1
0
Fork 0
mirror of https://github.com/immich-app/immich.git synced 2025-01-04 02:46:47 +01:00
High performance self-hosted photo and video management solution.
Find a file
Michael Manganiello 5f6bd4ae7e
fix(server): Reduce number of bound parameters in Access queries (#6015)
* fix(server): Reduce number of bound parameters in Access queries

According to https://github.com/typeorm/typeorm/issues/7565, the
introduction of bulk queries for permission checks could quickly reach
the limit of 65536 bound parameters allowed by the PostgreSQL
connection.

To avoid reaching that limit, this first change refactors the Access
queries that are expanding the set of ids multiple times. For example,
`asset.checkSharedLinkAccess` expands the ids 4 times, so providing just
~16400 ids is enough to break the query.

Refactored queries:

* activity.checkCreateAccess

```sql
-- Before
SELECT "AlbumEntity"."id" AS "AlbumEntity_id"
FROM "albums" "AlbumEntity"
    LEFT JOIN "albums_shared_users_users" "AlbumEntity_AlbumEntity__AlbumEntity_sharedUsers"
        ON "AlbumEntity_AlbumEntity__AlbumEntity_sharedUsers"."albumsId"="AlbumEntity"."id"
    LEFT JOIN "users" "AlbumEntity__AlbumEntity_sharedUsers"
        ON "AlbumEntity__AlbumEntity_sharedUsers"."id"="AlbumEntity_AlbumEntity__AlbumEntity_sharedUsers"."usersId"
        AND ("AlbumEntity__AlbumEntity_sharedUsers"."deletedAt" IS NULL)
WHERE
    (
        (
            "AlbumEntity"."id" IN ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10)
            AND "AlbumEntity"."isActivityEnabled" = $11
            AND "AlbumEntity__AlbumEntity_sharedUsers"."id" = $12
        )
        OR (
            "AlbumEntity"."id" IN ($13, $14, $15, $16, $17, $18, $19, $20, $21, $22)
            AND "AlbumEntity"."isActivityEnabled" = $23
            AND "AlbumEntity"."ownerId" = $24
        )
    )
    AND "AlbumEntity"."deletedAt" IS NULL

-- After
SELECT "album"."id" AS "album_id"
FROM "albums" "album"
    LEFT JOIN "albums_shared_users_users" "album_sharedUsers"
        ON "album_sharedUsers"."albumsId"="album"."id"
    LEFT JOIN "users" "sharedUsers"
        ON "sharedUsers"."id"="album_sharedUsers"."usersId"
        AND "sharedUsers"."deletedAt" IS NULL
WHERE
    "album"."id" IN ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10)
    AND "album"."isActivityEnabled" = true
    AND (
        "album"."ownerId" = $11
        OR "sharedUsers"."id" = $12
    )
    AND "album"."deletedAt" IS NULL
```

* asset.checkAlbumAccess

```sql
-- Before
SELECT
    "asset"."id" AS "assetId",
    "asset"."livePhotoVideoId" AS "livePhotoVideoId"
FROM "albums" "album"
    INNER JOIN "albums_assets_assets" "album_asset"
        ON "album_asset"."albumsId"="album"."id"
    INNER JOIN "assets" "asset"
        ON "asset"."id"="album_asset"."assetsId"
        AND "asset"."deletedAt" IS NULL
    LEFT JOIN "albums_shared_users_users" "album_sharedUsers"
        ON "album_sharedUsers"."albumsId"="album"."id"
    LEFT JOIN "users" "sharedUsers"
        ON "sharedUsers"."id"="album_sharedUsers"."usersId"
        AND "sharedUsers"."deletedAt" IS NULL
WHERE
    (
        "album"."ownerId" = $1
        OR "sharedUsers"."id" = $2
    )
    AND (
        "asset"."id" IN ($3, $4, $5, $6, $7, $8, $9, $10, $11, $12)
        OR "asset"."livePhotoVideoId" IN ($13, $14, $15, $16, $17, $18, $19, $20, $21, $22)
    )
    AND "album"."deletedAt" IS NULL

-- After
WITH "assetIds" AS (
    SELECT unnest(array[$1, $2, $3, $4, $5, $6, $7, $8, $9, $10])::uuid AS "id"
    FROM (SELECT 1 AS dummy_column) "dummy_table"
)
SELECT
    "asset"."id" AS "assetId",
    "asset"."livePhotoVideoId" AS "livePhotoVideoId"
FROM "albums" "album"
    INNER JOIN "albums_assets_assets" "album_asset"
        ON "album_asset"."albumsId"="album"."id"
    INNER JOIN "assets" "asset"
        ON "asset"."id"="album_asset"."assetsId"
        AND "asset"."deletedAt" IS NULL
    LEFT JOIN "albums_shared_users_users" "album_sharedUsers"
        ON "album_sharedUsers"."albumsId"="album"."id"
    LEFT JOIN "users" "sharedUsers"
        ON "sharedUsers"."id"="album_sharedUsers"."usersId"
        AND "sharedUsers"."deletedAt" IS NULL
WHERE
    (
        "album"."ownerId" = $11
        OR "sharedUsers"."id" = $12
    )
    AND (
        "asset"."id" IN (SELECT id FROM "assetIds")
        OR "asset"."livePhotoVideoId" IN (SELECT id FROM "assetIds")
    )
    AND "album"."deletedAt" IS NULL
```

* asset.checkSharedLinkAccess

```sql
-- Before
SELECT
    "assets"."id" AS "assetId",
    "assets"."livePhotoVideoId" AS "assetLivePhotoVideoId",
    "albumAssets"."id" AS "albumAssetId",
    "albumAssets"."livePhotoVideoId" AS "albumAssetLivePhotoVideoId"
FROM "shared_links" "sharedLink"
    LEFT JOIN "albums" "album"
        ON "album"."id"="sharedLink"."albumId"
        AND "album"."deletedAt" IS NULL
    LEFT JOIN "shared_link__asset" "assets_sharedLink"
        ON "assets_sharedLink"."sharedLinksId"="sharedLink"."id"
    LEFT JOIN "assets" "assets"
        ON "assets"."id"="assets_sharedLink"."assetsId"
        AND "assets"."deletedAt" IS NULL
    LEFT JOIN "albums_assets_assets" "album_albumAssets"
        ON "album_albumAssets"."albumsId"="album"."id"
    LEFT JOIN "assets" "albumAssets"
        ON "albumAssets"."id"="album_albumAssets"."assetsId"
        AND "albumAssets"."deletedAt" IS NULL
WHERE
    "sharedLink"."id" = $1
    AND (
        "assets"."id" IN ($2, $3, $4, $5, $6, $7, $8, $9, $10, $11)
        OR "albumAssets"."id" IN ($12, $13, $14, $15, $16, $17, $18, $19, $20, $21)
        OR "assets"."livePhotoVideoId" IN ($22, $23, $24, $25, $26, $27, $28, $29, $30, $31)
        OR "albumAssets"."livePhotoVideoId" IN ($32, $33, $34, $35, $36, $37, $38, $39, $40, $41)
    )

-- After
WITH "assetIds" AS (
    SELECT unnest(array[$1, $2, $3, $4, $5, $6, $7, $8, $9, $10])::uuid AS "id"
    FROM (SELECT 1 AS dummy_column) "dummy_table"
)
SELECT
    "assets"."id" AS "assetId",
    "assets"."livePhotoVideoId" AS "assetLivePhotoVideoId",
    "albumAssets"."id" AS "albumAssetId",
    "albumAssets"."livePhotoVideoId" AS "albumAssetLivePhotoVideoId"
FROM "shared_links" "sharedLink"
    LEFT JOIN "albums" "album"
        ON "album"."id"="sharedLink"."albumId"
        AND "album"."deletedAt" IS NULL
    LEFT JOIN "shared_link__asset" "assets_sharedLink"
        ON "assets_sharedLink"."sharedLinksId"="sharedLink"."id"
    LEFT JOIN "assets" "assets"
        ON "assets"."id"="assets_sharedLink"."assetsId"
        AND "assets"."deletedAt" IS NULL
    LEFT JOIN "albums_assets_assets" "album_albumAssets"
        ON "album_albumAssets"."albumsId"="album"."id"
    LEFT JOIN "assets" "albumAssets"
        ON "albumAssets"."id"="album_albumAssets"."assetsId"
        AND "albumAssets"."deletedAt" IS NULL
    WHERE
        "sharedLink"."id" = $11
        AND (
            "assets"."id" IN (SELECT id FROM "assetIds")
            OR "albumAssets"."id" IN (SELECT id FROM "assetIds")
            OR "assets"."livePhotoVideoId" IN (SELECT id FROM "assetIds")
            OR "albumAssets"."livePhotoVideoId" IN (SELECT id FROM "assetIds")
        )
```

* fix: Use array overlapping instead of CTEs
2023-12-27 23:50:54 -06:00
.github fix(deps): update machine-learning (#5180) 2023-12-25 22:37:48 -05:00
.vscode chore: microservices debugger (#2345) 2023-04-28 13:21:01 -05:00
cli chore(deps): update base-image to v20231221 (#6029) 2023-12-27 23:47:27 -06:00
design chore: update screenshots for readme and docs (#2425) 2023-05-10 23:33:32 -05:00
docker fix(server): access system config before database migration complete (#5912) 2023-12-21 12:52:49 -06:00
docs chore(deps): bump @babel/traverse from 7.23.0 to 7.23.6 in /docs (#6021) 2023-12-27 21:24:43 +00:00
fastlane Added required setup for f-droid (#88) 2022-03-29 14:13:47 -05:00
machine-learning fix(deps): update machine-learning (#5180) 2023-12-25 22:37:48 -05:00
misc/release chore: update release note notes 2023-06-29 21:48:57 -05:00
mobile fix(mobile): Fix "Live Images" and "Recently added" page (#6030) 2023-12-27 23:33:37 -06:00
server fix(server): Reduce number of bound parameters in Access queries (#6015) 2023-12-27 23:50:54 -06:00
web chore(deps-dev): bump @babel/traverse from 7.23.0 to 7.23.6 in /web (#6019) 2023-12-27 21:20:17 +00:00
.dockerignore test(cli): e2e testing (#5101) 2023-12-18 20:29:26 -06:00
.editorconfig chore: editorconfig (#1505) 2023-02-01 14:38:47 -06:00
.gitattributes chore: make running local dev instance on Windows work regardless of git config (#5419) 2023-12-01 20:30:34 +00:00
.gitignore fix(mobile): mobile album sort not persisting (#5584) 2023-12-09 20:31:23 -06:00
.gitmodules test(server): full backend end-to-end testing with microservices (#4225) 2023-10-06 23:32:28 +02:00
CODE_OF_CONDUCT.md Added Code of conduct 2022-08-21 12:43:56 -07:00
install.sh chore: Simplify install script (#2148) 2023-04-02 14:13:24 -05:00
LICENSE Update Readme 2022-02-11 22:35:14 -06:00
localizely.yml fix(mobile): Fix pt-PT locale. Add missing pt-PT localizely entry (#5892) 2023-12-20 09:46:20 -06:00
Makefile test(cli): e2e testing (#5101) 2023-12-18 20:29:26 -06:00
README.md Add German README (#5262) 2023-11-22 13:49:01 +01:00
README_ca_ES.md Add German README (#5262) 2023-11-22 13:49:01 +01:00
README_de_DE.md docs(readme): correct wording and grammar in README_de_DE.md (#5447) 2023-12-02 13:44:28 +01:00
README_es_ES.md Add German README (#5262) 2023-11-22 13:49:01 +01:00
README_fr_FR.md Add German README (#5262) 2023-11-22 13:49:01 +01:00
README_it_IT.md Update README_it_IT.md (#5541) 2023-12-07 22:20:41 +00:00
README_ja_JP.md docs: fix README_ja_JP.md (#5939) 2023-12-23 09:20:04 -06:00
README_ko_KR.md Add German README (#5262) 2023-11-22 13:49:01 +01:00
README_nl_NL.md Update README_nl_NL.md (#5840) 2023-12-19 10:02:25 -06:00
README_tr_TR.md Add German README (#5262) 2023-11-22 13:49:01 +01:00
README_zh_CN.md Add German README (#5262) 2023-11-22 13:49:01 +01:00
renovate.json renovate: use in-range-only strategy for python (#5937) 2023-12-23 09:04:36 -05:00
SECURITY.md Create SECURITY.md (#712) 2022-09-17 13:07:12 -05:00


License: MIT Discord

Immich - High performance self-hosted photo and video backup solution



Català Español Français Italiano 日本語 한국어 Deutsch Nederlands Türkçe 中文

Disclaimer

  • ⚠️ The project is under very active development.
  • ⚠️ Expect bugs and breaking changes.
  • ⚠️ Do not use the app as the only way to store your photos and videos.
  • ⚠️ Always follow 3-2-1 backup plan for your precious photos and videos!

Content

Documentation

You can find the main documentation, including installation guides, at https://immich.app/.

Demo

You can access the web demo at https://demo.immich.app

For the mobile app, you can use https://demo.immich.app/api for the Server Endpoint URL

The credential
email: demo@immich.app
password: demo
Spec: Free-tier Oracle VM - Amsterdam - 2.4Ghz quad-core ARM64 CPU, 24GB RAM

Features

Features Mobile Web
Upload and view videos and photos Yes Yes
Auto backup when the app is opened Yes N/A
Selective album(s) for backup Yes N/A
Download photos and videos to local device Yes Yes
Multi-user support Yes Yes
Album and Shared albums Yes Yes
Scrubbable/draggable scrollbar Yes Yes
Support raw formats Yes Yes
Metadata view (EXIF, map) Yes Yes
Search by metadata, objects, faces, and CLIP Yes Yes
Administrative functions (user management) No Yes
Background backup Yes N/A
Virtual scroll Yes Yes
OAuth support Yes Yes
API Keys N/A Yes
LivePhoto/MotionPhoto backup and playback Yes Yes
User-defined storage structure Yes Yes
Public Sharing No Yes
Archive and Favorites Yes Yes
Global Map Yes Yes
Partner Sharing Yes Yes
Facial recognition and clustering Yes Yes
Memories (x years ago) Yes Yes
Offline support Yes No
Read-only gallery Yes Yes
Stacked Photos Yes Yes

Support the project

I've committed to this project, and I will not stop. I will keep updating the docs, adding new features, and fixing bugs. But I can't do it alone. So I need your help to give me additional motivation to keep going.

As our hosts in the selfhosted.show - In the episode 'The-organization-must-not-be-name is a Hostile Actor' said, this is a massive undertaking of what the team and I are doing. And I would love to someday be able to do this full-time, and I am asking for your help to make that happen.

If you feel like this is the right cause and the app is something you are seeing yourself using for a long time, please consider supporting the project with the option below.

Donation

  • Monthly donation via GitHub Sponsors
  • One-time donation via GitHub Sponsors
  • Librepay
  • buymeacoffee
  • Bitcoin: 1FvEp6P6NM8EZEkpGUFAN2LqJ1gxusNxZX
  • ZCash: u1smm4wvqegcp46zss2jf5xptchgeczp4rx7a0wu3mermf2wxahm26yyz5w9mw3f2p4emwlljxjumg774kgs8rntt9yags0whnzane4n67z4c7gppq4yyvcj404ne3r769prwzd9j8ntvqp44fa6d67sf7rmcfjmds3gmeceff4u8e92rh38nd30cr96xw6vfhk6scu4ws90ldzupr3sz

Contributors