.any(Number),
|
|
patch: expect.any(Number),
|
|
});
|
|
});
|
|
});
|
|
|
|
describe('GET /server/features', () => {
|
|
it('should respond with the server features', async () => {
|
|
const { status, body } = await request(app).get('/server/features');
|
|
expect(status).toBe(200);
|
|
expect(body).toEqual({
|
|
smartSearch: false,
|
|
configFile: false,
|
|
duplicateDetection: false,
|
|
facialRecognition: false,
|
|
map: true,
|
|
reverseGeocoding: true,
|
|
importFaces: false,
|
|
oauth: false,
|
|
oauthAutoLaunch: false,
|
|
ocr: false,
|
|
passwordLogin: true,
|
|
search: true,
|
|
sidecar: true,
|
|
trash: true,
|
|
email: false,
|
|
});
|
|
});
|
|
});
|
|
|
|
describe('GET /server/config', () => {
|
|
it('should respond with the server configuration', async () => {
|
|
const { status, body } = await request(app).get('/server/config');
|
|
expect(status).toBe(200);
|
|
expect(body).toEqual({
|
|
loginPageMessage: '',
|
|
oauthButtonText: 'Login with OAuth',
|
|
trashDays: 30,
|
|
userDeleteDelay: 7,
|
|
isInitialized: true,
|
|
externalDomain: '',
|
|
publicUsers: true,
|
|
isOnboarded: false,
|
|
maintenanceMode: false,
|
|
mapDarkStyleUrl: 'https://tiles.immich.cloud/v1/style/dark.json',
|
|
mapLightStyleUrl: 'https://tiles.immich.cloud/v1/style/light.json',
|
|
});
|
|
});
|
|
});
|
|
|
|
describe('GET /server/statistics', () => {
|
|
it('should require authentication', async () => {
|
|
const { status, body } = await request(app).get('/server/statistics');
|
|
expect(status).toBe(401);
|
|
expect(body).toEqual(errorDto.unauthorized);
|
|
});
|
|
|
|
it('should only work for admins', async () => {
|
|
const { status, body } = await request(app)
|
|
.get('/server/statistics')
|
|
.set('Authorization', `Bearer ${nonAdmin.accessToken}`);
|
|
expect(status).toBe(403);
|
|
expect(body).toEqual(errorDto.forbidden);
|
|
});
|
|
|
|
it('should return the server stats', async () => {
|
|
const { status, body } = await request(app)
|
|
.get('/server/statistics')
|
|
.set('Authorization', `Bearer ${admin.accessToken}`);
|
|
expect(status).toBe(200);
|
|
expect(body).toEqual({
|
|
photos: 0,
|
|
usage: 0,
|
|
usagePhotos: 0,
|
|
usageVideos: 0,
|
|
usageByUser: [
|
|
{
|
|
quotaSizeInBytes: null,
|
|
photos: 0,
|
|
usage: 0,
|
|
usagePhotos: 0,
|
|
usageVideos: 0,
|
|
userName: 'Immich Admin',
|
|
userId: admin.userId,
|
|
videos: 0,
|
|
},
|
|
{
|
|
quotaSizeInBytes: null,
|
|
photos: 0,
|
|
usage: 0,
|
|
usagePhotos: 0,
|
|
usageVideos: 0,
|
|
userName: 'User 1',
|
|
userId: nonAdmin.userId,
|
|
videos: 0,
|
|
},
|
|
],
|
|
videos: 0,
|
|
});
|
|
});
|
|
});
|
|
|
|
describe('GET /server/media-types', () => {
|
|
it('should return accepted media types', async () => {
|
|
const { status, body } = await request(app).get('/server/media-types');
|
|
expect(status).toBe(200);
|
|
expect(body).toEqual({
|
|
sidecar: ['.xmp'],
|
|
image: expect.any(Array),
|
|
video: expect.any(Array),
|
|
});
|
|
});
|
|
});
|
|
|
|
describe('GET /server/theme', () => {
|
|
it('should respond with the server theme', async () => {
|
|
const { status, body } = await request(app).get('/server/theme');
|
|
expect(status).toBe(200);
|
|
expect(body).toEqual({
|
|
customCss: '',
|
|
});
|
|
});
|
|
});
|
|
|
|
describe('GET /server/license', () => {
|
|
it('should require authentication', async () => {
|
|
const { status, body } = await request(app).get('/server/license');
|
|
expect(status).toBe(401);
|
|
expect(body).toEqual(errorDto.unauthorized);
|
|
});
|
|
|
|
it('should only work for admins', async () => {
|
|
const { status, body } = await request(app)
|
|
.get('/server/license')
|
|
.set('Authorization', `Bearer ${nonAdmin.accessToken}`);
|
|
expect(status).toBe(403);
|
|
expect(body).toEqual(errorDto.forbidden);
|
|
});
|
|
|
|
it('should return the server license', async () => {
|
|
await request(app).put('/server/license').set('Authorization', `Bearer ${admin.accessToken}`).send(serverLicense);
|
|
const { status, body } = await request(app)
|
|
.get('/server/license')
|
|
.set('Authorization', `Bearer ${admin.accessToken}`);
|
|
expect(status).toBe(200);
|
|
expect(body).toEqual({
|
|
...serverLicense,
|
|
activatedAt: expect.any(String),
|
|
});
|
|
});
|
|
});
|
|
|
|
describe('DELETE /server/license', () => {
|
|
it('should require authentication', async () => {
|
|
const { status, body } = await request(app).delete('/server/license');
|
|
expect(status).toBe(401);
|
|
expect(body).toEqual(errorDto.unauthorized);
|
|
});
|
|
|
|
it('should only work for admins', async () => {
|
|
const { status, body } = await request(app)
|
|
.delete('/server/license')
|
|
.set('Authorization', `Bearer ${nonAdmin.accessToken}`);
|
|
expect(status).toBe(403);
|
|
expect(body).toEqual(errorDto.forbidden);
|
|
});
|
|
|
|
it('should delete the server license', async () => {
|
|
await request(app)
|
|
.delete('/server/license')
|
|
.set('Authorization', `Bearer ${admin.accessToken}`)
|
|
.send(serverLicense);
|
|
const { status } = await request(app).get('/server/license').set('Authorization', `Bearer ${admin.accessToken}`);
|
|
expect(status).toBe(404);
|
|
});
|
|
});
|
|
|
|
describe('PUT /server/license', () => {
|
|
it('should require authentication', async () => {
|
|
const { status, body } = await request(app).put('/server/license');
|
|
expect(status).toBe(401);
|
|
expect(body).toEqual(errorDto.unauthorized);
|
|
});
|
|
|
|
it('should only work for admins', async () => {
|
|
const { status, body } = await request(app)
|
|
.put('/server/license')
|
|
.set('Authorization', `Bearer ${nonAdmin.accessToken}`);
|
|
expect(status).toBe(403);
|
|
expect(body).toEqual(errorDto.forbidden);
|
|
});
|
|
|
|
it('should set the server license', async () => {
|
|
const { status, body } = await request(app)
|
|
.put('/server/license')
|
|
.set('Authorization', `Bearer ${admin.accessToken}`)
|
|
.send(serverLicense);
|
|
expect(status).toBe(200);
|
|
expect(body).toEqual({ ...serverLicense, activatedAt: expect.any(String) });
|
|
const { body: licenseBody } = await request(app)
|
|
.get('/server/license')
|
|
.set('Authorization', `Bearer ${admin.accessToken}`);
|
|
expect(licenseBody).toEqual({ ...serverLicense, activatedAt: expect.any(String) });
|
|
});
|
|
|
|
it('should reject license not starting with IMSV-', async () => {
|
|
const { status, body } = await request(app)
|
|
.put('/server/license')
|
|
.set('Authorization', `Bearer ${admin.accessToken}`)
|
|
.send({ licenseKey: 'IMCL-ABCD-ABCD-ABCD-ABCD-ABCD-ABCD-ABCD-ABCD', activationKey: 'activationKey' });
|
|
expect(status).toBe(400);
|
|
expect(body.message).toBe('Invalid license key');
|
|
});
|
|
|
|
it('should reject license with invalid activation key', async () => {
|
|
const { status, body } = await request(app)
|
|
.put('/server/license')
|
|
.set('Authorization', `Bearer ${admin.accessToken}`)
|
|
.send({ licenseKey: serverLicense.licenseKey, activationKey: `invalid${serverLicense.activationKey}` });
|
|
expect(status).toBe(400);
|
|
expect(body.message).toBe('Invalid license key');
|
|
});
|
|
});
|
|
});
|