immich/server/src/domain/repositories/access.repository.ts

export const IAccessRepository = 'IAccessRepository';

export interface IAccessRepository {
  activity: {
    hasOwnerAccess(userId: string, activityId: string): Promise<boolean>;
    hasAlbumOwnerAccess(userId: string, activityId: string): Promise<boolean>;
    hasCreateAccess(userId: string, albumId: string): Promise<boolean>;
  };
  asset: {
    hasOwnerAccess(userId: string, assetId: string): Promise<boolean>;
    hasAlbumAccess(userId: string, assetId: string): Promise<boolean>;
    hasPartnerAccess(userId: string, assetId: string): Promise<boolean>;
    hasSharedLinkAccess(sharedLinkId: string, assetId: string): Promise<boolean>;
  };

  authDevice: {
    hasOwnerAccess(userId: string, deviceId: string): Promise<boolean>;
  };

  album: {
    checkOwnerAccess(userId: string, albumIds: Set<string>): Promise<Set<string>>;
    checkSharedAlbumAccess(userId: string, albumIds: Set<string>): Promise<Set<string>>;
    checkSharedLinkAccess(sharedLinkId: string, albumIds: Set<string>): Promise<Set<string>>;
  };

  library: {
    hasOwnerAccess(userId: string, libraryId: string): Promise<boolean>;
    hasPartnerAccess(userId: string, partnerId: string): Promise<boolean>;
  };

  timeline: {
    hasPartnerAccess(userId: string, partnerId: string): Promise<boolean>;
  };

  person: {
    hasOwnerAccess(userId: string, personId: string): Promise<boolean>;
  };

  partner: {
    hasUpdateAccess(userId: string, partnerId: string): Promise<boolean>;
  };
}
refactor(server): partner core (#2678) * refactor(server): partner core * refactor(server): partner access check 2023-06-06 22:18:38 +02:00			`export const IAccessRepository = 'IAccessRepository';`

			`export interface IAccessRepository {`
feat(web,server): activity (#4682) * feat: activity * regenerate api * fix: make asset owner unable to delete comment * fix: merge * fix: tests * feat: use textarea instead of input * fix: do actions only if the album is shared * fix: placeholder opacity * fix(web): improve messages UI * fix(web): improve input message UI * pr feedback * fix: tests * pr feedback * pr feedback * pr feedback * fix permissions * regenerate api * pr feedback * pr feedback * multiple improvements on web * fix: ui colors * WIP * chore: open api * pr feedback * fix: add comment * chore: clean up * pr feedback * refactor: endpoints * chore: open api * fix: filter by type * fix: e2e * feat: e2e remove own comment * fix: web tests * remove console.log * chore: cleanup * fix: ui tweaks * pr feedback * fix web test * fix: unit tests * chore: remove unused code * revert useless changes * fix: grouping messages * fix: remove nullable on updatedAt * fix: text overflow * styling --------- Co-authored-by: Jason Rasmussen <jrasm91@gmail.com> Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-11-01 04:13:34 +01:00			`activity: {`
feat(server, web): Album's options (#4870) * feat: disable activity * fix: disable reactions * fix: tests * fix: tests * fix: tests * pr feedback * pr feedback * chore: styling & wording * refactor component --------- Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-11-07 05:37:21 +01:00			`hasOwnerAccess(userId: string, activityId: string): Promise<boolean>;`
			`hasAlbumOwnerAccess(userId: string, activityId: string): Promise<boolean>;`
			`hasCreateAccess(userId: string, albumId: string): Promise<boolean>;`
feat(web,server): activity (#4682) * feat: activity * regenerate api * fix: make asset owner unable to delete comment * fix: merge * fix: tests * feat: use textarea instead of input * fix: do actions only if the album is shared * fix: placeholder opacity * fix(web): improve messages UI * fix(web): improve input message UI * pr feedback * fix: tests * pr feedback * pr feedback * pr feedback * fix permissions * regenerate api * pr feedback * pr feedback * multiple improvements on web * fix: ui colors * WIP * chore: open api * pr feedback * fix: add comment * chore: clean up * pr feedback * refactor: endpoints * chore: open api * fix: filter by type * fix: e2e * feat: e2e remove own comment * fix: web tests * remove console.log * chore: cleanup * fix: ui tweaks * pr feedback * fix web test * fix: unit tests * chore: remove unused code * revert useless changes * fix: grouping messages * fix: remove nullable on updatedAt * fix: text overflow * styling --------- Co-authored-by: Jason Rasmussen <jrasm91@gmail.com> Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-11-01 04:13:34 +01:00			`};`
refactor(server): access permissions (#2910) * refactor: access repo interface * feat: access core * fix: allow shared links to add to a shared link * chore: comment out unused code * fix: pr feedback --------- Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-06-28 15:56:24 +02:00			`asset: {`
			`hasOwnerAccess(userId: string, assetId: string): Promise<boolean>;`
			`hasAlbumAccess(userId: string, assetId: string): Promise<boolean>;`
			`hasPartnerAccess(userId: string, assetId: string): Promise<boolean>;`
			`hasSharedLinkAccess(sharedLinkId: string, assetId: string): Promise<boolean>;`
			`};`
refactor(server, web): create shared link (#2879) * refactor: shared links * chore: open api * fix: tsc error 2023-06-21 03:08:43 +02:00
refactor(server): auth delete device (#4720) * refactor(server): auth delete device * fix: person e2e 2023-10-30 16:48:38 +01:00			`authDevice: {`
			`hasOwnerAccess(userId: string, deviceId: string): Promise<boolean>;`
			`};`

refactor(server): access permissions (#2910) * refactor: access repo interface * feat: access core * fix: allow shared links to add to a shared link * chore: comment out unused code * fix: pr feedback --------- Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-06-28 15:56:24 +02:00			`album: {`
chore(server): Check album permissions in bulk (#5290) * chore(server): Check album permissions in bulk Modify Access repository, to evaluate `album` permissions in bulk. Queries have been validated to match what they currently generate for single ids. Queries: * Owner access: ```sql -- Before SELECT 1 AS "row_exists" FROM (SELECT 1 AS dummy_column) "dummy_table" WHERE EXISTS ( SELECT 1 FROM "albums" "AlbumEntity" WHERE "AlbumEntity"."id" = $1 AND "AlbumEntity"."ownerId" = $2 AND "AlbumEntity"."deletedAt" IS NULL ) LIMIT 1 -- After SELECT "AlbumEntity"."id" AS "AlbumEntity_id" FROM "albums" "AlbumEntity" WHERE "AlbumEntity"."id" IN ($1, $2) AND "AlbumEntity"."ownerId" = $3 AND "AlbumEntity"."deletedAt" IS NULL ``` * Shared link access: ```sql -- Before SELECT 1 AS "row_exists" FROM (SELECT 1 AS dummy_column) "dummy_table" WHERE EXISTS ( SELECT 1 FROM "shared_links" "SharedLinkEntity" WHERE "SharedLinkEntity"."id" = $1 AND "SharedLinkEntity"."albumId" = $2 ) LIMIT 1 -- After SELECT "SharedLinkEntity"."albumId" AS "SharedLinkEntity_albumId", "SharedLinkEntity"."id" AS "SharedLinkEntity_id" FROM "shared_links" "SharedLinkEntity" WHERE "SharedLinkEntity"."id" = $1 AND "SharedLinkEntity"."albumId" IN ($2, $3) ``` * Shared album access: ```sql -- Before SELECT 1 AS "row_exists" FROM (SELECT 1 AS dummy_column) "dummy_table" WHERE EXISTS ( SELECT 1 FROM "albums" "AlbumEntity" LEFT JOIN "albums_shared_users_users" "AlbumEntity_AlbumEntity__AlbumEntity_sharedUsers" ON "AlbumEntity_AlbumEntity__AlbumEntity_sharedUsers"."albumsId"="AlbumEntity"."id" LEFT JOIN "users" "AlbumEntity__AlbumEntity_sharedUsers" ON "AlbumEntity__AlbumEntity_sharedUsers"."id"="AlbumEntity_AlbumEntity__AlbumEntity_sharedUsers"."usersId" AND "AlbumEntity__AlbumEntity_sharedUsers"."deletedAt" IS NULL WHERE "AlbumEntity"."id" = $1 AND "AlbumEntity__AlbumEntity_sharedUsers"."id" = $2 AND "AlbumEntity"."deletedAt" IS NULL ) LIMIT 1 -- After SELECT "AlbumEntity"."id" AS "AlbumEntity_id" FROM "albums" "AlbumEntity" LEFT JOIN "albums_shared_users_users" "AlbumEntity_AlbumEntity__AlbumEntity_sharedUsers" ON "AlbumEntity_AlbumEntity__AlbumEntity_sharedUsers"."albumsId"="AlbumEntity"."id" LEFT JOIN "users" "AlbumEntity__AlbumEntity_sharedUsers" ON "AlbumEntity__AlbumEntity_sharedUsers"."id"="AlbumEntity_AlbumEntity__AlbumEntity_sharedUsers"."usersId" AND "AlbumEntity__AlbumEntity_sharedUsers"."deletedAt" IS NULL WHERE "AlbumEntity"."id" IN ($1, $2) AND "AlbumEntity__AlbumEntity_sharedUsers"."id" = $3 AND "AlbumEntity"."deletedAt" IS NULL ``` * chore(server): Add set utils, avoid double queries for same ids * chore(server): Review feedback 2023-11-25 23:56:23 +01:00			`checkOwnerAccess(userId: string, albumIds: Set<string>): Promise<Set<string>>;`
			`checkSharedAlbumAccess(userId: string, albumIds: Set<string>): Promise<Set<string>>;`
			`checkSharedLinkAccess(sharedLinkId: string, albumIds: Set<string>): Promise<Set<string>>;`
refactor(server): access permissions (#2910) * refactor: access repo interface * feat: access core * fix: allow shared links to add to a shared link * chore: comment out unused code * fix: pr feedback --------- Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-06-28 15:56:24 +02:00			`};`
refactor(server, web): create shared link (#2879) * refactor: shared links * chore: open api * fix: tsc error 2023-06-21 03:08:43 +02:00
refactor(server): access permissions (#2910) * refactor: access repo interface * feat: access core * fix: allow shared links to add to a shared link * chore: comment out unused code * fix: pr feedback --------- Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-06-28 15:56:24 +02:00			`library: {`
feat(server,web): libraries (#3124) * feat: libraries Co-authored-by: Jason Rasmussen <jrasm91@gmail.com> Co-authored-by: Alex <alex.tran1502@gmail.com> 2023-09-20 13:16:33 +02:00			`hasOwnerAccess(userId: string, libraryId: string): Promise<boolean>;`
			`hasPartnerAccess(userId: string, partnerId: string): Promise<boolean>;`
			`};`

			`timeline: {`
refactor(server): access permissions (#2910) * refactor: access repo interface * feat: access core * fix: allow shared links to add to a shared link * chore: comment out unused code * fix: pr feedback --------- Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-06-28 15:56:24 +02:00			`hasPartnerAccess(userId: string, partnerId: string): Promise<boolean>;`
			`};`
chore(server): Use access core for person permissions (#4138) * use access core for all person methods * minor fixes, feedback * reorder assignments * remove unnecessary permission requirement * unify naming of tests * reorder variables 2023-09-18 23:22:44 +02:00
			`person: {`
			`hasOwnerAccess(userId: string, personId: string): Promise<boolean>;`
			`};`
feat(web): show partners assets on the main timeline (#4933) 2023-11-11 22:06:19 +01:00
			`partner: {`
			`hasUpdateAccess(userId: string, partnerId: string): Promise<boolean>;`
			`};`
refactor(server): partner core (#2678) * refactor(server): partner core * refactor(server): partner access check 2023-06-06 22:18:38 +02:00			`}`