cjones/immich
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

separate and implement album READ and WRITE permission

Browse Source
This commit is contained in:
mgabor
2024-04-12 11:10:22 +02:00
parent 156cfb5820
commit 48149e4384
7 changed files with 51 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files
server/src/cores/access.core.ts
+21 -2
View File
@@ -20,6 +20,7 @@ export enum Permission {
// ALBUM_CREATE = 'album.create',
ALBUM_READ = 'album.read',
ALBUM_WRITE = 'album.write',
ALBUM_UPDATE = 'album.update',
ALBUM_DELETE = 'album.delete',
ALBUM_REMOVE_ASSET = 'album.removeAsset',
@@ -215,7 +216,21 @@ export class AccessCore {
case Permission.ALBUM_READ: {
const isOwner = await this.repository.album.checkOwnerAccess(auth.user.id, ids);
const isShared = await this.repository.album.checkSharedAlbumAccess(auth.user.id, setDifference(ids, isOwner));
const isShared = await this.repository.album.checkSharedAlbumAccess(
auth.user.id,
setDifference(ids, isOwner),
'read',
);
return setUnion(isOwner, isShared);
}
case Permission.ALBUM_WRITE: {
const isOwner = await this.repository.album.checkOwnerAccess(auth.user.id, ids);
const isShared = await this.repository.album.checkSharedAlbumAccess(
auth.user.id,
setDifference(ids, isOwner),
'write',
);
return setUnion(isOwner, isShared);
}
@@ -233,7 +248,11 @@ export class AccessCore {
case Permission.ALBUM_DOWNLOAD: {
const isOwner = await this.repository.album.checkOwnerAccess(auth.user.id, ids);
const isShared = await this.repository.album.checkSharedAlbumAccess(auth.user.id, setDifference(ids, isOwner));
const isShared = await this.repository.album.checkSharedAlbumAccess(
auth.user.id,
setDifference(ids, isOwner),
'read',
);
return setUnion(isOwner, isShared);
}