From 0f2cc0c8ca3bccc84b2938ad9b938f48572bb21b Mon Sep 17 00:00:00 2001
From: mgabor <>
Date: Sun, 21 Apr 2024 18:42:46 +0200
Subject: [PATCH] fix tests

---
 server/src/cores/access.core.ts           | 8 +++++++-
 server/src/services/album.service.spec.ts | 8 ++++----
 2 files changed, 11 insertions(+), 5 deletions(-)

diff --git a/server/src/cores/access.core.ts b/server/src/cores/access.core.ts
index 2ae776b194..6f8930d05a 100644
--- a/server/src/cores/access.core.ts
+++ b/server/src/cores/access.core.ts
@@ -264,7 +264,13 @@ export class AccessCore {
       }
 
       case Permission.ALBUM_REMOVE_ASSET: {
-        return await this.repository.album.checkOwnerAccess(auth.user.id, ids);
+        const isOwner = await this.repository.album.checkOwnerAccess(auth.user.id, ids);
+        const isShared = await this.repository.album.checkSharedAlbumAccess(
+          auth.user.id,
+          setDifference(ids, isOwner),
+          AlbumUserRole.EDITOR,
+        );
+        return setUnion(isOwner, isShared);
       }
 
       case Permission.ASSET_UPLOAD: {
diff --git a/server/src/services/album.service.spec.ts b/server/src/services/album.service.spec.ts
index b1cfdb204a..d2d06ea817 100644
--- a/server/src/services/album.service.spec.ts
+++ b/server/src/services/album.service.spec.ts
@@ -194,7 +194,7 @@ describe(AlbumService.name, () => {
         ownerId: authStub.admin.user.id,
         albumName: albumStub.empty.albumName,
         description: albumStub.empty.description,
-        sharedUsers: [{ user: { id: 'user-id' } }],
+        albumUsers: [{ user: { id: 'user-id' } }],
         assets: [{ id: '123' }],
         albumThumbnailAssetId: '123',
       });
@@ -230,7 +230,7 @@ describe(AlbumService.name, () => {
         ownerId: authStub.admin.user.id,
         albumName: 'Test album',
         description: '',
-        sharedUsers: [],
+        albumUsers: [],
         assets: [{ id: 'asset-1' }],
         albumThumbnailAssetId: 'asset-1',
       });
@@ -366,7 +366,7 @@ describe(AlbumService.name, () => {
         user: userStub.user2,
         albumId: albumStub.sharedWithAdmin.id,
         album: albumStub.sharedWithAdmin,
-        role: AlbumUserRole.EDITOR,
+        role: AlbumUserRole.VIEWER,
       });
       await sut.addUsers(authStub.user1, albumStub.sharedWithAdmin.id, { sharedUserIds: [authStub.user2.user.id] });
       expect(albumUserMock.create).toHaveBeenCalledWith({
@@ -730,7 +730,7 @@ describe(AlbumService.name, () => {
       expect(albumMock.update).not.toHaveBeenCalled();
     });
 
-    it('should skip assets without user permission to remove', async () => {
+    it('should skip assets when user has remove permission on album but not on asset', async () => {
       accessMock.album.checkSharedAlbumAccess.mockResolvedValue(new Set(['album-123']));
       albumMock.getById.mockResolvedValue(_.cloneDeep(albumStub.oneAsset));
       albumMock.getAssetIds.mockResolvedValue(new Set(['asset-id']));