Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

refactor(server): auth route metadata #9344

Merged
merged 1 commit into from
May 9, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 0 additions & 18 deletions open-api/immich-openapi-specs.json
Original file line number Diff line number Diff line change
Expand Up @@ -5806,15 +5806,6 @@
}
},
"security": [
{
"bearer": []
},
{
"cookie": []
},
{
"api_key": []
},
{
"bearer": []
},
Expand Down Expand Up @@ -5942,15 +5933,6 @@
}
},
"security": [
{
"bearer": []
},
{
"cookie": []
},
{
"api_key": []
},
{
"bearer": []
},
Expand Down
5 changes: 4 additions & 1 deletion server/src/controllers/activity.controller.ts
Original file line number Diff line number Diff line change
Expand Up @@ -15,21 +15,23 @@ import { UUIDParamDto } from 'src/validation';

@ApiTags('Activity')
@Controller('activity')
@Authenticated()
export class ActivityController {
constructor(private service: ActivityService) {}

@Get()
@Authenticated()
getActivities(@Auth() auth: AuthDto, @Query() dto: ActivitySearchDto): Promise<ActivityResponseDto[]> {
return this.service.getAll(auth, dto);
}

@Get('statistics')
@Authenticated()
getActivityStatistics(@Auth() auth: AuthDto, @Query() dto: ActivityDto): Promise<ActivityStatisticsResponseDto> {
return this.service.getStatistics(auth, dto);
}

@Post()
@Authenticated()
async createActivity(
@Auth() auth: AuthDto,
@Body() dto: ActivityCreateDto,
Expand All @@ -44,6 +46,7 @@ export class ActivityController {

@Delete(':id')
@HttpCode(HttpStatus.NO_CONTENT)
@Authenticated()
deleteActivity(@Auth() auth: AuthDto, @Param() { id }: UUIDParamDto): Promise<void> {
return this.service.delete(auth, id);
}
Expand Down
16 changes: 12 additions & 4 deletions server/src/controllers/album.controller.ts
Original file line number Diff line number Diff line change
Expand Up @@ -12,32 +12,34 @@ import {
} from 'src/dtos/album.dto';
import { BulkIdResponseDto, BulkIdsDto } from 'src/dtos/asset-ids.response.dto';
import { AuthDto } from 'src/dtos/auth.dto';
import { Auth, Authenticated, SharedLinkRoute } from 'src/middleware/auth.guard';
import { Auth, Authenticated } from 'src/middleware/auth.guard';
import { AlbumService } from 'src/services/album.service';
import { ParseMeUUIDPipe, UUIDParamDto } from 'src/validation';

@ApiTags('Album')
@Controller('album')
@Authenticated()
export class AlbumController {
constructor(private service: AlbumService) {}

@Get('count')
@Authenticated()
getAlbumCount(@Auth() auth: AuthDto): Promise<AlbumCountResponseDto> {
return this.service.getCount(auth);
}

@Get()
@Authenticated()
getAllAlbums(@Auth() auth: AuthDto, @Query() query: GetAlbumsDto): Promise<AlbumResponseDto[]> {
return this.service.getAll(auth, query);
}

@Post()
@Authenticated()
createAlbum(@Auth() auth: AuthDto, @Body() dto: CreateAlbumDto): Promise<AlbumResponseDto> {
return this.service.create(auth, dto);
}

@SharedLinkRoute()
@Authenticated({ sharedLink: true })
@Get(':id')
getAlbumInfo(
@Auth() auth: AuthDto,
Expand All @@ -48,6 +50,7 @@ export class AlbumController {
}

@Patch(':id')
@Authenticated()
updateAlbumInfo(
@Auth() auth: AuthDto,
@Param() { id }: UUIDParamDto,
Expand All @@ -57,12 +60,13 @@ export class AlbumController {
}

@Delete(':id')
@Authenticated()
deleteAlbum(@Auth() auth: AuthDto, @Param() { id }: UUIDParamDto) {
return this.service.delete(auth, id);
}

@SharedLinkRoute()
@Put(':id/assets')
@Authenticated({ sharedLink: true })
addAssetsToAlbum(
@Auth() auth: AuthDto,
@Param() { id }: UUIDParamDto,
Expand All @@ -72,6 +76,7 @@ export class AlbumController {
}

@Delete(':id/assets')
@Authenticated()
removeAssetFromAlbum(
@Auth() auth: AuthDto,
@Body() dto: BulkIdsDto,
Expand All @@ -81,6 +86,7 @@ export class AlbumController {
}

@Put(':id/users')
@Authenticated()
addUsersToAlbum(
@Auth() auth: AuthDto,
@Param() { id }: UUIDParamDto,
Expand All @@ -90,6 +96,7 @@ export class AlbumController {
}

@Put(':id/user/:userId')
@Authenticated()
updateAlbumUser(
@Auth() auth: AuthDto,
@Param() { id }: UUIDParamDto,
Expand All @@ -100,6 +107,7 @@ export class AlbumController {
}

@Delete(':id/user/:userId')
@Authenticated()
removeUserFromAlbum(
@Auth() auth: AuthDto,
@Param() { id }: UUIDParamDto,
Expand Down
6 changes: 5 additions & 1 deletion server/src/controllers/api-key.controller.ts
Original file line number Diff line number Diff line change
Expand Up @@ -8,26 +8,29 @@ import { UUIDParamDto } from 'src/validation';

@ApiTags('API Key')
@Controller('api-key')
@Authenticated()
export class APIKeyController {
constructor(private service: APIKeyService) {}

@Post()
@Authenticated()
createApiKey(@Auth() auth: AuthDto, @Body() dto: APIKeyCreateDto): Promise<APIKeyCreateResponseDto> {
return this.service.create(auth, dto);
}

@Get()
@Authenticated()
getApiKeys(@Auth() auth: AuthDto): Promise<APIKeyResponseDto[]> {
return this.service.getAll(auth);
}

@Get(':id')
@Authenticated()
getApiKey(@Auth() auth: AuthDto, @Param() { id }: UUIDParamDto): Promise<APIKeyResponseDto> {
return this.service.getById(auth, id);
}

@Put(':id')
@Authenticated()
updateApiKey(
@Auth() auth: AuthDto,
@Param() { id }: UUIDParamDto,
Expand All @@ -37,6 +40,7 @@ export class APIKeyController {
}

@Delete(':id')
@Authenticated()
deleteApiKey(@Auth() auth: AuthDto, @Param() { id }: UUIDParamDto): Promise<void> {
return this.service.delete(auth, id);
}
Expand Down
2 changes: 0 additions & 2 deletions server/src/controllers/app.controller.ts
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
import { Controller, Get, Header } from '@nestjs/common';
import { ApiExcludeEndpoint } from '@nestjs/swagger';
import { PublicRoute } from 'src/middleware/auth.guard';
import { SystemConfigService } from 'src/services/system-config.service';

@Controller()
Expand All @@ -18,7 +17,6 @@ export class AppController {
}

@ApiExcludeEndpoint()
@PublicRoute()
@Get('custom.css')
@Header('Content-Type', 'text/css')
getCustomCss() {
Expand Down
17 changes: 8 additions & 9 deletions server/src/controllers/asset-v1.controller.ts
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ import {
} from 'src/dtos/asset-v1.dto';
import { AuthDto, ImmichHeader } from 'src/dtos/auth.dto';
import { AssetUploadInterceptor } from 'src/middleware/asset-upload.interceptor';
import { Auth, Authenticated, FileResponse, SharedLinkRoute } from 'src/middleware/auth.guard';
import { Auth, Authenticated, FileResponse } from 'src/middleware/auth.guard';
import { FileUploadInterceptor, ImmichFile, Route, mapToUploadFile } from 'src/middleware/file-upload.interceptor';
import { AssetServiceV1 } from 'src/services/asset-v1.service';
import { sendFile } from 'src/utils/file';
Expand All @@ -45,11 +45,9 @@ interface UploadFiles {

@ApiTags('Asset')
@Controller(Route.ASSET)
@Authenticated()
export class AssetControllerV1 {
constructor(private service: AssetServiceV1) {}

@SharedLinkRoute()
@Post('upload')
@UseInterceptors(AssetUploadInterceptor, FileUploadInterceptor)
@ApiConsumes('multipart/form-data')
Expand All @@ -58,10 +56,8 @@ export class AssetControllerV1 {
description: 'sha1 checksum that can be used for duplicate detection before the file is uploaded',
required: false,
})
@ApiBody({
description: 'Asset Upload Information',
type: CreateAssetDto,
})
@ApiBody({ description: 'Asset Upload Information', type: CreateAssetDto })
@Authenticated({ sharedLink: true })
async uploadFile(
@Auth() auth: AuthDto,
@UploadedFiles(new ParseFilePipe({ validators: [new FileNotEmptyValidator(['assetData'])] })) files: UploadFiles,
Expand Down Expand Up @@ -89,9 +85,9 @@ export class AssetControllerV1 {
return responseDto;
}

@SharedLinkRoute()
@Get('/file/:id')
@FileResponse()
@Authenticated({ sharedLink: true })
async serveFile(
@Res() res: Response,
@Next() next: NextFunction,
Expand All @@ -102,9 +98,9 @@ export class AssetControllerV1 {
await sendFile(res, next, () => this.service.serveFile(auth, id, dto));
}

@SharedLinkRoute()
@Get('/thumbnail/:id')
@FileResponse()
@Authenticated({ sharedLink: true })
async getAssetThumbnail(
@Res() res: Response,
@Next() next: NextFunction,
Expand All @@ -125,6 +121,7 @@ export class AssetControllerV1 {
required: false,
schema: { type: 'string' },
})
@Authenticated()
getAllAssets(@Auth() auth: AuthDto, @Query() dto: AssetSearchDto): Promise<AssetResponseDto[]> {
return this.service.getAllAssets(auth, dto);
}
Expand All @@ -134,6 +131,7 @@ export class AssetControllerV1 {
*/
@Post('/exist')
@HttpCode(HttpStatus.OK)
@Authenticated()
checkExistingAssets(
@Auth() auth: AuthDto,
@Body() dto: CheckExistingAssetsDto,
Expand All @@ -146,6 +144,7 @@ export class AssetControllerV1 {
*/
@Post('/bulk-upload-check')
@HttpCode(HttpStatus.OK)
@Authenticated()
checkBulkUpload(
@Auth() auth: AuthDto,
@Body() dto: AssetBulkUploadCheckDto,
Expand Down
15 changes: 12 additions & 3 deletions server/src/controllers/asset.controller.ts
Original file line number Diff line number Diff line change
Expand Up @@ -14,28 +14,30 @@ import {
import { AuthDto } from 'src/dtos/auth.dto';
import { MapMarkerDto, MapMarkerResponseDto, MemoryLaneDto } from 'src/dtos/search.dto';
import { UpdateStackParentDto } from 'src/dtos/stack.dto';
import { Auth, Authenticated, SharedLinkRoute } from 'src/middleware/auth.guard';
import { Auth, Authenticated } from 'src/middleware/auth.guard';
import { Route } from 'src/middleware/file-upload.interceptor';
import { AssetService } from 'src/services/asset.service';
import { UUIDParamDto } from 'src/validation';

@ApiTags('Asset')
@Controller(Route.ASSET)
@Authenticated()
export class AssetController {
constructor(private service: AssetService) {}

@Get('map-marker')
@Authenticated()
getMapMarkers(@Auth() auth: AuthDto, @Query() options: MapMarkerDto): Promise<MapMarkerResponseDto[]> {
return this.service.getMapMarkers(auth, options);
}

@Get('memory-lane')
@Authenticated()
getMemoryLane(@Auth() auth: AuthDto, @Query() dto: MemoryLaneDto): Promise<MemoryLaneResponseDto[]> {
return this.service.getMemoryLane(auth, dto);
}

@Get('random')
@Authenticated()
getRandom(@Auth() auth: AuthDto, @Query() dto: RandomAssetsDto): Promise<AssetResponseDto[]> {
return this.service.getRandom(auth, dto.count ?? 1);
}
Expand All @@ -44,46 +46,53 @@ export class AssetController {
* Get all asset of a device that are in the database, ID only.
*/
@Get('/device/:deviceId')
@Authenticated()
getAllUserAssetsByDeviceId(@Auth() auth: AuthDto, @Param() { deviceId }: DeviceIdDto) {
return this.service.getUserAssetsByDeviceId(auth, deviceId);
}

@Get('statistics')
@Authenticated()
getAssetStatistics(@Auth() auth: AuthDto, @Query() dto: AssetStatsDto): Promise<AssetStatsResponseDto> {
return this.service.getStatistics(auth, dto);
}

@Post('jobs')
@HttpCode(HttpStatus.NO_CONTENT)
@Authenticated()
runAssetJobs(@Auth() auth: AuthDto, @Body() dto: AssetJobsDto): Promise<void> {
return this.service.run(auth, dto);
}

@Put()
@HttpCode(HttpStatus.NO_CONTENT)
@Authenticated()
updateAssets(@Auth() auth: AuthDto, @Body() dto: AssetBulkUpdateDto): Promise<void> {
return this.service.updateAll(auth, dto);
}

@Delete()
@HttpCode(HttpStatus.NO_CONTENT)
@Authenticated()
deleteAssets(@Auth() auth: AuthDto, @Body() dto: AssetBulkDeleteDto): Promise<void> {
return this.service.deleteAll(auth, dto);
}

@Put('stack/parent')
@HttpCode(HttpStatus.OK)
@Authenticated()
updateStackParent(@Auth() auth: AuthDto, @Body() dto: UpdateStackParentDto): Promise<void> {
return this.service.updateStackParent(auth, dto);
}

@SharedLinkRoute()
@Get(':id')
@Authenticated({ sharedLink: true })
getAssetInfo(@Auth() auth: AuthDto, @Param() { id }: UUIDParamDto): Promise<AssetResponseDto> {
return this.service.get(auth, id) as Promise<AssetResponseDto>;
}

@Put(':id')
@Authenticated()
updateAsset(
@Auth() auth: AuthDto,
@Param() { id }: UUIDParamDto,
Expand Down
2 changes: 1 addition & 1 deletion server/src/controllers/audit.controller.ts
Original file line number Diff line number Diff line change
Expand Up @@ -7,11 +7,11 @@ import { AuditService } from 'src/services/audit.service';

@ApiTags('Audit')
@Controller('audit')
@Authenticated()
export class AuditController {
constructor(private service: AuditService) {}

@Get('deletes')
@Authenticated()
getAuditDeletes(@Auth() auth: AuthDto, @Query() dto: AuditDeletesDto): Promise<AuditDeletesResponseDto> {
return this.service.getDeletes(auth, dto);
}
Expand Down
Loading
Loading