mirror of
https://github.com/immich-app/immich.git
synced 2025-01-26 17:21:29 +02:00
fix(server): non-admin cannot use map (#4934)
* fix(server): non-admin cannot user map * fix: admin route --------- Co-authored-by: Jason Rasmussen <jrasm91@gmail.com>
This commit is contained in:
parent
bffc2cdf60
commit
9c0805c37a
@ -20,16 +20,9 @@ export enum Metadata {
|
||||
PUBLIC_SECURITY = 'public_security',
|
||||
}
|
||||
|
||||
const adminDecorator = SetMetadata(Metadata.ADMIN_ROUTE, true);
|
||||
|
||||
const sharedLinkDecorators = [
|
||||
SetMetadata(Metadata.SHARED_ROUTE, true),
|
||||
ApiQuery({ name: 'key', type: String, required: false }),
|
||||
];
|
||||
|
||||
export interface AuthenticatedOptions {
|
||||
admin?: boolean;
|
||||
isShared?: boolean;
|
||||
admin?: true;
|
||||
isShared?: true;
|
||||
}
|
||||
|
||||
export const Authenticated = (options: AuthenticatedOptions = {}) => {
|
||||
@ -41,11 +34,11 @@ export const Authenticated = (options: AuthenticatedOptions = {}) => {
|
||||
];
|
||||
|
||||
if (options.admin) {
|
||||
decorators.push(adminDecorator);
|
||||
decorators.push(AdminRoute());
|
||||
}
|
||||
|
||||
if (options.isShared) {
|
||||
decorators.push(...sharedLinkDecorators);
|
||||
decorators.push(SharedLinkRoute());
|
||||
}
|
||||
|
||||
return applyDecorators(...decorators);
|
||||
@ -53,8 +46,9 @@ export const Authenticated = (options: AuthenticatedOptions = {}) => {
|
||||
|
||||
export const PublicRoute = () =>
|
||||
applyDecorators(SetMetadata(Metadata.AUTH_ROUTE, false), ApiSecurity(Metadata.PUBLIC_SECURITY));
|
||||
export const SharedLinkRoute = () => applyDecorators(...sharedLinkDecorators);
|
||||
export const AdminRoute = () => adminDecorator;
|
||||
export const SharedLinkRoute = () =>
|
||||
applyDecorators(SetMetadata(Metadata.SHARED_ROUTE, true), ApiQuery({ name: 'key', type: String, required: false }));
|
||||
export const AdminRoute = (value = true) => SetMetadata(Metadata.ADMIN_ROUTE, value);
|
||||
|
||||
export const AuthUser = createParamDecorator((data, ctx: ExecutionContext): AuthUserDto => {
|
||||
return ctx.switchToHttp().getRequest<{ user: AuthUserDto }>().user;
|
||||
|
@ -2,7 +2,7 @@ import { SystemConfigDto, SystemConfigService, SystemConfigTemplateStorageOption
|
||||
import { MapThemeDto } from '@app/domain/system-config/system-config-map-theme.dto';
|
||||
import { Body, Controller, Get, Put, Query } from '@nestjs/common';
|
||||
import { ApiTags } from '@nestjs/swagger';
|
||||
import { Authenticated } from '../app.guard';
|
||||
import { AdminRoute, Authenticated } from '../app.guard';
|
||||
import { UseValidation } from '../app.utils';
|
||||
|
||||
@ApiTags('System Config')
|
||||
@ -32,6 +32,7 @@ export class SystemConfigController {
|
||||
return this.service.getStorageTemplateOptions();
|
||||
}
|
||||
|
||||
@AdminRoute(false)
|
||||
@Get('map/style.json')
|
||||
getMapStyle(@Query() dto: MapThemeDto) {
|
||||
return this.service.getMapStyle(dto.theme);
|
||||
|
Loading…
x
Reference in New Issue
Block a user