cjones/immich
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: enum casing (#19946)

Browse Source
This commit is contained in:
Jason Rasmussen
2025-07-15 14:50:13 -04:00
committed by GitHub
parent 920d7de349
commit e73abe0762
174 changed files with 2675 additions and 2459 deletions
Download Patch File Download Diff File Expand all files Collapse all files

116
server/src/utils/access.ts
View File

@@ -11,7 +11,7 @@ export type GrantedRequest = {
};
export const isGranted = ({ requested, current }: GrantedRequest) => {
if (current.includes(Permission.ALL)) {
if (current.includes(Permission.All)) {
return true;
}
@@ -63,36 +63,36 @@ const checkSharedLinkAccess = async (
const sharedLinkId = sharedLink.id;
switch (permission) {
case Permission.ASSET_READ: {
case Permission.AssetRead: {
return await access.asset.checkSharedLinkAccess(sharedLinkId, ids);
}
case Permission.ASSET_VIEW: {
case Permission.AssetView: {
return await access.asset.checkSharedLinkAccess(sharedLinkId, ids);
}
case Permission.ASSET_DOWNLOAD: {
case Permission.AssetDownload: {
return sharedLink.allowDownload ? await access.asset.checkSharedLinkAccess(sharedLinkId, ids) : new Set();
}
case Permission.ASSET_UPLOAD: {
case Permission.AssetUpload: {
return sharedLink.allowUpload ? ids : new Set();
}
case Permission.ASSET_SHARE: {
case Permission.AssetShare: {
// TODO: fix this to not use sharedLink.userId for access control
return await access.asset.checkOwnerAccess(sharedLink.userId, ids, false);
}
case Permission.ALBUM_READ: {
case Permission.AlbumRead: {
return await access.album.checkSharedLinkAccess(sharedLinkId, ids);
}
case Permission.ALBUM_DOWNLOAD: {
case Permission.AlbumDownload: {
return sharedLink.allowDownload ? await access.album.checkSharedLinkAccess(sharedLinkId, ids) : new Set();
}
case Permission.ALBUM_ADD_ASSET: {
case Permission.AlbumAddAsset: {
return sharedLink.allowUpload ? await access.album.checkSharedLinkAccess(sharedLinkId, ids) : new Set();
}
@@ -107,190 +107,190 @@ const checkOtherAccess = async (access: AccessRepository, request: OtherAccessRe
switch (permission) {
// uses album id
case Permission.ACTIVITY_CREATE: {
case Permission.ActivityCreate: {
return await access.activity.checkCreateAccess(auth.user.id, ids);
}
// uses activity id
case Permission.ACTIVITY_DELETE: {
case Permission.ActivityDelete: {
const isOwner = await access.activity.checkOwnerAccess(auth.user.id, ids);
const isAlbumOwner = await access.activity.checkAlbumOwnerAccess(auth.user.id, setDifference(ids, isOwner));
return setUnion(isOwner, isAlbumOwner);
}
case Permission.ASSET_READ: {
case Permission.AssetRead: {
const isOwner = await access.asset.checkOwnerAccess(auth.user.id, ids, auth.session?.hasElevatedPermission);
const isAlbum = await access.asset.checkAlbumAccess(auth.user.id, setDifference(ids, isOwner));
const isPartner = await access.asset.checkPartnerAccess(auth.user.id, setDifference(ids, isOwner, isAlbum));
return setUnion(isOwner, isAlbum, isPartner);
}
case Permission.ASSET_SHARE: {
case Permission.AssetShare: {
const isOwner = await access.asset.checkOwnerAccess(auth.user.id, ids, false);
const isPartner = await access.asset.checkPartnerAccess(auth.user.id, setDifference(ids, isOwner));
return setUnion(isOwner, isPartner);
}
case Permission.ASSET_VIEW: {
case Permission.AssetView: {
const isOwner = await access.asset.checkOwnerAccess(auth.user.id, ids, auth.session?.hasElevatedPermission);
const isAlbum = await access.asset.checkAlbumAccess(auth.user.id, setDifference(ids, isOwner));
const isPartner = await access.asset.checkPartnerAccess(auth.user.id, setDifference(ids, isOwner, isAlbum));
return setUnion(isOwner, isAlbum, isPartner);
}
case Permission.ASSET_DOWNLOAD: {
case Permission.AssetDownload: {
const isOwner = await access.asset.checkOwnerAccess(auth.user.id, ids, auth.session?.hasElevatedPermission);
const isAlbum = await access.asset.checkAlbumAccess(auth.user.id, setDifference(ids, isOwner));
const isPartner = await access.asset.checkPartnerAccess(auth.user.id, setDifference(ids, isOwner, isAlbum));
return setUnion(isOwner, isAlbum, isPartner);
}
case Permission.ASSET_UPDATE: {
case Permission.AssetUpdate: {
return await access.asset.checkOwnerAccess(auth.user.id, ids, auth.session?.hasElevatedPermission);
}
case Permission.ASSET_DELETE: {
case Permission.AssetDelete: {
return await access.asset.checkOwnerAccess(auth.user.id, ids, auth.session?.hasElevatedPermission);
}
case Permission.ALBUM_READ: {
case Permission.AlbumRead: {
const isOwner = await access.album.checkOwnerAccess(auth.user.id, ids);
const isShared = await access.album.checkSharedAlbumAccess(
auth.user.id,
setDifference(ids, isOwner),
AlbumUserRole.VIEWER,
AlbumUserRole.Viewer,
);
return setUnion(isOwner, isShared);
}
case Permission.ALBUM_ADD_ASSET: {
case Permission.AlbumAddAsset: {
const isOwner = await access.album.checkOwnerAccess(auth.user.id, ids);
const isShared = await access.album.checkSharedAlbumAccess(
auth.user.id,
setDifference(ids, isOwner),
AlbumUserRole.EDITOR,
AlbumUserRole.Editor,
);
return setUnion(isOwner, isShared);
}
case Permission.ALBUM_UPDATE: {
case Permission.AlbumUpdate: {
return await access.album.checkOwnerAccess(auth.user.id, ids);
}
case Permission.ALBUM_DELETE: {
case Permission.AlbumDelete: {
return await access.album.checkOwnerAccess(auth.user.id, ids);
}
case Permission.ALBUM_SHARE: {
case Permission.AlbumShare: {
return await access.album.checkOwnerAccess(auth.user.id, ids);
}
case Permission.ALBUM_DOWNLOAD: {
case Permission.AlbumDownload: {
const isOwner = await access.album.checkOwnerAccess(auth.user.id, ids);
const isShared = await access.album.checkSharedAlbumAccess(
auth.user.id,
setDifference(ids, isOwner),
AlbumUserRole.VIEWER,
AlbumUserRole.Viewer,
);
return setUnion(isOwner, isShared);
}
case Permission.ALBUM_REMOVE_ASSET: {
case Permission.AlbumRemoveAsset: {
const isOwner = await access.album.checkOwnerAccess(auth.user.id, ids);
const isShared = await access.album.checkSharedAlbumAccess(
auth.user.id,
setDifference(ids, isOwner),
AlbumUserRole.EDITOR,
AlbumUserRole.Editor,
);
return setUnion(isOwner, isShared);
}
case Permission.ASSET_UPLOAD: {
case Permission.AssetUpload: {
return ids.has(auth.user.id) ? new Set([auth.user.id]) : new Set<string>();
}
case Permission.ARCHIVE_READ: {
case Permission.ArchiveRead: {
return ids.has(auth.user.id) ? new Set([auth.user.id]) : new Set();
}
case Permission.AUTH_DEVICE_DELETE: {
case Permission.AuthDeviceDelete: {
return await access.authDevice.checkOwnerAccess(auth.user.id, ids);
}
case Permission.FACE_DELETE: {
case Permission.FaceDelete: {
return access.person.checkFaceOwnerAccess(auth.user.id, ids);
}
case Permission.NOTIFICATION_READ:
case Permission.NOTIFICATION_UPDATE:
case Permission.NOTIFICATION_DELETE: {
case Permission.NotificationRead:
case Permission.NotificationUpdate:
case Permission.NotificationDelete: {
return access.notification.checkOwnerAccess(auth.user.id, ids);
}
case Permission.TAG_ASSET:
case Permission.TAG_READ:
case Permission.TAG_UPDATE:
case Permission.TAG_DELETE: {
case Permission.TagAsset:
case Permission.TagRead:
case Permission.TagUpdate:
case Permission.TagDelete: {
return await access.tag.checkOwnerAccess(auth.user.id, ids);
}
case Permission.TIMELINE_READ: {
case Permission.TimelineRead: {
const isOwner = ids.has(auth.user.id) ? new Set([auth.user.id]) : new Set<string>();
const isPartner = await access.timeline.checkPartnerAccess(auth.user.id, setDifference(ids, isOwner));
return setUnion(isOwner, isPartner);
}
case Permission.TIMELINE_DOWNLOAD: {
case Permission.TimelineDownload: {
return ids.has(auth.user.id) ? new Set([auth.user.id]) : new Set();
}
case Permission.MEMORY_READ: {
case Permission.MemoryRead: {
return access.memory.checkOwnerAccess(auth.user.id, ids);
}
case Permission.MEMORY_UPDATE: {
case Permission.MemoryUpdate: {
return access.memory.checkOwnerAccess(auth.user.id, ids);
}
case Permission.MEMORY_DELETE: {
case Permission.MemoryDelete: {
return access.memory.checkOwnerAccess(auth.user.id, ids);
}
case Permission.PERSON_CREATE: {
case Permission.PersonCreate: {
return access.person.checkFaceOwnerAccess(auth.user.id, ids);
}
case Permission.PERSON_READ:
case Permission.PERSON_UPDATE:
case Permission.PERSON_DELETE:
case Permission.PERSON_MERGE: {
case Permission.PersonRead:
case Permission.PersonUpdate:
case Permission.PersonDelete:
case Permission.PersonMerge: {
return await access.person.checkOwnerAccess(auth.user.id, ids);
}
case Permission.PERSON_REASSIGN: {
case Permission.PersonReassign: {
return access.person.checkFaceOwnerAccess(auth.user.id, ids);
}
case Permission.PARTNER_UPDATE: {
case Permission.PartnerUpdate: {
return await access.partner.checkUpdateAccess(auth.user.id, ids);
}
case Permission.SESSION_READ:
case Permission.SESSION_UPDATE:
case Permission.SESSION_DELETE:
case Permission.SESSION_LOCK: {
case Permission.SessionRead:
case Permission.SessionUpdate:
case Permission.SessionDelete:
case Permission.SessionLock: {
return access.session.checkOwnerAccess(auth.user.id, ids);
}
case Permission.STACK_READ: {
case Permission.StackRead: {
return access.stack.checkOwnerAccess(auth.user.id, ids);
}
case Permission.STACK_UPDATE: {
case Permission.StackUpdate: {
return access.stack.checkOwnerAccess(auth.user.id, ids);
}
case Permission.STACK_DELETE: {
case Permission.StackDelete: {
return access.stack.checkOwnerAccess(auth.user.id, ids);
}