rename and separate ALBUM_WRITE as ADD_ASSET and REMOVE_ASSET

server/src/cores/access.core.ts

@@ -21,9 +21,9 @@ export enum Permission {
 
   // ALBUM_CREATE = 'album.create',
   ALBUM_READ = 'album.read',
-  ALBUM_WRITE = 'album.write',
   ALBUM_UPDATE = 'album.update',
   ALBUM_DELETE = 'album.delete',
+  ALBUM_ADD_ASSET = 'album.addAsset',
   ALBUM_REMOVE_ASSET = 'album.removeAsset',
   ALBUM_SHARE = 'album.share',
   ALBUM_DOWNLOAD = 'album.download',
@@ -144,7 +144,7 @@ export class AccessCore {
           : new Set();
       }
 
-      case Permission.ALBUM_WRITE: {
+      case Permission.ALBUM_ADD_ASSET: {
         return sharedLink.allowUpload
           ? await this.repository.album.checkSharedLinkAccess(sharedLinkId, ids)
           : new Set();
@@ -231,7 +231,7 @@ export class AccessCore {
         return setUnion(isOwner, isShared);
       }
 
-      case Permission.ALBUM_WRITE: {
+      case Permission.ALBUM_ADD_ASSET: {
         const isOwner = await this.repository.album.checkOwnerAccess(auth.user.id, ids);
         const isShared = await this.repository.album.checkSharedAlbumAccess(
           auth.user.id,

server/src/services/album.service.ts

@@ -169,7 +169,7 @@ export class AlbumService {
 
   async addAssets(auth: AuthDto, id: string, dto: BulkIdsDto): Promise<BulkIdResponseDto[]> {
     const album = await this.findOrFail(id, { withAssets: false });
-    await this.access.requirePermission(auth, Permission.ALBUM_WRITE, id);
+    await this.access.requirePermission(auth, Permission.ALBUM_ADD_ASSET, id);
 
     const results = await addAssets(
       auth,
@@ -192,7 +192,7 @@ export class AlbumService {
   async removeAssets(auth: AuthDto, id: string, dto: BulkIdsDto): Promise<BulkIdResponseDto[]> {
     const album = await this.findOrFail(id, { withAssets: false });
 
-    await this.access.requirePermission(auth, Permission.ALBUM_WRITE, id);
+    await this.access.requirePermission(auth, Permission.ALBUM_REMOVE_ASSET, id);
 
     const results = await removeAssets(
       auth,