feat(server): granular permissions for api keys (#11824)

feat(server): api auth permissions

server/src/enum.ts

@@ -32,8 +32,18 @@ export enum MemoryType {
 }
 
 export enum Permission {
+  ALL = 'all',
+
   ACTIVITY_CREATE = 'activity.create',
+  ACTIVITY_READ = 'activity.read',
+  ACTIVITY_UPDATE = 'activity.update',
   ACTIVITY_DELETE = 'activity.delete',
+  ACTIVITY_STATISTICS = 'activity.statistics',
+
+  API_KEY_CREATE = 'apiKey.create',
+  API_KEY_READ = 'apiKey.read',
+  API_KEY_UPDATE = 'apiKey.update',
+  API_KEY_DELETE = 'apiKey.delete',
 
   // ASSET_CREATE = 'asset.create',
   ASSET_READ = 'asset.read',
@@ -45,10 +55,12 @@ export enum Permission {
   ASSET_DOWNLOAD = 'asset.download',
   ASSET_UPLOAD = 'asset.upload',
 
-  // ALBUM_CREATE = 'album.create',
+  ALBUM_CREATE = 'album.create',
   ALBUM_READ = 'album.read',
   ALBUM_UPDATE = 'album.update',
   ALBUM_DELETE = 'album.delete',
+  ALBUM_STATISTICS = 'album.statistics',
+
   ALBUM_ADD_ASSET = 'album.addAsset',
   ALBUM_REMOVE_ASSET = 'album.removeAsset',
   ALBUM_SHARE = 'album.share',
@@ -58,20 +70,58 @@ export enum Permission {
 
   ARCHIVE_READ = 'archive.read',
 
+  FACE_CREATE = 'face.create',
+  FACE_READ = 'face.read',
+  FACE_UPDATE = 'face.update',
+  FACE_DELETE = 'face.delete',
+
+  LIBRARY_CREATE = 'library.create',
+  LIBRARY_READ = 'library.read',
+  LIBRARY_UPDATE = 'library.update',
+  LIBRARY_DELETE = 'library.delete',
+  LIBRARY_STATISTICS = 'library.statistics',
+
   TIMELINE_READ = 'timeline.read',
   TIMELINE_DOWNLOAD = 'timeline.download',
 
+  MEMORY_CREATE = 'memory.create',
   MEMORY_READ = 'memory.read',
-  MEMORY_WRITE = 'memory.write',
+  MEMORY_UPDATE = 'memory.update',
   MEMORY_DELETE = 'memory.delete',
 
-  PERSON_READ = 'person.read',
-  PERSON_WRITE = 'person.write',
-  PERSON_MERGE = 'person.merge',
+  PARTNER_CREATE = 'partner.create',
+  PARTNER_READ = 'partner.read',
+  PARTNER_UPDATE = 'partner.update',
+  PARTNER_DELETE = 'partner.delete',
+
   PERSON_CREATE = 'person.create',
+  PERSON_READ = 'person.read',
+  PERSON_UPDATE = 'person.update',
+  PERSON_DELETE = 'person.delete',
+  PERSON_STATISTICS = 'person.statistics',
+  PERSON_MERGE = 'person.merge',
   PERSON_REASSIGN = 'person.reassign',
 
-  PARTNER_UPDATE = 'partner.update',
+  SHARED_LINK_CREATE = 'sharedLink.create',
+  SHARED_LINK_READ = 'sharedLink.read',
+  SHARED_LINK_UPDATE = 'sharedLink.update',
+  SHARED_LINK_DELETE = 'sharedLink.delete',
+
+  SYSTEM_CONFIG_READ = 'systemConfig.read',
+  SYSTEM_CONFIG_UPDATE = 'systemConfig.update',
+
+  SYSTEM_METADATA_READ = 'systemMetadata.read',
+  SYSTEM_METADATA_UPDATE = 'systemMetadata.update',
+
+  TAG_CREATE = 'tag.create',
+  TAG_READ = 'tag.read',
+  TAG_UPDATE = 'tag.update',
+  TAG_DELETE = 'tag.delete',
+
+  ADMIN_USER_CREATE = 'admin.user.create',
+  ADMIN_USER_READ = 'admin.user.read',
+  ADMIN_USER_UPDATE = 'admin.user.update',
+  ADMIN_USER_DELETE = 'admin.user.delete',
 }
 
 export enum SharedLinkType {