From 9c0805c37ad5ea3ef18359144a464c04ca3e7981 Mon Sep 17 00:00:00 2001 From: Alex Date: Thu, 9 Nov 2023 13:52:10 -0600 Subject: [PATCH] fix(server): non-admin cannot use map (#4934) * fix(server): non-admin cannot user map * fix: admin route --------- Co-authored-by: Jason Rasmussen --- server/src/immich/app.guard.ts | 20 +++++++------------ .../controllers/system-config.controller.ts | 3 ++- 2 files changed, 9 insertions(+), 14 deletions(-) diff --git a/server/src/immich/app.guard.ts b/server/src/immich/app.guard.ts index bf4538ad05..0a9fe2dc15 100644 --- a/server/src/immich/app.guard.ts +++ b/server/src/immich/app.guard.ts @@ -20,16 +20,9 @@ export enum Metadata { PUBLIC_SECURITY = 'public_security', } -const adminDecorator = SetMetadata(Metadata.ADMIN_ROUTE, true); - -const sharedLinkDecorators = [ - SetMetadata(Metadata.SHARED_ROUTE, true), - ApiQuery({ name: 'key', type: String, required: false }), -]; - export interface AuthenticatedOptions { - admin?: boolean; - isShared?: boolean; + admin?: true; + isShared?: true; } export const Authenticated = (options: AuthenticatedOptions = {}) => { @@ -41,11 +34,11 @@ export const Authenticated = (options: AuthenticatedOptions = {}) => { ]; if (options.admin) { - decorators.push(adminDecorator); + decorators.push(AdminRoute()); } if (options.isShared) { - decorators.push(...sharedLinkDecorators); + decorators.push(SharedLinkRoute()); } return applyDecorators(...decorators); @@ -53,8 +46,9 @@ export const Authenticated = (options: AuthenticatedOptions = {}) => { export const PublicRoute = () => applyDecorators(SetMetadata(Metadata.AUTH_ROUTE, false), ApiSecurity(Metadata.PUBLIC_SECURITY)); -export const SharedLinkRoute = () => applyDecorators(...sharedLinkDecorators); -export const AdminRoute = () => adminDecorator; +export const SharedLinkRoute = () => + applyDecorators(SetMetadata(Metadata.SHARED_ROUTE, true), ApiQuery({ name: 'key', type: String, required: false })); +export const AdminRoute = (value = true) => SetMetadata(Metadata.ADMIN_ROUTE, value); export const AuthUser = createParamDecorator((data, ctx: ExecutionContext): AuthUserDto => { return ctx.switchToHttp().getRequest<{ user: AuthUserDto }>().user; diff --git a/server/src/immich/controllers/system-config.controller.ts b/server/src/immich/controllers/system-config.controller.ts index b0b863477b..da2402efe9 100644 --- a/server/src/immich/controllers/system-config.controller.ts +++ b/server/src/immich/controllers/system-config.controller.ts @@ -2,7 +2,7 @@ import { SystemConfigDto, SystemConfigService, SystemConfigTemplateStorageOption import { MapThemeDto } from '@app/domain/system-config/system-config-map-theme.dto'; import { Body, Controller, Get, Put, Query } from '@nestjs/common'; import { ApiTags } from '@nestjs/swagger'; -import { Authenticated } from '../app.guard'; +import { AdminRoute, Authenticated } from '../app.guard'; import { UseValidation } from '../app.utils'; @ApiTags('System Config') @@ -32,6 +32,7 @@ export class SystemConfigController { return this.service.getStorageTemplateOptions(); } + @AdminRoute(false) @Get('map/style.json') getMapStyle(@Query() dto: MapThemeDto) { return this.service.getMapStyle(dto.theme);