chore: test fix concurrency database

mobile/lib/domain/utils/background_sync.dart

@@ -169,7 +169,7 @@ class BackgroundSyncManager {
       return _linkedAlbumSyncTask!.future;
     }
 
-    _linkedAlbumSyncTask = runInIsolateGentle(computation: syncLinkedAlbumsIsolated);
+    _linkedAlbumSyncTask = runInIsolateGentle(computation: syncLinkedAlbumsIsolated, debugLabel: "LinkedAlbumSync");
     return _linkedAlbumSyncTask!.whenComplete(() {
       _linkedAlbumSyncTask = null;
     });

mobile/lib/infrastructure/repositories/db.repository.dart

@@ -23,6 +23,7 @@ import 'package:immich_mobile/infrastructure/entities/store.entity.dart';
 import 'package:immich_mobile/infrastructure/entities/user.entity.dart';
 import 'package:immich_mobile/infrastructure/entities/user_metadata.entity.dart';
 import 'package:immich_mobile/infrastructure/repositories/db.repository.steps.dart';
+import 'package:immich_mobile/infrastructure/repositories/drirft_native.dart';
 import 'package:isar/isar.dart' hide Index;
 
 import 'db.repository.drift.dart';
@@ -67,7 +68,7 @@ class IsarDatabaseRepository implements IDatabaseRepository {
 )
 class Drift extends $Drift implements IDatabaseRepository {
   Drift([QueryExecutor? executor])
-    : super(executor ?? driftDatabase(name: 'immich', native: const DriftNativeOptions(shareAcrossIsolates: true)));
+    : super(executor ?? driftDatabaseTest(name: 'immich', native: const DriftNativeOptions(shareAcrossIsolates: true)));
 
   @override
   int get schemaVersion => 10;

mobile/lib/infrastructure/repositories/drirft_native.dart

@@ -0,0 +1,151 @@
+import 'dart:async';
+import 'dart:io';
+import 'dart:isolate';
+import 'dart:ui';
+
+import 'package:drift/drift.dart';
+import 'package:drift/isolate.dart';
+import 'package:drift/native.dart';
+import 'package:drift_flutter/drift_flutter.dart';
+import 'package:meta/meta.dart';
+import 'package:path_provider/path_provider.dart';
+import 'package:path/path.dart' as p;
+import 'package:sqlite3/sqlite3.dart';
+import 'package:sqlite3_flutter_libs/sqlite3_flutter_libs.dart';
+
+@internal
+bool hasConfiguredSqlite = false;
+
+String portName(String databaseName) {
+  return 'drift-db/$databaseName';
+}
+
+String isolateControlPortName(String databaseName) {
+  return 'drift-db/$databaseName/control';
+}
+
+QueryExecutor driftDatabaseTest({required String name, DriftWebOptions? web, DriftNativeOptions? native}) {
+  Future<File> databaseFile() async {
+    if (native?.databasePath case final lookupPath?) {
+      return File(await lookupPath());
+    } else {
+      final resolvedDirectory = await (native?.databaseDirectory ?? getApplicationDocumentsDirectory)();
+
+      return File(
+        p.join(switch (resolvedDirectory) {
+          Directory(:final path) => path,
+          final String path => path,
+          final other => throw ArgumentError.value(
+            other,
+            'other',
+            'databaseDirectory on DriftNativeOptions must resolve to a '
+                'directory or a path as string.',
+          ),
+        }, '$name.sqlite'),
+      );
+    }
+  }
+
+  return DatabaseConnection.delayed(
+    Future(() async {
+      if (!hasConfiguredSqlite) {
+        // Also work around limitations on old Android versions
+        if (Platform.isAndroid) {
+          await applyWorkaroundToOpenSqlite3OnOldAndroidVersions();
+        }
+
+        // Make sqlite3 pick a more suitable location for temporary files - the
+        // one from the system may be inaccessible due to sandboxing.
+        final cachebase = await (native?.tempDirectoryPath?.call() ?? getTemporaryDirectory().then((d) => d.path));
+
+        if (cachebase != null) {
+          // We can't access /tmp on Android, which sqlite3 would try by default.
+          // Explicitly tell it about the correct temporary directory.
+          sqlite3.tempDirectory = cachebase;
+        }
+
+        hasConfiguredSqlite = true;
+      }
+
+      if (native != null && native.shareAcrossIsolates) {
+        const connectTimeout = Duration(seconds: 1);
+
+        while (true) {
+          if (IsolateNameServer.lookupPortByName(portName(name)) case final port?) {
+            final isolate = DriftIsolate.fromConnectPort(port);
+            try {
+              return await isolate.connect(connectTimeout: connectTimeout, isolateDebugLog: true);
+            } on TimeoutException {
+              // Isolate has stopped shortly after the register call. It should
+              // also remove the port mapping, so we can just try again in another
+              // iteration.
+              // However, it's possible for the isolate to become unreachable
+              // without unregistering itself (either due to a fatal error or when
+              // doing a hot restart). Check if the isolate is still reachable,
+              // and remove the mapping if it's not.
+              final controlPort = IsolateNameServer.lookupPortByName(isolateControlPortName(name));
+              if (controlPort == null) {
+                continue;
+              }
+              final supposedIsolate = Isolate(controlPort);
+              if (!await supposedIsolate.pingWithTimeout()) {
+                // Yup, gone!
+                IsolateNameServer.removePortNameMapping(portName(name));
+              }
+              // Otherwise, the isolate is probably paused. Keep trying...
+            }
+          } else {
+            // No port has been registered yet! Spawn an isolate that will try to
+            // register itself as the database server.
+            final receiveFromPending = ReceivePort();
+            final firstMessage = receiveFromPending.first;
+            await Isolate.spawn(_isolateEntrypoint, (
+              name: name,
+              options: native,
+              sendResponses: receiveFromPending.sendPort,
+              path: (await databaseFile()).path,
+            ), onExit: receiveFromPending.sendPort);
+
+            // The isolate will either succeed in registering its connect port to
+            // the name server (in which case it sends us the port), or it fails
+            // due to a race condition (in which case it exits).
+            final first = await firstMessage;
+            if (first case SendPort port) {
+              return await DriftIsolate.fromConnectPort(port).connect(isolateDebugLog: true);
+            }
+          }
+        }
+      }
+
+      return NativeDatabase.createBackgroundConnection(await databaseFile());
+    }),
+  );
+}
+
+typedef _EntrypointMessage = ({String name, String path, DriftNativeOptions options, SendPort sendResponses});
+
+void _isolateEntrypoint(_EntrypointMessage message) {
+  final connections = ReceivePort();
+  if (IsolateNameServer.registerPortWithName(connections.sendPort, portName(message.name))) {
+    final controlPortName = isolateControlPortName(message.name);
+    final server = DriftIsolate.inCurrent(
+      () => NativeDatabase(File(message.path)),
+      port: connections,
+      beforeShutdown: () {
+        IsolateNameServer.removePortNameMapping(portName(message.name));
+        IsolateNameServer.removePortNameMapping(controlPortName);
+      },
+      killIsolateWhenDone: true,
+      shutdownAfterLastDisconnect: true,
+    );
+
+    message.sendResponses.send(server.connectPort);
+
+    IsolateNameServer.removePortNameMapping(controlPortName);
+    IsolateNameServer.registerPortWithName(Isolate.current.controlPort, controlPortName);
+  } else {
+    // Another isolate is responsible for hosting this database, abort.
+    connections.close();
+    return;
+  }
+}

mobile/lib/infrastructure/repositories/logger_db.repository.dart

@@ -2,6 +2,7 @@ import 'package:drift/drift.dart';
 import 'package:drift_flutter/drift_flutter.dart';
 import 'package:immich_mobile/domain/interfaces/db.interface.dart';
 import 'package:immich_mobile/infrastructure/entities/log.entity.dart';
+import 'package:immich_mobile/infrastructure/repositories/drirft_native.dart';
 
 import 'logger_db.repository.drift.dart';
 
@@ -9,7 +10,7 @@ import 'logger_db.repository.drift.dart';
 class DriftLogger extends $DriftLogger implements IDatabaseRepository {
   DriftLogger([QueryExecutor? executor])
     : super(
-        executor ?? driftDatabase(name: 'immich_logs', native: const DriftNativeOptions(shareAcrossIsolates: true)),
+        executor ?? driftDatabaseTest(name: 'immich_logs', native: const DriftNativeOptions(shareAcrossIsolates: true)),
       );
 
   @override

mobile/lib/infrastructure/repositories/user.repository.dart

@@ -78,9 +78,13 @@ class DriftAuthUserRepository extends DriftDatabaseRepository {
     if (user == null) return null;
 
     final query = _db.userMetadataEntity.select()..where((e) => e.userId.equals(id));
+
+    print("getting metadata for user $id");
     final metadata = await query.map((row) => row.toDto()).get();
 
-    return user.toDto(metadata);
+    final a = user.toDto(metadata);
+    print("get user $id metadata $a");
+    return a;
   }
 
   Future<UserDto> upsert(UserDto user) async {

mobile/lib/utils/isolate.dart

@@ -31,55 +31,71 @@ Cancelable<T?> runInIsolateGentle<T>({
   }
 
   return workerManager.executeGentle((cancelledChecker) async {
-    BackgroundIsolateBinaryMessenger.ensureInitialized(token);
-    DartPluginRegistrant.ensureInitialized();
+    await runZonedGuarded(
+      () async {
+        BackgroundIsolateBinaryMessenger.ensureInitialized(token);
+        DartPluginRegistrant.ensureInitialized();
 
-    final (isar, drift, logDb) = await Bootstrap.initDB();
-    await Bootstrap.initDomain(isar, drift, logDb, shouldBufferLogs: false);
-    final ref = ProviderContainer(
-      overrides: [
-        // TODO: Remove once isar is removed
-        dbProvider.overrideWithValue(isar),
-        isarProvider.overrideWithValue(isar),
-        cancellationProvider.overrideWithValue(cancelledChecker),
-        driftProvider.overrideWith(driftOverride(drift)),
-      ],
-    );
+        final (isar, drift, logDb) = await Bootstrap.initDB();
+        await Bootstrap.initDomain(isar, drift, logDb, shouldBufferLogs: false);
+        final ref = ProviderContainer(
+          overrides: [
+            // TODO: Remove once isar is removed
+            dbProvider.overrideWithValue(isar),
+            isarProvider.overrideWithValue(isar),
+            cancellationProvider.overrideWithValue(cancelledChecker),
+            driftProvider.overrideWith(driftOverride(drift)),
+          ],
+        );
 
-    Logger log = Logger("IsolateLogger");
+        Logger log = Logger("IsolateLogger");
 
-    try {
-      HttpSSLOptions.apply(applyNative: false);
-      return await computation(ref);
-    } on CanceledError {
-      log.warning("Computation cancelled ${debugLabel == null ? '' : ' for $debugLabel'}");
-    } catch (error, stack) {
-      log.severe("Error in runInIsolateGentle ${debugLabel == null ? '' : ' for $debugLabel'}", error, stack);
-    } finally {
-      try {
-        await LogService.I.dispose();
-        await logDb.close();
-        await ref.read(driftProvider).close();
-
-        // Close Isar safely
         try {
-          final isar = ref.read(isarProvider);
-          if (isar.isOpen) {
-            await isar.close();
-          }
-        } catch (e) {
-          debugPrint("Error closing Isar: $e");
-        }
+          HttpSSLOptions.apply(applyNative: false);
+          return await computation(ref);
+        } on CanceledError {
+          log.warning("Computation cancelled ${debugLabel == null ? '' : ' for $debugLabel'}");
+        } catch (error, stack) {
+          log.severe("Error in runInIsolateGentle ${debugLabel == null ? '' : ' for $debugLabel'}", error, stack);
+        } finally {
+          try {
+            print("1 close logs service");
+            await LogService.I.dispose();
 
-        ref.dispose();
-      } catch (error, stack) {
-        debugPrint("Error closing resources in isolate: $error, $stack");
-      } finally {
-        ref.dispose();
-        // Delay to ensure all resources are released
-        await Future.delayed(const Duration(seconds: 2));
-      }
-    }
-    return null;
+            print("2 close logs db");
+            await logDb.close();
+
+            print("3 close drift $debugLabel");
+            await ref.read(driftProvider).close();
+
+            // Close Isar safely
+            try {
+              print("4 close isar");
+              final isar = ref.read(isarProvider);
+              if (isar.isOpen) {
+                await isar.close();
+              }
+              print("5 closed isar");
+            } catch (e) {
+              debugPrint("Error closing Isar: $e");
+            }
+
+            print("6 dispose ref");
+          } catch (error, stack) {
+            debugPrint("Error closing resources in isolate: $error, $stack");
+          } finally {
+            print("finished isolate ${debugLabel == null ? '' : ' for $debugLabel'}");
+            ref.dispose();
+
+            // Delay to ensure all resources are released
+            await Future.delayed(const Duration(seconds: 2));
+          }
+        }
+        return null;
+      },
+      (error, stackTrace) {
+        print("Run zoned error in isolate ${debugLabel == null ? '' : ' for $debugLabel'}: $error, $stackTrace");
+      },
+    );
   });
 }

mobile/openapi/README.md

@@ -297,7 +297,6 @@ Class | Method | HTTP request | Description
  - [APIKeyCreateResponseDto](doc//APIKeyCreateResponseDto.md)
  - [APIKeyResponseDto](doc//APIKeyResponseDto.md)
  - [APIKeyUpdateDto](doc//APIKeyUpdateDto.md)
- - [AccessHint](doc//AccessHint.md)
  - [ActivityCreateDto](doc//ActivityCreateDto.md)
  - [ActivityResponseDto](doc//ActivityResponseDto.md)
  - [ActivityStatisticsResponseDto](doc//ActivityStatisticsResponseDto.md)

mobile/openapi/lib/api.dart

@@ -68,7 +68,6 @@ part 'model/api_key_create_dto.dart';
 part 'model/api_key_create_response_dto.dart';
 part 'model/api_key_response_dto.dart';
 part 'model/api_key_update_dto.dart';
-part 'model/access_hint.dart';
 part 'model/activity_create_dto.dart';
 part 'model/activity_response_dto.dart';
 part 'model/activity_statistics_response_dto.dart';

mobile/openapi/lib/api/assets_api.dart

@@ -1247,14 +1247,12 @@ class AssetsApi {
   ///
   /// * [String] id (required):
   ///
-  /// * [AccessHint] hint:
-  ///
   /// * [String] key:
   ///
   /// * [AssetMediaSize] size:
   ///
   /// * [String] slug:
-  Future<Response> viewAssetWithHttpInfo(String id, { AccessHint? hint, String? key, AssetMediaSize? size, String? slug, }) async {
+  Future<Response> viewAssetWithHttpInfo(String id, { String? key, AssetMediaSize? size, String? slug, }) async {
     // ignore: prefer_const_declarations
     final apiPath = r'/assets/{id}/thumbnail'
       .replaceAll('{id}', id);
@@ -1266,9 +1264,6 @@ class AssetsApi {
     final headerParams = <String, String>{};
     final formParams = <String, String>{};
 
-    if (hint != null) {
-      queryParams.addAll(_queryParams('', 'hint', hint));
-    }
     if (key != null) {
       queryParams.addAll(_queryParams('', 'key', key));
     }
@@ -1299,15 +1294,13 @@ class AssetsApi {
   ///
   /// * [String] id (required):
   ///
-  /// * [AccessHint] hint:
-  ///
   /// * [String] key:
   ///
   /// * [AssetMediaSize] size:
   ///
   /// * [String] slug:
-  Future<MultipartFile?> viewAsset(String id, { AccessHint? hint, String? key, AssetMediaSize? size, String? slug, }) async {
-    final response = await viewAssetWithHttpInfo(id,  hint: hint, key: key, size: size, slug: slug, );
+  Future<MultipartFile?> viewAsset(String id, { String? key, AssetMediaSize? size, String? slug, }) async {
+    final response = await viewAssetWithHttpInfo(id,  key: key, size: size, slug: slug, );
     if (response.statusCode >= HttpStatus.badRequest) {
       throw ApiException(response.statusCode, await _decodeBodyBytes(response));
     }

mobile/openapi/lib/api_client.dart

@@ -190,8 +190,6 @@ class ApiClient {
           return APIKeyResponseDto.fromJson(value);
         case 'APIKeyUpdateDto':
           return APIKeyUpdateDto.fromJson(value);
-        case 'AccessHint':
-          return AccessHintTypeTransformer().decode(value);
         case 'ActivityCreateDto':
           return ActivityCreateDto.fromJson(value);
         case 'ActivityResponseDto':

mobile/openapi/lib/api_helper.dart

@@ -55,9 +55,6 @@ String parameterToString(dynamic value) {
   if (value is DateTime) {
     return value.toUtc().toIso8601String();
   }
-  if (value is AccessHint) {
-    return AccessHintTypeTransformer().encode(value).toString();
-  }
   if (value is AlbumUserRole) {
     return AlbumUserRoleTypeTransformer().encode(value).toString();
   }

mobile/openapi/lib/model/access_hint.dart

@@ -1,91 +0,0 @@
-//
-// AUTO-GENERATED FILE, DO NOT MODIFY!
-//
-// @dart=2.18
-
-// ignore_for_file: unused_element, unused_import
-// ignore_for_file: always_put_required_named_parameters_first
-// ignore_for_file: constant_identifier_names
-// ignore_for_file: lines_longer_than_80_chars
-
-part of openapi.api;
-
-
-class AccessHint {
-  /// Instantiate a new enum with the provided [value].
-  const AccessHint._(this.value);
-
-  /// The underlying value of this enum member.
-  final String value;
-
-  @override
-  String toString() => value;
-
-  String toJson() => value;
-
-  static const owner = AccessHint._(r'owner');
-  static const album = AccessHint._(r'album');
-  static const partner = AccessHint._(r'partner');
-  static const sharedLink = AccessHint._(r'sharedLink');
-
-  /// List of all possible values in this [enum][AccessHint].
-  static const values = <AccessHint>[
-    owner,
-    album,
-    partner,
-    sharedLink,
-  ];
-
-  static AccessHint? fromJson(dynamic value) => AccessHintTypeTransformer().decode(value);
-
-  static List<AccessHint> listFromJson(dynamic json, {bool growable = false,}) {
-    final result = <AccessHint>[];
-    if (json is List && json.isNotEmpty) {
-      for (final row in json) {
-        final value = AccessHint.fromJson(row);
-        if (value != null) {
-          result.add(value);
-        }
-      }
-    }
-    return result.toList(growable: growable);
-  }
-}
-
-/// Transformation class that can [encode] an instance of [AccessHint] to String,
-/// and [decode] dynamic data back to [AccessHint].
-class AccessHintTypeTransformer {
-  factory AccessHintTypeTransformer() => _instance ??= const AccessHintTypeTransformer._();
-
-  const AccessHintTypeTransformer._();
-
-  String encode(AccessHint data) => data.value;
-
-  /// Decodes a [dynamic value][data] to a AccessHint.
-  ///
-  /// If [allowNull] is true and the [dynamic value][data] cannot be decoded successfully,
-  /// then null is returned. However, if [allowNull] is false and the [dynamic value][data]
-  /// cannot be decoded successfully, then an [UnimplementedError] is thrown.
-  ///
-  /// The [allowNull] is very handy when an API changes and a new enum value is added or removed,
-  /// and users are still using an old app with the old code.
-  AccessHint? decode(dynamic data, {bool allowNull = true}) {
-    if (data != null) {
-      switch (data) {
-        case r'owner': return AccessHint.owner;
-        case r'album': return AccessHint.album;
-        case r'partner': return AccessHint.partner;
-        case r'sharedLink': return AccessHint.sharedLink;
-        default:
-          if (!allowNull) {
-            throw ArgumentError('Unknown enum value to decode: $data');
-          }
-      }
-    }
-    return null;
-  }
-
-  /// Singleton [AccessHintTypeTransformer] instance.
-  static AccessHintTypeTransformer? _instance;
-}
-

open-api/immich-openapi-specs.json

@@ -2583,14 +2583,6 @@
       "get": {
         "operationId": "viewAsset",
         "parameters": [
-          {
-            "name": "hint",
-            "required": false,
-            "in": "query",
-            "schema": {
-              "$ref": "#/components/schemas/AccessHint"
-            }
-          },
           {
             "name": "id",
             "required": true,
@@ -9975,15 +9967,6 @@
         },
         "type": "object"
       },
-      "AccessHint": {
-        "enum": [
-          "owner",
-          "album",
-          "partner",
-          "sharedLink"
-        ],
-        "type": "string"
-      },
       "ActivityCreateDto": {
         "properties": {
           "albumId": {

open-api/typescript-sdk/src/fetch-client.ts

@@ -2391,8 +2391,7 @@ export function replaceAsset({ id, key, slug, assetMediaReplaceDto }: {
 /**
  * This endpoint requires the `asset.view` permission.
  */
-export function viewAsset({ hint, id, key, size, slug }: {
-    hint?: AccessHint;
+export function viewAsset({ id, key, size, slug }: {
     id: string;
     key?: string;
     size?: AssetMediaSize;
@@ -2402,7 +2401,6 @@ export function viewAsset({ hint, id, key, size, slug }: {
         status: 200;
         data: Blob;
     }>(`/assets/${encodeURIComponent(id)}/thumbnail${QS.query(QS.explode({
-        hint,
         key,
         size,
         slug
@@ -4844,12 +4842,6 @@ export enum AssetJobName {
     RegenerateThumbnail = "regenerate-thumbnail",
     TranscodeVideo = "transcode-video"
 }
-export enum AccessHint {
-    Owner = "owner",
-    Album = "album",
-    Partner = "partner",
-    SharedLink = "sharedLink"
-}
 export enum AssetMediaSize {
     Fullsize = "fullsize",
     Preview = "preview",

server/src/dtos/asset-media.dto.ts

@@ -3,7 +3,7 @@ import { ApiProperty } from '@nestjs/swagger';
 import { plainToInstance, Transform, Type } from 'class-transformer';
 import { ArrayNotEmpty, IsArray, IsNotEmpty, IsString, ValidateNested } from 'class-validator';
 import { AssetMetadataUpsertItemDto } from 'src/dtos/asset.dto';
-import { AccessHint, AssetVisibility } from 'src/enum';
+import { AssetVisibility } from 'src/enum';
 import { Optional, ValidateBoolean, ValidateDate, ValidateEnum, ValidateUUID } from 'src/validation';
 
 export enum AssetMediaSize {
@@ -19,9 +19,6 @@ export enum AssetMediaSize {
 export class AssetMediaOptionsDto {
   @ValidateEnum({ enum: AssetMediaSize, name: 'AssetMediaSize', optional: true })
   size?: AssetMediaSize;
-
-  @ValidateEnum({ enum: AccessHint, name: 'AccessHint', optional: true })
-  hint?: AccessHint;
 }
 
 export enum UploadFieldName {

server/src/enum.ts

@@ -753,10 +753,3 @@ export enum CronJob {
   LibraryScan = 'LibraryScan',
   NightlyJobs = 'NightlyJobs',
 }
-
-export enum AccessHint {
-  Owner = 'owner',
-  Album = 'album',
-  Partner = 'partner',
-  SharedLink = 'sharedLink',
-}

server/src/utils/access.ts

@@ -1,7 +1,7 @@
 import { BadRequestException, UnauthorizedException } from '@nestjs/common';
 import { AuthSharedLink } from 'src/database';
 import { AuthDto } from 'src/dtos/auth.dto';
-import { AccessHint, AlbumUserRole, Permission } from 'src/enum';
+import { AlbumUserRole, Permission } from 'src/enum';
 import { AccessRepository } from 'src/repositories/access.repository';
 import { setDifference, setIsEqual, setIsSuperset, setUnion } from 'src/utils/set';
 
@@ -22,11 +22,10 @@ export type AccessRequest = {
   auth: AuthDto;
   permission: Permission;
   ids: Set<string> | string[];
-  hint?: AccessHint;
 };
 
 type SharedLinkAccessRequest = { sharedLink: AuthSharedLink; permission: Permission; ids: Set<string> };
-type OtherAccessRequest = { auth: AuthDto; permission: Permission; ids: Set<string>; hint?: AccessHint };
+type OtherAccessRequest = { auth: AuthDto; permission: Permission; ids: Set<string> };
 
 export const requireUploadAccess = (auth: AuthDto | null): AuthDto => {
   if (!auth || (auth.sharedLink && !auth.sharedLink.allowUpload)) {
@@ -44,7 +43,7 @@ export const requireAccess = async (access: AccessRepository, request: AccessReq
 
 export const checkAccess = async (
   access: AccessRepository,
-  { ids, auth, permission, hint }: AccessRequest,
+  { ids, auth, permission }: AccessRequest,
 ): Promise<Set<string>> => {
   const idSet = Array.isArray(ids) ? new Set(ids) : ids;
   if (idSet.size === 0) {
@@ -53,7 +52,7 @@ export const checkAccess = async (
 
   return auth.sharedLink
     ? checkSharedLinkAccess(access, { sharedLink: auth.sharedLink, permission, ids: idSet })
-    : checkOtherAccess(access, { auth, permission, ids: idSet, hint });
+    : checkOtherAccess(access, { auth, permission, ids: idSet });
 };
 
 const checkSharedLinkAccess = async (
@@ -103,38 +102,8 @@ const checkSharedLinkAccess = async (
   }
 };
 
-const safeMoveToFront = <T>(array: T[], index: number) => {
-  if (index <= 0 || index >= array.length) {
-    return;
-  }
-
-  const [item] = array.splice(index, 1);
-  array.unshift(item);
-};
-
-type CheckFn = (ids: Set<string>) => Promise<Set<string>>;
-const checkAll = async (ids: Set<string>, checks: Partial<Record<AccessHint, CheckFn>>, hint?: AccessHint) => {
-  let grantedIds = new Set<string>();
-
-  const items = Object.values(checks);
-  if (hint && checks[hint]) {
-    safeMoveToFront(items, items.indexOf(checks[hint]));
-  }
-
-  for (const check of items) {
-    if (ids.size === 0) {
-      break;
-    }
-    const approvedIds = await check(ids);
-    grantedIds = setUnion(grantedIds, approvedIds);
-    ids = setDifference(ids, approvedIds);
-  }
-
-  return grantedIds;
-};
-
 const checkOtherAccess = async (access: AccessRepository, request: OtherAccessRequest): Promise<Set<string>> => {
-  const { auth, permission, ids, hint } = request;
+  const { auth, permission, ids } = request;
 
   switch (permission) {
     // uses album id
@@ -144,118 +113,96 @@ const checkOtherAccess = async (access: AccessRepository, request: OtherAccessRe
 
     // uses activity id
     case Permission.ActivityDelete: {
-      return checkAll(
-        ids,
-        {
-          [AccessHint.Owner]: (ids) => access.activity.checkOwnerAccess(auth.user.id, ids),
-          [AccessHint.Album]: (ids) => access.activity.checkAlbumOwnerAccess(auth.user.id, ids),
-        },
-        hint,
-      );
+      const isOwner = await access.activity.checkOwnerAccess(auth.user.id, ids);
+      const isAlbumOwner = await access.activity.checkAlbumOwnerAccess(auth.user.id, setDifference(ids, isOwner));
+      return setUnion(isOwner, isAlbumOwner);
     }
 
     case Permission.AssetRead: {
-      return checkAll(
-        ids,
-        {
-          [AccessHint.Owner]: (ids) =>
-            access.asset.checkOwnerAccess(auth.user.id, ids, auth.session?.hasElevatedPermission),
-          [AccessHint.Album]: (ids) => access.asset.checkAlbumAccess(auth.user.id, ids),
-          [AccessHint.Partner]: (ids) => access.asset.checkPartnerAccess(auth.user.id, ids),
-        },
-        hint,
-      );
+      const isOwner = await access.asset.checkOwnerAccess(auth.user.id, ids, auth.session?.hasElevatedPermission);
+      const isAlbum = await access.asset.checkAlbumAccess(auth.user.id, setDifference(ids, isOwner));
+      const isPartner = await access.asset.checkPartnerAccess(auth.user.id, setDifference(ids, isOwner, isAlbum));
+      return setUnion(isOwner, isAlbum, isPartner);
     }
 
     case Permission.AssetShare: {
-      return checkAll(ids, {
-        [AccessHint.Owner]: (ids) => access.asset.checkOwnerAccess(auth.user.id, ids, false),
-        [AccessHint.Partner]: (ids) => access.asset.checkPartnerAccess(auth.user.id, ids),
-      });
+      const isOwner = await access.asset.checkOwnerAccess(auth.user.id, ids, false);
+      const isPartner = await access.asset.checkPartnerAccess(auth.user.id, setDifference(ids, isOwner));
+      return setUnion(isOwner, isPartner);
     }
 
     case Permission.AssetView: {
-      return checkAll(ids, {
-        [AccessHint.Owner]: (ids) =>
-          access.asset.checkOwnerAccess(auth.user.id, ids, auth.session?.hasElevatedPermission),
-        [AccessHint.Album]: (ids) => access.asset.checkAlbumAccess(auth.user.id, ids),
-        [AccessHint.Partner]: (ids) => access.asset.checkPartnerAccess(auth.user.id, ids),
-      });
+      const isOwner = await access.asset.checkOwnerAccess(auth.user.id, ids, auth.session?.hasElevatedPermission);
+      const isAlbum = await access.asset.checkAlbumAccess(auth.user.id, setDifference(ids, isOwner));
+      const isPartner = await access.asset.checkPartnerAccess(auth.user.id, setDifference(ids, isOwner, isAlbum));
+      return setUnion(isOwner, isAlbum, isPartner);
     }
 
     case Permission.AssetDownload: {
-      return checkAll(ids, {
-        [AccessHint.Owner]: (ids) =>
-          access.asset.checkOwnerAccess(auth.user.id, ids, auth.session?.hasElevatedPermission),
-        [AccessHint.Album]: (ids) => access.asset.checkAlbumAccess(auth.user.id, ids),
-        [AccessHint.Partner]: (ids) => access.asset.checkPartnerAccess(auth.user.id, ids),
-      });
+      const isOwner = await access.asset.checkOwnerAccess(auth.user.id, ids, auth.session?.hasElevatedPermission);
+      const isAlbum = await access.asset.checkAlbumAccess(auth.user.id, setDifference(ids, isOwner));
+      const isPartner = await access.asset.checkPartnerAccess(auth.user.id, setDifference(ids, isOwner, isAlbum));
+      return setUnion(isOwner, isAlbum, isPartner);
     }
 
     case Permission.AssetUpdate: {
-      return checkAll(ids, {
-        [AccessHint.Owner]: (ids) =>
-          access.asset.checkOwnerAccess(auth.user.id, ids, auth.session?.hasElevatedPermission),
-      });
+      return await access.asset.checkOwnerAccess(auth.user.id, ids, auth.session?.hasElevatedPermission);
     }
 
     case Permission.AssetDelete: {
-      return checkAll(ids, {
-        [AccessHint.Owner]: (ids) =>
-          access.asset.checkOwnerAccess(auth.user.id, ids, auth.session?.hasElevatedPermission),
-      });
+      return await access.asset.checkOwnerAccess(auth.user.id, ids, auth.session?.hasElevatedPermission);
     }
 
     case Permission.AlbumRead: {
-      return checkAll(
-        ids,
-        {
-          [AccessHint.Owner]: (ids) => access.album.checkOwnerAccess(auth.user.id, ids),
-          [AccessHint.Album]: (ids) => access.album.checkSharedAlbumAccess(auth.user.id, ids, AlbumUserRole.Viewer),
-        },
-        hint,
+      const isOwner = await access.album.checkOwnerAccess(auth.user.id, ids);
+      const isShared = await access.album.checkSharedAlbumAccess(
+        auth.user.id,
+        setDifference(ids, isOwner),
+        AlbumUserRole.Viewer,
       );
+      return setUnion(isOwner, isShared);
     }
 
     case Permission.AlbumAssetCreate: {
-      return checkAll(ids, {
-        [AccessHint.Owner]: (ids) => access.album.checkOwnerAccess(auth.user.id, ids),
-        [AccessHint.Album]: (ids) => access.album.checkSharedAlbumAccess(auth.user.id, ids, AlbumUserRole.Editor),
-      });
+      const isOwner = await access.album.checkOwnerAccess(auth.user.id, ids);
+      const isShared = await access.album.checkSharedAlbumAccess(
+        auth.user.id,
+        setDifference(ids, isOwner),
+        AlbumUserRole.Editor,
+      );
+      return setUnion(isOwner, isShared);
+    }
+
+    case Permission.AlbumUpdate: {
+      return await access.album.checkOwnerAccess(auth.user.id, ids);
     }
 
-    case Permission.AlbumShare:
-    case Permission.AlbumUpdate:
     case Permission.AlbumDelete: {
-      return checkAll(
-        ids,
-        {
-          [AccessHint.Owner]: (ids) => access.album.checkOwnerAccess(auth.user.id, ids),
-        },
-        hint,
-      );
+      return await access.album.checkOwnerAccess(auth.user.id, ids);
+    }
+
+    case Permission.AlbumShare: {
+      return await access.album.checkOwnerAccess(auth.user.id, ids);
     }
 
     case Permission.AlbumDownload: {
-      return checkAll(
-        ids,
-        {
-          [AccessHint.Owner]: (ids) => access.album.checkOwnerAccess(auth.user.id, ids),
-          [AccessHint.Album]: (ids) => access.album.checkSharedAlbumAccess(auth.user.id, ids, AlbumUserRole.Viewer),
-        },
-        hint,
+      const isOwner = await access.album.checkOwnerAccess(auth.user.id, ids);
+      const isShared = await access.album.checkSharedAlbumAccess(
+        auth.user.id,
+        setDifference(ids, isOwner),
+        AlbumUserRole.Viewer,
       );
+      return setUnion(isOwner, isShared);
     }
 
     case Permission.AlbumAssetDelete: {
-      return checkAll(
-        ids,
-        {
-          [AccessHint.Owner]: (ids) => access.album.checkOwnerAccess(auth.user.id, ids),
-          [AccessHint.Album]: (ids) => access.album.checkSharedAlbumAccess(auth.user.id, ids, AlbumUserRole.Editor),
-        },
-        hint,
+      const isOwner = await access.album.checkOwnerAccess(auth.user.id, ids);
+      const isShared = await access.album.checkSharedAlbumAccess(
+        auth.user.id,
+        setDifference(ids, isOwner),
+        AlbumUserRole.Editor,
       );
+      return setUnion(isOwner, isShared);
     }
 
     case Permission.AssetUpload: {
@@ -267,36 +214,24 @@ const checkOtherAccess = async (access: AccessRepository, request: OtherAccessRe
     }
 
     case Permission.AuthDeviceDelete: {
-      return checkAll(
-        ids,
-        {
-          [AccessHint.Owner]: (ids) => access.authDevice.checkOwnerAccess(auth.user.id, ids),
-        },
-        hint,
-      );
+      return await access.authDevice.checkOwnerAccess(auth.user.id, ids);
     }
 
     case Permission.FaceDelete: {
-      return checkAll(ids, {
-        [AccessHint.Owner]: (ids) => access.person.checkFaceOwnerAccess(auth.user.id, ids),
-      });
+      return access.person.checkFaceOwnerAccess(auth.user.id, ids);
     }
 
     case Permission.NotificationRead:
     case Permission.NotificationUpdate:
     case Permission.NotificationDelete: {
-      return checkAll(ids, {
-        [AccessHint.Owner]: (ids) => access.notification.checkOwnerAccess(auth.user.id, ids),
-      });
+      return access.notification.checkOwnerAccess(auth.user.id, ids);
     }
 
     case Permission.TagAsset:
     case Permission.TagRead:
     case Permission.TagUpdate:
     case Permission.TagDelete: {
-      return checkAll(ids, {
-        [AccessHint.Owner]: (ids) => access.tag.checkOwnerAccess(auth.user.id, ids),
-      });
+      return await access.tag.checkOwnerAccess(auth.user.id, ids);
     }
 
     case Permission.TimelineRead: {
@@ -309,56 +244,54 @@ const checkOtherAccess = async (access: AccessRepository, request: OtherAccessRe
       return ids.has(auth.user.id) ? new Set([auth.user.id]) : new Set();
     }
 
-    case Permission.MemoryRead:
-    case Permission.MemoryUpdate:
+    case Permission.MemoryRead: {
+      return access.memory.checkOwnerAccess(auth.user.id, ids);
+    }
+
+    case Permission.MemoryUpdate: {
+      return access.memory.checkOwnerAccess(auth.user.id, ids);
+    }
+
     case Permission.MemoryDelete: {
-      return checkAll(ids, {
-        [AccessHint.Owner]: (ids) => access.memory.checkOwnerAccess(auth.user.id, ids),
-      });
+      return access.memory.checkOwnerAccess(auth.user.id, ids);
     }
 
     case Permission.PersonCreate: {
-      return checkAll(ids, {
-        [AccessHint.Owner]: (ids) => access.person.checkFaceOwnerAccess(auth.user.id, ids),
-      });
+      return access.person.checkFaceOwnerAccess(auth.user.id, ids);
     }
 
     case Permission.PersonRead:
     case Permission.PersonUpdate:
     case Permission.PersonDelete:
     case Permission.PersonMerge: {
-      return checkAll(ids, {
-        [AccessHint.Owner]: (ids) => access.person.checkOwnerAccess(auth.user.id, ids),
-      });
+      return await access.person.checkOwnerAccess(auth.user.id, ids);
     }
 
     case Permission.PersonReassign: {
-      return checkAll(ids, {
-        [AccessHint.Owner]: (ids) => access.person.checkFaceOwnerAccess(auth.user.id, ids),
-      });
+      return access.person.checkFaceOwnerAccess(auth.user.id, ids);
     }
 
     case Permission.PartnerUpdate: {
-      return checkAll(ids, {
-        [AccessHint.Owner]: (ids) => access.partner.checkUpdateAccess(auth.user.id, ids),
-      });
+      return await access.partner.checkUpdateAccess(auth.user.id, ids);
     }
 
     case Permission.SessionRead:
     case Permission.SessionUpdate:
     case Permission.SessionDelete:
     case Permission.SessionLock: {
-      return checkAll(ids, {
-        [AccessHint.Owner]: (ids) => access.session.checkOwnerAccess(auth.user.id, ids),
-      });
+      return access.session.checkOwnerAccess(auth.user.id, ids);
+    }
+
+    case Permission.StackRead: {
+      return access.stack.checkOwnerAccess(auth.user.id, ids);
+    }
+
+    case Permission.StackUpdate: {
+      return access.stack.checkOwnerAccess(auth.user.id, ids);
     }
 
-    case Permission.StackRead:
-    case Permission.StackUpdate:
     case Permission.StackDelete: {
-      return checkAll(ids, {
-        [AccessHint.Owner]: (ids) => access.stack.checkOwnerAccess(auth.user.id, ids),
-      });
+      return access.stack.checkOwnerAccess(auth.user.id, ids);
     }
 
     default: {

web/src/lib/components/assets/thumbnail/thumbnail.svelte

@@ -5,7 +5,7 @@
   import { getAssetPlaybackUrl, getAssetThumbnailUrl } from '$lib/utils';
   import { timeToSeconds } from '$lib/utils/date-time';
   import { getAltText } from '$lib/utils/thumbnail-util';
-  import { AccessHint, AssetMediaSize, AssetVisibility } from '@immich/sdk';
+  import { AssetMediaSize, AssetVisibility } from '@immich/sdk';
   import {
     mdiArchiveArrowDownOutline,
     mdiCameraBurst,
@@ -20,7 +20,6 @@
   import { authManager } from '$lib/managers/auth-manager.svelte';
   import type { TimelineAsset } from '$lib/managers/timeline-manager/types';
   import { mobileDevice } from '$lib/stores/mobile-device.svelte';
-  import { user } from '$lib/stores/user.store';
   import { moveFocus } from '$lib/utils/focus-util';
   import { currentUrlReplaceAssetId } from '$lib/utils/navigation';
   import { TUNABLES } from '$lib/utils/tunables';
@@ -46,7 +45,6 @@
     imageClass?: ClassValue;
     brokenAssetClass?: ClassValue;
     dimmed?: boolean;
-    hint?: AccessHint;
     onClick?: (asset: TimelineAsset) => void;
     onSelect?: (asset: TimelineAsset) => void;
     onMouseEvent?: (event: { isMouseOver: boolean; selectedGroupIndex: number }) => void;
@@ -71,7 +69,6 @@
     imageClass = '',
     brokenAssetClass = '',
     dimmed = false,
-    hint,
   }: Props = $props();
 
   let {
@@ -316,12 +313,7 @@
       <ImageThumbnail
         class={imageClass}
         {brokenAssetClass}
-        url={getAssetThumbnailUrl({
-          id: asset.id,
-          size: AssetMediaSize.Thumbnail,
-          cacheKey: asset.thumbhash,
-          hint: asset.ownerId === $user.id ? undefined : hint,
-        })}
+        url={getAssetThumbnailUrl({ id: asset.id, size: AssetMediaSize.Thumbnail, cacheKey: asset.thumbhash })}
         altText={$getAltText(asset)}
         widthStyle="{width}px"
         heightStyle="{height}px"

web/src/lib/components/photos-page/asset-date-group.svelte

@@ -232,7 +232,6 @@
             disabled={dayGroup.monthGroup.timelineManager.albumAssets.has(asset.id)}
             thumbnailWidth={position.width}
             thumbnailHeight={position.height}
-            hint={timelineManager.hint}
           />
           {#if customLayout}
             {@render customLayout(asset)}

web/src/lib/managers/timeline-manager/timeline-manager.svelte.ts

@@ -1,4 +1,4 @@
-import { AccessHint, AssetOrder, getAssetInfo, getTimeBuckets } from '@immich/sdk';
+import { AssetOrder, getAssetInfo, getTimeBuckets } from '@immich/sdk';
 
 import { authManager } from '$lib/managers/auth-manager.svelte';
 
@@ -38,7 +38,6 @@ import type {
 } from './types';
 
 export class TimelineManager {
-  hint?: AccessHint;
   isInitialized = $state(false);
   months: MonthGroup[] = $state([]);
   topSectionHeight = $state(0);
@@ -98,9 +97,7 @@ export class TimelineManager {
     monthGroup: undefined,
   });
 
-  constructor(options?: { hint?: AccessHint }) {
-    this.hint = options?.hint;
-  }
+  constructor() {}
 
   setLayoutOptions({ headerHeight = 48, rowHeight = 235, gap = 12 }: TimelineManagerLayoutOptions) {
     let changed = false;

web/src/lib/utils.ts

@@ -5,7 +5,6 @@ import { lang } from '$lib/stores/preferences.store';
 import { serverConfig } from '$lib/stores/server-config.store';
 import { handleError } from '$lib/utils/handle-error';
 import {
-  AccessHint,
   AssetJobName,
   AssetMediaSize,
   JobName,
@@ -198,14 +197,12 @@ export const getAssetOriginalUrl = (options: string | AssetUrlOptions) => {
   return createUrl(getAssetOriginalPath(id), { ...authManager.params, c: cacheKey });
 };
 
-export const getAssetThumbnailUrl = (
-  options: string | (AssetUrlOptions & { size?: AssetMediaSize; hint?: AccessHint }),
-) => {
+export const getAssetThumbnailUrl = (options: string | (AssetUrlOptions & { size?: AssetMediaSize })) => {
   if (typeof options === 'string') {
     options = { id: options };
   }
-  const { id, size, cacheKey, hint } = options;
-  return createUrl(getAssetThumbnailPath(id), { ...authManager.params, size, c: cacheKey, hint });
+  const { id, size, cacheKey } = options;
+  return createUrl(getAssetThumbnailPath(id), { ...authManager.params, size, c: cacheKey });
 };
 
 export const getAssetPlaybackUrl = (options: string | AssetUrlOptions) => {

web/src/routes/(user)/albums/[albumId=id]/[[photos=photos]]/[[assetId=id]]/+page.svelte

@@ -59,7 +59,6 @@
     type AssetGridRouteSearchParams,
   } from '$lib/utils/navigation';
   import {
-    AccessHint,
     AlbumUserRole,
     AssetOrder,
     AssetVisibility,
@@ -329,7 +328,7 @@
     }
   });
 
-  let timelineManager = new TimelineManager({ hint: AccessHint.Album });
+  let timelineManager = new TimelineManager();
 
   $effect(() => {
     if (viewMode === AlbumPageViewMode.VIEW) {

web/src/routes/(user)/partners/[userId]/[[photos=photos]]/[[assetId=id]]/+page.svelte

@@ -10,7 +10,7 @@
   import { AppRoute } from '$lib/constants';
   import { TimelineManager } from '$lib/managers/timeline-manager/timeline-manager.svelte';
   import { AssetInteraction } from '$lib/stores/asset-interaction.svelte';
-  import { AccessHint, AssetVisibility } from '@immich/sdk';
+  import { AssetVisibility } from '@immich/sdk';
   import { mdiArrowLeft, mdiPlus } from '@mdi/js';
   import { onDestroy } from 'svelte';
   import { t } from 'svelte-i18n';
@@ -22,7 +22,7 @@
 
   let { data }: Props = $props();
 
-  const timelineManager = new TimelineManager({ hint: AccessHint.Partner });
+  const timelineManager = new TimelineManager();
   $effect(
     () =>
       void timelineManager.updateOptions({