From 9fc61032c34cd9a919451974f8806957e87b4450 Mon Sep 17 00:00:00 2001
From: mgabor <>
Date: Sun, 21 Apr 2024 18:19:27 +0200
Subject: [PATCH] rename and separate ALBUM_WRITE as ADD_ASSET and REMOVE_ASSET

---
 server/src/cores/access.core.ts      | 6 +++---
 server/src/services/album.service.ts | 4 ++--
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/server/src/cores/access.core.ts b/server/src/cores/access.core.ts
index 659412b263..2ae776b194 100644
--- a/server/src/cores/access.core.ts
+++ b/server/src/cores/access.core.ts
@@ -21,9 +21,9 @@ export enum Permission {
 
   // ALBUM_CREATE = 'album.create',
   ALBUM_READ = 'album.read',
-  ALBUM_WRITE = 'album.write',
   ALBUM_UPDATE = 'album.update',
   ALBUM_DELETE = 'album.delete',
+  ALBUM_ADD_ASSET = 'album.addAsset',
   ALBUM_REMOVE_ASSET = 'album.removeAsset',
   ALBUM_SHARE = 'album.share',
   ALBUM_DOWNLOAD = 'album.download',
@@ -144,7 +144,7 @@ export class AccessCore {
           : new Set();
       }
 
-      case Permission.ALBUM_WRITE: {
+      case Permission.ALBUM_ADD_ASSET: {
         return sharedLink.allowUpload
           ? await this.repository.album.checkSharedLinkAccess(sharedLinkId, ids)
           : new Set();
@@ -231,7 +231,7 @@ export class AccessCore {
         return setUnion(isOwner, isShared);
       }
 
-      case Permission.ALBUM_WRITE: {
+      case Permission.ALBUM_ADD_ASSET: {
         const isOwner = await this.repository.album.checkOwnerAccess(auth.user.id, ids);
         const isShared = await this.repository.album.checkSharedAlbumAccess(
           auth.user.id,
diff --git a/server/src/services/album.service.ts b/server/src/services/album.service.ts
index e3dd292084..216c6b2b5d 100644
--- a/server/src/services/album.service.ts
+++ b/server/src/services/album.service.ts
@@ -169,7 +169,7 @@ export class AlbumService {
 
   async addAssets(auth: AuthDto, id: string, dto: BulkIdsDto): Promise<BulkIdResponseDto[]> {
     const album = await this.findOrFail(id, { withAssets: false });
-    await this.access.requirePermission(auth, Permission.ALBUM_WRITE, id);
+    await this.access.requirePermission(auth, Permission.ALBUM_ADD_ASSET, id);
 
     const results = await addAssets(
       auth,
@@ -192,7 +192,7 @@ export class AlbumService {
   async removeAssets(auth: AuthDto, id: string, dto: BulkIdsDto): Promise<BulkIdResponseDto[]> {
     const album = await this.findOrFail(id, { withAssets: false });
 
-    await this.access.requirePermission(auth, Permission.ALBUM_WRITE, id);
+    await this.access.requirePermission(auth, Permission.ALBUM_REMOVE_ASSET, id);
 
     const results = await removeAssets(
       auth,