From 21feb690839bc5b8584dcdf1b62a3c6cb0a0de24 Mon Sep 17 00:00:00 2001 From: Michel Heusschen <59014050+michelheusschen@users.noreply.github.com> Date: Tue, 27 Feb 2024 16:25:57 +0100 Subject: [PATCH] fix(web): don't ask password for invalid shared link (#7456) * fix(web): don't ask password for invalid shared link * use apiUtils for e2e test --- e2e/src/web/specs/shared-link.e2e-spec.ts | 32 +++++++++++++------ .../routes/(user)/share/[key]/+error.svelte | 11 +++++-- web/src/routes/(user)/share/[key]/+page.ts | 11 ++----- 3 files changed, 34 insertions(+), 20 deletions(-) diff --git a/e2e/src/web/specs/shared-link.e2e-spec.ts b/e2e/src/web/specs/shared-link.e2e-spec.ts index faa7b34255..ce79ed5454 100644 --- a/e2e/src/web/specs/shared-link.e2e-spec.ts +++ b/e2e/src/web/specs/shared-link.e2e-spec.ts @@ -15,6 +15,7 @@ test.describe('Shared Links', () => { let asset: AssetResponseDto; let album: AlbumResponseDto; let sharedLink: SharedLinkResponseDto; + let sharedLinkPassword: SharedLinkResponseDto; test.beforeAll(async () => { apiUtils.setup(); @@ -29,17 +30,16 @@ test.describe('Shared Links', () => { }, }, { headers: asBearerAuth(admin.accessToken) } - // { headers: asBearerAuth(admin.accessToken)}, - ); - sharedLink = await createSharedLink( - { - sharedLinkCreateDto: { - type: SharedLinkType.Album, - albumId: album.id, - }, - }, - { headers: asBearerAuth(admin.accessToken) } ); + sharedLink = await apiUtils.createSharedLink(admin.accessToken, { + type: SharedLinkType.Album, + albumId: album.id, + }); + sharedLinkPassword = await apiUtils.createSharedLink(admin.accessToken, { + type: SharedLinkType.Album, + albumId: album.id, + password: 'test-password', + }); }); test.afterAll(async () => { @@ -55,4 +55,16 @@ test.describe('Shared Links', () => { await page.getByRole('button', { name: 'Download' }).click(); await page.getByText('DOWNLOADING').waitFor(); }); + + test('enter password for a shared link', async ({ page }) => { + await page.goto(`/share/${sharedLinkPassword.key}`); + await page.getByPlaceholder('Password').fill('test-password'); + await page.getByRole('button', { name: 'Submit' }).click(); + await page.getByRole('heading', { name: 'Test Album' }).waitFor(); + }); + + test('show error for invalid shared link', async ({ page }) => { + await page.goto('/share/invalid'); + await page.getByRole('heading', { name: 'Invalid share key' }).waitFor(); + }); }); diff --git a/web/src/routes/(user)/share/[key]/+error.svelte b/web/src/routes/(user)/share/[key]/+error.svelte index fb1f0d766c..c68b534a90 100644 --- a/web/src/routes/(user)/share/[key]/+error.svelte +++ b/web/src/routes/(user)/share/[key]/+error.svelte @@ -1,7 +1,14 @@ + + Opps! Error - Immich -
-
Page not found :/
+
+

Page not found :/

+ {#if $page.error?.message} +

{$page.error.message}

+ {/if}
diff --git a/web/src/routes/(user)/share/[key]/+page.ts b/web/src/routes/(user)/share/[key]/+page.ts index dd34b47e4b..380c9d0024 100644 --- a/web/src/routes/(user)/share/[key]/+page.ts +++ b/web/src/routes/(user)/share/[key]/+page.ts @@ -1,7 +1,6 @@ import { getAssetThumbnailUrl } from '$lib/utils'; import { authenticate } from '$lib/utils/auth'; -import { ThumbnailFormat, getMySharedLink } from '@immich/sdk'; -import { error as throwError, type HttpError } from '@sveltejs/kit'; +import { ThumbnailFormat, getMySharedLink, isHttpError } from '@immich/sdk'; import type { PageLoad } from './$types'; export const load = (async ({ params }) => { @@ -22,9 +21,7 @@ export const load = (async ({ params }) => { }, }; } catch (error) { - // handle unauthorized error - // TODO this doesn't allow for 404 shared links anymore - if ((error as HttpError).status === 401) { + if (isHttpError(error) && error.data.message === 'Invalid password') { return { passwordRequired: true, sharedLinkKey: key, @@ -34,8 +31,6 @@ export const load = (async ({ params }) => { }; } - throwError(404, { - message: 'Invalid shared link', - }); + throw error; } }) satisfies PageLoad;