Merge branch 'immich-app:main' into feat/samsung-raw-and-fujifilm-raf

server/Dockerfile

@@ -2,7 +2,7 @@ FROM node:16-alpine3.14 as builder
 
 WORKDIR /usr/src/app
 
-RUN apk add --update-cache build-base python3 libheif vips-dev ffmpeg exiftool perl
+RUN apk add --update-cache build-base python3 libheif vips-dev ffmpeg perl
 
 COPY package.json package-lock.json ./
 
@@ -14,14 +14,14 @@ COPY . .
 FROM builder as prod
 
 RUN npm run build
-RUN npm prune --omit=dev
+RUN npm prune --omit=dev --omit=optional
 
 
 FROM node:16-alpine3.14
 
 WORKDIR /usr/src/app
 
-RUN apk add --no-cache libheif vips ffmpeg exiftool perl
+RUN apk add --no-cache libheif vips ffmpeg perl
 
 COPY --from=prod /usr/src/app/node_modules ./node_modules
 COPY --from=prod /usr/src/app/dist ./dist
@@ -32,7 +32,7 @@ COPY LICENSE /LICENSE
 COPY package.json package-lock.json ./
 COPY start-server.sh start-microservices.sh ./
 
-RUN npm link
+RUN npm link && npm cache clean --force
 
 VOLUME /usr/src/app/upload
 

server/apps/immich/src/api-v1/asset/asset.controller.ts

@@ -15,6 +15,7 @@ import {
   Put,
   UploadedFiles,
   Patch,
+  StreamableFile,
 } from '@nestjs/common';
 import { Authenticated } from '../../decorators/authenticated.decorator';
 import { AssetService } from './asset.service';
@@ -28,7 +29,7 @@ import { CheckDuplicateAssetDto } from './dto/check-duplicate-asset.dto';
 import { ApiBearerAuth, ApiBody, ApiConsumes, ApiHeader, ApiTags } from '@nestjs/swagger';
 import { CuratedObjectsResponseDto } from './response-dto/curated-objects-response.dto';
 import { CuratedLocationsResponseDto } from './response-dto/curated-locations-response.dto';
-import { AssetResponseDto } from '@app/domain';
+import { AssetResponseDto, ImmichReadStream } from '@app/domain';
 import { CheckDuplicateAssetResponseDto } from './response-dto/check-duplicate-asset-response.dto';
 import { AssetFileUploadDto } from './dto/asset-file-upload.dto';
 import { CreateAssetDto, mapToUploadFile } from './dto/create-asset.dto';
@@ -55,6 +56,10 @@ import { UpdateAssetsToSharedLinkDto } from './dto/add-assets-to-shared-link.dto
 import { AssetSearchDto } from './dto/asset-search.dto';
 import { assetUploadOption, ImmichFile } from '../../config/asset-upload.config';
 
+function asStreamableFile({ stream, type, length }: ImmichReadStream) {
+  return new StreamableFile(stream, { type, length });
+}
+
 @ApiBearerAuth()
 @ApiTags('Asset')
 @Controller('asset')
@@ -92,7 +97,7 @@ export class AssetController {
 
     const responseDto = await this.assetService.uploadFile(authUser, dto, file, livePhotoFile);
     if (responseDto.duplicate) {
-      res.send(200);
+      res.status(200);
     }
 
     return responseDto;
@@ -103,12 +108,9 @@ export class AssetController {
   async downloadFile(
     @GetAuthUser() authUser: AuthUserDto,
     @Response({ passthrough: true }) res: Res,
-    @Query(new ValidationPipe({ transform: true })) query: ServeFileDto,
     @Param('assetId') assetId: string,
   ): Promise<any> {
-    this.assetService.checkDownloadAccess(authUser);
-    await this.assetService.checkAssetsAccess(authUser, [assetId]);
-    return this.assetService.downloadFile(query, assetId, res);
+    return this.assetService.downloadFile(authUser, assetId).then(asStreamableFile);
   }
 
   @Authenticated({ isShared: true })

server/apps/immich/src/api-v1/asset/asset.service.spec.ts

@@ -9,12 +9,13 @@ import { AssetCountByUserIdResponseDto } from './response-dto/asset-count-by-use
 import { DownloadService } from '../../modules/download/download.service';
 import { AlbumRepository, IAlbumRepository } from '../album/album-repository';
 import { StorageService } from '@app/storage';
-import { ICryptoRepository, IJobRepository, ISharedLinkRepository, JobName } from '@app/domain';
+import { ICryptoRepository, IJobRepository, ISharedLinkRepository, IStorageRepository, JobName } from '@app/domain';
 import {
   authStub,
   newCryptoRepositoryMock,
   newJobRepositoryMock,
   newSharedLinkRepositoryMock,
+  newStorageRepositoryMock,
   sharedLinkResponseStub,
   sharedLinkStub,
 } from '@app/domain/../test';
@@ -110,6 +111,7 @@ describe('AssetService', () => {
   let sharedLinkRepositoryMock: jest.Mocked<ISharedLinkRepository>;
   let cryptoMock: jest.Mocked<ICryptoRepository>;
   let jobMock: jest.Mocked<IJobRepository>;
+  let storageMock: jest.Mocked<IStorageRepository>;
 
   beforeEach(() => {
     assetRepositoryMock = {
@@ -154,6 +156,7 @@ describe('AssetService', () => {
     sharedLinkRepositoryMock = newSharedLinkRepositoryMock();
     jobMock = newJobRepositoryMock();
     cryptoMock = newCryptoRepositoryMock();
+    storageMock = newStorageRepositoryMock();
 
     sut = new AssetService(
       assetRepositoryMock,
@@ -164,6 +167,7 @@ describe('AssetService', () => {
       sharedLinkRepositoryMock,
       jobMock,
       cryptoMock,
+      storageMock,
     );
   });
 
@@ -413,4 +417,15 @@ describe('AssetService', () => {
       expect(() => sut.checkDownloadAccess(authStub.readonlySharedLink)).toThrow(ForbiddenException);
     });
   });
+
+  describe('downloadFile', () => {
+    it('should download a single file', async () => {
+      assetRepositoryMock.countByIdAndUser.mockResolvedValue(1);
+      assetRepositoryMock.get.mockResolvedValue(_getAsset_1());
+
+      await sut.downloadFile(authStub.admin, 'id_1');
+
+      expect(storageMock.createReadStream).toHaveBeenCalledWith('fake_path/asset_1.jpeg', 'image/jpeg');
+    });
+  });
 });

server/apps/immich/src/api-v1/asset/asset.service.ts

@@ -10,7 +10,6 @@ import {
   StreamableFile,
 } from '@nestjs/common';
 import { InjectRepository } from '@nestjs/typeorm';
-import { createHash } from 'node:crypto';
 import { QueryFailedError, Repository } from 'typeorm';
 import { AuthUserDto } from '../../decorators/auth-user.decorator';
 import { AssetEntity, AssetType, SharedLinkType } from '@app/infra';
@@ -23,7 +22,14 @@ import { SearchAssetDto } from './dto/search-asset.dto';
 import fs from 'fs/promises';
 import { CheckDuplicateAssetDto } from './dto/check-duplicate-asset.dto';
 import { CuratedObjectsResponseDto } from './response-dto/curated-objects-response.dto';
-import { AssetResponseDto, JobName, mapAsset, mapAssetWithoutExif } from '@app/domain';
+import {
+  AssetResponseDto,
+  ImmichReadStream,
+  IStorageRepository,
+  JobName,
+  mapAsset,
+  mapAssetWithoutExif,
+} from '@app/domain';
 import { CreateAssetDto, UploadFile } from './dto/create-asset.dto';
 import { DeleteAssetResponseDto, DeleteAssetStatusEnum } from './response-dto/delete-asset-response.dto';
 import { GetAssetThumbnailDto, GetAssetThumbnailFormatEnum } from './dto/get-asset-thumbnail.dto';
@@ -73,6 +79,7 @@ export class AssetService {
     @Inject(ISharedLinkRepository) sharedLinkRepository: ISharedLinkRepository,
     @Inject(IJobRepository) private jobRepository: IJobRepository,
     @Inject(ICryptoRepository) cryptoRepository: ICryptoRepository,
+    @Inject(IStorageRepository) private storage: IStorageRepository,
   ) {
     this.assetCore = new AssetCore(_assetRepository, jobRepository, storageService);
     this.shareCore = new ShareCore(sharedLinkRepository, cryptoRepository);
@@ -189,62 +196,21 @@ export class AssetService {
     return this.downloadService.downloadArchive(`immich-${now}`, assetToDownload);
   }
 
-  public async downloadFile(query: ServeFileDto, assetId: string, res: Res) {
+  public async downloadFile(authUser: AuthUserDto, assetId: string): Promise<ImmichReadStream> {
+    this.checkDownloadAccess(authUser);
+    await this.checkAssetsAccess(authUser, [assetId]);
+
     try {
-      let fileReadStream = null;
-      const asset = await this._assetRepository.getById(assetId);
-
-      // Download Video
-      if (asset.type === AssetType.VIDEO) {
-        const { size } = await fileInfo(asset.originalPath);
-
-        res.set({
-          'Content-Type': asset.mimeType,
-          'Content-Length': size,
-        });
-
-        await fs.access(asset.originalPath, constants.R_OK | constants.W_OK);
-        fileReadStream = createReadStream(asset.originalPath);
-      } else {
-        // Download Image
-        if (!query.isThumb) {
-          /**
-           * Download Image Original File
-           */
-          const { size } = await fileInfo(asset.originalPath);
-
-          res.set({
-            'Content-Type': asset.mimeType,
-            'Content-Length': size,
-          });
-
-          await fs.access(asset.originalPath, constants.R_OK | constants.W_OK);
-          fileReadStream = createReadStream(asset.originalPath);
-        } else {
-          /**
-           * Download Image Resize File
-           */
-          if (!asset.resizePath) {
-            throw new NotFoundException('resizePath not set');
-          }
-
-          const { size } = await fileInfo(asset.resizePath);
-
-          res.set({
-            'Content-Type': 'image/jpeg',
-            'Content-Length': size,
-          });
-
-          await fs.access(asset.resizePath, constants.R_OK | constants.W_OK);
-          fileReadStream = createReadStream(asset.resizePath);
-        }
+      const asset = await this._assetRepository.get(assetId);
+      if (asset && asset.originalPath && asset.mimeType) {
+        return this.storage.createReadStream(asset.originalPath, asset.mimeType);
       }
-
-      return new StreamableFile(fileReadStream);
     } catch (e) {
       Logger.error(`Error download asset ${e}`, 'downloadFile');
       throw new InternalServerErrorException(`Failed to download asset ${e}`, 'DownloadFile');
     }
+
+    throw new NotFoundException();
   }
 
   public async getAssetThumbnail(
@@ -255,8 +221,7 @@ export class AssetService {
   ) {
     let fileReadStream: ReadStream;
 
-    const asset = await this.assetRepository.findOne({ where: { id: assetId } });
-
+    const asset = await this._assetRepository.get(assetId);
     if (!asset) {
       throw new NotFoundException('Asset not found');
     }
@@ -460,7 +425,7 @@ export class AssetService {
       try {
         await this._assetRepository.remove(asset);
 
-        result.push({ id: asset.id, status: DeleteAssetStatusEnum.SUCCESS });
+        result.push({ id, status: DeleteAssetStatusEnum.SUCCESS });
         deleteQueue.push(asset as any);
 
         // TODO refactor this to use cascades
@@ -584,18 +549,6 @@ export class AssetService {
     return this._assetRepository.getAssetByChecksum(userId, checksum);
   }
 
-  calculateChecksum(filePath: string): Promise<Buffer> {
-    const fileReadStream = createReadStream(filePath);
-    const sha1Hash = createHash('sha1');
-    const deferred = new Promise<Buffer>((resolve, reject) => {
-      sha1Hash.once('error', (err) => reject(err));
-      sha1Hash.once('finish', () => resolve(sha1Hash.read()));
-    });
-
-    fileReadStream.pipe(sha1Hash);
-    return deferred;
-  }
-
   getAssetCountByUserId(authUser: AuthUserDto): Promise<AssetCountByUserIdResponseDto> {
     return this._assetRepository.getAssetCountByUserId(authUser.id);
   }

server/apps/immich/src/api-v1/job/job.module.ts

@@ -1,14 +1,10 @@
 import { Module } from '@nestjs/common';
 import { JobService } from './job.service';
 import { JobController } from './job.controller';
-import { TypeOrmModule } from '@nestjs/typeorm';
-import { ExifEntity } from '@app/infra';
-import { TagModule } from '../tag/tag.module';
 import { AssetModule } from '../asset/asset.module';
-import { StorageModule } from '@app/storage';
 
 @Module({
-  imports: [TypeOrmModule.forFeature([ExifEntity]), TagModule, AssetModule, StorageModule],
+  imports: [AssetModule],
   controllers: [JobController],
   providers: [JobService],
 })

server/apps/immich/src/app.module.ts

@@ -1,5 +1,5 @@
 import { immichAppConfig } from '@app/common/config';
-import { MiddlewareConsumer, Module, NestModule } from '@nestjs/common';
+import { Module } from '@nestjs/common';
 import { AssetModule } from './api-v1/asset/asset.module';
 import { ConfigModule } from '@nestjs/config';
 import { ServerInfoModule } from './api-v1/server-info/server-info.module';
@@ -61,12 +61,4 @@ import { AuthGuard } from './middlewares/auth.guard';
   ],
   providers: [{ provide: APP_GUARD, useExisting: AuthGuard }, AuthGuard],
 })
-export class AppModule implements NestModule {
-  // TODO: check if consumer is needed or remove
-  // eslint-disable-next-line @typescript-eslint/no-unused-vars
-  configure(consumer: MiddlewareConsumer): void {
-    if (process.env.NODE_ENV == 'development') {
-      // consumer.apply(AppLoggerMiddleware).forRoutes('*');
-    }
-  }
-}
+export class AppModule {}

server/apps/immich/src/middlewares/app-logger.middleware.ts

@@ -1,22 +0,0 @@
-import { Injectable, NestMiddleware, Logger } from '@nestjs/common';
-
-import { Request, Response, NextFunction } from 'express';
-
-@Injectable()
-export class AppLoggerMiddleware implements NestMiddleware {
-  private logger = new Logger('HTTP');
-
-  use(request: Request, response: Response, next: NextFunction): void {
-    const { ip, method, baseUrl } = request;
-    const userAgent = request.get('user-agent') || '';
-
-    response.on('close', () => {
-      const { statusCode } = response;
-      const contentLength = response.get('content-length');
-
-      this.logger.log(`${method} ${baseUrl} ${statusCode} ${contentLength} - ${userAgent} ${ip}`);
-    });
-
-    next();
-  }
-}

server/immich-openapi-specs.json

@@ -1109,24 +1109,6 @@
         "operationId": "downloadFile",
         "description": "",
         "parameters": [
-          {
-            "name": "isThumb",
-            "required": false,
-            "in": "query",
-            "schema": {
-              "title": "Is serve thumbnail (resize) file",
-              "type": "boolean"
-            }
-          },
-          {
-            "name": "isWeb",
-            "required": false,
-            "in": "query",
-            "schema": {
-              "title": "Is request made from web",
-              "type": "boolean"
-            }
-          },
           {
             "name": "assetId",
             "required": true,
@@ -2707,7 +2689,7 @@
   "info": {
     "title": "Immich",
     "description": "Immich API",
-    "version": "1.43.1",
+    "version": "1.45.0",
     "contact": {}
   },
   "tags": [],

server/libs/domain/src/auth/auth.core.ts

@@ -6,11 +6,6 @@ import { ICryptoRepository } from '../crypto/crypto.repository';
 import { LoginResponseDto, mapLoginResponse } from './response-dto';
 import { IUserTokenRepository, UserTokenCore } from '../user-token';
 
-export type JwtValidationResult = {
-  status: boolean;
-  userId: string | null;
-};
-
 export class AuthCore {
   private userTokenCore: UserTokenCore;
   constructor(

server/libs/domain/src/auth/dto/index.ts

@@ -1,5 +1,4 @@
 export * from './auth-user.dto';
 export * from './change-password.dto';
-export * from './jwt-payload.dto';
 export * from './login-credential.dto';
 export * from './sign-up.dto';

server/libs/domain/src/auth/dto/jwt-payload.dto.ts

@@ -1,4 +0,0 @@
-export class JwtPayloadDto {
-  userId!: string;
-  email!: string;
-}

server/libs/domain/src/index.ts

@@ -8,6 +8,7 @@ export * from './domain.module';
 export * from './job';
 export * from './oauth';
 export * from './share';
+export * from './storage';
 export * from './system-config';
 export * from './tag';
 export * from './user';

server/libs/domain/src/storage/index.ts

@@ -0,0 +1 @@
+export * from './storage.repository';

server/libs/domain/src/storage/storage.repository.ts

@@ -0,0 +1,13 @@
+import { ReadStream } from 'fs';
+
+export interface ImmichReadStream {
+  stream: ReadStream;
+  type: string;
+  length: number;
+}
+
+export const IStorageRepository = 'IStorageRepository';
+
+export interface IStorageRepository {
+  createReadStream(filepath: string, mimeType: string): Promise<ImmichReadStream>;
+}

server/libs/domain/test/index.ts

@@ -4,6 +4,7 @@ export * from './device-info.repository.mock';
 export * from './fixtures';
 export * from './job.repository.mock';
 export * from './shared-link.repository.mock';
+export * from './storage.repository.mock';
 export * from './system-config.repository.mock';
 export * from './user-token.repository.mock';
 export * from './user.repository.mock';

server/libs/domain/test/storage.repository.mock.ts

@@ -0,0 +1,7 @@
+import { IStorageRepository } from '../src';
+
+export const newStorageRepositoryMock = (): jest.Mocked<IStorageRepository> => {
+  return {
+    createReadStream: jest.fn(),
+  };
+};

server/libs/infra/src/infra.module.ts

@@ -4,6 +4,7 @@ import {
   IJobRepository,
   IKeyRepository,
   ISharedLinkRepository,
+  IStorageRepository,
   ISystemConfigRepository,
   IUserRepository,
   QueueName,
@@ -29,6 +30,7 @@ import {
   UserTokenEntity,
 } from './db';
 import { JobRepository } from './job';
+import { FilesystemProvider } from './storage';
 
 const providers: Provider[] = [
   { provide: ICryptoRepository, useClass: CryptoRepository },
@@ -36,6 +38,7 @@ const providers: Provider[] = [
   { provide: IKeyRepository, useClass: APIKeyRepository },
   { provide: IJobRepository, useClass: JobRepository },
   { provide: ISharedLinkRepository, useClass: SharedLinkRepository },
+  { provide: IStorageRepository, useClass: FilesystemProvider },
   { provide: ISystemConfigRepository, useClass: SystemConfigRepository },
   { provide: IUserRepository, useClass: UserRepository },
   { provide: IUserTokenRepository, useClass: UserTokenRepository },

server/libs/infra/src/storage/filesystem.provider.ts

@@ -0,0 +1,18 @@
+import { ImmichReadStream, IStorageRepository } from '@app/domain';
+import { constants, createReadStream, stat } from 'fs';
+import fs from 'fs/promises';
+import { promisify } from 'util';
+
+const fileInfo = promisify(stat);
+
+export class FilesystemProvider implements IStorageRepository {
+  async createReadStream(filepath: string, mimeType: string): Promise<ImmichReadStream> {
+    const { size } = await fileInfo(filepath);
+    await fs.access(filepath, constants.R_OK | constants.W_OK);
+    return {
+      stream: createReadStream(filepath),
+      length: size,
+      type: mimeType,
+    };
+  }
+}

server/libs/infra/src/storage/index.ts

@@ -0,0 +1 @@
+export * from './filesystem.provider';

server/package.json

@@ -1,6 +1,6 @@
 {
   "name": "immich",
-  "version": "1.44.0",
+  "version": "1.45.0",
   "description": "",
   "author": "",
   "private": true,
@@ -42,7 +42,6 @@
     "@nestjs/common": "^9.2.1",
     "@nestjs/config": "^2.2.0",
     "@nestjs/core": "^9.2.1",
-    "@nestjs/mapped-types": "1.2.0",
     "@nestjs/platform-express": "^9.2.1",
     "@nestjs/platform-socket.io": "^9.2.1",
     "@nestjs/schedule": "^2.1.0",
@@ -58,15 +57,11 @@
     "class-validator": "^0.13.2",
     "cookie-parser": "^1.4.6",
     "diskusage": "^1.1.3",
-    "dotenv": "^14.2.0",
     "exiftool-vendored": "^19.0.0",
-    "fdir": "^5.3.0",
+    "exiftool-vendored.pl": "^12.54.0",
     "fluent-ffmpeg": "^2.1.2",
-    "geo-tz": "^7.0.2",
     "handlebars": "^4.7.7",
     "i18n-iso-countries": "^7.5.0",
-    "ioredis": "^5.2.4",
-    "jest-when": "^3.5.2",
     "joi": "^17.5.0",
     "local-reverse-geocoder": "0.12.5",
     "lodash": "^4.17.21",
@@ -77,11 +72,9 @@
     "pg": "^8.8.0",
     "redis": "^4.5.1",
     "reflect-metadata": "^0.1.13",
-    "rimraf": "^3.0.2",
     "rxjs": "^7.2.0",
     "sanitize-filename": "^1.6.3",
     "sharp": "^0.28.0",
-    "systeminformation": "^5.11.0",
     "typeorm": "^0.3.11"
   },
   "devDependencies": {
@@ -107,11 +100,14 @@
     "@types/supertest": "^2.0.11",
     "@typescript-eslint/eslint-plugin": "^5.48.1",
     "@typescript-eslint/parser": "^5.48.1",
+    "dotenv": "^14.2.0",
     "eslint": "^8.31.0",
     "eslint-config-prettier": "^8.3.0",
     "eslint-plugin-prettier": "^4.0.0",
     "jest": "^27.2.5",
+    "jest-when": "^3.5.2",
     "prettier": "^2.3.2",
+    "rimraf": "^3.0.2",
     "source-map-support": "^0.5.20",
     "supertest": "^6.1.3",
     "ts-jest": "^27.0.3",