cjones/immich
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(server): prevent leaking isFavorite and isArchived info (#7580)

Browse Source 
* fix: prevent leaking favorites info

* add e2e test

* fix: e2e test

* fix: isArchived

* fix: keep old version
This commit is contained in:
martin
2024-03-03 00:01:24 +01:00
committed by GitHub
parent f03381a5b1
commit ebe7a14c14
5 changed files with 28 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files
server/src/domain/album/album-response.dto.ts
+3 -2
View File
@@ -1,6 +1,7 @@
import { AlbumEntity } from '@app/infra/entities';
import { ApiProperty } from '@nestjs/swagger';
import { AssetResponseDto, mapAsset } from '../asset';
import { AuthDto } from '../auth/auth.dto';
import { UserResponseDto, mapUser } from '../user';
export class AlbumResponseDto {
@@ -24,7 +25,7 @@ export class AlbumResponseDto {
isActivityEnabled!: boolean;
}
export const mapAlbum = (entity: AlbumEntity, withAssets: boolean): AlbumResponseDto => {
export const mapAlbum = (entity: AlbumEntity, withAssets: boolean, auth?: AuthDto): AlbumResponseDto => {
const sharedUsers: UserResponseDto[] = [];
if (entity.sharedUsers) {
@@ -59,7 +60,7 @@ export const mapAlbum = (entity: AlbumEntity, withAssets: boolean): AlbumRespons
hasSharedLink,
startDate,
endDate,
assets: (withAssets ? assets : []).map((asset) => mapAsset(asset)),
assets: (withAssets ? assets : []).map((asset) => mapAsset(asset, { auth })),
assetCount: entity.assets?.length || 0,
isActivityEnabled: entity.isActivityEnabled,
};
server/src/domain/album/album.service.ts
+1 -1
View File
@@ -104,7 +104,7 @@ export class AlbumService {
const [albumMetadataForIds] = await this.albumRepository.getMetadataForIds([album.id]);
return {
...mapAlbum(album, withAssets),
...mapAlbum(album, withAssets, auth),
startDate: albumMetadataForIds.startDate,
endDate: albumMetadataForIds.endDate,
assetCount: albumMetadataForIds.assetCount,