* feat: add oauth signing algorithm setting
* chore: open api
* chore: change default to RS256
* feat: test and clean up
---------
Co-authored-by: Jason Rasmussen <jrasm91@gmail.com>
* add unicorn to eslint
* fix lint errors for cli
* fix merge
* fix album name extraction
* Update cli/src/commands/upload.command.ts
Co-authored-by: Ben McCann <322311+benmccann@users.noreply.github.com>
* es2k23
* use lowercase os
* return undefined album name
* fix bug in asset response dto
* auto fix issues
* fix server code style
* es2022 and formatting
* fix compilation error
* fix test
* fix config load
* fix last lint errors
* set string type
* bump ts
* start work on web
* web formatting
* Fix UUIDParamDto as UUIDParamDto
* fix library service lint
* fix web errors
* fix errors
* formatting
* wip
* lints fixed
* web can now start
* alphabetical package json
* rename error
* chore: clean up
---------
Co-authored-by: Ben McCann <322311+benmccann@users.noreply.github.com>
Co-authored-by: Jason Rasmussen <jrasm91@gmail.com>
Modify Access repository, to evaluate `authDevice`, `library`, `partner`,
`person`, and `timeline` permissions in bulk.
Queries have been validated to match what they currently generate for
single ids.
As an extra performance improvement, we now use a custom QueryBuilder
for the Partners queries, to avoid the eager relationships that add
unneeded `LEFT JOIN` clauses. We only filter based on the ids present in
the `partners` table, so those joins can be avoided.
Queries:
* `library` owner access:
```sql
-- Before
SELECT 1 AS "row_exists" FROM (SELECT 1 AS dummy_column) "dummy_table" WHERE EXISTS (
SELECT 1
FROM "libraries" "LibraryEntity"
WHERE
"LibraryEntity"."id" = $1
AND "LibraryEntity"."ownerId" = $2
AND "LibraryEntity"."deletedAt" IS NULL
)
LIMIT 1
-- After
SELECT "LibraryEntity"."id" AS "LibraryEntity_id"
FROM "libraries" "LibraryEntity"
WHERE
"LibraryEntity"."id" IN ($1, $2)
AND "LibraryEntity"."ownerId" = $3
AND "LibraryEntity"."deletedAt" IS NULL
```
* `library` partner access:
```sql
-- Before
SELECT 1 AS "row_exists" FROM (SELECT 1 AS dummy_column) "dummy_table" WHERE EXISTS (
SELECT 1
FROM "partners" "PartnerEntity"
LEFT JOIN "users" "PartnerEntity__sharedBy"
ON "PartnerEntity__sharedBy"."id"="PartnerEntity"."sharedById"
AND "PartnerEntity__sharedBy"."deletedAt" IS NULL
LEFT JOIN "users" "PartnerEntity__sharedWith"
ON "PartnerEntity__sharedWith"."id"="PartnerEntity"."sharedWithId"
AND "PartnerEntity__sharedWith"."deletedAt" IS NULL
WHERE
"PartnerEntity"."sharedWithId" = $1
AND "PartnerEntity"."sharedById" = $2
)
LIMIT 1
-- After
SELECT
"partner"."sharedById" AS "partner_sharedById",
"partner"."sharedWithId" AS "partner_sharedWithId"
FROM "partners" "partner"
WHERE
"partner"."sharedById" IN ($1, $2)
AND "partner"."sharedWithId" = $3
```
* `authDevice` owner access:
```sql
-- Before
SELECT 1 AS "row_exists" FROM (SELECT 1 AS dummy_column) "dummy_table" WHERE EXISTS (
SELECT 1
FROM "user_token" "UserTokenEntity"
WHERE
"UserTokenEntity"."userId" = $1
AND "UserTokenEntity"."id" = $2
)
LIMIT 1
-- After
SELECT "UserTokenEntity"."id" AS "UserTokenEntity_id"
FROM "user_token" "UserTokenEntity"
WHERE
"UserTokenEntity"."userId" = $1
AND "UserTokenEntity"."id" IN ($2, $3)
```
* `timeline` partner access:
```sql
-- Before
SELECT 1 AS "row_exists" FROM (SELECT 1 AS dummy_column) "dummy_table" WHERE EXISTS (
SELECT 1
FROM "partners" "PartnerEntity"
LEFT JOIN "users" "PartnerEntity__sharedBy"
ON "PartnerEntity__sharedBy"."id"="PartnerEntity"."sharedById"
AND "PartnerEntity__sharedBy"."deletedAt" IS NULL
LEFT JOIN "users" "PartnerEntity__sharedWith"
ON "PartnerEntity__sharedWith"."id"="PartnerEntity"."sharedWithId"
AND "PartnerEntity__sharedWith"."deletedAt" IS NULL
WHERE
"PartnerEntity"."sharedWithId" = $1
AND "PartnerEntity"."sharedById" = $2
)
LIMIT 1
-- After
SELECT
"partner"."sharedById" AS "partner_sharedById",
"partner"."sharedWithId" AS "partner_sharedWithId"
FROM "partners" "partner"
WHERE
"partner"."sharedById" IN ($1, $2)
AND "partner"."sharedWithId" = $3
```
* `person` owner access:
```sql
-- Before
SELECT 1 AS "row_exists" FROM (SELECT 1 AS dummy_column) "dummy_table" WHERE EXISTS (
SELECT 1
FROM "person" "PersonEntity"
WHERE
"PersonEntity"."id" = $1
AND "PersonEntity"."ownerId" = $2
)
LIMIT 1
-- After
SELECT "PersonEntity"."id" AS "PersonEntity_id"
FROM "person" "PersonEntity"
WHERE
"PersonEntity"."id" IN ($1, $2)
AND "PersonEntity"."ownerId" = $3
```
* `partner` update access:
```sql
-- Before
SELECT 1 AS "row_exists" FROM (SELECT 1 AS dummy_column) "dummy_table" WHERE EXISTS (
SELECT 1
FROM "partners" "PartnerEntity"
LEFT JOIN "users" "PartnerEntity__sharedBy"
ON "PartnerEntity__sharedBy"."id"="PartnerEntity"."sharedById"
AND "PartnerEntity__sharedBy"."deletedAt" IS NULL
LEFT JOIN "users" "PartnerEntity__sharedWith"
ON "PartnerEntity__sharedWith"."id"="PartnerEntity"."sharedWithId"
AND "PartnerEntity__sharedWith"."deletedAt" IS NULL
WHERE
"PartnerEntity"."sharedWithId" = $1
AND "PartnerEntity"."sharedById" = $2
)
LIMIT 1
-- After
SELECT
"partner"."sharedById" AS "partner_sharedById",
"partner"."sharedWithId" AS "partner_sharedWithId"
FROM "partners" "partner"
WHERE
"partner"."sharedById" IN ($1, $2)
AND "partner"."sharedWithId" = $3
```
* fix(server/oauth): Handle errors from OAuth Discovery.
* fix(server/oauth): Better fix for OAuth discovery error.
* This doesn't break tests.
* Update server/tsconfig.json
Co-authored-by: Jason Rasmussen <jrasm91@gmail.com>
* Revert back to the mostly original way.
---------
Co-authored-by: Jason Rasmussen <jrasm91@gmail.com>
* tests for person service
* tests for auth service
* tests for access core
* improve tests for album service
* fix missing brackets and remove comments
* tests for asset service
* tests for face recognition
* tests for job service
* feedback
* tests for search service (broken)
* fix: disabled search test
* tests for smart-info service
* tests for storage template service
* tests for user service
* fix formatting of untouched files LOL
* attempt to fix formatting
* streamline api utils, add asset api for uploading files
* test upload of assets
* fix formatting
* move test-utils to correct folder
* test add assets to album
* use random bytes instead of test image
* (e2e) test albums with assets
* (e2e) complete tests for album endpoints
* (e2e) tests for asset endpoint
* fix: asset upload/import dto validation
* (e2e) tests for statistics asset endpoint
* fix wrong describe text
* (e2e) tests for people with faces
* (e2e) clean up person tests
* (e2e) tests for partner sharing endpoints
* (e2e) tests for link sharing
* (e2e) tests for the asset time bucket endpoint
* fix minor issues
* remove access.core.spec.ts
* chore: wording
* chore: organize test api files
* chore: fix test describe
* implement feedback
* fix race condition in album tests
---------
Co-authored-by: Jason Rasmussen <jrasm91@gmail.com>
* custom `IsOptional`
* added link to source
* formatting
* Update server/src/domain/domain.util.ts
Co-authored-by: Jason Rasmussen <jrasm91@gmail.com>
* nullable birth date endpoint
* made `nullable` a property
* formatting
* removed unused dto
* updated decorator arg
* fixed album e2e tests
* add null tests for auth e2e
* add null test for person e2e
* fixed tests
* added null test for user e2e
* removed unusued import
* log key in test name
* chore: add note about mobile not being able to use the endpoint
---------
Co-authored-by: Jason Rasmussen <jrasm91@gmail.com>
* Added read-only flag for assets, endpoint to trigger file import vs upload
* updated fixtures with new property
* if upload is 'read-only', ensure there is no existing asset at the designated originalPath
* added test for file import as well as detecting existing image at read-only destination location
* Added storage service test for a case where it should not move read-only assets
* upload doesn't need the read-only flag available, just importing
* default isReadOnly on import endpoint to true
* formatting fixes
* create-asset dto needs isReadOnly, so set it to false by default on create, updated api generation
* updated code to reflect changes in MR
* fixed read stream promise return type
* new index for originalPath, check for existing path on import, reglardless of user, to prevent duplicates
* refactor: import asset
* chore: open api
* chore: tests
* Added externalPath support for individual users, updated UI to allow this to be set by admin
* added missing var for externalPath in ui
* chore: open api
* fix: compilation issues
* fix: server test
* built api, fixed user-response dto to include externalPath
* reverted accidental commit
* bad commit of duplicate externalPath in user response dto
* fixed tests to include externalPath on expected result
* fix: unit tests
* centralized supported filetypes, perform file type checking of asset and sidecar during file import process
* centralized supported filetype check method to keep regex DRY
* fixed typo
* combined migrations into one
* update api
* Removed externalPath from shared-link code, added column to admin user page whether external paths / import is enabled or not
* update mimetype
* Fixed detect correct mimetype
* revert asset-upload config
* reverted domain.constant
* refactor
* fix mime-type issue
* fix format
---------
Co-authored-by: Jason Rasmussen <jrasm91@gmail.com>
Co-authored-by: Alex Tran <alex.tran1502@gmail.com>
It's perfectly valid to have an email address without a TLD, for instance:
- test@localhost
- test@svc-in-same-k8s-namespace
- test@internal-corp
Fixes#2667
