1
0
Fork 0
mirror of https://github.com/immich-app/immich.git synced 2024-12-28 22:51:59 +00:00

fix(web): don't ask password for invalid shared link (#7456)

* fix(web): don't ask password for invalid shared link

* use apiUtils for e2e test
This commit is contained in:
Michel Heusschen 2024-02-27 16:25:57 +01:00 committed by GitHub
parent fb18129843
commit 21feb69083
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 34 additions and 20 deletions

View file

@ -15,6 +15,7 @@ test.describe('Shared Links', () => {
let asset: AssetResponseDto;
let album: AlbumResponseDto;
let sharedLink: SharedLinkResponseDto;
let sharedLinkPassword: SharedLinkResponseDto;
test.beforeAll(async () => {
apiUtils.setup();
@ -29,17 +30,16 @@ test.describe('Shared Links', () => {
},
},
{ headers: asBearerAuth(admin.accessToken) }
// { headers: asBearerAuth(admin.accessToken)},
);
sharedLink = await createSharedLink(
{
sharedLinkCreateDto: {
type: SharedLinkType.Album,
albumId: album.id,
},
},
{ headers: asBearerAuth(admin.accessToken) }
);
sharedLink = await apiUtils.createSharedLink(admin.accessToken, {
type: SharedLinkType.Album,
albumId: album.id,
});
sharedLinkPassword = await apiUtils.createSharedLink(admin.accessToken, {
type: SharedLinkType.Album,
albumId: album.id,
password: 'test-password',
});
});
test.afterAll(async () => {
@ -55,4 +55,16 @@ test.describe('Shared Links', () => {
await page.getByRole('button', { name: 'Download' }).click();
await page.getByText('DOWNLOADING').waitFor();
});
test('enter password for a shared link', async ({ page }) => {
await page.goto(`/share/${sharedLinkPassword.key}`);
await page.getByPlaceholder('Password').fill('test-password');
await page.getByRole('button', { name: 'Submit' }).click();
await page.getByRole('heading', { name: 'Test Album' }).waitFor();
});
test('show error for invalid shared link', async ({ page }) => {
await page.goto('/share/invalid');
await page.getByRole('heading', { name: 'Invalid share key' }).waitFor();
});
});

View file

@ -1,7 +1,14 @@
<script lang="ts">
import { page } from '$app/stores';
</script>
<svelte:head>
<title>Opps! Error - Immich</title>
</svelte:head>
<section class="flex h-screen w-screen place-content-center place-items-center">
<div class="p-20 text-4xl text-immich-primary dark:text-immich-dark-primary">Page not found :/</div>
<section class="flex flex-col px-4 h-screen w-screen place-content-center place-items-center">
<h1 class="py-10 text-4xl text-immich-primary dark:text-immich-dark-primary">Page not found :/</h1>
{#if $page.error?.message}
<h2 class="text-xl text-immich-fg dark:text-immich-dark-fg">{$page.error.message}</h2>
{/if}
</section>

View file

@ -1,7 +1,6 @@
import { getAssetThumbnailUrl } from '$lib/utils';
import { authenticate } from '$lib/utils/auth';
import { ThumbnailFormat, getMySharedLink } from '@immich/sdk';
import { error as throwError, type HttpError } from '@sveltejs/kit';
import { ThumbnailFormat, getMySharedLink, isHttpError } from '@immich/sdk';
import type { PageLoad } from './$types';
export const load = (async ({ params }) => {
@ -22,9 +21,7 @@ export const load = (async ({ params }) => {
},
};
} catch (error) {
// handle unauthorized error
// TODO this doesn't allow for 404 shared links anymore
if ((error as HttpError).status === 401) {
if (isHttpError(error) && error.data.message === 'Invalid password') {
return {
passwordRequired: true,
sharedLinkKey: key,
@ -34,8 +31,6 @@ export const load = (async ({ params }) => {
};
}
throwError(404, {
message: 'Invalid shared link',
});
throw error;
}
}) satisfies PageLoad;