* feat(server)!: add owned filter to albums API
BREAKING CHANGE: GET /albums with no parameters now returns all accessible albums (owned + shared-with-me) instead of only owned albums.
* document tri-state matrix
* web impl
* collapse to single method and handover branching to sql
* dedupe
* verify that owned, shared, and notShared counts are mapped independently from their respective queries
* refactor(server): add select:['id'] overload to albumRepository.getAll
Avoid fetching full album rows (with albumUsers/sharedLinks subqueries) in map.service where only album IDs are needed.
* focus relevant test filters
* fmt
* Revert "verify that owned, shared, and notShared counts are mapped independently from their respective queries"
This reverts commit 47aab458192c766de4662aada5a6841b091d2a80.
* sync sql
* Revert "document tri-state matrix"
This reverts commit a5b2355d0c.
* address review comments
* inline shared condition and return as ternary
* sync sql
* use [...albums].sort
Array.toSorted() is not supported in Chrome 109
* use isShared and isOwned nomenclature
* fix e2e tests
* add params to sql query
* feat(server): add OIDC logout URL override option
- Added toggle and field consistent with existing mobile redirect URI override.
- Existing auto-discovery remains default.
- Update tests and docs for new feature.
* fix(server): changes from review for OIDC logout URL override
- Rename 'logoutUri' to 'endSessionEndpoint'
- Remove toggle, just use override if provided
- Moved field in settings UI
* feat(server): add configurable OAuth prompt parameter
Add a `prompt` field to the OAuth system config, allowing admins to
configure the OIDC `prompt` parameter (e.g. `select_account`, `login`,
`consent`). Defaults to empty string (no prompt sent), preserving
backward compatibility.
This is useful for providers like Google where users want to be prompted
to select an account when multiple accounts are signed in.
Discussed in #20762
* chore: regenerate OpenAPI spec and clients for OAuth prompt field
* Adding e2e test cases
* feat: web setting
* feat: docs
---------
Co-authored-by: Jason Rasmussen <jason@rasm.me>
* fix!: do not allow insecure oauth requests by default
* fix: format
* fix: make open-api
* fix: tests
* nit: casing
* chore: migration to allow insecure if current oauth uses http
* Fix#26502: Fix timestamp handling for database backup in Web UI
Frontend parsed backup timestamps as UTC, but they were in the
server's local timezone, causing wrong relative times.
Add `timezone` field to DatabaseBackupDto to expose server timezone.
Update frontend to parse timestamps using this timezone.
Convert timestamps to user's local timezone before rendering.
Fallback to browser timezone if server timezone is missing.
Ensures correct relative time display in Web UI.
* fix: regenerate open-api types and remove custom backup type
- Ran `make open-api` to update types based on backend changes
- Removed custom BackupWithTimezone type in MaintenanceBackupsList
- Updated timezone props to use the newly generated native type
* fix: simplify timezone handling for database backups
- Updated DatabaseBackupDto to make timezone a required property
- Removed manual DateTime.local().zoneName fallbacks
- Cleaned up type casts after regenerating OpenAPI types
* fix: Add missing newline at end of spec file
mertalev
Timon
Jason Rasmussen
Ben Beckford
Brandon Wees
Alex
shenlong
Daniel Dietzler
renovate[bot]
LJspice
sparsh985
santanoce
Mees Frensel
bo0tzz
github-actions
Afonso Mendonça Ribeiro