fix: merge main

re-add extends section

cli/src/commands/auth.ts

@@ -1,4 +1,4 @@
-import { getMyUserInfo } from '@immich/sdk';
+import { getMyUser } from '@immich/sdk';
 import { existsSync } from 'node:fs';
 import { mkdir, unlink } from 'node:fs/promises';
 import { BaseOptions, connect, getAuthFilePath, logError, withError, writeAuthFile } from 'src/utils';
@@ -10,13 +10,13 @@ export const login = async (url: string, key: string, options: BaseOptions) => {
 
   await connect(url, key);
 
-  const [error, userInfo] = await withError(getMyUserInfo());
+  const [error, user] = await withError(getMyUser());
   if (error) {
     logError(error, 'Failed to load user info');
     process.exit(1);
   }
 
-  console.log(`Logged in as ${userInfo.email}`);
+  console.log(`Logged in as ${user.email}`);
 
   if (!existsSync(configDir)) {
     // Create config folder if it doesn't exist

cli/src/commands/server-info.ts

@@ -1,4 +1,4 @@
-import { getAssetStatistics, getMyUserInfo, getServerVersion, getSupportedMediaTypes } from '@immich/sdk';
+import { getAssetStatistics, getMyUser, getServerVersion, getSupportedMediaTypes } from '@immich/sdk';
 import { BaseOptions, authenticate } from 'src/utils';
 
 export const serverInfo = async (options: BaseOptions) => {
@@ -8,7 +8,7 @@ export const serverInfo = async (options: BaseOptions) => {
     getServerVersion(),
     getSupportedMediaTypes(),
     getAssetStatistics({}),
-    getMyUserInfo(),
+    getMyUser(),
   ]);
 
   console.log(`Server Info (via ${userInfo.email})`);

cli/src/utils.ts

@@ -1,4 +1,4 @@
-import { getMyUserInfo, init, isHttpError } from '@immich/sdk';
+import { getMyUser, init, isHttpError } from '@immich/sdk';
 import { glob } from 'fast-glob';
 import { createHash } from 'node:crypto';
 import { createReadStream } from 'node:fs';
@@ -48,7 +48,7 @@ export const connect = async (url: string, key: string) => {
 
   init({ baseUrl: url, apiKey: key });
 
-  const [error] = await withError(getMyUserInfo());
+  const [error] = await withError(getMyUser());
   if (isHttpError(error)) {
     logError(error, 'Failed to connect to server');
     process.exit(1);

docker/docker-compose.dev.yml

@@ -9,6 +9,9 @@ services:
     container_name: immich_server
     command: ['/usr/src/app/bin/immich-dev']
     image: immich-server-dev:latest
+    # extends:
+    #   file: hwaccel.transcoding.yml
+    #   service: cpu # set to one of [nvenc, quicksync, rkmpp, vaapi, vaapi-wsl] for accelerated transcoding
     build:
       context: ../
       dockerfile: server/Dockerfile

docker/docker-compose.prod.yml

@@ -4,6 +4,9 @@ services:
   immich-server:
     container_name: immich_server
     image: immich-server:latest
+    # extends:
+    #   file: hwaccel.transcoding.yml
+    #   service: cpu # set to one of [nvenc, quicksync, rkmpp, vaapi, vaapi-wsl] for accelerated transcoding
     build:
       context: ../
       dockerfile: server/Dockerfile

docker/docker-compose.yml

@@ -12,6 +12,9 @@ services:
   immich-server:
     container_name: immich_server
     image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release}
+    # extends:
+    #   file: hwaccel.transcoding.yml
+    #   service: cpu # set to one of [nvenc, quicksync, rkmpp, vaapi, vaapi-wsl] for accelerated transcoding
     volumes:
       - ${UPLOAD_LOCATION}:/usr/src/app/upload
       - /etc/localtime:/etc/localtime:ro

docs/docs/administration/oauth.md

@@ -110,8 +110,44 @@ Immich has a route (`/api/oauth/mobile-redirect`) that is already configured to
 
 ## Example Configuration
 
+<details>
+<summary>Authentik Example</summary>
+
+### Authentik Example
+
 Here's an example of OAuth configured for Authentik:
 
-![OAuth Settings](./img/oauth-settings.png)
+<img src={require('./img/oauth-settings.png').default} title="OAuth settings" />
+
+</details>
+
+<details>
+<summary>Google Example</summary>
+
+### Google Example
+
+Configuration of Authorised redirect URIs (Google Console)
+
+<img src={require('./img/google-example.webp').default} width='50%' title="Authorised redirect URIs" />
+
+Configuration of OAuth in System Settings
+
+| Setting                      | Value                                                                                                  |
+| ---------------------------- | ------------------------------------------------------------------------------------------------------ |
+| Issuer URL                   | [https://accounts.google.com](https://accounts.google.com)                                             |
+| Client ID                    | 7\***\*\*\*\*\*\*\***\*\*\***\*\*\*\*\*\*\***vuls.apps.googleusercontent.com                           |
+| Client Secret                | G\***\*\*\*\*\*\*\***\*\*\***\*\*\*\*\*\*\***OO                                                        |
+| Scope                        | openid email profile                                                                                   |
+| Signing Algorithm            | RS256                                                                                                  |
+| Storage Label Claim          | preferred_username                                                                                     |
+| Storage Quota Claim          | immich_quota                                                                                           |
+| Default Storage Quota (GiB)  | 0 (0 for unlimited quota)                                                                              |
+| Button Text                  | Sign in with Google (optional)                                                                         |
+| Auto Register                | Enabled (optional)                                                                                     |
+| Auto Launch                  | Enabled                                                                                                |
+| Mobile Redirect URI Override | Enabled (required)                                                                                     |
+| Mobile Redirect URI          | [https://demo.immich.app/api/oauth/mobile-redirect](https://demo.immich.app/api/oauth/mobile-redirect) |
+
+</details>
 
 [oidc]: https://openid.net/connect/

docs/docs/guides/remote-machine-learning.md

@@ -15,7 +15,7 @@ The [hwaccel.ml.yml](https://github.com/immich-app/immich/releases/latest/downlo
 :::
 
 ```yaml
-version: '3.8'
+name: immich_remote_ml
 
 services:
   immich-machine-learning:

e2e/src/api/specs/album.e2e-spec.ts

@@ -4,7 +4,7 @@ import {
   AlbumUserRole,
   AssetFileUploadResponseDto,
   AssetOrder,
-  deleteUser,
+  deleteUserAdmin,
   getAlbumInfo,
   LoginResponseDto,
   SharedLinkType,
@@ -107,7 +107,7 @@ describe('/albums', () => {
       }),
     ]);
 
-    await deleteUser({ id: user3.userId, deleteUserDto: {} }, { headers: asBearerAuth(admin.accessToken) });
+    await deleteUserAdmin({ id: user3.userId, userAdminDeleteDto: {} }, { headers: asBearerAuth(admin.accessToken) });
   });
 
   describe('GET /albums', () => {

e2e/src/api/specs/asset.e2e-spec.ts

@@ -5,7 +5,7 @@ import {
   LoginResponseDto,
   SharedLinkType,
   getAssetInfo,
-  getMyUserInfo,
+  getMyUser,
   updateAssets,
 } from '@immich/sdk';
 import { exiftool } from 'exiftool-vendored';
@@ -86,6 +86,8 @@ describe('/asset', () => {
       utils.userSetup(admin.accessToken, createUserDto.create('stack')),
     ]);
 
+    await utils.createPartner(user1.accessToken, user2.userId);
+
     // asset location
     locationAsset = await utils.createAsset(admin.accessToken, {
       assetData: {
@@ -213,15 +215,18 @@ describe('/asset', () => {
       expect(body).toMatchObject({
         id: user1Assets[0].id,
         isFavorite: false,
-        people: [
-          {
-            birthDate: null,
-            id: expect.any(String),
-            isHidden: false,
-            name: 'Test Person',
-            thumbnailPath: '/my/awesome/thumbnail.jpg',
-          },
-        ],
+        people: {
+          visiblePeople: [
+            {
+              birthDate: null,
+              id: expect.any(String),
+              isHidden: false,
+              name: 'Test Person',
+              thumbnailPath: '/my/awesome/thumbnail.jpg',
+            },
+          ],
+          numberOfFaces: 1,
+        },
       });
 
       const sharedLink = await utils.createSharedLink(user1.accessToken, {
@@ -231,7 +236,36 @@ describe('/asset', () => {
 
       const data = await request(app).get(`/asset/${user1Assets[0].id}?key=${sharedLink.key}`);
       expect(data.status).toBe(200);
-      expect(data.body).toMatchObject({ people: [] });
+      expect(data.body).not.toHaveProperty('people');
+    });
+
+    describe('partner assets', () => {
+      it('should get the asset info', async () => {
+        const { status, body } = await request(app)
+          .get(`/asset/${user1Assets[0].id}`)
+          .set('Authorization', `Bearer ${user2.accessToken}`);
+        expect(status).toBe(200);
+        expect(body).toMatchObject({ id: user1Assets[0].id });
+      });
+
+      it('disallows viewing archived assets', async () => {
+        const asset = await utils.createAsset(user1.accessToken, { isArchived: true });
+
+        const { status } = await request(app)
+          .get(`/asset/${asset.id}`)
+          .set('Authorization', `Bearer ${user2.accessToken}`);
+        expect(status).toBe(400);
+      });
+
+      it('disallows viewing trashed assets', async () => {
+        const asset = await utils.createAsset(user1.accessToken);
+        await utils.deleteAssets(user1.accessToken, [asset.id]);
+
+        const { status } = await request(app)
+          .get(`/asset/${asset.id}`)
+          .set('Authorization', `Bearer ${user2.accessToken}`);
+        expect(status).toBe(400);
+      });
     });
   });
 
@@ -480,15 +514,18 @@ describe('/asset', () => {
       expect(body).toMatchObject({
         id: user1Assets[0].id,
         isFavorite: true,
-        people: [
-          {
-            birthDate: null,
-            id: expect.any(String),
-            isHidden: false,
-            name: 'Test Person',
-            thumbnailPath: '/my/awesome/thumbnail.jpg',
-          },
-        ],
+        people: {
+          visiblePeople: [
+            {
+              birthDate: null,
+              id: expect.any(String),
+              isHidden: false,
+              name: 'Test Person',
+              thumbnailPath: '/my/awesome/thumbnail.jpg',
+            },
+          ],
+          numberOfFaces: 1,
+        },
       });
     });
   });
@@ -1131,7 +1168,7 @@ describe('/asset', () => {
       expect(body).toEqual({ id: expect.any(String), duplicate: false });
       expect(status).toBe(201);
 
-      const user = await getMyUserInfo({ headers: asBearerAuth(quotaUser.accessToken) });
+      const user = await getMyUser({ headers: asBearerAuth(quotaUser.accessToken) });
 
       expect(user).toEqual(expect.objectContaining({ quotaUsageInBytes: 70 }));
     });

e2e/src/api/specs/shared-link.e2e-spec.ts

@@ -5,7 +5,7 @@ import {
   SharedLinkResponseDto,
   SharedLinkType,
   createAlbum,
-  deleteUser,
+  deleteUserAdmin,
 } from '@immich/sdk';
 import { createUserDto, uuidDto } from 'src/fixtures';
 import { errorDto } from 'src/responses';
@@ -86,7 +86,7 @@ describe('/shared-links', () => {
         }),
       ]);
 
-    await deleteUser({ id: user2.userId, deleteUserDto: {} }, { headers: asBearerAuth(admin.accessToken) });
+    await deleteUserAdmin({ id: user2.userId, userAdminDeleteDto: {} }, { headers: asBearerAuth(admin.accessToken) });
   });
 
   describe('GET /share/${key}', () => {

e2e/src/api/specs/user-admin.e2e-spec.ts

@@ -0,0 +1,317 @@
+import { LoginResponseDto, deleteUserAdmin, getMyUser, getUserAdmin, login } from '@immich/sdk';
+import { Socket } from 'socket.io-client';
+import { createUserDto, uuidDto } from 'src/fixtures';
+import { errorDto } from 'src/responses';
+import { app, asBearerAuth, utils } from 'src/utils';
+import request from 'supertest';
+import { afterAll, beforeAll, describe, expect, it } from 'vitest';
+
+describe('/admin/users', () => {
+  let websocket: Socket;
+
+  let admin: LoginResponseDto;
+  let nonAdmin: LoginResponseDto;
+  let deletedUser: LoginResponseDto;
+  let userToDelete: LoginResponseDto;
+  let userToHardDelete: LoginResponseDto;
+
+  beforeAll(async () => {
+    await utils.resetDatabase();
+    admin = await utils.adminSetup({ onboarding: false });
+
+    [websocket, nonAdmin, deletedUser, userToDelete, userToHardDelete] = await Promise.all([
+      utils.connectWebsocket(admin.accessToken),
+      utils.userSetup(admin.accessToken, createUserDto.user1),
+      utils.userSetup(admin.accessToken, createUserDto.user2),
+      utils.userSetup(admin.accessToken, createUserDto.user3),
+      utils.userSetup(admin.accessToken, createUserDto.user4),
+    ]);
+
+    await deleteUserAdmin(
+      { id: deletedUser.userId, userAdminDeleteDto: {} },
+      { headers: asBearerAuth(admin.accessToken) },
+    );
+  });
+
+  afterAll(() => {
+    utils.disconnectWebsocket(websocket);
+  });
+
+  describe('GET /admin/users', () => {
+    it('should require authentication', async () => {
+      const { status, body } = await request(app).get(`/admin/users`);
+      expect(status).toBe(401);
+      expect(body).toEqual(errorDto.unauthorized);
+    });
+
+    it('should require authorization', async () => {
+      const { status, body } = await request(app)
+        .get(`/admin/users`)
+        .set('Authorization', `Bearer ${nonAdmin.accessToken}`);
+      expect(status).toBe(403);
+      expect(body).toEqual(errorDto.forbidden);
+    });
+
+    it('should hide deleted users by default', async () => {
+      const { status, body } = await request(app)
+        .get(`/admin/users`)
+        .set('Authorization', `Bearer ${admin.accessToken}`);
+      expect(status).toBe(200);
+      expect(body).toHaveLength(4);
+      expect(body).toEqual(
+        expect.arrayContaining([
+          expect.objectContaining({ email: admin.userEmail }),
+          expect.objectContaining({ email: nonAdmin.userEmail }),
+          expect.objectContaining({ email: userToDelete.userEmail }),
+          expect.objectContaining({ email: userToHardDelete.userEmail }),
+        ]),
+      );
+    });
+
+    it('should include deleted users', async () => {
+      const { status, body } = await request(app)
+        .get(`/admin/users?withDeleted=true`)
+        .set('Authorization', `Bearer ${admin.accessToken}`);
+
+      expect(status).toBe(200);
+      expect(body).toHaveLength(5);
+      expect(body).toEqual(
+        expect.arrayContaining([
+          expect.objectContaining({ email: admin.userEmail }),
+          expect.objectContaining({ email: nonAdmin.userEmail }),
+          expect.objectContaining({ email: userToDelete.userEmail }),
+          expect.objectContaining({ email: userToHardDelete.userEmail }),
+          expect.objectContaining({ email: deletedUser.userEmail }),
+        ]),
+      );
+    });
+  });
+
+  describe('POST /admin/users', () => {
+    it('should require authentication', async () => {
+      const { status, body } = await request(app).post(`/admin/users`).send(createUserDto.user1);
+      expect(status).toBe(401);
+      expect(body).toEqual(errorDto.unauthorized);
+    });
+
+    it('should require authorization', async () => {
+      const { status, body } = await request(app)
+        .post(`/admin/users`)
+        .set('Authorization', `Bearer ${nonAdmin.accessToken}`)
+        .send(createUserDto.user1);
+      expect(status).toBe(403);
+      expect(body).toEqual(errorDto.forbidden);
+    });
+
+    for (const key of [
+      'password',
+      'email',
+      'name',
+      'quotaSizeInBytes',
+      'shouldChangePassword',
+      'memoriesEnabled',
+      'notify',
+    ]) {
+      it(`should not allow null ${key}`, async () => {
+        const { status, body } = await request(app)
+          .post(`/admin/users`)
+          .set('Authorization', `Bearer ${admin.accessToken}`)
+          .send({ ...createUserDto.user1, [key]: null });
+        expect(status).toBe(400);
+        expect(body).toEqual(errorDto.badRequest());
+      });
+    }
+
+    it('should ignore `isAdmin`', async () => {
+      const { status, body } = await request(app)
+        .post(`/admin/users`)
+        .send({
+          isAdmin: true,
+          email: 'user5@immich.cloud',
+          password: 'password123',
+          name: 'Immich',
+        })
+        .set('Authorization', `Bearer ${admin.accessToken}`);
+      expect(body).toMatchObject({
+        email: 'user5@immich.cloud',
+        isAdmin: false,
+        shouldChangePassword: true,
+      });
+      expect(status).toBe(201);
+    });
+
+    it('should create a user without memories enabled', async () => {
+      const { status, body } = await request(app)
+        .post(`/admin/users`)
+        .send({
+          email: 'no-memories@immich.cloud',
+          password: 'Password123',
+          name: 'No Memories',
+          memoriesEnabled: false,
+        })
+        .set('Authorization', `Bearer ${admin.accessToken}`);
+      expect(body).toMatchObject({
+        email: 'no-memories@immich.cloud',
+        memoriesEnabled: false,
+      });
+      expect(status).toBe(201);
+    });
+  });
+
+  describe('PUT /admin/users/:id', () => {
+    it('should require authentication', async () => {
+      const { status, body } = await request(app).put(`/admin/users/${uuidDto.notFound}`);
+      expect(status).toBe(401);
+      expect(body).toEqual(errorDto.unauthorized);
+    });
+
+    it('should require authorization', async () => {
+      const { status, body } = await request(app)
+        .put(`/admin/users/${uuidDto.notFound}`)
+        .set('Authorization', `Bearer ${nonAdmin.accessToken}`);
+      expect(status).toBe(403);
+      expect(body).toEqual(errorDto.forbidden);
+    });
+
+    for (const key of ['password', 'email', 'name', 'shouldChangePassword', 'memoriesEnabled']) {
+      it(`should not allow null ${key}`, async () => {
+        const { status, body } = await request(app)
+          .put(`/admin/users/${uuidDto.notFound}`)
+          .set('Authorization', `Bearer ${admin.accessToken}`)
+          .send({ [key]: null });
+        expect(status).toBe(400);
+        expect(body).toEqual(errorDto.badRequest());
+      });
+    }
+
+    it('should not allow a non-admin to become an admin', async () => {
+      const { status, body } = await request(app)
+        .put(`/admin/users/${nonAdmin.userId}`)
+        .send({ isAdmin: true })
+        .set('Authorization', `Bearer ${admin.accessToken}`);
+
+      expect(status).toBe(200);
+      expect(body).toMatchObject({ isAdmin: false });
+    });
+
+    it('ignores updates to profileImagePath', async () => {
+      const { status, body } = await request(app)
+        .put(`/admin/users/${admin.userId}`)
+        .send({ profileImagePath: 'invalid.jpg' })
+        .set('Authorization', `Bearer ${admin.accessToken}`);
+
+      expect(status).toBe(200);
+      expect(body).toMatchObject({ id: admin.userId, profileImagePath: '' });
+    });
+
+    it('should update first and last name', async () => {
+      const before = await getUserAdmin({ id: admin.userId }, { headers: asBearerAuth(admin.accessToken) });
+
+      const { status, body } = await request(app)
+        .put(`/admin/users/${admin.userId}`)
+        .send({ name: 'Name' })
+        .set('Authorization', `Bearer ${admin.accessToken}`);
+
+      expect(status).toBe(200);
+      expect(body).toEqual({
+        ...before,
+        updatedAt: expect.any(String),
+        name: 'Name',
+      });
+      expect(before.updatedAt).not.toEqual(body.updatedAt);
+    });
+
+    it('should update memories enabled', async () => {
+      const before = await getUserAdmin({ id: admin.userId }, { headers: asBearerAuth(admin.accessToken) });
+      const { status, body } = await request(app)
+        .put(`/admin/users/${admin.userId}`)
+        .send({ memoriesEnabled: false })
+        .set('Authorization', `Bearer ${admin.accessToken}`);
+
+      expect(status).toBe(200);
+      expect(body).toMatchObject({
+        ...before,
+        updatedAt: expect.anything(),
+        memoriesEnabled: false,
+      });
+      expect(before.updatedAt).not.toEqual(body.updatedAt);
+    });
+
+    it('should update password', async () => {
+      const { status, body } = await request(app)
+        .put(`/admin/users/${nonAdmin.userId}`)
+        .send({ password: 'super-secret' })
+        .set('Authorization', `Bearer ${admin.accessToken}`);
+
+      expect(status).toBe(200);
+      expect(body).toMatchObject({ email: nonAdmin.userEmail });
+
+      const token = await login({ loginCredentialDto: { email: nonAdmin.userEmail, password: 'super-secret' } });
+      expect(token.accessToken).toBeDefined();
+
+      const user = await getMyUser({ headers: asBearerAuth(token.accessToken) });
+      expect(user).toMatchObject({ email: nonAdmin.userEmail });
+    });
+  });
+
+  describe('DELETE /admin/users/:id', () => {
+    it('should require authentication', async () => {
+      const { status, body } = await request(app).delete(`/admin/users/${userToDelete.userId}`);
+      expect(status).toBe(401);
+      expect(body).toEqual(errorDto.unauthorized);
+    });
+
+    it('should require authorization', async () => {
+      const { status, body } = await request(app)
+        .delete(`/admin/users/${userToDelete.userId}`)
+        .set('Authorization', `Bearer ${nonAdmin.accessToken}`);
+      expect(status).toBe(403);
+      expect(body).toEqual(errorDto.forbidden);
+    });
+
+    it('should delete user', async () => {
+      const { status, body } = await request(app)
+        .delete(`/admin/users/${userToDelete.userId}`)
+        .set('Authorization', `Bearer ${admin.accessToken}`);
+
+      expect(status).toBe(200);
+      expect(body).toMatchObject({
+        id: userToDelete.userId,
+        updatedAt: expect.any(String),
+        deletedAt: expect.any(String),
+      });
+    });
+
+    it('should hard delete a user', async () => {
+      const { status, body } = await request(app)
+        .delete(`/admin/users/${userToHardDelete.userId}`)
+        .send({ force: true })
+        .set('Authorization', `Bearer ${admin.accessToken}`);
+
+      expect(status).toBe(200);
+      expect(body).toMatchObject({
+        id: userToHardDelete.userId,
+        updatedAt: expect.any(String),
+        deletedAt: expect.any(String),
+      });
+
+      await utils.waitForWebsocketEvent({ event: 'userDelete', id: userToHardDelete.userId, timeout: 5000 });
+    });
+  });
+
+  describe('POST /admin/users/:id/restore', () => {
+    it('should require authentication', async () => {
+      const { status, body } = await request(app).post(`/admin/users/${userToDelete.userId}/restore`);
+      expect(status).toBe(401);
+      expect(body).toEqual(errorDto.unauthorized);
+    });
+
+    it('should require authorization', async () => {
+      const { status, body } = await request(app)
+        .post(`/admin/users/${userToDelete.userId}/restore`)
+        .set('Authorization', `Bearer ${nonAdmin.accessToken}`);
+      expect(status).toBe(403);
+      expect(body).toEqual(errorDto.forbidden);
+    });
+  });
+});

e2e/src/api/specs/user.e2e-spec.ts

@@ -1,37 +1,28 @@
-import { LoginResponseDto, deleteUser, getUserById } from '@immich/sdk';
-import { Socket } from 'socket.io-client';
-import { createUserDto, userDto } from 'src/fixtures';
+import { LoginResponseDto, SharedLinkType, deleteUserAdmin, getMyUser, login } from '@immich/sdk';
+import { createUserDto } from 'src/fixtures';
 import { errorDto } from 'src/responses';
 import { app, asBearerAuth, utils } from 'src/utils';
 import request from 'supertest';
-import { afterAll, beforeAll, describe, expect, it } from 'vitest';
+import { beforeAll, describe, expect, it } from 'vitest';
 
 describe('/users', () => {
-  let websocket: Socket;
-
   let admin: LoginResponseDto;
   let deletedUser: LoginResponseDto;
-  let userToDelete: LoginResponseDto;
-  let userToHardDelete: LoginResponseDto;
   let nonAdmin: LoginResponseDto;
 
   beforeAll(async () => {
     await utils.resetDatabase();
     admin = await utils.adminSetup({ onboarding: false });
 
-    [websocket, deletedUser, nonAdmin, userToDelete, userToHardDelete] = await Promise.all([
-      utils.connectWebsocket(admin.accessToken),
+    [deletedUser, nonAdmin] = await Promise.all([
       utils.userSetup(admin.accessToken, createUserDto.user1),
       utils.userSetup(admin.accessToken, createUserDto.user2),
-      utils.userSetup(admin.accessToken, createUserDto.user3),
-      utils.userSetup(admin.accessToken, createUserDto.user4),
     ]);
 
-    await deleteUser({ id: deletedUser.userId, deleteUserDto: {} }, { headers: asBearerAuth(admin.accessToken) });
-  });
-
-  afterAll(() => {
-    utils.disconnectWebsocket(websocket);
+    await deleteUserAdmin(
+      { id: deletedUser.userId, userAdminDeleteDto: {} },
+      { headers: asBearerAuth(admin.accessToken) },
+    );
   });
 
   describe('GET /users', () => {
@@ -44,71 +35,14 @@ describe('/users', () => {
     it('should get users', async () => {
       const { status, body } = await request(app).get('/users').set('Authorization', `Bearer ${admin.accessToken}`);
       expect(status).toEqual(200);
-      expect(body).toHaveLength(5);
-      expect(body).toEqual(
-        expect.arrayContaining([
-          expect.objectContaining({ email: 'admin@immich.cloud' }),
-          expect.objectContaining({ email: 'user1@immich.cloud' }),
-          expect.objectContaining({ email: 'user2@immich.cloud' }),
-          expect.objectContaining({ email: 'user3@immich.cloud' }),
-          expect.objectContaining({ email: 'user4@immich.cloud' }),
-        ]),
-      );
-    });
-
-    it('should hide deleted users', async () => {
-      const { status, body } = await request(app)
-        .get(`/users`)
-        .query({ isAll: true })
-        .set('Authorization', `Bearer ${admin.accessToken}`);
-      expect(status).toBe(200);
-      expect(body).toHaveLength(4);
+      expect(body).toHaveLength(2);
       expect(body).toEqual(
         expect.arrayContaining([
           expect.objectContaining({ email: 'admin@immich.cloud' }),
           expect.objectContaining({ email: 'user2@immich.cloud' }),
-          expect.objectContaining({ email: 'user3@immich.cloud' }),
-          expect.objectContaining({ email: 'user4@immich.cloud' }),
         ]),
       );
     });
-
-    it('should include deleted users', async () => {
-      const { status, body } = await request(app)
-        .get(`/users`)
-        .query({ isAll: false })
-        .set('Authorization', `Bearer ${admin.accessToken}`);
-
-      expect(status).toBe(200);
-      expect(body).toHaveLength(5);
-      expect(body).toEqual(
-        expect.arrayContaining([
-          expect.objectContaining({ email: 'admin@immich.cloud' }),
-          expect.objectContaining({ email: 'user1@immich.cloud' }),
-          expect.objectContaining({ email: 'user2@immich.cloud' }),
-          expect.objectContaining({ email: 'user3@immich.cloud' }),
-          expect.objectContaining({ email: 'user4@immich.cloud' }),
-        ]),
-      );
-    });
-  });
-
-  describe('GET /users/:id', () => {
-    it('should require authentication', async () => {
-      const { status } = await request(app).get(`/users/${admin.userId}`);
-      expect(status).toEqual(401);
-    });
-
-    it('should get the user info', async () => {
-      const { status, body } = await request(app)
-        .get(`/users/${admin.userId}`)
-        .set('Authorization', `Bearer ${admin.accessToken}`);
-      expect(status).toBe(200);
-      expect(body).toMatchObject({
-        id: admin.userId,
-        email: 'admin@immich.cloud',
-      });
-    });
   });
 
   describe('GET /users/me', () => {
@@ -118,154 +52,54 @@ describe('/users', () => {
       expect(body).toEqual(errorDto.unauthorized);
     });
 
-    it('should get my info', async () => {
+    it('should not work for shared links', async () => {
+      const album = await utils.createAlbum(admin.accessToken, { albumName: 'Album' });
+      const sharedLink = await utils.createSharedLink(admin.accessToken, {
+        type: SharedLinkType.Album,
+        albumId: album.id,
+      });
+      const { status, body } = await request(app).get(`/users/me?key=${sharedLink.key}`);
+      expect(status).toBe(403);
+      expect(body).toEqual(errorDto.forbidden);
+    });
+
+    it('should get my user', async () => {
       const { status, body } = await request(app).get(`/users/me`).set('Authorization', `Bearer ${admin.accessToken}`);
       expect(status).toBe(200);
       expect(body).toMatchObject({
         id: admin.userId,
         email: 'admin@immich.cloud',
+        memoriesEnabled: true,
+        quotaUsageInBytes: 0,
       });
     });
   });
 
-  describe('POST /users', () => {
+  describe('PUT /users/me', () => {
     it('should require authentication', async () => {
-      const { status, body } = await request(app).post(`/users`).send(createUserDto.user1);
+      const { status, body } = await request(app).put(`/users/me`);
       expect(status).toBe(401);
       expect(body).toEqual(errorDto.unauthorized);
     });
 
-    for (const key of Object.keys(createUserDto.user1)) {
+    for (const key of ['email', 'name', 'memoriesEnabled', 'avatarColor']) {
       it(`should not allow null ${key}`, async () => {
+        const dto = { [key]: null };
         const { status, body } = await request(app)
-          .post(`/users`)
+          .put(`/users/me`)
           .set('Authorization', `Bearer ${admin.accessToken}`)
-          .send({ ...createUserDto.user1, [key]: null });
+          .send(dto);
         expect(status).toBe(400);
         expect(body).toEqual(errorDto.badRequest());
       });
     }
 
-    it('should ignore `isAdmin`', async () => {
-      const { status, body } = await request(app)
-        .post(`/users`)
-        .send({
-          isAdmin: true,
-          email: 'user5@immich.cloud',
-          password: 'password123',
-          name: 'Immich',
-        })
-        .set('Authorization', `Bearer ${admin.accessToken}`);
-      expect(body).toMatchObject({
-        email: 'user5@immich.cloud',
-        isAdmin: false,
-        shouldChangePassword: true,
-      });
-      expect(status).toBe(201);
-    });
-
-    it('should create a user without memories enabled', async () => {
-      const { status, body } = await request(app)
-        .post(`/users`)
-        .send({
-          email: 'no-memories@immich.cloud',
-          password: 'Password123',
-          name: 'No Memories',
-          memoriesEnabled: false,
-        })
-        .set('Authorization', `Bearer ${admin.accessToken}`);
-      expect(body).toMatchObject({
-        email: 'no-memories@immich.cloud',
-        memoriesEnabled: false,
-      });
-      expect(status).toBe(201);
-    });
-  });
-
-  describe('DELETE /users/:id', () => {
-    it('should require authentication', async () => {
-      const { status, body } = await request(app).delete(`/users/${userToDelete.userId}`);
-      expect(status).toBe(401);
-      expect(body).toEqual(errorDto.unauthorized);
-    });
-
-    it('should delete user', async () => {
-      const { status, body } = await request(app)
-        .delete(`/users/${userToDelete.userId}`)
-        .set('Authorization', `Bearer ${admin.accessToken}`);
-
-      expect(status).toBe(200);
-      expect(body).toMatchObject({
-        id: userToDelete.userId,
-        updatedAt: expect.any(String),
-        deletedAt: expect.any(String),
-      });
-    });
-
-    it('should hard delete user', async () => {
-      const { status, body } = await request(app)
-        .delete(`/users/${userToHardDelete.userId}`)
-        .send({ force: true })
-        .set('Authorization', `Bearer ${admin.accessToken}`);
-
-      expect(status).toBe(200);
-      expect(body).toMatchObject({
-        id: userToHardDelete.userId,
-        updatedAt: expect.any(String),
-        deletedAt: expect.any(String),
-      });
-
-      await utils.waitForWebsocketEvent({ event: 'userDelete', id: userToHardDelete.userId, timeout: 5000 });
-    });
-  });
-
-  describe('PUT /users', () => {
-    it('should require authentication', async () => {
-      const { status, body } = await request(app).put(`/users`);
-      expect(status).toBe(401);
-      expect(body).toEqual(errorDto.unauthorized);
-    });
-
-    for (const key of Object.keys(userDto.admin)) {
-      it(`should not allow null ${key}`, async () => {
-        const { status, body } = await request(app)
-          .put(`/users`)
-          .set('Authorization', `Bearer ${admin.accessToken}`)
-          .send({ ...userDto.admin, [key]: null });
-        expect(status).toBe(400);
-        expect(body).toEqual(errorDto.badRequest());
-      });
-    }
-
-    it('should not allow a non-admin to become an admin', async () => {
-      const { status, body } = await request(app)
-        .put(`/users`)
-        .send({ isAdmin: true, id: nonAdmin.userId })
-        .set('Authorization', `Bearer ${admin.accessToken}`);
-
-      expect(status).toBe(400);
-      expect(body).toEqual(errorDto.alreadyHasAdmin);
-    });
-
-    it('ignores updates to profileImagePath', async () => {
-      const { status, body } = await request(app)
-        .put(`/users`)
-        .send({ id: admin.userId, profileImagePath: 'invalid.jpg' })
-        .set('Authorization', `Bearer ${admin.accessToken}`);
-
-      expect(status).toBe(200);
-      expect(body).toMatchObject({ id: admin.userId, profileImagePath: '' });
-    });
-
     it('should update first and last name', async () => {
-      const before = await getUserById({ id: admin.userId }, { headers: asBearerAuth(admin.accessToken) });
+      const before = await getMyUser({ headers: asBearerAuth(admin.accessToken) });
 
       const { status, body } = await request(app)
-        .put(`/users`)
-        .send({
-          id: admin.userId,
-          name: 'Name',
-        })
+        .put(`/users/me`)
+        .send({ name: 'Name' })
         .set('Authorization', `Bearer ${admin.accessToken}`);
 
       expect(status).toBe(200);
@@ -274,17 +108,13 @@ describe('/users', () => {
         updatedAt: expect.any(String),
         name: 'Name',
       });
-      expect(before.updatedAt).not.toEqual(body.updatedAt);
     });
 
     it('should update memories enabled', async () => {
-      const before = await getUserById({ id: admin.userId }, { headers: asBearerAuth(admin.accessToken) });
+      const before = await getMyUser({ headers: asBearerAuth(admin.accessToken) });
       const { status, body } = await request(app)
-        .put(`/users`)
-        .send({
-          id: admin.userId,
-          memoriesEnabled: false,
-        })
+        .put(`/users/me`)
+        .send({ memoriesEnabled: false })
         .set('Authorization', `Bearer ${admin.accessToken}`);
 
       expect(status).toBe(200);
@@ -293,7 +123,80 @@ describe('/users', () => {
         updatedAt: expect.anything(),
         memoriesEnabled: false,
       });
-      expect(before.updatedAt).not.toEqual(body.updatedAt);
+
+      const after = await getMyUser({ headers: asBearerAuth(admin.accessToken) });
+      expect(after.memoriesEnabled).toBe(false);
+    });
+
+    /** @deprecated */
+    it('should allow a user to change their password (deprecated)', async () => {
+      const user = await getMyUser({ headers: asBearerAuth(nonAdmin.accessToken) });
+
+      expect(user.shouldChangePassword).toBe(true);
+
+      const { status, body } = await request(app)
+        .put(`/users/me`)
+        .send({ password: 'super-secret' })
+        .set('Authorization', `Bearer ${nonAdmin.accessToken}`);
+
+      expect(status).toBe(200);
+      expect(body).toMatchObject({
+        email: nonAdmin.userEmail,
+        shouldChangePassword: false,
+      });
+
+      const token = await login({ loginCredentialDto: { email: nonAdmin.userEmail, password: 'super-secret' } });
+
+      expect(token.accessToken).toBeDefined();
+    });
+
+    it('should not allow user to change to a taken email', async () => {
+      const { status, body } = await request(app)
+        .put(`/users/me`)
+        .send({ email: 'admin@immich.cloud' })
+        .set('Authorization', `Bearer ${nonAdmin.accessToken}`);
+
+      expect(status).toBe(400);
+      expect(body).toMatchObject(errorDto.badRequest('Email already in use by another account'));
+    });
+
+    it('should update my email', async () => {
+      const before = await getMyUser({ headers: asBearerAuth(nonAdmin.accessToken) });
+      const { status, body } = await request(app)
+        .put(`/users/me`)
+        .send({ email: 'non-admin@immich.cloud' })
+        .set('Authorization', `Bearer ${nonAdmin.accessToken}`);
+
+      expect(status).toBe(200);
+      expect(body).toMatchObject({
+        ...before,
+        email: 'non-admin@immich.cloud',
+        updatedAt: expect.anything(),
+      });
+    });
+  });
+
+  describe('GET /users/:id', () => {
+    it('should require authentication', async () => {
+      const { status } = await request(app).get(`/users/${admin.userId}`);
+      expect(status).toEqual(401);
+    });
+
+    it('should get the user', async () => {
+      const { status, body } = await request(app)
+        .get(`/users/${admin.userId}`)
+        .set('Authorization', `Bearer ${admin.accessToken}`);
+      expect(status).toBe(200);
+      expect(body).toMatchObject({
+        id: admin.userId,
+        email: 'admin@immich.cloud',
+      });
+
+      expect(body).not.toMatchObject({
+        shouldChangePassword: expect.anything(),
+        memoriesEnabled: expect.anything(),
+        storageLabel: expect.anything(),
+      });
     });
   });
 });

e2e/src/utils.ts

@@ -5,17 +5,18 @@ import {
   CreateAlbumDto,
   CreateAssetDto,
   CreateLibraryDto,
-  CreateUserDto,
   MetadataSearchDto,
   PersonCreateDto,
   SharedLinkCreateDto,
+  UserAdminCreateDto,
   ValidateLibraryDto,
   createAlbum,
   createApiKey,
   createLibrary,
+  createPartner,
   createPerson,
   createSharedLink,
-  createUser,
+  createUserAdmin,
   deleteAssets,
   getAllJobsStatus,
   getAssetInfo,
@@ -272,8 +273,8 @@ export const utils = {
     return response;
   },
 
-  userSetup: async (accessToken: string, dto: CreateUserDto) => {
-    await createUser({ createUserDto: dto }, { headers: asBearerAuth(accessToken) });
+  userSetup: async (accessToken: string, dto: UserAdminCreateDto) => {
+    await createUserAdmin({ userAdminCreateDto: dto }, { headers: asBearerAuth(accessToken) });
     return login({
       loginCredentialDto: { email: dto.email, password: dto.password },
     });
@@ -385,6 +386,8 @@ export const utils = {
   validateLibrary: (accessToken: string, id: string, dto: ValidateLibraryDto) =>
     validate({ id, validateLibraryDto: dto }, { headers: asBearerAuth(accessToken) }),
 
+  createPartner: (accessToken: string, id: string) => createPartner({ id }, { headers: asBearerAuth(accessToken) }),
+
   setAuthCookies: async (context: BrowserContext, accessToken: string) =>
     await context.addCookies([
       {

e2e/src/web/specs/asset-viewer/detail-panel.e2e-spec.ts

@@ -43,4 +43,18 @@ test.describe('Detail Panel', () => {
     await page.keyboard.press('i');
     await expect(page.locator('#detail-panel')).toHaveCount(0);
   });
+
+  test('description is visible for owner on shared links', async ({ context, page }) => {
+    const sharedLink = await utils.createSharedLink(admin.accessToken, {
+      type: SharedLinkType.Individual,
+      assetIds: [asset.id],
+    });
+    await utils.setAuthCookies(context, admin.accessToken);
+    await page.goto(`/share/${sharedLink.key}/photos/${asset.id}`);
+
+    const textarea = page.getByRole('textbox', { name: 'Add a description' });
+    await page.getByRole('button', { name: 'Info' }).click();
+    await expect(textarea).toBeVisible();
+    await expect(textarea).not.toBeDisabled();
+  });
 });

mobile/lib/entities/user.entity.dart

@@ -27,7 +27,7 @@ class User {
 
   Id get isarId => fastHash(id);
 
-  User.fromUserDto(UserResponseDto dto)
+  User.fromUserDto(UserAdminResponseDto dto)
       : id = dto.id,
         updatedAt = dto.updatedAt,
         email = dto.email,
@@ -44,21 +44,21 @@ class User {
 
   User.fromPartnerDto(PartnerResponseDto dto)
       : id = dto.id,
-        updatedAt = dto.updatedAt,
+        updatedAt = DateTime.now(),
         email = dto.email,
         name = dto.name,
         isPartnerSharedBy = false,
         isPartnerSharedWith = false,
         profileImagePath = dto.profileImagePath,
-        isAdmin = dto.isAdmin,
-        memoryEnabled = dto.memoriesEnabled ?? false,
+        isAdmin = false,
+        memoryEnabled = false,
         avatarColor = dto.avatarColor.toAvatarColor(),
         inTimeline = dto.inTimeline ?? false,
-        quotaUsageInBytes = dto.quotaUsageInBytes ?? 0,
-        quotaSizeInBytes = dto.quotaSizeInBytes ?? 0;
+        quotaUsageInBytes = 0,
+        quotaSizeInBytes = 0;
 
   /// Base user dto used where the complete user object is not required
-  User.fromSimpleUserDto(UserDto dto)
+  User.fromSimpleUserDto(UserResponseDto dto)
       : id = dto.id,
         email = dto.email,
         name = dto.name,

mobile/lib/pages/common/album_viewer.page.dart

@@ -133,7 +133,7 @@ class AlbumViewerPage extends HookConsumerWidget {
 
     Widget buildTitle(Album album) {
       return Padding(
-        padding: const EdgeInsets.only(left: 8, right: 8, top: 24),
+        padding: const EdgeInsets.only(left: 8, right: 8),
         child: userId == album.ownerId && album.isRemote
             ? AlbumViewerEditableTitle(
                 album: album,
@@ -228,9 +228,30 @@ class AlbumViewerPage extends HookConsumerWidget {
     }
 
     return Scaffold(
-      appBar: ref.watch(multiselectProvider)
-          ? null
-          : album.when(
+      body: Stack(
+        children: [
+          album.widgetWhen(
+            onData: (data) => MultiselectGrid(
+              renderListProvider: albumRenderlistProvider(albumId),
+              topWidget: Column(
+                crossAxisAlignment: CrossAxisAlignment.start,
+                children: [
+                  buildHeader(data),
+                  if (data.isRemote) buildControlButton(data),
+                ],
+              ),
+              onRemoveFromAlbum: onRemoveFromAlbumPressed,
+              editEnabled: data.ownerId == userId,
+            ),
+          ),
+          AnimatedPositioned(
+            duration: const Duration(milliseconds: 300),
+            top: ref.watch(multiselectProvider)
+                ? -(kToolbarHeight + MediaQuery.of(context).padding.top)
+                : 0,
+            left: 0,
+            right: 0,
+            child: album.when(
               data: (data) => AlbumViewerAppbar(
                 titleFocusNode: titleFocusNode,
                 album: data,
@@ -242,19 +263,8 @@ class AlbumViewerPage extends HookConsumerWidget {
               error: (error, stackTrace) => AppBar(title: const Text("Error")),
               loading: () => AppBar(),
             ),
-      body: album.widgetWhen(
-        onData: (data) => MultiselectGrid(
-          renderListProvider: albumRenderlistProvider(albumId),
-          topWidget: Column(
-            crossAxisAlignment: CrossAxisAlignment.start,
-            children: [
-              buildHeader(data),
-              if (data.isRemote) buildControlButton(data),
-            ],
           ),
-          onRemoveFromAlbum: onRemoveFromAlbumPressed,
-          editEnabled: data.ownerId == userId,
-        ),
+        ],
       ),
     );
   }

mobile/lib/providers/authentication.provider.dart

@@ -138,11 +138,9 @@ class AuthenticationNotifier extends StateNotifier<AuthenticationState> {
 
   Future<bool> changePassword(String newPassword) async {
     try {
-      await _apiService.userApi.updateUser(
-        UpdateUserDto(
-          id: state.userId,
+      await _apiService.userApi.updateMyUser(
+        UserUpdateMeDto(
           password: newPassword,
-          shouldChangePassword: false,
         ),
       );
 
@@ -178,9 +176,9 @@ class AuthenticationNotifier extends StateNotifier<AuthenticationState> {
       user = offlineUser;
       retResult = false;
     } else {
-      UserResponseDto? userResponseDto;
+      UserAdminResponseDto? userResponseDto;
       try {
-        userResponseDto = await _apiService.userApi.getMyUserInfo();
+        userResponseDto = await _apiService.userApi.getMyUser();
       } on ApiException catch (error, stackTrace) {
         _log.severe(
           "Error getting user information from the server [API EXCEPTION]",

mobile/lib/providers/user.provider.dart

@@ -20,7 +20,7 @@ class CurrentUserProvider extends StateNotifier<User?> {
 
   refresh() async {
     try {
-      final user = await _apiService.userApi.getMyUserInfo();
+      final user = await _apiService.userApi.getMyUser();
       if (user != null) {
         Store.put(
           StoreKey.currentUser,

mobile/lib/routing/tab_navigation_observer.dart

@@ -57,7 +57,7 @@ class TabNavigationObserver extends AutoRouterObserver {
       // Update user info
       try {
         final userResponseDto =
-            await ref.read(apiServiceProvider).userApi.getMyUserInfo();
+            await ref.read(apiServiceProvider).userApi.getMyUser();
 
         if (userResponseDto == null) {
           return;

mobile/lib/services/asset.service.dart

@@ -84,7 +84,7 @@ class AssetService {
       final AssetResponseDto? dto =
           await _apiService.assetApi.getAssetInfo(remoteId);
 
-      return dto?.people;
+      return dto?.people?.visiblePeople;
     } catch (error, stack) {
       log.severe(
         'Error while getting remote asset info: ${error.toString()}',

mobile/lib/services/user.service.dart

@@ -37,10 +37,10 @@ class UserService {
     this._partnerService,
   );
 
-  Future<List<User>?> _getAllUsers({required bool isAll}) async {
+  Future<List<User>?> _getAllUsers() async {
     try {
-      final dto = await _apiService.userApi.getAllUsers(isAll);
-      return dto?.map(User.fromUserDto).toList();
+      final dto = await _apiService.userApi.searchUsers();
+      return dto?.map(User.fromSimpleUserDto).toList();
     } catch (e) {
       _log.warning("Failed get all users", e);
       return null;
@@ -71,7 +71,7 @@ class UserService {
   }
 
   Future<List<User>?> getUsersFromServer() async {
-    final List<User>? users = await _getAllUsers(isAll: true);
+    final List<User>? users = await _getAllUsers();
     final List<User>? sharedBy =
         await _partnerService.getPartners(PartnerDirection.sharedBy);
     final List<User>? sharedWith =

mobile/lib/widgets/album/album_viewer_editable_title.dart

@@ -36,58 +36,62 @@ class AlbumViewerEditableTitle extends HookConsumerWidget {
       [],
     );
 
-    return TextField(
-      onChanged: (value) {
-        if (value.isEmpty) {
-        } else {
-          ref.watch(albumViewerProvider.notifier).setEditTitleText(value);
-        }
-      },
-      focusNode: titleFocusNode,
-      style: context.textTheme.headlineMedium,
-      controller: titleTextEditController,
-      onTap: () {
-        FocusScope.of(context).requestFocus(titleFocusNode);
+    return Material(
+      color: Colors.transparent,
+      child: TextField(
+        onChanged: (value) {
+          if (value.isEmpty) {
+          } else {
+            ref.watch(albumViewerProvider.notifier).setEditTitleText(value);
+          }
+        },
+        focusNode: titleFocusNode,
+        style: context.textTheme.headlineMedium,
+        controller: titleTextEditController,
+        onTap: () {
+          FocusScope.of(context).requestFocus(titleFocusNode);
 
-        ref.watch(albumViewerProvider.notifier).setEditTitleText(album.name);
-        ref.watch(albumViewerProvider.notifier).enableEditAlbum();
+          ref.watch(albumViewerProvider.notifier).setEditTitleText(album.name);
+          ref.watch(albumViewerProvider.notifier).enableEditAlbum();
 
-        if (titleTextEditController.text == 'Untitled') {
-          titleTextEditController.clear();
-        }
-      },
-      decoration: InputDecoration(
-        contentPadding: const EdgeInsets.symmetric(horizontal: 8, vertical: 8),
-        suffixIcon: titleFocusNode.hasFocus
-            ? IconButton(
-                onPressed: () {
-                  titleTextEditController.clear();
-                },
-                icon: Icon(
-                  Icons.cancel_rounded,
-                  color: context.primaryColor,
-                ),
-                splashRadius: 10,
-              )
-            : null,
-        enabledBorder: OutlineInputBorder(
-          borderSide: const BorderSide(color: Colors.transparent),
-          borderRadius: BorderRadius.circular(10),
-        ),
-        focusedBorder: OutlineInputBorder(
-          borderSide: const BorderSide(color: Colors.transparent),
-          borderRadius: BorderRadius.circular(10),
-        ),
-        focusColor: Colors.grey[300],
-        fillColor: context.isDarkTheme
-            ? const Color.fromARGB(255, 32, 33, 35)
-            : Colors.grey[200],
-        filled: titleFocusNode.hasFocus,
-        hintText: 'share_add_title'.tr(),
-        hintStyle: TextStyle(
-          fontSize: 28,
-          color: context.isDarkTheme ? Colors.grey[300] : Colors.grey[700],
-          fontWeight: FontWeight.bold,
+          if (titleTextEditController.text == 'Untitled') {
+            titleTextEditController.clear();
+          }
+        },
+        decoration: InputDecoration(
+          contentPadding:
+              const EdgeInsets.symmetric(horizontal: 8, vertical: 8),
+          suffixIcon: titleFocusNode.hasFocus
+              ? IconButton(
+                  onPressed: () {
+                    titleTextEditController.clear();
+                  },
+                  icon: Icon(
+                    Icons.cancel_rounded,
+                    color: context.primaryColor,
+                  ),
+                  splashRadius: 10,
+                )
+              : null,
+          enabledBorder: OutlineInputBorder(
+            borderSide: const BorderSide(color: Colors.transparent),
+            borderRadius: BorderRadius.circular(10),
+          ),
+          focusedBorder: OutlineInputBorder(
+            borderSide: const BorderSide(color: Colors.transparent),
+            borderRadius: BorderRadius.circular(10),
+          ),
+          focusColor: Colors.grey[300],
+          fillColor: context.isDarkTheme
+              ? const Color.fromARGB(255, 32, 33, 35)
+              : Colors.grey[200],
+          filled: titleFocusNode.hasFocus,
+          hintText: 'share_add_title'.tr(),
+          hintStyle: TextStyle(
+            fontSize: 28,
+            color: context.isDarkTheme ? Colors.grey[300] : Colors.grey[700],
+            fontWeight: FontWeight.bold,
+          ),
         ),
       ),
     );

mobile/lib/widgets/asset_grid/immich_asset_grid_view.dart

@@ -238,8 +238,10 @@ class ImmichAssetGridViewState extends ConsumerState<ImmichAssetGridView> {
     }
 
     bool appBarOffset() {
-      return ref.watch(tabProvider).index == 0 &&
-          ModalRoute.of(context)?.settings.name == TabControllerRoute.name;
+      return (ref.watch(tabProvider).index == 0 &&
+              ModalRoute.of(context)?.settings.name ==
+                  TabControllerRoute.name) ||
+          (ModalRoute.of(context)?.settings.name == AlbumViewerRoute.name);
     }
 
     final listWidget = ScrollablePositionedList.builder(

mobile/openapi/README.md

@@ -122,6 +122,7 @@ Class | Method | HTTP request | Description
 *DuplicateApi* | [**getAssetDuplicates**](doc//DuplicateApi.md#getassetduplicates) | **GET** /duplicates | 
 *FaceApi* | [**getFaces**](doc//FaceApi.md#getfaces) | **GET** /faces | 
 *FaceApi* | [**reassignFacesById**](doc//FaceApi.md#reassignfacesbyid) | **PUT** /faces/{id} | 
+*FaceApi* | [**unassignFace**](doc//FaceApi.md#unassignface) | **DELETE** /faces/{id} | 
 *FileReportApi* | [**fixAuditFiles**](doc//FileReportApi.md#fixauditfiles) | **POST** /reports/fix | 
 *FileReportApi* | [**getAuditFiles**](doc//FileReportApi.md#getauditfiles) | **GET** /reports | 
 *FileReportApi* | [**getFileChecksums**](doc//FileReportApi.md#getfilechecksums) | **POST** /reports/checksum | 
@@ -160,6 +161,7 @@ Class | Method | HTTP request | Description
 *PersonApi* | [**getPersonThumbnail**](doc//PersonApi.md#getpersonthumbnail) | **GET** /people/{id}/thumbnail | 
 *PersonApi* | [**mergePerson**](doc//PersonApi.md#mergeperson) | **POST** /people/{id}/merge | 
 *PersonApi* | [**reassignFaces**](doc//PersonApi.md#reassignfaces) | **PUT** /people/{id}/reassign | 
+*PersonApi* | [**unassignFaces**](doc//PersonApi.md#unassignfaces) | **DELETE** /people | 
 *PersonApi* | [**updatePeople**](doc//PersonApi.md#updatepeople) | **PUT** /people | 
 *PersonApi* | [**updatePerson**](doc//PersonApi.md#updateperson) | **PUT** /people/{id} | 
 *SearchApi* | [**getAssetsByCity**](doc//SearchApi.md#getassetsbycity) | **GET** /search/cities | 
@@ -212,15 +214,18 @@ Class | Method | HTTP request | Description
 *TrashApi* | [**restoreAssets**](doc//TrashApi.md#restoreassets) | **POST** /trash/restore/assets | 
 *TrashApi* | [**restoreTrash**](doc//TrashApi.md#restoretrash) | **POST** /trash/restore | 
 *UserApi* | [**createProfileImage**](doc//UserApi.md#createprofileimage) | **POST** /users/profile-image | 
-*UserApi* | [**createUser**](doc//UserApi.md#createuser) | **POST** /users | 
+*UserApi* | [**createUserAdmin**](doc//UserApi.md#createuseradmin) | **POST** /admin/users | 
 *UserApi* | [**deleteProfileImage**](doc//UserApi.md#deleteprofileimage) | **DELETE** /users/profile-image | 
-*UserApi* | [**deleteUser**](doc//UserApi.md#deleteuser) | **DELETE** /users/{id} | 
-*UserApi* | [**getAllUsers**](doc//UserApi.md#getallusers) | **GET** /users | 
-*UserApi* | [**getMyUserInfo**](doc//UserApi.md#getmyuserinfo) | **GET** /users/me | 
+*UserApi* | [**deleteUserAdmin**](doc//UserApi.md#deleteuseradmin) | **DELETE** /admin/users/{id} | 
+*UserApi* | [**getMyUser**](doc//UserApi.md#getmyuser) | **GET** /users/me | 
 *UserApi* | [**getProfileImage**](doc//UserApi.md#getprofileimage) | **GET** /users/{id}/profile-image | 
-*UserApi* | [**getUserById**](doc//UserApi.md#getuserbyid) | **GET** /users/{id} | 
-*UserApi* | [**restoreUser**](doc//UserApi.md#restoreuser) | **POST** /users/{id}/restore | 
-*UserApi* | [**updateUser**](doc//UserApi.md#updateuser) | **PUT** /users | 
+*UserApi* | [**getUser**](doc//UserApi.md#getuser) | **GET** /users/{id} | 
+*UserApi* | [**getUserAdmin**](doc//UserApi.md#getuseradmin) | **GET** /admin/users/{id} | 
+*UserApi* | [**restoreUserAdmin**](doc//UserApi.md#restoreuseradmin) | **POST** /admin/users/{id}/restore | 
+*UserApi* | [**searchUsers**](doc//UserApi.md#searchusers) | **GET** /users | 
+*UserApi* | [**searchUsersAdmin**](doc//UserApi.md#searchusersadmin) | **GET** /admin/users | 
+*UserApi* | [**updateMyUser**](doc//UserApi.md#updatemyuser) | **PUT** /users/me | 
+*UserApi* | [**updateUserAdmin**](doc//UserApi.md#updateuseradmin) | **PUT** /admin/users/{id} | 
 
 
 ## Documentation For Models
@@ -280,8 +285,6 @@ Class | Method | HTTP request | Description
  - [CreateLibraryDto](doc//CreateLibraryDto.md)
  - [CreateProfileImageResponseDto](doc//CreateProfileImageResponseDto.md)
  - [CreateTagDto](doc//CreateTagDto.md)
- - [CreateUserDto](doc//CreateUserDto.md)
- - [DeleteUserDto](doc//DeleteUserDto.md)
  - [DownloadArchiveInfo](doc//DownloadArchiveInfo.md)
  - [DownloadInfoDto](doc//DownloadInfoDto.md)
  - [DownloadResponseDto](doc//DownloadResponseDto.md)
@@ -328,6 +331,7 @@ Class | Method | HTTP request | Description
  - [PeopleResponseDto](doc//PeopleResponseDto.md)
  - [PeopleUpdateDto](doc//PeopleUpdateDto.md)
  - [PeopleUpdateItem](doc//PeopleUpdateItem.md)
+ - [PeopleWithFacesResponseDto](doc//PeopleWithFacesResponseDto.md)
  - [PersonCreateDto](doc//PersonCreateDto.md)
  - [PersonResponseDto](doc//PersonResponseDto.md)
  - [PersonStatisticsResponseDto](doc//PersonStatisticsResponseDto.md)
@@ -402,12 +406,15 @@ Class | Method | HTTP request | Description
  - [UpdatePartnerDto](doc//UpdatePartnerDto.md)
  - [UpdateStackParentDto](doc//UpdateStackParentDto.md)
  - [UpdateTagDto](doc//UpdateTagDto.md)
- - [UpdateUserDto](doc//UpdateUserDto.md)
  - [UsageByUserDto](doc//UsageByUserDto.md)
+ - [UserAdminCreateDto](doc//UserAdminCreateDto.md)
+ - [UserAdminDeleteDto](doc//UserAdminDeleteDto.md)
+ - [UserAdminResponseDto](doc//UserAdminResponseDto.md)
+ - [UserAdminUpdateDto](doc//UserAdminUpdateDto.md)
  - [UserAvatarColor](doc//UserAvatarColor.md)
- - [UserDto](doc//UserDto.md)
  - [UserResponseDto](doc//UserResponseDto.md)
  - [UserStatus](doc//UserStatus.md)
+ - [UserUpdateMeDto](doc//UserUpdateMeDto.md)
  - [ValidateAccessTokenResponseDto](doc//ValidateAccessTokenResponseDto.md)
  - [ValidateLibraryDto](doc//ValidateLibraryDto.md)
  - [ValidateLibraryImportPathResponseDto](doc//ValidateLibraryImportPathResponseDto.md)

mobile/openapi/doc/PeopleWithFacesResponseDto.md

@@ -0,0 +1,16 @@
+# openapi.model.PeopleWithFacesResponseDto
+
+## Load the model package
+```dart
+import 'package:openapi/api.dart';
+```
+
+## Properties
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**numberOfFaces** | **int** |  | 
+**visiblePeople** | [**List<PersonWithFacesResponseDto>**](PersonWithFacesResponseDto.md) |  | [default to const []]
+
+[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md)
+
+

mobile/openapi/lib/api.dart

@@ -112,8 +112,6 @@ part 'model/create_album_dto.dart';
 part 'model/create_library_dto.dart';
 part 'model/create_profile_image_response_dto.dart';
 part 'model/create_tag_dto.dart';
-part 'model/create_user_dto.dart';
-part 'model/delete_user_dto.dart';
 part 'model/download_archive_info.dart';
 part 'model/download_info_dto.dart';
 part 'model/download_response_dto.dart';
@@ -160,6 +158,7 @@ part 'model/path_type.dart';
 part 'model/people_response_dto.dart';
 part 'model/people_update_dto.dart';
 part 'model/people_update_item.dart';
+part 'model/people_with_faces_response_dto.dart';
 part 'model/person_create_dto.dart';
 part 'model/person_response_dto.dart';
 part 'model/person_statistics_response_dto.dart';
@@ -234,12 +233,15 @@ part 'model/update_library_dto.dart';
 part 'model/update_partner_dto.dart';
 part 'model/update_stack_parent_dto.dart';
 part 'model/update_tag_dto.dart';
-part 'model/update_user_dto.dart';
 part 'model/usage_by_user_dto.dart';
+part 'model/user_admin_create_dto.dart';
+part 'model/user_admin_delete_dto.dart';
+part 'model/user_admin_response_dto.dart';
+part 'model/user_admin_update_dto.dart';
 part 'model/user_avatar_color.dart';
-part 'model/user_dto.dart';
 part 'model/user_response_dto.dart';
 part 'model/user_status.dart';
+part 'model/user_update_me_dto.dart';
 part 'model/validate_access_token_response_dto.dart';
 part 'model/validate_library_dto.dart';
 part 'model/validate_library_import_path_response_dto.dart';

mobile/openapi/lib/api/authentication_api.dart

@@ -48,7 +48,7 @@ class AuthenticationApi {
   /// Parameters:
   ///
   /// * [ChangePasswordDto] changePasswordDto (required):
-  Future<UserResponseDto?> changePassword(ChangePasswordDto changePasswordDto,) async {
+  Future<UserAdminResponseDto?> changePassword(ChangePasswordDto changePasswordDto,) async {
     final response = await changePasswordWithHttpInfo(changePasswordDto,);
     if (response.statusCode >= HttpStatus.badRequest) {
       throw ApiException(response.statusCode, await _decodeBodyBytes(response));
@@ -57,7 +57,7 @@ class AuthenticationApi {
     // At the time of writing this, `dart:convert` will throw an "Unexpected end of input"
     // FormatException when trying to decode an empty string.
     if (response.body.isNotEmpty && response.statusCode != HttpStatus.noContent) {
-      return await apiClient.deserializeAsync(await _decodeBodyBytes(response), 'UserResponseDto',) as UserResponseDto;
+      return await apiClient.deserializeAsync(await _decodeBodyBytes(response), 'UserAdminResponseDto',) as UserAdminResponseDto;
     
     }
     return null;
@@ -183,7 +183,7 @@ class AuthenticationApi {
   /// Parameters:
   ///
   /// * [SignUpDto] signUpDto (required):
-  Future<UserResponseDto?> signUpAdmin(SignUpDto signUpDto,) async {
+  Future<UserAdminResponseDto?> signUpAdmin(SignUpDto signUpDto,) async {
     final response = await signUpAdminWithHttpInfo(signUpDto,);
     if (response.statusCode >= HttpStatus.badRequest) {
       throw ApiException(response.statusCode, await _decodeBodyBytes(response));
@@ -192,7 +192,7 @@ class AuthenticationApi {
     // At the time of writing this, `dart:convert` will throw an "Unexpected end of input"
     // FormatException when trying to decode an empty string.
     if (response.body.isNotEmpty && response.statusCode != HttpStatus.noContent) {
-      return await apiClient.deserializeAsync(await _decodeBodyBytes(response), 'UserResponseDto',) as UserResponseDto;
+      return await apiClient.deserializeAsync(await _decodeBodyBytes(response), 'UserAdminResponseDto',) as UserAdminResponseDto;
     
     }
     return null;

mobile/openapi/lib/api/face_api.dart

@@ -119,4 +119,52 @@ class FaceApi {
     }
     return null;
   }
+
+  /// Performs an HTTP 'DELETE /faces/{id}' operation and returns the [Response].
+  /// Parameters:
+  ///
+  /// * [String] id (required):
+  Future<Response> unassignFaceWithHttpInfo(String id,) async {
+    // ignore: prefer_const_declarations
+    final path = r'/faces/{id}'
+      .replaceAll('{id}', id);
+
+    // ignore: prefer_final_locals
+    Object? postBody;
+
+    final queryParams = <QueryParam>[];
+    final headerParams = <String, String>{};
+    final formParams = <String, String>{};
+
+    const contentTypes = <String>[];
+
+
+    return apiClient.invokeAPI(
+      path,
+      'DELETE',
+      queryParams,
+      postBody,
+      headerParams,
+      formParams,
+      contentTypes.isEmpty ? null : contentTypes.first,
+    );
+  }
+
+  /// Parameters:
+  ///
+  /// * [String] id (required):
+  Future<AssetFaceResponseDto?> unassignFace(String id,) async {
+    final response = await unassignFaceWithHttpInfo(id,);
+    if (response.statusCode >= HttpStatus.badRequest) {
+      throw ApiException(response.statusCode, await _decodeBodyBytes(response));
+    }
+    // When a remote server returns no body with a status of 204, we shall not decode it.
+    // At the time of writing this, `dart:convert` will throw an "Unexpected end of input"
+    // FormatException when trying to decode an empty string.
+    if (response.body.isNotEmpty && response.statusCode != HttpStatus.noContent) {
+      return await apiClient.deserializeAsync(await _decodeBodyBytes(response), 'AssetFaceResponseDto',) as AssetFaceResponseDto;
+    
+    }
+    return null;
+  }
 }

mobile/openapi/lib/api/o_auth_api.dart

@@ -95,7 +95,7 @@ class OAuthApi {
   /// Parameters:
   ///
   /// * [OAuthCallbackDto] oAuthCallbackDto (required):
-  Future<UserResponseDto?> linkOAuthAccount(OAuthCallbackDto oAuthCallbackDto,) async {
+  Future<UserAdminResponseDto?> linkOAuthAccount(OAuthCallbackDto oAuthCallbackDto,) async {
     final response = await linkOAuthAccountWithHttpInfo(oAuthCallbackDto,);
     if (response.statusCode >= HttpStatus.badRequest) {
       throw ApiException(response.statusCode, await _decodeBodyBytes(response));
@@ -104,7 +104,7 @@ class OAuthApi {
     // At the time of writing this, `dart:convert` will throw an "Unexpected end of input"
     // FormatException when trying to decode an empty string.
     if (response.body.isNotEmpty && response.statusCode != HttpStatus.noContent) {
-      return await apiClient.deserializeAsync(await _decodeBodyBytes(response), 'UserResponseDto',) as UserResponseDto;
+      return await apiClient.deserializeAsync(await _decodeBodyBytes(response), 'UserAdminResponseDto',) as UserAdminResponseDto;
     
     }
     return null;
@@ -216,7 +216,7 @@ class OAuthApi {
     );
   }
 
-  Future<UserResponseDto?> unlinkOAuthAccount() async {
+  Future<UserAdminResponseDto?> unlinkOAuthAccount() async {
     final response = await unlinkOAuthAccountWithHttpInfo();
     if (response.statusCode >= HttpStatus.badRequest) {
       throw ApiException(response.statusCode, await _decodeBodyBytes(response));
@@ -225,7 +225,7 @@ class OAuthApi {
     // At the time of writing this, `dart:convert` will throw an "Unexpected end of input"
     // FormatException when trying to decode an empty string.
     if (response.body.isNotEmpty && response.statusCode != HttpStatus.noContent) {
-      return await apiClient.deserializeAsync(await _decodeBodyBytes(response), 'UserResponseDto',) as UserResponseDto;
+      return await apiClient.deserializeAsync(await _decodeBodyBytes(response), 'UserAdminResponseDto',) as UserAdminResponseDto;
     
     }
     return null;

mobile/openapi/lib/api/person_api.dart

@@ -419,6 +419,56 @@ class PersonApi {
     return null;
   }
 
+  /// Performs an HTTP 'DELETE /people' operation and returns the [Response].
+  /// Parameters:
+  ///
+  /// * [AssetFaceUpdateDto] assetFaceUpdateDto (required):
+  Future<Response> unassignFacesWithHttpInfo(AssetFaceUpdateDto assetFaceUpdateDto,) async {
+    // ignore: prefer_const_declarations
+    final path = r'/people';
+
+    // ignore: prefer_final_locals
+    Object? postBody = assetFaceUpdateDto;
+
+    final queryParams = <QueryParam>[];
+    final headerParams = <String, String>{};
+    final formParams = <String, String>{};
+
+    const contentTypes = <String>['application/json'];
+
+
+    return apiClient.invokeAPI(
+      path,
+      'DELETE',
+      queryParams,
+      postBody,
+      headerParams,
+      formParams,
+      contentTypes.isEmpty ? null : contentTypes.first,
+    );
+  }
+
+  /// Parameters:
+  ///
+  /// * [AssetFaceUpdateDto] assetFaceUpdateDto (required):
+  Future<List<BulkIdResponseDto>?> unassignFaces(AssetFaceUpdateDto assetFaceUpdateDto,) async {
+    final response = await unassignFacesWithHttpInfo(assetFaceUpdateDto,);
+    if (response.statusCode >= HttpStatus.badRequest) {
+      throw ApiException(response.statusCode, await _decodeBodyBytes(response));
+    }
+    // When a remote server returns no body with a status of 204, we shall not decode it.
+    // At the time of writing this, `dart:convert` will throw an "Unexpected end of input"
+    // FormatException when trying to decode an empty string.
+    if (response.body.isNotEmpty && response.statusCode != HttpStatus.noContent) {
+      final responseBody = await _decodeBodyBytes(response);
+      return (await apiClient.deserializeAsync(responseBody, 'List<BulkIdResponseDto>') as List)
+        .cast<BulkIdResponseDto>()
+        .toList(growable: false);
+
+    }
+    return null;
+  }
+
   /// Performs an HTTP 'PUT /people' operation and returns the [Response].
   /// Parameters:
   ///

mobile/openapi/lib/api/user_api.dart

@@ -73,16 +73,16 @@ class UserApi {
     return null;
   }
 
-  /// Performs an HTTP 'POST /users' operation and returns the [Response].
+  /// Performs an HTTP 'POST /admin/users' operation and returns the [Response].
   /// Parameters:
   ///
-  /// * [CreateUserDto] createUserDto (required):
-  Future<Response> createUserWithHttpInfo(CreateUserDto createUserDto,) async {
+  /// * [UserAdminCreateDto] userAdminCreateDto (required):
+  Future<Response> createUserAdminWithHttpInfo(UserAdminCreateDto userAdminCreateDto,) async {
     // ignore: prefer_const_declarations
-    final path = r'/users';
+    final path = r'/admin/users';
 
     // ignore: prefer_final_locals
-    Object? postBody = createUserDto;
+    Object? postBody = userAdminCreateDto;
 
     final queryParams = <QueryParam>[];
     final headerParams = <String, String>{};
@@ -104,9 +104,9 @@ class UserApi {
 
   /// Parameters:
   ///
-  /// * [CreateUserDto] createUserDto (required):
-  Future<UserResponseDto?> createUser(CreateUserDto createUserDto,) async {
-    final response = await createUserWithHttpInfo(createUserDto,);
+  /// * [UserAdminCreateDto] userAdminCreateDto (required):
+  Future<UserAdminResponseDto?> createUserAdmin(UserAdminCreateDto userAdminCreateDto,) async {
+    final response = await createUserAdminWithHttpInfo(userAdminCreateDto,);
     if (response.statusCode >= HttpStatus.badRequest) {
       throw ApiException(response.statusCode, await _decodeBodyBytes(response));
     }
@@ -114,7 +114,7 @@ class UserApi {
     // At the time of writing this, `dart:convert` will throw an "Unexpected end of input"
     // FormatException when trying to decode an empty string.
     if (response.body.isNotEmpty && response.statusCode != HttpStatus.noContent) {
-      return await apiClient.deserializeAsync(await _decodeBodyBytes(response), 'UserResponseDto',) as UserResponseDto;
+      return await apiClient.deserializeAsync(await _decodeBodyBytes(response), 'UserAdminResponseDto',) as UserAdminResponseDto;
     
     }
     return null;
@@ -153,19 +153,19 @@ class UserApi {
     }
   }
 
-  /// Performs an HTTP 'DELETE /users/{id}' operation and returns the [Response].
+  /// Performs an HTTP 'DELETE /admin/users/{id}' operation and returns the [Response].
   /// Parameters:
   ///
   /// * [String] id (required):
   ///
-  /// * [DeleteUserDto] deleteUserDto (required):
-  Future<Response> deleteUserWithHttpInfo(String id, DeleteUserDto deleteUserDto,) async {
+  /// * [UserAdminDeleteDto] userAdminDeleteDto (required):
+  Future<Response> deleteUserAdminWithHttpInfo(String id, UserAdminDeleteDto userAdminDeleteDto,) async {
     // ignore: prefer_const_declarations
-    final path = r'/users/{id}'
+    final path = r'/admin/users/{id}'
       .replaceAll('{id}', id);
 
     // ignore: prefer_final_locals
-    Object? postBody = deleteUserDto;
+    Object? postBody = userAdminDeleteDto;
 
     final queryParams = <QueryParam>[];
     final headerParams = <String, String>{};
@@ -189,9 +189,9 @@ class UserApi {
   ///
   /// * [String] id (required):
   ///
-  /// * [DeleteUserDto] deleteUserDto (required):
-  Future<UserResponseDto?> deleteUser(String id, DeleteUserDto deleteUserDto,) async {
-    final response = await deleteUserWithHttpInfo(id, deleteUserDto,);
+  /// * [UserAdminDeleteDto] userAdminDeleteDto (required):
+  Future<UserAdminResponseDto?> deleteUserAdmin(String id, UserAdminDeleteDto userAdminDeleteDto,) async {
+    final response = await deleteUserAdminWithHttpInfo(id, userAdminDeleteDto,);
     if (response.statusCode >= HttpStatus.badRequest) {
       throw ApiException(response.statusCode, await _decodeBodyBytes(response));
     }
@@ -199,66 +199,14 @@ class UserApi {
     // At the time of writing this, `dart:convert` will throw an "Unexpected end of input"
     // FormatException when trying to decode an empty string.
     if (response.body.isNotEmpty && response.statusCode != HttpStatus.noContent) {
-      return await apiClient.deserializeAsync(await _decodeBodyBytes(response), 'UserResponseDto',) as UserResponseDto;
+      return await apiClient.deserializeAsync(await _decodeBodyBytes(response), 'UserAdminResponseDto',) as UserAdminResponseDto;
     
     }
     return null;
   }
 
-  /// Performs an HTTP 'GET /users' operation and returns the [Response].
-  /// Parameters:
-  ///
-  /// * [bool] isAll (required):
-  Future<Response> getAllUsersWithHttpInfo(bool isAll,) async {
-    // ignore: prefer_const_declarations
-    final path = r'/users';
-
-    // ignore: prefer_final_locals
-    Object? postBody;
-
-    final queryParams = <QueryParam>[];
-    final headerParams = <String, String>{};
-    final formParams = <String, String>{};
-
-      queryParams.addAll(_queryParams('', 'isAll', isAll));
-
-    const contentTypes = <String>[];
-
-
-    return apiClient.invokeAPI(
-      path,
-      'GET',
-      queryParams,
-      postBody,
-      headerParams,
-      formParams,
-      contentTypes.isEmpty ? null : contentTypes.first,
-    );
-  }
-
-  /// Parameters:
-  ///
-  /// * [bool] isAll (required):
-  Future<List<UserResponseDto>?> getAllUsers(bool isAll,) async {
-    final response = await getAllUsersWithHttpInfo(isAll,);
-    if (response.statusCode >= HttpStatus.badRequest) {
-      throw ApiException(response.statusCode, await _decodeBodyBytes(response));
-    }
-    // When a remote server returns no body with a status of 204, we shall not decode it.
-    // At the time of writing this, `dart:convert` will throw an "Unexpected end of input"
-    // FormatException when trying to decode an empty string.
-    if (response.body.isNotEmpty && response.statusCode != HttpStatus.noContent) {
-      final responseBody = await _decodeBodyBytes(response);
-      return (await apiClient.deserializeAsync(responseBody, 'List<UserResponseDto>') as List)
-        .cast<UserResponseDto>()
-        .toList(growable: false);
-
-    }
-    return null;
-  }
-
   /// Performs an HTTP 'GET /users/me' operation and returns the [Response].
-  Future<Response> getMyUserInfoWithHttpInfo() async {
+  Future<Response> getMyUserWithHttpInfo() async {
     // ignore: prefer_const_declarations
     final path = r'/users/me';
 
@@ -283,8 +231,8 @@ class UserApi {
     );
   }
 
-  Future<UserResponseDto?> getMyUserInfo() async {
-    final response = await getMyUserInfoWithHttpInfo();
+  Future<UserAdminResponseDto?> getMyUser() async {
+    final response = await getMyUserWithHttpInfo();
     if (response.statusCode >= HttpStatus.badRequest) {
       throw ApiException(response.statusCode, await _decodeBodyBytes(response));
     }
@@ -292,7 +240,7 @@ class UserApi {
     // At the time of writing this, `dart:convert` will throw an "Unexpected end of input"
     // FormatException when trying to decode an empty string.
     if (response.body.isNotEmpty && response.statusCode != HttpStatus.noContent) {
-      return await apiClient.deserializeAsync(await _decodeBodyBytes(response), 'UserResponseDto',) as UserResponseDto;
+      return await apiClient.deserializeAsync(await _decodeBodyBytes(response), 'UserAdminResponseDto',) as UserAdminResponseDto;
     
     }
     return null;
@@ -350,7 +298,7 @@ class UserApi {
   /// Parameters:
   ///
   /// * [String] id (required):
-  Future<Response> getUserByIdWithHttpInfo(String id,) async {
+  Future<Response> getUserWithHttpInfo(String id,) async {
     // ignore: prefer_const_declarations
     final path = r'/users/{id}'
       .replaceAll('{id}', id);
@@ -379,8 +327,8 @@ class UserApi {
   /// Parameters:
   ///
   /// * [String] id (required):
-  Future<UserResponseDto?> getUserById(String id,) async {
-    final response = await getUserByIdWithHttpInfo(id,);
+  Future<UserResponseDto?> getUser(String id,) async {
+    final response = await getUserWithHttpInfo(id,);
     if (response.statusCode >= HttpStatus.badRequest) {
       throw ApiException(response.statusCode, await _decodeBodyBytes(response));
     }
@@ -394,13 +342,61 @@ class UserApi {
     return null;
   }
 
-  /// Performs an HTTP 'POST /users/{id}/restore' operation and returns the [Response].
+  /// Performs an HTTP 'GET /admin/users/{id}' operation and returns the [Response].
   /// Parameters:
   ///
   /// * [String] id (required):
-  Future<Response> restoreUserWithHttpInfo(String id,) async {
+  Future<Response> getUserAdminWithHttpInfo(String id,) async {
     // ignore: prefer_const_declarations
-    final path = r'/users/{id}/restore'
+    final path = r'/admin/users/{id}'
+      .replaceAll('{id}', id);
+
+    // ignore: prefer_final_locals
+    Object? postBody;
+
+    final queryParams = <QueryParam>[];
+    final headerParams = <String, String>{};
+    final formParams = <String, String>{};
+
+    const contentTypes = <String>[];
+
+
+    return apiClient.invokeAPI(
+      path,
+      'GET',
+      queryParams,
+      postBody,
+      headerParams,
+      formParams,
+      contentTypes.isEmpty ? null : contentTypes.first,
+    );
+  }
+
+  /// Parameters:
+  ///
+  /// * [String] id (required):
+  Future<UserAdminResponseDto?> getUserAdmin(String id,) async {
+    final response = await getUserAdminWithHttpInfo(id,);
+    if (response.statusCode >= HttpStatus.badRequest) {
+      throw ApiException(response.statusCode, await _decodeBodyBytes(response));
+    }
+    // When a remote server returns no body with a status of 204, we shall not decode it.
+    // At the time of writing this, `dart:convert` will throw an "Unexpected end of input"
+    // FormatException when trying to decode an empty string.
+    if (response.body.isNotEmpty && response.statusCode != HttpStatus.noContent) {
+      return await apiClient.deserializeAsync(await _decodeBodyBytes(response), 'UserAdminResponseDto',) as UserAdminResponseDto;
+    
+    }
+    return null;
+  }
+
+  /// Performs an HTTP 'POST /admin/users/{id}/restore' operation and returns the [Response].
+  /// Parameters:
+  ///
+  /// * [String] id (required):
+  Future<Response> restoreUserAdminWithHttpInfo(String id,) async {
+    // ignore: prefer_const_declarations
+    final path = r'/admin/users/{id}/restore'
       .replaceAll('{id}', id);
 
     // ignore: prefer_final_locals
@@ -427,8 +423,8 @@ class UserApi {
   /// Parameters:
   ///
   /// * [String] id (required):
-  Future<UserResponseDto?> restoreUser(String id,) async {
-    final response = await restoreUserWithHttpInfo(id,);
+  Future<UserAdminResponseDto?> restoreUserAdmin(String id,) async {
+    final response = await restoreUserAdminWithHttpInfo(id,);
     if (response.statusCode >= HttpStatus.badRequest) {
       throw ApiException(response.statusCode, await _decodeBodyBytes(response));
     }
@@ -436,22 +432,120 @@ class UserApi {
     // At the time of writing this, `dart:convert` will throw an "Unexpected end of input"
     // FormatException when trying to decode an empty string.
     if (response.body.isNotEmpty && response.statusCode != HttpStatus.noContent) {
-      return await apiClient.deserializeAsync(await _decodeBodyBytes(response), 'UserResponseDto',) as UserResponseDto;
+      return await apiClient.deserializeAsync(await _decodeBodyBytes(response), 'UserAdminResponseDto',) as UserAdminResponseDto;
     
     }
     return null;
   }
 
-  /// Performs an HTTP 'PUT /users' operation and returns the [Response].
-  /// Parameters:
-  ///
-  /// * [UpdateUserDto] updateUserDto (required):
-  Future<Response> updateUserWithHttpInfo(UpdateUserDto updateUserDto,) async {
+  /// Performs an HTTP 'GET /users' operation and returns the [Response].
+  Future<Response> searchUsersWithHttpInfo() async {
     // ignore: prefer_const_declarations
     final path = r'/users';
 
     // ignore: prefer_final_locals
-    Object? postBody = updateUserDto;
+    Object? postBody;
+
+    final queryParams = <QueryParam>[];
+    final headerParams = <String, String>{};
+    final formParams = <String, String>{};
+
+    const contentTypes = <String>[];
+
+
+    return apiClient.invokeAPI(
+      path,
+      'GET',
+      queryParams,
+      postBody,
+      headerParams,
+      formParams,
+      contentTypes.isEmpty ? null : contentTypes.first,
+    );
+  }
+
+  Future<List<UserResponseDto>?> searchUsers() async {
+    final response = await searchUsersWithHttpInfo();
+    if (response.statusCode >= HttpStatus.badRequest) {
+      throw ApiException(response.statusCode, await _decodeBodyBytes(response));
+    }
+    // When a remote server returns no body with a status of 204, we shall not decode it.
+    // At the time of writing this, `dart:convert` will throw an "Unexpected end of input"
+    // FormatException when trying to decode an empty string.
+    if (response.body.isNotEmpty && response.statusCode != HttpStatus.noContent) {
+      final responseBody = await _decodeBodyBytes(response);
+      return (await apiClient.deserializeAsync(responseBody, 'List<UserResponseDto>') as List)
+        .cast<UserResponseDto>()
+        .toList(growable: false);
+
+    }
+    return null;
+  }
+
+  /// Performs an HTTP 'GET /admin/users' operation and returns the [Response].
+  /// Parameters:
+  ///
+  /// * [bool] withDeleted:
+  Future<Response> searchUsersAdminWithHttpInfo({ bool? withDeleted, }) async {
+    // ignore: prefer_const_declarations
+    final path = r'/admin/users';
+
+    // ignore: prefer_final_locals
+    Object? postBody;
+
+    final queryParams = <QueryParam>[];
+    final headerParams = <String, String>{};
+    final formParams = <String, String>{};
+
+    if (withDeleted != null) {
+      queryParams.addAll(_queryParams('', 'withDeleted', withDeleted));
+    }
+
+    const contentTypes = <String>[];
+
+
+    return apiClient.invokeAPI(
+      path,
+      'GET',
+      queryParams,
+      postBody,
+      headerParams,
+      formParams,
+      contentTypes.isEmpty ? null : contentTypes.first,
+    );
+  }
+
+  /// Parameters:
+  ///
+  /// * [bool] withDeleted:
+  Future<List<UserAdminResponseDto>?> searchUsersAdmin({ bool? withDeleted, }) async {
+    final response = await searchUsersAdminWithHttpInfo( withDeleted: withDeleted, );
+    if (response.statusCode >= HttpStatus.badRequest) {
+      throw ApiException(response.statusCode, await _decodeBodyBytes(response));
+    }
+    // When a remote server returns no body with a status of 204, we shall not decode it.
+    // At the time of writing this, `dart:convert` will throw an "Unexpected end of input"
+    // FormatException when trying to decode an empty string.
+    if (response.body.isNotEmpty && response.statusCode != HttpStatus.noContent) {
+      final responseBody = await _decodeBodyBytes(response);
+      return (await apiClient.deserializeAsync(responseBody, 'List<UserAdminResponseDto>') as List)
+        .cast<UserAdminResponseDto>()
+        .toList(growable: false);
+
+    }
+    return null;
+  }
+
+  /// Performs an HTTP 'PUT /users/me' operation and returns the [Response].
+  /// Parameters:
+  ///
+  /// * [UserUpdateMeDto] userUpdateMeDto (required):
+  Future<Response> updateMyUserWithHttpInfo(UserUpdateMeDto userUpdateMeDto,) async {
+    // ignore: prefer_const_declarations
+    final path = r'/users/me';
+
+    // ignore: prefer_final_locals
+    Object? postBody = userUpdateMeDto;
 
     final queryParams = <QueryParam>[];
     final headerParams = <String, String>{};
@@ -473,9 +567,9 @@ class UserApi {
 
   /// Parameters:
   ///
-  /// * [UpdateUserDto] updateUserDto (required):
-  Future<UserResponseDto?> updateUser(UpdateUserDto updateUserDto,) async {
-    final response = await updateUserWithHttpInfo(updateUserDto,);
+  /// * [UserUpdateMeDto] userUpdateMeDto (required):
+  Future<UserAdminResponseDto?> updateMyUser(UserUpdateMeDto userUpdateMeDto,) async {
+    final response = await updateMyUserWithHttpInfo(userUpdateMeDto,);
     if (response.statusCode >= HttpStatus.badRequest) {
       throw ApiException(response.statusCode, await _decodeBodyBytes(response));
     }
@@ -483,7 +577,59 @@ class UserApi {
     // At the time of writing this, `dart:convert` will throw an "Unexpected end of input"
     // FormatException when trying to decode an empty string.
     if (response.body.isNotEmpty && response.statusCode != HttpStatus.noContent) {
-      return await apiClient.deserializeAsync(await _decodeBodyBytes(response), 'UserResponseDto',) as UserResponseDto;
+      return await apiClient.deserializeAsync(await _decodeBodyBytes(response), 'UserAdminResponseDto',) as UserAdminResponseDto;
+    
+    }
+    return null;
+  }
+
+  /// Performs an HTTP 'PUT /admin/users/{id}' operation and returns the [Response].
+  /// Parameters:
+  ///
+  /// * [String] id (required):
+  ///
+  /// * [UserAdminUpdateDto] userAdminUpdateDto (required):
+  Future<Response> updateUserAdminWithHttpInfo(String id, UserAdminUpdateDto userAdminUpdateDto,) async {
+    // ignore: prefer_const_declarations
+    final path = r'/admin/users/{id}'
+      .replaceAll('{id}', id);
+
+    // ignore: prefer_final_locals
+    Object? postBody = userAdminUpdateDto;
+
+    final queryParams = <QueryParam>[];
+    final headerParams = <String, String>{};
+    final formParams = <String, String>{};
+
+    const contentTypes = <String>['application/json'];
+
+
+    return apiClient.invokeAPI(
+      path,
+      'PUT',
+      queryParams,
+      postBody,
+      headerParams,
+      formParams,
+      contentTypes.isEmpty ? null : contentTypes.first,
+    );
+  }
+
+  /// Parameters:
+  ///
+  /// * [String] id (required):
+  ///
+  /// * [UserAdminUpdateDto] userAdminUpdateDto (required):
+  Future<UserAdminResponseDto?> updateUserAdmin(String id, UserAdminUpdateDto userAdminUpdateDto,) async {
+    final response = await updateUserAdminWithHttpInfo(id, userAdminUpdateDto,);
+    if (response.statusCode >= HttpStatus.badRequest) {
+      throw ApiException(response.statusCode, await _decodeBodyBytes(response));
+    }
+    // When a remote server returns no body with a status of 204, we shall not decode it.
+    // At the time of writing this, `dart:convert` will throw an "Unexpected end of input"
+    // FormatException when trying to decode an empty string.
+    if (response.body.isNotEmpty && response.statusCode != HttpStatus.noContent) {
+      return await apiClient.deserializeAsync(await _decodeBodyBytes(response), 'UserAdminResponseDto',) as UserAdminResponseDto;
     
     }
     return null;

mobile/openapi/lib/api_client.dart

@@ -292,10 +292,6 @@ class ApiClient {
           return CreateProfileImageResponseDto.fromJson(value);
         case 'CreateTagDto':
           return CreateTagDto.fromJson(value);
-        case 'CreateUserDto':
-          return CreateUserDto.fromJson(value);
-        case 'DeleteUserDto':
-          return DeleteUserDto.fromJson(value);
         case 'DownloadArchiveInfo':
           return DownloadArchiveInfo.fromJson(value);
         case 'DownloadInfoDto':
@@ -388,6 +384,8 @@ class ApiClient {
           return PeopleUpdateDto.fromJson(value);
         case 'PeopleUpdateItem':
           return PeopleUpdateItem.fromJson(value);
+        case 'PeopleWithFacesResponseDto':
+          return PeopleWithFacesResponseDto.fromJson(value);
         case 'PersonCreateDto':
           return PersonCreateDto.fromJson(value);
         case 'PersonResponseDto':
@@ -536,18 +534,24 @@ class ApiClient {
           return UpdateStackParentDto.fromJson(value);
         case 'UpdateTagDto':
           return UpdateTagDto.fromJson(value);
-        case 'UpdateUserDto':
-          return UpdateUserDto.fromJson(value);
         case 'UsageByUserDto':
           return UsageByUserDto.fromJson(value);
+        case 'UserAdminCreateDto':
+          return UserAdminCreateDto.fromJson(value);
+        case 'UserAdminDeleteDto':
+          return UserAdminDeleteDto.fromJson(value);
+        case 'UserAdminResponseDto':
+          return UserAdminResponseDto.fromJson(value);
+        case 'UserAdminUpdateDto':
+          return UserAdminUpdateDto.fromJson(value);
         case 'UserAvatarColor':
           return UserAvatarColorTypeTransformer().decode(value);
-        case 'UserDto':
-          return UserDto.fromJson(value);
         case 'UserResponseDto':
           return UserResponseDto.fromJson(value);
         case 'UserStatus':
           return UserStatusTypeTransformer().decode(value);
+        case 'UserUpdateMeDto':
+          return UserUpdateMeDto.fromJson(value);
         case 'ValidateAccessTokenResponseDto':
           return ValidateAccessTokenResponseDto.fromJson(value);
         case 'ValidateLibraryDto':

mobile/openapi/lib/model/activity_response_dto.dart

@@ -31,7 +31,7 @@ class ActivityResponseDto {
 
   ActivityResponseDtoTypeEnum type;
 
-  UserDto user;
+  UserResponseDto user;
 
   @override
   bool operator ==(Object other) => identical(this, other) || other is ActivityResponseDto &&
@@ -87,7 +87,7 @@ class ActivityResponseDto {
         createdAt: mapDateTime(json, r'createdAt', r'')!,
         id: mapValueOfType<String>(json, r'id')!,
         type: ActivityResponseDtoTypeEnum.fromJson(json[r'type'])!,
-        user: UserDto.fromJson(json[r'user'])!,
+        user: UserResponseDto.fromJson(json[r'user'])!,
       );
     }
     return null;

mobile/openapi/lib/model/asset_response_dto.dart

@@ -34,7 +34,7 @@ class AssetResponseDto {
     required this.originalPath,
     this.owner,
     required this.ownerId,
-    this.people = const [],
+    this.people,
     required this.resized,
     this.smartInfo,
     this.stack = const [],
@@ -102,7 +102,13 @@ class AssetResponseDto {
 
   String ownerId;
 
-  List<PersonWithFacesResponseDto> people;
+  ///
+  /// Please note: This property should have been non-nullable! Since the specification file
+  /// does not include a default value (using the "default:" property), however, the generated
+  /// source code must fall back to having a nullable type.
+  /// Consider adding a "default:" property in the specification file to hide this note.
+  ///
+  PeopleWithFacesResponseDto? people;
 
   bool resized;
 
@@ -151,7 +157,7 @@ class AssetResponseDto {
     other.originalPath == originalPath &&
     other.owner == owner &&
     other.ownerId == ownerId &&
-    _deepEquality.equals(other.people, people) &&
+    other.people == people &&
     other.resized == resized &&
     other.smartInfo == smartInfo &&
     _deepEquality.equals(other.stack, stack) &&
@@ -186,7 +192,7 @@ class AssetResponseDto {
     (originalPath.hashCode) +
     (owner == null ? 0 : owner!.hashCode) +
     (ownerId.hashCode) +
-    (people.hashCode) +
+    (people == null ? 0 : people!.hashCode) +
     (resized.hashCode) +
     (smartInfo == null ? 0 : smartInfo!.hashCode) +
     (stack.hashCode) +
@@ -243,7 +249,11 @@ class AssetResponseDto {
     //  json[r'owner'] = null;
     }
       json[r'ownerId'] = this.ownerId;
+    if (this.people != null) {
       json[r'people'] = this.people;
+    } else {
+    //  json[r'people'] = null;
+    }
       json[r'resized'] = this.resized;
     if (this.smartInfo != null) {
       json[r'smartInfo'] = this.smartInfo;
@@ -301,7 +311,7 @@ class AssetResponseDto {
         originalPath: mapValueOfType<String>(json, r'originalPath')!,
         owner: UserResponseDto.fromJson(json[r'owner']),
         ownerId: mapValueOfType<String>(json, r'ownerId')!,
-        people: PersonWithFacesResponseDto.listFromJson(json[r'people']),
+        people: PeopleWithFacesResponseDto.fromJson(json[r'people']),
         resized: mapValueOfType<bool>(json, r'resized')!,
         smartInfo: SmartInfoResponseDto.fromJson(json[r'smartInfo']),
         stack: AssetResponseDto.listFromJson(json[r'stack']),

mobile/openapi/lib/model/partner_response_dto.dart

@@ -14,30 +14,15 @@ class PartnerResponseDto {
   /// Returns a new [PartnerResponseDto] instance.
   PartnerResponseDto({
     required this.avatarColor,
-    required this.createdAt,
-    required this.deletedAt,
     required this.email,
     required this.id,
     this.inTimeline,
-    required this.isAdmin,
-    this.memoriesEnabled,
     required this.name,
-    required this.oauthId,
     required this.profileImagePath,
-    required this.quotaSizeInBytes,
-    required this.quotaUsageInBytes,
-    required this.shouldChangePassword,
-    required this.status,
-    required this.storageLabel,
-    required this.updatedAt,
   });
 
   UserAvatarColor avatarColor;
 
-  DateTime createdAt;
-
-  DateTime? deletedAt;
-
   String email;
 
   String id;
@@ -50,121 +35,44 @@ class PartnerResponseDto {
   ///
   bool? inTimeline;
 
-  bool isAdmin;
-
-  ///
-  /// Please note: This property should have been non-nullable! Since the specification file
-  /// does not include a default value (using the "default:" property), however, the generated
-  /// source code must fall back to having a nullable type.
-  /// Consider adding a "default:" property in the specification file to hide this note.
-  ///
-  bool? memoriesEnabled;
-
   String name;
 
-  String oauthId;
-
   String profileImagePath;
 
-  int? quotaSizeInBytes;
-
-  int? quotaUsageInBytes;
-
-  bool shouldChangePassword;
-
-  UserStatus status;
-
-  String? storageLabel;
-
-  DateTime updatedAt;
-
   @override
   bool operator ==(Object other) => identical(this, other) || other is PartnerResponseDto &&
     other.avatarColor == avatarColor &&
-    other.createdAt == createdAt &&
-    other.deletedAt == deletedAt &&
     other.email == email &&
     other.id == id &&
     other.inTimeline == inTimeline &&
-    other.isAdmin == isAdmin &&
-    other.memoriesEnabled == memoriesEnabled &&
     other.name == name &&
-    other.oauthId == oauthId &&
-    other.profileImagePath == profileImagePath &&
-    other.quotaSizeInBytes == quotaSizeInBytes &&
-    other.quotaUsageInBytes == quotaUsageInBytes &&
-    other.shouldChangePassword == shouldChangePassword &&
-    other.status == status &&
-    other.storageLabel == storageLabel &&
-    other.updatedAt == updatedAt;
+    other.profileImagePath == profileImagePath;
 
   @override
   int get hashCode =>
     // ignore: unnecessary_parenthesis
     (avatarColor.hashCode) +
-    (createdAt.hashCode) +
-    (deletedAt == null ? 0 : deletedAt!.hashCode) +
     (email.hashCode) +
     (id.hashCode) +
     (inTimeline == null ? 0 : inTimeline!.hashCode) +
-    (isAdmin.hashCode) +
-    (memoriesEnabled == null ? 0 : memoriesEnabled!.hashCode) +
     (name.hashCode) +
-    (oauthId.hashCode) +
-    (profileImagePath.hashCode) +
-    (quotaSizeInBytes == null ? 0 : quotaSizeInBytes!.hashCode) +
-    (quotaUsageInBytes == null ? 0 : quotaUsageInBytes!.hashCode) +
-    (shouldChangePassword.hashCode) +
-    (status.hashCode) +
-    (storageLabel == null ? 0 : storageLabel!.hashCode) +
-    (updatedAt.hashCode);
+    (profileImagePath.hashCode);
 
   @override
-  String toString() => 'PartnerResponseDto[avatarColor=$avatarColor, createdAt=$createdAt, deletedAt=$deletedAt, email=$email, id=$id, inTimeline=$inTimeline, isAdmin=$isAdmin, memoriesEnabled=$memoriesEnabled, name=$name, oauthId=$oauthId, profileImagePath=$profileImagePath, quotaSizeInBytes=$quotaSizeInBytes, quotaUsageInBytes=$quotaUsageInBytes, shouldChangePassword=$shouldChangePassword, status=$status, storageLabel=$storageLabel, updatedAt=$updatedAt]';
+  String toString() => 'PartnerResponseDto[avatarColor=$avatarColor, email=$email, id=$id, inTimeline=$inTimeline, name=$name, profileImagePath=$profileImagePath]';
 
   Map<String, dynamic> toJson() {
     final json = <String, dynamic>{};
       json[r'avatarColor'] = this.avatarColor;
-      json[r'createdAt'] = this.createdAt.toUtc().toIso8601String();
-    if (this.deletedAt != null) {
-      json[r'deletedAt'] = this.deletedAt!.toUtc().toIso8601String();
-    } else {
-    //  json[r'deletedAt'] = null;
-    }
       json[r'email'] = this.email;
       json[r'id'] = this.id;
     if (this.inTimeline != null) {
       json[r'inTimeline'] = this.inTimeline;
     } else {
     //  json[r'inTimeline'] = null;
-    }
-      json[r'isAdmin'] = this.isAdmin;
-    if (this.memoriesEnabled != null) {
-      json[r'memoriesEnabled'] = this.memoriesEnabled;
-    } else {
-    //  json[r'memoriesEnabled'] = null;
     }
       json[r'name'] = this.name;
-      json[r'oauthId'] = this.oauthId;
       json[r'profileImagePath'] = this.profileImagePath;
-    if (this.quotaSizeInBytes != null) {
-      json[r'quotaSizeInBytes'] = this.quotaSizeInBytes;
-    } else {
-    //  json[r'quotaSizeInBytes'] = null;
-    }
-    if (this.quotaUsageInBytes != null) {
-      json[r'quotaUsageInBytes'] = this.quotaUsageInBytes;
-    } else {
-    //  json[r'quotaUsageInBytes'] = null;
-    }
-      json[r'shouldChangePassword'] = this.shouldChangePassword;
-      json[r'status'] = this.status;
-    if (this.storageLabel != null) {
-      json[r'storageLabel'] = this.storageLabel;
-    } else {
-    //  json[r'storageLabel'] = null;
-    }
-      json[r'updatedAt'] = this.updatedAt.toUtc().toIso8601String();
     return json;
   }
 
@@ -177,22 +85,11 @@ class PartnerResponseDto {
 
       return PartnerResponseDto(
         avatarColor: UserAvatarColor.fromJson(json[r'avatarColor'])!,
-        createdAt: mapDateTime(json, r'createdAt', r'')!,
-        deletedAt: mapDateTime(json, r'deletedAt', r''),
         email: mapValueOfType<String>(json, r'email')!,
         id: mapValueOfType<String>(json, r'id')!,
         inTimeline: mapValueOfType<bool>(json, r'inTimeline'),
-        isAdmin: mapValueOfType<bool>(json, r'isAdmin')!,
-        memoriesEnabled: mapValueOfType<bool>(json, r'memoriesEnabled'),
         name: mapValueOfType<String>(json, r'name')!,
-        oauthId: mapValueOfType<String>(json, r'oauthId')!,
         profileImagePath: mapValueOfType<String>(json, r'profileImagePath')!,
-        quotaSizeInBytes: mapValueOfType<int>(json, r'quotaSizeInBytes'),
-        quotaUsageInBytes: mapValueOfType<int>(json, r'quotaUsageInBytes'),
-        shouldChangePassword: mapValueOfType<bool>(json, r'shouldChangePassword')!,
-        status: UserStatus.fromJson(json[r'status'])!,
-        storageLabel: mapValueOfType<String>(json, r'storageLabel'),
-        updatedAt: mapDateTime(json, r'updatedAt', r'')!,
       );
     }
     return null;
@@ -241,20 +138,10 @@ class PartnerResponseDto {
   /// The list of required keys that must be present in a JSON.
   static const requiredKeys = <String>{
     'avatarColor',
-    'createdAt',
-    'deletedAt',
     'email',
     'id',
-    'isAdmin',
     'name',
-    'oauthId',
     'profileImagePath',
-    'quotaSizeInBytes',
-    'quotaUsageInBytes',
-    'shouldChangePassword',
-    'status',
-    'storageLabel',
-    'updatedAt',
   };
 }
 

mobile/openapi/lib/model/people_with_faces_response_dto.dart

@@ -0,0 +1,106 @@
+//
+// AUTO-GENERATED FILE, DO NOT MODIFY!
+//
+// @dart=2.18
+
+// ignore_for_file: unused_element, unused_import
+// ignore_for_file: always_put_required_named_parameters_first
+// ignore_for_file: constant_identifier_names
+// ignore_for_file: lines_longer_than_80_chars
+
+part of openapi.api;
+
+class PeopleWithFacesResponseDto {
+  /// Returns a new [PeopleWithFacesResponseDto] instance.
+  PeopleWithFacesResponseDto({
+    required this.numberOfFaces,
+    this.visiblePeople = const [],
+  });
+
+  int numberOfFaces;
+
+  List<PersonWithFacesResponseDto> visiblePeople;
+
+  @override
+  bool operator ==(Object other) => identical(this, other) || other is PeopleWithFacesResponseDto &&
+    other.numberOfFaces == numberOfFaces &&
+    _deepEquality.equals(other.visiblePeople, visiblePeople);
+
+  @override
+  int get hashCode =>
+    // ignore: unnecessary_parenthesis
+    (numberOfFaces.hashCode) +
+    (visiblePeople.hashCode);
+
+  @override
+  String toString() => 'PeopleWithFacesResponseDto[numberOfFaces=$numberOfFaces, visiblePeople=$visiblePeople]';
+
+  Map<String, dynamic> toJson() {
+    final json = <String, dynamic>{};
+      json[r'numberOfFaces'] = this.numberOfFaces;
+      json[r'visiblePeople'] = this.visiblePeople;
+    return json;
+  }
+
+  /// Returns a new [PeopleWithFacesResponseDto] instance and imports its values from
+  /// [value] if it's a [Map], null otherwise.
+  // ignore: prefer_constructors_over_static_methods
+  static PeopleWithFacesResponseDto? fromJson(dynamic value) {
+    if (value is Map) {
+      final json = value.cast<String, dynamic>();
+
+      return PeopleWithFacesResponseDto(
+        numberOfFaces: mapValueOfType<int>(json, r'numberOfFaces')!,
+        visiblePeople: PersonWithFacesResponseDto.listFromJson(json[r'visiblePeople']),
+      );
+    }
+    return null;
+  }
+
+  static List<PeopleWithFacesResponseDto> listFromJson(dynamic json, {bool growable = false,}) {
+    final result = <PeopleWithFacesResponseDto>[];
+    if (json is List && json.isNotEmpty) {
+      for (final row in json) {
+        final value = PeopleWithFacesResponseDto.fromJson(row);
+        if (value != null) {
+          result.add(value);
+        }
+      }
+    }
+    return result.toList(growable: growable);
+  }
+
+  static Map<String, PeopleWithFacesResponseDto> mapFromJson(dynamic json) {
+    final map = <String, PeopleWithFacesResponseDto>{};
+    if (json is Map && json.isNotEmpty) {
+      json = json.cast<String, dynamic>(); // ignore: parameter_assignments
+      for (final entry in json.entries) {
+        final value = PeopleWithFacesResponseDto.fromJson(entry.value);
+        if (value != null) {
+          map[entry.key] = value;
+        }
+      }
+    }
+    return map;
+  }
+
+  // maps a json object with a list of PeopleWithFacesResponseDto-objects as value to a dart map
+  static Map<String, List<PeopleWithFacesResponseDto>> mapListFromJson(dynamic json, {bool growable = false,}) {
+    final map = <String, List<PeopleWithFacesResponseDto>>{};
+    if (json is Map && json.isNotEmpty) {
+      // ignore: parameter_assignments
+      json = json.cast<String, dynamic>();
+      for (final entry in json.entries) {
+        map[entry.key] = PeopleWithFacesResponseDto.listFromJson(entry.value, growable: growable,);
+      }
+    }
+    return map;
+  }
+
+  /// The list of required keys that must be present in a JSON.
+  static const requiredKeys = <String>{
+    'numberOfFaces',
+    'visiblePeople',
+  };
+}
+

mobile/openapi/lib/model/user_admin_create_dto.dart

@@ -10,9 +10,9 @@
 
 part of openapi.api;
 
-class CreateUserDto {
-  /// Returns a new [CreateUserDto] instance.
-  CreateUserDto({
+class UserAdminCreateDto {
+  /// Returns a new [UserAdminCreateDto] instance.
+  UserAdminCreateDto({
     required this.email,
     this.memoriesEnabled,
     required this.name,
@@ -59,7 +59,7 @@ class CreateUserDto {
   String? storageLabel;
 
   @override
-  bool operator ==(Object other) => identical(this, other) || other is CreateUserDto &&
+  bool operator ==(Object other) => identical(this, other) || other is UserAdminCreateDto &&
     other.email == email &&
     other.memoriesEnabled == memoriesEnabled &&
     other.name == name &&
@@ -82,7 +82,7 @@ class CreateUserDto {
     (storageLabel == null ? 0 : storageLabel!.hashCode);
 
   @override
-  String toString() => 'CreateUserDto[email=$email, memoriesEnabled=$memoriesEnabled, name=$name, notify=$notify, password=$password, quotaSizeInBytes=$quotaSizeInBytes, shouldChangePassword=$shouldChangePassword, storageLabel=$storageLabel]';
+  String toString() => 'UserAdminCreateDto[email=$email, memoriesEnabled=$memoriesEnabled, name=$name, notify=$notify, password=$password, quotaSizeInBytes=$quotaSizeInBytes, shouldChangePassword=$shouldChangePassword, storageLabel=$storageLabel]';
 
   Map<String, dynamic> toJson() {
     final json = <String, dynamic>{};
@@ -117,14 +117,14 @@ class CreateUserDto {
     return json;
   }
 
-  /// Returns a new [CreateUserDto] instance and imports its values from
+  /// Returns a new [UserAdminCreateDto] instance and imports its values from
   /// [value] if it's a [Map], null otherwise.
   // ignore: prefer_constructors_over_static_methods
-  static CreateUserDto? fromJson(dynamic value) {
+  static UserAdminCreateDto? fromJson(dynamic value) {
     if (value is Map) {
       final json = value.cast<String, dynamic>();
 
-      return CreateUserDto(
+      return UserAdminCreateDto(
         email: mapValueOfType<String>(json, r'email')!,
         memoriesEnabled: mapValueOfType<bool>(json, r'memoriesEnabled'),
         name: mapValueOfType<String>(json, r'name')!,
@@ -138,11 +138,11 @@ class CreateUserDto {
     return null;
   }
 
-  static List<CreateUserDto> listFromJson(dynamic json, {bool growable = false,}) {
-    final result = <CreateUserDto>[];
+  static List<UserAdminCreateDto> listFromJson(dynamic json, {bool growable = false,}) {
+    final result = <UserAdminCreateDto>[];
     if (json is List && json.isNotEmpty) {
       for (final row in json) {
-        final value = CreateUserDto.fromJson(row);
+        final value = UserAdminCreateDto.fromJson(row);
         if (value != null) {
           result.add(value);
         }
@@ -151,12 +151,12 @@ class CreateUserDto {
     return result.toList(growable: growable);
   }
 
-  static Map<String, CreateUserDto> mapFromJson(dynamic json) {
-    final map = <String, CreateUserDto>{};
+  static Map<String, UserAdminCreateDto> mapFromJson(dynamic json) {
+    final map = <String, UserAdminCreateDto>{};
     if (json is Map && json.isNotEmpty) {
       json = json.cast<String, dynamic>(); // ignore: parameter_assignments
       for (final entry in json.entries) {
-        final value = CreateUserDto.fromJson(entry.value);
+        final value = UserAdminCreateDto.fromJson(entry.value);
         if (value != null) {
           map[entry.key] = value;
         }
@@ -165,14 +165,14 @@ class CreateUserDto {
     return map;
   }
 
-  // maps a json object with a list of CreateUserDto-objects as value to a dart map
-  static Map<String, List<CreateUserDto>> mapListFromJson(dynamic json, {bool growable = false,}) {
-    final map = <String, List<CreateUserDto>>{};
+  // maps a json object with a list of UserAdminCreateDto-objects as value to a dart map
+  static Map<String, List<UserAdminCreateDto>> mapListFromJson(dynamic json, {bool growable = false,}) {
+    final map = <String, List<UserAdminCreateDto>>{};
     if (json is Map && json.isNotEmpty) {
       // ignore: parameter_assignments
       json = json.cast<String, dynamic>();
       for (final entry in json.entries) {
-        map[entry.key] = CreateUserDto.listFromJson(entry.value, growable: growable,);
+        map[entry.key] = UserAdminCreateDto.listFromJson(entry.value, growable: growable,);
       }
     }
     return map;

mobile/openapi/lib/model/user_admin_delete_dto.dart

@@ -10,9 +10,9 @@
 
 part of openapi.api;
 
-class DeleteUserDto {
-  /// Returns a new [DeleteUserDto] instance.
-  DeleteUserDto({
+class UserAdminDeleteDto {
+  /// Returns a new [UserAdminDeleteDto] instance.
+  UserAdminDeleteDto({
     this.force,
   });
 
@@ -25,7 +25,7 @@ class DeleteUserDto {
   bool? force;
 
   @override
-  bool operator ==(Object other) => identical(this, other) || other is DeleteUserDto &&
+  bool operator ==(Object other) => identical(this, other) || other is UserAdminDeleteDto &&
     other.force == force;
 
   @override
@@ -34,7 +34,7 @@ class DeleteUserDto {
     (force == null ? 0 : force!.hashCode);
 
   @override
-  String toString() => 'DeleteUserDto[force=$force]';
+  String toString() => 'UserAdminDeleteDto[force=$force]';
 
   Map<String, dynamic> toJson() {
     final json = <String, dynamic>{};
@@ -46,25 +46,25 @@ class DeleteUserDto {
     return json;
   }
 
-  /// Returns a new [DeleteUserDto] instance and imports its values from
+  /// Returns a new [UserAdminDeleteDto] instance and imports its values from
   /// [value] if it's a [Map], null otherwise.
   // ignore: prefer_constructors_over_static_methods
-  static DeleteUserDto? fromJson(dynamic value) {
+  static UserAdminDeleteDto? fromJson(dynamic value) {
     if (value is Map) {
       final json = value.cast<String, dynamic>();
 
-      return DeleteUserDto(
+      return UserAdminDeleteDto(
         force: mapValueOfType<bool>(json, r'force'),
       );
     }
     return null;
   }
 
-  static List<DeleteUserDto> listFromJson(dynamic json, {bool growable = false,}) {
-    final result = <DeleteUserDto>[];
+  static List<UserAdminDeleteDto> listFromJson(dynamic json, {bool growable = false,}) {
+    final result = <UserAdminDeleteDto>[];
     if (json is List && json.isNotEmpty) {
       for (final row in json) {
-        final value = DeleteUserDto.fromJson(row);
+        final value = UserAdminDeleteDto.fromJson(row);
         if (value != null) {
           result.add(value);
         }
@@ -73,12 +73,12 @@ class DeleteUserDto {
     return result.toList(growable: growable);
   }
 
-  static Map<String, DeleteUserDto> mapFromJson(dynamic json) {
-    final map = <String, DeleteUserDto>{};
+  static Map<String, UserAdminDeleteDto> mapFromJson(dynamic json) {
+    final map = <String, UserAdminDeleteDto>{};
     if (json is Map && json.isNotEmpty) {
       json = json.cast<String, dynamic>(); // ignore: parameter_assignments
       for (final entry in json.entries) {
-        final value = DeleteUserDto.fromJson(entry.value);
+        final value = UserAdminDeleteDto.fromJson(entry.value);
         if (value != null) {
           map[entry.key] = value;
         }
@@ -87,14 +87,14 @@ class DeleteUserDto {
     return map;
   }
 
-  // maps a json object with a list of DeleteUserDto-objects as value to a dart map
-  static Map<String, List<DeleteUserDto>> mapListFromJson(dynamic json, {bool growable = false,}) {
-    final map = <String, List<DeleteUserDto>>{};
+  // maps a json object with a list of UserAdminDeleteDto-objects as value to a dart map
+  static Map<String, List<UserAdminDeleteDto>> mapListFromJson(dynamic json, {bool growable = false,}) {
+    final map = <String, List<UserAdminDeleteDto>>{};
     if (json is Map && json.isNotEmpty) {
       // ignore: parameter_assignments
       json = json.cast<String, dynamic>();
       for (final entry in json.entries) {
-        map[entry.key] = DeleteUserDto.listFromJson(entry.value, growable: growable,);
+        map[entry.key] = UserAdminDeleteDto.listFromJson(entry.value, growable: growable,);
       }
     }
     return map;

mobile/openapi/lib/model/user_admin_response_dto.dart

@@ -0,0 +1,243 @@
+//
+// AUTO-GENERATED FILE, DO NOT MODIFY!
+//
+// @dart=2.18
+
+// ignore_for_file: unused_element, unused_import
+// ignore_for_file: always_put_required_named_parameters_first
+// ignore_for_file: constant_identifier_names
+// ignore_for_file: lines_longer_than_80_chars
+
+part of openapi.api;
+
+class UserAdminResponseDto {
+  /// Returns a new [UserAdminResponseDto] instance.
+  UserAdminResponseDto({
+    required this.avatarColor,
+    required this.createdAt,
+    required this.deletedAt,
+    required this.email,
+    required this.id,
+    required this.isAdmin,
+    this.memoriesEnabled,
+    required this.name,
+    required this.oauthId,
+    required this.profileImagePath,
+    required this.quotaSizeInBytes,
+    required this.quotaUsageInBytes,
+    required this.shouldChangePassword,
+    required this.status,
+    required this.storageLabel,
+    required this.updatedAt,
+  });
+
+  UserAvatarColor avatarColor;
+
+  DateTime createdAt;
+
+  DateTime? deletedAt;
+
+  String email;
+
+  String id;
+
+  bool isAdmin;
+
+  ///
+  /// Please note: This property should have been non-nullable! Since the specification file
+  /// does not include a default value (using the "default:" property), however, the generated
+  /// source code must fall back to having a nullable type.
+  /// Consider adding a "default:" property in the specification file to hide this note.
+  ///
+  bool? memoriesEnabled;
+
+  String name;
+
+  String oauthId;
+
+  String profileImagePath;
+
+  int? quotaSizeInBytes;
+
+  int? quotaUsageInBytes;
+
+  bool shouldChangePassword;
+
+  UserStatus status;
+
+  String? storageLabel;
+
+  DateTime updatedAt;
+
+  @override
+  bool operator ==(Object other) => identical(this, other) || other is UserAdminResponseDto &&
+    other.avatarColor == avatarColor &&
+    other.createdAt == createdAt &&
+    other.deletedAt == deletedAt &&
+    other.email == email &&
+    other.id == id &&
+    other.isAdmin == isAdmin &&
+    other.memoriesEnabled == memoriesEnabled &&
+    other.name == name &&
+    other.oauthId == oauthId &&
+    other.profileImagePath == profileImagePath &&
+    other.quotaSizeInBytes == quotaSizeInBytes &&
+    other.quotaUsageInBytes == quotaUsageInBytes &&
+    other.shouldChangePassword == shouldChangePassword &&
+    other.status == status &&
+    other.storageLabel == storageLabel &&
+    other.updatedAt == updatedAt;
+
+  @override
+  int get hashCode =>
+    // ignore: unnecessary_parenthesis
+    (avatarColor.hashCode) +
+    (createdAt.hashCode) +
+    (deletedAt == null ? 0 : deletedAt!.hashCode) +
+    (email.hashCode) +
+    (id.hashCode) +
+    (isAdmin.hashCode) +
+    (memoriesEnabled == null ? 0 : memoriesEnabled!.hashCode) +
+    (name.hashCode) +
+    (oauthId.hashCode) +
+    (profileImagePath.hashCode) +
+    (quotaSizeInBytes == null ? 0 : quotaSizeInBytes!.hashCode) +
+    (quotaUsageInBytes == null ? 0 : quotaUsageInBytes!.hashCode) +
+    (shouldChangePassword.hashCode) +
+    (status.hashCode) +
+    (storageLabel == null ? 0 : storageLabel!.hashCode) +
+    (updatedAt.hashCode);
+
+  @override
+  String toString() => 'UserAdminResponseDto[avatarColor=$avatarColor, createdAt=$createdAt, deletedAt=$deletedAt, email=$email, id=$id, isAdmin=$isAdmin, memoriesEnabled=$memoriesEnabled, name=$name, oauthId=$oauthId, profileImagePath=$profileImagePath, quotaSizeInBytes=$quotaSizeInBytes, quotaUsageInBytes=$quotaUsageInBytes, shouldChangePassword=$shouldChangePassword, status=$status, storageLabel=$storageLabel, updatedAt=$updatedAt]';
+
+  Map<String, dynamic> toJson() {
+    final json = <String, dynamic>{};
+      json[r'avatarColor'] = this.avatarColor;
+      json[r'createdAt'] = this.createdAt.toUtc().toIso8601String();
+    if (this.deletedAt != null) {
+      json[r'deletedAt'] = this.deletedAt!.toUtc().toIso8601String();
+    } else {
+    //  json[r'deletedAt'] = null;
+    }
+      json[r'email'] = this.email;
+      json[r'id'] = this.id;
+      json[r'isAdmin'] = this.isAdmin;
+    if (this.memoriesEnabled != null) {
+      json[r'memoriesEnabled'] = this.memoriesEnabled;
+    } else {
+    //  json[r'memoriesEnabled'] = null;
+    }
+      json[r'name'] = this.name;
+      json[r'oauthId'] = this.oauthId;
+      json[r'profileImagePath'] = this.profileImagePath;
+    if (this.quotaSizeInBytes != null) {
+      json[r'quotaSizeInBytes'] = this.quotaSizeInBytes;
+    } else {
+    //  json[r'quotaSizeInBytes'] = null;
+    }
+    if (this.quotaUsageInBytes != null) {
+      json[r'quotaUsageInBytes'] = this.quotaUsageInBytes;
+    } else {
+    //  json[r'quotaUsageInBytes'] = null;
+    }
+      json[r'shouldChangePassword'] = this.shouldChangePassword;
+      json[r'status'] = this.status;
+    if (this.storageLabel != null) {
+      json[r'storageLabel'] = this.storageLabel;
+    } else {
+    //  json[r'storageLabel'] = null;
+    }
+      json[r'updatedAt'] = this.updatedAt.toUtc().toIso8601String();
+    return json;
+  }
+
+  /// Returns a new [UserAdminResponseDto] instance and imports its values from
+  /// [value] if it's a [Map], null otherwise.
+  // ignore: prefer_constructors_over_static_methods
+  static UserAdminResponseDto? fromJson(dynamic value) {
+    if (value is Map) {
+      final json = value.cast<String, dynamic>();
+
+      return UserAdminResponseDto(
+        avatarColor: UserAvatarColor.fromJson(json[r'avatarColor'])!,
+        createdAt: mapDateTime(json, r'createdAt', r'')!,
+        deletedAt: mapDateTime(json, r'deletedAt', r''),
+        email: mapValueOfType<String>(json, r'email')!,
+        id: mapValueOfType<String>(json, r'id')!,
+        isAdmin: mapValueOfType<bool>(json, r'isAdmin')!,
+        memoriesEnabled: mapValueOfType<bool>(json, r'memoriesEnabled'),
+        name: mapValueOfType<String>(json, r'name')!,
+        oauthId: mapValueOfType<String>(json, r'oauthId')!,
+        profileImagePath: mapValueOfType<String>(json, r'profileImagePath')!,
+        quotaSizeInBytes: mapValueOfType<int>(json, r'quotaSizeInBytes'),
+        quotaUsageInBytes: mapValueOfType<int>(json, r'quotaUsageInBytes'),
+        shouldChangePassword: mapValueOfType<bool>(json, r'shouldChangePassword')!,
+        status: UserStatus.fromJson(json[r'status'])!,
+        storageLabel: mapValueOfType<String>(json, r'storageLabel'),
+        updatedAt: mapDateTime(json, r'updatedAt', r'')!,
+      );
+    }
+    return null;
+  }
+
+  static List<UserAdminResponseDto> listFromJson(dynamic json, {bool growable = false,}) {
+    final result = <UserAdminResponseDto>[];
+    if (json is List && json.isNotEmpty) {
+      for (final row in json) {
+        final value = UserAdminResponseDto.fromJson(row);
+        if (value != null) {
+          result.add(value);
+        }
+      }
+    }
+    return result.toList(growable: growable);
+  }
+
+  static Map<String, UserAdminResponseDto> mapFromJson(dynamic json) {
+    final map = <String, UserAdminResponseDto>{};
+    if (json is Map && json.isNotEmpty) {
+      json = json.cast<String, dynamic>(); // ignore: parameter_assignments
+      for (final entry in json.entries) {
+        final value = UserAdminResponseDto.fromJson(entry.value);
+        if (value != null) {
+          map[entry.key] = value;
+        }
+      }
+    }
+    return map;
+  }
+
+  // maps a json object with a list of UserAdminResponseDto-objects as value to a dart map
+  static Map<String, List<UserAdminResponseDto>> mapListFromJson(dynamic json, {bool growable = false,}) {
+    final map = <String, List<UserAdminResponseDto>>{};
+    if (json is Map && json.isNotEmpty) {
+      // ignore: parameter_assignments
+      json = json.cast<String, dynamic>();
+      for (final entry in json.entries) {
+        map[entry.key] = UserAdminResponseDto.listFromJson(entry.value, growable: growable,);
+      }
+    }
+    return map;
+  }
+
+  /// The list of required keys that must be present in a JSON.
+  static const requiredKeys = <String>{
+    'avatarColor',
+    'createdAt',
+    'deletedAt',
+    'email',
+    'id',
+    'isAdmin',
+    'name',
+    'oauthId',
+    'profileImagePath',
+    'quotaSizeInBytes',
+    'quotaUsageInBytes',
+    'shouldChangePassword',
+    'status',
+    'storageLabel',
+    'updatedAt',
+  };
+}
+

mobile/openapi/lib/model/user_admin_update_dto.dart

@@ -10,13 +10,11 @@
 
 part of openapi.api;
 
-class UpdateUserDto {
-  /// Returns a new [UpdateUserDto] instance.
-  UpdateUserDto({
+class UserAdminUpdateDto {
+  /// Returns a new [UserAdminUpdateDto] instance.
+  UserAdminUpdateDto({
     this.avatarColor,
     this.email,
-    required this.id,
-    this.isAdmin,
     this.memoriesEnabled,
     this.name,
     this.password,
@@ -41,16 +39,6 @@ class UpdateUserDto {
   ///
   String? email;
 
-  String id;
-
-  ///
-  /// Please note: This property should have been non-nullable! Since the specification file
-  /// does not include a default value (using the "default:" property), however, the generated
-  /// source code must fall back to having a nullable type.
-  /// Consider adding a "default:" property in the specification file to hide this note.
-  ///
-  bool? isAdmin;
-
   ///
   /// Please note: This property should have been non-nullable! Since the specification file
   /// does not include a default value (using the "default:" property), however, the generated
@@ -86,20 +74,12 @@ class UpdateUserDto {
   ///
   bool? shouldChangePassword;
 
-  ///
-  /// Please note: This property should have been non-nullable! Since the specification file
-  /// does not include a default value (using the "default:" property), however, the generated
-  /// source code must fall back to having a nullable type.
-  /// Consider adding a "default:" property in the specification file to hide this note.
-  ///
   String? storageLabel;
 
   @override
-  bool operator ==(Object other) => identical(this, other) || other is UpdateUserDto &&
+  bool operator ==(Object other) => identical(this, other) || other is UserAdminUpdateDto &&
     other.avatarColor == avatarColor &&
     other.email == email &&
-    other.id == id &&
-    other.isAdmin == isAdmin &&
     other.memoriesEnabled == memoriesEnabled &&
     other.name == name &&
     other.password == password &&
@@ -112,8 +92,6 @@ class UpdateUserDto {
     // ignore: unnecessary_parenthesis
     (avatarColor == null ? 0 : avatarColor!.hashCode) +
     (email == null ? 0 : email!.hashCode) +
-    (id.hashCode) +
-    (isAdmin == null ? 0 : isAdmin!.hashCode) +
     (memoriesEnabled == null ? 0 : memoriesEnabled!.hashCode) +
     (name == null ? 0 : name!.hashCode) +
     (password == null ? 0 : password!.hashCode) +
@@ -122,7 +100,7 @@ class UpdateUserDto {
     (storageLabel == null ? 0 : storageLabel!.hashCode);
 
   @override
-  String toString() => 'UpdateUserDto[avatarColor=$avatarColor, email=$email, id=$id, isAdmin=$isAdmin, memoriesEnabled=$memoriesEnabled, name=$name, password=$password, quotaSizeInBytes=$quotaSizeInBytes, shouldChangePassword=$shouldChangePassword, storageLabel=$storageLabel]';
+  String toString() => 'UserAdminUpdateDto[avatarColor=$avatarColor, email=$email, memoriesEnabled=$memoriesEnabled, name=$name, password=$password, quotaSizeInBytes=$quotaSizeInBytes, shouldChangePassword=$shouldChangePassword, storageLabel=$storageLabel]';
 
   Map<String, dynamic> toJson() {
     final json = <String, dynamic>{};
@@ -135,12 +113,6 @@ class UpdateUserDto {
       json[r'email'] = this.email;
     } else {
     //  json[r'email'] = null;
-    }
-      json[r'id'] = this.id;
-    if (this.isAdmin != null) {
-      json[r'isAdmin'] = this.isAdmin;
-    } else {
-    //  json[r'isAdmin'] = null;
     }
     if (this.memoriesEnabled != null) {
       json[r'memoriesEnabled'] = this.memoriesEnabled;
@@ -175,18 +147,16 @@ class UpdateUserDto {
     return json;
   }
 
-  /// Returns a new [UpdateUserDto] instance and imports its values from
+  /// Returns a new [UserAdminUpdateDto] instance and imports its values from
   /// [value] if it's a [Map], null otherwise.
   // ignore: prefer_constructors_over_static_methods
-  static UpdateUserDto? fromJson(dynamic value) {
+  static UserAdminUpdateDto? fromJson(dynamic value) {
     if (value is Map) {
       final json = value.cast<String, dynamic>();
 
-      return UpdateUserDto(
+      return UserAdminUpdateDto(
         avatarColor: UserAvatarColor.fromJson(json[r'avatarColor']),
         email: mapValueOfType<String>(json, r'email'),
-        id: mapValueOfType<String>(json, r'id')!,
-        isAdmin: mapValueOfType<bool>(json, r'isAdmin'),
         memoriesEnabled: mapValueOfType<bool>(json, r'memoriesEnabled'),
         name: mapValueOfType<String>(json, r'name'),
         password: mapValueOfType<String>(json, r'password'),
@@ -198,11 +168,11 @@ class UpdateUserDto {
     return null;
   }
 
-  static List<UpdateUserDto> listFromJson(dynamic json, {bool growable = false,}) {
-    final result = <UpdateUserDto>[];
+  static List<UserAdminUpdateDto> listFromJson(dynamic json, {bool growable = false,}) {
+    final result = <UserAdminUpdateDto>[];
     if (json is List && json.isNotEmpty) {
       for (final row in json) {
-        final value = UpdateUserDto.fromJson(row);
+        final value = UserAdminUpdateDto.fromJson(row);
         if (value != null) {
           result.add(value);
         }
@@ -211,12 +181,12 @@ class UpdateUserDto {
     return result.toList(growable: growable);
   }
 
-  static Map<String, UpdateUserDto> mapFromJson(dynamic json) {
-    final map = <String, UpdateUserDto>{};
+  static Map<String, UserAdminUpdateDto> mapFromJson(dynamic json) {
+    final map = <String, UserAdminUpdateDto>{};
     if (json is Map && json.isNotEmpty) {
       json = json.cast<String, dynamic>(); // ignore: parameter_assignments
       for (final entry in json.entries) {
-        final value = UpdateUserDto.fromJson(entry.value);
+        final value = UserAdminUpdateDto.fromJson(entry.value);
         if (value != null) {
           map[entry.key] = value;
         }
@@ -225,14 +195,14 @@ class UpdateUserDto {
     return map;
   }
 
-  // maps a json object with a list of UpdateUserDto-objects as value to a dart map
-  static Map<String, List<UpdateUserDto>> mapListFromJson(dynamic json, {bool growable = false,}) {
-    final map = <String, List<UpdateUserDto>>{};
+  // maps a json object with a list of UserAdminUpdateDto-objects as value to a dart map
+  static Map<String, List<UserAdminUpdateDto>> mapListFromJson(dynamic json, {bool growable = false,}) {
+    final map = <String, List<UserAdminUpdateDto>>{};
     if (json is Map && json.isNotEmpty) {
       // ignore: parameter_assignments
       json = json.cast<String, dynamic>();
       for (final entry in json.entries) {
-        map[entry.key] = UpdateUserDto.listFromJson(entry.value, growable: growable,);
+        map[entry.key] = UserAdminUpdateDto.listFromJson(entry.value, growable: growable,);
       }
     }
     return map;
@@ -240,7 +210,6 @@ class UpdateUserDto {
 
   /// The list of required keys that must be present in a JSON.
   static const requiredKeys = <String>{
-    'id',
   };
 }
 

mobile/openapi/lib/model/user_dto.dart

@@ -1,130 +0,0 @@
-//
-// AUTO-GENERATED FILE, DO NOT MODIFY!
-//
-// @dart=2.18
-
-// ignore_for_file: unused_element, unused_import
-// ignore_for_file: always_put_required_named_parameters_first
-// ignore_for_file: constant_identifier_names
-// ignore_for_file: lines_longer_than_80_chars
-
-part of openapi.api;
-
-class UserDto {
-  /// Returns a new [UserDto] instance.
-  UserDto({
-    required this.avatarColor,
-    required this.email,
-    required this.id,
-    required this.name,
-    required this.profileImagePath,
-  });
-
-  UserAvatarColor avatarColor;
-
-  String email;
-
-  String id;
-
-  String name;
-
-  String profileImagePath;
-
-  @override
-  bool operator ==(Object other) => identical(this, other) || other is UserDto &&
-    other.avatarColor == avatarColor &&
-    other.email == email &&
-    other.id == id &&
-    other.name == name &&
-    other.profileImagePath == profileImagePath;
-
-  @override
-  int get hashCode =>
-    // ignore: unnecessary_parenthesis
-    (avatarColor.hashCode) +
-    (email.hashCode) +
-    (id.hashCode) +
-    (name.hashCode) +
-    (profileImagePath.hashCode);
-
-  @override
-  String toString() => 'UserDto[avatarColor=$avatarColor, email=$email, id=$id, name=$name, profileImagePath=$profileImagePath]';
-
-  Map<String, dynamic> toJson() {
-    final json = <String, dynamic>{};
-      json[r'avatarColor'] = this.avatarColor;
-      json[r'email'] = this.email;
-      json[r'id'] = this.id;
-      json[r'name'] = this.name;
-      json[r'profileImagePath'] = this.profileImagePath;
-    return json;
-  }
-
-  /// Returns a new [UserDto] instance and imports its values from
-  /// [value] if it's a [Map], null otherwise.
-  // ignore: prefer_constructors_over_static_methods
-  static UserDto? fromJson(dynamic value) {
-    if (value is Map) {
-      final json = value.cast<String, dynamic>();
-
-      return UserDto(
-        avatarColor: UserAvatarColor.fromJson(json[r'avatarColor'])!,
-        email: mapValueOfType<String>(json, r'email')!,
-        id: mapValueOfType<String>(json, r'id')!,
-        name: mapValueOfType<String>(json, r'name')!,
-        profileImagePath: mapValueOfType<String>(json, r'profileImagePath')!,
-      );
-    }
-    return null;
-  }
-
-  static List<UserDto> listFromJson(dynamic json, {bool growable = false,}) {
-    final result = <UserDto>[];
-    if (json is List && json.isNotEmpty) {
-      for (final row in json) {
-        final value = UserDto.fromJson(row);
-        if (value != null) {
-          result.add(value);
-        }
-      }
-    }
-    return result.toList(growable: growable);
-  }
-
-  static Map<String, UserDto> mapFromJson(dynamic json) {
-    final map = <String, UserDto>{};
-    if (json is Map && json.isNotEmpty) {
-      json = json.cast<String, dynamic>(); // ignore: parameter_assignments
-      for (final entry in json.entries) {
-        final value = UserDto.fromJson(entry.value);
-        if (value != null) {
-          map[entry.key] = value;
-        }
-      }
-    }
-    return map;
-  }
-
-  // maps a json object with a list of UserDto-objects as value to a dart map
-  static Map<String, List<UserDto>> mapListFromJson(dynamic json, {bool growable = false,}) {
-    final map = <String, List<UserDto>>{};
-    if (json is Map && json.isNotEmpty) {
-      // ignore: parameter_assignments
-      json = json.cast<String, dynamic>();
-      for (final entry in json.entries) {
-        map[entry.key] = UserDto.listFromJson(entry.value, growable: growable,);
-      }
-    }
-    return map;
-  }
-
-  /// The list of required keys that must be present in a JSON.
-  static const requiredKeys = <String>{
-    'avatarColor',
-    'email',
-    'id',
-    'name',
-    'profileImagePath',
-  };
-}
-

mobile/openapi/lib/model/user_response_dto.dart

@@ -14,141 +14,49 @@ class UserResponseDto {
   /// Returns a new [UserResponseDto] instance.
   UserResponseDto({
     required this.avatarColor,
-    required this.createdAt,
-    required this.deletedAt,
     required this.email,
     required this.id,
-    required this.isAdmin,
-    this.memoriesEnabled,
     required this.name,
-    required this.oauthId,
     required this.profileImagePath,
-    required this.quotaSizeInBytes,
-    required this.quotaUsageInBytes,
-    required this.shouldChangePassword,
-    required this.status,
-    required this.storageLabel,
-    required this.updatedAt,
   });
 
   UserAvatarColor avatarColor;
 
-  DateTime createdAt;
-
-  DateTime? deletedAt;
-
   String email;
 
   String id;
 
-  bool isAdmin;
-
-  ///
-  /// Please note: This property should have been non-nullable! Since the specification file
-  /// does not include a default value (using the "default:" property), however, the generated
-  /// source code must fall back to having a nullable type.
-  /// Consider adding a "default:" property in the specification file to hide this note.
-  ///
-  bool? memoriesEnabled;
-
   String name;
 
-  String oauthId;
-
   String profileImagePath;
 
-  int? quotaSizeInBytes;
-
-  int? quotaUsageInBytes;
-
-  bool shouldChangePassword;
-
-  UserStatus status;
-
-  String? storageLabel;
-
-  DateTime updatedAt;
-
   @override
   bool operator ==(Object other) => identical(this, other) || other is UserResponseDto &&
     other.avatarColor == avatarColor &&
-    other.createdAt == createdAt &&
-    other.deletedAt == deletedAt &&
     other.email == email &&
     other.id == id &&
-    other.isAdmin == isAdmin &&
-    other.memoriesEnabled == memoriesEnabled &&
     other.name == name &&
-    other.oauthId == oauthId &&
-    other.profileImagePath == profileImagePath &&
-    other.quotaSizeInBytes == quotaSizeInBytes &&
-    other.quotaUsageInBytes == quotaUsageInBytes &&
-    other.shouldChangePassword == shouldChangePassword &&
-    other.status == status &&
-    other.storageLabel == storageLabel &&
-    other.updatedAt == updatedAt;
+    other.profileImagePath == profileImagePath;
 
   @override
   int get hashCode =>
     // ignore: unnecessary_parenthesis
     (avatarColor.hashCode) +
-    (createdAt.hashCode) +
-    (deletedAt == null ? 0 : deletedAt!.hashCode) +
     (email.hashCode) +
     (id.hashCode) +
-    (isAdmin.hashCode) +
-    (memoriesEnabled == null ? 0 : memoriesEnabled!.hashCode) +
     (name.hashCode) +
-    (oauthId.hashCode) +
-    (profileImagePath.hashCode) +
-    (quotaSizeInBytes == null ? 0 : quotaSizeInBytes!.hashCode) +
-    (quotaUsageInBytes == null ? 0 : quotaUsageInBytes!.hashCode) +
-    (shouldChangePassword.hashCode) +
-    (status.hashCode) +
-    (storageLabel == null ? 0 : storageLabel!.hashCode) +
-    (updatedAt.hashCode);
+    (profileImagePath.hashCode);
 
   @override
-  String toString() => 'UserResponseDto[avatarColor=$avatarColor, createdAt=$createdAt, deletedAt=$deletedAt, email=$email, id=$id, isAdmin=$isAdmin, memoriesEnabled=$memoriesEnabled, name=$name, oauthId=$oauthId, profileImagePath=$profileImagePath, quotaSizeInBytes=$quotaSizeInBytes, quotaUsageInBytes=$quotaUsageInBytes, shouldChangePassword=$shouldChangePassword, status=$status, storageLabel=$storageLabel, updatedAt=$updatedAt]';
+  String toString() => 'UserResponseDto[avatarColor=$avatarColor, email=$email, id=$id, name=$name, profileImagePath=$profileImagePath]';
 
   Map<String, dynamic> toJson() {
     final json = <String, dynamic>{};
       json[r'avatarColor'] = this.avatarColor;
-      json[r'createdAt'] = this.createdAt.toUtc().toIso8601String();
-    if (this.deletedAt != null) {
-      json[r'deletedAt'] = this.deletedAt!.toUtc().toIso8601String();
-    } else {
-    //  json[r'deletedAt'] = null;
-    }
       json[r'email'] = this.email;
       json[r'id'] = this.id;
-      json[r'isAdmin'] = this.isAdmin;
-    if (this.memoriesEnabled != null) {
-      json[r'memoriesEnabled'] = this.memoriesEnabled;
-    } else {
-    //  json[r'memoriesEnabled'] = null;
-    }
       json[r'name'] = this.name;
-      json[r'oauthId'] = this.oauthId;
       json[r'profileImagePath'] = this.profileImagePath;
-    if (this.quotaSizeInBytes != null) {
-      json[r'quotaSizeInBytes'] = this.quotaSizeInBytes;
-    } else {
-    //  json[r'quotaSizeInBytes'] = null;
-    }
-    if (this.quotaUsageInBytes != null) {
-      json[r'quotaUsageInBytes'] = this.quotaUsageInBytes;
-    } else {
-    //  json[r'quotaUsageInBytes'] = null;
-    }
-      json[r'shouldChangePassword'] = this.shouldChangePassword;
-      json[r'status'] = this.status;
-    if (this.storageLabel != null) {
-      json[r'storageLabel'] = this.storageLabel;
-    } else {
-    //  json[r'storageLabel'] = null;
-    }
-      json[r'updatedAt'] = this.updatedAt.toUtc().toIso8601String();
     return json;
   }
 
@@ -161,21 +69,10 @@ class UserResponseDto {
 
       return UserResponseDto(
         avatarColor: UserAvatarColor.fromJson(json[r'avatarColor'])!,
-        createdAt: mapDateTime(json, r'createdAt', r'')!,
-        deletedAt: mapDateTime(json, r'deletedAt', r''),
         email: mapValueOfType<String>(json, r'email')!,
         id: mapValueOfType<String>(json, r'id')!,
-        isAdmin: mapValueOfType<bool>(json, r'isAdmin')!,
-        memoriesEnabled: mapValueOfType<bool>(json, r'memoriesEnabled'),
         name: mapValueOfType<String>(json, r'name')!,
-        oauthId: mapValueOfType<String>(json, r'oauthId')!,
         profileImagePath: mapValueOfType<String>(json, r'profileImagePath')!,
-        quotaSizeInBytes: mapValueOfType<int>(json, r'quotaSizeInBytes'),
-        quotaUsageInBytes: mapValueOfType<int>(json, r'quotaUsageInBytes'),
-        shouldChangePassword: mapValueOfType<bool>(json, r'shouldChangePassword')!,
-        status: UserStatus.fromJson(json[r'status'])!,
-        storageLabel: mapValueOfType<String>(json, r'storageLabel'),
-        updatedAt: mapDateTime(json, r'updatedAt', r'')!,
       );
     }
     return null;
@@ -224,20 +121,10 @@ class UserResponseDto {
   /// The list of required keys that must be present in a JSON.
   static const requiredKeys = <String>{
     'avatarColor',
-    'createdAt',
-    'deletedAt',
     'email',
     'id',
-    'isAdmin',
     'name',
-    'oauthId',
     'profileImagePath',
-    'quotaSizeInBytes',
-    'quotaUsageInBytes',
-    'shouldChangePassword',
-    'status',
-    'storageLabel',
-    'updatedAt',
   };
 }
 

mobile/openapi/lib/model/user_update_me_dto.dart

@@ -0,0 +1,175 @@
+//
+// AUTO-GENERATED FILE, DO NOT MODIFY!
+//
+// @dart=2.18
+
+// ignore_for_file: unused_element, unused_import
+// ignore_for_file: always_put_required_named_parameters_first
+// ignore_for_file: constant_identifier_names
+// ignore_for_file: lines_longer_than_80_chars
+
+part of openapi.api;
+
+class UserUpdateMeDto {
+  /// Returns a new [UserUpdateMeDto] instance.
+  UserUpdateMeDto({
+    this.avatarColor,
+    this.email,
+    this.memoriesEnabled,
+    this.name,
+    this.password,
+  });
+
+  ///
+  /// Please note: This property should have been non-nullable! Since the specification file
+  /// does not include a default value (using the "default:" property), however, the generated
+  /// source code must fall back to having a nullable type.
+  /// Consider adding a "default:" property in the specification file to hide this note.
+  ///
+  UserAvatarColor? avatarColor;
+
+  ///
+  /// Please note: This property should have been non-nullable! Since the specification file
+  /// does not include a default value (using the "default:" property), however, the generated
+  /// source code must fall back to having a nullable type.
+  /// Consider adding a "default:" property in the specification file to hide this note.
+  ///
+  String? email;
+
+  ///
+  /// Please note: This property should have been non-nullable! Since the specification file
+  /// does not include a default value (using the "default:" property), however, the generated
+  /// source code must fall back to having a nullable type.
+  /// Consider adding a "default:" property in the specification file to hide this note.
+  ///
+  bool? memoriesEnabled;
+
+  ///
+  /// Please note: This property should have been non-nullable! Since the specification file
+  /// does not include a default value (using the "default:" property), however, the generated
+  /// source code must fall back to having a nullable type.
+  /// Consider adding a "default:" property in the specification file to hide this note.
+  ///
+  String? name;
+
+  ///
+  /// Please note: This property should have been non-nullable! Since the specification file
+  /// does not include a default value (using the "default:" property), however, the generated
+  /// source code must fall back to having a nullable type.
+  /// Consider adding a "default:" property in the specification file to hide this note.
+  ///
+  String? password;
+
+  @override
+  bool operator ==(Object other) => identical(this, other) || other is UserUpdateMeDto &&
+    other.avatarColor == avatarColor &&
+    other.email == email &&
+    other.memoriesEnabled == memoriesEnabled &&
+    other.name == name &&
+    other.password == password;
+
+  @override
+  int get hashCode =>
+    // ignore: unnecessary_parenthesis
+    (avatarColor == null ? 0 : avatarColor!.hashCode) +
+    (email == null ? 0 : email!.hashCode) +
+    (memoriesEnabled == null ? 0 : memoriesEnabled!.hashCode) +
+    (name == null ? 0 : name!.hashCode) +
+    (password == null ? 0 : password!.hashCode);
+
+  @override
+  String toString() => 'UserUpdateMeDto[avatarColor=$avatarColor, email=$email, memoriesEnabled=$memoriesEnabled, name=$name, password=$password]';
+
+  Map<String, dynamic> toJson() {
+    final json = <String, dynamic>{};
+    if (this.avatarColor != null) {
+      json[r'avatarColor'] = this.avatarColor;
+    } else {
+    //  json[r'avatarColor'] = null;
+    }
+    if (this.email != null) {
+      json[r'email'] = this.email;
+    } else {
+    //  json[r'email'] = null;
+    }
+    if (this.memoriesEnabled != null) {
+      json[r'memoriesEnabled'] = this.memoriesEnabled;
+    } else {
+    //  json[r'memoriesEnabled'] = null;
+    }
+    if (this.name != null) {
+      json[r'name'] = this.name;
+    } else {
+    //  json[r'name'] = null;
+    }
+    if (this.password != null) {
+      json[r'password'] = this.password;
+    } else {
+    //  json[r'password'] = null;
+    }
+    return json;
+  }
+
+  /// Returns a new [UserUpdateMeDto] instance and imports its values from
+  /// [value] if it's a [Map], null otherwise.
+  // ignore: prefer_constructors_over_static_methods
+  static UserUpdateMeDto? fromJson(dynamic value) {
+    if (value is Map) {
+      final json = value.cast<String, dynamic>();
+
+      return UserUpdateMeDto(
+        avatarColor: UserAvatarColor.fromJson(json[r'avatarColor']),
+        email: mapValueOfType<String>(json, r'email'),
+        memoriesEnabled: mapValueOfType<bool>(json, r'memoriesEnabled'),
+        name: mapValueOfType<String>(json, r'name'),
+        password: mapValueOfType<String>(json, r'password'),
+      );
+    }
+    return null;
+  }
+
+  static List<UserUpdateMeDto> listFromJson(dynamic json, {bool growable = false,}) {
+    final result = <UserUpdateMeDto>[];
+    if (json is List && json.isNotEmpty) {
+      for (final row in json) {
+        final value = UserUpdateMeDto.fromJson(row);
+        if (value != null) {
+          result.add(value);
+        }
+      }
+    }
+    return result.toList(growable: growable);
+  }
+
+  static Map<String, UserUpdateMeDto> mapFromJson(dynamic json) {
+    final map = <String, UserUpdateMeDto>{};
+    if (json is Map && json.isNotEmpty) {
+      json = json.cast<String, dynamic>(); // ignore: parameter_assignments
+      for (final entry in json.entries) {
+        final value = UserUpdateMeDto.fromJson(entry.value);
+        if (value != null) {
+          map[entry.key] = value;
+        }
+      }
+    }
+    return map;
+  }
+
+  // maps a json object with a list of UserUpdateMeDto-objects as value to a dart map
+  static Map<String, List<UserUpdateMeDto>> mapListFromJson(dynamic json, {bool growable = false,}) {
+    final map = <String, List<UserUpdateMeDto>>{};
+    if (json is Map && json.isNotEmpty) {
+      // ignore: parameter_assignments
+      json = json.cast<String, dynamic>();
+      for (final entry in json.entries) {
+        map[entry.key] = UserUpdateMeDto.listFromJson(entry.value, growable: growable,);
+      }
+    }
+    return map;
+  }
+
+  /// The list of required keys that must be present in a JSON.
+  static const requiredKeys = <String>{
+  };
+}
+

mobile/openapi/test/people_with_faces_response_dto_test.dart

@@ -0,0 +1,32 @@
+//
+// AUTO-GENERATED FILE, DO NOT MODIFY!
+//
+// @dart=2.18
+
+// ignore_for_file: unused_element, unused_import
+// ignore_for_file: always_put_required_named_parameters_first
+// ignore_for_file: constant_identifier_names
+// ignore_for_file: lines_longer_than_80_chars
+
+import 'package:openapi/api.dart';
+import 'package:test/test.dart';
+
+// tests for PeopleWithFacesResponseDto
+void main() {
+  // final instance = PeopleWithFacesResponseDto();
+
+  group('test PeopleWithFacesResponseDto', () {
+    // int numberOfFaces
+    test('to test the property `numberOfFaces`', () async {
+      // TODO
+    });
+
+    // List<PersonWithFacesResponseDto> visiblePeople (default value: const [])
+    test('to test the property `visiblePeople`', () async {
+      // TODO
+    });
+
+
+  });
+
+}

open-api/typescript-sdk/README.md

@@ -13,13 +13,22 @@ npm i --save @immich/sdk
 For a more detailed example, check out the [`@immich/cli`](https://github.com/immich-app/immich/tree/main/cli).
 
 ```typescript
+<<<<<<< HEAD
+import { getAllAlbums, getAllAssets, getMyUser, init } from "@immich/sdk";
+=======
 import { getAllAlbums, getMyUserInfo, init } from "@immich/sdk";
+>>>>>>> e7c8501930a988dfb6c23ce1c48b0beb076a58c2
 
 const API_KEY = "<API_KEY>"; // process.env.IMMICH_API_KEY
 
 init({ baseUrl: "https://demo.immich.app/api", apiKey: API_KEY });
 
+<<<<<<< HEAD
+const user = await getMyUser();
+const assets = await getAllAssets({ take: 1000 });
+=======
 const user = await getMyUserInfo();
+>>>>>>> e7c8501930a988dfb6c23ce1c48b0beb076a58c2
 const albums = await getAllAlbums({});
 
 console.log({ user, albums });

open-api/typescript-sdk/src/fetch-client.ts

@@ -14,7 +14,7 @@ const oazapfts = Oazapfts.runtime(defaults);
 export const servers = {
     server1: "/api"
 };
-export type UserDto = {
+export type UserResponseDto = {
     avatarColor: UserAvatarColor;
     email: string;
     id: string;
@@ -27,7 +27,7 @@ export type ActivityResponseDto = {
     createdAt: string;
     id: string;
     "type": Type;
-    user: UserDto;
+    user: UserResponseDto;
 };
 export type ActivityCreateDto = {
     albumId: string;
@@ -38,7 +38,7 @@ export type ActivityCreateDto = {
 export type ActivityStatisticsResponseDto = {
     comments: number;
 };
-export type UserResponseDto = {
+export type UserAdminResponseDto = {
     avatarColor: UserAvatarColor;
     createdAt: string;
     deletedAt: string | null;
@@ -56,6 +56,29 @@ export type UserResponseDto = {
     storageLabel: string | null;
     updatedAt: string;
 };
+export type UserAdminCreateDto = {
+    email: string;
+    memoriesEnabled?: boolean;
+    name: string;
+    notify?: boolean;
+    password: string;
+    quotaSizeInBytes?: number | null;
+    shouldChangePassword?: boolean;
+    storageLabel?: string | null;
+};
+export type UserAdminDeleteDto = {
+    force?: boolean;
+};
+export type UserAdminUpdateDto = {
+    avatarColor?: UserAvatarColor;
+    email?: string;
+    memoriesEnabled?: boolean;
+    name?: string;
+    password?: string;
+    quotaSizeInBytes?: number | null;
+    shouldChangePassword?: boolean;
+    storageLabel?: string | null;
+};
 export type AlbumUserResponseDto = {
     role: AlbumUserRole;
     user: UserResponseDto;
@@ -100,6 +123,10 @@ export type PersonWithFacesResponseDto = {
     name: string;
     thumbnailPath: string;
 };
+export type PeopleWithFacesResponseDto = {
+    numberOfFaces: number;
+    visiblePeople: PersonWithFacesResponseDto[];
+};
 export type SmartInfoResponseDto = {
     objects?: string[] | null;
     tags?: string[] | null;
@@ -134,7 +161,7 @@ export type AssetResponseDto = {
     originalPath: string;
     owner?: UserResponseDto;
     ownerId: string;
-    people?: PersonWithFacesResponseDto[];
+    people?: PeopleWithFacesResponseDto;
     resized: boolean;
     smartInfo?: SmartInfoResponseDto;
     stack?: AssetResponseDto[];
@@ -517,26 +544,22 @@ export type OAuthCallbackDto = {
 };
 export type PartnerResponseDto = {
     avatarColor: UserAvatarColor;
-    createdAt: string;
-    deletedAt: string | null;
     email: string;
     id: string;
     inTimeline?: boolean;
-    isAdmin: boolean;
-    memoriesEnabled?: boolean;
     name: string;
-    oauthId: string;
     profileImagePath: string;
-    quotaSizeInBytes: number | null;
-    quotaUsageInBytes: number | null;
-    shouldChangePassword: boolean;
-    status: UserStatus;
-    storageLabel: string | null;
-    updatedAt: string;
 };
 export type UpdatePartnerDto = {
     inTimeline: boolean;
 };
+export type AssetFaceUpdateItem = {
+    assetId: string;
+    personId: string;
+};
+export type AssetFaceUpdateDto = {
+    data: AssetFaceUpdateItem[];
+};
 export type PeopleResponseDto = {
     hidden: number;
     people: PersonResponseDto[];
@@ -581,13 +604,6 @@ export type PersonUpdateDto = {
 export type MergePersonDto = {
     ids: string[];
 };
-export type AssetFaceUpdateItem = {
-    assetId: string;
-    personId: string;
-};
-export type AssetFaceUpdateDto = {
-    data: AssetFaceUpdateItem[];
-};
 export type PersonStatisticsResponseDto = {
     assets: number;
 };
@@ -1060,27 +1076,12 @@ export type TimeBucketResponseDto = {
     count: number;
     timeBucket: string;
 };
-export type CreateUserDto = {
-    email: string;
-    memoriesEnabled?: boolean;
-    name: string;
-    notify?: boolean;
-    password: string;
-    quotaSizeInBytes?: number | null;
-    shouldChangePassword?: boolean;
-    storageLabel?: string | null;
-};
-export type UpdateUserDto = {
+export type UserUpdateMeDto = {
     avatarColor?: UserAvatarColor;
     email?: string;
-    id: string;
-    isAdmin?: boolean;
     memoriesEnabled?: boolean;
     name?: string;
     password?: string;
-    quotaSizeInBytes?: number | null;
-    shouldChangePassword?: boolean;
-    storageLabel?: string;
 };
 export type CreateProfileImageDto = {
     file: Blob;
@@ -1089,9 +1090,6 @@ export type CreateProfileImageResponseDto = {
     profileImagePath: string;
     userId: string;
 };
-export type DeleteUserDto = {
-    force?: boolean;
-};
 export function getActivities({ albumId, assetId, level, $type, userId }: {
     albumId: string;
     assetId?: string;
@@ -1146,6 +1144,77 @@ export function deleteActivity({ id }: {
         method: "DELETE"
     }));
 }
+export function searchUsersAdmin({ withDeleted }: {
+    withDeleted?: boolean;
+}, opts?: Oazapfts.RequestOpts) {
+    return oazapfts.ok(oazapfts.fetchJson<{
+        status: 200;
+        data: UserAdminResponseDto[];
+    }>(`/admin/users${QS.query(QS.explode({
+        withDeleted
+    }))}`, {
+        ...opts
+    }));
+}
+export function createUserAdmin({ userAdminCreateDto }: {
+    userAdminCreateDto: UserAdminCreateDto;
+}, opts?: Oazapfts.RequestOpts) {
+    return oazapfts.ok(oazapfts.fetchJson<{
+        status: 201;
+        data: UserAdminResponseDto;
+    }>("/admin/users", oazapfts.json({
+        ...opts,
+        method: "POST",
+        body: userAdminCreateDto
+    })));
+}
+export function deleteUserAdmin({ id, userAdminDeleteDto }: {
+    id: string;
+    userAdminDeleteDto: UserAdminDeleteDto;
+}, opts?: Oazapfts.RequestOpts) {
+    return oazapfts.ok(oazapfts.fetchJson<{
+        status: 200;
+        data: UserAdminResponseDto;
+    }>(`/admin/users/${encodeURIComponent(id)}`, oazapfts.json({
+        ...opts,
+        method: "DELETE",
+        body: userAdminDeleteDto
+    })));
+}
+export function getUserAdmin({ id }: {
+    id: string;
+}, opts?: Oazapfts.RequestOpts) {
+    return oazapfts.ok(oazapfts.fetchJson<{
+        status: 200;
+        data: UserAdminResponseDto;
+    }>(`/admin/users/${encodeURIComponent(id)}`, {
+        ...opts
+    }));
+}
+export function updateUserAdmin({ id, userAdminUpdateDto }: {
+    id: string;
+    userAdminUpdateDto: UserAdminUpdateDto;
+}, opts?: Oazapfts.RequestOpts) {
+    return oazapfts.ok(oazapfts.fetchJson<{
+        status: 200;
+        data: UserAdminResponseDto;
+    }>(`/admin/users/${encodeURIComponent(id)}`, oazapfts.json({
+        ...opts,
+        method: "PUT",
+        body: userAdminUpdateDto
+    })));
+}
+export function restoreUserAdmin({ id }: {
+    id: string;
+}, opts?: Oazapfts.RequestOpts) {
+    return oazapfts.ok(oazapfts.fetchJson<{
+        status: 201;
+        data: UserAdminResponseDto;
+    }>(`/admin/users/${encodeURIComponent(id)}/restore`, {
+        ...opts,
+        method: "POST"
+    }));
+}
 export function getAllAlbums({ assetId, shared }: {
     assetId?: string;
     shared?: boolean;
@@ -1589,7 +1658,7 @@ export function signUpAdmin({ signUpDto }: {
 }, opts?: Oazapfts.RequestOpts) {
     return oazapfts.ok(oazapfts.fetchJson<{
         status: 201;
-        data: UserResponseDto;
+        data: UserAdminResponseDto;
     }>("/auth/admin-sign-up", oazapfts.json({
         ...opts,
         method: "POST",
@@ -1601,7 +1670,7 @@ export function changePassword({ changePasswordDto }: {
 }, opts?: Oazapfts.RequestOpts) {
     return oazapfts.ok(oazapfts.fetchJson<{
         status: 200;
-        data: UserResponseDto;
+        data: UserAdminResponseDto;
     }>("/auth/change-password", oazapfts.json({
         ...opts,
         method: "POST",
@@ -1702,6 +1771,17 @@ export function getFaces({ id }: {
         ...opts
     }));
 }
+export function unassignFace({ id }: {
+    id: string;
+}, opts?: Oazapfts.RequestOpts) {
+    return oazapfts.ok(oazapfts.fetchJson<{
+        status: 200;
+        data: AssetFaceResponseDto;
+    }>(`/faces/${encodeURIComponent(id)}`, {
+        ...opts,
+        method: "DELETE"
+    }));
+}
 export function reassignFacesById({ id, faceDto }: {
     id: string;
     faceDto: FaceDto;
@@ -1934,7 +2014,7 @@ export function linkOAuthAccount({ oAuthCallbackDto }: {
 }, opts?: Oazapfts.RequestOpts) {
     return oazapfts.ok(oazapfts.fetchJson<{
         status: 201;
-        data: UserResponseDto;
+        data: UserAdminResponseDto;
     }>("/oauth/link", oazapfts.json({
         ...opts,
         method: "POST",
@@ -1949,7 +2029,7 @@ export function redirectOAuthToMobile(opts?: Oazapfts.RequestOpts) {
 export function unlinkOAuthAccount(opts?: Oazapfts.RequestOpts) {
     return oazapfts.ok(oazapfts.fetchJson<{
         status: 201;
-        data: UserResponseDto;
+        data: UserAdminResponseDto;
     }>("/oauth/unlink", {
         ...opts,
         method: "POST"
@@ -1999,6 +2079,18 @@ export function updatePartner({ id, updatePartnerDto }: {
         body: updatePartnerDto
     })));
 }
+export function unassignFaces({ assetFaceUpdateDto }: {
+    assetFaceUpdateDto: AssetFaceUpdateDto;
+}, opts?: Oazapfts.RequestOpts) {
+    return oazapfts.ok(oazapfts.fetchJson<{
+        status: 200;
+        data: BulkIdResponseDto[];
+    }>("/people", oazapfts.json({
+        ...opts,
+        method: "DELETE",
+        body: assetFaceUpdateDto
+    })));
+}
 export function getAllPeople({ withHidden }: {
     withHidden?: boolean;
 }, opts?: Oazapfts.RequestOpts) {
@@ -2687,50 +2779,34 @@ export function restoreAssets({ bulkIdsDto }: {
         body: bulkIdsDto
     })));
 }
-export function getAllUsers({ isAll }: {
-    isAll: boolean;
-}, opts?: Oazapfts.RequestOpts) {
+export function searchUsers(opts?: Oazapfts.RequestOpts) {
     return oazapfts.ok(oazapfts.fetchJson<{
         status: 200;
         data: UserResponseDto[];
-    }>(`/users${QS.query(QS.explode({
-        isAll
-    }))}`, {
+    }>("/users", {
         ...opts
     }));
 }
-export function createUser({ createUserDto }: {
-    createUserDto: CreateUserDto;
-}, opts?: Oazapfts.RequestOpts) {
-    return oazapfts.ok(oazapfts.fetchJson<{
-        status: 201;
-        data: UserResponseDto;
-    }>("/users", oazapfts.json({
-        ...opts,
-        method: "POST",
-        body: createUserDto
-    })));
-}
-export function updateUser({ updateUserDto }: {
-    updateUserDto: UpdateUserDto;
-}, opts?: Oazapfts.RequestOpts) {
+export function getMyUser(opts?: Oazapfts.RequestOpts) {
     return oazapfts.ok(oazapfts.fetchJson<{
         status: 200;
-        data: UserResponseDto;
-    }>("/users", oazapfts.json({
-        ...opts,
-        method: "PUT",
-        body: updateUserDto
-    })));
-}
-export function getMyUserInfo(opts?: Oazapfts.RequestOpts) {
-    return oazapfts.ok(oazapfts.fetchJson<{
-        status: 200;
-        data: UserResponseDto;
+        data: UserAdminResponseDto;
     }>("/users/me", {
         ...opts
     }));
 }
+export function updateMyUser({ userUpdateMeDto }: {
+    userUpdateMeDto: UserUpdateMeDto;
+}, opts?: Oazapfts.RequestOpts) {
+    return oazapfts.ok(oazapfts.fetchJson<{
+        status: 200;
+        data: UserAdminResponseDto;
+    }>("/users/me", oazapfts.json({
+        ...opts,
+        method: "PUT",
+        body: userUpdateMeDto
+    })));
+}
 export function deleteProfileImage(opts?: Oazapfts.RequestOpts) {
     return oazapfts.ok(oazapfts.fetchText("/users/profile-image", {
         ...opts,
@@ -2749,20 +2825,7 @@ export function createProfileImage({ createProfileImageDto }: {
         body: createProfileImageDto
     })));
 }
-export function deleteUser({ id, deleteUserDto }: {
-    id: string;
-    deleteUserDto: DeleteUserDto;
-}, opts?: Oazapfts.RequestOpts) {
-    return oazapfts.ok(oazapfts.fetchJson<{
-        status: 200;
-        data: UserResponseDto;
-    }>(`/users/${encodeURIComponent(id)}`, oazapfts.json({
-        ...opts,
-        method: "DELETE",
-        body: deleteUserDto
-    })));
-}
-export function getUserById({ id }: {
+export function getUser({ id }: {
     id: string;
 }, opts?: Oazapfts.RequestOpts) {
     return oazapfts.ok(oazapfts.fetchJson<{
@@ -2782,17 +2845,6 @@ export function getProfileImage({ id }: {
         ...opts
     }));
 }
-export function restoreUser({ id }: {
-    id: string;
-}, opts?: Oazapfts.RequestOpts) {
-    return oazapfts.ok(oazapfts.fetchJson<{
-        status: 201;
-        data: UserResponseDto;
-    }>(`/users/${encodeURIComponent(id)}/restore`, {
-        ...opts,
-        method: "POST"
-    }));
-}
 export enum ReactionLevel {
     Album = "album",
     Asset = "asset"
@@ -2817,15 +2869,15 @@ export enum UserAvatarColor {
     Gray = "gray",
     Amber = "amber"
 }
-export enum AlbumUserRole {
-    Editor = "editor",
-    Viewer = "viewer"
-}
 export enum UserStatus {
     Active = "active",
     Removing = "removing",
     Deleted = "deleted"
 }
+export enum AlbumUserRole {
+    Editor = "editor",
+    Viewer = "viewer"
+}
 export enum TagTypeEnum {
     Object = "OBJECT",
     Face = "FACE",

readme_i18n/README_fr_FR.md

@@ -11,7 +11,7 @@
 <p align="center">
 <img src="../design/immich-logo-stacked-light.svg" width="300" title="Login With Custom URL">
 </p>
-<h3 align="center">Immich - Solution de sauvegarde performante et auto-hébergée des photos et des vidéos</h3>
+<h3 align="center">Immich - Solution de sauvegarde performante et auto-hébergée de photos et de vidéos</h3>
 <br/>
 <a href="https://immich.app">
 <img src="../design/immich-screenshots.png" title="Main Screenshot">
@@ -36,16 +36,16 @@
 ## Clause de non-responsabilité
 
 - ⚠️ Le projet est en **très fort** développement.
-- ⚠️ Attendez-vous à rencontrer des bugs et des changements importants.
-- ⚠️ **N'utilisez pas cette application comme seule façon de sauvegarder vos photos et vos vidéos.**
+- ⚠️ Attendez-vous à rencontrer des bogues et des changements importants.
+- ⚠️ **N'utilisez pas cette application comme seul support de sauvegarde de vos photos et vos vidéos.**
 - ⚠️ Ayez toujours un plan de sauvegarde en [3-2-1](https://www.seagate.com/fr/fr/blog/what-is-a-3-2-1-backup-strategy/) pour vos précieuses photos et vidéos !
 
 ## Sommaire
 
 - [Documentation officielle](https://immich.app/docs)
 - [Feuille de route](https://github.com/orgs/immich-app/projects/1)
-- [Démo](#demo)
-- [Fonctionnalités](#features)
+- [Démo](#démo)
+- [Fonctionnalités](#fonctionnalités)
 - [Introduction](https://immich.app/docs/overview/introduction)
 - [Installation](https://immich.app/docs/install/requirements)
 - [Contribution](https://immich.app/docs/overview/support-the-project)
@@ -56,26 +56,31 @@ Vous pouvez trouver la documentation principale ainsi que les guides d'installat
 
 ## Démo
 
-Vous pouvez accéder à la démo Web sur https://demo.immich.app
+Vous pouvez accéder à la démo en ligne sur https://demo.immich.app
 
-Pour l'application mobile, vous pouvez utiliser `https://demo.immich.app/api` dans le champ 'URL du point d'accès au serveur'
+Pour l'application mobile, vous pouvez utiliser `https://demo.immich.app/api` dans le champ `URL du point d'accès au serveur`
 
-```bash title="Demo Credential"
+```bash title="Identifiants pour la démo"
 Les identifiants
 email: demo@immich.app
 mot de passe: demo
 ```
 
 ```
-Caractéristiques: Plan gratuit Oracle VM - Amsterdam - 2.4Ghz quatre-cœurs ARM64 CPU, 24GB RAM
+Caractéristiques : Plan gratuit Oracle VM - Amsterdam - 2.4Ghz quatre-cœurs ARM64 CPU, 24GB RAM
 ```
 
-# Fonctionnalités
+## Activités
+
+![Activités](https://repobeats.axiom.co/api/embed/9e86d9dc3ddd137161f2f6d2e758d7863b1789cb.svg "Image des statistiques Repobeats")
+
+## Fonctionnalités
 
 | Fonctionnalités                                                  | Mobile | Web |
 | ---------------------------------------------------------------- | ------ | --- |
 | Téléverser et voir les vidéos et photos                          | Oui    | Oui |
 | Sauvegarde automatique quand l'application est ouverte           | Oui    | N/A |
+| Prévention contre la duplication des photos et des vidéos        | Oui    | Oui |
 | Sélection des albums à sauvegarder                               | Oui    | N/A |
 | Télécharger les photos et les vidéos sur l'appareil              | Oui    | Oui |
 | Support multi-utilisateur                                        | Oui    | Oui |
@@ -89,13 +94,32 @@ Caractéristiques: Plan gratuit Oracle VM - Amsterdam - 2.4Ghz quatre-cœurs ARM
 | Défilement virtuel                                               | Oui    | Oui |
 | Support de l'OAuth                                               | Oui    | Oui |
 | Clés d'API                                                       | N/A    | Oui |
-| Sauvegarde et lecture des LivePhotos                             | iOS    | Oui |
+| Sauvegarde et lecture des LivePhoto/MotionPhoto                  | Oui    | Oui |
+| Support de l'affichage des images à 360°                         | Non    | Oui |
 | Structure de stockage définissable                               | Oui    | Oui |
 | Partage public                                                   | Non    | Oui |
 | Archives et favoris                                              | Oui    | Oui |
-| Carte globale                                                    | Non    | Oui |
+| Carte globale                                                    | Oui    | Oui |
 | Partage entre utilisateurs                                       | Oui    | Oui |
 | Reconnaissance et regroupement facial                            | Oui    | Oui |
 | Souvenirs (il y a x années)                                      | Oui    | Oui |
 | Support hors-ligne                                               | Oui    | Non |
 | Gallerie en lecture seule                                        | Oui    | Oui |
+| Empilage de photos                                               | Oui    | Oui |
+
+
+## Contributeurs
+
+<a href="https://github.com/alextran1502/immich/graphs/contributors">
+  <img src="https://contrib.rocks/image?repo=immich-app/immich" width="100%"/>
+</a>
+
+## Historique des favoris
+
+<a href="https://star-history.com/#immich-app/immich&Date">
+ <picture>
+   <source media="(prefers-color-scheme: dark)" srcset="https://api.star-history.com/svg?repos=immich-app/immich&type=Date&theme=dark" />
+   <source media="(prefers-color-scheme: light)" srcset="https://api.star-history.com/svg?repos=immich-app/immich&type=Date" />
+   <img alt="Star History Chart" src="https://api.star-history.com/svg?repos=immich-app/immich&type=Date" width="100%" />
+ </picture>
+</a>

server/src/commands/reset-admin-password.command.ts

@@ -1,9 +1,9 @@
 import { Command, CommandRunner, InquirerService, Question, QuestionSet } from 'nest-commander';
-import { UserResponseDto } from 'src/dtos/user.dto';
+import { UserAdminResponseDto } from 'src/dtos/user.dto';
 import { CliService } from 'src/services/cli.service';
 
 const prompt = (inquirer: InquirerService) => {
-  return function ask(admin: UserResponseDto) {
+  return function ask(admin: UserAdminResponseDto) {
     const { id, oauthId, email, name } = admin;
     console.log(`Found Admin:
 - ID=${id}

server/src/config.ts

@@ -256,8 +256,8 @@ export const defaults = Object.freeze<SystemConfig>({
       modelName: 'ViT-B-32__openai',
     },
     duplicateDetection: {
-      enabled: false,
-      maxDistance: 0.03,
+      enabled: true,
+      maxDistance: 0.0155,
     },
     facialRecognition: {
       enabled: true,

server/src/controllers/auth.controller.ts

@@ -12,7 +12,7 @@ import {
   SignUpDto,
   ValidateAccessTokenResponseDto,
 } from 'src/dtos/auth.dto';
-import { UserResponseDto, mapUser } from 'src/dtos/user.dto';
+import { UserAdminResponseDto } from 'src/dtos/user.dto';
 import { Auth, Authenticated, GetLoginDetails } from 'src/middleware/auth.guard';
 import { AuthService, LoginDetails } from 'src/services/auth.service';
 import { respondWithCookie, respondWithoutCookie } from 'src/utils/response';
@@ -40,7 +40,7 @@ export class AuthController {
   }
 
   @Post('admin-sign-up')
-  signUpAdmin(@Body() dto: SignUpDto): Promise<UserResponseDto> {
+  signUpAdmin(@Body() dto: SignUpDto): Promise<UserAdminResponseDto> {
     return this.service.adminSignUp(dto);
   }
 
@@ -54,8 +54,8 @@ export class AuthController {
   @Post('change-password')
   @HttpCode(HttpStatus.OK)
   @Authenticated()
-  changePassword(@Auth() auth: AuthDto, @Body() dto: ChangePasswordDto): Promise<UserResponseDto> {
-    return this.service.changePassword(auth, dto).then(mapUser);
+  changePassword(@Auth() auth: AuthDto, @Body() dto: ChangePasswordDto): Promise<UserAdminResponseDto> {
+    return this.service.changePassword(auth, dto);
   }
 
   @Post('logout')

server/src/controllers/face.controller.ts

@@ -1,4 +1,4 @@
-import { Body, Controller, Get, Param, Put, Query } from '@nestjs/common';
+import { Body, Controller, Delete, Get, Param, Put, Query } from '@nestjs/common';
 import { ApiTags } from '@nestjs/swagger';
 import { AuthDto } from 'src/dtos/auth.dto';
 import { AssetFaceResponseDto, FaceDto, PersonResponseDto } from 'src/dtos/person.dto';
@@ -26,4 +26,10 @@ export class FaceController {
   ): Promise<PersonResponseDto> {
     return this.service.reassignFacesById(auth, id, dto);
   }
+
+  @Delete(':id')
+  @Authenticated()
+  unassignFace(@Auth() auth: AuthDto, @Param() { id }: UUIDParamDto): Promise<AssetFaceResponseDto> {
+    return this.service.unassignFace(auth, id);
+  }
 }

server/src/controllers/index.ts

@@ -27,6 +27,7 @@ import { SystemMetadataController } from 'src/controllers/system-metadata.contro
 import { TagController } from 'src/controllers/tag.controller';
 import { TimelineController } from 'src/controllers/timeline.controller';
 import { TrashController } from 'src/controllers/trash.controller';
+import { UserAdminController } from 'src/controllers/user-admin.controller';
 import { UserController } from 'src/controllers/user.controller';
 
 export const controllers = [
@@ -59,5 +60,6 @@ export const controllers = [
   TagController,
   TimelineController,
   TrashController,
+  UserAdminController,
   UserController,
 ];

server/src/controllers/oauth.controller.ts

@@ -10,7 +10,7 @@ import {
   OAuthCallbackDto,
   OAuthConfigDto,
 } from 'src/dtos/auth.dto';
-import { UserResponseDto } from 'src/dtos/user.dto';
+import { UserAdminResponseDto } from 'src/dtos/user.dto';
 import { Auth, Authenticated, GetLoginDetails } from 'src/middleware/auth.guard';
 import { AuthService, LoginDetails } from 'src/services/auth.service';
 import { respondWithCookie } from 'src/utils/response';
@@ -53,13 +53,13 @@ export class OAuthController {
 
   @Post('link')
   @Authenticated()
-  linkOAuthAccount(@Auth() auth: AuthDto, @Body() dto: OAuthCallbackDto): Promise<UserResponseDto> {
+  linkOAuthAccount(@Auth() auth: AuthDto, @Body() dto: OAuthCallbackDto): Promise<UserAdminResponseDto> {
     return this.service.link(auth, dto);
   }
 
   @Post('unlink')
   @Authenticated()
-  unlinkOAuthAccount(@Auth() auth: AuthDto): Promise<UserResponseDto> {
+  unlinkOAuthAccount(@Auth() auth: AuthDto): Promise<UserAdminResponseDto> {
     return this.service.unlink(auth);
   }
 }

server/src/controllers/person.controller.ts

@@ -1,4 +1,4 @@
-import { Body, Controller, Get, Inject, Next, Param, Post, Put, Query, Res } from '@nestjs/common';
+import { Body, Controller, Delete, Get, Inject, Next, Param, Post, Put, Query, Res } from '@nestjs/common';
 import { ApiTags } from '@nestjs/swagger';
 import { NextFunction, Response } from 'express';
 import { BulkIdResponseDto } from 'src/dtos/asset-ids.response.dto';
@@ -87,6 +87,11 @@ export class PersonController {
     return this.service.getAssets(auth, id);
   }
 
+  @Delete()
+  unassignFaces(@Auth() auth: AuthDto, @Body() dto: AssetFaceUpdateDto): Promise<BulkIdResponseDto[]> {
+    return this.service.unassignFaces(auth, dto);
+  }
+
   @Put(':id/reassign')
   @Authenticated()
   reassignFaces(

server/src/controllers/user-admin.controller.ts

@@ -0,0 +1,63 @@
+import { Body, Controller, Delete, Get, Param, Post, Put, Query } from '@nestjs/common';
+import { ApiTags } from '@nestjs/swagger';
+import { AuthDto } from 'src/dtos/auth.dto';
+import {
+  UserAdminCreateDto,
+  UserAdminDeleteDto,
+  UserAdminResponseDto,
+  UserAdminSearchDto,
+  UserAdminUpdateDto,
+} from 'src/dtos/user.dto';
+import { Auth, Authenticated } from 'src/middleware/auth.guard';
+import { UserAdminService } from 'src/services/user-admin.service';
+import { UUIDParamDto } from 'src/validation';
+
+@ApiTags('User')
+@Controller('admin/users')
+export class UserAdminController {
+  constructor(private service: UserAdminService) {}
+
+  @Get()
+  @Authenticated({ admin: true })
+  searchUsersAdmin(@Auth() auth: AuthDto, @Query() dto: UserAdminSearchDto): Promise<UserAdminResponseDto[]> {
+    return this.service.search(auth, dto);
+  }
+
+  @Post()
+  @Authenticated({ admin: true })
+  createUserAdmin(@Body() createUserDto: UserAdminCreateDto): Promise<UserAdminResponseDto> {
+    return this.service.create(createUserDto);
+  }
+
+  @Get(':id')
+  @Authenticated({ admin: true })
+  getUserAdmin(@Auth() auth: AuthDto, @Param() { id }: UUIDParamDto): Promise<UserAdminResponseDto> {
+    return this.service.get(auth, id);
+  }
+
+  @Put(':id')
+  @Authenticated({ admin: true })
+  updateUserAdmin(
+    @Auth() auth: AuthDto,
+    @Param() { id }: UUIDParamDto,
+    @Body() dto: UserAdminUpdateDto,
+  ): Promise<UserAdminResponseDto> {
+    return this.service.update(auth, id, dto);
+  }
+
+  @Delete(':id')
+  @Authenticated({ admin: true })
+  deleteUserAdmin(
+    @Auth() auth: AuthDto,
+    @Param() { id }: UUIDParamDto,
+    @Body() dto: UserAdminDeleteDto,
+  ): Promise<UserAdminResponseDto> {
+    return this.service.delete(auth, id, dto);
+  }
+
+  @Post(':id/restore')
+  @Authenticated({ admin: true })
+  restoreUserAdmin(@Auth() auth: AuthDto, @Param() { id }: UUIDParamDto): Promise<UserAdminResponseDto> {
+    return this.service.restore(auth, id);
+  }
+}

server/src/controllers/user.controller.ts

@@ -10,7 +10,6 @@ import {
   Param,
   Post,
   Put,
-  Query,
   Res,
   UploadedFile,
   UseInterceptors,
@@ -19,7 +18,7 @@ import { ApiBody, ApiConsumes, ApiTags } from '@nestjs/swagger';
 import { NextFunction, Response } from 'express';
 import { AuthDto } from 'src/dtos/auth.dto';
 import { CreateProfileImageDto, CreateProfileImageResponseDto } from 'src/dtos/user-profile.dto';
-import { CreateUserDto, DeleteUserDto, UpdateUserDto, UserResponseDto } from 'src/dtos/user.dto';
+import { UserAdminResponseDto, UserResponseDto, UserUpdateMeDto } from 'src/dtos/user.dto';
 import { ILoggerRepository } from 'src/interfaces/logger.interface';
 import { Auth, Authenticated, FileResponse } from 'src/middleware/auth.guard';
 import { FileUploadInterceptor, Route } from 'src/middleware/file-upload.interceptor';
@@ -37,58 +36,28 @@ export class UserController {
 
   @Get()
   @Authenticated()
-  getAllUsers(@Auth() auth: AuthDto, @Query('isAll') isAll: boolean): Promise<UserResponseDto[]> {
-    return this.service.getAll(auth, isAll);
-  }
-
-  @Post()
-  @Authenticated({ admin: true })
-  createUser(@Body() createUserDto: CreateUserDto): Promise<UserResponseDto> {
-    return this.service.create(createUserDto);
+  searchUsers(): Promise<UserResponseDto[]> {
+    return this.service.search();
   }
 
   @Get('me')
   @Authenticated()
-  getMyUserInfo(@Auth() auth: AuthDto): Promise<UserResponseDto> {
+  getMyUser(@Auth() auth: AuthDto): UserAdminResponseDto {
     return this.service.getMe(auth);
   }
 
+  @Put('me')
+  @Authenticated()
+  updateMyUser(@Auth() auth: AuthDto, @Body() dto: UserUpdateMeDto): Promise<UserAdminResponseDto> {
+    return this.service.updateMe(auth, dto);
+  }
+
   @Get(':id')
   @Authenticated()
-  getUserById(@Param() { id }: UUIDParamDto): Promise<UserResponseDto> {
+  getUser(@Param() { id }: UUIDParamDto): Promise<UserResponseDto> {
     return this.service.get(id);
   }
 
-  @Delete('profile-image')
-  @HttpCode(HttpStatus.NO_CONTENT)
-  @Authenticated()
-  deleteProfileImage(@Auth() auth: AuthDto): Promise<void> {
-    return this.service.deleteProfileImage(auth);
-  }
-
-  @Delete(':id')
-  @Authenticated({ admin: true })
-  deleteUser(
-    @Auth() auth: AuthDto,
-    @Param() { id }: UUIDParamDto,
-    @Body() dto: DeleteUserDto,
-  ): Promise<UserResponseDto> {
-    return this.service.delete(auth, id, dto);
-  }
-
-  @Post(':id/restore')
-  @Authenticated({ admin: true })
-  restoreUser(@Auth() auth: AuthDto, @Param() { id }: UUIDParamDto): Promise<UserResponseDto> {
-    return this.service.restore(auth, id);
-  }
-
-  // TODO: replace with @Put(':id')
-  @Put()
-  @Authenticated()
-  updateUser(@Auth() auth: AuthDto, @Body() updateUserDto: UpdateUserDto): Promise<UserResponseDto> {
-    return this.service.update(auth, updateUserDto);
-  }
-
   @UseInterceptors(FileUploadInterceptor)
   @ApiConsumes('multipart/form-data')
   @ApiBody({ description: 'A new avatar for the user', type: CreateProfileImageDto })
@@ -101,6 +70,13 @@ export class UserController {
     return this.service.createProfileImage(auth, fileInfo);
   }
 
+  @Delete('profile-image')
+  @HttpCode(HttpStatus.NO_CONTENT)
+  @Authenticated()
+  deleteProfileImage(@Auth() auth: AuthDto): Promise<void> {
+    return this.service.deleteProfileImage(auth);
+  }
+
   @Get(':id/profile-image')
   @FileResponse()
   @Authenticated()

server/src/cores/user.core.ts

@@ -1,7 +1,6 @@
-import { BadRequestException, ForbiddenException } from '@nestjs/common';
+import { BadRequestException } from '@nestjs/common';
 import sanitize from 'sanitize-filename';
 import { SALT_ROUNDS } from 'src/constants';
-import { UserResponseDto } from 'src/dtos/user.dto';
 import { UserEntity } from 'src/entities/user.entity';
 import { ICryptoRepository } from 'src/interfaces/crypto.interface';
 import { IUserRepository } from 'src/interfaces/user.interface';
@@ -26,46 +25,6 @@ export class UserCore {
     instance = null;
   }
 
-  // TODO: move auth related checks to the service layer
-  async updateUser(user: UserEntity | UserResponseDto, id: string, dto: Partial<UserEntity>): Promise<UserEntity> {
-    if (!user.isAdmin && user.id !== id) {
-      throw new ForbiddenException('You are not allowed to update this user');
-    }
-
-    if (!user.isAdmin) {
-      // Users can never update the isAdmin property.
-      delete dto.isAdmin;
-      delete dto.storageLabel;
-    } else if (dto.isAdmin && user.id !== id) {
-      // Admin cannot create another admin.
-      throw new BadRequestException('The server already has an admin');
-    }
-
-    if (dto.email) {
-      const duplicate = await this.userRepository.getByEmail(dto.email);
-      if (duplicate && duplicate.id !== id) {
-        throw new BadRequestException('Email already in use by another account');
-      }
-    }
-
-    if (dto.storageLabel) {
-      const duplicate = await this.userRepository.getByStorageLabel(dto.storageLabel);
-      if (duplicate && duplicate.id !== id) {
-        throw new BadRequestException('Storage label already in use by another account');
-      }
-    }
-
-    if (dto.password) {
-      dto.password = await this.cryptoRepository.hashBcrypt(dto.password, SALT_ROUNDS);
-    }
-
-    if (dto.storageLabel === '') {
-      dto.storageLabel = null;
-    }
-
-    return this.userRepository.update(id, { ...dto, updatedAt: new Date() });
-  }
-
   async createUser(dto: Partial<UserEntity> & { email: string }): Promise<UserEntity> {
     const user = await this.userRepository.getByEmail(dto.email);
     if (user) {

server/src/dtos/activity.dto.ts

@@ -1,6 +1,6 @@
 import { ApiProperty } from '@nestjs/swagger';
 import { IsEnum, IsNotEmpty, IsString, ValidateIf } from 'class-validator';
-import { UserDto, mapSimpleUser } from 'src/dtos/user.dto';
+import { UserResponseDto, mapUser } from 'src/dtos/user.dto';
 import { ActivityEntity } from 'src/entities/activity.entity';
 import { Optional, ValidateUUID } from 'src/validation';
 
@@ -20,7 +20,7 @@ export class ActivityResponseDto {
   id!: string;
   createdAt!: Date;
   type!: ReactionType;
-  user!: UserDto;
+  user!: UserResponseDto;
   assetId!: string | null;
   comment?: string | null;
 }
@@ -73,6 +73,6 @@ export function mapActivity(activity: ActivityEntity): ActivityResponseDto {
     createdAt: activity.createdAt,
     comment: activity.comment,
     type: activity.isLiked ? ReactionType.LIKE : ReactionType.COMMENT,
-    user: mapSimpleUser(activity.user),
+    user: mapUser(activity.user),
   };
 }

server/src/dtos/asset-response.dto.ts

@@ -2,7 +2,12 @@ import { ApiProperty } from '@nestjs/swagger';
 import { PropertyLifecycle } from 'src/decorators';
 import { AuthDto } from 'src/dtos/auth.dto';
 import { ExifResponseDto, mapExif } from 'src/dtos/exif.dto';
-import { PersonWithFacesResponseDto, mapFacesWithoutPerson, mapPerson } from 'src/dtos/person.dto';
+import {
+  PeopleWithFacesResponseDto,
+  PersonWithFacesResponseDto,
+  mapFacesWithoutPerson,
+  mapPerson,
+} from 'src/dtos/person.dto';
 import { TagResponseDto, mapTag } from 'src/dtos/tag.dto';
 import { UserResponseDto, mapUser } from 'src/dtos/user.dto';
 import { AssetFaceEntity } from 'src/entities/asset-face.entity';
@@ -40,7 +45,7 @@ export class AssetResponseDto extends SanitizedAssetResponseDto {
   exifInfo?: ExifResponseDto;
   smartInfo?: SmartInfoResponseDto;
   tags?: TagResponseDto[];
-  people?: PersonWithFacesResponseDto[];
+  people?: PeopleWithFacesResponseDto;
   /**base64 encoded sha1 hash */
   checksum!: string;
   stackParentId?: string | null;
@@ -56,7 +61,7 @@ export type AssetMapOptions = {
   auth?: AuthDto;
 };
 
-const peopleWithFaces = (faces: AssetFaceEntity[]): PersonWithFacesResponseDto[] => {
+const peopleWithFaces = (faces: AssetFaceEntity[]): PeopleWithFacesResponseDto => {
   const result: PersonWithFacesResponseDto[] = [];
   if (faces) {
     for (const face of faces) {
@@ -71,7 +76,7 @@ const peopleWithFaces = (faces: AssetFaceEntity[]): PersonWithFacesResponseDto[]
     }
   }
 
-  return result;
+  return { visiblePeople: result, numberOfFaces: faces.length };
 };
 
 export function mapAsset(entity: AssetEntity, options: AssetMapOptions = {}): AssetResponseDto {
@@ -115,7 +120,7 @@ export function mapAsset(entity: AssetEntity, options: AssetMapOptions = {}): As
     smartInfo: entity.smartInfo ? mapSmartInfo(entity.smartInfo) : undefined,
     livePhotoVideoId: entity.livePhotoVideoId,
     tags: entity.tags?.map(mapTag),
-    people: peopleWithFaces(entity.faces),
+    people: entity.faces ? peopleWithFaces(entity.faces) : undefined,
     checksum: entity.checksum.toString('base64'),
     stackParentId: withStack ? entity.stack?.primaryAssetId : undefined,
     stack: withStack

server/src/dtos/person.dto.ts

@@ -77,6 +77,12 @@ export class PersonWithFacesResponseDto extends PersonResponseDto {
   faces!: AssetFaceWithoutPersonResponseDto[];
 }
 
+export class PeopleWithFacesResponseDto {
+  visiblePeople!: PersonWithFacesResponseDto[];
+  @ApiProperty({ type: 'integer' })
+  numberOfFaces!: number;
+}
+
 export class AssetFaceWithoutPersonResponseDto {
   @ValidateUUID()
   id!: string;

server/src/dtos/user.dto.spec.ts

@@ -1,12 +1,12 @@
 import { plainToInstance } from 'class-transformer';
 import { validate } from 'class-validator';
-import { CreateUserDto, CreateUserOAuthDto, UpdateUserDto } from 'src/dtos/user.dto';
+import { UserAdminCreateDto, UserUpdateMeDto } from 'src/dtos/user.dto';
 
 describe('update user DTO', () => {
   it('should allow emails without a tld', async () => {
     const someEmail = 'test@test';
 
-    const dto = plainToInstance(UpdateUserDto, {
+    const dto = plainToInstance(UserUpdateMeDto, {
       email: someEmail,
       id: '3fe388e4-2078-44d7-b36c-39d9dee3a657',
     });
@@ -18,22 +18,22 @@ describe('update user DTO', () => {
 
 describe('create user DTO', () => {
   it('validates the email', async () => {
-    const params: Partial<CreateUserDto> = {
+    const params: Partial<UserAdminCreateDto> = {
       email: undefined,
       password: 'password',
       name: 'name',
     };
-    let dto: CreateUserDto = plainToInstance(CreateUserDto, params);
+    let dto: UserAdminCreateDto = plainToInstance(UserAdminCreateDto, params);
     let errors = await validate(dto);
     expect(errors).toHaveLength(1);
 
     params.email = 'invalid email';
-    dto = plainToInstance(CreateUserDto, params);
+    dto = plainToInstance(UserAdminCreateDto, params);
     errors = await validate(dto);
     expect(errors).toHaveLength(1);
 
     params.email = 'valid@email.com';
-    dto = plainToInstance(CreateUserDto, params);
+    dto = plainToInstance(UserAdminCreateDto, params);
     errors = await validate(dto);
     expect(errors).toHaveLength(0);
   });
@@ -41,7 +41,7 @@ describe('create user DTO', () => {
   it('should allow emails without a tld', async () => {
     const someEmail = 'test@test';
 
-    const dto = plainToInstance(CreateUserDto, {
+    const dto = plainToInstance(UserAdminCreateDto, {
       email: someEmail,
       password: 'some password',
       name: 'some name',
@@ -51,18 +51,3 @@ describe('create user DTO', () => {
     expect(dto.email).toEqual(someEmail);
   });
 });
-
-describe('create user oauth DTO', () => {
-  it('should allow emails without a tld', async () => {
-    const someEmail = 'test@test';
-
-    const dto = plainToInstance(CreateUserOAuthDto, {
-      email: someEmail,
-      oauthId: 'some oauth id',
-      name: 'some name',
-    });
-    const errors = await validate(dto);
-    expect(errors).toHaveLength(0);
-    expect(dto.email).toEqual(someEmail);
-  });
-});

server/src/dtos/user.dto.ts

@@ -1,12 +1,63 @@
 import { ApiProperty } from '@nestjs/swagger';
 import { Transform } from 'class-transformer';
-import { IsBoolean, IsEmail, IsEnum, IsNotEmpty, IsNumber, IsPositive, IsString, IsUUID } from 'class-validator';
+import { IsBoolean, IsEmail, IsEnum, IsNotEmpty, IsNumber, IsPositive, IsString } from 'class-validator';
 import { UserAvatarColor } from 'src/entities/user-metadata.entity';
 import { UserEntity, UserStatus } from 'src/entities/user.entity';
 import { getPreferences } from 'src/utils/preferences';
 import { Optional, ValidateBoolean, toEmail, toSanitized } from 'src/validation';
 
-export class CreateUserDto {
+export class UserUpdateMeDto {
+  @Optional()
+  @IsEmail({ require_tld: false })
+  @Transform(toEmail)
+  email?: string;
+
+  // TODO: migrate to the other change password endpoint
+  @Optional()
+  @IsNotEmpty()
+  @IsString()
+  password?: string;
+
+  @Optional()
+  @IsString()
+  @IsNotEmpty()
+  name?: string;
+
+  @ValidateBoolean({ optional: true })
+  memoriesEnabled?: boolean;
+
+  @Optional()
+  @IsEnum(UserAvatarColor)
+  @ApiProperty({ enumName: 'UserAvatarColor', enum: UserAvatarColor })
+  avatarColor?: UserAvatarColor;
+}
+
+export class UserResponseDto {
+  id!: string;
+  name!: string;
+  email!: string;
+  profileImagePath!: string;
+  @IsEnum(UserAvatarColor)
+  @ApiProperty({ enumName: 'UserAvatarColor', enum: UserAvatarColor })
+  avatarColor!: UserAvatarColor;
+}
+
+export const mapUser = (entity: UserEntity): UserResponseDto => {
+  return {
+    id: entity.id,
+    email: entity.email,
+    name: entity.name,
+    profileImagePath: entity.profileImagePath,
+    avatarColor: getPreferences(entity).avatar.color,
+  };
+};
+
+export class UserAdminSearchDto {
+  @ValidateBoolean({ optional: true })
+  withDeleted?: boolean;
+}
+
+export class UserAdminCreateDto {
   @IsEmail({ require_tld: false })
   @Transform(toEmail)
   email!: string;
@@ -41,23 +92,7 @@ export class CreateUserDto {
   notify?: boolean;
 }
 
-export class CreateUserOAuthDto {
-  @IsEmail({ require_tld: false })
-  @Transform(({ value }) => value?.toLowerCase())
-  email!: string;
-
-  @IsNotEmpty()
-  oauthId!: string;
-
-  name?: string;
-}
-
-export class DeleteUserDto {
-  @ValidateBoolean({ optional: true })
-  force?: boolean;
-}
-
-export class UpdateUserDto {
+export class UserAdminUpdateDto {
   @Optional()
   @IsEmail({ require_tld: false })
   @Transform(toEmail)
@@ -73,18 +108,10 @@ export class UpdateUserDto {
   @IsNotEmpty()
   name?: string;
 
-  @Optional()
+  @Optional({ nullable: true })
   @IsString()
   @Transform(toSanitized)
-  storageLabel?: string;
-
-  @IsNotEmpty()
-  @IsUUID('4')
-  @ApiProperty({ format: 'uuid' })
-  id!: string;
-
-  @ValidateBoolean({ optional: true })
-  isAdmin?: boolean;
+  storageLabel?: string | null;
 
   @ValidateBoolean({ optional: true })
   shouldChangePassword?: boolean;
@@ -104,17 +131,12 @@ export class UpdateUserDto {
   quotaSizeInBytes?: number | null;
 }
 
-export class UserDto {
-  id!: string;
-  name!: string;
-  email!: string;
-  profileImagePath!: string;
-  @IsEnum(UserAvatarColor)
-  @ApiProperty({ enumName: 'UserAvatarColor', enum: UserAvatarColor })
-  avatarColor!: UserAvatarColor;
+export class UserAdminDeleteDto {
+  @ValidateBoolean({ optional: true })
+  force?: boolean;
 }
 
-export class UserResponseDto extends UserDto {
+export class UserAdminResponseDto extends UserResponseDto {
   storageLabel!: string | null;
   shouldChangePassword!: boolean;
   isAdmin!: boolean;
@@ -131,19 +153,9 @@ export class UserResponseDto extends UserDto {
   status!: string;
 }
 
-export const mapSimpleUser = (entity: UserEntity): UserDto => {
+export function mapUserAdmin(entity: UserEntity): UserAdminResponseDto {
   return {
-    id: entity.id,
-    email: entity.email,
-    name: entity.name,
-    profileImagePath: entity.profileImagePath,
-    avatarColor: getPreferences(entity).avatar.color,
-  };
-};
-
-export function mapUser(entity: UserEntity): UserResponseDto {
-  return {
-    ...mapSimpleUser(entity),
+    ...mapUser(entity),
     storageLabel: entity.storageLabel,
     shouldChangePassword: entity.shouldChangePassword,
     isAdmin: entity.isAdmin,

server/src/entities/asset-face.entity.ts

@@ -37,6 +37,9 @@ export class AssetFaceEntity {
   @Column({ default: 0, type: 'int' })
   boundingBoxY2!: number;
 
+  @Column({ default: false })
+  isEdited!: boolean;
+
   @ManyToOne(() => AssetEntity, (asset) => asset.faces, { onDelete: 'CASCADE', onUpdate: 'CASCADE' })
   asset!: AssetEntity;
 

server/src/interfaces/media.interface.ts

@@ -53,7 +53,7 @@ export interface VideoInfo {
   audioStreams: AudioStreamInfo[];
 }
 
-export interface TranscodeOptions {
+export interface TranscodeCommand {
   inputOptions: string[];
   outputOptions: string[];
   twoPass: boolean;
@@ -67,7 +67,7 @@ export interface BitrateDistribution {
 }
 
 export interface VideoCodecSWConfig {
-  getOptions(target: TranscodeTarget, videoStream: VideoStreamInfo, audioStream: AudioStreamInfo): TranscodeOptions;
+  getCommand(target: TranscodeTarget, videoStream: VideoStreamInfo, audioStream: AudioStreamInfo): TranscodeCommand;
 }
 
 export interface VideoCodecHWConfig extends VideoCodecSWConfig {
@@ -83,5 +83,5 @@ export interface IMediaRepository {
 
   // video
   probe(input: string): Promise<VideoInfo>;
-  transcode(input: string, output: string | Writable, options: TranscodeOptions): Promise<void>;
+  transcode(input: string, output: string | Writable, command: TranscodeCommand): Promise<void>;
 }

server/src/interfaces/person.interface.ts

@@ -23,7 +23,7 @@ export interface AssetFaceId {
 export interface UpdateFacesData {
   oldPersonId?: string;
   faceIds?: string[];
-  newPersonId: string;
+  newPersonId: string | null;
 }
 
 export interface PersonStatistics {
@@ -60,7 +60,7 @@ export interface IPersonRepository {
   getFacesByIds(ids: AssetFaceId[]): Promise<AssetFaceEntity[]>;
   getRandomFace(personId: string): Promise<AssetFaceEntity | null>;
   getStatistics(personId: string): Promise<PersonStatistics>;
-  reassignFace(assetFaceId: string, newPersonId: string): Promise<number>;
+  reassignFace(assetFaceId: string, newPersonId: string | null): Promise<number>;
   getNumberOfPeople(userId: string): Promise<PeopleStatistics>;
   reassignFaces(data: UpdateFacesData): Promise<number>;
   update(entity: Partial<PersonEntity>): Promise<PersonEntity>;

server/src/interfaces/search.interface.ts

@@ -155,8 +155,9 @@ export interface FaceEmbeddingSearch extends SearchEmbeddingOptions {
 export interface AssetDuplicateSearch {
   assetId: string;
   embedding: Embedding;
-  userIds: string[];
   maxDistance?: number;
+  type: AssetType;
+  userIds: string[];
 }
 
 export interface FaceSearchResult {

server/src/migrations/1715357609038-AddEditedAssetFace.ts

@@ -0,0 +1,13 @@
+import { MigrationInterface, QueryRunner } from 'typeorm';
+
+export class AddEditedAssetFace1715357609038 implements MigrationInterface {
+  name = 'AddEditedAssetFace1715357609038';
+
+  public async up(queryRunner: QueryRunner): Promise<void> {
+    await queryRunner.query(`ALTER TABLE "asset_faces" ADD "isEdited" boolean NOT NULL DEFAULT false`);
+  }
+
+  public async down(queryRunner: QueryRunner): Promise<void> {
+    await queryRunner.query(`ALTER TABLE "asset_faces" DROP COLUMN "isEdited"`);
+  }
+}

server/src/queries/access.repository.sql

@@ -153,6 +153,7 @@ FROM
   AND ("asset"."deletedAt" IS NULL)
 WHERE
   "partner"."sharedWithId" = $1
+  AND "asset"."isArchived" = false
   AND "asset"."id" IN ($2)
 
 -- AccessRepository.asset.checkSharedLinkAccess

server/src/queries/api.key.repository.sql

@@ -22,13 +22,17 @@ FROM
       "APIKeyEntity__APIKeyEntity_user"."status" AS "APIKeyEntity__APIKeyEntity_user_status",
       "APIKeyEntity__APIKeyEntity_user"."updatedAt" AS "APIKeyEntity__APIKeyEntity_user_updatedAt",
       "APIKeyEntity__APIKeyEntity_user"."quotaSizeInBytes" AS "APIKeyEntity__APIKeyEntity_user_quotaSizeInBytes",
-      "APIKeyEntity__APIKeyEntity_user"."quotaUsageInBytes" AS "APIKeyEntity__APIKeyEntity_user_quotaUsageInBytes"
+      "APIKeyEntity__APIKeyEntity_user"."quotaUsageInBytes" AS "APIKeyEntity__APIKeyEntity_user_quotaUsageInBytes",
+      "7f5f7a38bf327bfbbf826778460704c9a50fe6f4"."userId" AS "7f5f7a38bf327bfbbf826778460704c9a50fe6f4_userId",
+      "7f5f7a38bf327bfbbf826778460704c9a50fe6f4"."key" AS "7f5f7a38bf327bfbbf826778460704c9a50fe6f4_key",
+      "7f5f7a38bf327bfbbf826778460704c9a50fe6f4"."value" AS "7f5f7a38bf327bfbbf826778460704c9a50fe6f4_value"
     FROM
       "api_keys" "APIKeyEntity"
       LEFT JOIN "users" "APIKeyEntity__APIKeyEntity_user" ON "APIKeyEntity__APIKeyEntity_user"."id" = "APIKeyEntity"."userId"
       AND (
         "APIKeyEntity__APIKeyEntity_user"."deletedAt" IS NULL
       )
+      LEFT JOIN "user_metadata" "7f5f7a38bf327bfbbf826778460704c9a50fe6f4" ON "7f5f7a38bf327bfbbf826778460704c9a50fe6f4"."userId" = "APIKeyEntity__APIKeyEntity_user"."id"
     WHERE
       (("APIKeyEntity"."key" = $1))
   ) "distinctAlias"

server/src/queries/asset.repository.sql

@@ -195,6 +195,7 @@ SELECT
   "AssetEntity__AssetEntity_faces"."boundingBoxY1" AS "AssetEntity__AssetEntity_faces_boundingBoxY1",
   "AssetEntity__AssetEntity_faces"."boundingBoxX2" AS "AssetEntity__AssetEntity_faces_boundingBoxX2",
   "AssetEntity__AssetEntity_faces"."boundingBoxY2" AS "AssetEntity__AssetEntity_faces_boundingBoxY2",
+  "AssetEntity__AssetEntity_faces"."isEdited" AS "AssetEntity__AssetEntity_faces_isEdited",
   "8258e303a73a72cf6abb13d73fb592dde0d68280"."id" AS "8258e303a73a72cf6abb13d73fb592dde0d68280_id",
   "8258e303a73a72cf6abb13d73fb592dde0d68280"."createdAt" AS "8258e303a73a72cf6abb13d73fb592dde0d68280_createdAt",
   "8258e303a73a72cf6abb13d73fb592dde0d68280"."updatedAt" AS "8258e303a73a72cf6abb13d73fb592dde0d68280_updatedAt",

server/src/queries/person.repository.sql

@@ -71,6 +71,7 @@ SELECT
   "AssetFaceEntity"."boundingBoxY1" AS "AssetFaceEntity_boundingBoxY1",
   "AssetFaceEntity"."boundingBoxX2" AS "AssetFaceEntity_boundingBoxX2",
   "AssetFaceEntity"."boundingBoxY2" AS "AssetFaceEntity_boundingBoxY2",
+  "AssetFaceEntity"."isEdited" AS "AssetFaceEntity_isEdited",
   "AssetFaceEntity__AssetFaceEntity_person"."id" AS "AssetFaceEntity__AssetFaceEntity_person_id",
   "AssetFaceEntity__AssetFaceEntity_person"."createdAt" AS "AssetFaceEntity__AssetFaceEntity_person_createdAt",
   "AssetFaceEntity__AssetFaceEntity_person"."updatedAt" AS "AssetFaceEntity__AssetFaceEntity_person_updatedAt",
@@ -103,6 +104,7 @@ FROM
       "AssetFaceEntity"."boundingBoxY1" AS "AssetFaceEntity_boundingBoxY1",
       "AssetFaceEntity"."boundingBoxX2" AS "AssetFaceEntity_boundingBoxX2",
       "AssetFaceEntity"."boundingBoxY2" AS "AssetFaceEntity_boundingBoxY2",
+      "AssetFaceEntity"."isEdited" AS "AssetFaceEntity_isEdited",
       "AssetFaceEntity__AssetFaceEntity_person"."id" AS "AssetFaceEntity__AssetFaceEntity_person_id",
       "AssetFaceEntity__AssetFaceEntity_person"."createdAt" AS "AssetFaceEntity__AssetFaceEntity_person_createdAt",
       "AssetFaceEntity__AssetFaceEntity_person"."updatedAt" AS "AssetFaceEntity__AssetFaceEntity_person_updatedAt",
@@ -138,6 +140,7 @@ FROM
       "AssetFaceEntity"."boundingBoxY1" AS "AssetFaceEntity_boundingBoxY1",
       "AssetFaceEntity"."boundingBoxX2" AS "AssetFaceEntity_boundingBoxX2",
       "AssetFaceEntity"."boundingBoxY2" AS "AssetFaceEntity_boundingBoxY2",
+      "AssetFaceEntity"."isEdited" AS "AssetFaceEntity_isEdited",
       "AssetFaceEntity__AssetFaceEntity_person"."id" AS "AssetFaceEntity__AssetFaceEntity_person_id",
       "AssetFaceEntity__AssetFaceEntity_person"."createdAt" AS "AssetFaceEntity__AssetFaceEntity_person_createdAt",
       "AssetFaceEntity__AssetFaceEntity_person"."updatedAt" AS "AssetFaceEntity__AssetFaceEntity_person_updatedAt",
@@ -194,9 +197,10 @@ LIMIT
 -- PersonRepository.reassignFace
 UPDATE "asset_faces"
 SET
-  "personId" = $1
+  "personId" = $1,
+  "isEdited" = $2
 WHERE
-  "id" = $2
+  "id" = $3
 
 -- PersonRepository.getByName
 SELECT
@@ -283,6 +287,7 @@ FROM
       "AssetEntity__AssetEntity_faces"."boundingBoxY1" AS "AssetEntity__AssetEntity_faces_boundingBoxY1",
       "AssetEntity__AssetEntity_faces"."boundingBoxX2" AS "AssetEntity__AssetEntity_faces_boundingBoxX2",
       "AssetEntity__AssetEntity_faces"."boundingBoxY2" AS "AssetEntity__AssetEntity_faces_boundingBoxY2",
+      "AssetEntity__AssetEntity_faces"."isEdited" AS "AssetEntity__AssetEntity_faces_isEdited",
       "8258e303a73a72cf6abb13d73fb592dde0d68280"."id" AS "8258e303a73a72cf6abb13d73fb592dde0d68280_id",
       "8258e303a73a72cf6abb13d73fb592dde0d68280"."createdAt" AS "8258e303a73a72cf6abb13d73fb592dde0d68280_createdAt",
       "8258e303a73a72cf6abb13d73fb592dde0d68280"."updatedAt" AS "8258e303a73a72cf6abb13d73fb592dde0d68280_updatedAt",
@@ -375,6 +380,7 @@ SELECT
   "AssetFaceEntity"."boundingBoxY1" AS "AssetFaceEntity_boundingBoxY1",
   "AssetFaceEntity"."boundingBoxX2" AS "AssetFaceEntity_boundingBoxX2",
   "AssetFaceEntity"."boundingBoxY2" AS "AssetFaceEntity_boundingBoxY2",
+  "AssetFaceEntity"."isEdited" AS "AssetFaceEntity_isEdited",
   "AssetFaceEntity__AssetFaceEntity_asset"."id" AS "AssetFaceEntity__AssetFaceEntity_asset_id",
   "AssetFaceEntity__AssetFaceEntity_asset"."deviceAssetId" AS "AssetFaceEntity__AssetFaceEntity_asset_deviceAssetId",
   "AssetFaceEntity__AssetFaceEntity_asset"."ownerId" AS "AssetFaceEntity__AssetFaceEntity_asset_ownerId",
@@ -427,7 +433,8 @@ SELECT
   "AssetFaceEntity"."boundingBoxX1" AS "AssetFaceEntity_boundingBoxX1",
   "AssetFaceEntity"."boundingBoxY1" AS "AssetFaceEntity_boundingBoxY1",
   "AssetFaceEntity"."boundingBoxX2" AS "AssetFaceEntity_boundingBoxX2",
-  "AssetFaceEntity"."boundingBoxY2" AS "AssetFaceEntity_boundingBoxY2"
+  "AssetFaceEntity"."boundingBoxY2" AS "AssetFaceEntity_boundingBoxY2",
+  "AssetFaceEntity"."isEdited" AS "AssetFaceEntity_isEdited"
 FROM
   "asset_faces" "AssetFaceEntity"
 WHERE

server/src/queries/search.repository.sql

@@ -204,6 +204,7 @@ WITH
         "asset"."ownerId" IN ($2)
         AND "asset"."id" != $3
         AND "asset"."isVisible" = $4
+        AND "asset"."type" = $5
       )
       AND ("asset"."deletedAt" IS NULL)
     ORDER BY
@@ -216,7 +217,7 @@ SELECT
 FROM
   "cte" "res"
 WHERE
-  res.distance <= $5
+  res.distance <= $6
 
 -- SearchRepository.searchFaces
 START TRANSACTION
@@ -240,6 +241,7 @@ WITH
       "faces"."boundingBoxY1" AS "boundingBoxY1",
       "faces"."boundingBoxX2" AS "boundingBoxX2",
       "faces"."boundingBoxY2" AS "boundingBoxY2",
+      "faces"."isEdited" AS "isEdited",
       "faces"."embedding" <= > $1 AS "distance"
     FROM
       "asset_faces" "faces"

server/src/queries/session.repository.sql

@@ -38,13 +38,17 @@ FROM
       "SessionEntity__SessionEntity_user"."status" AS "SessionEntity__SessionEntity_user_status",
       "SessionEntity__SessionEntity_user"."updatedAt" AS "SessionEntity__SessionEntity_user_updatedAt",
       "SessionEntity__SessionEntity_user"."quotaSizeInBytes" AS "SessionEntity__SessionEntity_user_quotaSizeInBytes",
-      "SessionEntity__SessionEntity_user"."quotaUsageInBytes" AS "SessionEntity__SessionEntity_user_quotaUsageInBytes"
+      "SessionEntity__SessionEntity_user"."quotaUsageInBytes" AS "SessionEntity__SessionEntity_user_quotaUsageInBytes",
+      "469e6aa7ff79eff78f8441f91ba15bb07d3634dd"."userId" AS "469e6aa7ff79eff78f8441f91ba15bb07d3634dd_userId",
+      "469e6aa7ff79eff78f8441f91ba15bb07d3634dd"."key" AS "469e6aa7ff79eff78f8441f91ba15bb07d3634dd_key",
+      "469e6aa7ff79eff78f8441f91ba15bb07d3634dd"."value" AS "469e6aa7ff79eff78f8441f91ba15bb07d3634dd_value"
     FROM
       "sessions" "SessionEntity"
       LEFT JOIN "users" "SessionEntity__SessionEntity_user" ON "SessionEntity__SessionEntity_user"."id" = "SessionEntity"."userId"
       AND (
         "SessionEntity__SessionEntity_user"."deletedAt" IS NULL
       )
+      LEFT JOIN "user_metadata" "469e6aa7ff79eff78f8441f91ba15bb07d3634dd" ON "469e6aa7ff79eff78f8441f91ba15bb07d3634dd"."userId" = "SessionEntity__SessionEntity_user"."id"
     WHERE
       (("SessionEntity"."token" = $1))
   ) "distinctAlias"

server/src/repositories/access.repository.ts

@@ -240,6 +240,7 @@ class AssetAccess implements IAssetAccess {
       .innerJoin('sharedBy.assets', 'asset')
       .select('asset.id', 'assetId')
       .where('partner.sharedWithId = :userId', { userId })
+      .andWhere('asset.isArchived = false')
       .andWhere('asset.id IN (:...assetIds)', { assetIds: [...assetIds] })
       .getRawMany()
       .then((rows) => new Set(rows.map((row) => row.assetId)));

server/src/repositories/api-key.repository.ts

@@ -34,7 +34,9 @@ export class ApiKeyRepository implements IKeyRepository {
       },
       where: { key: hashedToken },
       relations: {
-        user: true,
+        user: {
+          metadata: true,
+        },
       },
     });
   }

server/src/repositories/machine-learning.repository.ts

@@ -19,9 +19,11 @@ export class MachineLearningRepository implements IMachineLearningRepository {
   private async predict<T>(url: string, input: TextModelInput | VisionModelInput, config: ModelConfig): Promise<T> {
     const formData = await this.getFormData(input, config);
 
-    const res = await fetch(`${url}/predict`, { method: 'POST', body: formData }).catch((error: Error | any) => {
-      throw new Error(`${errorPrefix} to "${url}" failed with ${error?.cause || error}`);
-    });
+    const res = await fetch(new URL('/predict', url), { method: 'POST', body: formData }).catch(
+      (error: Error | any) => {
+        throw new Error(`${errorPrefix} to "${url}" failed with ${error?.cause || error}`);
+      },
+    );
 
     if (res.status >= 400) {
       const modelType = config.modelType ? ` for ${config.modelType.replace('-', ' ')}` : '';

server/src/repositories/media.repository.ts

@@ -11,7 +11,7 @@ import {
   IMediaRepository,
   ImageDimensions,
   ThumbnailOptions,
-  TranscodeOptions,
+  TranscodeCommand,
   VideoInfo,
 } from 'src/interfaces/media.interface';
 import { Instrumentation } from 'src/utils/instrumentation';
@@ -97,7 +97,7 @@ export class MediaRepository implements IMediaRepository {
     };
   }
 
-  transcode(input: string, output: string | Writable, options: TranscodeOptions): Promise<void> {
+  transcode(input: string, output: string | Writable, options: TranscodeCommand): Promise<void> {
     if (!options.twoPass) {
       return new Promise((resolve, reject) => {
         this.configureFfmpegCall(input, output, options).on('error', reject).on('end', resolve).run();
@@ -150,7 +150,7 @@ export class MediaRepository implements IMediaRepository {
     return { width, height };
   }
 
-  private configureFfmpegCall(input: string, output: string | Writable, options: TranscodeOptions) {
+  private configureFfmpegCall(input: string, output: string | Writable, options: TranscodeCommand) {
     return ffmpeg(input, { niceness: 10 })
       .inputOptions(options.inputOptions)
       .outputOptions(options.outputOptions)

server/src/repositories/person.repository.ts

@@ -148,7 +148,7 @@ export class PersonRepository implements IPersonRepository {
     const result = await this.assetFaceRepository
       .createQueryBuilder()
       .update()
-      .set({ personId: newPersonId })
+      .set({ personId: newPersonId, isEdited: true })
       .where({ id: assetFaceId })
       .execute();
 

server/src/repositories/search.repository.ts

@@ -160,6 +160,7 @@ export class SearchRepository implements ISearchRepository {
     assetId,
     embedding,
     maxDistance,
+    type,
     userIds,
   }: AssetDuplicateSearch): Promise<AssetDuplicateResult[]> {
     const cte = this.assetRepository.createQueryBuilder('asset');
@@ -171,18 +172,22 @@ export class SearchRepository implements ISearchRepository {
       .where('asset.ownerId IN (:...userIds )')
       .andWhere('asset.id != :assetId')
       .andWhere('asset.isVisible = :isVisible')
+      .andWhere('asset.type = :type')
       .orderBy('search.embedding <=> :embedding')
       .limit(64)
-      .setParameters({ assetId, embedding: asVector(embedding), isVisible: true, userIds });
+      .setParameters({ assetId, embedding: asVector(embedding), isVisible: true, type, userIds });
 
     const builder = this.assetRepository.manager
       .createQueryBuilder()
       .addCommonTableExpression(cte, 'cte')
       .from('cte', 'res')
-      .select('res.*')
-      .where('res.distance <= :maxDistance', { maxDistance });
+      .select('res.*');
 
-    return builder.getRawMany() as any as Promise<AssetDuplicateResult[]>;
+    if (maxDistance) {
+      builder.where('res.distance <= :maxDistance', { maxDistance });
+    }
+
+    return builder.getRawMany() as Promise<AssetDuplicateResult[]>;
   }
 
   @GenerateSql({

server/src/repositories/session.repository.ts

@@ -18,7 +18,14 @@ export class SessionRepository implements ISessionRepository {
 
   @GenerateSql({ params: [DummyValue.STRING] })
   getByToken(token: string): Promise<SessionEntity | null> {
-    return this.repository.findOne({ where: { token }, relations: { user: true } });
+    return this.repository.findOne({
+      where: { token },
+      relations: {
+        user: {
+          metadata: true,
+        },
+      },
+    });
   }
 
   getByUserId(userId: string): Promise<SessionEntity[]> {

server/src/services/asset.service.ts

@@ -266,7 +266,7 @@ export class AssetService {
     }
 
     if (data.ownerId !== auth.user.id || auth.sharedLink) {
-      data.people = [];
+      delete data.people;
     }
 
     return data;

server/src/services/auth.service.spec.ts

@@ -138,6 +138,7 @@ describe('AuthService', () => {
         email: 'test@immich.com',
         password: 'hash-password',
       } as UserEntity);
+      userMock.update.mockResolvedValue(userStub.user1);
 
       await sut.changePassword(auth, dto);
 

server/src/services/auth.service.ts

@@ -11,7 +11,7 @@ import { DateTime } from 'luxon';
 import { IncomingHttpHeaders } from 'node:http';
 import { ClientMetadata, Issuer, UserinfoResponse, custom, generators } from 'openid-client';
 import { SystemConfig } from 'src/config';
-import { AuthType, LOGIN_URL, MOBILE_REDIRECT } from 'src/constants';
+import { AuthType, LOGIN_URL, MOBILE_REDIRECT, SALT_ROUNDS } from 'src/constants';
 import { SystemConfigCore } from 'src/cores/system-config.core';
 import { UserCore } from 'src/cores/user.core';
 import {
@@ -27,7 +27,7 @@ import {
   SignUpDto,
   mapLoginResponse,
 } from 'src/dtos/auth.dto';
-import { UserResponseDto, mapUser } from 'src/dtos/user.dto';
+import { UserAdminResponseDto, mapUserAdmin } from 'src/dtos/user.dto';
 import { UserEntity } from 'src/entities/user.entity';
 import { IKeyRepository } from 'src/interfaces/api-key.interface';
 import { ICryptoRepository } from 'src/interfaces/crypto.interface';
@@ -109,7 +109,7 @@ export class AuthService {
     };
   }
 
-  async changePassword(auth: AuthDto, dto: ChangePasswordDto) {
+  async changePassword(auth: AuthDto, dto: ChangePasswordDto): Promise<UserAdminResponseDto> {
     const { password, newPassword } = dto;
     const user = await this.userRepository.getByEmail(auth.user.email, true);
     if (!user) {
@@ -121,10 +121,14 @@ export class AuthService {
       throw new BadRequestException('Wrong password');
     }
 
-    return this.userCore.updateUser(auth.user, auth.user.id, { password: newPassword });
+    const hashedPassword = await this.cryptoRepository.hashBcrypt(newPassword, SALT_ROUNDS);
+
+    const updatedUser = await this.userRepository.update(user.id, { password: hashedPassword });
+
+    return mapUserAdmin(updatedUser);
   }
 
-  async adminSignUp(dto: SignUpDto): Promise<UserResponseDto> {
+  async adminSignUp(dto: SignUpDto): Promise<UserAdminResponseDto> {
     const adminUser = await this.userRepository.getAdmin();
     if (adminUser) {
       throw new BadRequestException('The server already has an admin');
@@ -138,7 +142,7 @@ export class AuthService {
       storageLabel: 'admin',
     });
 
-    return mapUser(admin);
+    return mapUserAdmin(admin);
   }
 
   async validate(headers: IncomingHttpHeaders, params: Record<string, string>): Promise<AuthDto> {
@@ -237,7 +241,7 @@ export class AuthService {
     return this.createLoginResponse(user, loginDetails);
   }
 
-  async link(auth: AuthDto, dto: OAuthCallbackDto): Promise<UserResponseDto> {
+  async link(auth: AuthDto, dto: OAuthCallbackDto): Promise<UserAdminResponseDto> {
     const config = await this.configCore.getConfig();
     const { sub: oauthId } = await this.getOAuthProfile(config, dto.url);
     const duplicate = await this.userRepository.getByOAuthId(oauthId);
@@ -245,11 +249,14 @@ export class AuthService {
       this.logger.warn(`OAuth link account failed: sub is already linked to another user (${duplicate.email}).`);
       throw new BadRequestException('This OAuth account has already been linked to another user.');
     }
-    return mapUser(await this.userRepository.update(auth.user.id, { oauthId }));
+
+    const user = await this.userRepository.update(auth.user.id, { oauthId });
+    return mapUserAdmin(user);
   }
 
-  async unlink(auth: AuthDto): Promise<UserResponseDto> {
-    return mapUser(await this.userRepository.update(auth.user.id, { oauthId: '' }));
+  async unlink(auth: AuthDto): Promise<UserAdminResponseDto> {
+    const user = await this.userRepository.update(auth.user.id, { oauthId: '' });
+    return mapUserAdmin(user);
   }
 
   private async getLogoutEndpoint(authType: AuthType): Promise<string> {

server/src/services/cli.service.ts

@@ -1,7 +1,7 @@
 import { Inject, Injectable } from '@nestjs/common';
+import { SALT_ROUNDS } from 'src/constants';
 import { SystemConfigCore } from 'src/cores/system-config.core';
-import { UserCore } from 'src/cores/user.core';
-import { UserResponseDto, mapUser } from 'src/dtos/user.dto';
+import { UserAdminResponseDto, mapUserAdmin } from 'src/dtos/user.dto';
 import { ICryptoRepository } from 'src/interfaces/crypto.interface';
 import { ILoggerRepository } from 'src/interfaces/logger.interface';
 import { ISystemMetadataRepository } from 'src/interfaces/system-metadata.interface';
@@ -10,7 +10,6 @@ import { IUserRepository } from 'src/interfaces/user.interface';
 @Injectable()
 export class CliService {
   private configCore: SystemConfigCore;
-  private userCore: UserCore;
 
   constructor(
     @Inject(ICryptoRepository) private cryptoRepository: ICryptoRepository,
@@ -18,26 +17,26 @@ export class CliService {
     @Inject(IUserRepository) private userRepository: IUserRepository,
     @Inject(ILoggerRepository) private logger: ILoggerRepository,
   ) {
-    this.userCore = UserCore.create(cryptoRepository, userRepository);
     this.logger.setContext(CliService.name);
     this.configCore = SystemConfigCore.create(systemMetadataRepository, this.logger);
   }
 
-  async listUsers(): Promise<UserResponseDto[]> {
+  async listUsers(): Promise<UserAdminResponseDto[]> {
     const users = await this.userRepository.getList({ withDeleted: true });
-    return users.map((user) => mapUser(user));
+    return users.map((user) => mapUserAdmin(user));
   }
 
-  async resetAdminPassword(ask: (admin: UserResponseDto) => Promise<string | undefined>) {
+  async resetAdminPassword(ask: (admin: UserAdminResponseDto) => Promise<string | undefined>) {
     const admin = await this.userRepository.getAdmin();
     if (!admin) {
       throw new Error('Admin account does not exist');
     }
 
-    const providedPassword = await ask(mapUser(admin));
+    const providedPassword = await ask(mapUserAdmin(admin));
     const password = providedPassword || this.cryptoRepository.newPassword(24);
+    const hashedPassword = await this.cryptoRepository.hashBcrypt(password, SALT_ROUNDS);
 
-    await this.userCore.updateUser(admin, admin.id, { password });
+    await this.userRepository.update(admin.id, { password: hashedPassword });
 
     return { admin, password, provided: !!providedPassword };
   }

server/src/services/duplicate.service.spec.ts

@@ -214,7 +214,8 @@ describe(SearchService.name, () => {
       expect(searchMock.searchDuplicates).toHaveBeenCalledWith({
         assetId: assetStub.hasEmbedding.id,
         embedding: assetStub.hasEmbedding.smartSearch!.embedding,
-        maxDistance: 0.03,
+        maxDistance: 0.0155,
+        type: assetStub.hasEmbedding.type,
         userIds: [assetStub.hasEmbedding.ownerId],
       });
       expect(assetMock.updateDuplicates).toHaveBeenCalledWith({
@@ -239,7 +240,8 @@ describe(SearchService.name, () => {
       expect(searchMock.searchDuplicates).toHaveBeenCalledWith({
         assetId: assetStub.hasEmbedding.id,
         embedding: assetStub.hasEmbedding.smartSearch!.embedding,
-        maxDistance: 0.03,
+        maxDistance: 0.0155,
+        type: assetStub.hasEmbedding.type,
         userIds: [assetStub.hasEmbedding.ownerId],
       });
       expect(assetMock.updateDuplicates).toHaveBeenCalledWith({

server/src/services/duplicate.service.ts

@@ -94,6 +94,7 @@ export class DuplicateService {
       assetId: asset.id,
       embedding: asset.smartSearch.embedding,
       maxDistance: machineLearning.duplicateDetection.maxDistance,
+      type: asset.type,
       userIds: [asset.ownerId],
     });
 

server/src/services/index.ts

@@ -33,6 +33,7 @@ import { SystemMetadataService } from 'src/services/system-metadata.service';
 import { TagService } from 'src/services/tag.service';
 import { TimelineService } from 'src/services/timeline.service';
 import { TrashService } from 'src/services/trash.service';
+import { UserAdminService } from 'src/services/user-admin.service';
 import { UserService } from 'src/services/user.service';
 import { VersionService } from 'src/services/version.service';
 
@@ -73,5 +74,6 @@ export const services = [
   TimelineService,
   TrashService,
   UserService,
+  UserAdminService,
   VersionService,
 ];

server/src/services/media.service.spec.ts

@@ -294,11 +294,13 @@ describe(MediaService.name, () => {
         '/original/path.ext',
         'upload/thumbs/user-id/as/se/asset-id-preview.jpeg',
         {
-          inputOptions: ['-ss 00:00:00', '-sws_flags accurate_rnd+bitexact+full_chroma_int'],
+          inputOptions: ['-skip_frame nokey', '-sws_flags accurate_rnd+full_chroma_int'],
           outputOptions: [
+            '-fps_mode vfr',
             '-frames:v 1',
+            '-update 1',
             '-v verbose',
-            '-vf scale=-2:1440:flags=lanczos+accurate_rnd+bitexact+full_chroma_int:out_color_matrix=601:out_range=pc,format=yuv420p',
+            `-vf fps=12,thumbnail=12,select=gt(scene\\,0.1)+gt(n\\,20),scale=-2:1440:flags=lanczos+accurate_rnd+full_chroma_int:out_color_matrix=601:out_range=pc,format=yuv420p`,
           ],
           twoPass: false,
         },
@@ -319,11 +321,13 @@ describe(MediaService.name, () => {
         '/original/path.ext',
         'upload/thumbs/user-id/as/se/asset-id-preview.jpeg',
         {
-          inputOptions: ['-ss 00:00:00', '-sws_flags accurate_rnd+bitexact+full_chroma_int'],
+          inputOptions: ['-skip_frame nokey', '-sws_flags accurate_rnd+full_chroma_int'],
           outputOptions: [
+            '-fps_mode vfr',
             '-frames:v 1',
+            '-update 1',
             '-v verbose',
-            '-vf zscale=t=linear:npl=100,tonemap=hable:desat=0,zscale=p=bt709:t=601:m=bt470bg:range=pc,format=yuv420p',
+            `-vf fps=12,thumbnail=12,select=gt(scene\\,0.1)+gt(n\\,20),zscale=t=linear:npl=100,tonemap=hable:desat=0,zscale=p=bt709:t=601:m=bt470bg:range=pc,format=yuv420p`,
           ],
           twoPass: false,
         },
@@ -346,11 +350,13 @@ describe(MediaService.name, () => {
         '/original/path.ext',
         'upload/thumbs/user-id/as/se/asset-id-preview.jpeg',
         {
-          inputOptions: ['-ss 00:00:00', '-sws_flags accurate_rnd+bitexact+full_chroma_int'],
+          inputOptions: ['-skip_frame nokey', '-sws_flags accurate_rnd+full_chroma_int'],
           outputOptions: [
+            '-fps_mode vfr',
             '-frames:v 1',
+            '-update 1',
             '-v verbose',
-            '-vf zscale=t=linear:npl=100,tonemap=hable:desat=0,zscale=p=bt709:t=601:m=bt470bg:range=pc,format=yuv420p',
+            `-vf fps=12,thumbnail=12,select=gt(scene\\,0.1)+gt(n\\,20),zscale=t=linear:npl=100,tonemap=hable:desat=0,zscale=p=bt709:t=601:m=bt470bg:range=pc,format=yuv420p`,
           ],
           twoPass: false,
         },

server/src/services/media.service.ts

@@ -27,25 +27,12 @@ import {
   QueueName,
 } from 'src/interfaces/job.interface';
 import { ILoggerRepository } from 'src/interfaces/logger.interface';
-import { AudioStreamInfo, IMediaRepository, VideoCodecHWConfig, VideoStreamInfo } from 'src/interfaces/media.interface';
+import { AudioStreamInfo, IMediaRepository, VideoStreamInfo } from 'src/interfaces/media.interface';
 import { IMoveRepository } from 'src/interfaces/move.interface';
 import { IPersonRepository } from 'src/interfaces/person.interface';
 import { IStorageRepository } from 'src/interfaces/storage.interface';
 import { ISystemMetadataRepository } from 'src/interfaces/system-metadata.interface';
-import {
-  AV1Config,
-  H264Config,
-  HEVCConfig,
-  NvencHwDecodeConfig,
-  NvencSwDecodeConfig,
-  QsvHwDecodeConfig,
-  QsvSwDecodeConfig,
-  RkmppHwDecodeConfig,
-  RkmppSwDecodeConfig,
-  ThumbnailConfig,
-  VAAPIConfig,
-  VP9Config,
-} from 'src/utils/media';
+import { BaseConfig, ThumbnailConfig } from 'src/utils/media';
 import { mimeTypes } from 'src/utils/mime-types';
 import { usePagination } from 'src/utils/pagination';
 
@@ -53,8 +40,8 @@ import { usePagination } from 'src/utils/pagination';
 export class MediaService {
   private configCore: SystemConfigCore;
   private storageCore: StorageCore;
-  private openCL: boolean | null = null;
-  private devices: string[] | null = null;
+  private maliOpenCL?: boolean;
+  private devices?: string[];
 
   constructor(
     @Inject(IAssetRepository) private assetRepository: IAssetRepository,
@@ -232,8 +219,8 @@ export class MediaService {
           return;
         }
         const mainAudioStream = this.getMainStream(audioStreams);
-        const config = { ...ffmpeg, targetResolution: size.toString() };
-        const options = new ThumbnailConfig(config).getOptions(TranscodeTarget.VIDEO, mainVideoStream, mainAudioStream);
+        const config = ThumbnailConfig.create({ ...ffmpeg, targetResolution: size.toString() });
+        const options = config.getCommand(TranscodeTarget.VIDEO, mainVideoStream, mainAudioStream);
         await this.mediaRepository.transcode(asset.originalPath, path, options);
         break;
       }
@@ -331,8 +318,8 @@ export class MediaService {
       return JobStatus.FAILED;
     }
 
-    const { ffmpeg: config } = await this.configCore.getConfig();
-    const target = this.getTranscodeTarget(config, mainVideoStream, mainAudioStream);
+    const { ffmpeg } = await this.configCore.getConfig();
+    const target = this.getTranscodeTarget(ffmpeg, mainVideoStream, mainAudioStream);
     if (target === TranscodeTarget.NONE) {
       if (asset.encodedVideoPath) {
         this.logger.log(`Transcoded video exists for asset ${asset.id}, but is no longer required. Deleting...`);
@@ -343,30 +330,28 @@ export class MediaService {
       return JobStatus.SKIPPED;
     }
 
-    let transcodeOptions;
+    let command;
     try {
-      transcodeOptions = await this.getCodecConfig(config).then((c) =>
-        c.getOptions(target, mainVideoStream, mainAudioStream),
-      );
+      const config = BaseConfig.create(ffmpeg, await this.getDevices(), await this.hasMaliOpenCL());
+      command = config.getCommand(target, mainVideoStream, mainAudioStream);
     } catch (error) {
       this.logger.error(`An error occurred while configuring transcoding options: ${error}`);
       return JobStatus.FAILED;
     }
 
-    this.logger.log(`Started encoding video ${asset.id} ${JSON.stringify(transcodeOptions)}`);
+    this.logger.log(`Started encoding video ${asset.id} ${JSON.stringify(command)}`);
     try {
-      await this.mediaRepository.transcode(input, output, transcodeOptions);
+      await this.mediaRepository.transcode(input, output, command);
     } catch (error) {
       this.logger.error(error);
-      if (config.accel !== TranscodeHWAccel.DISABLED) {
+      if (ffmpeg.accel !== TranscodeHWAccel.DISABLED) {
         this.logger.error(
-          `Error occurred during transcoding. Retrying with ${config.accel.toUpperCase()} acceleration disabled.`,
+          `Error occurred during transcoding. Retrying with ${ffmpeg.accel.toUpperCase()} acceleration disabled.`,
         );
       }
-      transcodeOptions = await this.getCodecConfig({ ...config, accel: TranscodeHWAccel.DISABLED }).then((c) =>
-        c.getOptions(target, mainVideoStream, mainAudioStream),
-      );
-      await this.mediaRepository.transcode(input, output, transcodeOptions);
+      const config = BaseConfig.create({ ...ffmpeg, accel: TranscodeHWAccel.DISABLED });
+      command = config.getCommand(target, mainVideoStream, mainAudioStream);
+      await this.mediaRepository.transcode(input, output, command);
     }
 
     this.logger.log(`Successfully encoded ${asset.id}`);
@@ -382,10 +367,10 @@ export class MediaService {
 
   private getTranscodeTarget(
     config: SystemConfigFFmpegDto,
-    videoStream: VideoStreamInfo | null,
-    audioStream: AudioStreamInfo | null,
+    videoStream?: VideoStreamInfo,
+    audioStream?: AudioStreamInfo,
   ): TranscodeTarget {
-    if (videoStream == null && audioStream == null) {
+    if (!videoStream && !audioStream) {
       return TranscodeTarget.NONE;
     }
 
@@ -407,8 +392,8 @@ export class MediaService {
     return TranscodeTarget.NONE;
   }
 
-  private isAudioTranscodeRequired(ffmpegConfig: SystemConfigFFmpegDto, stream: AudioStreamInfo | null): boolean {
-    if (stream == null) {
+  private isAudioTranscodeRequired(ffmpegConfig: SystemConfigFFmpegDto, stream?: AudioStreamInfo): boolean {
+    if (!stream) {
       return false;
     }
 
@@ -430,8 +415,8 @@ export class MediaService {
     }
   }
 
-  private isVideoTranscodeRequired(ffmpegConfig: SystemConfigFFmpegDto, stream: VideoStreamInfo | null): boolean {
-    if (stream == null) {
+  private isVideoTranscodeRequired(ffmpegConfig: SystemConfigFFmpegDto, stream?: VideoStreamInfo): boolean {
+    if (!stream) {
       return false;
     }
 
@@ -465,70 +450,6 @@ export class MediaService {
     }
   }
 
-  async getCodecConfig(config: SystemConfigFFmpegDto) {
-    if (config.accel === TranscodeHWAccel.DISABLED) {
-      return this.getSWCodecConfig(config);
-    }
-    return this.getHWCodecConfig(config);
-  }
-
-  private getSWCodecConfig(config: SystemConfigFFmpegDto) {
-    switch (config.targetVideoCodec) {
-      case VideoCodec.H264: {
-        return new H264Config(config);
-      }
-      case VideoCodec.HEVC: {
-        return new HEVCConfig(config);
-      }
-      case VideoCodec.VP9: {
-        return new VP9Config(config);
-      }
-      case VideoCodec.AV1: {
-        return new AV1Config(config);
-      }
-      default: {
-        throw new UnsupportedMediaTypeException(`Codec '${config.targetVideoCodec}' is unsupported`);
-      }
-    }
-  }
-
-  private async getHWCodecConfig(config: SystemConfigFFmpegDto) {
-    let handler: VideoCodecHWConfig;
-    switch (config.accel) {
-      case TranscodeHWAccel.NVENC: {
-        handler = config.accelDecode ? new NvencHwDecodeConfig(config) : new NvencSwDecodeConfig(config);
-        break;
-      }
-      case TranscodeHWAccel.QSV: {
-        handler = config.accelDecode
-          ? new QsvHwDecodeConfig(config, await this.getDevices())
-          : new QsvSwDecodeConfig(config, await this.getDevices());
-        break;
-      }
-      case TranscodeHWAccel.VAAPI: {
-        handler = new VAAPIConfig(config, await this.getDevices());
-        break;
-      }
-      case TranscodeHWAccel.RKMPP: {
-        handler =
-          config.accelDecode && (await this.hasOpenCL())
-            ? new RkmppHwDecodeConfig(config, await this.getDevices())
-            : new RkmppSwDecodeConfig(config, await this.getDevices());
-        break;
-      }
-      default: {
-        throw new UnsupportedMediaTypeException(`${config.accel.toUpperCase()} acceleration is unsupported`);
-      }
-    }
-    if (!handler.getSupportedCodecs().includes(config.targetVideoCodec)) {
-      throw new UnsupportedMediaTypeException(
-        `${config.accel.toUpperCase()} acceleration does not support codec '${config.targetVideoCodec.toUpperCase()}'. Supported codecs: ${handler.getSupportedCodecs()}`,
-      );
-    }
-
-    return handler;
-  }
-
   isSRGB(asset: AssetEntity): boolean {
     const { colorspace, profileDescription, bitsPerSample } = asset.exifInfo ?? {};
     if (colorspace || profileDescription) {
@@ -567,24 +488,29 @@ export class MediaService {
 
   private async getDevices() {
     if (!this.devices) {
-      this.devices = await this.storageRepository.readdir('/dev/dri');
+      try {
+        this.devices = await this.storageRepository.readdir('/dev/dri');
+      } catch {
+        this.logger.debug('No devices found in /dev/dri.');
+        this.devices = [];
+      }
     }
 
     return this.devices;
   }
 
-  private async hasOpenCL() {
-    if (this.openCL === null) {
+  private async hasMaliOpenCL() {
+    if (this.maliOpenCL === undefined) {
       try {
         const maliIcdStat = await this.storageRepository.stat('/etc/OpenCL/vendors/mali.icd');
         const maliDeviceStat = await this.storageRepository.stat('/dev/mali0');
-        this.openCL = maliIcdStat.isFile() && maliDeviceStat.isCharacterDevice();
+        this.maliOpenCL = maliIcdStat.isFile() && maliDeviceStat.isCharacterDevice();
       } catch {
-        this.logger.warn('OpenCL not available for transcoding, using CPU instead.');
-        this.openCL = false;
+        this.logger.debug('OpenCL not available for transcoding, using CPU decoding instead.');
+        this.maliOpenCL = false;
       }
     }
 
-    return this.openCL;
+    return this.maliOpenCL;
   }
 }

server/src/services/partner.service.spec.ts

@@ -1,6 +1,4 @@
 import { BadRequestException } from '@nestjs/common';
-import { PartnerResponseDto } from 'src/dtos/partner.dto';
-import { UserAvatarColor } from 'src/entities/user-metadata.entity';
 import { IAccessRepository } from 'src/interfaces/access.interface';
 import { IPartnerRepository, PartnerDirection } from 'src/interfaces/partner.interface';
 import { PartnerService } from 'src/services/partner.service';
@@ -9,45 +7,6 @@ import { partnerStub } from 'test/fixtures/partner.stub';
 import { newPartnerRepositoryMock } from 'test/repositories/partner.repository.mock';
 import { Mocked } from 'vitest';
 
-const responseDto = {
-  admin: <PartnerResponseDto>{
-    email: 'admin@test.com',
-    name: 'admin_name',
-    id: 'admin_id',
-    isAdmin: true,
-    oauthId: '',
-    profileImagePath: '',
-    shouldChangePassword: false,
-    storageLabel: 'admin',
-    createdAt: new Date('2021-01-01'),
-    deletedAt: null,
-    updatedAt: new Date('2021-01-01'),
-    memoriesEnabled: true,
-    avatarColor: UserAvatarColor.GRAY,
-    quotaSizeInBytes: null,
-    inTimeline: true,
-    quotaUsageInBytes: 0,
-  },
-  user1: <PartnerResponseDto>{
-    email: 'immich@test.com',
-    name: 'immich_name',
-    id: 'user-id',
-    isAdmin: false,
-    oauthId: '',
-    profileImagePath: '',
-    shouldChangePassword: false,
-    storageLabel: null,
-    createdAt: new Date('2021-01-01'),
-    deletedAt: null,
-    updatedAt: new Date('2021-01-01'),
-    memoriesEnabled: true,
-    avatarColor: UserAvatarColor.PRIMARY,
-    inTimeline: true,
-    quotaSizeInBytes: null,
-    quotaUsageInBytes: 0,
-  },
-};
-
 describe(PartnerService.name, () => {
   let sut: PartnerService;
   let partnerMock: Mocked<IPartnerRepository>;
@@ -65,13 +24,13 @@ describe(PartnerService.name, () => {
   describe('getAll', () => {
     it("should return a list of partners with whom I've shared my library", async () => {
       partnerMock.getAll.mockResolvedValue([partnerStub.adminToUser1, partnerStub.user1ToAdmin1]);
-      await expect(sut.getAll(authStub.user1, PartnerDirection.SharedBy)).resolves.toEqual([responseDto.admin]);
+      await expect(sut.getAll(authStub.user1, PartnerDirection.SharedBy)).resolves.toBeDefined();
       expect(partnerMock.getAll).toHaveBeenCalledWith(authStub.user1.user.id);
     });
 
     it('should return a list of partners who have shared their libraries with me', async () => {
       partnerMock.getAll.mockResolvedValue([partnerStub.adminToUser1, partnerStub.user1ToAdmin1]);
-      await expect(sut.getAll(authStub.user1, PartnerDirection.SharedWith)).resolves.toEqual([responseDto.admin]);
+      await expect(sut.getAll(authStub.user1, PartnerDirection.SharedWith)).resolves.toBeDefined();
       expect(partnerMock.getAll).toHaveBeenCalledWith(authStub.user1.user.id);
     });
   });
@@ -81,7 +40,7 @@ describe(PartnerService.name, () => {
       partnerMock.get.mockResolvedValue(null);
       partnerMock.create.mockResolvedValue(partnerStub.adminToUser1);
 
-      await expect(sut.create(authStub.admin, authStub.user1.user.id)).resolves.toEqual(responseDto.user1);
+      await expect(sut.create(authStub.admin, authStub.user1.user.id)).resolves.toBeDefined();
 
       expect(partnerMock.create).toHaveBeenCalledWith({
         sharedById: authStub.admin.user.id,

server/src/services/partner.service.ts

@@ -25,7 +25,7 @@ export class PartnerService {
     }
 
     const partner = await this.repository.create(partnerId);
-    return this.mapToPartnerEntity(partner, PartnerDirection.SharedBy);
+    return this.mapPartner(partner, PartnerDirection.SharedBy);
   }
 
   async remove(auth: AuthDto, sharedWithId: string): Promise<void> {
@@ -44,7 +44,7 @@ export class PartnerService {
     return partners
       .filter((partner) => partner.sharedBy && partner.sharedWith) // Filter out soft deleted users
       .filter((partner) => partner[key] === auth.user.id)
-      .map((partner) => this.mapToPartnerEntity(partner, direction));
+      .map((partner) => this.mapPartner(partner, direction));
   }
 
   async update(auth: AuthDto, sharedById: string, dto: UpdatePartnerDto): Promise<PartnerResponseDto> {
@@ -52,10 +52,10 @@ export class PartnerService {
     const partnerId: PartnerIds = { sharedById, sharedWithId: auth.user.id };
 
     const entity = await this.repository.update({ ...partnerId, inTimeline: dto.inTimeline });
-    return this.mapToPartnerEntity(entity, PartnerDirection.SharedWith);
+    return this.mapPartner(entity, PartnerDirection.SharedWith);
   }
 
-  private mapToPartnerEntity(partner: PartnerEntity, direction: PartnerDirection): PartnerResponseDto {
+  private mapPartner(partner: PartnerEntity, direction: PartnerDirection): PartnerResponseDto {
     // this is opposite to return the non-me user of the "partner"
     const user = mapUser(
       direction === PartnerDirection.SharedBy ? partner.sharedWith : partner.sharedBy,

server/src/services/person.service.spec.ts

@@ -438,6 +438,60 @@ describe(PersonService.name, () => {
     });
   });
 
+  describe('unassignFace', () => {
+    it('should unassign a face', async () => {
+      personMock.getFaceById.mockResolvedValueOnce(faceStub.face1);
+      accessMock.person.checkOwnerAccess.mockResolvedValue(new Set([personStub.noName.id]));
+      accessMock.person.checkFaceOwnerAccess.mockResolvedValue(new Set([faceStub.face1.id]));
+      personMock.reassignFace.mockResolvedValue(1);
+      personMock.getRandomFace.mockResolvedValue(null);
+      personMock.getFaceById.mockResolvedValueOnce(faceStub.unassignedFace);
+
+      await expect(sut.unassignFace(authStub.admin, faceStub.face1.id)).resolves.toStrictEqual(
+        mapFaces(faceStub.unassignedFace, authStub.admin),
+      );
+
+      expect(mediaMock.generateThumbnail).not.toHaveBeenCalled();
+    });
+
+    it('should not unassign a face if user has no create access', async () => {
+      personMock.getFaceById.mockResolvedValueOnce(faceStub.face1);
+      accessMock.person.checkOwnerAccess.mockResolvedValue(new Set([personStub.noName.id]));
+      personMock.reassignFace.mockResolvedValue(1);
+      personMock.getRandomFace.mockResolvedValue(null);
+      personMock.getFaceById.mockResolvedValueOnce(faceStub.unassignedFace);
+
+      await expect(sut.unassignFace(authStub.admin, faceStub.face1.id)).rejects.toBeInstanceOf(BadRequestException);
+    });
+  });
+
+  describe('unassignFaces', () => {
+    it('should unassign a face', async () => {
+      personMock.getFacesByIds.mockResolvedValueOnce([faceStub.face1]);
+      accessMock.person.checkOwnerAccess.mockResolvedValue(new Set([personStub.noName.id]));
+      accessMock.person.checkFaceOwnerAccess.mockResolvedValue(new Set([faceStub.face1.id]));
+      personMock.reassignFace.mockResolvedValue(1);
+      personMock.getRandomFace.mockResolvedValue(null);
+      personMock.getFaceById.mockResolvedValueOnce(faceStub.unassignedFace);
+
+      await expect(
+        sut.unassignFaces(authStub.admin, { data: [{ assetId: faceStub.face1.id, personId: 'person-1' }] }),
+      ).resolves.toStrictEqual([{ id: 'assetFaceId1', success: true }]);
+    });
+
+    it('should not unassign a face if the user has no create access', async () => {
+      personMock.getFacesByIds.mockResolvedValueOnce([faceStub.face1]);
+      accessMock.person.checkOwnerAccess.mockResolvedValue(new Set([personStub.noName.id]));
+      personMock.reassignFace.mockResolvedValue(1);
+      personMock.getRandomFace.mockResolvedValue(null);
+      personMock.getFaceById.mockResolvedValueOnce(faceStub.unassignedFace);
+
+      await expect(
+        sut.unassignFaces(authStub.admin, { data: [{ assetId: faceStub.face1.id, personId: 'person-1' }] }),
+      ).rejects.toBeInstanceOf(BadRequestException);
+    });
+  });
+
   describe('handlePersonCleanup', () => {
     it('should delete people without faces', async () => {
       personMock.getAllWithoutFaces.mockResolvedValue([personStub.noName]);
@@ -551,7 +605,10 @@ describe(PersonService.name, () => {
 
       await sut.handleQueueRecognizeFaces({});
 
-      expect(personMock.getAllFaces).toHaveBeenCalledWith({ skip: 0, take: 1000 }, { where: { personId: IsNull() } });
+      expect(personMock.getAllFaces).toHaveBeenCalledWith(
+        { skip: 0, take: 1000 },
+        { where: { personId: IsNull(), isEdited: false } },
+      );
       expect(jobMock.queueAll).toHaveBeenCalledWith([
         {
           name: JobName.FACIAL_RECOGNITION,

server/src/services/person.service.ts

@@ -102,6 +102,22 @@ export class PersonService {
     };
   }
 
+  async unassignFace(auth: AuthDto, id: string): Promise<AssetFaceResponseDto> {
+    let face = await this.repository.getFaceById(id);
+    await this.access.requirePermission(auth, Permission.PERSON_CREATE, face.id);
+
+    if (face.personId) {
+      await this.access.requirePermission(auth, Permission.PERSON_WRITE, face.personId);
+    }
+
+    await this.repository.reassignFace(face.id, null);
+    if (face.person && face.person.faceAssetId === face.id) {
+      await this.createNewFeaturePhoto([face.person.id]);
+    }
+    face = await this.repository.getFaceById(id);
+    return mapFaces(face, auth);
+  }
+
   async reassignFaces(auth: AuthDto, personId: string, dto: AssetFaceUpdateDto): Promise<PersonResponseDto[]> {
     await this.access.requirePermission(auth, Permission.PERSON_WRITE, personId);
     const person = await this.findOrFail(personId);
@@ -131,6 +147,34 @@ export class PersonService {
     return result;
   }
 
+  async unassignFaces(auth: AuthDto, dto: AssetFaceUpdateDto): Promise<BulkIdResponseDto[]> {
+    const changeFeaturePhoto: string[] = [];
+    const results: BulkIdResponseDto[] = [];
+
+    for (const data of dto.data) {
+      const faces = await this.repository.getFacesByIds([{ personId: data.personId, assetId: data.assetId }]);
+
+      for (const face of faces) {
+        await this.access.requirePermission(auth, Permission.PERSON_CREATE, face.id);
+        if (face.personId) {
+          await this.access.requirePermission(auth, Permission.PERSON_WRITE, face.personId);
+        }
+
+        await this.repository.reassignFace(face.id, null);
+        if (face.person && face.person.faceAssetId === face.id) {
+          changeFeaturePhoto.push(face.person.id);
+        }
+        results.push({ id: face.id, success: true });
+      }
+    }
+    if (changeFeaturePhoto.length > 0) {
+      // Remove duplicates
+      await this.createNewFeaturePhoto([...changeFeaturePhoto]);
+    }
+
+    return results;
+  }
+
   async reassignFacesById(auth: AuthDto, personId: string, dto: FaceDto): Promise<PersonResponseDto> {
     await this.access.requirePermission(auth, Permission.PERSON_WRITE, personId);
 
@@ -387,7 +431,7 @@ export class PersonService {
     }
 
     const facePagination = usePagination(JOBS_ASSET_PAGINATION_SIZE, (pagination) =>
-      this.repository.getAllFaces(pagination, { where: force ? undefined : { personId: IsNull() } }),
+      this.repository.getAllFaces(pagination, { where: force ? undefined : { personId: IsNull(), isEdited: false } }),
     );
 
     for await (const page of facePagination) {

server/src/services/server-info.service.spec.ts

@@ -149,7 +149,7 @@ describe(ServerInfoService.name, () => {
     it('should respond the server features', async () => {
       await expect(sut.getFeatures()).resolves.toEqual({
         smartSearch: true,
-        duplicateDetection: false,
+        duplicateDetection: true,
         facialRecognition: true,
         map: true,
         reverseGeocoding: true,

server/src/services/system-config.service.spec.ts

@@ -81,8 +81,8 @@ const updatedConfig = Object.freeze<SystemConfig>({
       modelName: 'ViT-B-32__openai',
     },
     duplicateDetection: {
-      enabled: false,
-      maxDistance: 0.03,
+      enabled: true,
+      maxDistance: 0.0155,
     },
     facialRecognition: {
       enabled: true,

server/src/services/user-admin.service.spec.ts

@@ -0,0 +1,197 @@
+import { BadRequestException, ForbiddenException } from '@nestjs/common';
+import { mapUserAdmin } from 'src/dtos/user.dto';
+import { UserStatus } from 'src/entities/user.entity';
+import { IAlbumRepository } from 'src/interfaces/album.interface';
+import { ICryptoRepository } from 'src/interfaces/crypto.interface';
+import { IJobRepository, JobName } from 'src/interfaces/job.interface';
+import { ILoggerRepository } from 'src/interfaces/logger.interface';
+import { IUserRepository } from 'src/interfaces/user.interface';
+import { UserAdminService } from 'src/services/user-admin.service';
+import { authStub } from 'test/fixtures/auth.stub';
+import { userStub } from 'test/fixtures/user.stub';
+import { newAlbumRepositoryMock } from 'test/repositories/album.repository.mock';
+import { newCryptoRepositoryMock } from 'test/repositories/crypto.repository.mock';
+import { newJobRepositoryMock } from 'test/repositories/job.repository.mock';
+import { newLoggerRepositoryMock } from 'test/repositories/logger.repository.mock';
+import { newUserRepositoryMock } from 'test/repositories/user.repository.mock';
+import { Mocked, describe } from 'vitest';
+
+describe(UserAdminService.name, () => {
+  let sut: UserAdminService;
+  let userMock: Mocked<IUserRepository>;
+  let cryptoRepositoryMock: Mocked<ICryptoRepository>;
+
+  let albumMock: Mocked<IAlbumRepository>;
+  let jobMock: Mocked<IJobRepository>;
+  let loggerMock: Mocked<ILoggerRepository>;
+
+  beforeEach(() => {
+    albumMock = newAlbumRepositoryMock();
+    cryptoRepositoryMock = newCryptoRepositoryMock();
+    jobMock = newJobRepositoryMock();
+    userMock = newUserRepositoryMock();
+    loggerMock = newLoggerRepositoryMock();
+
+    sut = new UserAdminService(albumMock, cryptoRepositoryMock, jobMock, userMock, loggerMock);
+
+    userMock.get.mockImplementation((userId) =>
+      Promise.resolve([userStub.admin, userStub.user1].find((user) => user.id === userId) ?? null),
+    );
+  });
+
+  describe('create', () => {
+    it('should not create a user if there is no local admin account', async () => {
+      userMock.getAdmin.mockResolvedValueOnce(null);
+
+      await expect(
+        sut.create({
+          email: 'john_smith@email.com',
+          name: 'John Smith',
+          password: 'password',
+        }),
+      ).rejects.toBeInstanceOf(BadRequestException);
+    });
+
+    it('should create user', async () => {
+      userMock.getAdmin.mockResolvedValue(userStub.admin);
+      userMock.create.mockResolvedValue(userStub.user1);
+
+      await expect(
+        sut.create({
+          email: userStub.user1.email,
+          name: userStub.user1.name,
+          password: 'password',
+          storageLabel: 'label',
+        }),
+      ).resolves.toEqual(mapUserAdmin(userStub.user1));
+
+      expect(userMock.getAdmin).toBeCalled();
+      expect(userMock.create).toBeCalledWith({
+        email: userStub.user1.email,
+        name: userStub.user1.name,
+        storageLabel: 'label',
+        password: expect.anything(),
+      });
+    });
+  });
+
+  describe('update', () => {
+    it('should update the user', async () => {
+      const update = {
+        shouldChangePassword: true,
+        email: 'immich@test.com',
+        storageLabel: 'storage_label',
+      };
+      userMock.getByEmail.mockResolvedValue(null);
+      userMock.getByStorageLabel.mockResolvedValue(null);
+      userMock.update.mockResolvedValue(userStub.user1);
+
+      await sut.update(authStub.user1, userStub.user1.id, update);
+
+      expect(userMock.getByEmail).toHaveBeenCalledWith(update.email);
+      expect(userMock.getByStorageLabel).toHaveBeenCalledWith(update.storageLabel);
+    });
+
+    it('should not set an empty string for storage label', async () => {
+      userMock.update.mockResolvedValue(userStub.user1);
+      await sut.update(authStub.admin, userStub.user1.id, { storageLabel: '' });
+      expect(userMock.update).toHaveBeenCalledWith(userStub.user1.id, {
+        storageLabel: null,
+        updatedAt: expect.any(Date),
+      });
+    });
+
+    it('should not change an email to one already in use', async () => {
+      const dto = { id: userStub.user1.id, email: 'updated@test.com' };
+
+      userMock.get.mockResolvedValue(userStub.user1);
+      userMock.getByEmail.mockResolvedValue(userStub.admin);
+
+      await expect(sut.update(authStub.admin, userStub.user1.id, dto)).rejects.toBeInstanceOf(BadRequestException);
+
+      expect(userMock.update).not.toHaveBeenCalled();
+    });
+
+    it('should not let the admin change the storage label to one already in use', async () => {
+      const dto = { id: userStub.user1.id, storageLabel: 'admin' };
+
+      userMock.get.mockResolvedValue(userStub.user1);
+      userMock.getByStorageLabel.mockResolvedValue(userStub.admin);
+
+      await expect(sut.update(authStub.admin, userStub.user1.id, dto)).rejects.toBeInstanceOf(BadRequestException);
+
+      expect(userMock.update).not.toHaveBeenCalled();
+    });
+
+    it('update user information should throw error if user not found', async () => {
+      userMock.get.mockResolvedValueOnce(null);
+
+      await expect(
+        sut.update(authStub.admin, userStub.user1.id, { shouldChangePassword: true }),
+      ).rejects.toBeInstanceOf(BadRequestException);
+    });
+  });
+
+  describe('delete', () => {
+    it('should throw error if user could not be found', async () => {
+      userMock.get.mockResolvedValue(null);
+
+      await expect(sut.delete(authStub.admin, userStub.admin.id, {})).rejects.toThrowError(BadRequestException);
+      expect(userMock.delete).not.toHaveBeenCalled();
+    });
+
+    it('cannot delete admin user', async () => {
+      await expect(sut.delete(authStub.admin, userStub.admin.id, {})).rejects.toBeInstanceOf(ForbiddenException);
+    });
+
+    it('should require the auth user be an admin', async () => {
+      await expect(sut.delete(authStub.user1, authStub.admin.user.id, {})).rejects.toBeInstanceOf(ForbiddenException);
+
+      expect(userMock.delete).not.toHaveBeenCalled();
+    });
+
+    it('should delete user', async () => {
+      userMock.get.mockResolvedValue(userStub.user1);
+      userMock.update.mockResolvedValue(userStub.user1);
+
+      await expect(sut.delete(authStub.admin, userStub.user1.id, {})).resolves.toEqual(mapUserAdmin(userStub.user1));
+      expect(userMock.update).toHaveBeenCalledWith(userStub.user1.id, {
+        status: UserStatus.DELETED,
+        deletedAt: expect.any(Date),
+      });
+    });
+
+    it('should force delete user', async () => {
+      userMock.get.mockResolvedValue(userStub.user1);
+      userMock.update.mockResolvedValue(userStub.user1);
+
+      await expect(sut.delete(authStub.admin, userStub.user1.id, { force: true })).resolves.toEqual(
+        mapUserAdmin(userStub.user1),
+      );
+
+      expect(userMock.update).toHaveBeenCalledWith(userStub.user1.id, {
+        status: UserStatus.REMOVING,
+        deletedAt: expect.any(Date),
+      });
+      expect(jobMock.queue).toHaveBeenCalledWith({
+        name: JobName.USER_DELETION,
+        data: { id: userStub.user1.id, force: true },
+      });
+    });
+  });
+
+  describe('restore', () => {
+    it('should throw error if user could not be found', async () => {
+      userMock.get.mockResolvedValue(null);
+      await expect(sut.restore(authStub.admin, userStub.admin.id)).rejects.toThrowError(BadRequestException);
+      expect(userMock.update).not.toHaveBeenCalled();
+    });
+
+    it('should restore an user', async () => {
+      userMock.get.mockResolvedValue(userStub.user1);
+      userMock.update.mockResolvedValue(userStub.user1);
+      await expect(sut.restore(authStub.admin, userStub.user1.id)).resolves.toEqual(mapUserAdmin(userStub.user1));
+      expect(userMock.update).toHaveBeenCalledWith(userStub.user1.id, { status: UserStatus.ACTIVE, deletedAt: null });
+    });
+  });
+});