helpy4/immich
1
0
Fork 0
mirror of https://github.com/immich-app/immich synced 2025-11-07 17:27:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

refactor: access core (#11930)

Browse source
This commit is contained in:
Jason Rasmussen 2024-08-20 07:49:56 -04:00 committed by GitHub
parent c7801eae7e
commit 8285803c95
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
19 changed files with 415 additions and 496 deletions
Download patch file Download diff file Expand all files Collapse all files

31
server/src/utils/asset.util.ts
View file

@ -1,10 +1,10 @@
import { AccessCore } from 'src/cores/access.core';
import { BulkIdErrorReason, BulkIdResponseDto } from 'src/dtos/asset-ids.response.dto';
import { AuthDto } from 'src/dtos/auth.dto';
import { AssetFileEntity } from 'src/entities/asset-files.entity';
import { AssetFileType, Permission } from 'src/enum';
import { IAccessRepository } from 'src/interfaces/access.interface';
import { IPartnerRepository } from 'src/interfaces/partner.interface';
import { checkAccess } from 'src/utils/access';
export interface IBulkAsset {
getAssetIds: (id: string, assetIds: string[]) => Promise<Set<string>>;
@ -23,15 +23,17 @@ export const getAssetFiles = (files?: AssetFileEntity[]) => ({
export const addAssets = async (
auth: AuthDto,
repositories: { accessRepository: IAccessRepository; repository: IBulkAsset },
repositories: { access: IAccessRepository; bulk: IBulkAsset },
dto: { parentId: string; assetIds: string[] },
) => {
const { accessRepository, repository } = repositories;
const access = AccessCore.create(accessRepository);
const existingAssetIds = await repository.getAssetIds(dto.parentId, dto.assetIds);
const { access, bulk } = repositories;
const existingAssetIds = await bulk.getAssetIds(dto.parentId, dto.assetIds);
const notPresentAssetIds = dto.assetIds.filter((id) => !existingAssetIds.has(id));
const allowedAssetIds = await access.checkAccess(auth, Permission.ASSET_SHARE, notPresentAssetIds);
const allowedAssetIds = await checkAccess(access, {
auth,
permission: Permission.ASSET_SHARE,
ids: notPresentAssetIds,
});
const results: BulkIdResponseDto[] = [];
for (const assetId of dto.assetIds) {
@ -53,7 +55,7 @@ export const addAssets = async (
const newAssetIds = results.filter(({ success }) => success).map(({ id }) => id);
if (newAssetIds.length > 0) {
await repository.addAssetIds(dto.parentId, newAssetIds);
await bulk.addAssetIds(dto.parentId, newAssetIds);
}
return results;
@ -61,18 +63,17 @@ export const addAssets = async (
export const removeAssets = async (
auth: AuthDto,
repositories: { accessRepository: IAccessRepository; repository: IBulkAsset },
repositories: { access: IAccessRepository; bulk: IBulkAsset },
dto: { parentId: string; assetIds: string[]; canAlwaysRemove: Permission },
) => {
const { accessRepository, repository } = repositories;
const access = AccessCore.create(accessRepository);
const { access, bulk } = repositories;
// check if the user can always remove from the parent album, memory, etc.
const canAlwaysRemove = await access.checkAccess(auth, dto.canAlwaysRemove, [dto.parentId]);
const existingAssetIds = await repository.getAssetIds(dto.parentId, dto.assetIds);
const canAlwaysRemove = await checkAccess(access, { auth, permission: dto.canAlwaysRemove, ids: [dto.parentId] });
const existingAssetIds = await bulk.getAssetIds(dto.parentId, dto.assetIds);
const allowedAssetIds = canAlwaysRemove.has(dto.parentId)
? existingAssetIds
: await access.checkAccess(auth, Permission.ASSET_SHARE, existingAssetIds);
: await checkAccess(access, { auth, permission: Permission.ASSET_SHARE, ids: existingAssetIds });
const results: BulkIdResponseDto[] = [];
for (const assetId of dto.assetIds) {
@ -94,7 +95,7 @@ export const removeAssets = async (
const removedIds = results.filter(({ success }) => success).map(({ id }) => id);
if (removedIds.length > 0) {
await repository.removeAssetIds(dto.parentId, removedIds);
await bulk.removeAssetIds(dto.parentId, removedIds);
}
return results;