add set permission endpoint and UI

2026-02-12 03:47:51 +03:00 · 2024-04-12 18:28:50 +02:00
parent 98f1d1517a
commit ac1c4e206e
18 changed files with 419 additions and 6 deletions
--- a/server/src/controllers/album.controller.ts
+++ b/server/src/controllers/album.controller.ts
@@ -7,6 +7,7 @@ import {
  AlbumResponseDto,
  CreateAlbumDto,
  GetAlbumsDto,
+  SetAlbumPermissionDto,
  UpdateAlbumDto,
 } from 'src/dtos/album.dto';
 import { BulkIdResponseDto, BulkIdsDto } from 'src/dtos/asset-ids.response.dto';
@@ -96,4 +97,14 @@ export class AlbumController {
  ) {
    return this.service.removeUser(auth, id, userId);
  }
+
+  @Put(':id/permission/:userId')
+  setAlbumPermission(
+    @Auth() auth: AuthDto,
+    @Param() { id }: UUIDParamDto,
+    @Param('userId', new ParseMeUUIDPipe({ version: '4' })) userId: string,
+    @Body() dto: SetAlbumPermissionDto,
+  ): Promise<void> {
+    return this.service.setAlbumPermission(auth, id, userId, dto);
+  }
 }
--- a/server/src/dtos/album.dto.ts
+++ b/server/src/dtos/album.dto.ts
@@ -83,6 +83,11 @@ export class AlbumCountResponseDto {
  notShared!: number;
 }

+export class SetAlbumPermissionDto {
+  @ValidateBoolean()
+  readonly!: boolean;
+}
+
 export class AlbumPermissionResponseDto {
  user!: UserResponseDto;
  readonly!: boolean;
--- a/server/src/repositories/album-permission.repository.ts
+++ b/server/src/repositories/album-permission.repository.ts
@@ -1,9 +1,10 @@
 import { Injectable } from '@nestjs/common';
 import { InjectRepository } from '@nestjs/typeorm';
+import { Equals } from 'class-validator';
 import { AlbumPermissionEntity } from 'src/entities/album-permission.entity';
 import { IAlbumPermissionRepository } from 'src/interfaces/album-permission.interface';
 import { Instrumentation } from 'src/utils/instrumentation';
-import { Repository } from 'typeorm';
+import { Equal, Repository } from 'typeorm';

@Instrumentation()
@Injectable()
@@ -16,9 +17,11 @@ export class AlbumPermissionRepository implements IAlbumPermissionRepository {
  }

  async update(userId: string, albumId: string, dto: Partial<AlbumPermissionEntity>): Promise<AlbumPermissionEntity> {
-    await this.repository.update({ users: { id: userId }, albums: { id: albumId } }, dto);
+    // @ts-expect-error I'm pretty sure I messed something up with the entity because
+    // if I follow what typescript says I get postgres errors
+    await this.repository.update({ users: userId, albums: albumId }, dto);
    return this.repository.findOneOrFail({
-      where: { users: { id: userId }, albums: { id: albumId } },
+      where: { users: Equal(userId), albums: Equal(albumId) },
      relations: { users: true },
    });
  }
--- a/server/src/services/album.service.ts
+++ b/server/src/services/album.service.ts
@@ -264,6 +264,26 @@ export class AlbumService {
    await this.albumPermissionRepository.delete(userId, id);
  }

+  async setAlbumPermission(
+    auth: AuthDto,
+    id: string,
+    userId: string,
+    dto: Partial<AlbumPermissionEntity>,
+  ): Promise<void> {
+    await this.access.requirePermission(auth, Permission.ALBUM_SHARE, id);
+
+    const album = await this.findOrFail(id, { withAssets: false });
+
+    const permission = album.albumPermissions.find(({ users: { id } }) => id === userId);
+    if (!permission) {
+      throw new BadRequestException('Album not shared with user');
+    }
+
+    console.log(userId, id, dto.readonly);
+
+    await this.albumPermissionRepository.update(userId, id, { readonly: dto.readonly });
+  }
+
  private async findOrFail(id: string, options: AlbumInfoOptions) {
    const album = await this.albumRepository.getById(id, options);
    if (!album) {