fix(server): tighten asset visibility (#18699)

* tighten visibility * update sql * elevated access util function * fix potential sync issue * include in user stats * include hidden assets in size usage * filter visibility in search duplicates query * stack visibility
2025-06-02 10:33:08 -04:00
parent b5c3a675b2
commit fa22e865a4
21 changed files with 132 additions and 107 deletions
@@ -300,7 +300,6 @@ export class AssetRepository {
      .select(withFacesAndPeople)
      .select(withTags)
      .$call(withExif)
-      .leftJoin('asset_stack', 'asset_stack.id', 'assets.stackId')
      .where('assets.id', '=', anyUuid(ids))
      .execute();
  }
@@ -523,8 +522,8 @@ export class AssetRepository {
      .selectFrom('assets')
      .selectAll('assets')
      .$call(withExif)
+      .$call(withDefaultVisibility)
      .where('ownerId', '=', anyUuid(userIds))
-      .where('visibility', '!=', AssetVisibility.HIDDEN)
      .where('deletedAt', 'is', null)
      .orderBy((eb) => eb.fn('random'))
      .limit(take)
@@ -634,8 +633,6 @@ export class AssetRepository {
          )
          .$if(!!options.personId, (qb) => hasPeople(qb, [options.personId!]))
          .$if(!!options.userIds, (qb) => qb.where('assets.ownerId', '=', anyUuid(options.userIds!)))
-          .$if(options.visibility == undefined, withDefaultVisibility)
-          .$if(!!options.visibility, (qb) => qb.where('assets.visibility', '=', options.visibility!))
          .$if(options.isFavorite !== undefined, (qb) => qb.where('assets.isFavorite', '=', options.isFavorite!))
          .$if(!!options.withStacked, (qb) =>
            qb
@@ -656,7 +653,7 @@ export class AssetRepository {
                    .select(sql`array[stacked."stackId"::text, count('stacked')::text]`.as('stack'))
                    .whereRef('stacked.stackId', '=', 'assets.stackId')
                    .where('stacked.deletedAt', 'is', null)
-                    .where('stacked.visibility', '!=', AssetVisibility.ARCHIVE)
+                    .where('stacked.visibility', '=', AssetVisibility.TIMELINE)
                    .groupBy('stacked.stackId')
                    .as('stacked_assets'),
                (join) => join.onTrue(),
@@ -709,6 +706,7 @@ export class AssetRepository {
        .with('duplicates', (qb) =>
          qb
            .selectFrom('assets')
+            .$call(withDefaultVisibility)
            .leftJoinLateral(
              (qb) =>
                qb
@@ -727,7 +725,6 @@ export class AssetRepository {
            .where('assets.duplicateId', 'is not', null)
            .$narrowType<{ duplicateId: NotNull }>()
            .where('assets.deletedAt', 'is', null)
-            .where('assets.visibility', '!=', AssetVisibility.HIDDEN)
            .where('assets.stackId', 'is', null)
            .groupBy('assets.duplicateId'),
        )