c-l/immich
1
0
Fork 0
mirror of https://github.com/immich-app/immich.git synced 2025-01-17 01:06:46 +01:00
Code Releases Activity

merge main

Browse source
This commit is contained in:
martabal 2024-05-28 00:04:45 +02:00
commit fec3a04123
No known key found for this signature in database
GPG key ID: C00196E3148A52BD
140 changed files with 2180 additions and 1647 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
cli/src/commands/auth.ts
View file

@ -1,4 +1,4 @@
import { getMyUserInfo } from '@immich/sdk'; import { getMyUser } from '@immich/sdk';
import { existsSync } from 'node:fs'; import { existsSync } from 'node:fs';
import { mkdir, unlink } from 'node:fs/promises'; import { mkdir, unlink } from 'node:fs/promises';
import { BaseOptions, connect, getAuthFilePath, logError, withError, writeAuthFile } from 'src/utils'; import { BaseOptions, connect, getAuthFilePath, logError, withError, writeAuthFile } from 'src/utils';
@ -10,13 +10,13 @@ export const login = async (url: string, key: string, options: BaseOptions) => {
await connect(url, key); await connect(url, key);
const [error, userInfo] = await withError(getMyUserInfo()); const [error, user] = await withError(getMyUser());
if (error) { if (error) {
logError(error, 'Failed to load user info'); logError(error, 'Failed to load user info');
process.exit(1); process.exit(1);
} }
console.log(`Logged in as ${userInfo.email}`); console.log(`Logged in as ${user.email}`);
if (!existsSync(configDir)) { if (!existsSync(configDir)) {
// Create config folder if it doesn't exist // Create config folder if it doesn't exist

4
cli/src/commands/server-info.ts
View file

@ -1,4 +1,4 @@
import { getAssetStatistics, getMyUserInfo, getServerVersion, getSupportedMediaTypes } from '@immich/sdk'; import { getAssetStatistics, getMyUser, getServerVersion, getSupportedMediaTypes } from '@immich/sdk';
import { BaseOptions, authenticate } from 'src/utils'; import { BaseOptions, authenticate } from 'src/utils';
export const serverInfo = async (options: BaseOptions) => { export const serverInfo = async (options: BaseOptions) => {
@ -8,7 +8,7 @@ export const serverInfo = async (options: BaseOptions) => {
getServerVersion(), getServerVersion(),
getSupportedMediaTypes(), getSupportedMediaTypes(),
getAssetStatistics({}), getAssetStatistics({}),
getMyUserInfo(), getMyUser(),
]); ]);
console.log(`Server Info (via ${userInfo.email})`); console.log(`Server Info (via ${userInfo.email})`);

4
cli/src/utils.ts
View file

@ -1,4 +1,4 @@
import { getMyUserInfo, init, isHttpError } from '@immich/sdk'; import { getMyUser, init, isHttpError } from '@immich/sdk';
import { glob } from 'fast-glob'; import { glob } from 'fast-glob';
import { createHash } from 'node:crypto'; import { createHash } from 'node:crypto';
import { createReadStream } from 'node:fs'; import { createReadStream } from 'node:fs';
@ -48,7 +48,7 @@ export const connect = async (url: string, key: string) => {
init({ baseUrl: url, apiKey: key }); init({ baseUrl: url, apiKey: key });
const [error] = await withError(getMyUserInfo()); const [error] = await withError(getMyUser());
if (isHttpError(error)) { if (isHttpError(error)) {
logError(error, 'Failed to connect to server'); logError(error, 'Failed to connect to server');
process.exit(1); process.exit(1);

3
docker/docker-compose.dev.yml
View file

@ -9,6 +9,9 @@ services:
container_name: immich_server container_name: immich_server
command: ['/usr/src/app/bin/immich-dev'] command: ['/usr/src/app/bin/immich-dev']
image: immich-server-dev:latest image: immich-server-dev:latest
# extends:
# file: hwaccel.transcoding.yml
# service: cpu # set to one of [nvenc, quicksync, rkmpp, vaapi, vaapi-wsl] for accelerated transcoding
build: build:
context: ../ context: ../
dockerfile: server/Dockerfile dockerfile: server/Dockerfile

3
docker/docker-compose.prod.yml
View file

@ -4,6 +4,9 @@ services:
immich-server: immich-server:
container_name: immich_server container_name: immich_server
image: immich-server:latest image: immich-server:latest
# extends:
# file: hwaccel.transcoding.yml
# service: cpu # set to one of [nvenc, quicksync, rkmpp, vaapi, vaapi-wsl] for accelerated transcoding
build: build:
context: ../ context: ../
dockerfile: server/Dockerfile dockerfile: server/Dockerfile

3
docker/docker-compose.yml
View file

@ -12,6 +12,9 @@ services:
immich-server: immich-server:
container_name: immich_server container_name: immich_server
image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release} image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release}
# extends:
# file: hwaccel.transcoding.yml
# service: cpu # set to one of [nvenc, quicksync, rkmpp, vaapi, vaapi-wsl] for accelerated transcoding
volumes: volumes:
- ${UPLOAD_LOCATION}:/usr/src/app/upload - ${UPLOAD_LOCATION}:/usr/src/app/upload
- /etc/localtime:/etc/localtime:ro - /etc/localtime:/etc/localtime:ro

BIN
docs/docs/administration/img/google-example.webp Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 11 KiB

BIN
docs/docs/administration/img/immich-google-example.webp Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 113 KiB

38
docs/docs/administration/oauth.md
View file

@ -110,8 +110,44 @@ Immich has a route (`/api/oauth/mobile-redirect`) that is already configured to
## Example Configuration ## Example Configuration
<details>
<summary>Authentik Example</summary>
### Authentik Example
Here's an example of OAuth configured for Authentik: Here's an example of OAuth configured for Authentik:
![OAuth Settings](./img/oauth-settings.png) <img src={require('./img/oauth-settings.png').default} title="OAuth settings" />
</details>
<details>
<summary>Google Example</summary>
### Google Example
Configuration of Authorised redirect URIs (Google Console)
<img src={require('./img/google-example.webp').default} width='50%' title="Authorised redirect URIs" />
Configuration of OAuth in System Settings
| Setting | Value |
| ---------------------------- | ------------------------------------------------------------------------------------------------------ |
| Issuer URL | [https://accounts.google.com](https://accounts.google.com) |
| Client ID | 7\***\*\*\*\*\*\*\***\*\*\***\*\*\*\*\*\*\***vuls.apps.googleusercontent.com |
| Client Secret | G\***\*\*\*\*\*\*\***\*\*\***\*\*\*\*\*\*\***OO |
| Scope | openid email profile |
| Signing Algorithm | RS256 |
| Storage Label Claim | preferred_username |
| Storage Quota Claim | immich_quota |
| Default Storage Quota (GiB) | 0 (0 for unlimited quota) |
| Button Text | Sign in with Google (optional) |
| Auto Register | Enabled (optional) |
| Auto Launch | Enabled |
| Mobile Redirect URI Override | Enabled (required) |
| Mobile Redirect URI | [https://demo.immich.app/api/oauth/mobile-redirect](https://demo.immich.app/api/oauth/mobile-redirect) |
</details>
[oidc]: https://openid.net/connect/ [oidc]: https://openid.net/connect/

4
e2e/src/api/specs/album.e2e-spec.ts
View file

@ -4,7 +4,7 @@ import {
AlbumUserRole, AlbumUserRole,
AssetFileUploadResponseDto, AssetFileUploadResponseDto,
AssetOrder, AssetOrder,
deleteUser, deleteUserAdmin,
getAlbumInfo, getAlbumInfo,
LoginResponseDto, LoginResponseDto,
SharedLinkType, SharedLinkType,
@ -107,7 +107,7 @@ describe('/albums', () => {
}), }),
]); ]);
await deleteUser({ id: user3.userId, deleteUserDto: {} }, { headers: asBearerAuth(admin.accessToken) }); await deleteUserAdmin({ id: user3.userId, userAdminDeleteDto: {} }, { headers: asBearerAuth(admin.accessToken) });
}); });
describe('GET /albums', () => { describe('GET /albums', () => {

4
e2e/src/api/specs/asset.e2e-spec.ts
View file

@ -5,7 +5,7 @@ import {
LoginResponseDto, LoginResponseDto,
SharedLinkType, SharedLinkType,
getAssetInfo, getAssetInfo,
getMyUserInfo, getMyUser,
updateAssets, updateAssets,
} from '@immich/sdk'; } from '@immich/sdk';
import { exiftool } from 'exiftool-vendored'; import { exiftool } from 'exiftool-vendored';
@ -1168,7 +1168,7 @@ describe('/asset', () => {
expect(body).toEqual({ id: expect.any(String), duplicate: false }); expect(body).toEqual({ id: expect.any(String), duplicate: false });
expect(status).toBe(201); expect(status).toBe(201);
const user = await getMyUserInfo({ headers: asBearerAuth(quotaUser.accessToken) }); const user = await getMyUser({ headers: asBearerAuth(quotaUser.accessToken) });
expect(user).toEqual(expect.objectContaining({ quotaUsageInBytes: 70 })); expect(user).toEqual(expect.objectContaining({ quotaUsageInBytes: 70 }));
}); });

4
e2e/src/api/specs/shared-link.e2e-spec.ts
View file

@ -5,7 +5,7 @@ import {
SharedLinkResponseDto, SharedLinkResponseDto,
SharedLinkType, SharedLinkType,
createAlbum, createAlbum,
deleteUser, deleteUserAdmin,
} from '@immich/sdk'; } from '@immich/sdk';
import { createUserDto, uuidDto } from 'src/fixtures'; import { createUserDto, uuidDto } from 'src/fixtures';
import { errorDto } from 'src/responses'; import { errorDto } from 'src/responses';
@ -86,7 +86,7 @@ describe('/shared-links', () => {
}), }),
]); ]);
await deleteUser({ id: user2.userId, deleteUserDto: {} }, { headers: asBearerAuth(admin.accessToken) }); await deleteUserAdmin({ id: user2.userId, userAdminDeleteDto: {} }, { headers: asBearerAuth(admin.accessToken) });
}); });
describe('GET /share/${key}', () => { describe('GET /share/${key}', () => {

317
e2e/src/api/specs/user-admin.e2e-spec.ts Normal file
View file

@ -0,0 +1,317 @@
import { LoginResponseDto, deleteUserAdmin, getMyUser, getUserAdmin, login } from '@immich/sdk';
import { Socket } from 'socket.io-client';
import { createUserDto, uuidDto } from 'src/fixtures';
import { errorDto } from 'src/responses';
import { app, asBearerAuth, utils } from 'src/utils';
import request from 'supertest';
import { afterAll, beforeAll, describe, expect, it } from 'vitest';
describe('/admin/users', () => {
let websocket: Socket;
let admin: LoginResponseDto;
let nonAdmin: LoginResponseDto;
let deletedUser: LoginResponseDto;
let userToDelete: LoginResponseDto;
let userToHardDelete: LoginResponseDto;
beforeAll(async () => {
await utils.resetDatabase();
admin = await utils.adminSetup({ onboarding: false });
[websocket, nonAdmin, deletedUser, userToDelete, userToHardDelete] = await Promise.all([
utils.connectWebsocket(admin.accessToken),
utils.userSetup(admin.accessToken, createUserDto.user1),
utils.userSetup(admin.accessToken, createUserDto.user2),
utils.userSetup(admin.accessToken, createUserDto.user3),
utils.userSetup(admin.accessToken, createUserDto.user4),
]);
await deleteUserAdmin(
{ id: deletedUser.userId, userAdminDeleteDto: {} },
{ headers: asBearerAuth(admin.accessToken) },
);
});
afterAll(() => {
utils.disconnectWebsocket(websocket);
});
describe('GET /admin/users', () => {
it('should require authentication', async () => {
const { status, body } = await request(app).get(`/admin/users`);
expect(status).toBe(401);
expect(body).toEqual(errorDto.unauthorized);
});
it('should require authorization', async () => {
const { status, body } = await request(app)
.get(`/admin/users`)
.set('Authorization', `Bearer ${nonAdmin.accessToken}`);
expect(status).toBe(403);
expect(body).toEqual(errorDto.forbidden);
});
it('should hide deleted users by default', async () => {
const { status, body } = await request(app)
.get(`/admin/users`)
.set('Authorization', `Bearer ${admin.accessToken}`);
expect(status).toBe(200);
expect(body).toHaveLength(4);
expect(body).toEqual(
expect.arrayContaining([
expect.objectContaining({ email: admin.userEmail }),
expect.objectContaining({ email: nonAdmin.userEmail }),
expect.objectContaining({ email: userToDelete.userEmail }),
expect.objectContaining({ email: userToHardDelete.userEmail }),
]),
);
});
it('should include deleted users', async () => {
const { status, body } = await request(app)
.get(`/admin/users?withDeleted=true`)
.set('Authorization', `Bearer ${admin.accessToken}`);
expect(status).toBe(200);
expect(body).toHaveLength(5);
expect(body).toEqual(
expect.arrayContaining([
expect.objectContaining({ email: admin.userEmail }),
expect.objectContaining({ email: nonAdmin.userEmail }),
expect.objectContaining({ email: userToDelete.userEmail }),
expect.objectContaining({ email: userToHardDelete.userEmail }),
expect.objectContaining({ email: deletedUser.userEmail }),
]),
);
});
});
describe('POST /admin/users', () => {
it('should require authentication', async () => {
const { status, body } = await request(app).post(`/admin/users`).send(createUserDto.user1);
expect(status).toBe(401);
expect(body).toEqual(errorDto.unauthorized);
});
it('should require authorization', async () => {
const { status, body } = await request(app)
.post(`/admin/users`)
.set('Authorization', `Bearer ${nonAdmin.accessToken}`)
.send(createUserDto.user1);
expect(status).toBe(403);
expect(body).toEqual(errorDto.forbidden);
});
for (const key of [
'password',
'email',
'name',
'quotaSizeInBytes',
'shouldChangePassword',
'memoriesEnabled',
'notify',
]) {
it(`should not allow null ${key}`, async () => {
const { status, body } = await request(app)
.post(`/admin/users`)
.set('Authorization', `Bearer ${admin.accessToken}`)
.send({ ...createUserDto.user1, [key]: null });
expect(status).toBe(400);
expect(body).toEqual(errorDto.badRequest());
});
}
it('should ignore `isAdmin`', async () => {
const { status, body } = await request(app)
.post(`/admin/users`)
.send({
isAdmin: true,
email: 'user5@immich.cloud',
password: 'password123',
name: 'Immich',
})
.set('Authorization', `Bearer ${admin.accessToken}`);
expect(body).toMatchObject({
email: 'user5@immich.cloud',
isAdmin: false,
shouldChangePassword: true,
});
expect(status).toBe(201);
});
it('should create a user without memories enabled', async () => {
const { status, body } = await request(app)
.post(`/admin/users`)
.send({
email: 'no-memories@immich.cloud',
password: 'Password123',
name: 'No Memories',
memoriesEnabled: false,
})
.set('Authorization', `Bearer ${admin.accessToken}`);
expect(body).toMatchObject({
email: 'no-memories@immich.cloud',
memoriesEnabled: false,
});
expect(status).toBe(201);
});
});
describe('PUT /admin/users/:id', () => {
it('should require authentication', async () => {
const { status, body } = await request(app).put(`/admin/users/${uuidDto.notFound}`);
expect(status).toBe(401);
expect(body).toEqual(errorDto.unauthorized);
});
it('should require authorization', async () => {
const { status, body } = await request(app)
.put(`/admin/users/${uuidDto.notFound}`)
.set('Authorization', `Bearer ${nonAdmin.accessToken}`);
expect(status).toBe(403);
expect(body).toEqual(errorDto.forbidden);
});
for (const key of ['password', 'email', 'name', 'shouldChangePassword', 'memoriesEnabled']) {
it(`should not allow null ${key}`, async () => {
const { status, body } = await request(app)
.put(`/admin/users/${uuidDto.notFound}`)
.set('Authorization', `Bearer ${admin.accessToken}`)
.send({ [key]: null });
expect(status).toBe(400);
expect(body).toEqual(errorDto.badRequest());
});
}
it('should not allow a non-admin to become an admin', async () => {
const { status, body } = await request(app)
.put(`/admin/users/${nonAdmin.userId}`)
.send({ isAdmin: true })
.set('Authorization', `Bearer ${admin.accessToken}`);
expect(status).toBe(200);
expect(body).toMatchObject({ isAdmin: false });
});
it('ignores updates to profileImagePath', async () => {
const { status, body } = await request(app)
.put(`/admin/users/${admin.userId}`)
.send({ profileImagePath: 'invalid.jpg' })
.set('Authorization', `Bearer ${admin.accessToken}`);
expect(status).toBe(200);
expect(body).toMatchObject({ id: admin.userId, profileImagePath: '' });
});
it('should update first and last name', async () => {
const before = await getUserAdmin({ id: admin.userId }, { headers: asBearerAuth(admin.accessToken) });
const { status, body } = await request(app)
.put(`/admin/users/${admin.userId}`)
.send({ name: 'Name' })
.set('Authorization', `Bearer ${admin.accessToken}`);
expect(status).toBe(200);
expect(body).toEqual({
...before,
updatedAt: expect.any(String),
name: 'Name',
});
expect(before.updatedAt).not.toEqual(body.updatedAt);
});
it('should update memories enabled', async () => {
const before = await getUserAdmin({ id: admin.userId }, { headers: asBearerAuth(admin.accessToken) });
const { status, body } = await request(app)
.put(`/admin/users/${admin.userId}`)
.send({ memoriesEnabled: false })
.set('Authorization', `Bearer ${admin.accessToken}`);
expect(status).toBe(200);
expect(body).toMatchObject({
...before,
updatedAt: expect.anything(),
memoriesEnabled: false,
});
expect(before.updatedAt).not.toEqual(body.updatedAt);
});
it('should update password', async () => {
const { status, body } = await request(app)
.put(`/admin/users/${nonAdmin.userId}`)
.send({ password: 'super-secret' })
.set('Authorization', `Bearer ${admin.accessToken}`);
expect(status).toBe(200);
expect(body).toMatchObject({ email: nonAdmin.userEmail });
const token = await login({ loginCredentialDto: { email: nonAdmin.userEmail, password: 'super-secret' } });
expect(token.accessToken).toBeDefined();
const user = await getMyUser({ headers: asBearerAuth(token.accessToken) });
expect(user).toMatchObject({ email: nonAdmin.userEmail });
});
});
describe('DELETE /admin/users/:id', () => {
it('should require authentication', async () => {
const { status, body } = await request(app).delete(`/admin/users/${userToDelete.userId}`);
expect(status).toBe(401);
expect(body).toEqual(errorDto.unauthorized);
});
it('should require authorization', async () => {
const { status, body } = await request(app)
.delete(`/admin/users/${userToDelete.userId}`)
.set('Authorization', `Bearer ${nonAdmin.accessToken}`);
expect(status).toBe(403);
expect(body).toEqual(errorDto.forbidden);
});
it('should delete user', async () => {
const { status, body } = await request(app)
.delete(`/admin/users/${userToDelete.userId}`)
.set('Authorization', `Bearer ${admin.accessToken}`);
expect(status).toBe(200);
expect(body).toMatchObject({
id: userToDelete.userId,
updatedAt: expect.any(String),
deletedAt: expect.any(String),
});
});
it('should hard delete a user', async () => {
const { status, body } = await request(app)
.delete(`/admin/users/${userToHardDelete.userId}`)
.send({ force: true })
.set('Authorization', `Bearer ${admin.accessToken}`);
expect(status).toBe(200);
expect(body).toMatchObject({
id: userToHardDelete.userId,
updatedAt: expect.any(String),
deletedAt: expect.any(String),
});
await utils.waitForWebsocketEvent({ event: 'userDelete', id: userToHardDelete.userId, timeout: 5000 });
});
});
describe('POST /admin/users/:id/restore', () => {
it('should require authentication', async () => {
const { status, body } = await request(app).post(`/admin/users/${userToDelete.userId}/restore`);
expect(status).toBe(401);
expect(body).toEqual(errorDto.unauthorized);
});
it('should require authorization', async () => {
const { status, body } = await request(app)
.post(`/admin/users/${userToDelete.userId}/restore`)
.set('Authorization', `Bearer ${nonAdmin.accessToken}`);
expect(status).toBe(403);
expect(body).toEqual(errorDto.forbidden);
});
});
});

315
e2e/src/api/specs/user.e2e-spec.ts
View file

@ -1,37 +1,28 @@
import { LoginResponseDto, deleteUser, getUserById } from '@immich/sdk'; import { LoginResponseDto, SharedLinkType, deleteUserAdmin, getMyUser, login } from '@immich/sdk';
import { Socket } from 'socket.io-client'; import { createUserDto } from 'src/fixtures';
import { createUserDto, userDto } from 'src/fixtures';
import { errorDto } from 'src/responses'; import { errorDto } from 'src/responses';
import { app, asBearerAuth, utils } from 'src/utils'; import { app, asBearerAuth, utils } from 'src/utils';
import request from 'supertest'; import request from 'supertest';
import { afterAll, beforeAll, describe, expect, it } from 'vitest'; import { beforeAll, describe, expect, it } from 'vitest';
describe('/users', () => { describe('/users', () => {
let websocket: Socket;
let admin: LoginResponseDto; let admin: LoginResponseDto;
let deletedUser: LoginResponseDto; let deletedUser: LoginResponseDto;
let userToDelete: LoginResponseDto;
let userToHardDelete: LoginResponseDto;
let nonAdmin: LoginResponseDto; let nonAdmin: LoginResponseDto;
beforeAll(async () => { beforeAll(async () => {
await utils.resetDatabase(); await utils.resetDatabase();
admin = await utils.adminSetup({ onboarding: false }); admin = await utils.adminSetup({ onboarding: false });
[websocket, deletedUser, nonAdmin, userToDelete, userToHardDelete] = await Promise.all([ [deletedUser, nonAdmin] = await Promise.all([
utils.connectWebsocket(admin.accessToken),
utils.userSetup(admin.accessToken, createUserDto.user1), utils.userSetup(admin.accessToken, createUserDto.user1),
utils.userSetup(admin.accessToken, createUserDto.user2), utils.userSetup(admin.accessToken, createUserDto.user2),
utils.userSetup(admin.accessToken, createUserDto.user3),
utils.userSetup(admin.accessToken, createUserDto.user4),
]); ]);
await deleteUser({ id: deletedUser.userId, deleteUserDto: {} }, { headers: asBearerAuth(admin.accessToken) }); await deleteUserAdmin(
}); { id: deletedUser.userId, userAdminDeleteDto: {} },
{ headers: asBearerAuth(admin.accessToken) },
afterAll(() => { );
utils.disconnectWebsocket(websocket);
}); });
describe('GET /users', () => { describe('GET /users', () => {
@ -44,71 +35,14 @@ describe('/users', () => {
it('should get users', async () => { it('should get users', async () => {
const { status, body } = await request(app).get('/users').set('Authorization', `Bearer ${admin.accessToken}`); const { status, body } = await request(app).get('/users').set('Authorization', `Bearer ${admin.accessToken}`);
expect(status).toEqual(200); expect(status).toEqual(200);
expect(body).toHaveLength(5); expect(body).toHaveLength(2);
expect(body).toEqual(
expect.arrayContaining([
expect.objectContaining({ email: 'admin@immich.cloud' }),
expect.objectContaining({ email: 'user1@immich.cloud' }),
expect.objectContaining({ email: 'user2@immich.cloud' }),
expect.objectContaining({ email: 'user3@immich.cloud' }),
expect.objectContaining({ email: 'user4@immich.cloud' }),
]),
);
});
it('should hide deleted users', async () => {
const { status, body } = await request(app)
.get(`/users`)
.query({ isAll: true })
.set('Authorization', `Bearer ${admin.accessToken}`);
expect(status).toBe(200);
expect(body).toHaveLength(4);
expect(body).toEqual( expect(body).toEqual(
expect.arrayContaining([ expect.arrayContaining([
expect.objectContaining({ email: 'admin@immich.cloud' }), expect.objectContaining({ email: 'admin@immich.cloud' }),
expect.objectContaining({ email: 'user2@immich.cloud' }), expect.objectContaining({ email: 'user2@immich.cloud' }),
expect.objectContaining({ email: 'user3@immich.cloud' }),
expect.objectContaining({ email: 'user4@immich.cloud' }),
]), ]),
); );
}); });
it('should include deleted users', async () => {
const { status, body } = await request(app)
.get(`/users`)
.query({ isAll: false })
.set('Authorization', `Bearer ${admin.accessToken}`);
expect(status).toBe(200);
expect(body).toHaveLength(5);
expect(body).toEqual(
expect.arrayContaining([
expect.objectContaining({ email: 'admin@immich.cloud' }),
expect.objectContaining({ email: 'user1@immich.cloud' }),
expect.objectContaining({ email: 'user2@immich.cloud' }),
expect.objectContaining({ email: 'user3@immich.cloud' }),
expect.objectContaining({ email: 'user4@immich.cloud' }),
]),
);
});
});
describe('GET /users/:id', () => {
it('should require authentication', async () => {
const { status } = await request(app).get(`/users/${admin.userId}`);
expect(status).toEqual(401);
});
it('should get the user info', async () => {
const { status, body } = await request(app)
.get(`/users/${admin.userId}`)
.set('Authorization', `Bearer ${admin.accessToken}`);
expect(status).toBe(200);
expect(body).toMatchObject({
id: admin.userId,
email: 'admin@immich.cloud',
});
});
}); });
describe('GET /users/me', () => { describe('GET /users/me', () => {
@ -118,154 +52,54 @@ describe('/users', () => {
expect(body).toEqual(errorDto.unauthorized); expect(body).toEqual(errorDto.unauthorized);
}); });
it('should get my info', async () => { it('should not work for shared links', async () => {
const album = await utils.createAlbum(admin.accessToken, { albumName: 'Album' });
const sharedLink = await utils.createSharedLink(admin.accessToken, {
type: SharedLinkType.Album,
albumId: album.id,
});
const { status, body } = await request(app).get(`/users/me?key=${sharedLink.key}`);
expect(status).toBe(403);
expect(body).toEqual(errorDto.forbidden);
});
it('should get my user', async () => {
const { status, body } = await request(app).get(`/users/me`).set('Authorization', `Bearer ${admin.accessToken}`); const { status, body } = await request(app).get(`/users/me`).set('Authorization', `Bearer ${admin.accessToken}`);
expect(status).toBe(200); expect(status).toBe(200);
expect(body).toMatchObject({ expect(body).toMatchObject({
id: admin.userId, id: admin.userId,
email: 'admin@immich.cloud', email: 'admin@immich.cloud',
memoriesEnabled: true,
quotaUsageInBytes: 0,
}); });
}); });
}); });
describe('POST /users', () => { describe('PUT /users/me', () => {
it('should require authentication', async () => { it('should require authentication', async () => {
const { status, body } = await request(app).post(`/users`).send(createUserDto.user1); const { status, body } = await request(app).put(`/users/me`);
expect(status).toBe(401); expect(status).toBe(401);
expect(body).toEqual(errorDto.unauthorized); expect(body).toEqual(errorDto.unauthorized);
}); });
for (const key of Object.keys(createUserDto.user1)) { for (const key of ['email', 'name', 'memoriesEnabled', 'avatarColor']) {
it(`should not allow null ${key}`, async () => { it(`should not allow null ${key}`, async () => {
const dto = { [key]: null };
const { status, body } = await request(app) const { status, body } = await request(app)
.post(`/users`) .put(`/users/me`)
.set('Authorization', `Bearer ${admin.accessToken}`) .set('Authorization', `Bearer ${admin.accessToken}`)
.send({ ...createUserDto.user1, [key]: null }); .send(dto);
expect(status).toBe(400); expect(status).toBe(400);
expect(body).toEqual(errorDto.badRequest()); expect(body).toEqual(errorDto.badRequest());
}); });
} }
it('should ignore `isAdmin`', async () => {
const { status, body } = await request(app)
.post(`/users`)
.send({
isAdmin: true,
email: 'user5@immich.cloud',
password: 'password123',
name: 'Immich',
})
.set('Authorization', `Bearer ${admin.accessToken}`);
expect(body).toMatchObject({
email: 'user5@immich.cloud',
isAdmin: false,
shouldChangePassword: true,
});
expect(status).toBe(201);
});
it('should create a user without memories enabled', async () => {
const { status, body } = await request(app)
.post(`/users`)
.send({
email: 'no-memories@immich.cloud',
password: 'Password123',
name: 'No Memories',
memoriesEnabled: false,
})
.set('Authorization', `Bearer ${admin.accessToken}`);
expect(body).toMatchObject({
email: 'no-memories@immich.cloud',
memoriesEnabled: false,
});
expect(status).toBe(201);
});
});
describe('DELETE /users/:id', () => {
it('should require authentication', async () => {
const { status, body } = await request(app).delete(`/users/${userToDelete.userId}`);
expect(status).toBe(401);
expect(body).toEqual(errorDto.unauthorized);
});
it('should delete user', async () => {
const { status, body } = await request(app)
.delete(`/users/${userToDelete.userId}`)
.set('Authorization', `Bearer ${admin.accessToken}`);
expect(status).toBe(200);
expect(body).toMatchObject({
id: userToDelete.userId,
updatedAt: expect.any(String),
deletedAt: expect.any(String),
});
});
it('should hard delete user', async () => {
const { status, body } = await request(app)
.delete(`/users/${userToHardDelete.userId}`)
.send({ force: true })
.set('Authorization', `Bearer ${admin.accessToken}`);
expect(status).toBe(200);
expect(body).toMatchObject({
id: userToHardDelete.userId,
updatedAt: expect.any(String),
deletedAt: expect.any(String),
});
await utils.waitForWebsocketEvent({ event: 'userDelete', id: userToHardDelete.userId, timeout: 5000 });
});
});
describe('PUT /users', () => {
it('should require authentication', async () => {
const { status, body } = await request(app).put(`/users`);
expect(status).toBe(401);
expect(body).toEqual(errorDto.unauthorized);
});
for (const key of Object.keys(userDto.admin)) {
it(`should not allow null ${key}`, async () => {
const { status, body } = await request(app)
.put(`/users`)
.set('Authorization', `Bearer ${admin.accessToken}`)
.send({ ...userDto.admin, [key]: null });
expect(status).toBe(400);
expect(body).toEqual(errorDto.badRequest());
});
}
it('should not allow a non-admin to become an admin', async () => {
const { status, body } = await request(app)
.put(`/users`)
.send({ isAdmin: true, id: nonAdmin.userId })
.set('Authorization', `Bearer ${admin.accessToken}`);
expect(status).toBe(400);
expect(body).toEqual(errorDto.alreadyHasAdmin);
});
it('ignores updates to profileImagePath', async () => {
const { status, body } = await request(app)
.put(`/users`)
.send({ id: admin.userId, profileImagePath: 'invalid.jpg' })
.set('Authorization', `Bearer ${admin.accessToken}`);
expect(status).toBe(200);
expect(body).toMatchObject({ id: admin.userId, profileImagePath: '' });
});
it('should update first and last name', async () => { it('should update first and last name', async () => {
const before = await getUserById({ id: admin.userId }, { headers: asBearerAuth(admin.accessToken) }); const before = await getMyUser({ headers: asBearerAuth(admin.accessToken) });
const { status, body } = await request(app) const { status, body } = await request(app)
.put(`/users`) .put(`/users/me`)
.send({ .send({ name: 'Name' })
id: admin.userId,
name: 'Name',
})
.set('Authorization', `Bearer ${admin.accessToken}`); .set('Authorization', `Bearer ${admin.accessToken}`);
expect(status).toBe(200); expect(status).toBe(200);
@ -274,17 +108,13 @@ describe('/users', () => {
updatedAt: expect.any(String), updatedAt: expect.any(String),
name: 'Name', name: 'Name',
}); });
expect(before.updatedAt).not.toEqual(body.updatedAt);
}); });
it('should update memories enabled', async () => { it('should update memories enabled', async () => {
const before = await getUserById({ id: admin.userId }, { headers: asBearerAuth(admin.accessToken) }); const before = await getMyUser({ headers: asBearerAuth(admin.accessToken) });
const { status, body } = await request(app) const { status, body } = await request(app)
.put(`/users`) .put(`/users/me`)
.send({ .send({ memoriesEnabled: false })
id: admin.userId,
memoriesEnabled: false,
})
.set('Authorization', `Bearer ${admin.accessToken}`); .set('Authorization', `Bearer ${admin.accessToken}`);
expect(status).toBe(200); expect(status).toBe(200);
@ -293,7 +123,80 @@ describe('/users', () => {
updatedAt: expect.anything(), updatedAt: expect.anything(),
memoriesEnabled: false, memoriesEnabled: false,
}); });
expect(before.updatedAt).not.toEqual(body.updatedAt);
const after = await getMyUser({ headers: asBearerAuth(admin.accessToken) });
expect(after.memoriesEnabled).toBe(false);
});
/** @deprecated */
it('should allow a user to change their password (deprecated)', async () => {
const user = await getMyUser({ headers: asBearerAuth(nonAdmin.accessToken) });
expect(user.shouldChangePassword).toBe(true);
const { status, body } = await request(app)
.put(`/users/me`)
.send({ password: 'super-secret' })
.set('Authorization', `Bearer ${nonAdmin.accessToken}`);
expect(status).toBe(200);
expect(body).toMatchObject({
email: nonAdmin.userEmail,
shouldChangePassword: false,
});
const token = await login({ loginCredentialDto: { email: nonAdmin.userEmail, password: 'super-secret' } });
expect(token.accessToken).toBeDefined();
});
it('should not allow user to change to a taken email', async () => {
const { status, body } = await request(app)
.put(`/users/me`)
.send({ email: 'admin@immich.cloud' })
.set('Authorization', `Bearer ${nonAdmin.accessToken}`);
expect(status).toBe(400);
expect(body).toMatchObject(errorDto.badRequest('Email already in use by another account'));
});
it('should update my email', async () => {
const before = await getMyUser({ headers: asBearerAuth(nonAdmin.accessToken) });
const { status, body } = await request(app)
.put(`/users/me`)
.send({ email: 'non-admin@immich.cloud' })
.set('Authorization', `Bearer ${nonAdmin.accessToken}`);
expect(status).toBe(200);
expect(body).toMatchObject({
...before,
email: 'non-admin@immich.cloud',
updatedAt: expect.anything(),
});
});
});
describe('GET /users/:id', () => {
it('should require authentication', async () => {
const { status } = await request(app).get(`/users/${admin.userId}`);
expect(status).toEqual(401);
});
it('should get the user', async () => {
const { status, body } = await request(app)
.get(`/users/${admin.userId}`)
.set('Authorization', `Bearer ${admin.accessToken}`);
expect(status).toBe(200);
expect(body).toMatchObject({
id: admin.userId,
email: 'admin@immich.cloud',
});
expect(body).not.toMatchObject({
shouldChangePassword: expect.anything(),
memoriesEnabled: expect.anything(),
storageLabel: expect.anything(),
});
}); });
}); });
}); });

8
e2e/src/utils.ts
View file

@ -5,10 +5,10 @@ import {
CreateAlbumDto, CreateAlbumDto,
CreateAssetDto, CreateAssetDto,
CreateLibraryDto, CreateLibraryDto,
CreateUserDto,
MetadataSearchDto, MetadataSearchDto,
PersonCreateDto, PersonCreateDto,
SharedLinkCreateDto, SharedLinkCreateDto,
UserAdminCreateDto,
ValidateLibraryDto, ValidateLibraryDto,
createAlbum, createAlbum,
createApiKey, createApiKey,
@ -16,7 +16,7 @@ import {
createPartner, createPartner,
createPerson, createPerson,
createSharedLink, createSharedLink,
createUser, createUserAdmin,
deleteAssets, deleteAssets,
getAllJobsStatus, getAllJobsStatus,
getAssetInfo, getAssetInfo,
@ -273,8 +273,8 @@ export const utils = {
return response; return response;
}, },
userSetup: async (accessToken: string, dto: CreateUserDto) => { userSetup: async (accessToken: string, dto: UserAdminCreateDto) => {
await createUser({ createUserDto: dto }, { headers: asBearerAuth(accessToken) }); await createUserAdmin({ userAdminCreateDto: dto }, { headers: asBearerAuth(accessToken) });
return login({ return login({
loginCredentialDto: { email: dto.email, password: dto.password }, loginCredentialDto: { email: dto.email, password: dto.password },
}); });

14
mobile/lib/entities/user.entity.dart
View file

@ -27,7 +27,7 @@ class User {
Id get isarId => fastHash(id); Id get isarId => fastHash(id);
User.fromUserDto(UserResponseDto dto) User.fromUserDto(UserAdminResponseDto dto)
: id = dto.id, : id = dto.id,
updatedAt = dto.updatedAt, updatedAt = dto.updatedAt,
email = dto.email, email = dto.email,
@ -44,21 +44,21 @@ class User {
User.fromPartnerDto(PartnerResponseDto dto) User.fromPartnerDto(PartnerResponseDto dto)
: id = dto.id, : id = dto.id,
updatedAt = dto.updatedAt, updatedAt = DateTime.now(),
email = dto.email, email = dto.email,
name = dto.name, name = dto.name,
isPartnerSharedBy = false, isPartnerSharedBy = false,
isPartnerSharedWith = false, isPartnerSharedWith = false,
profileImagePath = dto.profileImagePath, profileImagePath = dto.profileImagePath,
isAdmin = dto.isAdmin, isAdmin = false,
memoryEnabled = dto.memoriesEnabled ?? false, memoryEnabled = false,
avatarColor = dto.avatarColor.toAvatarColor(), avatarColor = dto.avatarColor.toAvatarColor(),
inTimeline = dto.inTimeline ?? false, inTimeline = dto.inTimeline ?? false,
quotaUsageInBytes = dto.quotaUsageInBytes ?? 0, quotaUsageInBytes = 0,
quotaSizeInBytes = dto.quotaSizeInBytes ?? 0; quotaSizeInBytes = 0;
/// Base user dto used where the complete user object is not required /// Base user dto used where the complete user object is not required
User.fromSimpleUserDto(UserDto dto) User.fromSimpleUserDto(UserResponseDto dto)
: id = dto.id, : id = dto.id,
email = dto.email, email = dto.email,
name = dto.name, name = dto.name,

42
mobile/lib/pages/common/album_viewer.page.dart
View file

@ -133,7 +133,7 @@ class AlbumViewerPage extends HookConsumerWidget {
Widget buildTitle(Album album) { Widget buildTitle(Album album) {
return Padding( return Padding(
padding: const EdgeInsets.only(left: 8, right: 8, top: 24), padding: const EdgeInsets.only(left: 8, right: 8),
child: userId == album.ownerId && album.isRemote child: userId == album.ownerId && album.isRemote
? AlbumViewerEditableTitle( ? AlbumViewerEditableTitle(
album: album, album: album,
@ -228,21 +228,9 @@ class AlbumViewerPage extends HookConsumerWidget {
} }
return Scaffold( return Scaffold(
appBar: ref.watch(multiselectProvider) body: Stack(
? null children: [
: album.when( album.widgetWhen(
data: (data) => AlbumViewerAppbar(
titleFocusNode: titleFocusNode,
album: data,
userId: userId,
onAddPhotos: onAddPhotosPressed,
onAddUsers: onAddUsersPressed,
onActivities: onActivitiesPressed,
),
error: (error, stackTrace) => AppBar(title: const Text("Error")),
loading: () => AppBar(),
),
body: album.widgetWhen(
onData: (data) => MultiselectGrid( onData: (data) => MultiselectGrid(
renderListProvider: albumRenderlistProvider(albumId), renderListProvider: albumRenderlistProvider(albumId),
topWidget: Column( topWidget: Column(
@ -256,6 +244,28 @@ class AlbumViewerPage extends HookConsumerWidget {
editEnabled: data.ownerId == userId, editEnabled: data.ownerId == userId,
), ),
), ),
AnimatedPositioned(
duration: const Duration(milliseconds: 300),
top: ref.watch(multiselectProvider)
? -(kToolbarHeight + MediaQuery.of(context).padding.top)
: 0,
left: 0,
right: 0,
child: album.when(
data: (data) => AlbumViewerAppbar(
titleFocusNode: titleFocusNode,
album: data,
userId: userId,
onAddPhotos: onAddPhotosPressed,
onAddUsers: onAddUsersPressed,
onActivities: onActivitiesPressed,
),
error: (error, stackTrace) => AppBar(title: const Text("Error")),
loading: () => AppBar(),
),
),
],
),
); );
} }
} }

10
mobile/lib/providers/authentication.provider.dart
View file

@ -138,11 +138,9 @@ class AuthenticationNotifier extends StateNotifier<AuthenticationState> {
Future<bool> changePassword(String newPassword) async { Future<bool> changePassword(String newPassword) async {
try { try {
await _apiService.userApi.updateUser( await _apiService.userApi.updateMyUser(
UpdateUserDto( UserUpdateMeDto(
id: state.userId,
password: newPassword, password: newPassword,
shouldChangePassword: false,
), ),
); );
@ -178,9 +176,9 @@ class AuthenticationNotifier extends StateNotifier<AuthenticationState> {
user = offlineUser; user = offlineUser;
retResult = false; retResult = false;
} else { } else {
UserResponseDto? userResponseDto; UserAdminResponseDto? userResponseDto;
try { try {
userResponseDto = await _apiService.userApi.getMyUserInfo(); userResponseDto = await _apiService.userApi.getMyUser();
} on ApiException catch (error, stackTrace) { } on ApiException catch (error, stackTrace) {
_log.severe( _log.severe(
"Error getting user information from the server [API EXCEPTION]", "Error getting user information from the server [API EXCEPTION]",

2
mobile/lib/providers/user.provider.dart
View file

@ -20,7 +20,7 @@ class CurrentUserProvider extends StateNotifier<User?> {
refresh() async { refresh() async {
try { try {
final user = await _apiService.userApi.getMyUserInfo(); final user = await _apiService.userApi.getMyUser();
if (user != null) { if (user != null) {
Store.put( Store.put(
StoreKey.currentUser, StoreKey.currentUser,

2
mobile/lib/routing/tab_navigation_observer.dart
View file

@ -57,7 +57,7 @@ class TabNavigationObserver extends AutoRouterObserver {
// Update user info // Update user info
try { try {
final userResponseDto = final userResponseDto =
await ref.read(apiServiceProvider).userApi.getMyUserInfo(); await ref.read(apiServiceProvider).userApi.getMyUser();
if (userResponseDto == null) { if (userResponseDto == null) {
return; return;

8
mobile/lib/services/user.service.dart
View file

@ -37,10 +37,10 @@ class UserService {
this._partnerService, this._partnerService,
); );
Future<List<User>?> _getAllUsers({required bool isAll}) async { Future<List<User>?> _getAllUsers() async {
try { try {
final dto = await _apiService.userApi.getAllUsers(isAll); final dto = await _apiService.userApi.searchUsers();
return dto?.map(User.fromUserDto).toList(); return dto?.map(User.fromSimpleUserDto).toList();
} catch (e) { } catch (e) {
_log.warning("Failed get all users", e); _log.warning("Failed get all users", e);
return null; return null;
@ -71,7 +71,7 @@ class UserService {
} }
Future<List<User>?> getUsersFromServer() async { Future<List<User>?> getUsersFromServer() async {
final List<User>? users = await _getAllUsers(isAll: true); final List<User>? users = await _getAllUsers();
final List<User>? sharedBy = final List<User>? sharedBy =
await _partnerService.getPartners(PartnerDirection.sharedBy); await _partnerService.getPartners(PartnerDirection.sharedBy);
final List<User>? sharedWith = final List<User>? sharedWith =

8
mobile/lib/widgets/album/album_viewer_editable_title.dart
View file

@ -36,7 +36,9 @@ class AlbumViewerEditableTitle extends HookConsumerWidget {
[], [],
); );
return TextField( return Material(
color: Colors.transparent,
child: TextField(
onChanged: (value) { onChanged: (value) {
if (value.isEmpty) { if (value.isEmpty) {
} else { } else {
@ -57,7 +59,8 @@ class AlbumViewerEditableTitle extends HookConsumerWidget {
} }
}, },
decoration: InputDecoration( decoration: InputDecoration(
contentPadding: const EdgeInsets.symmetric(horizontal: 8, vertical: 8), contentPadding:
const EdgeInsets.symmetric(horizontal: 8, vertical: 8),
suffixIcon: titleFocusNode.hasFocus suffixIcon: titleFocusNode.hasFocus
? IconButton( ? IconButton(
onPressed: () { onPressed: () {
@ -90,6 +93,7 @@ class AlbumViewerEditableTitle extends HookConsumerWidget {
fontWeight: FontWeight.bold, fontWeight: FontWeight.bold,
), ),
), ),
),
); );
} }
} }

6
mobile/lib/widgets/asset_grid/immich_asset_grid_view.dart
View file

@ -238,8 +238,10 @@ class ImmichAssetGridViewState extends ConsumerState<ImmichAssetGridView> {
} }
bool appBarOffset() { bool appBarOffset() {
return ref.watch(tabProvider).index == 0 && return (ref.watch(tabProvider).index == 0 &&
ModalRoute.of(context)?.settings.name == TabControllerRoute.name; ModalRoute.of(context)?.settings.name ==
TabControllerRoute.name) ||
(ModalRoute.of(context)?.settings.name == AlbumViewerRoute.name);
} }
final listWidget = ScrollablePositionedList.builder( final listWidget = ScrollablePositionedList.builder(

BIN
mobile/openapi/lib/api/authentication_api.dart generated
View file

Binary file not shown.

BIN
mobile/openapi/lib/api/o_auth_api.dart generated
View file

Binary file not shown.

BIN
mobile/openapi/lib/api/user_api.dart generated
View file

Binary file not shown.

BIN
mobile/openapi/lib/model/activity_response_dto.dart generated
View file

Binary file not shown.

BIN
mobile/openapi/lib/model/partner_response_dto.dart generated
View file

Binary file not shown.

BIN
mobile/openapi/lib/model/create_user_dto.dart → mobile/openapi/lib/model/user_admin_create_dto.dart generated
View file

Binary file not shown.

BIN
mobile/openapi/lib/model/delete_user_dto.dart → mobile/openapi/lib/model/user_admin_delete_dto.dart generated
View file

Binary file not shown.

BIN
mobile/openapi/lib/model/user_admin_response_dto.dart generated Normal file
View file

Binary file not shown.

BIN
mobile/openapi/lib/model/update_user_dto.dart → mobile/openapi/lib/model/user_admin_update_dto.dart generated
View file

Binary file not shown.

BIN
mobile/openapi/lib/model/user_dto.dart generated
View file

Binary file not shown.

BIN
mobile/openapi/lib/model/user_response_dto.dart generated
View file

Binary file not shown.

BIN
mobile/openapi/lib/model/user_update_me_dto.dart generated Normal file
View file

Binary file not shown.

736
open-api/immich-openapi-specs.json
View file

@ -206,6 +206,274 @@
] ]
} }
}, },
"/admin/users": {
"get": {
"operationId": "searchUsersAdmin",
"parameters": [
{
"name": "withDeleted",
"required": false,
"in": "query",
"schema": {
"type": "boolean"
}
}
],
"responses": {
"200": {
"content": {
"application/json": {
"schema": {
"items": {
"$ref": "#/components/schemas/UserAdminResponseDto"
},
"type": "array"
}
}
},
"description": ""
}
},
"security": [
{
"bearer": []
},
{
"cookie": []
},
{
"api_key": []
}
],
"tags": [
"User"
]
},
"post": {
"operationId": "createUserAdmin",
"parameters": [],
"requestBody": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/UserAdminCreateDto"
}
}
},
"required": true
},
"responses": {
"201": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/UserAdminResponseDto"
}
}
},
"description": ""
}
},
"security": [
{
"bearer": []
},
{
"cookie": []
},
{
"api_key": []
}
],
"tags": [
"User"
]
}
},
"/admin/users/{id}": {
"delete": {
"operationId": "deleteUserAdmin",
"parameters": [
{
"name": "id",
"required": true,
"in": "path",
"schema": {
"format": "uuid",
"type": "string"
}
}
],
"requestBody": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/UserAdminDeleteDto"
}
}
},
"required": true
},
"responses": {
"200": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/UserAdminResponseDto"
}
}
},
"description": ""
}
},
"security": [
{
"bearer": []
},
{
"cookie": []
},
{
"api_key": []
}
],
"tags": [
"User"
]
},
"get": {
"operationId": "getUserAdmin",
"parameters": [
{
"name": "id",
"required": true,
"in": "path",
"schema": {
"format": "uuid",
"type": "string"
}
}
],
"responses": {
"200": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/UserAdminResponseDto"
}
}
},
"description": ""
}
},
"security": [
{
"bearer": []
},
{
"cookie": []
},
{
"api_key": []
}
],
"tags": [
"User"
]
},
"put": {
"operationId": "updateUserAdmin",
"parameters": [
{
"name": "id",
"required": true,
"in": "path",
"schema": {
"format": "uuid",
"type": "string"
}
}
],
"requestBody": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/UserAdminUpdateDto"
}
}
},
"required": true
},
"responses": {
"200": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/UserAdminResponseDto"
}
}
},
"description": ""
}
},
"security": [
{
"bearer": []
},
{
"cookie": []
},
{
"api_key": []
}
],
"tags": [
"User"
]
}
},
"/admin/users/{id}/restore": {
"post": {
"operationId": "restoreUserAdmin",
"parameters": [
{
"name": "id",
"required": true,
"in": "path",
"schema": {
"format": "uuid",
"type": "string"
}
}
],
"responses": {
"201": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/UserAdminResponseDto"
}
}
},
"description": ""
}
},
"security": [
{
"bearer": []
},
{
"cookie": []
},
{
"api_key": []
}
],
"tags": [
"User"
]
}
},
"/albums": { "/albums": {
"get": { "get": {
"operationId": "getAllAlbums", "operationId": "getAllAlbums",
@ -1879,7 +2147,7 @@
"content": { "content": {
"application/json": { "application/json": {
"schema": { "schema": {
"$ref": "#/components/schemas/UserResponseDto" "$ref": "#/components/schemas/UserAdminResponseDto"
} }
} }
}, },
@ -1910,7 +2178,7 @@
"content": { "content": {
"application/json": { "application/json": {
"schema": { "schema": {
"$ref": "#/components/schemas/UserResponseDto" "$ref": "#/components/schemas/UserAdminResponseDto"
} }
} }
}, },
@ -3200,7 +3468,7 @@
"content": { "content": {
"application/json": { "application/json": {
"schema": { "schema": {
"$ref": "#/components/schemas/UserResponseDto" "$ref": "#/components/schemas/UserAdminResponseDto"
} }
} }
}, },
@ -3246,7 +3514,7 @@
"content": { "content": {
"application/json": { "application/json": {
"schema": { "schema": {
"$ref": "#/components/schemas/UserResponseDto" "$ref": "#/components/schemas/UserAdminResponseDto"
} }
} }
}, },
@ -6102,17 +6370,8 @@
}, },
"/users": { "/users": {
"get": { "get": {
"operationId": "getAllUsers", "operationId": "searchUsers",
"parameters": [ "parameters": [],
{
"name": "isAll",
"required": true,
"in": "query",
"schema": {
"type": "boolean"
}
}
],
"responses": { "responses": {
"200": { "200": {
"content": { "content": {
@ -6142,26 +6401,18 @@
"tags": [ "tags": [
"User" "User"
] ]
}
}, },
"post": { "/users/me": {
"operationId": "createUser", "get": {
"operationId": "getMyUser",
"parameters": [], "parameters": [],
"requestBody": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/CreateUserDto"
}
}
},
"required": true
},
"responses": { "responses": {
"201": { "200": {
"content": { "content": {
"application/json": { "application/json": {
"schema": { "schema": {
"$ref": "#/components/schemas/UserResponseDto" "$ref": "#/components/schemas/UserAdminResponseDto"
} }
} }
}, },
@ -6184,13 +6435,13 @@
] ]
}, },
"put": { "put": {
"operationId": "updateUser", "operationId": "updateMyUser",
"parameters": [], "parameters": [],
"requestBody": { "requestBody": {
"content": { "content": {
"application/json": { "application/json": {
"schema": { "schema": {
"$ref": "#/components/schemas/UpdateUserDto" "$ref": "#/components/schemas/UserUpdateMeDto"
} }
} }
}, },
@ -6201,39 +6452,7 @@
"content": { "content": {
"application/json": { "application/json": {
"schema": { "schema": {
"$ref": "#/components/schemas/UserResponseDto" "$ref": "#/components/schemas/UserAdminResponseDto"
}
}
},
"description": ""
}
},
"security": [
{
"bearer": []
},
{
"cookie": []
},
{
"api_key": []
}
],
"tags": [
"User"
]
}
},
"/users/me": {
"get": {
"operationId": "getMyUserInfo",
"parameters": [],
"responses": {
"200": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/UserResponseDto"
} }
} }
}, },
@ -6323,58 +6542,8 @@
} }
}, },
"/users/{id}": { "/users/{id}": {
"delete": {
"operationId": "deleteUser",
"parameters": [
{
"name": "id",
"required": true,
"in": "path",
"schema": {
"format": "uuid",
"type": "string"
}
}
],
"requestBody": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/DeleteUserDto"
}
}
},
"required": true
},
"responses": {
"200": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/UserResponseDto"
}
}
},
"description": ""
}
},
"security": [
{
"bearer": []
},
{
"cookie": []
},
{
"api_key": []
}
],
"tags": [
"User"
]
},
"get": { "get": {
"operationId": "getUserById", "operationId": "getUser",
"parameters": [ "parameters": [
{ {
"name": "id", "name": "id",
@ -6456,48 +6625,6 @@
"User" "User"
] ]
} }
},
"/users/{id}/restore": {
"post": {
"operationId": "restoreUser",
"parameters": [
{
"name": "id",
"required": true,
"in": "path",
"schema": {
"format": "uuid",
"type": "string"
}
}
],
"responses": {
"201": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/UserResponseDto"
}
}
},
"description": ""
}
},
"security": [
{
"bearer": []
},
{
"cookie": []
},
{
"api_key": []
}
],
"tags": [
"User"
]
}
} }
}, },
"info": { "info": {
@ -6639,7 +6766,7 @@
"type": "string" "type": "string"
}, },
"user": { "user": {
"$ref": "#/components/schemas/UserDto" "$ref": "#/components/schemas/UserResponseDto"
} }
}, },
"required": [ "required": [
@ -7844,52 +7971,6 @@
], ],
"type": "object" "type": "object"
}, },
"CreateUserDto": {
"properties": {
"email": {
"type": "string"
},
"memoriesEnabled": {
"type": "boolean"
},
"name": {
"type": "string"
},
"notify": {
"type": "boolean"
},
"password": {
"type": "string"
},
"quotaSizeInBytes": {
"format": "int64",
"minimum": 1,
"nullable": true,
"type": "integer"
},
"shouldChangePassword": {
"type": "boolean"
},
"storageLabel": {
"nullable": true,
"type": "string"
}
},
"required": [
"email",
"name",
"password"
],
"type": "object"
},
"DeleteUserDto": {
"properties": {
"force": {
"type": "boolean"
}
},
"type": "object"
},
"DownloadArchiveInfo": { "DownloadArchiveInfo": {
"properties": { "properties": {
"assetIds": { "assetIds": {
@ -8872,15 +8953,6 @@
"avatarColor": { "avatarColor": {
"$ref": "#/components/schemas/UserAvatarColor" "$ref": "#/components/schemas/UserAvatarColor"
}, },
"createdAt": {
"format": "date-time",
"type": "string"
},
"deletedAt": {
"format": "date-time",
"nullable": true,
"type": "string"
},
"email": { "email": {
"type": "string" "type": "string"
}, },
@ -8890,62 +8962,19 @@
"inTimeline": { "inTimeline": {
"type": "boolean" "type": "boolean"
}, },
"isAdmin": {
"type": "boolean"
},
"memoriesEnabled": {
"type": "boolean"
},
"name": { "name": {
"type": "string" "type": "string"
}, },
"oauthId": {
"type": "string"
},
"profileImagePath": { "profileImagePath": {
"type": "string" "type": "string"
},
"quotaSizeInBytes": {
"format": "int64",
"nullable": true,
"type": "integer"
},
"quotaUsageInBytes": {
"format": "int64",
"nullable": true,
"type": "integer"
},
"shouldChangePassword": {
"type": "boolean"
},
"status": {
"$ref": "#/components/schemas/UserStatus"
},
"storageLabel": {
"nullable": true,
"type": "string"
},
"updatedAt": {
"format": "date-time",
"type": "string"
} }
}, },
"required": [ "required": [
"avatarColor", "avatarColor",
"createdAt",
"deletedAt",
"email", "email",
"id", "id",
"isAdmin",
"name", "name",
"oauthId", "profileImagePath"
"profileImagePath",
"quotaSizeInBytes",
"quotaUsageInBytes",
"shouldChangePassword",
"status",
"storageLabel",
"updatedAt"
], ],
"type": "object" "type": "object"
}, },
@ -10897,48 +10926,6 @@
}, },
"type": "object" "type": "object"
}, },
"UpdateUserDto": {
"properties": {
"avatarColor": {
"$ref": "#/components/schemas/UserAvatarColor"
},
"email": {
"type": "string"
},
"id": {
"format": "uuid",
"type": "string"
},
"isAdmin": {
"type": "boolean"
},
"memoriesEnabled": {
"type": "boolean"
},
"name": {
"type": "string"
},
"password": {
"type": "string"
},
"quotaSizeInBytes": {
"format": "int64",
"minimum": 1,
"nullable": true,
"type": "integer"
},
"shouldChangePassword": {
"type": "boolean"
},
"storageLabel": {
"type": "string"
}
},
"required": [
"id"
],
"type": "object"
},
"UsageByUserDto": { "UsageByUserDto": {
"properties": { "properties": {
"photos": { "photos": {
@ -10973,49 +10960,53 @@
], ],
"type": "object" "type": "object"
}, },
"UserAvatarColor": { "UserAdminCreateDto": {
"enum": [
"primary",
"pink",
"red",
"yellow",
"blue",
"green",
"purple",
"orange",
"gray",
"amber"
],
"type": "string"
},
"UserDto": {
"properties": { "properties": {
"avatarColor": {
"$ref": "#/components/schemas/UserAvatarColor"
},
"email": { "email": {
"type": "string" "type": "string"
}, },
"id": { "memoriesEnabled": {
"type": "string" "type": "boolean"
}, },
"name": { "name": {
"type": "string" "type": "string"
}, },
"profileImagePath": { "notify": {
"type": "boolean"
},
"password": {
"type": "string"
},
"quotaSizeInBytes": {
"format": "int64",
"minimum": 1,
"nullable": true,
"type": "integer"
},
"shouldChangePassword": {
"type": "boolean"
},
"storageLabel": {
"nullable": true,
"type": "string" "type": "string"
} }
}, },
"required": [ "required": [
"avatarColor",
"email", "email",
"id",
"name", "name",
"profileImagePath" "password"
], ],
"type": "object" "type": "object"
}, },
"UserResponseDto": { "UserAdminDeleteDto": {
"properties": {
"force": {
"type": "boolean"
}
},
"type": "object"
},
"UserAdminResponseDto": {
"properties": { "properties": {
"avatarColor": { "avatarColor": {
"$ref": "#/components/schemas/UserAvatarColor" "$ref": "#/components/schemas/UserAvatarColor"
@ -11094,6 +11085,81 @@
], ],
"type": "object" "type": "object"
}, },
"UserAdminUpdateDto": {
"properties": {
"avatarColor": {
"$ref": "#/components/schemas/UserAvatarColor"
},
"email": {
"type": "string"
},
"memoriesEnabled": {
"type": "boolean"
},
"name": {
"type": "string"
},
"password": {
"type": "string"
},
"quotaSizeInBytes": {
"format": "int64",
"minimum": 1,
"nullable": true,
"type": "integer"
},
"shouldChangePassword": {
"type": "boolean"
},
"storageLabel": {
"nullable": true,
"type": "string"
}
},
"type": "object"
},
"UserAvatarColor": {
"enum": [
"primary",
"pink",
"red",
"yellow",
"blue",
"green",
"purple",
"orange",
"gray",
"amber"
],
"type": "string"
},
"UserResponseDto": {
"properties": {
"avatarColor": {
"$ref": "#/components/schemas/UserAvatarColor"
},
"email": {
"type": "string"
},
"id": {
"type": "string"
},
"name": {
"type": "string"
},
"profileImagePath": {
"type": "string"
}
},
"required": [
"avatarColor",
"email",
"id",
"name",
"profileImagePath"
],
"type": "object"
},
"UserStatus": { "UserStatus": {
"enum": [ "enum": [
"active", "active",
@ -11102,6 +11168,26 @@
], ],
"type": "string" "type": "string"
}, },
"UserUpdateMeDto": {
"properties": {
"avatarColor": {
"$ref": "#/components/schemas/UserAvatarColor"
},
"email": {
"type": "string"
},
"memoriesEnabled": {
"type": "boolean"
},
"name": {
"type": "string"
},
"password": {
"type": "string"
}
},
"type": "object"
},
"ValidateAccessTokenResponseDto": { "ValidateAccessTokenResponseDto": {
"properties": { "properties": {
"authStatus": { "authStatus": {

9
open-api/typescript-sdk/README.md
View file

@ -13,13 +13,22 @@ npm i --save @immich/sdk
For a more detailed example, check out the [`@immich/cli`](https://github.com/immich-app/immich/tree/main/cli). For a more detailed example, check out the [`@immich/cli`](https://github.com/immich-app/immich/tree/main/cli).
```typescript ```typescript
<<<<<<< HEAD
import { getAllAlbums, getAllAssets, getMyUser, init } from "@immich/sdk";
=======
import { getAllAlbums, getMyUserInfo, init } from "@immich/sdk"; import { getAllAlbums, getMyUserInfo, init } from "@immich/sdk";
>>>>>>> e7c8501930a988dfb6c23ce1c48b0beb076a58c2
const API_KEY = "<API_KEY>"; // process.env.IMMICH_API_KEY const API_KEY = "<API_KEY>"; // process.env.IMMICH_API_KEY
init({ baseUrl: "https://demo.immich.app/api", apiKey: API_KEY }); init({ baseUrl: "https://demo.immich.app/api", apiKey: API_KEY });
<<<<<<< HEAD
const user = await getMyUser();
const assets = await getAllAssets({ take: 1000 });
=======
const user = await getMyUserInfo(); const user = await getMyUserInfo();
>>>>>>> e7c8501930a988dfb6c23ce1c48b0beb076a58c2
const albums = await getAllAlbums({}); const albums = await getAllAlbums({});
console.log({ user, albums }); console.log({ user, albums });

221
open-api/typescript-sdk/src/fetch-client.ts
View file

@ -14,7 +14,7 @@ const oazapfts = Oazapfts.runtime(defaults);
export const servers = { export const servers = {
server1: "/api" server1: "/api"
}; };
export type UserDto = { export type UserResponseDto = {
avatarColor: UserAvatarColor; avatarColor: UserAvatarColor;
email: string; email: string;
id: string; id: string;
@ -27,7 +27,7 @@ export type ActivityResponseDto = {
createdAt: string; createdAt: string;
id: string; id: string;
"type": Type; "type": Type;
user: UserDto; user: UserResponseDto;
}; };
export type ActivityCreateDto = { export type ActivityCreateDto = {
albumId: string; albumId: string;
@ -38,7 +38,7 @@ export type ActivityCreateDto = {
export type ActivityStatisticsResponseDto = { export type ActivityStatisticsResponseDto = {
comments: number; comments: number;
}; };
export type UserResponseDto = { export type UserAdminResponseDto = {
avatarColor: UserAvatarColor; avatarColor: UserAvatarColor;
createdAt: string; createdAt: string;
deletedAt: string | null; deletedAt: string | null;
@ -56,6 +56,29 @@ export type UserResponseDto = {
storageLabel: string | null; storageLabel: string | null;
updatedAt: string; updatedAt: string;
}; };
export type UserAdminCreateDto = {
email: string;
memoriesEnabled?: boolean;
name: string;
notify?: boolean;
password: string;
quotaSizeInBytes?: number | null;
shouldChangePassword?: boolean;
storageLabel?: string | null;
};
export type UserAdminDeleteDto = {
force?: boolean;
};
export type UserAdminUpdateDto = {
avatarColor?: UserAvatarColor;
email?: string;
memoriesEnabled?: boolean;
name?: string;
password?: string;
quotaSizeInBytes?: number | null;
shouldChangePassword?: boolean;
storageLabel?: string | null;
};
export type AlbumUserResponseDto = { export type AlbumUserResponseDto = {
role: AlbumUserRole; role: AlbumUserRole;
user: UserResponseDto; user: UserResponseDto;
@ -521,22 +544,11 @@ export type OAuthCallbackDto = {
}; };
export type PartnerResponseDto = { export type PartnerResponseDto = {
avatarColor: UserAvatarColor; avatarColor: UserAvatarColor;
createdAt: string;
deletedAt: string | null;
email: string; email: string;
id: string; id: string;
inTimeline?: boolean; inTimeline?: boolean;
isAdmin: boolean;
memoriesEnabled?: boolean;
name: string; name: string;
oauthId: string;
profileImagePath: string; profileImagePath: string;
quotaSizeInBytes: number | null;
quotaUsageInBytes: number | null;
shouldChangePassword: boolean;
status: UserStatus;
storageLabel: string | null;
updatedAt: string;
}; };
export type UpdatePartnerDto = { export type UpdatePartnerDto = {
inTimeline: boolean; inTimeline: boolean;
@ -1064,27 +1076,12 @@ export type TimeBucketResponseDto = {
count: number; count: number;
timeBucket: string; timeBucket: string;
}; };
export type CreateUserDto = { export type UserUpdateMeDto = {
email: string;
memoriesEnabled?: boolean;
name: string;
notify?: boolean;
password: string;
quotaSizeInBytes?: number | null;
shouldChangePassword?: boolean;
storageLabel?: string | null;
};
export type UpdateUserDto = {
avatarColor?: UserAvatarColor; avatarColor?: UserAvatarColor;
email?: string; email?: string;
id: string;
isAdmin?: boolean;
memoriesEnabled?: boolean; memoriesEnabled?: boolean;
name?: string; name?: string;
password?: string; password?: string;
quotaSizeInBytes?: number | null;
shouldChangePassword?: boolean;
storageLabel?: string;
}; };
export type CreateProfileImageDto = { export type CreateProfileImageDto = {
file: Blob; file: Blob;
@ -1093,9 +1090,6 @@ export type CreateProfileImageResponseDto = {
profileImagePath: string; profileImagePath: string;
userId: string; userId: string;
}; };
export type DeleteUserDto = {
force?: boolean;
};
export function getActivities({ albumId, assetId, level, $type, userId }: { export function getActivities({ albumId, assetId, level, $type, userId }: {
albumId: string; albumId: string;
assetId?: string; assetId?: string;
@ -1150,6 +1144,77 @@ export function deleteActivity({ id }: {
method: "DELETE" method: "DELETE"
})); }));
} }
export function searchUsersAdmin({ withDeleted }: {
withDeleted?: boolean;
}, opts?: Oazapfts.RequestOpts) {
return oazapfts.ok(oazapfts.fetchJson<{
status: 200;
data: UserAdminResponseDto[];
}>(`/admin/users${QS.query(QS.explode({
withDeleted
}))}`, {
...opts
}));
}
export function createUserAdmin({ userAdminCreateDto }: {
userAdminCreateDto: UserAdminCreateDto;
}, opts?: Oazapfts.RequestOpts) {
return oazapfts.ok(oazapfts.fetchJson<{
status: 201;
data: UserAdminResponseDto;
}>("/admin/users", oazapfts.json({
...opts,
method: "POST",
body: userAdminCreateDto
})));
}
export function deleteUserAdmin({ id, userAdminDeleteDto }: {
id: string;
userAdminDeleteDto: UserAdminDeleteDto;
}, opts?: Oazapfts.RequestOpts) {
return oazapfts.ok(oazapfts.fetchJson<{
status: 200;
data: UserAdminResponseDto;
}>(`/admin/users/${encodeURIComponent(id)}`, oazapfts.json({
...opts,
method: "DELETE",
body: userAdminDeleteDto
})));
}
export function getUserAdmin({ id }: {
id: string;
}, opts?: Oazapfts.RequestOpts) {
return oazapfts.ok(oazapfts.fetchJson<{
status: 200;
data: UserAdminResponseDto;
}>(`/admin/users/${encodeURIComponent(id)}`, {
...opts
}));
}
export function updateUserAdmin({ id, userAdminUpdateDto }: {
id: string;
userAdminUpdateDto: UserAdminUpdateDto;
}, opts?: Oazapfts.RequestOpts) {
return oazapfts.ok(oazapfts.fetchJson<{
status: 200;
data: UserAdminResponseDto;
}>(`/admin/users/${encodeURIComponent(id)}`, oazapfts.json({
...opts,
method: "PUT",
body: userAdminUpdateDto
})));
}
export function restoreUserAdmin({ id }: {
id: string;
}, opts?: Oazapfts.RequestOpts) {
return oazapfts.ok(oazapfts.fetchJson<{
status: 201;
data: UserAdminResponseDto;
}>(`/admin/users/${encodeURIComponent(id)}/restore`, {
...opts,
method: "POST"
}));
}
export function getAllAlbums({ assetId, shared }: { export function getAllAlbums({ assetId, shared }: {
assetId?: string; assetId?: string;
shared?: boolean; shared?: boolean;
@ -1593,7 +1658,7 @@ export function signUpAdmin({ signUpDto }: {
}, opts?: Oazapfts.RequestOpts) { }, opts?: Oazapfts.RequestOpts) {
return oazapfts.ok(oazapfts.fetchJson<{ return oazapfts.ok(oazapfts.fetchJson<{
status: 201; status: 201;
data: UserResponseDto; data: UserAdminResponseDto;
}>("/auth/admin-sign-up", oazapfts.json({ }>("/auth/admin-sign-up", oazapfts.json({
...opts, ...opts,
method: "POST", method: "POST",
@ -1605,7 +1670,7 @@ export function changePassword({ changePasswordDto }: {
}, opts?: Oazapfts.RequestOpts) { }, opts?: Oazapfts.RequestOpts) {
return oazapfts.ok(oazapfts.fetchJson<{ return oazapfts.ok(oazapfts.fetchJson<{
status: 200; status: 200;
data: UserResponseDto; data: UserAdminResponseDto;
}>("/auth/change-password", oazapfts.json({ }>("/auth/change-password", oazapfts.json({
...opts, ...opts,
method: "POST", method: "POST",
@ -1949,7 +2014,7 @@ export function linkOAuthAccount({ oAuthCallbackDto }: {
}, opts?: Oazapfts.RequestOpts) { }, opts?: Oazapfts.RequestOpts) {
return oazapfts.ok(oazapfts.fetchJson<{ return oazapfts.ok(oazapfts.fetchJson<{
status: 201; status: 201;
data: UserResponseDto; data: UserAdminResponseDto;
}>("/oauth/link", oazapfts.json({ }>("/oauth/link", oazapfts.json({
...opts, ...opts,
method: "POST", method: "POST",
@ -1964,7 +2029,7 @@ export function redirectOAuthToMobile(opts?: Oazapfts.RequestOpts) {
export function unlinkOAuthAccount(opts?: Oazapfts.RequestOpts) { export function unlinkOAuthAccount(opts?: Oazapfts.RequestOpts) {
return oazapfts.ok(oazapfts.fetchJson<{ return oazapfts.ok(oazapfts.fetchJson<{
status: 201; status: 201;
data: UserResponseDto; data: UserAdminResponseDto;
}>("/oauth/unlink", { }>("/oauth/unlink", {
...opts, ...opts,
method: "POST" method: "POST"
@ -2714,50 +2779,34 @@ export function restoreAssets({ bulkIdsDto }: {
body: bulkIdsDto body: bulkIdsDto
}))); })));
} }
export function getAllUsers({ isAll }: { export function searchUsers(opts?: Oazapfts.RequestOpts) {
isAll: boolean;
}, opts?: Oazapfts.RequestOpts) {
return oazapfts.ok(oazapfts.fetchJson<{ return oazapfts.ok(oazapfts.fetchJson<{
status: 200; status: 200;
data: UserResponseDto[]; data: UserResponseDto[];
}>(`/users${QS.query(QS.explode({ }>("/users", {
isAll
}))}`, {
...opts ...opts
})); }));
} }
export function createUser({ createUserDto }: { export function getMyUser(opts?: Oazapfts.RequestOpts) {
createUserDto: CreateUserDto;
}, opts?: Oazapfts.RequestOpts) {
return oazapfts.ok(oazapfts.fetchJson<{
status: 201;
data: UserResponseDto;
}>("/users", oazapfts.json({
...opts,
method: "POST",
body: createUserDto
})));
}
export function updateUser({ updateUserDto }: {
updateUserDto: UpdateUserDto;
}, opts?: Oazapfts.RequestOpts) {
return oazapfts.ok(oazapfts.fetchJson<{ return oazapfts.ok(oazapfts.fetchJson<{
status: 200; status: 200;
data: UserResponseDto; data: UserAdminResponseDto;
}>("/users", oazapfts.json({
...opts,
method: "PUT",
body: updateUserDto
})));
}
export function getMyUserInfo(opts?: Oazapfts.RequestOpts) {
return oazapfts.ok(oazapfts.fetchJson<{
status: 200;
data: UserResponseDto;
}>("/users/me", { }>("/users/me", {
...opts ...opts
})); }));
} }
export function updateMyUser({ userUpdateMeDto }: {
userUpdateMeDto: UserUpdateMeDto;
}, opts?: Oazapfts.RequestOpts) {
return oazapfts.ok(oazapfts.fetchJson<{
status: 200;
data: UserAdminResponseDto;
}>("/users/me", oazapfts.json({
...opts,
method: "PUT",
body: userUpdateMeDto
})));
}
export function deleteProfileImage(opts?: Oazapfts.RequestOpts) { export function deleteProfileImage(opts?: Oazapfts.RequestOpts) {
return oazapfts.ok(oazapfts.fetchText("/users/profile-image", { return oazapfts.ok(oazapfts.fetchText("/users/profile-image", {
...opts, ...opts,
@ -2776,20 +2825,7 @@ export function createProfileImage({ createProfileImageDto }: {
body: createProfileImageDto body: createProfileImageDto
}))); })));
} }
export function deleteUser({ id, deleteUserDto }: { export function getUser({ id }: {
id: string;
deleteUserDto: DeleteUserDto;
}, opts?: Oazapfts.RequestOpts) {
return oazapfts.ok(oazapfts.fetchJson<{
status: 200;
data: UserResponseDto;
}>(`/users/${encodeURIComponent(id)}`, oazapfts.json({
...opts,
method: "DELETE",
body: deleteUserDto
})));
}
export function getUserById({ id }: {
id: string; id: string;
}, opts?: Oazapfts.RequestOpts) { }, opts?: Oazapfts.RequestOpts) {
return oazapfts.ok(oazapfts.fetchJson<{ return oazapfts.ok(oazapfts.fetchJson<{
@ -2809,17 +2845,6 @@ export function getProfileImage({ id }: {
...opts ...opts
})); }));
} }
export function restoreUser({ id }: {
id: string;
}, opts?: Oazapfts.RequestOpts) {
return oazapfts.ok(oazapfts.fetchJson<{
status: 201;
data: UserResponseDto;
}>(`/users/${encodeURIComponent(id)}/restore`, {
...opts,
method: "POST"
}));
}
export enum ReactionLevel { export enum ReactionLevel {
Album = "album", Album = "album",
Asset = "asset" Asset = "asset"
@ -2844,15 +2869,15 @@ export enum UserAvatarColor {
Gray = "gray", Gray = "gray",
Amber = "amber" Amber = "amber"
} }
export enum AlbumUserRole {
Editor = "editor",
Viewer = "viewer"
}
export enum UserStatus { export enum UserStatus {
Active = "active", Active = "active",
Removing = "removing", Removing = "removing",
Deleted = "deleted" Deleted = "deleted"
} }
export enum AlbumUserRole {
Editor = "editor",
Viewer = "viewer"
}
export enum TagTypeEnum { export enum TagTypeEnum {
Object = "OBJECT", Object = "OBJECT",
Face = "FACE", Face = "FACE",

46
readme_i18n/README_fr_FR.md
View file

@ -11,7 +11,7 @@
<p align="center"> <p align="center">
<img src="../design/immich-logo-stacked-light.svg" width="300" title="Login With Custom URL"> <img src="../design/immich-logo-stacked-light.svg" width="300" title="Login With Custom URL">
</p> </p>
<h3 align="center">Immich - Solution de sauvegarde performante et auto-hébergée des photos et des vidéos</h3> <h3 align="center">Immich - Solution de sauvegarde performante et auto-hébergée de photos et de vidéos</h3>
<br/> <br/>
<a href="https://immich.app"> <a href="https://immich.app">
<img src="../design/immich-screenshots.png" title="Main Screenshot"> <img src="../design/immich-screenshots.png" title="Main Screenshot">
@ -36,16 +36,16 @@
## Clause de non-responsabilité ## Clause de non-responsabilité
- ⚠️ Le projet est en **très fort** développement. - ⚠️ Le projet est en **très fort** développement.
- ⚠️ Attendez-vous à rencontrer des bugs et des changements importants. - ⚠️ Attendez-vous à rencontrer des bogues et des changements importants.
- ⚠️ **N'utilisez pas cette application comme seule façon de sauvegarder vos photos et vos vidéos.** - ⚠️ **N'utilisez pas cette application comme seul support de sauvegarde de vos photos et vos vidéos.**
- ⚠️ Ayez toujours un plan de sauvegarde en [3-2-1](https://www.seagate.com/fr/fr/blog/what-is-a-3-2-1-backup-strategy/) pour vos précieuses photos et vidéos ! - ⚠️ Ayez toujours un plan de sauvegarde en [3-2-1](https://www.seagate.com/fr/fr/blog/what-is-a-3-2-1-backup-strategy/) pour vos précieuses photos et vidéos !
## Sommaire ## Sommaire
- [Documentation officielle](https://immich.app/docs) - [Documentation officielle](https://immich.app/docs)
- [Feuille de route](https://github.com/orgs/immich-app/projects/1) - [Feuille de route](https://github.com/orgs/immich-app/projects/1)
- [Démo](#demo) - [Démo](#démo)
- [Fonctionnalités](#features) - [Fonctionnalités](#fonctionnalités)
- [Introduction](https://immich.app/docs/overview/introduction) - [Introduction](https://immich.app/docs/overview/introduction)
- [Installation](https://immich.app/docs/install/requirements) - [Installation](https://immich.app/docs/install/requirements)
- [Contribution](https://immich.app/docs/overview/support-the-project) - [Contribution](https://immich.app/docs/overview/support-the-project)
@ -56,11 +56,11 @@ Vous pouvez trouver la documentation principale ainsi que les guides d'installat
## Démo ## Démo
Vous pouvez accéder à la démo Web sur https://demo.immich.app Vous pouvez accéder à la démo en ligne sur https://demo.immich.app
Pour l'application mobile, vous pouvez utiliser `https://demo.immich.app/api` dans le champ 'URL du point d'accès au serveur' Pour l'application mobile, vous pouvez utiliser `https://demo.immich.app/api` dans le champ `URL du point d'accès au serveur`
```bash title="Demo Credential" ```bash title="Identifiants pour la démo"
Les identifiants Les identifiants
email: demo@immich.app email: demo@immich.app
mot de passe: demo mot de passe: demo
@ -70,12 +70,17 @@ mot de passe: demo
Caractéristiques : Plan gratuit Oracle VM - Amsterdam - 2.4Ghz quatre-cœurs ARM64 CPU, 24GB RAM Caractéristiques : Plan gratuit Oracle VM - Amsterdam - 2.4Ghz quatre-cœurs ARM64 CPU, 24GB RAM
``` ```
# Fonctionnalités ## Activités
![Activités](https://repobeats.axiom.co/api/embed/9e86d9dc3ddd137161f2f6d2e758d7863b1789cb.svg "Image des statistiques Repobeats")
## Fonctionnalités
| Fonctionnalités | Mobile | Web | | Fonctionnalités | Mobile | Web |
| ---------------------------------------------------------------- | ------ | --- | | ---------------------------------------------------------------- | ------ | --- |
| Téléverser et voir les vidéos et photos | Oui | Oui | | Téléverser et voir les vidéos et photos | Oui | Oui |
| Sauvegarde automatique quand l'application est ouverte | Oui | N/A | | Sauvegarde automatique quand l'application est ouverte | Oui | N/A |
| Prévention contre la duplication des photos et des vidéos | Oui | Oui |
| Sélection des albums à sauvegarder | Oui | N/A | | Sélection des albums à sauvegarder | Oui | N/A |
| Télécharger les photos et les vidéos sur l'appareil | Oui | Oui | | Télécharger les photos et les vidéos sur l'appareil | Oui | Oui |
| Support multi-utilisateur | Oui | Oui | | Support multi-utilisateur | Oui | Oui |
@ -89,13 +94,32 @@ Caractéristiques: Plan gratuit Oracle VM - Amsterdam - 2.4Ghz quatre-cœurs ARM
| Défilement virtuel | Oui | Oui | | Défilement virtuel | Oui | Oui |
| Support de l'OAuth | Oui | Oui | | Support de l'OAuth | Oui | Oui |
| Clés d'API | N/A | Oui | | Clés d'API | N/A | Oui |
| Sauvegarde et lecture des LivePhotos | iOS | Oui | | Sauvegarde et lecture des LivePhoto/MotionPhoto | Oui | Oui |
| Support de l'affichage des images à 360° | Non | Oui |
| Structure de stockage définissable | Oui | Oui | | Structure de stockage définissable | Oui | Oui |
| Partage public | Non | Oui | | Partage public | Non | Oui |
| Archives et favoris | Oui | Oui | | Archives et favoris | Oui | Oui |
| Carte globale | Non | Oui | | Carte globale | Oui | Oui |
| Partage entre utilisateurs | Oui | Oui | | Partage entre utilisateurs | Oui | Oui |
| Reconnaissance et regroupement facial | Oui | Oui | | Reconnaissance et regroupement facial | Oui | Oui |
| Souvenirs (il y a x années) | Oui | Oui | | Souvenirs (il y a x années) | Oui | Oui |
| Support hors-ligne | Oui | Non | | Support hors-ligne | Oui | Non |
| Gallerie en lecture seule | Oui | Oui | | Gallerie en lecture seule | Oui | Oui |
| Empilage de photos | Oui | Oui |
## Contributeurs
<a href="https://github.com/alextran1502/immich/graphs/contributors">
<img src="https://contrib.rocks/image?repo=immich-app/immich" width="100%"/>
</a>
## Historique des favoris
<a href="https://star-history.com/#immich-app/immich&Date">
<picture>
<source media="(prefers-color-scheme: dark)" srcset="https://api.star-history.com/svg?repos=immich-app/immich&type=Date&theme=dark" />
<source media="(prefers-color-scheme: light)" srcset="https://api.star-history.com/svg?repos=immich-app/immich&type=Date" />
<img alt="Star History Chart" src="https://api.star-history.com/svg?repos=immich-app/immich&type=Date" width="100%" />
</picture>
</a>

4
server/src/commands/reset-admin-password.command.ts
View file

@ -1,9 +1,9 @@
import { Command, CommandRunner, InquirerService, Question, QuestionSet } from 'nest-commander'; import { Command, CommandRunner, InquirerService, Question, QuestionSet } from 'nest-commander';
import { UserResponseDto } from 'src/dtos/user.dto'; import { UserAdminResponseDto } from 'src/dtos/user.dto';
import { CliService } from 'src/services/cli.service'; import { CliService } from 'src/services/cli.service';
const prompt = (inquirer: InquirerService) => { const prompt = (inquirer: InquirerService) => {
return function ask(admin: UserResponseDto) { return function ask(admin: UserAdminResponseDto) {
const { id, oauthId, email, name } = admin; const { id, oauthId, email, name } = admin;
console.log(`Found Admin: console.log(`Found Admin:
- ID=${id} - ID=${id}

4
server/src/config.ts
View file

@ -256,8 +256,8 @@ export const defaults = Object.freeze<SystemConfig>({
modelName: 'ViT-B-32__openai', modelName: 'ViT-B-32__openai',
}, },
duplicateDetection: { duplicateDetection: {
enabled: false, enabled: true,
maxDistance: 0.03, maxDistance: 0.0155,
}, },
facialRecognition: { facialRecognition: {
enabled: true, enabled: true,

8
server/src/controllers/auth.controller.ts
View file

@ -12,7 +12,7 @@ import {
SignUpDto, SignUpDto,
ValidateAccessTokenResponseDto, ValidateAccessTokenResponseDto,
} from 'src/dtos/auth.dto'; } from 'src/dtos/auth.dto';
import { UserResponseDto, mapUser } from 'src/dtos/user.dto'; import { UserAdminResponseDto } from 'src/dtos/user.dto';
import { Auth, Authenticated, GetLoginDetails } from 'src/middleware/auth.guard'; import { Auth, Authenticated, GetLoginDetails } from 'src/middleware/auth.guard';
import { AuthService, LoginDetails } from 'src/services/auth.service'; import { AuthService, LoginDetails } from 'src/services/auth.service';
import { respondWithCookie, respondWithoutCookie } from 'src/utils/response'; import { respondWithCookie, respondWithoutCookie } from 'src/utils/response';
@ -40,7 +40,7 @@ export class AuthController {
} }
@Post('admin-sign-up') @Post('admin-sign-up')
signUpAdmin(@Body() dto: SignUpDto): Promise<UserResponseDto> { signUpAdmin(@Body() dto: SignUpDto): Promise<UserAdminResponseDto> {
return this.service.adminSignUp(dto); return this.service.adminSignUp(dto);
} }
@ -54,8 +54,8 @@ export class AuthController {
@Post('change-password') @Post('change-password')
@HttpCode(HttpStatus.OK) @HttpCode(HttpStatus.OK)
@Authenticated() @Authenticated()
changePassword(@Auth() auth: AuthDto, @Body() dto: ChangePasswordDto): Promise<UserResponseDto> { changePassword(@Auth() auth: AuthDto, @Body() dto: ChangePasswordDto): Promise<UserAdminResponseDto> {
return this.service.changePassword(auth, dto).then(mapUser); return this.service.changePassword(auth, dto);
} }
@Post('logout') @Post('logout')

2
server/src/controllers/index.ts
View file

@ -27,6 +27,7 @@ import { SystemMetadataController } from 'src/controllers/system-metadata.contro
import { TagController } from 'src/controllers/tag.controller'; import { TagController } from 'src/controllers/tag.controller';
import { TimelineController } from 'src/controllers/timeline.controller'; import { TimelineController } from 'src/controllers/timeline.controller';
import { TrashController } from 'src/controllers/trash.controller'; import { TrashController } from 'src/controllers/trash.controller';
import { UserAdminController } from 'src/controllers/user-admin.controller';
import { UserController } from 'src/controllers/user.controller'; import { UserController } from 'src/controllers/user.controller';
export const controllers = [ export const controllers = [
@ -59,5 +60,6 @@ export const controllers = [
TagController, TagController,
TimelineController, TimelineController,
TrashController, TrashController,
UserAdminController,
UserController, UserController,
]; ];

6
server/src/controllers/oauth.controller.ts
View file

@ -10,7 +10,7 @@ import {
OAuthCallbackDto, OAuthCallbackDto,
OAuthConfigDto, OAuthConfigDto,
} from 'src/dtos/auth.dto'; } from 'src/dtos/auth.dto';
import { UserResponseDto } from 'src/dtos/user.dto'; import { UserAdminResponseDto } from 'src/dtos/user.dto';
import { Auth, Authenticated, GetLoginDetails } from 'src/middleware/auth.guard'; import { Auth, Authenticated, GetLoginDetails } from 'src/middleware/auth.guard';
import { AuthService, LoginDetails } from 'src/services/auth.service'; import { AuthService, LoginDetails } from 'src/services/auth.service';
import { respondWithCookie } from 'src/utils/response'; import { respondWithCookie } from 'src/utils/response';
@ -53,13 +53,13 @@ export class OAuthController {
@Post('link') @Post('link')
@Authenticated() @Authenticated()
linkOAuthAccount(@Auth() auth: AuthDto, @Body() dto: OAuthCallbackDto): Promise<UserResponseDto> { linkOAuthAccount(@Auth() auth: AuthDto, @Body() dto: OAuthCallbackDto): Promise<UserAdminResponseDto> {
return this.service.link(auth, dto); return this.service.link(auth, dto);
} }
@Post('unlink') @Post('unlink')
@Authenticated() @Authenticated()
unlinkOAuthAccount(@Auth() auth: AuthDto): Promise<UserResponseDto> { unlinkOAuthAccount(@Auth() auth: AuthDto): Promise<UserAdminResponseDto> {
return this.service.unlink(auth); return this.service.unlink(auth);
} }
} }

63
server/src/controllers/user-admin.controller.ts Normal file
View file

@ -0,0 +1,63 @@
import { Body, Controller, Delete, Get, Param, Post, Put, Query } from '@nestjs/common';
import { ApiTags } from '@nestjs/swagger';
import { AuthDto } from 'src/dtos/auth.dto';
import {
UserAdminCreateDto,
UserAdminDeleteDto,
UserAdminResponseDto,
UserAdminSearchDto,
UserAdminUpdateDto,
} from 'src/dtos/user.dto';
import { Auth, Authenticated } from 'src/middleware/auth.guard';
import { UserAdminService } from 'src/services/user-admin.service';
import { UUIDParamDto } from 'src/validation';
@ApiTags('User')
@Controller('admin/users')
export class UserAdminController {
constructor(private service: UserAdminService) {}
@Get()
@Authenticated({ admin: true })
searchUsersAdmin(@Auth() auth: AuthDto, @Query() dto: UserAdminSearchDto): Promise<UserAdminResponseDto[]> {
return this.service.search(auth, dto);
}
@Post()
@Authenticated({ admin: true })
createUserAdmin(@Body() createUserDto: UserAdminCreateDto): Promise<UserAdminResponseDto> {
return this.service.create(createUserDto);
}
@Get(':id')
@Authenticated({ admin: true })
getUserAdmin(@Auth() auth: AuthDto, @Param() { id }: UUIDParamDto): Promise<UserAdminResponseDto> {
return this.service.get(auth, id);
}
@Put(':id')
@Authenticated({ admin: true })
updateUserAdmin(
@Auth() auth: AuthDto,
@Param() { id }: UUIDParamDto,
@Body() dto: UserAdminUpdateDto,
): Promise<UserAdminResponseDto> {
return this.service.update(auth, id, dto);
}
@Delete(':id')
@Authenticated({ admin: true })
deleteUserAdmin(
@Auth() auth: AuthDto,
@Param() { id }: UUIDParamDto,
@Body() dto: UserAdminDeleteDto,
): Promise<UserAdminResponseDto> {
return this.service.delete(auth, id, dto);
}
@Post(':id/restore')
@Authenticated({ admin: true })
restoreUserAdmin(@Auth() auth: AuthDto, @Param() { id }: UUIDParamDto): Promise<UserAdminResponseDto> {
return this.service.restore(auth, id);
}
}

60
server/src/controllers/user.controller.ts
View file

@ -10,7 +10,6 @@ import {
Param, Param,
Post, Post,
Put, Put,
Query,
Res, Res,
UploadedFile, UploadedFile,
UseInterceptors, UseInterceptors,
@ -19,7 +18,7 @@ import { ApiBody, ApiConsumes, ApiTags } from '@nestjs/swagger';
import { NextFunction, Response } from 'express'; import { NextFunction, Response } from 'express';
import { AuthDto } from 'src/dtos/auth.dto'; import { AuthDto } from 'src/dtos/auth.dto';
import { CreateProfileImageDto, CreateProfileImageResponseDto } from 'src/dtos/user-profile.dto'; import { CreateProfileImageDto, CreateProfileImageResponseDto } from 'src/dtos/user-profile.dto';
import { CreateUserDto, DeleteUserDto, UpdateUserDto, UserResponseDto } from 'src/dtos/user.dto'; import { UserAdminResponseDto, UserResponseDto, UserUpdateMeDto } from 'src/dtos/user.dto';
import { ILoggerRepository } from 'src/interfaces/logger.interface'; import { ILoggerRepository } from 'src/interfaces/logger.interface';
import { Auth, Authenticated, FileResponse } from 'src/middleware/auth.guard'; import { Auth, Authenticated, FileResponse } from 'src/middleware/auth.guard';
import { FileUploadInterceptor, Route } from 'src/middleware/file-upload.interceptor'; import { FileUploadInterceptor, Route } from 'src/middleware/file-upload.interceptor';
@ -37,58 +36,28 @@ export class UserController {
@Get() @Get()
@Authenticated() @Authenticated()
getAllUsers(@Auth() auth: AuthDto, @Query('isAll') isAll: boolean): Promise<UserResponseDto[]> { searchUsers(): Promise<UserResponseDto[]> {
return this.service.getAll(auth, isAll); return this.service.search();
}
@Post()
@Authenticated({ admin: true })
createUser(@Body() createUserDto: CreateUserDto): Promise<UserResponseDto> {
return this.service.create(createUserDto);
} }
@Get('me') @Get('me')
@Authenticated() @Authenticated()
getMyUserInfo(@Auth() auth: AuthDto): Promise<UserResponseDto> { getMyUser(@Auth() auth: AuthDto): UserAdminResponseDto {
return this.service.getMe(auth); return this.service.getMe(auth);
} }
@Put('me')
@Authenticated()
updateMyUser(@Auth() auth: AuthDto, @Body() dto: UserUpdateMeDto): Promise<UserAdminResponseDto> {
return this.service.updateMe(auth, dto);
}
@Get(':id') @Get(':id')
@Authenticated() @Authenticated()
getUserById(@Param() { id }: UUIDParamDto): Promise<UserResponseDto> { getUser(@Param() { id }: UUIDParamDto): Promise<UserResponseDto> {
return this.service.get(id); return this.service.get(id);
} }
@Delete('profile-image')
@HttpCode(HttpStatus.NO_CONTENT)
@Authenticated()
deleteProfileImage(@Auth() auth: AuthDto): Promise<void> {
return this.service.deleteProfileImage(auth);
}
@Delete(':id')
@Authenticated({ admin: true })
deleteUser(
@Auth() auth: AuthDto,
@Param() { id }: UUIDParamDto,
@Body() dto: DeleteUserDto,
): Promise<UserResponseDto> {
return this.service.delete(auth, id, dto);
}
@Post(':id/restore')
@Authenticated({ admin: true })
restoreUser(@Auth() auth: AuthDto, @Param() { id }: UUIDParamDto): Promise<UserResponseDto> {
return this.service.restore(auth, id);
}
// TODO: replace with @Put(':id')
@Put()
@Authenticated()
updateUser(@Auth() auth: AuthDto, @Body() updateUserDto: UpdateUserDto): Promise<UserResponseDto> {
return this.service.update(auth, updateUserDto);
}
@UseInterceptors(FileUploadInterceptor) @UseInterceptors(FileUploadInterceptor)
@ApiConsumes('multipart/form-data') @ApiConsumes('multipart/form-data')
@ApiBody({ description: 'A new avatar for the user', type: CreateProfileImageDto }) @ApiBody({ description: 'A new avatar for the user', type: CreateProfileImageDto })
@ -101,6 +70,13 @@ export class UserController {
return this.service.createProfileImage(auth, fileInfo); return this.service.createProfileImage(auth, fileInfo);
} }
@Delete('profile-image')
@HttpCode(HttpStatus.NO_CONTENT)
@Authenticated()
deleteProfileImage(@Auth() auth: AuthDto): Promise<void> {
return this.service.deleteProfileImage(auth);
}
@Get(':id/profile-image') @Get(':id/profile-image')
@FileResponse() @FileResponse()
@Authenticated() @Authenticated()

43
server/src/cores/user.core.ts
View file

@ -1,7 +1,6 @@
import { BadRequestException, ForbiddenException } from '@nestjs/common'; import { BadRequestException } from '@nestjs/common';
import sanitize from 'sanitize-filename'; import sanitize from 'sanitize-filename';
import { SALT_ROUNDS } from 'src/constants'; import { SALT_ROUNDS } from 'src/constants';
import { UserResponseDto } from 'src/dtos/user.dto';
import { UserEntity } from 'src/entities/user.entity'; import { UserEntity } from 'src/entities/user.entity';
import { ICryptoRepository } from 'src/interfaces/crypto.interface'; import { ICryptoRepository } from 'src/interfaces/crypto.interface';
import { IUserRepository } from 'src/interfaces/user.interface'; import { IUserRepository } from 'src/interfaces/user.interface';
@ -26,46 +25,6 @@ export class UserCore {
instance = null; instance = null;
} }
// TODO: move auth related checks to the service layer
async updateUser(user: UserEntity | UserResponseDto, id: string, dto: Partial<UserEntity>): Promise<UserEntity> {
if (!user.isAdmin && user.id !== id) {
throw new ForbiddenException('You are not allowed to update this user');
}
if (!user.isAdmin) {
// Users can never update the isAdmin property.
delete dto.isAdmin;
delete dto.storageLabel;
} else if (dto.isAdmin && user.id !== id) {
// Admin cannot create another admin.
throw new BadRequestException('The server already has an admin');
}
if (dto.email) {
const duplicate = await this.userRepository.getByEmail(dto.email);
if (duplicate && duplicate.id !== id) {
throw new BadRequestException('Email already in use by another account');
}
}
if (dto.storageLabel) {
const duplicate = await this.userRepository.getByStorageLabel(dto.storageLabel);
if (duplicate && duplicate.id !== id) {
throw new BadRequestException('Storage label already in use by another account');
}
}
if (dto.password) {
dto.password = await this.cryptoRepository.hashBcrypt(dto.password, SALT_ROUNDS);
}
if (dto.storageLabel === '') {
dto.storageLabel = null;
}
return this.userRepository.update(id, { ...dto, updatedAt: new Date() });
}
async createUser(dto: Partial<UserEntity> & { email: string }): Promise<UserEntity> { async createUser(dto: Partial<UserEntity> & { email: string }): Promise<UserEntity> {
const user = await this.userRepository.getByEmail(dto.email); const user = await this.userRepository.getByEmail(dto.email);
if (user) { if (user) {

6
server/src/dtos/activity.dto.ts
View file

@ -1,6 +1,6 @@
import { ApiProperty } from '@nestjs/swagger'; import { ApiProperty } from '@nestjs/swagger';
import { IsEnum, IsNotEmpty, IsString, ValidateIf } from 'class-validator'; import { IsEnum, IsNotEmpty, IsString, ValidateIf } from 'class-validator';
import { UserDto, mapSimpleUser } from 'src/dtos/user.dto'; import { UserResponseDto, mapUser } from 'src/dtos/user.dto';
import { ActivityEntity } from 'src/entities/activity.entity'; import { ActivityEntity } from 'src/entities/activity.entity';
import { Optional, ValidateUUID } from 'src/validation'; import { Optional, ValidateUUID } from 'src/validation';
@ -20,7 +20,7 @@ export class ActivityResponseDto {
id!: string; id!: string;
createdAt!: Date; createdAt!: Date;
type!: ReactionType; type!: ReactionType;
user!: UserDto; user!: UserResponseDto;
assetId!: string | null; assetId!: string | null;
comment?: string | null; comment?: string | null;
} }
@ -73,6 +73,6 @@ export function mapActivity(activity: ActivityEntity): ActivityResponseDto {
createdAt: activity.createdAt, createdAt: activity.createdAt,
comment: activity.comment, comment: activity.comment,
type: activity.isLiked ? ReactionType.LIKE : ReactionType.COMMENT, type: activity.isLiked ? ReactionType.LIKE : ReactionType.COMMENT,
user: mapSimpleUser(activity.user), user: mapUser(activity.user),
}; };
} }

29
server/src/dtos/user.dto.spec.ts
View file

@ -1,12 +1,12 @@
import { plainToInstance } from 'class-transformer'; import { plainToInstance } from 'class-transformer';
import { validate } from 'class-validator'; import { validate } from 'class-validator';
import { CreateUserDto, CreateUserOAuthDto, UpdateUserDto } from 'src/dtos/user.dto'; import { UserAdminCreateDto, UserUpdateMeDto } from 'src/dtos/user.dto';
describe('update user DTO', () => { describe('update user DTO', () => {
it('should allow emails without a tld', async () => { it('should allow emails without a tld', async () => {
const someEmail = 'test@test'; const someEmail = 'test@test';
const dto = plainToInstance(UpdateUserDto, { const dto = plainToInstance(UserUpdateMeDto, {
email: someEmail, email: someEmail,
id: '3fe388e4-2078-44d7-b36c-39d9dee3a657', id: '3fe388e4-2078-44d7-b36c-39d9dee3a657',
}); });
@ -18,22 +18,22 @@ describe('update user DTO', () => {
describe('create user DTO', () => { describe('create user DTO', () => {
it('validates the email', async () => { it('validates the email', async () => {
const params: Partial<CreateUserDto> = { const params: Partial<UserAdminCreateDto> = {
email: undefined, email: undefined,
password: 'password', password: 'password',
name: 'name', name: 'name',
}; };
let dto: CreateUserDto = plainToInstance(CreateUserDto, params); let dto: UserAdminCreateDto = plainToInstance(UserAdminCreateDto, params);
let errors = await validate(dto); let errors = await validate(dto);
expect(errors).toHaveLength(1); expect(errors).toHaveLength(1);
params.email = 'invalid email'; params.email = 'invalid email';
dto = plainToInstance(CreateUserDto, params); dto = plainToInstance(UserAdminCreateDto, params);
errors = await validate(dto); errors = await validate(dto);
expect(errors).toHaveLength(1); expect(errors).toHaveLength(1);
params.email = 'valid@email.com'; params.email = 'valid@email.com';
dto = plainToInstance(CreateUserDto, params); dto = plainToInstance(UserAdminCreateDto, params);
errors = await validate(dto); errors = await validate(dto);
expect(errors).toHaveLength(0); expect(errors).toHaveLength(0);
}); });
@ -41,7 +41,7 @@ describe('create user DTO', () => {
it('should allow emails without a tld', async () => { it('should allow emails without a tld', async () => {
const someEmail = 'test@test'; const someEmail = 'test@test';
const dto = plainToInstance(CreateUserDto, { const dto = plainToInstance(UserAdminCreateDto, {
email: someEmail, email: someEmail,
password: 'some password', password: 'some password',
name: 'some name', name: 'some name',
@ -51,18 +51,3 @@ describe('create user DTO', () => {
expect(dto.email).toEqual(someEmail); expect(dto.email).toEqual(someEmail);
}); });
}); });
describe('create user oauth DTO', () => {
it('should allow emails without a tld', async () => {
const someEmail = 'test@test';
const dto = plainToInstance(CreateUserOAuthDto, {
email: someEmail,
oauthId: 'some oauth id',
name: 'some name',
});
const errors = await validate(dto);
expect(errors).toHaveLength(0);
expect(dto.email).toEqual(someEmail);
});
});

112
server/src/dtos/user.dto.ts
View file

@ -1,12 +1,63 @@
import { ApiProperty } from '@nestjs/swagger'; import { ApiProperty } from '@nestjs/swagger';
import { Transform } from 'class-transformer'; import { Transform } from 'class-transformer';
import { IsBoolean, IsEmail, IsEnum, IsNotEmpty, IsNumber, IsPositive, IsString, IsUUID } from 'class-validator'; import { IsBoolean, IsEmail, IsEnum, IsNotEmpty, IsNumber, IsPositive, IsString } from 'class-validator';
import { UserAvatarColor } from 'src/entities/user-metadata.entity'; import { UserAvatarColor } from 'src/entities/user-metadata.entity';
import { UserEntity, UserStatus } from 'src/entities/user.entity'; import { UserEntity, UserStatus } from 'src/entities/user.entity';
import { getPreferences } from 'src/utils/preferences'; import { getPreferences } from 'src/utils/preferences';
import { Optional, ValidateBoolean, toEmail, toSanitized } from 'src/validation'; import { Optional, ValidateBoolean, toEmail, toSanitized } from 'src/validation';
export class CreateUserDto { export class UserUpdateMeDto {
@Optional()
@IsEmail({ require_tld: false })
@Transform(toEmail)
email?: string;
// TODO: migrate to the other change password endpoint
@Optional()
@IsNotEmpty()
@IsString()
password?: string;
@Optional()
@IsString()
@IsNotEmpty()
name?: string;
@ValidateBoolean({ optional: true })
memoriesEnabled?: boolean;
@Optional()
@IsEnum(UserAvatarColor)
@ApiProperty({ enumName: 'UserAvatarColor', enum: UserAvatarColor })
avatarColor?: UserAvatarColor;
}
export class UserResponseDto {
id!: string;
name!: string;
email!: string;
profileImagePath!: string;
@IsEnum(UserAvatarColor)
@ApiProperty({ enumName: 'UserAvatarColor', enum: UserAvatarColor })
avatarColor!: UserAvatarColor;
}
export const mapUser = (entity: UserEntity): UserResponseDto => {
return {
id: entity.id,
email: entity.email,
name: entity.name,
profileImagePath: entity.profileImagePath,
avatarColor: getPreferences(entity).avatar.color,
};
};
export class UserAdminSearchDto {
@ValidateBoolean({ optional: true })
withDeleted?: boolean;
}
export class UserAdminCreateDto {
@IsEmail({ require_tld: false }) @IsEmail({ require_tld: false })
@Transform(toEmail) @Transform(toEmail)
email!: string; email!: string;
@ -41,23 +92,7 @@ export class CreateUserDto {
notify?: boolean; notify?: boolean;
} }
export class CreateUserOAuthDto { export class UserAdminUpdateDto {
@IsEmail({ require_tld: false })
@Transform(({ value }) => value?.toLowerCase())
email!: string;
@IsNotEmpty()
oauthId!: string;
name?: string;
}
export class DeleteUserDto {
@ValidateBoolean({ optional: true })
force?: boolean;
}
export class UpdateUserDto {
@Optional() @Optional()
@IsEmail({ require_tld: false }) @IsEmail({ require_tld: false })
@Transform(toEmail) @Transform(toEmail)
@ -73,18 +108,10 @@ export class UpdateUserDto {
@IsNotEmpty() @IsNotEmpty()
name?: string; name?: string;
@Optional() @Optional({ nullable: true })
@IsString() @IsString()
@Transform(toSanitized) @Transform(toSanitized)
storageLabel?: string; storageLabel?: string | null;
@IsNotEmpty()
@IsUUID('4')
@ApiProperty({ format: 'uuid' })
id!: string;
@ValidateBoolean({ optional: true })
isAdmin?: boolean;
@ValidateBoolean({ optional: true }) @ValidateBoolean({ optional: true })
shouldChangePassword?: boolean; shouldChangePassword?: boolean;
@ -104,17 +131,12 @@ export class UpdateUserDto {
quotaSizeInBytes?: number | null; quotaSizeInBytes?: number | null;
} }
export class UserDto { export class UserAdminDeleteDto {
id!: string; @ValidateBoolean({ optional: true })
name!: string; force?: boolean;
email!: string;
profileImagePath!: string;
@IsEnum(UserAvatarColor)
@ApiProperty({ enumName: 'UserAvatarColor', enum: UserAvatarColor })
avatarColor!: UserAvatarColor;
} }
export class UserResponseDto extends UserDto { export class UserAdminResponseDto extends UserResponseDto {
storageLabel!: string | null; storageLabel!: string | null;
shouldChangePassword!: boolean; shouldChangePassword!: boolean;
isAdmin!: boolean; isAdmin!: boolean;
@ -131,19 +153,9 @@ export class UserResponseDto extends UserDto {
status!: string; status!: string;
} }
export const mapSimpleUser = (entity: UserEntity): UserDto => { export function mapUserAdmin(entity: UserEntity): UserAdminResponseDto {
return { return {
id: entity.id, ...mapUser(entity),
email: entity.email,
name: entity.name,
profileImagePath: entity.profileImagePath,
avatarColor: getPreferences(entity).avatar.color,
};
};
export function mapUser(entity: UserEntity): UserResponseDto {
return {
...mapSimpleUser(entity),
storageLabel: entity.storageLabel, storageLabel: entity.storageLabel,
shouldChangePassword: entity.shouldChangePassword, shouldChangePassword: entity.shouldChangePassword,
isAdmin: entity.isAdmin, isAdmin: entity.isAdmin,

6
server/src/interfaces/media.interface.ts
View file

@ -53,7 +53,7 @@ export interface VideoInfo {
audioStreams: AudioStreamInfo[]; audioStreams: AudioStreamInfo[];
} }
export interface TranscodeOptions { export interface TranscodeCommand {
inputOptions: string[]; inputOptions: string[];
outputOptions: string[]; outputOptions: string[];
twoPass: boolean; twoPass: boolean;
@ -67,7 +67,7 @@ export interface BitrateDistribution {
} }
export interface VideoCodecSWConfig { export interface VideoCodecSWConfig {
getOptions(target: TranscodeTarget, videoStream: VideoStreamInfo, audioStream: AudioStreamInfo): TranscodeOptions; getCommand(target: TranscodeTarget, videoStream: VideoStreamInfo, audioStream: AudioStreamInfo): TranscodeCommand;
} }
export interface VideoCodecHWConfig extends VideoCodecSWConfig { export interface VideoCodecHWConfig extends VideoCodecSWConfig {
@ -83,5 +83,5 @@ export interface IMediaRepository {
// video // video
probe(input: string): Promise<VideoInfo>; probe(input: string): Promise<VideoInfo>;
transcode(input: string, output: string | Writable, options: TranscodeOptions): Promise<void>; transcode(input: string, output: string | Writable, command: TranscodeCommand): Promise<void>;
} }

3
server/src/interfaces/search.interface.ts
View file

@ -155,8 +155,9 @@ export interface FaceEmbeddingSearch extends SearchEmbeddingOptions {
export interface AssetDuplicateSearch { export interface AssetDuplicateSearch {
assetId: string; assetId: string;
embedding: Embedding; embedding: Embedding;
userIds: string[];
maxDistance?: number; maxDistance?: number;
type: AssetType;
userIds: string[];
} }
export interface FaceSearchResult { export interface FaceSearchResult {

6
server/src/queries/api.key.repository.sql
View file

@ -22,13 +22,17 @@ FROM
"APIKeyEntity__APIKeyEntity_user"."status" AS "APIKeyEntity__APIKeyEntity_user_status", "APIKeyEntity__APIKeyEntity_user"."status" AS "APIKeyEntity__APIKeyEntity_user_status",
"APIKeyEntity__APIKeyEntity_user"."updatedAt" AS "APIKeyEntity__APIKeyEntity_user_updatedAt", "APIKeyEntity__APIKeyEntity_user"."updatedAt" AS "APIKeyEntity__APIKeyEntity_user_updatedAt",
"APIKeyEntity__APIKeyEntity_user"."quotaSizeInBytes" AS "APIKeyEntity__APIKeyEntity_user_quotaSizeInBytes", "APIKeyEntity__APIKeyEntity_user"."quotaSizeInBytes" AS "APIKeyEntity__APIKeyEntity_user_quotaSizeInBytes",
"APIKeyEntity__APIKeyEntity_user"."quotaUsageInBytes" AS "APIKeyEntity__APIKeyEntity_user_quotaUsageInBytes" "APIKeyEntity__APIKeyEntity_user"."quotaUsageInBytes" AS "APIKeyEntity__APIKeyEntity_user_quotaUsageInBytes",
"7f5f7a38bf327bfbbf826778460704c9a50fe6f4"."userId" AS "7f5f7a38bf327bfbbf826778460704c9a50fe6f4_userId",
"7f5f7a38bf327bfbbf826778460704c9a50fe6f4"."key" AS "7f5f7a38bf327bfbbf826778460704c9a50fe6f4_key",
"7f5f7a38bf327bfbbf826778460704c9a50fe6f4"."value" AS "7f5f7a38bf327bfbbf826778460704c9a50fe6f4_value"
FROM FROM
"api_keys" "APIKeyEntity" "api_keys" "APIKeyEntity"
LEFT JOIN "users" "APIKeyEntity__APIKeyEntity_user" ON "APIKeyEntity__APIKeyEntity_user"."id" = "APIKeyEntity"."userId" LEFT JOIN "users" "APIKeyEntity__APIKeyEntity_user" ON "APIKeyEntity__APIKeyEntity_user"."id" = "APIKeyEntity"."userId"
AND ( AND (
"APIKeyEntity__APIKeyEntity_user"."deletedAt" IS NULL "APIKeyEntity__APIKeyEntity_user"."deletedAt" IS NULL
) )
LEFT JOIN "user_metadata" "7f5f7a38bf327bfbbf826778460704c9a50fe6f4" ON "7f5f7a38bf327bfbbf826778460704c9a50fe6f4"."userId" = "APIKeyEntity__APIKeyEntity_user"."id"
WHERE WHERE
(("APIKeyEntity"."key" = $1)) (("APIKeyEntity"."key" = $1))
) "distinctAlias" ) "distinctAlias"

3
server/src/queries/search.repository.sql
View file

@ -204,6 +204,7 @@ WITH
"asset"."ownerId" IN ($2) "asset"."ownerId" IN ($2)
AND "asset"."id" != $3 AND "asset"."id" != $3
AND "asset"."isVisible" = $4 AND "asset"."isVisible" = $4
AND "asset"."type" = $5
) )
AND ("asset"."deletedAt" IS NULL) AND ("asset"."deletedAt" IS NULL)
ORDER BY ORDER BY
@ -216,7 +217,7 @@ SELECT
FROM FROM
"cte" "res" "cte" "res"
WHERE WHERE
res.distance <= $5 res.distance <= $6
-- SearchRepository.searchFaces -- SearchRepository.searchFaces
START TRANSACTION START TRANSACTION

6
server/src/queries/session.repository.sql
View file

@ -38,13 +38,17 @@ FROM
"SessionEntity__SessionEntity_user"."status" AS "SessionEntity__SessionEntity_user_status", "SessionEntity__SessionEntity_user"."status" AS "SessionEntity__SessionEntity_user_status",
"SessionEntity__SessionEntity_user"."updatedAt" AS "SessionEntity__SessionEntity_user_updatedAt", "SessionEntity__SessionEntity_user"."updatedAt" AS "SessionEntity__SessionEntity_user_updatedAt",
"SessionEntity__SessionEntity_user"."quotaSizeInBytes" AS "SessionEntity__SessionEntity_user_quotaSizeInBytes", "SessionEntity__SessionEntity_user"."quotaSizeInBytes" AS "SessionEntity__SessionEntity_user_quotaSizeInBytes",
"SessionEntity__SessionEntity_user"."quotaUsageInBytes" AS "SessionEntity__SessionEntity_user_quotaUsageInBytes" "SessionEntity__SessionEntity_user"."quotaUsageInBytes" AS "SessionEntity__SessionEntity_user_quotaUsageInBytes",
"469e6aa7ff79eff78f8441f91ba15bb07d3634dd"."userId" AS "469e6aa7ff79eff78f8441f91ba15bb07d3634dd_userId",
"469e6aa7ff79eff78f8441f91ba15bb07d3634dd"."key" AS "469e6aa7ff79eff78f8441f91ba15bb07d3634dd_key",
"469e6aa7ff79eff78f8441f91ba15bb07d3634dd"."value" AS "469e6aa7ff79eff78f8441f91ba15bb07d3634dd_value"
FROM FROM
"sessions" "SessionEntity" "sessions" "SessionEntity"
LEFT JOIN "users" "SessionEntity__SessionEntity_user" ON "SessionEntity__SessionEntity_user"."id" = "SessionEntity"."userId" LEFT JOIN "users" "SessionEntity__SessionEntity_user" ON "SessionEntity__SessionEntity_user"."id" = "SessionEntity"."userId"
AND ( AND (
"SessionEntity__SessionEntity_user"."deletedAt" IS NULL "SessionEntity__SessionEntity_user"."deletedAt" IS NULL
) )
LEFT JOIN "user_metadata" "469e6aa7ff79eff78f8441f91ba15bb07d3634dd" ON "469e6aa7ff79eff78f8441f91ba15bb07d3634dd"."userId" = "SessionEntity__SessionEntity_user"."id"
WHERE WHERE
(("SessionEntity"."token" = $1)) (("SessionEntity"."token" = $1))
) "distinctAlias" ) "distinctAlias"

4
server/src/repositories/api-key.repository.ts
View file

@ -34,7 +34,9 @@ export class ApiKeyRepository implements IKeyRepository {
}, },
where: { key: hashedToken }, where: { key: hashedToken },
relations: { relations: {
user: true, user: {
metadata: true,
},
}, },
}); });
} }

6
server/src/repositories/media.repository.ts
View file

@ -11,7 +11,7 @@ import {
IMediaRepository, IMediaRepository,
ImageDimensions, ImageDimensions,
ThumbnailOptions, ThumbnailOptions,
TranscodeOptions, TranscodeCommand,
VideoInfo, VideoInfo,
} from 'src/interfaces/media.interface'; } from 'src/interfaces/media.interface';
import { Instrumentation } from 'src/utils/instrumentation'; import { Instrumentation } from 'src/utils/instrumentation';
@ -97,7 +97,7 @@ export class MediaRepository implements IMediaRepository {
}; };
} }
transcode(input: string, output: string | Writable, options: TranscodeOptions): Promise<void> { transcode(input: string, output: string | Writable, options: TranscodeCommand): Promise<void> {
if (!options.twoPass) { if (!options.twoPass) {
return new Promise((resolve, reject) => { return new Promise((resolve, reject) => {
this.configureFfmpegCall(input, output, options).on('error', reject).on('end', resolve).run(); this.configureFfmpegCall(input, output, options).on('error', reject).on('end', resolve).run();
@ -150,7 +150,7 @@ export class MediaRepository implements IMediaRepository {
return { width, height }; return { width, height };
} }
private configureFfmpegCall(input: string, output: string | Writable, options: TranscodeOptions) { private configureFfmpegCall(input: string, output: string | Writable, options: TranscodeCommand) {
return ffmpeg(input, { niceness: 10 }) return ffmpeg(input, { niceness: 10 })
.inputOptions(options.inputOptions) .inputOptions(options.inputOptions)
.outputOptions(options.outputOptions) .outputOptions(options.outputOptions)

13
server/src/repositories/search.repository.ts
View file

@ -160,6 +160,7 @@ export class SearchRepository implements ISearchRepository {
assetId, assetId,
embedding, embedding,
maxDistance, maxDistance,
type,
userIds, userIds,
}: AssetDuplicateSearch): Promise<AssetDuplicateResult[]> { }: AssetDuplicateSearch): Promise<AssetDuplicateResult[]> {
const cte = this.assetRepository.createQueryBuilder('asset'); const cte = this.assetRepository.createQueryBuilder('asset');
@ -171,18 +172,22 @@ export class SearchRepository implements ISearchRepository {
.where('asset.ownerId IN (:...userIds )') .where('asset.ownerId IN (:...userIds )')
.andWhere('asset.id != :assetId') .andWhere('asset.id != :assetId')
.andWhere('asset.isVisible = :isVisible') .andWhere('asset.isVisible = :isVisible')
.andWhere('asset.type = :type')
.orderBy('search.embedding <=> :embedding') .orderBy('search.embedding <=> :embedding')
.limit(64) .limit(64)
.setParameters({ assetId, embedding: asVector(embedding), isVisible: true, userIds }); .setParameters({ assetId, embedding: asVector(embedding), isVisible: true, type, userIds });
const builder = this.assetRepository.manager const builder = this.assetRepository.manager
.createQueryBuilder() .createQueryBuilder()
.addCommonTableExpression(cte, 'cte') .addCommonTableExpression(cte, 'cte')
.from('cte', 'res') .from('cte', 'res')
.select('res.*') .select('res.*');
.where('res.distance <= :maxDistance', { maxDistance });
return builder.getRawMany() as any as Promise<AssetDuplicateResult[]>; if (maxDistance) {
builder.where('res.distance <= :maxDistance', { maxDistance });
}
return builder.getRawMany() as Promise<AssetDuplicateResult[]>;
} }
@GenerateSql({ @GenerateSql({

9
server/src/repositories/session.repository.ts
View file

@ -18,7 +18,14 @@ export class SessionRepository implements ISessionRepository {
@GenerateSql({ params: [DummyValue.STRING] }) @GenerateSql({ params: [DummyValue.STRING] })
getByToken(token: string): Promise<SessionEntity | null> { getByToken(token: string): Promise<SessionEntity | null> {
return this.repository.findOne({ where: { token }, relations: { user: true } }); return this.repository.findOne({
where: { token },
relations: {
user: {
metadata: true,
},
},
});
} }
getByUserId(userId: string): Promise<SessionEntity[]> { getByUserId(userId: string): Promise<SessionEntity[]> {

1
server/src/services/auth.service.spec.ts
View file

@ -138,6 +138,7 @@ describe('AuthService', () => {
email: 'test@immich.com', email: 'test@immich.com',
password: 'hash-password', password: 'hash-password',
} as UserEntity); } as UserEntity);
userMock.update.mockResolvedValue(userStub.user1);
await sut.changePassword(auth, dto); await sut.changePassword(auth, dto);

27
server/src/services/auth.service.ts
View file

@ -11,7 +11,7 @@ import { DateTime } from 'luxon';
import { IncomingHttpHeaders } from 'node:http'; import { IncomingHttpHeaders } from 'node:http';
import { ClientMetadata, Issuer, UserinfoResponse, custom, generators } from 'openid-client'; import { ClientMetadata, Issuer, UserinfoResponse, custom, generators } from 'openid-client';
import { SystemConfig } from 'src/config'; import { SystemConfig } from 'src/config';
import { AuthType, LOGIN_URL, MOBILE_REDIRECT } from 'src/constants'; import { AuthType, LOGIN_URL, MOBILE_REDIRECT, SALT_ROUNDS } from 'src/constants';
import { SystemConfigCore } from 'src/cores/system-config.core'; import { SystemConfigCore } from 'src/cores/system-config.core';
import { UserCore } from 'src/cores/user.core'; import { UserCore } from 'src/cores/user.core';
import { import {
@ -27,7 +27,7 @@ import {
SignUpDto, SignUpDto,
mapLoginResponse, mapLoginResponse,
} from 'src/dtos/auth.dto'; } from 'src/dtos/auth.dto';
import { UserResponseDto, mapUser } from 'src/dtos/user.dto'; import { UserAdminResponseDto, mapUserAdmin } from 'src/dtos/user.dto';
import { UserEntity } from 'src/entities/user.entity'; import { UserEntity } from 'src/entities/user.entity';
import { IKeyRepository } from 'src/interfaces/api-key.interface'; import { IKeyRepository } from 'src/interfaces/api-key.interface';
import { ICryptoRepository } from 'src/interfaces/crypto.interface'; import { ICryptoRepository } from 'src/interfaces/crypto.interface';
@ -109,7 +109,7 @@ export class AuthService {
}; };
} }
async changePassword(auth: AuthDto, dto: ChangePasswordDto) { async changePassword(auth: AuthDto, dto: ChangePasswordDto): Promise<UserAdminResponseDto> {
const { password, newPassword } = dto; const { password, newPassword } = dto;
const user = await this.userRepository.getByEmail(auth.user.email, true); const user = await this.userRepository.getByEmail(auth.user.email, true);
if (!user) { if (!user) {
@ -121,10 +121,14 @@ export class AuthService {
throw new BadRequestException('Wrong password'); throw new BadRequestException('Wrong password');
} }
return this.userCore.updateUser(auth.user, auth.user.id, { password: newPassword }); const hashedPassword = await this.cryptoRepository.hashBcrypt(newPassword, SALT_ROUNDS);
const updatedUser = await this.userRepository.update(user.id, { password: hashedPassword });
return mapUserAdmin(updatedUser);
} }
async adminSignUp(dto: SignUpDto): Promise<UserResponseDto> { async adminSignUp(dto: SignUpDto): Promise<UserAdminResponseDto> {
const adminUser = await this.userRepository.getAdmin(); const adminUser = await this.userRepository.getAdmin();
if (adminUser) { if (adminUser) {
throw new BadRequestException('The server already has an admin'); throw new BadRequestException('The server already has an admin');
@ -138,7 +142,7 @@ export class AuthService {
storageLabel: 'admin', storageLabel: 'admin',
}); });
return mapUser(admin); return mapUserAdmin(admin);
} }
async validate(headers: IncomingHttpHeaders, params: Record<string, string>): Promise<AuthDto> { async validate(headers: IncomingHttpHeaders, params: Record<string, string>): Promise<AuthDto> {
@ -237,7 +241,7 @@ export class AuthService {
return this.createLoginResponse(user, loginDetails); return this.createLoginResponse(user, loginDetails);
} }
async link(auth: AuthDto, dto: OAuthCallbackDto): Promise<UserResponseDto> { async link(auth: AuthDto, dto: OAuthCallbackDto): Promise<UserAdminResponseDto> {
const config = await this.configCore.getConfig(); const config = await this.configCore.getConfig();
const { sub: oauthId } = await this.getOAuthProfile(config, dto.url); const { sub: oauthId } = await this.getOAuthProfile(config, dto.url);
const duplicate = await this.userRepository.getByOAuthId(oauthId); const duplicate = await this.userRepository.getByOAuthId(oauthId);
@ -245,11 +249,14 @@ export class AuthService {
this.logger.warn(`OAuth link account failed: sub is already linked to another user (${duplicate.email}).`); this.logger.warn(`OAuth link account failed: sub is already linked to another user (${duplicate.email}).`);
throw new BadRequestException('This OAuth account has already been linked to another user.'); throw new BadRequestException('This OAuth account has already been linked to another user.');
} }
return mapUser(await this.userRepository.update(auth.user.id, { oauthId }));
const user = await this.userRepository.update(auth.user.id, { oauthId });
return mapUserAdmin(user);
} }
async unlink(auth: AuthDto): Promise<UserResponseDto> { async unlink(auth: AuthDto): Promise<UserAdminResponseDto> {
return mapUser(await this.userRepository.update(auth.user.id, { oauthId: '' })); const user = await this.userRepository.update(auth.user.id, { oauthId: '' });
return mapUserAdmin(user);
} }
private async getLogoutEndpoint(authType: AuthType): Promise<string> { private async getLogoutEndpoint(authType: AuthType): Promise<string> {

17
server/src/services/cli.service.ts
View file

@ -1,7 +1,7 @@
import { Inject, Injectable } from '@nestjs/common'; import { Inject, Injectable } from '@nestjs/common';
import { SALT_ROUNDS } from 'src/constants';
import { SystemConfigCore } from 'src/cores/system-config.core'; import { SystemConfigCore } from 'src/cores/system-config.core';
import { UserCore } from 'src/cores/user.core'; import { UserAdminResponseDto, mapUserAdmin } from 'src/dtos/user.dto';
import { UserResponseDto, mapUser } from 'src/dtos/user.dto';
import { ICryptoRepository } from 'src/interfaces/crypto.interface'; import { ICryptoRepository } from 'src/interfaces/crypto.interface';
import { ILoggerRepository } from 'src/interfaces/logger.interface'; import { ILoggerRepository } from 'src/interfaces/logger.interface';
import { ISystemMetadataRepository } from 'src/interfaces/system-metadata.interface'; import { ISystemMetadataRepository } from 'src/interfaces/system-metadata.interface';
@ -10,7 +10,6 @@ import { IUserRepository } from 'src/interfaces/user.interface';
@Injectable() @Injectable()
export class CliService { export class CliService {
private configCore: SystemConfigCore; private configCore: SystemConfigCore;
private userCore: UserCore;
constructor( constructor(
@Inject(ICryptoRepository) private cryptoRepository: ICryptoRepository, @Inject(ICryptoRepository) private cryptoRepository: ICryptoRepository,
@ -18,26 +17,26 @@ export class CliService {
@Inject(IUserRepository) private userRepository: IUserRepository, @Inject(IUserRepository) private userRepository: IUserRepository,
@Inject(ILoggerRepository) private logger: ILoggerRepository, @Inject(ILoggerRepository) private logger: ILoggerRepository,
) { ) {
this.userCore = UserCore.create(cryptoRepository, userRepository);
this.logger.setContext(CliService.name); this.logger.setContext(CliService.name);
this.configCore = SystemConfigCore.create(systemMetadataRepository, this.logger); this.configCore = SystemConfigCore.create(systemMetadataRepository, this.logger);
} }
async listUsers(): Promise<UserResponseDto[]> { async listUsers(): Promise<UserAdminResponseDto[]> {
const users = await this.userRepository.getList({ withDeleted: true }); const users = await this.userRepository.getList({ withDeleted: true });
return users.map((user) => mapUser(user)); return users.map((user) => mapUserAdmin(user));
} }
async resetAdminPassword(ask: (admin: UserResponseDto) => Promise<string | undefined>) { async resetAdminPassword(ask: (admin: UserAdminResponseDto) => Promise<string | undefined>) {
const admin = await this.userRepository.getAdmin(); const admin = await this.userRepository.getAdmin();
if (!admin) { if (!admin) {
throw new Error('Admin account does not exist'); throw new Error('Admin account does not exist');
} }
const providedPassword = await ask(mapUser(admin)); const providedPassword = await ask(mapUserAdmin(admin));
const password = providedPassword || this.cryptoRepository.newPassword(24); const password = providedPassword || this.cryptoRepository.newPassword(24);
const hashedPassword = await this.cryptoRepository.hashBcrypt(password, SALT_ROUNDS);
await this.userCore.updateUser(admin, admin.id, { password }); await this.userRepository.update(admin.id, { password: hashedPassword });
return { admin, password, provided: !!providedPassword }; return { admin, password, provided: !!providedPassword };
} }

6
server/src/services/duplicate.service.spec.ts
View file

@ -214,7 +214,8 @@ describe(SearchService.name, () => {
expect(searchMock.searchDuplicates).toHaveBeenCalledWith({ expect(searchMock.searchDuplicates).toHaveBeenCalledWith({
assetId: assetStub.hasEmbedding.id, assetId: assetStub.hasEmbedding.id,
embedding: assetStub.hasEmbedding.smartSearch!.embedding, embedding: assetStub.hasEmbedding.smartSearch!.embedding,
maxDistance: 0.03, maxDistance: 0.0155,
type: assetStub.hasEmbedding.type,
userIds: [assetStub.hasEmbedding.ownerId], userIds: [assetStub.hasEmbedding.ownerId],
}); });
expect(assetMock.updateDuplicates).toHaveBeenCalledWith({ expect(assetMock.updateDuplicates).toHaveBeenCalledWith({
@ -239,7 +240,8 @@ describe(SearchService.name, () => {
expect(searchMock.searchDuplicates).toHaveBeenCalledWith({ expect(searchMock.searchDuplicates).toHaveBeenCalledWith({
assetId: assetStub.hasEmbedding.id, assetId: assetStub.hasEmbedding.id,
embedding: assetStub.hasEmbedding.smartSearch!.embedding, embedding: assetStub.hasEmbedding.smartSearch!.embedding,
maxDistance: 0.03, maxDistance: 0.0155,
type: assetStub.hasEmbedding.type,
userIds: [assetStub.hasEmbedding.ownerId], userIds: [assetStub.hasEmbedding.ownerId],
}); });
expect(assetMock.updateDuplicates).toHaveBeenCalledWith({ expect(assetMock.updateDuplicates).toHaveBeenCalledWith({

1
server/src/services/duplicate.service.ts
View file

@ -94,6 +94,7 @@ export class DuplicateService {
assetId: asset.id, assetId: asset.id,
embedding: asset.smartSearch.embedding, embedding: asset.smartSearch.embedding,
maxDistance: machineLearning.duplicateDetection.maxDistance, maxDistance: machineLearning.duplicateDetection.maxDistance,
type: asset.type,
userIds: [asset.ownerId], userIds: [asset.ownerId],
}); });

2
server/src/services/index.ts
View file

@ -33,6 +33,7 @@ import { SystemMetadataService } from 'src/services/system-metadata.service';
import { TagService } from 'src/services/tag.service'; import { TagService } from 'src/services/tag.service';
import { TimelineService } from 'src/services/timeline.service'; import { TimelineService } from 'src/services/timeline.service';
import { TrashService } from 'src/services/trash.service'; import { TrashService } from 'src/services/trash.service';
import { UserAdminService } from 'src/services/user-admin.service';
import { UserService } from 'src/services/user.service'; import { UserService } from 'src/services/user.service';
import { VersionService } from 'src/services/version.service'; import { VersionService } from 'src/services/version.service';
@ -73,5 +74,6 @@ export const services = [
TimelineService, TimelineService,
TrashService, TrashService,
UserService, UserService,
UserAdminService,
VersionService, VersionService,
]; ];

18
server/src/services/media.service.spec.ts
View file

@ -294,11 +294,13 @@ describe(MediaService.name, () => {
'/original/path.ext', '/original/path.ext',
'upload/thumbs/user-id/as/se/asset-id-preview.jpeg', 'upload/thumbs/user-id/as/se/asset-id-preview.jpeg',
{ {
inputOptions: ['-ss 00:00:00', '-sws_flags accurate_rnd+bitexact+full_chroma_int'], inputOptions: ['-skip_frame nokey', '-sws_flags accurate_rnd+full_chroma_int'],
outputOptions: [ outputOptions: [
'-fps_mode vfr',
'-frames:v 1', '-frames:v 1',
'-update 1',
'-v verbose', '-v verbose',
'-vf scale=-2:1440:flags=lanczos+accurate_rnd+bitexact+full_chroma_int:out_color_matrix=601:out_range=pc,format=yuv420p', `-vf fps=12,thumbnail=12,select=gt(scene\\,0.1)+gt(n\\,20),scale=-2:1440:flags=lanczos+accurate_rnd+full_chroma_int:out_color_matrix=601:out_range=pc,format=yuv420p`,
], ],
twoPass: false, twoPass: false,
}, },
@ -319,11 +321,13 @@ describe(MediaService.name, () => {
'/original/path.ext', '/original/path.ext',
'upload/thumbs/user-id/as/se/asset-id-preview.jpeg', 'upload/thumbs/user-id/as/se/asset-id-preview.jpeg',
{ {
inputOptions: ['-ss 00:00:00', '-sws_flags accurate_rnd+bitexact+full_chroma_int'], inputOptions: ['-skip_frame nokey', '-sws_flags accurate_rnd+full_chroma_int'],
outputOptions: [ outputOptions: [
'-fps_mode vfr',
'-frames:v 1', '-frames:v 1',
'-update 1',
'-v verbose', '-v verbose',
'-vf zscale=t=linear:npl=100,tonemap=hable:desat=0,zscale=p=bt709:t=601:m=bt470bg:range=pc,format=yuv420p', `-vf fps=12,thumbnail=12,select=gt(scene\\,0.1)+gt(n\\,20),zscale=t=linear:npl=100,tonemap=hable:desat=0,zscale=p=bt709:t=601:m=bt470bg:range=pc,format=yuv420p`,
], ],
twoPass: false, twoPass: false,
}, },
@ -346,11 +350,13 @@ describe(MediaService.name, () => {
'/original/path.ext', '/original/path.ext',
'upload/thumbs/user-id/as/se/asset-id-preview.jpeg', 'upload/thumbs/user-id/as/se/asset-id-preview.jpeg',
{ {
inputOptions: ['-ss 00:00:00', '-sws_flags accurate_rnd+bitexact+full_chroma_int'], inputOptions: ['-skip_frame nokey', '-sws_flags accurate_rnd+full_chroma_int'],
outputOptions: [ outputOptions: [
'-fps_mode vfr',
'-frames:v 1', '-frames:v 1',
'-update 1',
'-v verbose', '-v verbose',
'-vf zscale=t=linear:npl=100,tonemap=hable:desat=0,zscale=p=bt709:t=601:m=bt470bg:range=pc,format=yuv420p', `-vf fps=12,thumbnail=12,select=gt(scene\\,0.1)+gt(n\\,20),zscale=t=linear:npl=100,tonemap=hable:desat=0,zscale=p=bt709:t=601:m=bt470bg:range=pc,format=yuv420p`,
], ],
twoPass: false, twoPass: false,
}, },

146
server/src/services/media.service.ts
View file

@ -27,25 +27,12 @@ import {
QueueName, QueueName,
} from 'src/interfaces/job.interface'; } from 'src/interfaces/job.interface';
import { ILoggerRepository } from 'src/interfaces/logger.interface'; import { ILoggerRepository } from 'src/interfaces/logger.interface';
import { AudioStreamInfo, IMediaRepository, VideoCodecHWConfig, VideoStreamInfo } from 'src/interfaces/media.interface'; import { AudioStreamInfo, IMediaRepository, VideoStreamInfo } from 'src/interfaces/media.interface';
import { IMoveRepository } from 'src/interfaces/move.interface'; import { IMoveRepository } from 'src/interfaces/move.interface';
import { IPersonRepository } from 'src/interfaces/person.interface'; import { IPersonRepository } from 'src/interfaces/person.interface';
import { IStorageRepository } from 'src/interfaces/storage.interface'; import { IStorageRepository } from 'src/interfaces/storage.interface';
import { ISystemMetadataRepository } from 'src/interfaces/system-metadata.interface'; import { ISystemMetadataRepository } from 'src/interfaces/system-metadata.interface';
import { import { BaseConfig, ThumbnailConfig } from 'src/utils/media';
AV1Config,
H264Config,
HEVCConfig,
NvencHwDecodeConfig,
NvencSwDecodeConfig,
QsvHwDecodeConfig,
QsvSwDecodeConfig,
RkmppHwDecodeConfig,
RkmppSwDecodeConfig,
ThumbnailConfig,
VAAPIConfig,
VP9Config,
} from 'src/utils/media';
import { mimeTypes } from 'src/utils/mime-types'; import { mimeTypes } from 'src/utils/mime-types';
import { usePagination } from 'src/utils/pagination'; import { usePagination } from 'src/utils/pagination';
@ -53,8 +40,8 @@ import { usePagination } from 'src/utils/pagination';
export class MediaService { export class MediaService {
private configCore: SystemConfigCore; private configCore: SystemConfigCore;
private storageCore: StorageCore; private storageCore: StorageCore;
private openCL: boolean | null = null; private maliOpenCL?: boolean;
private devices: string[] | null = null; private devices?: string[];
constructor( constructor(
@Inject(IAssetRepository) private assetRepository: IAssetRepository, @Inject(IAssetRepository) private assetRepository: IAssetRepository,
@ -232,8 +219,8 @@ export class MediaService {
return; return;
} }
const mainAudioStream = this.getMainStream(audioStreams); const mainAudioStream = this.getMainStream(audioStreams);
const config = { ...ffmpeg, targetResolution: size.toString() }; const config = ThumbnailConfig.create({ ...ffmpeg, targetResolution: size.toString() });
const options = new ThumbnailConfig(config).getOptions(TranscodeTarget.VIDEO, mainVideoStream, mainAudioStream); const options = config.getCommand(TranscodeTarget.VIDEO, mainVideoStream, mainAudioStream);
await this.mediaRepository.transcode(asset.originalPath, path, options); await this.mediaRepository.transcode(asset.originalPath, path, options);
break; break;
} }
@ -331,8 +318,8 @@ export class MediaService {
return JobStatus.FAILED; return JobStatus.FAILED;
} }
const { ffmpeg: config } = await this.configCore.getConfig(); const { ffmpeg } = await this.configCore.getConfig();
const target = this.getTranscodeTarget(config, mainVideoStream, mainAudioStream); const target = this.getTranscodeTarget(ffmpeg, mainVideoStream, mainAudioStream);
if (target === TranscodeTarget.NONE) { if (target === TranscodeTarget.NONE) {
if (asset.encodedVideoPath) { if (asset.encodedVideoPath) {
this.logger.log(`Transcoded video exists for asset ${asset.id}, but is no longer required. Deleting...`); this.logger.log(`Transcoded video exists for asset ${asset.id}, but is no longer required. Deleting...`);
@ -343,30 +330,28 @@ export class MediaService {
return JobStatus.SKIPPED; return JobStatus.SKIPPED;
} }
let transcodeOptions; let command;
try { try {
transcodeOptions = await this.getCodecConfig(config).then((c) => const config = BaseConfig.create(ffmpeg, await this.getDevices(), await this.hasMaliOpenCL());
c.getOptions(target, mainVideoStream, mainAudioStream), command = config.getCommand(target, mainVideoStream, mainAudioStream);
);
} catch (error) { } catch (error) {
this.logger.error(`An error occurred while configuring transcoding options: ${error}`); this.logger.error(`An error occurred while configuring transcoding options: ${error}`);
return JobStatus.FAILED; return JobStatus.FAILED;
} }
this.logger.log(`Started encoding video ${asset.id} ${JSON.stringify(transcodeOptions)}`); this.logger.log(`Started encoding video ${asset.id} ${JSON.stringify(command)}`);
try { try {
await this.mediaRepository.transcode(input, output, transcodeOptions); await this.mediaRepository.transcode(input, output, command);
} catch (error) { } catch (error) {
this.logger.error(error); this.logger.error(error);
if (config.accel !== TranscodeHWAccel.DISABLED) { if (ffmpeg.accel !== TranscodeHWAccel.DISABLED) {
this.logger.error( this.logger.error(
`Error occurred during transcoding. Retrying with ${config.accel.toUpperCase()} acceleration disabled.`, `Error occurred during transcoding. Retrying with ${ffmpeg.accel.toUpperCase()} acceleration disabled.`,
); );
} }
transcodeOptions = await this.getCodecConfig({ ...config, accel: TranscodeHWAccel.DISABLED }).then((c) => const config = BaseConfig.create({ ...ffmpeg, accel: TranscodeHWAccel.DISABLED });
c.getOptions(target, mainVideoStream, mainAudioStream), command = config.getCommand(target, mainVideoStream, mainAudioStream);
); await this.mediaRepository.transcode(input, output, command);
await this.mediaRepository.transcode(input, output, transcodeOptions);
} }
this.logger.log(`Successfully encoded ${asset.id}`); this.logger.log(`Successfully encoded ${asset.id}`);
@ -382,10 +367,10 @@ export class MediaService {
private getTranscodeTarget( private getTranscodeTarget(
config: SystemConfigFFmpegDto, config: SystemConfigFFmpegDto,
videoStream: VideoStreamInfo | null, videoStream?: VideoStreamInfo,
audioStream: AudioStreamInfo | null, audioStream?: AudioStreamInfo,
): TranscodeTarget { ): TranscodeTarget {
if (videoStream == null && audioStream == null) { if (!videoStream && !audioStream) {
return TranscodeTarget.NONE; return TranscodeTarget.NONE;
} }
@ -407,8 +392,8 @@ export class MediaService {
return TranscodeTarget.NONE; return TranscodeTarget.NONE;
} }
private isAudioTranscodeRequired(ffmpegConfig: SystemConfigFFmpegDto, stream: AudioStreamInfo | null): boolean { private isAudioTranscodeRequired(ffmpegConfig: SystemConfigFFmpegDto, stream?: AudioStreamInfo): boolean {
if (stream == null) { if (!stream) {
return false; return false;
} }
@ -430,8 +415,8 @@ export class MediaService {
} }
} }
private isVideoTranscodeRequired(ffmpegConfig: SystemConfigFFmpegDto, stream: VideoStreamInfo | null): boolean { private isVideoTranscodeRequired(ffmpegConfig: SystemConfigFFmpegDto, stream?: VideoStreamInfo): boolean {
if (stream == null) { if (!stream) {
return false; return false;
} }
@ -465,70 +450,6 @@ export class MediaService {
} }
} }
async getCodecConfig(config: SystemConfigFFmpegDto) {
if (config.accel === TranscodeHWAccel.DISABLED) {
return this.getSWCodecConfig(config);
}
return this.getHWCodecConfig(config);
}
private getSWCodecConfig(config: SystemConfigFFmpegDto) {
switch (config.targetVideoCodec) {
case VideoCodec.H264: {
return new H264Config(config);
}
case VideoCodec.HEVC: {
return new HEVCConfig(config);
}
case VideoCodec.VP9: {
return new VP9Config(config);
}
case VideoCodec.AV1: {
return new AV1Config(config);
}
default: {
throw new UnsupportedMediaTypeException(`Codec '${config.targetVideoCodec}' is unsupported`);
}
}
}
private async getHWCodecConfig(config: SystemConfigFFmpegDto) {
let handler: VideoCodecHWConfig;
switch (config.accel) {
case TranscodeHWAccel.NVENC: {
handler = config.accelDecode ? new NvencHwDecodeConfig(config) : new NvencSwDecodeConfig(config);
break;
}
case TranscodeHWAccel.QSV: {
handler = config.accelDecode
? new QsvHwDecodeConfig(config, await this.getDevices())
: new QsvSwDecodeConfig(config, await this.getDevices());
break;
}
case TranscodeHWAccel.VAAPI: {
handler = new VAAPIConfig(config, await this.getDevices());
break;
}
case TranscodeHWAccel.RKMPP: {
handler =
config.accelDecode && (await this.hasOpenCL())
? new RkmppHwDecodeConfig(config, await this.getDevices())
: new RkmppSwDecodeConfig(config, await this.getDevices());
break;
}
default: {
throw new UnsupportedMediaTypeException(`${config.accel.toUpperCase()} acceleration is unsupported`);
}
}
if (!handler.getSupportedCodecs().includes(config.targetVideoCodec)) {
throw new UnsupportedMediaTypeException(
`${config.accel.toUpperCase()} acceleration does not support codec '${config.targetVideoCodec.toUpperCase()}'. Supported codecs: ${handler.getSupportedCodecs()}`,
);
}
return handler;
}
isSRGB(asset: AssetEntity): boolean { isSRGB(asset: AssetEntity): boolean {
const { colorspace, profileDescription, bitsPerSample } = asset.exifInfo ?? {}; const { colorspace, profileDescription, bitsPerSample } = asset.exifInfo ?? {};
if (colorspace || profileDescription) { if (colorspace || profileDescription) {
@ -567,24 +488,29 @@ export class MediaService {
private async getDevices() { private async getDevices() {
if (!this.devices) { if (!this.devices) {
try {
this.devices = await this.storageRepository.readdir('/dev/dri'); this.devices = await this.storageRepository.readdir('/dev/dri');
} catch {
this.logger.debug('No devices found in /dev/dri.');
this.devices = [];
}
} }
return this.devices; return this.devices;
} }
private async hasOpenCL() { private async hasMaliOpenCL() {
if (this.openCL === null) { if (this.maliOpenCL === undefined) {
try { try {
const maliIcdStat = await this.storageRepository.stat('/etc/OpenCL/vendors/mali.icd'); const maliIcdStat = await this.storageRepository.stat('/etc/OpenCL/vendors/mali.icd');
const maliDeviceStat = await this.storageRepository.stat('/dev/mali0'); const maliDeviceStat = await this.storageRepository.stat('/dev/mali0');
this.openCL = maliIcdStat.isFile() && maliDeviceStat.isCharacterDevice(); this.maliOpenCL = maliIcdStat.isFile() && maliDeviceStat.isCharacterDevice();
} catch { } catch {
this.logger.warn('OpenCL not available for transcoding, using CPU instead.'); this.logger.debug('OpenCL not available for transcoding, using CPU decoding instead.');
this.openCL = false; this.maliOpenCL = false;
} }
} }
return this.openCL; return this.maliOpenCL;
} }
} }

47
server/src/services/partner.service.spec.ts
View file

@ -1,6 +1,4 @@
import { BadRequestException } from '@nestjs/common'; import { BadRequestException } from '@nestjs/common';
import { PartnerResponseDto } from 'src/dtos/partner.dto';
import { UserAvatarColor } from 'src/entities/user-metadata.entity';
import { IAccessRepository } from 'src/interfaces/access.interface'; import { IAccessRepository } from 'src/interfaces/access.interface';
import { IPartnerRepository, PartnerDirection } from 'src/interfaces/partner.interface'; import { IPartnerRepository, PartnerDirection } from 'src/interfaces/partner.interface';
import { PartnerService } from 'src/services/partner.service'; import { PartnerService } from 'src/services/partner.service';
@ -9,45 +7,6 @@ import { partnerStub } from 'test/fixtures/partner.stub';
import { newPartnerRepositoryMock } from 'test/repositories/partner.repository.mock'; import { newPartnerRepositoryMock } from 'test/repositories/partner.repository.mock';
import { Mocked } from 'vitest'; import { Mocked } from 'vitest';
const responseDto = {
admin: <PartnerResponseDto>{
email: 'admin@test.com',
name: 'admin_name',
id: 'admin_id',
isAdmin: true,
oauthId: '',
profileImagePath: '',
shouldChangePassword: false,
storageLabel: 'admin',
createdAt: new Date('2021-01-01'),
deletedAt: null,
updatedAt: new Date('2021-01-01'),
memoriesEnabled: true,
avatarColor: UserAvatarColor.GRAY,
quotaSizeInBytes: null,
inTimeline: true,
quotaUsageInBytes: 0,
},
user1: <PartnerResponseDto>{
email: 'immich@test.com',
name: 'immich_name',
id: 'user-id',
isAdmin: false,
oauthId: '',
profileImagePath: '',
shouldChangePassword: false,
storageLabel: null,
createdAt: new Date('2021-01-01'),
deletedAt: null,
updatedAt: new Date('2021-01-01'),
memoriesEnabled: true,
avatarColor: UserAvatarColor.PRIMARY,
inTimeline: true,
quotaSizeInBytes: null,
quotaUsageInBytes: 0,
},
};
describe(PartnerService.name, () => { describe(PartnerService.name, () => {
let sut: PartnerService; let sut: PartnerService;
let partnerMock: Mocked<IPartnerRepository>; let partnerMock: Mocked<IPartnerRepository>;
@ -65,13 +24,13 @@ describe(PartnerService.name, () => {
describe('getAll', () => { describe('getAll', () => {
it("should return a list of partners with whom I've shared my library", async () => { it("should return a list of partners with whom I've shared my library", async () => {
partnerMock.getAll.mockResolvedValue([partnerStub.adminToUser1, partnerStub.user1ToAdmin1]); partnerMock.getAll.mockResolvedValue([partnerStub.adminToUser1, partnerStub.user1ToAdmin1]);
await expect(sut.getAll(authStub.user1, PartnerDirection.SharedBy)).resolves.toEqual([responseDto.admin]); await expect(sut.getAll(authStub.user1, PartnerDirection.SharedBy)).resolves.toBeDefined();
expect(partnerMock.getAll).toHaveBeenCalledWith(authStub.user1.user.id); expect(partnerMock.getAll).toHaveBeenCalledWith(authStub.user1.user.id);
}); });
it('should return a list of partners who have shared their libraries with me', async () => { it('should return a list of partners who have shared their libraries with me', async () => {
partnerMock.getAll.mockResolvedValue([partnerStub.adminToUser1, partnerStub.user1ToAdmin1]); partnerMock.getAll.mockResolvedValue([partnerStub.adminToUser1, partnerStub.user1ToAdmin1]);
await expect(sut.getAll(authStub.user1, PartnerDirection.SharedWith)).resolves.toEqual([responseDto.admin]); await expect(sut.getAll(authStub.user1, PartnerDirection.SharedWith)).resolves.toBeDefined();
expect(partnerMock.getAll).toHaveBeenCalledWith(authStub.user1.user.id); expect(partnerMock.getAll).toHaveBeenCalledWith(authStub.user1.user.id);
}); });
}); });
@ -81,7 +40,7 @@ describe(PartnerService.name, () => {
partnerMock.get.mockResolvedValue(null); partnerMock.get.mockResolvedValue(null);
partnerMock.create.mockResolvedValue(partnerStub.adminToUser1); partnerMock.create.mockResolvedValue(partnerStub.adminToUser1);
await expect(sut.create(authStub.admin, authStub.user1.user.id)).resolves.toEqual(responseDto.user1); await expect(sut.create(authStub.admin, authStub.user1.user.id)).resolves.toBeDefined();
expect(partnerMock.create).toHaveBeenCalledWith({ expect(partnerMock.create).toHaveBeenCalledWith({
sharedById: authStub.admin.user.id, sharedById: authStub.admin.user.id,

8
server/src/services/partner.service.ts
View file

@ -25,7 +25,7 @@ export class PartnerService {
} }
const partner = await this.repository.create(partnerId); const partner = await this.repository.create(partnerId);
return this.mapToPartnerEntity(partner, PartnerDirection.SharedBy); return this.mapPartner(partner, PartnerDirection.SharedBy);
} }
async remove(auth: AuthDto, sharedWithId: string): Promise<void> { async remove(auth: AuthDto, sharedWithId: string): Promise<void> {
@ -44,7 +44,7 @@ export class PartnerService {
return partners return partners
.filter((partner) => partner.sharedBy && partner.sharedWith) // Filter out soft deleted users .filter((partner) => partner.sharedBy && partner.sharedWith) // Filter out soft deleted users
.filter((partner) => partner[key] === auth.user.id) .filter((partner) => partner[key] === auth.user.id)
.map((partner) => this.mapToPartnerEntity(partner, direction)); .map((partner) => this.mapPartner(partner, direction));
} }
async update(auth: AuthDto, sharedById: string, dto: UpdatePartnerDto): Promise<PartnerResponseDto> { async update(auth: AuthDto, sharedById: string, dto: UpdatePartnerDto): Promise<PartnerResponseDto> {
@ -52,10 +52,10 @@ export class PartnerService {
const partnerId: PartnerIds = { sharedById, sharedWithId: auth.user.id }; const partnerId: PartnerIds = { sharedById, sharedWithId: auth.user.id };
const entity = await this.repository.update({ ...partnerId, inTimeline: dto.inTimeline }); const entity = await this.repository.update({ ...partnerId, inTimeline: dto.inTimeline });
return this.mapToPartnerEntity(entity, PartnerDirection.SharedWith); return this.mapPartner(entity, PartnerDirection.SharedWith);
} }
private mapToPartnerEntity(partner: PartnerEntity, direction: PartnerDirection): PartnerResponseDto { private mapPartner(partner: PartnerEntity, direction: PartnerDirection): PartnerResponseDto {
// this is opposite to return the non-me user of the "partner" // this is opposite to return the non-me user of the "partner"
const user = mapUser( const user = mapUser(
direction === PartnerDirection.SharedBy ? partner.sharedWith : partner.sharedBy, direction === PartnerDirection.SharedBy ? partner.sharedWith : partner.sharedBy,

2
server/src/services/server-info.service.spec.ts
View file

@ -149,7 +149,7 @@ describe(ServerInfoService.name, () => {
it('should respond the server features', async () => { it('should respond the server features', async () => {
await expect(sut.getFeatures()).resolves.toEqual({ await expect(sut.getFeatures()).resolves.toEqual({
smartSearch: true, smartSearch: true,
duplicateDetection: false, duplicateDetection: true,
facialRecognition: true, facialRecognition: true,
map: true, map: true,
reverseGeocoding: true, reverseGeocoding: true,

4
server/src/services/system-config.service.spec.ts
View file

@ -81,8 +81,8 @@ const updatedConfig = Object.freeze<SystemConfig>({
modelName: 'ViT-B-32__openai', modelName: 'ViT-B-32__openai',
}, },
duplicateDetection: { duplicateDetection: {
enabled: false, enabled: true,
maxDistance: 0.03, maxDistance: 0.0155,
}, },
facialRecognition: { facialRecognition: {
enabled: true, enabled: true,

197
server/src/services/user-admin.service.spec.ts Normal file
View file

@ -0,0 +1,197 @@
import { BadRequestException, ForbiddenException } from '@nestjs/common';
import { mapUserAdmin } from 'src/dtos/user.dto';
import { UserStatus } from 'src/entities/user.entity';
import { IAlbumRepository } from 'src/interfaces/album.interface';
import { ICryptoRepository } from 'src/interfaces/crypto.interface';
import { IJobRepository, JobName } from 'src/interfaces/job.interface';
import { ILoggerRepository } from 'src/interfaces/logger.interface';
import { IUserRepository } from 'src/interfaces/user.interface';
import { UserAdminService } from 'src/services/user-admin.service';
import { authStub } from 'test/fixtures/auth.stub';
import { userStub } from 'test/fixtures/user.stub';
import { newAlbumRepositoryMock } from 'test/repositories/album.repository.mock';
import { newCryptoRepositoryMock } from 'test/repositories/crypto.repository.mock';
import { newJobRepositoryMock } from 'test/repositories/job.repository.mock';
import { newLoggerRepositoryMock } from 'test/repositories/logger.repository.mock';
import { newUserRepositoryMock } from 'test/repositories/user.repository.mock';
import { Mocked, describe } from 'vitest';
describe(UserAdminService.name, () => {
let sut: UserAdminService;
let userMock: Mocked<IUserRepository>;
let cryptoRepositoryMock: Mocked<ICryptoRepository>;
let albumMock: Mocked<IAlbumRepository>;
let jobMock: Mocked<IJobRepository>;
let loggerMock: Mocked<ILoggerRepository>;
beforeEach(() => {
albumMock = newAlbumRepositoryMock();
cryptoRepositoryMock = newCryptoRepositoryMock();
jobMock = newJobRepositoryMock();
userMock = newUserRepositoryMock();
loggerMock = newLoggerRepositoryMock();
sut = new UserAdminService(albumMock, cryptoRepositoryMock, jobMock, userMock, loggerMock);
userMock.get.mockImplementation((userId) =>
Promise.resolve([userStub.admin, userStub.user1].find((user) => user.id === userId) ?? null),
);
});
describe('create', () => {
it('should not create a user if there is no local admin account', async () => {
userMock.getAdmin.mockResolvedValueOnce(null);
await expect(
sut.create({
email: 'john_smith@email.com',
name: 'John Smith',
password: 'password',
}),
).rejects.toBeInstanceOf(BadRequestException);
});
it('should create user', async () => {
userMock.getAdmin.mockResolvedValue(userStub.admin);
userMock.create.mockResolvedValue(userStub.user1);
await expect(
sut.create({
email: userStub.user1.email,
name: userStub.user1.name,
password: 'password',
storageLabel: 'label',
}),
).resolves.toEqual(mapUserAdmin(userStub.user1));
expect(userMock.getAdmin).toBeCalled();
expect(userMock.create).toBeCalledWith({
email: userStub.user1.email,
name: userStub.user1.name,
storageLabel: 'label',
password: expect.anything(),
});
});
});
describe('update', () => {
it('should update the user', async () => {
const update = {
shouldChangePassword: true,
email: 'immich@test.com',
storageLabel: 'storage_label',
};
userMock.getByEmail.mockResolvedValue(null);
userMock.getByStorageLabel.mockResolvedValue(null);
userMock.update.mockResolvedValue(userStub.user1);
await sut.update(authStub.user1, userStub.user1.id, update);
expect(userMock.getByEmail).toHaveBeenCalledWith(update.email);
expect(userMock.getByStorageLabel).toHaveBeenCalledWith(update.storageLabel);
});
it('should not set an empty string for storage label', async () => {
userMock.update.mockResolvedValue(userStub.user1);
await sut.update(authStub.admin, userStub.user1.id, { storageLabel: '' });
expect(userMock.update).toHaveBeenCalledWith(userStub.user1.id, {
storageLabel: null,
updatedAt: expect.any(Date),
});
});
it('should not change an email to one already in use', async () => {
const dto = { id: userStub.user1.id, email: 'updated@test.com' };
userMock.get.mockResolvedValue(userStub.user1);
userMock.getByEmail.mockResolvedValue(userStub.admin);
await expect(sut.update(authStub.admin, userStub.user1.id, dto)).rejects.toBeInstanceOf(BadRequestException);
expect(userMock.update).not.toHaveBeenCalled();
});
it('should not let the admin change the storage label to one already in use', async () => {
const dto = { id: userStub.user1.id, storageLabel: 'admin' };
userMock.get.mockResolvedValue(userStub.user1);
userMock.getByStorageLabel.mockResolvedValue(userStub.admin);
await expect(sut.update(authStub.admin, userStub.user1.id, dto)).rejects.toBeInstanceOf(BadRequestException);
expect(userMock.update).not.toHaveBeenCalled();
});
it('update user information should throw error if user not found', async () => {
userMock.get.mockResolvedValueOnce(null);
await expect(
sut.update(authStub.admin, userStub.user1.id, { shouldChangePassword: true }),
).rejects.toBeInstanceOf(BadRequestException);
});
});
describe('delete', () => {
it('should throw error if user could not be found', async () => {
userMock.get.mockResolvedValue(null);
await expect(sut.delete(authStub.admin, userStub.admin.id, {})).rejects.toThrowError(BadRequestException);
expect(userMock.delete).not.toHaveBeenCalled();
});
it('cannot delete admin user', async () => {
await expect(sut.delete(authStub.admin, userStub.admin.id, {})).rejects.toBeInstanceOf(ForbiddenException);
});
it('should require the auth user be an admin', async () => {
await expect(sut.delete(authStub.user1, authStub.admin.user.id, {})).rejects.toBeInstanceOf(ForbiddenException);
expect(userMock.delete).not.toHaveBeenCalled();
});
it('should delete user', async () => {
userMock.get.mockResolvedValue(userStub.user1);
userMock.update.mockResolvedValue(userStub.user1);
await expect(sut.delete(authStub.admin, userStub.user1.id, {})).resolves.toEqual(mapUserAdmin(userStub.user1));
expect(userMock.update).toHaveBeenCalledWith(userStub.user1.id, {
status: UserStatus.DELETED,
deletedAt: expect.any(Date),
});
});
it('should force delete user', async () => {
userMock.get.mockResolvedValue(userStub.user1);
userMock.update.mockResolvedValue(userStub.user1);
await expect(sut.delete(authStub.admin, userStub.user1.id, { force: true })).resolves.toEqual(
mapUserAdmin(userStub.user1),
);
expect(userMock.update).toHaveBeenCalledWith(userStub.user1.id, {
status: UserStatus.REMOVING,
deletedAt: expect.any(Date),
});
expect(jobMock.queue).toHaveBeenCalledWith({
name: JobName.USER_DELETION,
data: { id: userStub.user1.id, force: true },
});
});
});
describe('restore', () => {
it('should throw error if user could not be found', async () => {
userMock.get.mockResolvedValue(null);
await expect(sut.restore(authStub.admin, userStub.admin.id)).rejects.toThrowError(BadRequestException);
expect(userMock.update).not.toHaveBeenCalled();
});
it('should restore an user', async () => {
userMock.get.mockResolvedValue(userStub.user1);
userMock.update.mockResolvedValue(userStub.user1);
await expect(sut.restore(authStub.admin, userStub.user1.id)).resolves.toEqual(mapUserAdmin(userStub.user1));
expect(userMock.update).toHaveBeenCalledWith(userStub.user1.id, { status: UserStatus.ACTIVE, deletedAt: null });
});
});
});

154
server/src/services/user-admin.service.ts Normal file
View file

@ -0,0 +1,154 @@
import { BadRequestException, ForbiddenException, Inject, Injectable } from '@nestjs/common';
import { SALT_ROUNDS } from 'src/constants';
import { UserCore } from 'src/cores/user.core';
import { AuthDto } from 'src/dtos/auth.dto';
import {
UserAdminCreateDto,
UserAdminDeleteDto,
UserAdminResponseDto,
UserAdminSearchDto,
UserAdminUpdateDto,
mapUserAdmin,
} from 'src/dtos/user.dto';
import { UserMetadataKey } from 'src/entities/user-metadata.entity';
import { UserStatus } from 'src/entities/user.entity';
import { IAlbumRepository } from 'src/interfaces/album.interface';
import { ICryptoRepository } from 'src/interfaces/crypto.interface';
import { IJobRepository, JobName } from 'src/interfaces/job.interface';
import { ILoggerRepository } from 'src/interfaces/logger.interface';
import { IUserRepository, UserFindOptions } from 'src/interfaces/user.interface';
import { getPreferences, getPreferencesPartial } from 'src/utils/preferences';
@Injectable()
export class UserAdminService {
private userCore: UserCore;
constructor(
@Inject(IAlbumRepository) private albumRepository: IAlbumRepository,
@Inject(ICryptoRepository) private cryptoRepository: ICryptoRepository,
@Inject(IJobRepository) private jobRepository: IJobRepository,
@Inject(IUserRepository) private userRepository: IUserRepository,
@Inject(ILoggerRepository) private logger: ILoggerRepository,
) {
this.userCore = UserCore.create(cryptoRepository, userRepository);
this.logger.setContext(UserAdminService.name);
}
async search(auth: AuthDto, dto: UserAdminSearchDto): Promise<UserAdminResponseDto[]> {
const users = await this.userRepository.getList({ withDeleted: dto.withDeleted });
return users.map((user) => mapUserAdmin(user));
}
async create(dto: UserAdminCreateDto): Promise<UserAdminResponseDto> {
const { memoriesEnabled, notify, ...rest } = dto;
let user = await this.userCore.createUser(rest);
// TODO remove and replace with entire dto.preferences config
if (memoriesEnabled === false) {
await this.userRepository.upsertMetadata(user.id, {
key: UserMetadataKey.PREFERENCES,
value: { memories: { enabled: false } },
});
user = await this.findOrFail(user.id, {});
}
const tempPassword = user.shouldChangePassword ? rest.password : undefined;
if (notify) {
await this.jobRepository.queue({ name: JobName.NOTIFY_SIGNUP, data: { id: user.id, tempPassword } });
}
return mapUserAdmin(user);
}
async get(auth: AuthDto, id: string): Promise<UserAdminResponseDto> {
const user = await this.findOrFail(id, { withDeleted: true });
return mapUserAdmin(user);
}
async update(auth: AuthDto, id: string, dto: UserAdminUpdateDto): Promise<UserAdminResponseDto> {
const user = await this.findOrFail(id, {});
if (dto.quotaSizeInBytes && user.quotaSizeInBytes !== dto.quotaSizeInBytes) {
await this.userRepository.syncUsage(id);
}
// TODO replace with entire preferences object
if (dto.memoriesEnabled !== undefined || dto.avatarColor) {
const newPreferences = getPreferences(user);
if (dto.memoriesEnabled !== undefined) {
newPreferences.memories.enabled = dto.memoriesEnabled;
delete dto.memoriesEnabled;
}
if (dto.avatarColor) {
newPreferences.avatar.color = dto.avatarColor;
delete dto.avatarColor;
}
await this.userRepository.upsertMetadata(id, {
key: UserMetadataKey.PREFERENCES,
value: getPreferencesPartial(user, newPreferences),
});
}
if (dto.email) {
const duplicate = await this.userRepository.getByEmail(dto.email);
if (duplicate && duplicate.id !== id) {
throw new BadRequestException('Email already in use by another account');
}
}
if (dto.storageLabel) {
const duplicate = await this.userRepository.getByStorageLabel(dto.storageLabel);
if (duplicate && duplicate.id !== id) {
throw new BadRequestException('Storage label already in use by another account');
}
}
if (dto.password) {
dto.password = await this.cryptoRepository.hashBcrypt(dto.password, SALT_ROUNDS);
}
if (dto.storageLabel === '') {
dto.storageLabel = null;
}
const updatedUser = await this.userRepository.update(id, { ...dto, updatedAt: new Date() });
return mapUserAdmin(updatedUser);
}
async delete(auth: AuthDto, id: string, dto: UserAdminDeleteDto): Promise<UserAdminResponseDto> {
const { force } = dto;
const { isAdmin } = await this.findOrFail(id, {});
if (isAdmin) {
throw new ForbiddenException('Cannot delete admin user');
}
await this.albumRepository.softDeleteAll(id);
const status = force ? UserStatus.REMOVING : UserStatus.DELETED;
const user = await this.userRepository.update(id, { status, deletedAt: new Date() });
if (force) {
await this.jobRepository.queue({ name: JobName.USER_DELETION, data: { id: user.id, force } });
}
return mapUserAdmin(user);
}
async restore(auth: AuthDto, id: string): Promise<UserAdminResponseDto> {
await this.findOrFail(id, { withDeleted: true });
await this.albumRepository.restoreAll(id);
const user = await this.userRepository.update(id, { deletedAt: null, status: UserStatus.ACTIVE });
return mapUserAdmin(user);
}
private async findOrFail(id: string, options: UserFindOptions) {
const user = await this.userRepository.get(id, options);
if (!user) {
throw new BadRequestException('User not found');
}
return user;
}
}

264
server/src/services/user.service.spec.ts
View file

@ -1,11 +1,5 @@
import { import { BadRequestException, InternalServerErrorException, NotFoundException } from '@nestjs/common';
BadRequestException, import { UserEntity } from 'src/entities/user.entity';
ForbiddenException,
InternalServerErrorException,
NotFoundException,
} from '@nestjs/common';
import { UpdateUserDto, mapUser } from 'src/dtos/user.dto';
import { UserEntity, UserStatus } from 'src/entities/user.entity';
import { IAlbumRepository } from 'src/interfaces/album.interface'; import { IAlbumRepository } from 'src/interfaces/album.interface';
import { ICryptoRepository } from 'src/interfaces/crypto.interface'; import { ICryptoRepository } from 'src/interfaces/crypto.interface';
import { IJobRepository, JobName } from 'src/interfaces/job.interface'; import { IJobRepository, JobName } from 'src/interfaces/job.interface';
@ -63,13 +57,13 @@ describe(UserService.name, () => {
describe('getAll', () => { describe('getAll', () => {
it('should get all users', async () => { it('should get all users', async () => {
userMock.getList.mockResolvedValue([userStub.admin]); userMock.getList.mockResolvedValue([userStub.admin]);
await expect(sut.getAll(authStub.admin, false)).resolves.toEqual([ await expect(sut.search()).resolves.toEqual([
expect.objectContaining({ expect.objectContaining({
id: authStub.admin.user.id, id: authStub.admin.user.id,
email: authStub.admin.user.email, email: authStub.admin.user.email,
}), }),
]); ]);
expect(userMock.getList).toHaveBeenCalledWith({ withDeleted: true }); expect(userMock.getList).toHaveBeenCalledWith({ withDeleted: false });
}); });
}); });
@ -82,255 +76,17 @@ describe(UserService.name, () => {
it('should throw an error if a user is not found', async () => { it('should throw an error if a user is not found', async () => {
userMock.get.mockResolvedValue(null); userMock.get.mockResolvedValue(null);
await expect(sut.get(authStub.admin.user.id)).rejects.toBeInstanceOf(NotFoundException); await expect(sut.get(authStub.admin.user.id)).rejects.toBeInstanceOf(BadRequestException);
expect(userMock.get).toHaveBeenCalledWith(authStub.admin.user.id, { withDeleted: false }); expect(userMock.get).toHaveBeenCalledWith(authStub.admin.user.id, { withDeleted: false });
}); });
}); });
describe('getMe', () => { describe('getMe', () => {
it("should get the auth user's info", async () => { it("should get the auth user's info", () => {
userMock.get.mockResolvedValue(userStub.admin); const user = authStub.admin.user;
await sut.getMe(authStub.admin); expect(sut.getMe(authStub.admin)).toMatchObject({
expect(userMock.get).toHaveBeenCalledWith(authStub.admin.user.id, {}); id: user.id,
}); email: user.email,
it('should throw an error if a user is not found', async () => {
userMock.get.mockResolvedValue(null);
await expect(sut.getMe(authStub.admin)).rejects.toBeInstanceOf(BadRequestException);
expect(userMock.get).toHaveBeenCalledWith(authStub.admin.user.id, {});
});
});
describe('update', () => {
it('should update user', async () => {
const update: UpdateUserDto = {
id: userStub.user1.id,
shouldChangePassword: true,
email: 'immich@test.com',
storageLabel: 'storage_label',
};
userMock.getByEmail.mockResolvedValue(null);
userMock.getByStorageLabel.mockResolvedValue(null);
userMock.update.mockResolvedValue(userStub.user1);
await sut.update({ user: { ...authStub.user1.user, isAdmin: true } }, update);
expect(userMock.getByEmail).toHaveBeenCalledWith(update.email);
expect(userMock.getByStorageLabel).toHaveBeenCalledWith(update.storageLabel);
});
it('should not set an empty string for storage label', async () => {
userMock.update.mockResolvedValue(userStub.user1);
await sut.update(authStub.admin, { id: userStub.user1.id, storageLabel: '' });
expect(userMock.update).toHaveBeenCalledWith(userStub.user1.id, {
id: userStub.user1.id,
storageLabel: null,
updatedAt: expect.any(Date),
});
});
it('should omit a storage label set by non-admin users', async () => {
userMock.update.mockResolvedValue(userStub.user1);
await sut.update({ user: userStub.user1 }, { id: userStub.user1.id, storageLabel: 'admin' });
expect(userMock.update).toHaveBeenCalledWith(userStub.user1.id, {
id: userStub.user1.id,
updatedAt: expect.any(Date),
});
});
it('user can only update its information', async () => {
userMock.get.mockResolvedValueOnce({
...userStub.user1,
id: 'not_immich_auth_user_id',
});
const result = sut.update(
{ user: userStub.user1 },
{
id: 'not_immich_auth_user_id',
password: 'I take over your account now',
},
);
await expect(result).rejects.toBeInstanceOf(ForbiddenException);
});
it('should let a user change their email', async () => {
const dto = { id: userStub.user1.id, email: 'updated@test.com' };
userMock.get.mockResolvedValue(userStub.user1);
userMock.update.mockResolvedValue(userStub.user1);
await sut.update({ user: userStub.user1 }, dto);
expect(userMock.update).toHaveBeenCalledWith(userStub.user1.id, {
id: 'user-id',
email: 'updated@test.com',
updatedAt: expect.any(Date),
});
});
it('should not let a user change their email to one already in use', async () => {
const dto = { id: userStub.user1.id, email: 'updated@test.com' };
userMock.get.mockResolvedValue(userStub.user1);
userMock.getByEmail.mockResolvedValue(userStub.admin);
await expect(sut.update({ user: userStub.user1 }, dto)).rejects.toBeInstanceOf(BadRequestException);
expect(userMock.update).not.toHaveBeenCalled();
});
it('should not let the admin change the storage label to one already in use', async () => {
const dto = { id: userStub.user1.id, storageLabel: 'admin' };
userMock.get.mockResolvedValue(userStub.user1);
userMock.getByStorageLabel.mockResolvedValue(userStub.admin);
await expect(sut.update(authStub.admin, dto)).rejects.toBeInstanceOf(BadRequestException);
expect(userMock.update).not.toHaveBeenCalled();
});
it('admin can update any user information', async () => {
const update: UpdateUserDto = {
id: userStub.user1.id,
shouldChangePassword: true,
};
userMock.update.mockResolvedValueOnce(userStub.user1);
await sut.update(authStub.admin, update);
expect(userMock.update).toHaveBeenCalledWith(userStub.user1.id, {
id: 'user-id',
shouldChangePassword: true,
updatedAt: expect.any(Date),
});
});
it('update user information should throw error if user not found', async () => {
userMock.get.mockResolvedValueOnce(null);
const result = sut.update(authStub.admin, {
id: userStub.user1.id,
shouldChangePassword: true,
});
await expect(result).rejects.toBeInstanceOf(BadRequestException);
});
it('should let the admin update himself', async () => {
const dto = { id: userStub.admin.id, shouldChangePassword: true, isAdmin: true };
userMock.update.mockResolvedValueOnce(userStub.admin);
await sut.update(authStub.admin, dto);
expect(userMock.update).toHaveBeenCalledWith(userStub.admin.id, { ...dto, updatedAt: expect.any(Date) });
});
it('should not let the another user become an admin', async () => {
const dto = { id: userStub.user1.id, shouldChangePassword: true, isAdmin: true };
userMock.get.mockResolvedValueOnce(userStub.user1);
await expect(sut.update(authStub.admin, dto)).rejects.toBeInstanceOf(BadRequestException);
});
});
describe('restore', () => {
it('should throw error if user could not be found', async () => {
userMock.get.mockResolvedValue(null);
await expect(sut.restore(authStub.admin, userStub.admin.id)).rejects.toThrowError(BadRequestException);
expect(userMock.update).not.toHaveBeenCalled();
});
it('should restore an user', async () => {
userMock.get.mockResolvedValue(userStub.user1);
userMock.update.mockResolvedValue(userStub.user1);
await expect(sut.restore(authStub.admin, userStub.user1.id)).resolves.toEqual(mapUser(userStub.user1));
expect(userMock.update).toHaveBeenCalledWith(userStub.user1.id, { status: UserStatus.ACTIVE, deletedAt: null });
});
});
describe('delete', () => {
it('should throw error if user could not be found', async () => {
userMock.get.mockResolvedValue(null);
await expect(sut.delete(authStub.admin, userStub.admin.id, {})).rejects.toThrowError(BadRequestException);
expect(userMock.delete).not.toHaveBeenCalled();
});
it('cannot delete admin user', async () => {
await expect(sut.delete(authStub.admin, userStub.admin.id, {})).rejects.toBeInstanceOf(ForbiddenException);
});
it('should require the auth user be an admin', async () => {
await expect(sut.delete(authStub.user1, authStub.admin.user.id, {})).rejects.toBeInstanceOf(ForbiddenException);
expect(userMock.delete).not.toHaveBeenCalled();
});
it('should delete user', async () => {
userMock.get.mockResolvedValue(userStub.user1);
userMock.update.mockResolvedValue(userStub.user1);
await expect(sut.delete(authStub.admin, userStub.user1.id, {})).resolves.toEqual(mapUser(userStub.user1));
expect(userMock.update).toHaveBeenCalledWith(userStub.user1.id, {
status: UserStatus.DELETED,
deletedAt: expect.any(Date),
});
});
it('should force delete user', async () => {
userMock.get.mockResolvedValue(userStub.user1);
userMock.update.mockResolvedValue(userStub.user1);
await expect(sut.delete(authStub.admin, userStub.user1.id, { force: true })).resolves.toEqual(
mapUser(userStub.user1),
);
expect(userMock.update).toHaveBeenCalledWith(userStub.user1.id, {
status: UserStatus.REMOVING,
deletedAt: expect.any(Date),
});
expect(jobMock.queue).toHaveBeenCalledWith({
name: JobName.USER_DELETION,
data: { id: userStub.user1.id, force: true },
});
});
});
describe('create', () => {
it('should not create a user if there is no local admin account', async () => {
userMock.getAdmin.mockResolvedValueOnce(null);
await expect(
sut.create({
email: 'john_smith@email.com',
name: 'John Smith',
password: 'password',
}),
).rejects.toBeInstanceOf(BadRequestException);
});
it('should create user', async () => {
userMock.getAdmin.mockResolvedValue(userStub.admin);
userMock.create.mockResolvedValue(userStub.user1);
await expect(
sut.create({
email: userStub.user1.email,
name: userStub.user1.name,
password: 'password',
storageLabel: 'label',
}),
).resolves.toEqual(mapUser(userStub.user1));
expect(userMock.getAdmin).toBeCalled();
expect(userMock.create).toBeCalledWith({
email: userStub.user1.email,
name: userStub.user1.name,
storageLabel: 'label',
password: expect.anything(),
}); });
}); });
}); });

103
server/src/services/user.service.ts
View file

@ -1,13 +1,13 @@
import { BadRequestException, ForbiddenException, Inject, Injectable, NotFoundException } from '@nestjs/common'; import { BadRequestException, Inject, Injectable, NotFoundException } from '@nestjs/common';
import { DateTime } from 'luxon'; import { DateTime } from 'luxon';
import { SALT_ROUNDS } from 'src/constants';
import { StorageCore, StorageFolder } from 'src/cores/storage.core'; import { StorageCore, StorageFolder } from 'src/cores/storage.core';
import { SystemConfigCore } from 'src/cores/system-config.core'; import { SystemConfigCore } from 'src/cores/system-config.core';
import { UserCore } from 'src/cores/user.core';
import { AuthDto } from 'src/dtos/auth.dto'; import { AuthDto } from 'src/dtos/auth.dto';
import { CreateProfileImageResponseDto, mapCreateProfileImageResponse } from 'src/dtos/user-profile.dto'; import { CreateProfileImageResponseDto, mapCreateProfileImageResponse } from 'src/dtos/user-profile.dto';
import { CreateUserDto, DeleteUserDto, UpdateUserDto, UserResponseDto, mapUser } from 'src/dtos/user.dto'; import { UserAdminResponseDto, UserResponseDto, UserUpdateMeDto, mapUser, mapUserAdmin } from 'src/dtos/user.dto';
import { UserMetadataKey } from 'src/entities/user-metadata.entity'; import { UserMetadataKey } from 'src/entities/user-metadata.entity';
import { UserEntity, UserStatus } from 'src/entities/user.entity'; import { UserEntity } from 'src/entities/user.entity';
import { IAlbumRepository } from 'src/interfaces/album.interface'; import { IAlbumRepository } from 'src/interfaces/album.interface';
import { ICryptoRepository } from 'src/interfaces/crypto.interface'; import { ICryptoRepository } from 'src/interfaces/crypto.interface';
import { IEntityJob, IJobRepository, JobName, JobStatus } from 'src/interfaces/job.interface'; import { IEntityJob, IJobRepository, JobName, JobStatus } from 'src/interfaces/job.interface';
@ -21,73 +21,30 @@ import { getPreferences, getPreferencesPartial } from 'src/utils/preferences';
@Injectable() @Injectable()
export class UserService { export class UserService {
private configCore: SystemConfigCore; private configCore: SystemConfigCore;
private userCore: UserCore;
constructor( constructor(
@Inject(IAlbumRepository) private albumRepository: IAlbumRepository, @Inject(IAlbumRepository) private albumRepository: IAlbumRepository,
@Inject(ICryptoRepository) cryptoRepository: ICryptoRepository, @Inject(ICryptoRepository) private cryptoRepository: ICryptoRepository,
@Inject(IJobRepository) private jobRepository: IJobRepository, @Inject(IJobRepository) private jobRepository: IJobRepository,
@Inject(IStorageRepository) private storageRepository: IStorageRepository, @Inject(IStorageRepository) private storageRepository: IStorageRepository,
@Inject(ISystemMetadataRepository) systemMetadataRepository: ISystemMetadataRepository, @Inject(ISystemMetadataRepository) systemMetadataRepository: ISystemMetadataRepository,
@Inject(IUserRepository) private userRepository: IUserRepository, @Inject(IUserRepository) private userRepository: IUserRepository,
@Inject(ILoggerRepository) private logger: ILoggerRepository, @Inject(ILoggerRepository) private logger: ILoggerRepository,
) { ) {
this.userCore = UserCore.create(cryptoRepository, userRepository);
this.logger.setContext(UserService.name); this.logger.setContext(UserService.name);
this.configCore = SystemConfigCore.create(systemMetadataRepository, this.logger); this.configCore = SystemConfigCore.create(systemMetadataRepository, this.logger);
} }
async listUsers(): Promise<UserResponseDto[]> { async search(): Promise<UserResponseDto[]> {
const users = await this.userRepository.getList({ withDeleted: true }); const users = await this.userRepository.getList({ withDeleted: false });
return users.map((user) => mapUser(user)); return users.map((user) => mapUser(user));
} }
async getAll(auth: AuthDto, isAll: boolean): Promise<UserResponseDto[]> { getMe(auth: AuthDto): UserAdminResponseDto {
const users = await this.userRepository.getList({ withDeleted: !isAll }); return mapUserAdmin(auth.user);
return users.map((user) => mapUser(user));
}
async get(userId: string): Promise<UserResponseDto> {
const user = await this.userRepository.get(userId, { withDeleted: false });
if (!user) {
throw new NotFoundException('User not found');
}
return mapUser(user);
}
getMe(auth: AuthDto): Promise<UserResponseDto> {
return this.findOrFail(auth.user.id, {}).then(mapUser);
}
async create(dto: CreateUserDto): Promise<UserResponseDto> {
const { memoriesEnabled, notify, ...rest } = dto;
let user = await this.userCore.createUser(rest);
// TODO remove and replace with entire dto.preferences config
if (memoriesEnabled === false) {
await this.userRepository.upsertMetadata(user.id, {
key: UserMetadataKey.PREFERENCES,
value: { memories: { enabled: false } },
});
user = await this.findOrFail(user.id, {});
}
const tempPassword = user.shouldChangePassword ? rest.password : undefined;
if (notify) {
await this.jobRepository.queue({ name: JobName.NOTIFY_SIGNUP, data: { id: user.id, tempPassword } });
}
return mapUser(user);
}
async update(auth: AuthDto, dto: UpdateUserDto): Promise<UserResponseDto> {
const user = await this.findOrFail(dto.id, {});
if (dto.quotaSizeInBytes && user.quotaSizeInBytes !== dto.quotaSizeInBytes) {
await this.userRepository.syncUsage(dto.id);
} }
async updateMe({ user }: AuthDto, dto: UserUpdateMeDto): Promise<UserAdminResponseDto> {
// TODO replace with entire preferences object // TODO replace with entire preferences object
if (dto.memoriesEnabled !== undefined || dto.avatarColor) { if (dto.memoriesEnabled !== undefined || dto.avatarColor) {
const newPreferences = getPreferences(user); const newPreferences = getPreferences(user);
@ -101,42 +58,40 @@ export class UserService {
delete dto.avatarColor; delete dto.avatarColor;
} }
await this.userRepository.upsertMetadata(dto.id, { await this.userRepository.upsertMetadata(user.id, {
key: UserMetadataKey.PREFERENCES, key: UserMetadataKey.PREFERENCES,
value: getPreferencesPartial(user, newPreferences), value: getPreferencesPartial(user, newPreferences),
}); });
} }
const updatedUser = await this.userCore.updateUser(auth.user, dto.id, dto); if (dto.email) {
const duplicate = await this.userRepository.getByEmail(dto.email);
return mapUser(updatedUser); if (duplicate && duplicate.id !== user.id) {
throw new BadRequestException('Email already in use by another account');
}
} }
async delete(auth: AuthDto, id: string, dto: DeleteUserDto): Promise<UserResponseDto> { const update: Partial<UserEntity> = {
const { force } = dto; email: dto.email,
const { isAdmin } = await this.findOrFail(id, {}); name: dto.name,
if (isAdmin) { };
throw new ForbiddenException('Cannot delete admin user');
if (dto.password) {
const hashedPassword = await this.cryptoRepository.hashBcrypt(dto.password, SALT_ROUNDS);
update.password = hashedPassword;
update.shouldChangePassword = false;
} }
await this.albumRepository.softDeleteAll(id); const updatedUser = await this.userRepository.update(user.id, update);
const status = force ? UserStatus.REMOVING : UserStatus.DELETED; return mapUserAdmin(updatedUser);
const user = await this.userRepository.update(id, { status, deletedAt: new Date() });
if (force) {
await this.jobRepository.queue({ name: JobName.USER_DELETION, data: { id: user.id, force } });
} }
async get(id: string): Promise<UserResponseDto> {
const user = await this.findOrFail(id, { withDeleted: false });
return mapUser(user); return mapUser(user);
} }
async restore(auth: AuthDto, id: string): Promise<UserResponseDto> {
await this.findOrFail(id, { withDeleted: true });
await this.albumRepository.restoreAll(id);
return this.userRepository.update(id, { deletedAt: null, status: UserStatus.ACTIVE }).then(mapUser);
}
async createProfileImage(auth: AuthDto, fileInfo: Express.Multer.File): Promise<CreateProfileImageResponseDto> { async createProfileImage(auth: AuthDto, fileInfo: Express.Multer.File): Promise<CreateProfileImageResponseDto> {
const { profileImagePath: oldpath } = await this.findOrFail(auth.user.id, { withDeleted: false }); const { profileImagePath: oldpath } = await this.findOrFail(auth.user.id, { withDeleted: false });
const updatedUser = await this.userRepository.update(auth.user.id, { profileImagePath: fileInfo.path }); const updatedUser = await this.userRepository.update(auth.user.id, { profileImagePath: fileInfo.path });

102
server/src/utils/media.ts
View file

@ -3,22 +3,84 @@ import { SystemConfigFFmpegDto } from 'src/dtos/system-config.dto';
import { import {
AudioStreamInfo, AudioStreamInfo,
BitrateDistribution, BitrateDistribution,
TranscodeOptions, TranscodeCommand,
VideoCodecHWConfig, VideoCodecHWConfig,
VideoCodecSWConfig, VideoCodecSWConfig,
VideoStreamInfo, VideoStreamInfo,
} from 'src/interfaces/media.interface'; } from 'src/interfaces/media.interface';
class BaseConfig implements VideoCodecSWConfig { export class BaseConfig implements VideoCodecSWConfig {
presets = ['veryslow', 'slower', 'slow', 'medium', 'fast', 'faster', 'veryfast', 'superfast', 'ultrafast']; readonly presets = ['veryslow', 'slower', 'slow', 'medium', 'fast', 'faster', 'veryfast', 'superfast', 'ultrafast'];
constructor(protected config: SystemConfigFFmpegDto) {} protected constructor(protected config: SystemConfigFFmpegDto) {}
getOptions(target: TranscodeTarget, videoStream: VideoStreamInfo, audioStream?: AudioStreamInfo) { static create(config: SystemConfigFFmpegDto, devices: string[] = [], hasMaliOpenCL = false): VideoCodecSWConfig {
if (config.accel === TranscodeHWAccel.DISABLED) {
return this.getSWCodecConfig(config);
}
return this.getHWCodecConfig(config, devices, hasMaliOpenCL);
}
private static getSWCodecConfig(config: SystemConfigFFmpegDto) {
switch (config.targetVideoCodec) {
case VideoCodec.H264: {
return new H264Config(config);
}
case VideoCodec.HEVC: {
return new HEVCConfig(config);
}
case VideoCodec.VP9: {
return new VP9Config(config);
}
case VideoCodec.AV1: {
return new AV1Config(config);
}
default: {
throw new Error(`Codec '${config.targetVideoCodec}' is unsupported`);
}
}
}
private static getHWCodecConfig(config: SystemConfigFFmpegDto, devices: string[] = [], hasMaliOpenCL = false) {
let handler: VideoCodecHWConfig;
switch (config.accel) {
case TranscodeHWAccel.NVENC: {
handler = config.accelDecode ? new NvencHwDecodeConfig(config) : new NvencSwDecodeConfig(config);
break;
}
case TranscodeHWAccel.QSV: {
handler = config.accelDecode ? new QsvHwDecodeConfig(config, devices) : new QsvSwDecodeConfig(config, devices);
break;
}
case TranscodeHWAccel.VAAPI: {
handler = new VAAPIConfig(config, devices);
break;
}
case TranscodeHWAccel.RKMPP: {
handler =
config.accelDecode && hasMaliOpenCL
? new RkmppHwDecodeConfig(config, devices)
: new RkmppSwDecodeConfig(config, devices);
break;
}
default: {
throw new Error(`${config.accel.toUpperCase()} acceleration is unsupported`);
}
}
if (!handler.getSupportedCodecs().includes(config.targetVideoCodec)) {
throw new Error(
`${config.accel.toUpperCase()} acceleration does not support codec '${config.targetVideoCodec.toUpperCase()}'. Supported codecs: ${handler.getSupportedCodecs()}`,
);
}
return handler;
}
getCommand(target: TranscodeTarget, videoStream: VideoStreamInfo, audioStream?: AudioStreamInfo) {
const options = { const options = {
inputOptions: this.getBaseInputOptions(videoStream), inputOptions: this.getBaseInputOptions(videoStream),
outputOptions: [...this.getBaseOutputOptions(target, videoStream, audioStream), '-v verbose'], outputOptions: [...this.getBaseOutputOptions(target, videoStream, audioStream), '-v verbose'],
twoPass: this.eligibleForTwoPass(), twoPass: this.eligibleForTwoPass(),
} as TranscodeOptions; } as TranscodeCommand;
if ([TranscodeTarget.ALL, TranscodeTarget.VIDEO].includes(target)) { if ([TranscodeTarget.ALL, TranscodeTarget.VIDEO].includes(target)) {
const filters = this.getFilterOptions(videoStream); const filters = this.getFilterOptions(videoStream);
if (filters.length > 0) { if (filters.length > 0) {
@ -318,11 +380,20 @@ export class BaseHWConfig extends BaseConfig implements VideoCodecHWConfig {
} }
export class ThumbnailConfig extends BaseConfig { export class ThumbnailConfig extends BaseConfig {
getBaseInputOptions(): string[] { static create(config: SystemConfigFFmpegDto): VideoCodecSWConfig {
return ['-ss 00:00:00', '-sws_flags accurate_rnd+bitexact+full_chroma_int']; return new ThumbnailConfig(config);
} }
getBaseInputOptions(): string[] {
return ['-skip_frame nokey', '-sws_flags accurate_rnd+full_chroma_int'];
}
getBaseOutputOptions() { getBaseOutputOptions() {
return ['-frames:v 1']; return ['-fps_mode vfr', '-frames:v 1', '-update 1'];
}
getFilterOptions(videoStream: VideoStreamInfo): string[] {
return ['fps=12', 'thumbnail=12', `select=gt(scene\\,0.1)+gt(n\\,20)`, ...super.getFilterOptions(videoStream)];
} }
getPresetOptions() { getPresetOptions() {
@ -338,8 +409,7 @@ export class ThumbnailConfig extends BaseConfig {
} }
getScaling(videoStream: VideoStreamInfo) { getScaling(videoStream: VideoStreamInfo) {
let options = super.getScaling(videoStream); let options = super.getScaling(videoStream) + ':flags=lanczos+accurate_rnd+full_chroma_int';
options += ':flags=lanczos+accurate_rnd+bitexact+full_chroma_int';
if (!this.shouldToneMap(videoStream)) { if (!this.shouldToneMap(videoStream)) {
options += ':out_color_matrix=601:out_range=pc'; options += ':out_color_matrix=601:out_range=pc';
} }
@ -534,8 +604,6 @@ export class NvencHwDecodeConfig extends NvencSwDecodeConfig {
options.push(...this.getToneMapping(videoStream)); options.push(...this.getToneMapping(videoStream));
if (options.length > 0) { if (options.length > 0) {
options[options.length - 1] += ':format=nv12'; options[options.length - 1] += ':format=nv12';
} else {
options.push('format=nv12');
} }
return options; return options;
} }
@ -559,7 +627,7 @@ export class NvencHwDecodeConfig extends NvencSwDecodeConfig {
} }
getInputThreadOptions() { getInputThreadOptions() {
return [`-threads ${this.config.threads <= 0 ? 1 : this.config.threads}`]; return [`-threads 1`];
} }
getOutputThreadOptions() { getOutputThreadOptions() {
@ -649,7 +717,7 @@ export class QsvHwDecodeConfig extends QsvSwDecodeConfig {
throw new Error('No QSV device found'); throw new Error('No QSV device found');
} }
const options = ['-hwaccel qsv', '-hwaccel_output_format qsv', '-async_depth 4', '-threads 1']; const options = ['-hwaccel qsv', '-hwaccel_output_format qsv', '-async_depth 4', ...this.getInputThreadOptions()];
const hwDevice = this.getPreferredHardwareDevice(); const hwDevice = this.getPreferredHardwareDevice();
if (hwDevice) { if (hwDevice) {
options.push(`-qsv_device ${hwDevice}`); options.push(`-qsv_device ${hwDevice}`);
@ -694,6 +762,10 @@ export class QsvHwDecodeConfig extends QsvSwDecodeConfig {
'hwmap=derive_device=qsv:reverse=1,format=qsv', 'hwmap=derive_device=qsv:reverse=1,format=qsv',
]; ];
} }
getInputThreadOptions() {
return [`-threads 1`];
}
} }
export class VAAPIConfig extends BaseHWConfig { export class VAAPIConfig extends BaseHWConfig {

2
server/src/validation.ts
View file

@ -154,7 +154,7 @@ export function validateCronExpression(expression: string) {
type IValue = { value: string }; type IValue = { value: string };
export const toEmail = ({ value }: IValue) => value?.toLowerCase(); export const toEmail = ({ value }: IValue) => (value ? value.toLowerCase() : value);
export const toSanitized = ({ value }: IValue) => sanitize((value || '').replaceAll('.', '')); export const toSanitized = ({ value }: IValue) => sanitize((value || '').replaceAll('.', ''));

1
web/.eslintrc.cjs
View file

@ -51,6 +51,7 @@ module.exports = {
'unicorn/consistent-function-scoping': 'off', 'unicorn/consistent-function-scoping': 'off',
'unicorn/prefer-top-level-await': 'off', 'unicorn/prefer-top-level-await': 'off',
'unicorn/import-style': 'off', 'unicorn/import-style': 'off',
'svelte/button-has-type': 'error',
// TODO: set recommended-type-checked and remove these rules // TODO: set recommended-type-checked and remove these rules
'@typescript-eslint/await-thenable': 'error', '@typescript-eslint/await-thenable': 'error',
'@typescript-eslint/no-floating-promises': 'error', '@typescript-eslint/no-floating-promises': 'error',

6
web/src/lib/components/admin-page/delete-confirm-dialogue.svelte
View file

@ -1,7 +1,7 @@
<script lang="ts"> <script lang="ts">
import ConfirmDialogue from '$lib/components/shared-components/confirm-dialogue.svelte'; import ConfirmDialogue from '$lib/components/shared-components/confirm-dialogue.svelte';
import { handleError } from '$lib/utils/handle-error'; import { handleError } from '$lib/utils/handle-error';
import { deleteUser, type UserResponseDto } from '@immich/sdk'; import { deleteUserAdmin, type UserResponseDto } from '@immich/sdk';
import { serverConfig } from '$lib/stores/server-config.store'; import { serverConfig } from '$lib/stores/server-config.store';
import { createEventDispatcher } from 'svelte'; import { createEventDispatcher } from 'svelte';
import Checkbox from '$lib/components/elements/checkbox.svelte'; import Checkbox from '$lib/components/elements/checkbox.svelte';
@ -20,9 +20,9 @@
const handleDeleteUser = async () => { const handleDeleteUser = async () => {
try { try {
const { deletedAt } = await deleteUser({ const { deletedAt } = await deleteUserAdmin({
id: user.id, id: user.id,
deleteUserDto: { force: forceDelete }, userAdminDeleteDto: { force: forceDelete },
}); });
if (deletedAt == undefined) { if (deletedAt == undefined) {

1
web/src/lib/components/admin-page/jobs/job-tile-button.svelte
View file

@ -17,6 +17,7 @@
</script> </script>
<button <button
type="button"
{disabled} {disabled}
class="flex h-full w-full flex-col place-content-center place-items-center gap-2 px-8 py-2 text-xs text-gray-600 transition-colors dark:text-gray-200 {colorClasses[ class="flex h-full w-full flex-col place-content-center place-items-center gap-2 px-8 py-2 text-xs text-gray-600 transition-colors dark:text-gray-200 {colorClasses[
color color

4
web/src/lib/components/admin-page/restore-dialogue.svelte
View file

@ -1,7 +1,7 @@
<script lang="ts"> <script lang="ts">
import ConfirmDialogue from '$lib/components/shared-components/confirm-dialogue.svelte'; import ConfirmDialogue from '$lib/components/shared-components/confirm-dialogue.svelte';
import { handleError } from '$lib/utils/handle-error'; import { handleError } from '$lib/utils/handle-error';
import { restoreUser, type UserResponseDto } from '@immich/sdk'; import { restoreUserAdmin, type UserResponseDto } from '@immich/sdk';
import { createEventDispatcher } from 'svelte'; import { createEventDispatcher } from 'svelte';
export let user: UserResponseDto; export let user: UserResponseDto;
@ -14,7 +14,7 @@
const handleRestoreUser = async () => { const handleRestoreUser = async () => {
try { try {
const { deletedAt } = await restoreUser({ id: user.id }); const { deletedAt } = await restoreUserAdmin({ id: user.id });
if (deletedAt == undefined) { if (deletedAt == undefined) {
dispatch('success'); dispatch('success');
} else { } else {

2
web/src/lib/components/admin-page/settings/machine-learning-settings/machine-learning-settings.svelte
View file

@ -102,7 +102,7 @@
min={0.001} min={0.001}
max={0.1} max={0.1}
desc="Maximum distance between two images to consider them duplicates, ranging from 0.001-0.1. Higher values will detect more duplicates, but may result in false positives." desc="Maximum distance between two images to consider them duplicates, ranging from 0.001-0.1. Higher values will detect more duplicates, but may result in false positives."
disabled={disabled || $featureFlags.duplicateDetection} disabled={disabled || !$featureFlags.duplicateDetection}
isEdited={config.machineLearning.duplicateDetection.maxDistance !== isEdited={config.machineLearning.duplicateDetection.maxDistance !==
savedConfig.machineLearning.duplicateDetection.maxDistance} savedConfig.machineLearning.duplicateDetection.maxDistance}
/> />

1
web/src/lib/components/album-page/album-card-group.svelte
View file

@ -30,6 +30,7 @@
{#if group} {#if group}
<div class="grid"> <div class="grid">
<button <button
type="button"
on:click={() => toggleAlbumGroupCollapsing(group.id)} on:click={() => toggleAlbumGroupCollapsing(group.id)}
class="w-fit mt-2 pt-2 pr-2 mb-2 dark:text-immich-dark-fg" class="w-fit mt-2 pt-2 pr-2 mb-2 dark:text-immich-dark-fg"
aria-expanded={!isCollapsed} aria-expanded={!isCollapsed}

2
web/src/lib/components/album-page/album-options.svelte
View file

@ -75,7 +75,7 @@
<div class="py-2"> <div class="py-2">
<div class="text-gray text-sm mb-3">PEOPLE</div> <div class="text-gray text-sm mb-3">PEOPLE</div>
<div class="p-2"> <div class="p-2">
<button class="flex items-center gap-2" on:click={() => dispatch('showSelectSharedUser')}> <button type="button" class="flex items-center gap-2" on:click={() => dispatch('showSelectSharedUser')}>
<div class="rounded-full w-10 h-10 border border-gray-500 flex items-center justify-center"> <div class="rounded-full w-10 h-10 border border-gray-500 flex items-center justify-center">
<div><Icon path={mdiPlus} size="25" /></div> <div><Icon path={mdiPlus} size="25" /></div>
</div> </div>

1
web/src/lib/components/album-page/albums-table-header.svelte
View file

@ -16,6 +16,7 @@
<th class="text-sm font-medium {option.columnStyle}"> <th class="text-sm font-medium {option.columnStyle}">
<button <button
type="button"
class="rounded-lg p-2 hover:bg-immich-dark-primary hover:dark:bg-immich-dark-primary/50" class="rounded-lg p-2 hover:bg-immich-dark-primary hover:dark:bg-immich-dark-primary/50"
on:click={handleSort} on:click={handleSort}
> >

1
web/src/lib/components/album-page/albums-table.svelte
View file

@ -41,6 +41,7 @@
{@const isCollapsed = isAlbumGroupCollapsed($albumViewSettings, albumGroup.id)} {@const isCollapsed = isAlbumGroupCollapsed($albumViewSettings, albumGroup.id)}
{@const iconRotation = isCollapsed ? 'rotate-0' : 'rotate-90'} {@const iconRotation = isCollapsed ? 'rotate-0' : 'rotate-90'}
<button <button
type="button"
on:click={() => toggleAlbumGroupCollapsing(albumGroup.id)} on:click={() => toggleAlbumGroupCollapsing(albumGroup.id)}
class="flex w-full mt-4 rounded-md" class="flex w-full mt-4 rounded-md"
aria-expanded={!isCollapsed} aria-expanded={!isCollapsed}

5
web/src/lib/components/album-page/share-info-modal.svelte
View file

@ -1,6 +1,6 @@
<script lang="ts"> <script lang="ts">
import { import {
getMyUserInfo, getMyUser,
removeUserFromAlbum, removeUserFromAlbum,
type AlbumResponseDto, type AlbumResponseDto,
type UserResponseDto, type UserResponseDto,
@ -36,7 +36,7 @@
onMount(async () => { onMount(async () => {
try { try {
currentUser = await getMyUserInfo(); currentUser = await getMyUser();
} catch (error) { } catch (error) {
handleError(error, 'Unable to refresh user'); handleError(error, 'Unable to refresh user');
} }
@ -141,6 +141,7 @@
</div> </div>
{:else if user.id == currentUser?.id} {:else if user.id == currentUser?.id}
<button <button
type="button"
on:click={() => (selectedRemoveUser = user)} on:click={() => (selectedRemoveUser = user)}
class="text-sm font-medium text-immich-primary transition-colors hover:text-immich-primary/75 dark:text-immich-dark-primary" class="text-sm font-medium text-immich-primary transition-colors hover:text-immich-primary/75 dark:text-immich-dark-primary"
>Leave</button >Leave</button

22
web/src/lib/components/album-page/user-selection-modal.svelte
View file

@ -1,5 +1,4 @@
<script lang="ts"> <script lang="ts">
import { goto } from '$app/navigation';
import Dropdown from '$lib/components/elements/dropdown.svelte'; import Dropdown from '$lib/components/elements/dropdown.svelte';
import Icon from '$lib/components/elements/icon.svelte'; import Icon from '$lib/components/elements/icon.svelte';
import FullScreenModal from '$lib/components/shared-components/full-screen-modal.svelte'; import FullScreenModal from '$lib/components/shared-components/full-screen-modal.svelte';
@ -7,7 +6,7 @@
import { import {
AlbumUserRole, AlbumUserRole,
getAllSharedLinks, getAllSharedLinks,
getAllUsers, searchUsers,
type AlbumResponseDto, type AlbumResponseDto,
type AlbumUserAddDto, type AlbumUserAddDto,
type SharedLinkResponseDto, type SharedLinkResponseDto,
@ -36,10 +35,10 @@
let sharedLinks: SharedLinkResponseDto[] = []; let sharedLinks: SharedLinkResponseDto[] = [];
onMount(async () => { onMount(async () => {
await getSharedLinks(); await getSharedLinks();
const data = await getAllUsers({ isAll: false }); const data = await searchUsers();
// remove invalid users // remove album owner
users = data.filter((user) => !(user.deletedAt || user.id === album.ownerId)); users = data.filter((user) => user.id !== album.ownerId);
// Remove the existed shared users from the album // Remove the existed shared users from the album
for (const sharedUser of album.albumUsers) { for (const sharedUser of album.albumUsers) {
@ -122,7 +121,11 @@
{#each users as user} {#each users as user}
{#if !Object.keys(selectedUsers).includes(user.id)} {#if !Object.keys(selectedUsers).includes(user.id)}
<div class="flex place-items-center transition-all hover:bg-gray-200 dark:hover:bg-gray-700 rounded-xl"> <div class="flex place-items-center transition-all hover:bg-gray-200 dark:hover:bg-gray-700 rounded-xl">
<button on:click={() => handleToggle(user)} class="flex w-full place-items-center gap-4 p-4"> <button
type="button"
on:click={() => handleToggle(user)}
class="flex w-full place-items-center gap-4 p-4"
>
<UserAvatar {user} size="md" /> <UserAvatar {user} size="md" />
<div class="text-left flex-grow"> <div class="text-left flex-grow">
<p class="text-immich-fg dark:text-immich-dark-fg"> <p class="text-immich-fg dark:text-immich-dark-fg">
@ -160,6 +163,7 @@
<div id="shared-buttons" class="mt-4 flex place-content-center place-items-center justify-around"> <div id="shared-buttons" class="mt-4 flex place-content-center place-items-center justify-around">
<button <button
type="button"
class="flex flex-col place-content-center place-items-center gap-2 hover:cursor-pointer" class="flex flex-col place-content-center place-items-center gap-2 hover:cursor-pointer"
on:click={() => dispatch('share')} on:click={() => dispatch('share')}
> >
@ -168,13 +172,13 @@
</button> </button>
{#if sharedLinks.length} {#if sharedLinks.length}
<button <a
href={AppRoute.SHARED_LINKS}
class="flex flex-col place-content-center place-items-center gap-2 hover:cursor-pointer" class="flex flex-col place-content-center place-items-center gap-2 hover:cursor-pointer"
on:click={() => goto(AppRoute.SHARED_LINKS)}
> >
<Icon path={mdiShareCircle} size={24} /> <Icon path={mdiShareCircle} size={24} />
<p class="text-sm">View links</p> <p class="text-sm">View links</p>
</button> </a>
{/if} {/if}
</div> </div>
</FullScreenModal> </FullScreenModal>

4
web/src/lib/components/asset-viewer/activity-status.svelte
View file

@ -18,12 +18,12 @@
<div <div
class="w-full h-14 flex p-4 text-white items-center justify-center rounded-full gap-4 bg-immich-dark-bg bg-opacity-60" class="w-full h-14 flex p-4 text-white items-center justify-center rounded-full gap-4 bg-immich-dark-bg bg-opacity-60"
> >
<button class={disabled ? 'cursor-not-allowed' : ''} on:click={() => dispatch('favorite')} {disabled}> <button type="button" class={disabled ? 'cursor-not-allowed' : ''} on:click={() => dispatch('favorite')} {disabled}>
<div class="items-center justify-center"> <div class="items-center justify-center">
<Icon path={isLiked ? mdiHeart : mdiHeartOutline} size={24} /> <Icon path={isLiked ? mdiHeart : mdiHeartOutline} size={24} />
</div> </div>
</button> </button>
<button on:click={() => dispatch('openActivityTab')}> <button type="button" on:click={() => dispatch('openActivityTab')}>
<div class="flex gap-2 items-center justify-center"> <div class="flex gap-2 items-center justify-center">
<Icon path={mdiCommentOutline} class="scale-x-[-1]" size={24} /> <Icon path={mdiCommentOutline} class="scale-x-[-1]" size={24} />
{#if numberOfComments} {#if numberOfComments}

2
web/src/lib/components/asset-viewer/activity-viewer.svelte
View file

@ -200,6 +200,7 @@
<div> <div>
{#if showDeleteReaction[index]} {#if showDeleteReaction[index]}
<button <button
type="button"
class="absolute right-6 rounded-xl items-center bg-gray-300 dark:bg-slate-100 py-3 px-6 text-left text-sm font-medium text-immich-fg hover:bg-red-300 focus:outline-none focus:ring-2 focus:ring-inset dark:text-immich-dark-bg dark:hover:bg-red-100 transition-colors" class="absolute right-6 rounded-xl items-center bg-gray-300 dark:bg-slate-100 py-3 px-6 text-left text-sm font-medium text-immich-fg hover:bg-red-300 focus:outline-none focus:ring-2 focus:ring-inset dark:text-immich-dark-bg dark:hover:bg-red-100 transition-colors"
use:clickOutside use:clickOutside
on:outclick={() => (showDeleteReaction[index] = false)} on:outclick={() => (showDeleteReaction[index] = false)}
@ -252,6 +253,7 @@
<div> <div>
{#if showDeleteReaction[index]} {#if showDeleteReaction[index]}
<button <button
type="button"
class="absolute right-6 rounded-xl items-center bg-gray-300 dark:bg-slate-100 py-3 px-6 text-left text-sm font-medium text-immich-fg hover:bg-red-300 focus:outline-none focus:ring-2 focus:ring-inset dark:text-immich-dark-bg dark:hover:bg-red-100 transition-colors" class="absolute right-6 rounded-xl items-center bg-gray-300 dark:bg-slate-100 py-3 px-6 text-left text-sm font-medium text-immich-fg hover:bg-red-300 focus:outline-none focus:ring-2 focus:ring-inset dark:text-immich-dark-bg dark:hover:bg-red-100 transition-colors"
use:clickOutside use:clickOutside
on:outclick={() => (showDeleteReaction[index] = false)} on:outclick={() => (showDeleteReaction[index] = false)}

1
web/src/lib/components/asset-viewer/album-list-item.svelte
View file

@ -28,6 +28,7 @@
</script> </script>
<button <button
type="button"
on:click={() => dispatch('album')} on:click={() => dispatch('album')}
class="flex w-full gap-4 px-6 py-2 text-left transition-colors hover:bg-gray-200 dark:hover:bg-gray-700 rounded-xl" class="flex w-full gap-4 px-6 py-2 text-left transition-colors hover:bg-gray-200 dark:hover:bg-gray-700 rounded-xl"
> >

8
web/src/lib/components/asset-viewer/navigation-area.svelte
View file

@ -3,13 +3,11 @@
export let label: string; export let label: string;
</script> </script>
<!-- svelte-ignore a11y-no-static-element-interactions -->
<!-- svelte-ignore a11y-click-events-have-key-events -->
<div class="my-auto group hover:cursor-pointer" on:click={onClick}>
<button <button
class="mx-4 rounded-full p-3 text-gray-500 transition group-hover:bg-gray-500 group-hover:text-white" type="button"
class="my-auto mx-4 rounded-full p-3 text-gray-500 transition hover:bg-gray-500 hover:text-white"
aria-label={label} aria-label={label}
on:click={onClick}
> >
<slot /> <slot />
</button> </button>
</div>

1
web/src/lib/components/assets/thumbnail/thumbnail.svelte
View file

@ -106,6 +106,7 @@
<!-- Select asset button --> <!-- Select asset button -->
{#if !readonly && (mouseOver || selected || selectionCandidate)} {#if !readonly && (mouseOver || selected || selectionCandidate)}
<button <button
type="button"
on:click={onIconClickedHandler} on:click={onIconClickedHandler}
class="absolute p-2 focus:outline-none" class="absolute p-2 focus:outline-none"
class:cursor-not-allowed={disabled} class:cursor-not-allowed={disabled}

1
web/src/lib/components/elements/dropdown.svelte
View file

@ -93,6 +93,7 @@
{@const renderedOption = renderOption(option)} {@const renderedOption = renderOption(option)}
{@const buttonStyle = renderedOption.disabled ? '' : 'transition-all hover:bg-gray-300 dark:hover:bg-gray-800'} {@const buttonStyle = renderedOption.disabled ? '' : 'transition-all hover:bg-gray-300 dark:hover:bg-gray-800'}
<button <button
type="button"
class="grid grid-cols-[36px,1fr] place-items-center p-2 disabled:opacity-40 {buttonStyle}" class="grid grid-cols-[36px,1fr] place-items-center p-2 disabled:opacity-40 {buttonStyle}"
disabled={renderedOption.disabled} disabled={renderedOption.disabled}
on:click={() => !renderedOption.disabled && handleSelectOption(option)} on:click={() => !renderedOption.disabled && handleSelectOption(option)}

1
web/src/lib/components/elements/group-tab.svelte
View file

@ -7,6 +7,7 @@
<div class="flex bg-gray-200 dark:bg-immich-dark-gray rounded-2xl h-full"> <div class="flex bg-gray-200 dark:bg-immich-dark-gray rounded-2xl h-full">
{#each filters as filter, index} {#each filters as filter, index}
<button <button
type="button"
class="text-sm px-4 {filter === selected class="text-sm px-4 {filter === selected
? 'dark:bg-gray-700 bg-gray-300' ? 'dark:bg-gray-700 bg-gray-300'
: 'dark:hover:bg-gray-800 hover:bg-gray-300'} {index === 0 ? 'rounded-l-2xl' : ''} {index === : 'dark:hover:bg-gray-800 hover:bg-gray-300'} {index === 0 ? 'rounded-l-2xl' : ''} {index ===

2
web/src/lib/components/faces-page/assign-face-side-panel.svelte
View file

@ -100,7 +100,7 @@
{#each showPeople as person (person.id)} {#each showPeople as person (person.id)}
{#if person.id !== editedPerson?.id} {#if person.id !== editedPerson?.id}
<div class="w-fit"> <div class="w-fit">
<button class="w-[90px]" on:click={() => onReassign(person)}> <button type="button" class="w-[90px]" on:click={() => onReassign(person)}>
<div class="relative"> <div class="relative">
<ImageThumbnail <ImageThumbnail
curve curve

1
web/src/lib/components/faces-page/face-thumbnail.svelte
View file

@ -21,6 +21,7 @@
</script> </script>
<button <button
type="button"
class="relative rounded-lg transition-all" class="relative rounded-lg transition-all"
on:click={handleOnClicked} on:click={handleOnClicked}
disabled={!selectable} disabled={!selectable}

5
web/src/lib/components/faces-page/merge-suggestion-modal.svelte
View file

@ -51,6 +51,7 @@
</div> </div>
<button <button
type="button"
disabled={potentialMergePeople.length === 0} disabled={potentialMergePeople.length === 0}
class="flex h-28 w-28 items-center rounded-full border-2 border-immich-primary px-1 dark:border-immich-dark-primary md:h-32 md:w-32 md:px-2" class="flex h-28 w-28 items-center rounded-full border-2 border-immich-primary px-1 dark:border-immich-dark-primary md:h-32 md:w-32 md:px-2"
on:click={() => { on:click={() => {
@ -71,13 +72,13 @@
{:else} {:else}
<div class="grid w-full grid-cols-1 gap-2"> <div class="grid w-full grid-cols-1 gap-2">
<div class="px-2"> <div class="px-2">
<button on:click={() => (choosePersonToMerge = false)}> <Icon path={mdiArrowLeft} /></button> <button type="button" on:click={() => (choosePersonToMerge = false)}> <Icon path={mdiArrowLeft} /></button>
</div> </div>
<div class="flex items-center justify-center"> <div class="flex items-center justify-center">
<div class="flex flex-wrap justify-center md:grid md:grid-cols-{potentialMergePeople.length}"> <div class="flex flex-wrap justify-center md:grid md:grid-cols-{potentialMergePeople.length}">
{#each potentialMergePeople as person (person.id)} {#each potentialMergePeople as person (person.id)}
<div class="h-24 w-24 md:h-28 md:w-28"> <div class="h-24 w-24 md:h-28 md:w-28">
<button class="p-2 w-full" on:click={() => changePersonToMerge(person)}> <button type="button" class="p-2 w-full" on:click={() => changePersonToMerge(person)}>
<ImageThumbnail <ImageThumbnail
border={true} border={true}
circle circle

11
web/src/lib/components/forms/change-password-form.svelte
View file

@ -2,9 +2,8 @@
import { createEventDispatcher } from 'svelte'; import { createEventDispatcher } from 'svelte';
import Button from '../elements/buttons/button.svelte'; import Button from '../elements/buttons/button.svelte';
import PasswordField from '../shared-components/password-field.svelte'; import PasswordField from '../shared-components/password-field.svelte';
import { updateUser, type UserResponseDto } from '@immich/sdk'; import { updateMyUser } from '@immich/sdk';
export let user: UserResponseDto;
let errorMessage: string; let errorMessage: string;
let success: string; let success: string;
@ -31,13 +30,7 @@
if (valid) { if (valid) {
errorMessage = ''; errorMessage = '';
await updateUser({ await updateMyUser({ userUpdateMeDto: { password: String(password) } });
updateUserDto: {
id: user.id,
password: String(password),
shouldChangePassword: false,
},
});
dispatch('success'); dispatch('success');
} }

6
web/src/lib/components/forms/create-user-form.svelte
View file

@ -2,7 +2,7 @@
import { serverInfo } from '$lib/stores/server-info.store'; import { serverInfo } from '$lib/stores/server-info.store';
import { convertToBytes } from '$lib/utils/byte-converter'; import { convertToBytes } from '$lib/utils/byte-converter';
import { handleError } from '$lib/utils/handle-error'; import { handleError } from '$lib/utils/handle-error';
import { createUser } from '@immich/sdk'; import { createUserAdmin } from '@immich/sdk';
import { createEventDispatcher } from 'svelte'; import { createEventDispatcher } from 'svelte';
import Button from '../elements/buttons/button.svelte'; import Button from '../elements/buttons/button.svelte';
import PasswordField from '../shared-components/password-field.svelte'; import PasswordField from '../shared-components/password-field.svelte';
@ -49,8 +49,8 @@
error = ''; error = '';
try { try {
await createUser({ await createUserAdmin({
createUserDto: { userAdminCreateDto: {
email, email,
password, password,
shouldChangePassword, shouldChangePassword,

Some files were not shown because too many files have changed in this diff Show more