mirror of
https://github.com/immich-app/immich.git
synced 2025-01-21 00:52:43 -05:00
Simplify control flow
This commit is contained in:
parent
38cfdea855
commit
7bc3cbf687
1 changed files with 9 additions and 3 deletions
|
@ -644,21 +644,27 @@ export class AssetService {
|
||||||
|
|
||||||
async checkAssetsAccess(authUser: AuthUserDto, assetIds: string[], mustBeOwner = false) {
|
async checkAssetsAccess(authUser: AuthUserDto, assetIds: string[], mustBeOwner = false) {
|
||||||
for (const assetId of assetIds) {
|
for (const assetId of assetIds) {
|
||||||
|
// Default: DENY
|
||||||
|
let accessAllowed = false;
|
||||||
|
|
||||||
// Step 1: Check if user owns asset
|
// Step 1: Check if user owns asset
|
||||||
if ((await this._assetRepository.countByIdAndUser(assetId, authUser.id)) == 1) {
|
if ((await this._assetRepository.countByIdAndUser(assetId, authUser.id)) == 1) {
|
||||||
continue;
|
accessAllowed = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Avoid additional checks if ownership is required
|
// Avoid additional checks if ownership is required
|
||||||
if (!mustBeOwner) {
|
if (!mustBeOwner) {
|
||||||
// Step 2: Check if asset is part of an album shared with me
|
// Step 2: Check if asset is part of an album shared with me
|
||||||
if ((await this._albumRepository.getSharedWithUserAlbumCount(authUser.id, assetId)) > 0) {
|
if ((await this._albumRepository.getSharedWithUserAlbumCount(authUser.id, assetId)) > 0) {
|
||||||
continue;
|
accessAllowed = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
//TODO: Step 3: Check if asset is part of a public album
|
//TODO: Step 3: Check if asset is part of a public album
|
||||||
}
|
}
|
||||||
throw new ForbiddenException();
|
|
||||||
|
if (!accessAllowed) {
|
||||||
|
throw new ForbiddenException();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Add table
Reference in a new issue