0
Fork 0
mirror of https://github.com/immich-app/immich.git synced 2025-01-21 00:52:43 -05:00

fix(web): fix Theme Custom CSS endpoint requiring the user to be logged in as the server admin (#4633)

* fix custom css requiring the user to be the admin and logged in

* move theme api to custom endpoint

* add e2e test
This commit is contained in:
Wingy 2023-10-25 15:13:05 -07:00 committed by GitHub
parent 237d1c1bf4
commit cb0e37e76e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
20 changed files with 448 additions and 1 deletions

View file

@ -2958,6 +2958,19 @@ export interface ServerStatsResponseDto {
*/
'videos': number;
}
/**
*
* @export
* @interface ServerThemeDto
*/
export interface ServerThemeDto {
/**
*
* @type {SystemConfigThemeDto}
* @memberof ServerThemeDto
*/
'theme': SystemConfigThemeDto;
}
/**
*
* @export
@ -13193,6 +13206,35 @@ export const ServerInfoApiAxiosParamCreator = function (configuration?: Configur
setSearchParams(localVarUrlObj, localVarQueryParameter);
let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {};
localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers};
return {
url: toPathString(localVarUrlObj),
options: localVarRequestOptions,
};
},
/**
*
* @param {*} [options] Override http request option.
* @throws {RequiredError}
*/
getTheme: async (options: AxiosRequestConfig = {}): Promise<RequestArgs> => {
const localVarPath = `/server-info/theme`;
// use dummy base URL string because the URL constructor only accepts absolute URLs.
const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL);
let baseOptions;
if (configuration) {
baseOptions = configuration.baseOptions;
}
const localVarRequestOptions = { method: 'GET', ...baseOptions, ...options};
const localVarHeaderParameter = {} as any;
const localVarQueryParameter = {} as any;
setSearchParams(localVarUrlObj, localVarQueryParameter);
let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {};
localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers};
@ -13295,6 +13337,15 @@ export const ServerInfoApiFp = function(configuration?: Configuration) {
const localVarAxiosArgs = await localVarAxiosParamCreator.getSupportedMediaTypes(options);
return createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration);
},
/**
*
* @param {*} [options] Override http request option.
* @throws {RequiredError}
*/
async getTheme(options?: AxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<ServerThemeDto>> {
const localVarAxiosArgs = await localVarAxiosParamCreator.getTheme(options);
return createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration);
},
/**
*
* @param {*} [options] Override http request option.
@ -13362,6 +13413,14 @@ export const ServerInfoApiFactory = function (configuration?: Configuration, bas
getSupportedMediaTypes(options?: AxiosRequestConfig): AxiosPromise<ServerMediaTypesResponseDto> {
return localVarFp.getSupportedMediaTypes(options).then((request) => request(axios, basePath));
},
/**
*
* @param {*} [options] Override http request option.
* @throws {RequiredError}
*/
getTheme(options?: AxiosRequestConfig): AxiosPromise<ServerThemeDto> {
return localVarFp.getTheme(options).then((request) => request(axios, basePath));
},
/**
*
* @param {*} [options] Override http request option.
@ -13440,6 +13499,16 @@ export class ServerInfoApi extends BaseAPI {
return ServerInfoApiFp(this.configuration).getSupportedMediaTypes(options).then((request) => request(this.axios, this.basePath));
}
/**
*
* @param {*} [options] Override http request option.
* @throws {RequiredError}
* @memberof ServerInfoApi
*/
public getTheme(options?: AxiosRequestConfig) {
return ServerInfoApiFp(this.configuration).getTheme(options).then((request) => request(this.axios, this.basePath));
}
/**
*
* @param {*} [options] Override http request option.

View file

@ -115,6 +115,7 @@ doc/ServerInfoResponseDto.md
doc/ServerMediaTypesResponseDto.md
doc/ServerPingResponse.md
doc/ServerStatsResponseDto.md
doc/ServerThemeDto.md
doc/ServerVersionResponseDto.md
doc/SharedLinkApi.md
doc/SharedLinkCreateDto.md
@ -285,6 +286,7 @@ lib/model/server_info_response_dto.dart
lib/model/server_media_types_response_dto.dart
lib/model/server_ping_response.dart
lib/model/server_stats_response_dto.dart
lib/model/server_theme_dto.dart
lib/model/server_version_response_dto.dart
lib/model/shared_link_create_dto.dart
lib/model/shared_link_edit_dto.dart
@ -438,6 +440,7 @@ test/server_info_response_dto_test.dart
test/server_media_types_response_dto_test.dart
test/server_ping_response_test.dart
test/server_stats_response_dto_test.dart
test/server_theme_dto_test.dart
test/server_version_response_dto_test.dart
test/shared_link_api_test.dart
test/shared_link_create_dto_test.dart

View file

@ -165,6 +165,7 @@ Class | Method | HTTP request | Description
*ServerInfoApi* | [**getServerVersion**](doc//ServerInfoApi.md#getserverversion) | **GET** /server-info/version |
*ServerInfoApi* | [**getStats**](doc//ServerInfoApi.md#getstats) | **GET** /server-info/stats |
*ServerInfoApi* | [**getSupportedMediaTypes**](doc//ServerInfoApi.md#getsupportedmediatypes) | **GET** /server-info/media-types |
*ServerInfoApi* | [**getTheme**](doc//ServerInfoApi.md#gettheme) | **GET** /server-info/theme |
*ServerInfoApi* | [**pingServer**](doc//ServerInfoApi.md#pingserver) | **GET** /server-info/ping |
*SharedLinkApi* | [**addSharedLinkAssets**](doc//SharedLinkApi.md#addsharedlinkassets) | **PUT** /shared-link/{id}/assets |
*SharedLinkApi* | [**createSharedLink**](doc//SharedLinkApi.md#createsharedlink) | **POST** /shared-link |
@ -300,6 +301,7 @@ Class | Method | HTTP request | Description
- [ServerMediaTypesResponseDto](doc//ServerMediaTypesResponseDto.md)
- [ServerPingResponse](doc//ServerPingResponse.md)
- [ServerStatsResponseDto](doc//ServerStatsResponseDto.md)
- [ServerThemeDto](doc//ServerThemeDto.md)
- [ServerVersionResponseDto](doc//ServerVersionResponseDto.md)
- [SharedLinkCreateDto](doc//SharedLinkCreateDto.md)
- [SharedLinkEditDto](doc//SharedLinkEditDto.md)

View file

@ -15,6 +15,7 @@ Method | HTTP request | Description
[**getServerVersion**](ServerInfoApi.md#getserverversion) | **GET** /server-info/version |
[**getStats**](ServerInfoApi.md#getstats) | **GET** /server-info/stats |
[**getSupportedMediaTypes**](ServerInfoApi.md#getsupportedmediatypes) | **GET** /server-info/media-types |
[**getTheme**](ServerInfoApi.md#gettheme) | **GET** /server-info/theme |
[**pingServer**](ServerInfoApi.md#pingserver) | **GET** /server-info/ping |
@ -268,6 +269,43 @@ No authorization required
[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
# **getTheme**
> ServerThemeDto getTheme()
### Example
```dart
import 'package:openapi/api.dart';
final api_instance = ServerInfoApi();
try {
final result = api_instance.getTheme();
print(result);
} catch (e) {
print('Exception when calling ServerInfoApi->getTheme: $e\n');
}
```
### Parameters
This endpoint does not need any parameter.
### Return type
[**ServerThemeDto**](ServerThemeDto.md)
### Authorization
No authorization required
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
# **pingServer**
> ServerPingResponse pingServer()

15
mobile/openapi/doc/ServerThemeDto.md generated Normal file
View file

@ -0,0 +1,15 @@
# openapi.model.ServerThemeDto
## Load the model package
```dart
import 'package:openapi/api.dart';
```
## Properties
Name | Type | Description | Notes
------------ | ------------- | ------------- | -------------
**theme** | [**SystemConfigThemeDto**](SystemConfigThemeDto.md) | |
[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md)

View file

@ -145,6 +145,7 @@ part 'model/server_info_response_dto.dart';
part 'model/server_media_types_response_dto.dart';
part 'model/server_ping_response.dart';
part 'model/server_stats_response_dto.dart';
part 'model/server_theme_dto.dart';
part 'model/server_version_response_dto.dart';
part 'model/shared_link_create_dto.dart';
part 'model/shared_link_edit_dto.dart';

View file

@ -262,6 +262,47 @@ class ServerInfoApi {
return null;
}
/// Performs an HTTP 'GET /server-info/theme' operation and returns the [Response].
Future<Response> getThemeWithHttpInfo() async {
// ignore: prefer_const_declarations
final path = r'/server-info/theme';
// ignore: prefer_final_locals
Object? postBody;
final queryParams = <QueryParam>[];
final headerParams = <String, String>{};
final formParams = <String, String>{};
const contentTypes = <String>[];
return apiClient.invokeAPI(
path,
'GET',
queryParams,
postBody,
headerParams,
formParams,
contentTypes.isEmpty ? null : contentTypes.first,
);
}
Future<ServerThemeDto?> getTheme() async {
final response = await getThemeWithHttpInfo();
if (response.statusCode >= HttpStatus.badRequest) {
throw ApiException(response.statusCode, await _decodeBodyBytes(response));
}
// When a remote server returns no body with a status of 204, we shall not decode it.
// At the time of writing this, `dart:convert` will throw an "Unexpected end of input"
// FormatException when trying to decode an empty string.
if (response.body.isNotEmpty && response.statusCode != HttpStatus.noContent) {
return await apiClient.deserializeAsync(await _decodeBodyBytes(response), 'ServerThemeDto',) as ServerThemeDto;
}
return null;
}
/// Performs an HTTP 'GET /server-info/ping' operation and returns the [Response].
Future<Response> pingServerWithHttpInfo() async {
// ignore: prefer_const_declarations

View file

@ -381,6 +381,8 @@ class ApiClient {
return ServerPingResponse.fromJson(value);
case 'ServerStatsResponseDto':
return ServerStatsResponseDto.fromJson(value);
case 'ServerThemeDto':
return ServerThemeDto.fromJson(value);
case 'ServerVersionResponseDto':
return ServerVersionResponseDto.fromJson(value);
case 'SharedLinkCreateDto':

View file

@ -0,0 +1,98 @@
//
// AUTO-GENERATED FILE, DO NOT MODIFY!
//
// @dart=2.12
// ignore_for_file: unused_element, unused_import
// ignore_for_file: always_put_required_named_parameters_first
// ignore_for_file: constant_identifier_names
// ignore_for_file: lines_longer_than_80_chars
part of openapi.api;
class ServerThemeDto {
/// Returns a new [ServerThemeDto] instance.
ServerThemeDto({
required this.theme,
});
SystemConfigThemeDto theme;
@override
bool operator ==(Object other) => identical(this, other) || other is ServerThemeDto &&
other.theme == theme;
@override
int get hashCode =>
// ignore: unnecessary_parenthesis
(theme.hashCode);
@override
String toString() => 'ServerThemeDto[theme=$theme]';
Map<String, dynamic> toJson() {
final json = <String, dynamic>{};
json[r'theme'] = this.theme;
return json;
}
/// Returns a new [ServerThemeDto] instance and imports its values from
/// [value] if it's a [Map], null otherwise.
// ignore: prefer_constructors_over_static_methods
static ServerThemeDto? fromJson(dynamic value) {
if (value is Map) {
final json = value.cast<String, dynamic>();
return ServerThemeDto(
theme: SystemConfigThemeDto.fromJson(json[r'theme'])!,
);
}
return null;
}
static List<ServerThemeDto> listFromJson(dynamic json, {bool growable = false,}) {
final result = <ServerThemeDto>[];
if (json is List && json.isNotEmpty) {
for (final row in json) {
final value = ServerThemeDto.fromJson(row);
if (value != null) {
result.add(value);
}
}
}
return result.toList(growable: growable);
}
static Map<String, ServerThemeDto> mapFromJson(dynamic json) {
final map = <String, ServerThemeDto>{};
if (json is Map && json.isNotEmpty) {
json = json.cast<String, dynamic>(); // ignore: parameter_assignments
for (final entry in json.entries) {
final value = ServerThemeDto.fromJson(entry.value);
if (value != null) {
map[entry.key] = value;
}
}
}
return map;
}
// maps a json object with a list of ServerThemeDto-objects as value to a dart map
static Map<String, List<ServerThemeDto>> mapListFromJson(dynamic json, {bool growable = false,}) {
final map = <String, List<ServerThemeDto>>{};
if (json is Map && json.isNotEmpty) {
// ignore: parameter_assignments
json = json.cast<String, dynamic>();
for (final entry in json.entries) {
map[entry.key] = ServerThemeDto.listFromJson(entry.value, growable: growable,);
}
}
return map;
}
/// The list of required keys that must be present in a JSON.
static const requiredKeys = <String>{
'theme',
};
}

View file

@ -47,6 +47,11 @@ void main() {
// TODO
});
//Future<ServerThemeDto> getTheme() async
test('test getTheme', () async {
// TODO
});
//Future<ServerPingResponse> pingServer() async
test('test pingServer', () async {
// TODO

View file

@ -0,0 +1,27 @@
//
// AUTO-GENERATED FILE, DO NOT MODIFY!
//
// @dart=2.12
// ignore_for_file: unused_element, unused_import
// ignore_for_file: always_put_required_named_parameters_first
// ignore_for_file: constant_identifier_names
// ignore_for_file: lines_longer_than_80_chars
import 'package:openapi/api.dart';
import 'package:test/test.dart';
// tests for ServerThemeDto
void main() {
// final instance = ServerThemeDto();
group('test ServerThemeDto', () {
// SystemConfigThemeDto theme
test('to test the property `theme`', () async {
// TODO
});
});
}

View file

@ -4126,6 +4126,27 @@
]
}
},
"/server-info/theme": {
"get": {
"operationId": "getTheme",
"parameters": [],
"responses": {
"200": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/ServerThemeDto"
}
}
},
"description": ""
}
},
"tags": [
"Server Info"
]
}
},
"/server-info/version": {
"get": {
"operationId": "getServerVersion",
@ -7812,6 +7833,17 @@
],
"type": "object"
},
"ServerThemeDto": {
"properties": {
"theme": {
"$ref": "#/components/schemas/SystemConfigThemeDto"
}
},
"required": [
"theme"
],
"type": "object"
},
"ServerVersionResponseDto": {
"properties": {
"major": {

View file

@ -1,5 +1,6 @@
import { FeatureFlags, IServerVersion } from '@app/domain';
import { ApiProperty, ApiResponseProperty } from '@nestjs/swagger';
import { SystemConfigThemeDto } from '../system-config/dto/system-config-theme.dto';
export class ServerPingResponse {
@ApiResponseProperty({ type: String, example: 'pong' })
@ -79,6 +80,10 @@ export class ServerMediaTypesResponseDto {
sidecar!: string[];
}
export class ServerThemeDto {
theme!: SystemConfigThemeDto;
}
export class ServerConfigDto {
oauthButtonText!: string;
loginPageMessage!: string;

View file

@ -70,6 +70,11 @@ export class ServerInfoService {
return this.configCore.getFeatures();
}
async getTheme() {
const { theme } = await this.configCore.getConfig();
return { theme };
}
async getConfig(): Promise<ServerConfigDto> {
const config = await this.configCore.getConfig();

View file

@ -298,4 +298,10 @@ describe(SystemConfigService.name, () => {
subscription.unsubscribe();
});
});
describe('getTheme', () => {
it('should return the default theme', async () => {
await expect(sut.getTheme()).resolves.toEqual(defaults.theme);
});
});
});

View file

@ -1,6 +1,7 @@
import { Inject, Injectable } from '@nestjs/common';
import { JobName } from '../job';
import { CommunicationEvent, ICommunicationRepository, IJobRepository, ISystemConfigRepository } from '../repositories';
import { SystemConfigThemeDto } from './dto/system-config-theme.dto';
import { SystemConfigDto, mapConfig } from './dto/system-config.dto';
import { SystemConfigTemplateStorageOptionDto } from './response-dto/system-config-template-storage-option.dto';
import {
@ -30,6 +31,11 @@ export class SystemConfigService {
return this.core.config$;
}
async getTheme(): Promise<SystemConfigThemeDto> {
const { theme } = await this.core.getConfig();
return theme;
}
async getConfig(): Promise<SystemConfigDto> {
const config = await this.core.getConfig();
return mapConfig(config);

View file

@ -6,6 +6,7 @@ import {
ServerMediaTypesResponseDto,
ServerPingResponse,
ServerStatsResponseDto,
ServerThemeDto,
ServerVersionResponseDto,
} from '@app/domain';
import { Controller, Get } from '@nestjs/common';
@ -43,6 +44,12 @@ export class ServerInfoController {
return this.service.getFeatures();
}
@PublicRoute()
@Get('theme')
getTheme(): Promise<ServerThemeDto> {
return this.service.getTheme();
}
@PublicRoute()
@Get('config')
getServerConfig(): Promise<ServerConfigDto> {

View file

@ -155,4 +155,16 @@ describe(`${ServerInfoController.name} (e2e)`, () => {
});
});
});
describe('GET /server-info/theme', () => {
it('should respond with the server theme', async () => {
const { status, body } = await request(server).get('/server-info/theme');
expect(status).toBe(200);
expect(body).toEqual({
theme: {
customCss: '',
},
});
});
});
});

View file

@ -2958,6 +2958,19 @@ export interface ServerStatsResponseDto {
*/
'videos': number;
}
/**
*
* @export
* @interface ServerThemeDto
*/
export interface ServerThemeDto {
/**
*
* @type {SystemConfigThemeDto}
* @memberof ServerThemeDto
*/
'theme': SystemConfigThemeDto;
}
/**
*
* @export
@ -13193,6 +13206,35 @@ export const ServerInfoApiAxiosParamCreator = function (configuration?: Configur
setSearchParams(localVarUrlObj, localVarQueryParameter);
let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {};
localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers};
return {
url: toPathString(localVarUrlObj),
options: localVarRequestOptions,
};
},
/**
*
* @param {*} [options] Override http request option.
* @throws {RequiredError}
*/
getTheme: async (options: AxiosRequestConfig = {}): Promise<RequestArgs> => {
const localVarPath = `/server-info/theme`;
// use dummy base URL string because the URL constructor only accepts absolute URLs.
const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL);
let baseOptions;
if (configuration) {
baseOptions = configuration.baseOptions;
}
const localVarRequestOptions = { method: 'GET', ...baseOptions, ...options};
const localVarHeaderParameter = {} as any;
const localVarQueryParameter = {} as any;
setSearchParams(localVarUrlObj, localVarQueryParameter);
let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {};
localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers};
@ -13295,6 +13337,15 @@ export const ServerInfoApiFp = function(configuration?: Configuration) {
const localVarAxiosArgs = await localVarAxiosParamCreator.getSupportedMediaTypes(options);
return createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration);
},
/**
*
* @param {*} [options] Override http request option.
* @throws {RequiredError}
*/
async getTheme(options?: AxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<ServerThemeDto>> {
const localVarAxiosArgs = await localVarAxiosParamCreator.getTheme(options);
return createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration);
},
/**
*
* @param {*} [options] Override http request option.
@ -13362,6 +13413,14 @@ export const ServerInfoApiFactory = function (configuration?: Configuration, bas
getSupportedMediaTypes(options?: AxiosRequestConfig): AxiosPromise<ServerMediaTypesResponseDto> {
return localVarFp.getSupportedMediaTypes(options).then((request) => request(axios, basePath));
},
/**
*
* @param {*} [options] Override http request option.
* @throws {RequiredError}
*/
getTheme(options?: AxiosRequestConfig): AxiosPromise<ServerThemeDto> {
return localVarFp.getTheme(options).then((request) => request(axios, basePath));
},
/**
*
* @param {*} [options] Override http request option.
@ -13440,6 +13499,16 @@ export class ServerInfoApi extends BaseAPI {
return ServerInfoApiFp(this.configuration).getSupportedMediaTypes(options).then((request) => request(this.axios, this.basePath));
}
/**
*
* @param {*} [options] Override http request option.
* @throws {RequiredError}
* @memberof ServerInfoApi
*/
public getTheme(options?: AxiosRequestConfig) {
return ServerInfoApiFp(this.configuration).getTheme(options).then((request) => request(this.axios, this.basePath));
}
/**
*
* @param {*} [options] Override http request option.

View file

@ -1,6 +1,10 @@
import { RequestHandler, text } from '@sveltejs/kit';
export const GET = (async ({ locals: { api } }) => {
const { customCss } = await api.systemConfigApi.getConfig().then((res) => res.data.theme);
const {
data: {
theme: { customCss },
},
} = await api.serverInfoApi.getTheme();
return text(customCss, {
headers: {
'Content-Type': 'text/css',