helpy4/immich
1
0
Fork 0
mirror of https://github.com/immich-app/immich synced 2025-11-14 17:36:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix(server): timeline bucket access for shared links (#4404)

Browse source
This commit is contained in:
Jason Rasmussen 2023-10-09 11:57:36 -04:00 committed by GitHub
parent 2ea080cacd
commit ebb50476ac
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 23 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

10
server/src/domain/asset/asset.service.ts
View file

@ -177,13 +177,15 @@ export class AssetService {
private async timeBucketChecks(authUser: AuthUserDto, dto: TimeBucketDto) {
if (dto.albumId) {
await this.access.requirePermission(authUser, Permission.ALBUM_READ, [dto.albumId]);
} else if (dto.userId) {
} else {
dto.userId = dto.userId || authUser.id;
}
if (dto.userId) {
await this.access.requirePermission(authUser, Permission.TIMELINE_READ, [dto.userId]);
if (dto.isArchived !== false) {
await this.access.requirePermission(authUser, Permission.ARCHIVE_READ, [dto.userId]);
}
await this.access.requirePermission(authUser, Permission.TIMELINE_READ, [dto.userId]);
} else {
dto.userId = authUser.id;
}
}