feat: sharing permissions

chore: update readmes to match main (#28458 )
chore: improve mobile slideshow (#28460 )
2026-05-18 21:42:18 -04:00 · 2026-05-18 16:11:20 +02:00 · 2026-05-17 13:08:27 -05:00 · 2026-05-17 10:54:21 -05:00 · 2026-05-16 02:15:24 +00:00 · 2026-05-15 18:12:28 -05:00
122 changed files with 3277 additions and 702 deletions
@@ -23,6 +23,8 @@ import java.io.IOException
 import java.nio.ByteBuffer
 import java.util.concurrent.ConcurrentHashMap

+private const val MAX_PREALLOC_BYTES = 128 * 1024 * 1024
+
 private class RemoteRequest(val cancellationSignal: CancellationSignal)

 class RemoteImagesImpl(context: Context) : RemoteImageApi {
@@ -228,7 +230,6 @@ private class CronetImageFetcher : ImageFetcher {
    private val onComplete: () -> Unit,
  ) : UrlRequest.Callback() {
    private var buffer: NativeByteBuffer? = null
-    private var wrapped: ByteBuffer? = null
    private var error: Exception? = null

    override fun onRedirectReceived(request: UrlRequest, info: UrlResponseInfo, newUrl: String) {
@@ -242,15 +243,16 @@ private class CronetImageFetcher : ImageFetcher {
      }

      try {
+        // Content-Length is a size hint only. With Content-Encoding (gzip/br/...),
+        // Cronet auto-decompresses and writes decompressed bytes to our buffer, which
+        // may exceed the wire/compressed Content-Length. Always use the growable
+        // buffer path so we can't overflow.
        val contentLength = info.allHeaders["content-length"]?.firstOrNull()?.toIntOrNull() ?: 0
-        if (contentLength > 0) {
-          buffer = NativeByteBuffer(contentLength + 1)
-          wrapped = NativeBuffer.wrap(buffer!!.pointer, contentLength + 1)
-          request.read(wrapped)
-        } else {
-          buffer = NativeByteBuffer(INITIAL_BUFFER_SIZE)
-          request.read(buffer!!.wrapRemaining())
-        }
+        // Cap the up-front alloc: Content-Length is untrusted and can be huge or near
+        // Int.MAX_VALUE (overflowing `+1`). For larger responses the grow path takes over.
+        val initialSize = if (contentLength in 1..MAX_PREALLOC_BYTES) contentLength + 1 else INITIAL_BUFFER_SIZE
+        buffer = NativeByteBuffer(initialSize)
+        request.read(buffer!!.wrapRemaining())
      } catch (e: Exception) {
        error = e
        return request.cancel()
@@ -263,14 +265,14 @@ private class CronetImageFetcher : ImageFetcher {
      byteBuffer: ByteBuffer
    ) {
      try {
-        val buf = if (wrapped == null) {
-          buffer!!.run {
-            advance(byteBuffer.position())
-            ensureHeadroom()
-            wrapRemaining()
-          }
-        } else {
-          wrapped
+        // Always pass a fresh wrap so byteBuffer.position() represents only the
+        // bytes Cronet wrote in this iteration. Reusing the caller-supplied
+        // ByteBuffer breaks advance(): Cronet's position keeps accumulating
+        // across reads, which would double-count previous iterations' bytes.
+        val buf = buffer!!.run {
+          advance(byteBuffer.position())
+          ensureHeadroom()
+          wrapRemaining()
        }
        request.read(buf)
      } catch (e: Exception) {
@@ -280,7 +282,6 @@ private class CronetImageFetcher : ImageFetcher {
    }

    override fun onSucceeded(request: UrlRequest, info: UrlResponseInfo) {
-      wrapped?.let { buffer!!.advance(it.position()) }
      onSuccess(buffer!!)
      onComplete()
    }
@@ -110,7 +110,7 @@ class NativeSyncApiImpl: ImmichPlugin, NativeSyncApi, FlutterPlugin {
        
        var domainAlbum = PlatformAlbum(
          id: album.localIdentifier,
-          name: album.localizedTitle!,
+          name: album.localizedTitle ?? album.localIdentifier,
          updatedAt: nil,
          isCloud: isCloud,
          assetCount: Int64(assets.count)
@@ -18,3 +18,7 @@ enum CleanupStep { selectDate, scan, delete }
 enum AssetKeepType { none, photosOnly, videosOnly }

 enum AssetDateAggregation { start, end }
+
+enum SlideshowLook { contain, cover, blurredBackground }
+
+enum SlideshowDirection { forward, backward, shuffle }
@@ -4,6 +4,7 @@ import 'package:immich_mobile/domain/models/config/map_config.dart';
 import 'package:immich_mobile/domain/models/config/theme_config.dart';
 import 'package:immich_mobile/domain/models/config/timeline_config.dart';
 import 'package:immich_mobile/domain/models/config/viewer_config.dart';
+import 'package:immich_mobile/domain/models/config/slideshow_config.dart';

 class AppConfig {
  final ThemeConfig theme;
@@ -12,6 +13,7 @@ class AppConfig {
  final TimelineConfig timeline;
  final ImageConfig image;
  final ViewerConfig viewer;
+  final SlideshowConfig slideshow;

  const AppConfig({
    this.theme = const .new(),
@@ -20,6 +22,7 @@ class AppConfig {
    this.timeline = const .new(),
    this.image = const .new(),
    this.viewer = const .new(),
+    this.slideshow = const .new(),
  });

  AppConfig copyWith({
@@ -29,6 +32,7 @@ class AppConfig {
    TimelineConfig? timeline,
    ImageConfig? image,
    ViewerConfig? viewer,
+    SlideshowConfig? slideshow,
  }) => .new(
    theme: theme ?? this.theme,
    cleanup: cleanup ?? this.cleanup,
@@ -36,6 +40,7 @@ class AppConfig {
    timeline: timeline ?? this.timeline,
    image: image ?? this.image,
    viewer: viewer ?? this.viewer,
+    slideshow: slideshow ?? this.slideshow,
  );

  @override
@@ -47,12 +52,13 @@ class AppConfig {
          other.map == map &&
          other.timeline == timeline &&
          other.image == image &&
-          other.viewer == viewer);
+          other.viewer == viewer &&
+          other.slideshow == slideshow);

  @override
-  int get hashCode => Object.hash(theme, cleanup, map, timeline, image, viewer);
+  int get hashCode => Object.hash(theme, cleanup, map, timeline, image, viewer, slideshow);

  @override
  String toString() =>
-      'AppConfig(theme: $theme, cleanup: $cleanup, map: $map, timeline: $timeline, image: $image, viewer: $viewer)';
+      'AppConfig(theme: $theme, cleanup: $cleanup, map: $map, timeline: $timeline, image: $image, viewer: $viewer, slideshow: $slideshow)';
 }
@@ -0,0 +1,48 @@
+import 'package:immich_mobile/constants/enums.dart';
+
+class SlideshowConfig {
+  final bool transition;
+  final bool repeat;
+  final int duration;
+  final SlideshowLook look;
+  final SlideshowDirection direction;
+
+  const SlideshowConfig({
+    this.transition = true,
+    this.repeat = true,
+    this.duration = 5,
+    this.look = SlideshowLook.contain,
+    this.direction = SlideshowDirection.forward,
+  });
+
+  SlideshowConfig copyWith({
+    bool? transition,
+    bool? repeat,
+    int? duration,
+    SlideshowLook? look,
+    SlideshowDirection? direction,
+  }) => SlideshowConfig(
+    transition: transition ?? this.transition,
+    repeat: repeat ?? this.repeat,
+    duration: duration ?? this.duration,
+    look: look ?? this.look,
+    direction: direction ?? this.direction,
+  );
+
+  @override
+  bool operator ==(Object other) =>
+      identical(this, other) ||
+      (other is SlideshowConfig &&
+          other.transition == transition &&
+          other.repeat == repeat &&
+          other.duration == duration &&
+          other.look == look &&
+          other.direction == direction);
+
+  @override
+  int get hashCode => Object.hash(transition, repeat, duration, look, direction);
+
+  @override
+  String toString() =>
+      'SlideshowConfig(transition: $transition, repeat: $repeat, duration: $duration, look: $look, direction: $direction)';
+}
@@ -64,7 +64,19 @@ enum MetadataKey<T extends Object> {
  ),
  cleanupKeepAlbumIds<List<String>>(.appConfig, 'cleanup.keepAlbumIds', [], _ListCodec(_PrimitiveCodec.string)),
  cleanupCutoffDaysAgo<int>(.appConfig, 'cleanup.cutoffDaysAgo', -1),
-  cleanupDefaultsInitialized<bool>(.appConfig, 'cleanup.defaultsInitialized', false);
+  cleanupDefaultsInitialized<bool>(.appConfig, 'cleanup.defaultsInitialized', false),
+
+  // Slideshow
+  slideshowTransition<bool>(.appConfig, 'slideshow.transition', true),
+  slideshowRepeat<bool>(.appConfig, 'slideshow.repeat', true),
+  slideshowDuration<int>(.appConfig, 'slideshow.duration', 5),
+  slideshowLook<SlideshowLook>(.appConfig, 'slideshow.look', SlideshowLook.contain, _EnumCodec(SlideshowLook.values)),
+  slideshowDirection<SlideshowDirection>(
+    .appConfig,
+    'slideshow.direction',
+    SlideshowDirection.forward,
+    _EnumCodec(SlideshowDirection.values),
+  );

  final MetadataDomain domain;
  final String name;
@@ -29,6 +29,9 @@ enum StoreKey<T> {
  readonlyModeEnabled<bool>._(138),
  albumGridView<bool>._(140),

+  // Image viewer navigation settings
+  tapToNavigate<bool>._(141),
+
  // Experimental stuff
  enableBackup<bool>._(1003),
  useWifiForUploadVideos<bool>._(1004),
@@ -139,6 +139,13 @@ extension<T extends Object> on MetadataDomain<T> {
            autoPlayVideo: repo._read(.viewerAutoPlayVideo),
            tapToNavigate: repo._read(.viewerTapToNavigate),
          ),
+          slideshow: .new(
+            transition: repo._read(.slideshowTransition),
+            repeat: repo._read(.slideshowRepeat),
+            duration: repo._read(.slideshowDuration),
+            look: repo._read(.slideshowLook),
+            direction: repo._read(.slideshowDirection),
+          ),
        );
      case .systemConfig:
        repo._systemConfig = .new(logLevel: repo._read(.logLevel));
@@ -197,16 +197,6 @@ class SyncStreamRepository extends DriftDatabaseRepository {
    try {
      await _db.batch((batch) {
        for (final asset in data) {
-          // Avoid SqliteException(2067) when server re-issues a new id for
-          // the same (ownerId, checksum). #22522 #27186
-          _enqueueRemoteAssetDedupe(
-            batch,
-            id: asset.id,
-            ownerId: asset.ownerId,
-            checksum: asset.checksum,
-            libraryId: asset.libraryId,
-          );
-
          final companion = RemoteAssetEntityCompanion(
            name: Value(asset.originalFileName),
            type: Value(asset.type.toAssetType()),
@@ -246,15 +236,6 @@ class SyncStreamRepository extends DriftDatabaseRepository {
    try {
      await _db.batch((batch) {
        for (final asset in data) {
-          // See updateAssetsV1 for why this dedupe is required. #22522 #27186
-          _enqueueRemoteAssetDedupe(
-            batch,
-            id: asset.id,
-            ownerId: asset.ownerId,
-            checksum: asset.checksum,
-            libraryId: asset.libraryId,
-          );
-
          final companion = RemoteAssetEntityCompanion(
            name: Value(asset.originalFileName),
            type: Value(asset.type.toAssetType()),
@@ -290,39 +271,6 @@ class SyncStreamRepository extends DriftDatabaseRepository {
    }
  }

-  /// Queues a DELETE that prunes any stale remote_asset row matching the
-  /// partial UNIQUE index for the incoming asset:
-  ///   - libraryId IS NULL  -> (owner_id, checksum)
-  ///   - libraryId NOT NULL -> (owner_id, library_id, checksum)
-  /// The current id is excluded so a same-id update does not delete itself.
-  void _enqueueRemoteAssetDedupe(
-    Batch batch, {
-    required String id,
-    required String ownerId,
-    required String checksum,
-    required String? libraryId,
-  }) {
-    if (libraryId == null) {
-      batch.deleteWhere(
-        _db.remoteAssetEntity,
-        (row) =>
-            row.ownerId.equals(ownerId) &
-            row.checksum.equals(checksum) &
-            row.libraryId.isNull() &
-            row.id.equals(id).not(),
-      );
-    } else {
-      batch.deleteWhere(
-        _db.remoteAssetEntity,
-        (row) =>
-            row.ownerId.equals(ownerId) &
-            row.checksum.equals(checksum) &
-            row.libraryId.equals(libraryId) &
-            row.id.equals(id).not(),
-      );
-    }
-  }
-
  Future<void> updateAssetsExifV1(Iterable<SyncAssetExifV1> data, {String debugLabel = 'user'}) async {
    try {
      await _db.batch((batch) {
@@ -0,0 +1,376 @@
+import 'dart:async';
+import 'dart:math';
+import 'dart:ui';
+
+import 'package:auto_route/auto_route.dart';
+import 'package:flutter/material.dart';
+import 'package:flutter/services.dart';
+import 'package:hooks_riverpod/hooks_riverpod.dart';
+import 'package:immich_mobile/constants/enums.dart';
+import 'package:immich_mobile/domain/models/config/slideshow_config.dart';
+import 'package:immich_mobile/domain/services/timeline.service.dart';
+import 'package:immich_mobile/extensions/build_context_extensions.dart';
+import 'package:immich_mobile/extensions/scroll_extensions.dart';
+import 'package:immich_mobile/extensions/translate_extensions.dart';
+import 'package:immich_mobile/pages/common/settings.page.dart';
+import 'package:immich_mobile/presentation/widgets/asset_viewer/video_viewer.widget.dart';
+import 'package:immich_mobile/presentation/widgets/images/image_provider.dart';
+import 'package:immich_mobile/providers/asset_viewer/asset_viewer.provider.dart';
+import 'package:immich_mobile/providers/asset_viewer/video_player_provider.dart';
+import 'package:immich_mobile/providers/infrastructure/metadata.provider.dart';
+import 'package:immich_mobile/routing/router.dart';
+import 'package:immich_mobile/widgets/common/immich_loading_indicator.dart';
+import 'package:immich_mobile/widgets/photo_view/photo_view.dart';
+import 'package:wakelock_plus/wakelock_plus.dart';
+
+@RoutePage()
+class DriftSlideshowPage extends ConsumerStatefulWidget {
+  final TimelineService timeline;
+
+  const DriftSlideshowPage({super.key, required this.timeline});
+
+  @override
+  ConsumerState<DriftSlideshowPage> createState() => _DriftSlideshowPageState();
+}
+
+class _DriftSlideshowPageState extends ConsumerState<DriftSlideshowPage> {
+  late SlideshowConfig _config;
+  late final PageController _pageController;
+  late final Stopwatch _stopwatch;
+  late Timer _timer;
+  late int _index;
+  late int _nextIndex;
+  bool _paused = false;
+  bool _showAppBar = false;
+
+  @override
+  initState() {
+    super.initState();
+    _config = ref.read(appConfigProvider.select((s) => s.slideshow));
+    final asset = ref.read(assetViewerProvider).currentAsset;
+    _index = asset == null ? 0 : widget.timeline.getIndex(asset.heroTag) ?? 0;
+    _pageController = PageController(initialPage: _index);
+    _stopwatch = Stopwatch();
+    _createTimer();
+    _updateNextIndex();
+    ref.listenManual(appConfigProvider.select((s) => s.slideshow), _onConfigChanged);
+
+    SystemChrome.setEnabledSystemUIMode(SystemUiMode.immersive);
+    unawaited(WakelockPlus.enable());
+  }
+
+  @override
+  dispose() {
+    _timer.cancel();
+    _stopwatch.stop();
+    _pageController.dispose();
+    unawaited(WakelockPlus.disable());
+    SystemChrome.setEnabledSystemUIMode(SystemUiMode.edgeToEdge);
+    super.dispose();
+  }
+
+  void _play() {
+    final asset = widget.timeline.getAssetSafe(_index)!;
+
+    if (asset.isImage) {
+      _createTimer();
+    } else if (ref.read(videoPlayerProvider(asset.heroTag)).status == VideoPlaybackStatus.paused) {
+      ref.read(videoPlayerProvider(asset.heroTag).notifier).play();
+    } else {
+      _nextPage();
+    }
+
+    _updateNextIndex();
+
+    setState(() {
+      _paused = false;
+    });
+  }
+
+  void _pause() {
+    _timer.cancel();
+    _stopwatch.stop();
+
+    final asset = widget.timeline.getAssetSafe(_index)!;
+
+    if (!asset.isImage) {
+      ref.read(videoPlayerProvider(asset.heroTag).notifier).pause();
+    }
+
+    setState(() {
+      _paused = true;
+    });
+  }
+
+  void _onConfigChanged(SlideshowConfig? previous, SlideshowConfig next) {
+    if (_config == next) {
+      return;
+    }
+
+    final durationChanged = _config.duration != next.duration;
+    _config = next;
+    _updateNextIndex();
+
+    final asset = widget.timeline.getAssetSafe(_index);
+    if (durationChanged && !_paused && asset?.isImage == true) {
+      _timer.cancel();
+      _createTimer();
+    }
+
+    setState(() {});
+  }
+
+  void _updateNextIndex() {
+    _nextIndex = switch (_config.direction) {
+      SlideshowDirection.forward => _index + 1,
+      SlideshowDirection.backward => _index - 1,
+      SlideshowDirection.shuffle => widget.timeline.getIndex(widget.timeline.getRandomAsset().heroTag)!,
+    };
+
+    if (!widget.timeline.hasRange(_nextIndex, 1)) {
+      widget.timeline.preloadAssets(_nextIndex);
+    }
+  }
+
+  void _nextPage() async {
+    if (_nextIndex < 0 || _nextIndex >= widget.timeline.totalAssets) {
+      if (_config.repeat) {
+        final wrapped = _config.direction == SlideshowDirection.forward ? 0 : widget.timeline.totalAssets - 1;
+        await widget.timeline.preloadAssets(wrapped);
+        _pageController.jumpToPage(wrapped);
+      } else {
+        setState(() {
+          _paused = true;
+        });
+      }
+      return;
+    }
+
+    if (!widget.timeline.hasRange(_nextIndex, 1)) {
+      await widget.timeline.preloadAssets(_nextIndex);
+    }
+
+    if (_config.direction == SlideshowDirection.shuffle || !_config.transition) {
+      _pageController.jumpToPage(_nextIndex);
+    } else {
+      unawaited(_pageController.animateToPage(_nextIndex, duration: Durations.long2, curve: Curves.easeIn));
+    }
+  }
+
+  void _createTimer() {
+    _timer = Timer(Duration(milliseconds: _config.duration * 1000 - _stopwatch.elapsedMilliseconds), () {
+      _stopwatch.stop();
+      _stopwatch.reset();
+      _nextPage();
+    });
+
+    _stopwatch.start();
+  }
+
+  void _pageChanged(int page) {
+    final asset = widget.timeline.getAssetSafe(page)!;
+
+    setState(() {
+      _index = page;
+
+      if (!asset.isImage) {
+        _paused = false;
+      }
+    });
+
+    _timer.cancel();
+    _stopwatch.stop();
+    _stopwatch.reset();
+
+    if (!_paused && asset.isImage) {
+      _createTimer();
+    }
+
+    _updateNextIndex();
+  }
+
+  void _onTapUp() async {
+    await SystemChrome.setEnabledSystemUIMode(_showAppBar ? SystemUiMode.immersive : SystemUiMode.edgeToEdge);
+
+    WidgetsBinding.instance.addPostFrameCallback((_) {
+      setState(() {
+        _showAppBar = !_showAppBar;
+      });
+    });
+  }
+
+  Widget _getProgressBar(BuildContext context) {
+    final asset = widget.timeline.getAssetSafe(_index);
+
+    if (asset == null) {
+      return Container();
+    }
+
+    if (asset.isImage) {
+      final elapsed = _stopwatch.elapsedMilliseconds;
+      final duration = _config.duration * 1000;
+
+      return TweenAnimationBuilder(
+        key: Key(_index.toString()),
+        tween: Tween<double>(begin: elapsed / duration.toDouble(), end: _paused ? elapsed / duration.toDouble() : 1.0),
+        duration: Duration(milliseconds: _paused ? 1 : max(duration - elapsed, 1)),
+        builder: (context, value, _) => LinearProgressIndicator(
+          color: context.colorScheme.primary,
+          borderRadius: const BorderRadius.all(Radius.zero),
+          minHeight: 5,
+          value: value,
+        ),
+      );
+    } else {
+      return LinearProgressIndicator(
+        color: context.colorScheme.primary,
+        borderRadius: const BorderRadius.all(Radius.zero),
+        minHeight: 5,
+        value:
+            ref.watch(videoPlayerProvider(asset.heroTag).select((s) => s.position)).inMilliseconds /
+            asset.duration.inMilliseconds,
+      );
+    }
+  }
+
+  Widget _getBlur(BuildContext context, int index) {
+    final asset = widget.timeline.getAssetSafe(index);
+
+    if (asset == null) {
+      return Container();
+    }
+
+    return ImageFiltered(
+      imageFilter: ImageFilter.blur(sigmaX: 30, sigmaY: 30),
+      child: Container(
+        decoration: BoxDecoration(
+          image: DecorationImage(
+            image: getFullImageProvider(asset, size: Size(context.width, context.height)),
+            fit: BoxFit.cover,
+          ),
+        ),
+        child: Container(color: Colors.black.withValues(alpha: 0.2)),
+      ),
+    );
+  }
+
+  Widget _getPhotoView(BuildContext context, int index) {
+    final asset = widget.timeline.getAssetSafe(index);
+
+    if (asset == null) {
+      return const Center(child: ImmichLoadingIndicator());
+    }
+
+    final scale = _config.look == SlideshowLook.cover
+        ? PhotoViewComputedScale.covered
+        : PhotoViewComputedScale.contained;
+    final isCurrent = _index == index;
+    final imageProvider = getFullImageProvider(asset, size: context.sizeData);
+
+    if (asset.isImage) {
+      final zoomOut = index % 2 == 1;
+      final elapsed = _stopwatch.elapsedMilliseconds;
+      final duration = _config.duration * 1000;
+      final progress = zoomOut ? 1.0 - elapsed / duration.toDouble() : elapsed / duration.toDouble();
+
+      return TweenAnimationBuilder(
+        tween: Tween<double>(
+          begin: progress,
+          end: _paused
+              ? progress
+              : zoomOut
+              ? 0.0
+              : 1.0,
+        ),
+        duration: Duration(milliseconds: _paused ? 1 : max(duration - elapsed, 1)),
+        builder: (context, value, _) => PhotoView(
+          imageProvider: imageProvider,
+          index: index,
+          disableScaleGestures: true,
+          gaplessPlayback: true,
+          filterQuality: FilterQuality.high,
+          initialScale: scale * (1.0 + value / 10.0),
+          controller: PhotoViewController(),
+          onTapUp: (_, _, _) => _onTapUp(),
+        ),
+      );
+    } else {
+      final status = ref.watch(videoPlayerProvider(asset.heroTag).select((s) => s.status));
+      final position = ref.read(videoPlayerProvider(asset.heroTag)).position;
+
+      if (status == VideoPlaybackStatus.completed && isCurrent && position.inMicroseconds > 0) {
+        _nextPage();
+      } else if (status == VideoPlaybackStatus.playing) {
+        ref.read(videoPlayerProvider(asset.heroTag).notifier).setLoop(false);
+      }
+
+      return PhotoView.customChild(
+        onTapUp: (_, _, _) => _onTapUp(),
+        disableScaleGestures: true,
+        filterQuality: FilterQuality.high,
+        initialScale: scale,
+        child: NativeVideoViewer(
+          asset: asset,
+          isCurrent: isCurrent,
+          image: Image(image: imageProvider, fit: BoxFit.contain, alignment: Alignment.center),
+        ),
+      );
+    }
+  }
+
+  @override
+  Widget build(BuildContext context) {
+    return Scaffold(
+      appBar: PreferredSize(
+        preferredSize: Size(AppBar().preferredSize.width, AppBar().preferredSize.height + 5),
+        child: IgnorePointer(
+          ignoring: !_showAppBar,
+          child: AnimatedOpacity(
+            opacity: _showAppBar ? 1.0 : 0.0,
+            duration: Durations.short2,
+            child: Column(
+              children: [
+                AppBar(
+                  backgroundColor: context.scaffoldBackgroundColor,
+                  title: Text("slideshow".t(context: context)),
+                  actions: [
+                    IconButton(
+                      onPressed: _paused ? _play : _pause,
+                      icon: Icon(_paused ? Icons.play_arrow : Icons.pause),
+                    ),
+                    IconButton(
+                      onPressed: () {
+                        _pause();
+                        context.pushRoute(SettingsSubRoute(section: SettingSection.assetViewer));
+                      },
+                      icon: const Icon(Icons.settings),
+                    ),
+                  ],
+                ),
+                _getProgressBar(context),
+              ],
+            ),
+          ),
+        ),
+      ),
+      extendBody: true,
+      extendBodyBehindAppBar: true,
+      backgroundColor: Colors.black,
+      body: PhotoViewGestureDetectorScope(
+        axis: Axis.horizontal,
+        child: PageView.builder(
+          controller: _pageController,
+          physics: const FastClampingScrollPhysics(),
+          itemCount: widget.timeline.totalAssets,
+          onPageChanged: _pageChanged,
+          itemBuilder: (context, index) => Stack(
+            children: [
+              if (_config.look == SlideshowLook.blurredBackground) _getBlur(context, index),
+              _getPhotoView(context, index),
+            ],
+          ),
+        ),
+      ),
+    );
+  }
+}
@@ -50,10 +50,13 @@ class BaseActionButton extends ConsumerWidget {
      final iconColor = this.iconColor;

      return MenuItemButton(
-        style: MenuItemButton.styleFrom(alignment: Alignment.centerLeft, padding: const EdgeInsets.all(16)),
-        leadingIcon: Icon(iconData, color: iconColor),
+        style: MenuItemButton.styleFrom(
+          alignment: Alignment.centerLeft,
+          padding: const EdgeInsets.symmetric(horizontal: 16, vertical: 14),
+        ),
+        leadingIcon: Icon(iconData, color: iconColor, size: 20),
        onPressed: onPressed,
-        child: Text(label, style: TextStyle(fontSize: 16, color: iconColor)),
+        child: Text(label, style: TextStyle(fontSize: 15, color: iconColor)),
      );
    }

@@ -0,0 +1,34 @@
+import 'package:auto_route/auto_route.dart';
+import 'package:flutter/material.dart';
+import 'package:hooks_riverpod/hooks_riverpod.dart';
+import 'package:immich_mobile/extensions/translate_extensions.dart';
+import 'package:immich_mobile/presentation/widgets/action_buttons/base_action_button.widget.dart';
+import 'package:immich_mobile/providers/infrastructure/timeline.provider.dart';
+import 'package:immich_mobile/routing/router.dart';
+
+class SlideshowActionButton extends ConsumerWidget {
+  final bool iconOnly;
+  final bool menuItem;
+
+  const SlideshowActionButton({super.key, this.iconOnly = false, this.menuItem = false});
+
+  void _onTap(BuildContext context, WidgetRef ref) {
+    if (!context.mounted) {
+      return;
+    }
+
+    context.pushRoute(DriftSlideshowRoute(timeline: ref.read(timelineServiceProvider)));
+  }
+
+  @override
+  Widget build(BuildContext context, WidgetRef ref) {
+    return BaseActionButton(
+      iconData: Icons.slideshow,
+      label: "slideshow".t(context: context),
+      iconOnly: iconOnly,
+      menuItem: menuItem,
+      onPressed: () => _onTap(context, ref),
+      maxWidth: 100,
+    );
+  }
+}
@@ -120,6 +120,9 @@ class _ThumbnailTileState extends ConsumerState<ThumbnailTile> {
                    },
                    flightShuttleBuilder: (context, animation, direction, from, to) {
                      void animationStatusListener(AnimationStatus status) {
+                        if (!mounted) {
+                          return;
+                        }
                        final heroInFlight = status == AnimationStatus.forward || status == AnimationStatus.reverse;
                        if (_hideIndicators != heroInFlight) {
                          setState(() => _hideIndicators = heroInFlight);
@@ -60,6 +60,7 @@ import 'package:immich_mobile/presentation/pages/drift_place_detail.page.dart';
 import 'package:immich_mobile/presentation/pages/drift_recently_taken.page.dart';
 import 'package:immich_mobile/presentation/pages/drift_recently_added.page.dart';
 import 'package:immich_mobile/presentation/pages/drift_remote_album.page.dart';
+import 'package:immich_mobile/presentation/pages/drift_slideshow.page.dart';
 import 'package:immich_mobile/presentation/pages/drift_trash.page.dart';
 import 'package:immich_mobile/presentation/pages/drift_user_selection.page.dart';
 import 'package:immich_mobile/presentation/pages/drift_video.page.dart';
@@ -189,6 +190,7 @@ class AppRouter extends RootStackRouter {
    AutoRoute(page: AssetTroubleshootRoute.page, guards: [_authGuard, _duplicateGuard]),
    AutoRoute(page: DownloadInfoRoute.page, guards: [_authGuard, _duplicateGuard]),
    AutoRoute(page: CleanupPreviewRoute.page, guards: [_authGuard, _duplicateGuard]),
+    AutoRoute(page: DriftSlideshowRoute.page, guards: [_authGuard, _duplicateGuard]),
    // required to handle all deeplinks in deep_link.service.dart
    // auto_route_library#1722
    RedirectRoute(path: '*', redirectTo: '/'),
@@ -1095,6 +1095,53 @@ class DriftSearchRoute extends PageRouteInfo<void> {
  );
 }

+/// generated route for
+/// [DriftSlideshowPage]
+class DriftSlideshowRoute extends PageRouteInfo<DriftSlideshowRouteArgs> {
+  DriftSlideshowRoute({
+    Key? key,
+    required TimelineService timeline,
+    List<PageRouteInfo>? children,
+  }) : super(
+         DriftSlideshowRoute.name,
+         args: DriftSlideshowRouteArgs(key: key, timeline: timeline),
+         initialChildren: children,
+       );
+
+  static const String name = 'DriftSlideshowRoute';
+
+  static PageInfo page = PageInfo(
+    name,
+    builder: (data) {
+      final args = data.argsAs<DriftSlideshowRouteArgs>();
+      return DriftSlideshowPage(key: args.key, timeline: args.timeline);
+    },
+  );
+}
+
+class DriftSlideshowRouteArgs {
+  const DriftSlideshowRouteArgs({this.key, required this.timeline});
+
+  final Key? key;
+
+  final TimelineService timeline;
+
+  @override
+  String toString() {
+    return 'DriftSlideshowRouteArgs{key: $key, timeline: $timeline}';
+  }
+
+  @override
+  bool operator ==(Object other) {
+    if (identical(this, other)) return true;
+    if (other is! DriftSlideshowRouteArgs) return false;
+    return key == other.key && timeline == other.timeline;
+  }
+
+  @override
+  int get hashCode => key.hashCode ^ timeline.hashCode;
+}
+
 /// generated route for
 /// [DriftTrashPage]
 class DriftTrashRoute extends PageRouteInfo<void> {
@@ -27,6 +27,7 @@ import 'package:immich_mobile/presentation/widgets/action_buttons/set_profile_pi
 import 'package:immich_mobile/presentation/widgets/action_buttons/share_action_button.widget.dart';
 import 'package:immich_mobile/presentation/widgets/action_buttons/share_link_action_button.widget.dart';
 import 'package:immich_mobile/presentation/widgets/action_buttons/similar_photos_action_button.widget.dart';
+import 'package:immich_mobile/presentation/widgets/action_buttons/slideshow_action_button.widget.dart';
 import 'package:immich_mobile/presentation/widgets/action_buttons/trash_action_button.widget.dart';
 import 'package:immich_mobile/presentation/widgets/action_buttons/unarchive_action_button.widget.dart';
 import 'package:immich_mobile/presentation/widgets/action_buttons/unstack_action_button.widget.dart';
@@ -73,6 +74,7 @@ enum ActionButtonType {
  similarPhotos,
  setProfilePicture,
  viewInTimeline,
+  slideshow,
  download,
  upload,
  openInBrowser,
@@ -179,6 +181,7 @@ enum ActionButtonType {
            context.timelineOrigin != TimelineOrigin.localAlbum &&
            context.isOwner,
      ActionButtonType.cast => context.isCasting || context.asset.hasRemote,
+      ActionButtonType.slideshow => true,
    };
  }

@@ -200,6 +203,7 @@ enum ActionButtonType {
        iconOnly: iconOnly,
        menuItem: menuItem,
      ),
+      ActionButtonType.slideshow => SlideshowActionButton(iconOnly: iconOnly, menuItem: menuItem),
      ActionButtonType.archive => ArchiveActionButton(source: context.source, iconOnly: iconOnly, menuItem: menuItem),
      ActionButtonType.unarchive => UnArchiveActionButton(
        source: context.source,
@@ -18,6 +18,7 @@ import 'package:immich_mobile/providers/infrastructure/current_album.provider.da
 import 'package:immich_mobile/providers/infrastructure/remote_album.provider.dart';
 import 'package:immich_mobile/providers/infrastructure/timeline.provider.dart';
 import 'package:immich_mobile/providers/timeline/multiselect.provider.dart';
+import 'package:immich_mobile/routing/router.dart';
 import 'package:immich_mobile/widgets/album/remote_album_shared_user_icons.dart';

 class RemoteAlbumSliverAppBar extends ConsumerStatefulWidget {
@@ -89,6 +90,10 @@ class _MesmerizingSliverAppBarState extends ConsumerState<RemoteAlbumSliverAppBa
              onPressed: () => context.maybePop(),
            ),
      actions: [
+        IconButton(
+          onPressed: () => context.pushRoute(DriftSlideshowRoute(timeline: ref.read(timelineServiceProvider))),
+          icon: Icon(Icons.slideshow_outlined, color: actionIconColor, shadows: actionIconShadows),
+        ),
        if (currentAlbum.isActivityEnabled && currentAlbum.isShared)
          IconButton(
            icon: Icon(Icons.chat_outlined, color: actionIconColor, shadows: actionIconShadows),
@@ -2,6 +2,7 @@ import 'package:flutter/material.dart';
 import 'package:immich_mobile/widgets/settings/asset_viewer_settings/image_viewer_quality_setting.dart';
 import 'package:immich_mobile/widgets/settings/asset_viewer_settings/image_viewer_tap_to_navigate_setting.dart';
 import 'package:immich_mobile/widgets/settings/asset_viewer_settings/video_viewer_settings.dart';
+import 'package:immich_mobile/widgets/settings/asset_viewer_settings/slideshow_settings.dart';
 import 'package:immich_mobile/widgets/settings/settings_sub_page_scaffold.dart';

 class AssetViewerSettings extends StatelessWidget {
@@ -13,6 +14,7 @@ class AssetViewerSettings extends StatelessWidget {
      const ImageViewerQualitySetting(),
      const ImageViewerTapToNavigateSetting(),
      const VideoViewerSettings(),
+      const SlideshowSettings(),
    ];

    return SettingsSubPageScaffold(settings: assetViewerSetting, showDivider: true);
@@ -0,0 +1,123 @@
+import 'package:flutter/material.dart';
+import 'package:flutter_hooks/flutter_hooks.dart';
+import 'package:hooks_riverpod/hooks_riverpod.dart';
+import 'package:immich_mobile/constants/enums.dart';
+import 'package:immich_mobile/extensions/translate_extensions.dart';
+import 'package:immich_mobile/providers/infrastructure/metadata.provider.dart';
+import 'package:immich_mobile/widgets/settings/setting_group_title.dart';
+import 'package:immich_mobile/widgets/settings/settings_radio_list_tile.dart';
+import 'package:immich_mobile/widgets/settings/settings_slider_list_tile.dart';
+import 'package:immich_mobile/widgets/settings/settings_sub_title.dart';
+import 'package:immich_mobile/widgets/settings/settings_switch_list_tile.dart';
+
+class SlideshowSettings extends HookConsumerWidget {
+  const SlideshowSettings({super.key});
+
+  @override
+  Widget build(BuildContext context, WidgetRef ref) {
+    final slideshow = ref.read(appConfigProvider).slideshow;
+    final useTransition = useState(slideshow.transition);
+    final useRepeat = useState(slideshow.repeat);
+    final useDuration = useState(slideshow.duration);
+    final useLook = useState(slideshow.look);
+    final useDirection = useState(slideshow.direction);
+
+    useValueChanged<bool, void>(useTransition.value, (_, __) {
+      ref.read(metadataProvider).write(.slideshowTransition, useTransition.value);
+    });
+    useValueChanged<bool, void>(useRepeat.value, (_, __) {
+      ref.read(metadataProvider).write(.slideshowRepeat, useRepeat.value);
+    });
+    useValueChanged<int, void>(useDuration.value, (_, __) {
+      ref.read(metadataProvider).write(.slideshowDuration, useDuration.value);
+    });
+    useValueChanged<SlideshowLook, void>(useLook.value, (_, __) {
+      ref.read(metadataProvider).write(.slideshowLook, useLook.value);
+    });
+    useValueChanged<SlideshowDirection, void>(useDirection.value, (_, __) {
+      ref.read(metadataProvider).write(.slideshowDirection, useDirection.value);
+    });
+
+    return Column(
+      crossAxisAlignment: CrossAxisAlignment.start,
+      children: [
+        SettingGroupTitle(
+          title: 'slideshow'.t(context: context),
+          icon: Icons.slideshow_outlined,
+        ),
+        SettingsSwitchListTile(
+          valueNotifier: useTransition,
+          title: "show_slideshow_transition".t(context: context),
+          enabled: useDirection.value != SlideshowDirection.shuffle,
+        ),
+        SettingsSwitchListTile(
+          valueNotifier: useRepeat,
+          title: "slideshow_repeat".t(context: context),
+          subtitle: "slideshow_repeat_description".t(context: context),
+        ),
+        SettingsSliderListTile(
+          valueNotifier: useDuration,
+          text: "duration".t(context: context),
+          minValue: 5,
+          noDivisons: 5,
+          maxValue: 30,
+        ),
+        Padding(
+          padding: const EdgeInsets.only(top: 20),
+          child: SettingsSubTitle(title: 'look'.t(context: context)),
+        ),
+        SettingsRadioListTile(
+          groups: [
+            SettingsRadioGroup(
+              title: 'contain'.t(context: context),
+              value: SlideshowLook.contain,
+            ),
+            SettingsRadioGroup(
+              title: 'cover'.t(context: context),
+              value: SlideshowLook.cover,
+            ),
+            SettingsRadioGroup(
+              title: 'blurred_background'.t(context: context),
+              value: SlideshowLook.blurredBackground,
+            ),
+          ],
+          groupBy: useLook.value,
+          onRadioChanged: (value) {
+            if (value != null) {
+              useLook.value = value;
+            }
+          },
+        ),
+        Padding(
+          padding: const EdgeInsets.only(top: 20),
+          child: SettingsSubTitle(title: 'direction'.t(context: context)),
+        ),
+        Padding(
+          padding: const EdgeInsets.only(bottom: 32),
+          child: SettingsRadioListTile(
+            groups: [
+              SettingsRadioGroup(
+                title: 'forward'.t(context: context),
+                value: SlideshowDirection.forward,
+              ),
+              SettingsRadioGroup(
+                title: 'backward'.t(context: context),
+                value: SlideshowDirection.backward,
+              ),
+              SettingsRadioGroup(
+                title: 'shuffle'.t(context: context),
+                value: SlideshowDirection.shuffle,
+              ),
+            ],
+            groupBy: useDirection.value,
+            onRadioChanged: (value) {
+              if (value != null) {
+                useDirection.value = value;
+              }
+            },
+          ),
+        ),
+      ],
+    );
+  }
+}
@@ -92,10 +92,12 @@ Class | Method | HTTP request | Description
 *AlbumsApi* | [**getAlbumMapMarkers**](doc//AlbumsApi.md#getalbummapmarkers) | **GET** /albums/{id}/map-markers | Retrieve album map markers
 *AlbumsApi* | [**getAlbumStatistics**](doc//AlbumsApi.md#getalbumstatistics) | **GET** /albums/statistics | Retrieve album statistics
 *AlbumsApi* | [**getAllAlbums**](doc//AlbumsApi.md#getallalbums) | **GET** /albums | List all albums
+*AlbumsApi* | [**getOwnAlbumUser**](doc//AlbumsApi.md#getownalbumuser) | **GET** /albums/{id}/user/self | Get own sharing permissions
 *AlbumsApi* | [**removeAssetFromAlbum**](doc//AlbumsApi.md#removeassetfromalbum) | **DELETE** /albums/{id}/assets | Remove assets from an album
 *AlbumsApi* | [**removeUserFromAlbum**](doc//AlbumsApi.md#removeuserfromalbum) | **DELETE** /albums/{id}/user/{userId} | Remove user from album
 *AlbumsApi* | [**updateAlbumInfo**](doc//AlbumsApi.md#updatealbuminfo) | **PATCH** /albums/{id} | Update an album
 *AlbumsApi* | [**updateAlbumUser**](doc//AlbumsApi.md#updatealbumuser) | **PUT** /albums/{id}/user/{userId} | Update user role
+*AlbumsApi* | [**updateOwnAlbumUser**](doc//AlbumsApi.md#updateownalbumuser) | **PUT** /albums/{id}/user/self | Update own sharing permissions
 *AssetsApi* | [**checkBulkUpload**](doc//AssetsApi.md#checkbulkupload) | **POST** /assets/bulk-upload-check | Check bulk upload
 *AssetsApi* | [**copyAsset**](doc//AssetsApi.md#copyasset) | **PUT** /assets/copy | Copy asset
 *AssetsApi* | [**deleteAssetMetadata**](doc//AssetsApi.md#deleteassetmetadata) | **DELETE** /assets/{id}/metadata/{key} | Delete asset metadata by key
@@ -450,7 +452,7 @@ Class | Method | HTTP request | Description
 - [MemoryStatisticsResponseDto](doc//MemoryStatisticsResponseDto.md)
 - [MemoryType](doc//MemoryType.md)
 - [MemoryUpdateDto](doc//MemoryUpdateDto.md)
- - [MergePersonDto](doc//MergePersonDto.md)
+ - [MergeFaceClusterDto](doc//MergeFaceClusterDto.md)
 - [MetadataSearchDto](doc//MetadataSearchDto.md)
 - [MirrorAxis](doc//MirrorAxis.md)
 - [MirrorParameters](doc//MirrorParameters.md)
@@ -550,6 +552,8 @@ Class | Method | HTTP request | Description
 - [SharedLinkType](doc//SharedLinkType.md)
 - [SharedLinksResponse](doc//SharedLinksResponse.md)
 - [SharedLinksUpdate](doc//SharedLinksUpdate.md)
+ - [SharingOptionsResponseDto](doc//SharingOptionsResponseDto.md)
+ - [SharingPermission](doc//SharingPermission.md)
 - [SignUpDto](doc//SignUpDto.md)
 - [SmartSearchDto](doc//SmartSearchDto.md)
 - [SourceType](doc//SourceType.md)
@@ -649,6 +653,7 @@ Class | Method | HTTP request | Description
 - [UpdateAlbumUserDto](doc//UpdateAlbumUserDto.md)
 - [UpdateAssetDto](doc//UpdateAssetDto.md)
 - [UpdateLibraryDto](doc//UpdateLibraryDto.md)
+ - [UpdateSharingOptionsDto](doc//UpdateSharingOptionsDto.md)
 - [UsageByUserDto](doc//UsageByUserDto.md)
 - [UserAdminCreateDto](doc//UserAdminCreateDto.md)
 - [UserAdminDeleteDto](doc//UserAdminDeleteDto.md)
@@ -198,7 +198,7 @@ part 'model/memory_search_order.dart';
 part 'model/memory_statistics_response_dto.dart';
 part 'model/memory_type.dart';
 part 'model/memory_update_dto.dart';
-part 'model/merge_person_dto.dart';
+part 'model/merge_face_cluster_dto.dart';
 part 'model/metadata_search_dto.dart';
 part 'model/mirror_axis.dart';
 part 'model/mirror_parameters.dart';
@@ -298,6 +298,8 @@ part 'model/shared_link_response_dto.dart';
 part 'model/shared_link_type.dart';
 part 'model/shared_links_response.dart';
 part 'model/shared_links_update.dart';
+part 'model/sharing_options_response_dto.dart';
+part 'model/sharing_permission.dart';
 part 'model/sign_up_dto.dart';
 part 'model/smart_search_dto.dart';
 part 'model/source_type.dart';
@@ -397,6 +399,7 @@ part 'model/update_album_dto.dart';
 part 'model/update_album_user_dto.dart';
 part 'model/update_asset_dto.dart';
 part 'model/update_library_dto.dart';
+part 'model/update_sharing_options_dto.dart';
 part 'model/usage_by_user_dto.dart';
 part 'model/user_admin_create_dto.dart';
 part 'model/user_admin_delete_dto.dart';
@@ -580,6 +580,63 @@ class AlbumsApi {
    return null;
  }

+  /// Get own sharing permissions
+  ///
+  /// Get the own sharing permissions in a specific album.
+  ///
+  /// Note: This method returns the HTTP [Response].
+  ///
+  /// Parameters:
+  ///
+  /// * [String] id (required):
+  Future<Response> getOwnAlbumUserWithHttpInfo(String id,) async {
+    // ignore: prefer_const_declarations
+    final apiPath = r'/albums/{id}/user/self'
+      .replaceAll('{id}', id);
+
+    // ignore: prefer_final_locals
+    Object? postBody;
+
+    final queryParams = <QueryParam>[];
+    final headerParams = <String, String>{};
+    final formParams = <String, String>{};
+
+    const contentTypes = <String>[];
+
+
+    return apiClient.invokeAPI(
+      apiPath,
+      'GET',
+      queryParams,
+      postBody,
+      headerParams,
+      formParams,
+      contentTypes.isEmpty ? null : contentTypes.first,
+    );
+  }
+
+  /// Get own sharing permissions
+  ///
+  /// Get the own sharing permissions in a specific album.
+  ///
+  /// Parameters:
+  ///
+  /// * [String] id (required):
+  Future<SharingOptionsResponseDto?> getOwnAlbumUser(String id,) async {
+    final response = await getOwnAlbumUserWithHttpInfo(id,);
+    if (response.statusCode >= HttpStatus.badRequest) {
+      throw ApiException(response.statusCode, await _decodeBodyBytes(response));
+    }
+    // When a remote server returns no body with a status of 204, we shall not decode it.
+    // At the time of writing this, `dart:convert` will throw an "Unexpected end of input"
+    // FormatException when trying to decode an empty string.
+    if (response.body.isNotEmpty && response.statusCode != HttpStatus.noContent) {
+      return await apiClient.deserializeAsync(await _decodeBodyBytes(response), 'SharingOptionsResponseDto',) as SharingOptionsResponseDto;
+    
+    }
+    return null;
+  }
+
  /// Remove assets from an album
  ///
  /// Remove multiple assets from a specific album by its ID.
@@ -816,4 +873,57 @@ class AlbumsApi {
      throw ApiException(response.statusCode, await _decodeBodyBytes(response));
    }
  }
+
+  /// Update own sharing permissions
+  ///
+  /// Change the own sharing permissions in a specific album.
+  ///
+  /// Note: This method returns the HTTP [Response].
+  ///
+  /// Parameters:
+  ///
+  /// * [String] id (required):
+  ///
+  /// * [UpdateSharingOptionsDto] updateSharingOptionsDto (required):
+  Future<Response> updateOwnAlbumUserWithHttpInfo(String id, UpdateSharingOptionsDto updateSharingOptionsDto,) async {
+    // ignore: prefer_const_declarations
+    final apiPath = r'/albums/{id}/user/self'
+      .replaceAll('{id}', id);
+
+    // ignore: prefer_final_locals
+    Object? postBody = updateSharingOptionsDto;
+
+    final queryParams = <QueryParam>[];
+    final headerParams = <String, String>{};
+    final formParams = <String, String>{};
+
+    const contentTypes = <String>['application/json'];
+
+
+    return apiClient.invokeAPI(
+      apiPath,
+      'PUT',
+      queryParams,
+      postBody,
+      headerParams,
+      formParams,
+      contentTypes.isEmpty ? null : contentTypes.first,
+    );
+  }
+
+  /// Update own sharing permissions
+  ///
+  /// Change the own sharing permissions in a specific album.
+  ///
+  /// Parameters:
+  ///
+  /// * [String] id (required):
+  ///
+  /// * [UpdateSharingOptionsDto] updateSharingOptionsDto (required):
+  Future<void> updateOwnAlbumUser(String id, UpdateSharingOptionsDto updateSharingOptionsDto,) async {
+    final response = await updateOwnAlbumUserWithHttpInfo(id, updateSharingOptionsDto,);
+    if (response.statusCode >= HttpStatus.badRequest) {
+      throw ApiException(response.statusCode, await _decodeBodyBytes(response));
+    }
+  }
 }
@@ -448,14 +448,14 @@ class PeopleApi {
  ///
  /// * [String] id (required):
  ///
-  /// * [MergePersonDto] mergePersonDto (required):
-  Future<Response> mergePersonWithHttpInfo(String id, MergePersonDto mergePersonDto,) async {
+  /// * [MergeFaceClusterDto] mergeFaceClusterDto (required):
+  Future<Response> mergePersonWithHttpInfo(String id, MergeFaceClusterDto mergeFaceClusterDto,) async {
    // ignore: prefer_const_declarations
    final apiPath = r'/people/{id}/merge'
      .replaceAll('{id}', id);

    // ignore: prefer_final_locals
-    Object? postBody = mergePersonDto;
+    Object? postBody = mergeFaceClusterDto;

    final queryParams = <QueryParam>[];
    final headerParams = <String, String>{};
@@ -483,9 +483,9 @@ class PeopleApi {
  ///
  /// * [String] id (required):
  ///
-  /// * [MergePersonDto] mergePersonDto (required):
-  Future<List<BulkIdResponseDto>?> mergePerson(String id, MergePersonDto mergePersonDto,) async {
-    final response = await mergePersonWithHttpInfo(id, mergePersonDto,);
+  /// * [MergeFaceClusterDto] mergeFaceClusterDto (required):
+  Future<List<BulkIdResponseDto>?> mergePerson(String id, MergeFaceClusterDto mergeFaceClusterDto,) async {
+    final response = await mergePersonWithHttpInfo(id, mergeFaceClusterDto,);
    if (response.statusCode >= HttpStatus.badRequest) {
      throw ApiException(response.statusCode, await _decodeBodyBytes(response));
    }
@@ -442,8 +442,8 @@ class ApiClient {
          return MemoryTypeTypeTransformer().decode(value);
        case 'MemoryUpdateDto':
          return MemoryUpdateDto.fromJson(value);
-        case 'MergePersonDto':
-          return MergePersonDto.fromJson(value);
+        case 'MergeFaceClusterDto':
+          return MergeFaceClusterDto.fromJson(value);
        case 'MetadataSearchDto':
          return MetadataSearchDto.fromJson(value);
        case 'MirrorAxis':
@@ -642,6 +642,10 @@ class ApiClient {
          return SharedLinksResponse.fromJson(value);
        case 'SharedLinksUpdate':
          return SharedLinksUpdate.fromJson(value);
+        case 'SharingOptionsResponseDto':
+          return SharingOptionsResponseDto.fromJson(value);
+        case 'SharingPermission':
+          return SharingPermissionTypeTransformer().decode(value);
        case 'SignUpDto':
          return SignUpDto.fromJson(value);
        case 'SmartSearchDto':
@@ -840,6 +844,8 @@ class ApiClient {
          return UpdateAssetDto.fromJson(value);
        case 'UpdateLibraryDto':
          return UpdateLibraryDto.fromJson(value);
+        case 'UpdateSharingOptionsDto':
+          return UpdateSharingOptionsDto.fromJson(value);
        case 'UsageByUserDto':
          return UsageByUserDto.fromJson(value);
        case 'UserAdminCreateDto':
@@ -172,6 +172,9 @@ String parameterToString(dynamic value) {
  if (value is SharedLinkType) {
    return SharedLinkTypeTypeTransformer().encode(value).toString();
  }
+  if (value is SharingPermission) {
+    return SharingPermissionTypeTransformer().encode(value).toString();
+  }
  if (value is SourceType) {
    return SourceTypeTypeTransformer().encode(value).toString();
  }
@@ -37,6 +37,7 @@ class AssetResponseDto {
    this.owner,
    required this.ownerId,
    this.people = const [],
+    this.permissions = const [],
    this.resized,
    this.stack,
    this.tags = const [],
@@ -140,6 +141,8 @@ class AssetResponseDto {

  List<PersonResponseDto> people;

+  List<SharingPermission> permissions;
+
  /// Is resized
  ///
  /// Please note: This property should have been non-nullable! Since the specification file
@@ -195,6 +198,7 @@ class AssetResponseDto {
    other.owner == owner &&
    other.ownerId == ownerId &&
    _deepEquality.equals(other.people, people) &&
+    _deepEquality.equals(other.permissions, permissions) &&
    other.resized == resized &&
    other.stack == stack &&
    _deepEquality.equals(other.tags, tags) &&
@@ -231,6 +235,7 @@ class AssetResponseDto {
    (owner == null ? 0 : owner!.hashCode) +
    (ownerId.hashCode) +
    (people.hashCode) +
+    (permissions.hashCode) +
    (resized == null ? 0 : resized!.hashCode) +
    (stack == null ? 0 : stack!.hashCode) +
    (tags.hashCode) +
@@ -241,7 +246,7 @@ class AssetResponseDto {
    (width == null ? 0 : width!.hashCode);

  @override
-  String toString() => 'AssetResponseDto[checksum=$checksum, createdAt=$createdAt, duplicateId=$duplicateId, duration=$duration, exifInfo=$exifInfo, fileCreatedAt=$fileCreatedAt, fileModifiedAt=$fileModifiedAt, hasMetadata=$hasMetadata, height=$height, id=$id, isArchived=$isArchived, isEdited=$isEdited, isFavorite=$isFavorite, isOffline=$isOffline, isTrashed=$isTrashed, libraryId=$libraryId, livePhotoVideoId=$livePhotoVideoId, localDateTime=$localDateTime, originalFileName=$originalFileName, originalMimeType=$originalMimeType, originalPath=$originalPath, owner=$owner, ownerId=$ownerId, people=$people, resized=$resized, stack=$stack, tags=$tags, thumbhash=$thumbhash, type=$type, updatedAt=$updatedAt, visibility=$visibility, width=$width]';
+  String toString() => 'AssetResponseDto[checksum=$checksum, createdAt=$createdAt, duplicateId=$duplicateId, duration=$duration, exifInfo=$exifInfo, fileCreatedAt=$fileCreatedAt, fileModifiedAt=$fileModifiedAt, hasMetadata=$hasMetadata, height=$height, id=$id, isArchived=$isArchived, isEdited=$isEdited, isFavorite=$isFavorite, isOffline=$isOffline, isTrashed=$isTrashed, libraryId=$libraryId, livePhotoVideoId=$livePhotoVideoId, localDateTime=$localDateTime, originalFileName=$originalFileName, originalMimeType=$originalMimeType, originalPath=$originalPath, owner=$owner, ownerId=$ownerId, people=$people, permissions=$permissions, resized=$resized, stack=$stack, tags=$tags, thumbhash=$thumbhash, type=$type, updatedAt=$updatedAt, visibility=$visibility, width=$width]';

  Map<String, dynamic> toJson() {
    final json = <String, dynamic>{};
@@ -301,6 +306,7 @@ class AssetResponseDto {
    }
      json[r'ownerId'] = this.ownerId;
      json[r'people'] = this.people;
+      json[r'permissions'] = this.permissions;
    if (this.resized != null) {
      json[r'resized'] = this.resized;
    } else {
@@ -361,6 +367,7 @@ class AssetResponseDto {
        owner: UserResponseDto.fromJson(json[r'owner']),
        ownerId: mapValueOfType<String>(json, r'ownerId')!,
        people: PersonResponseDto.listFromJson(json[r'people']),
+        permissions: SharingPermission.listFromJson(json[r'permissions']),
        resized: mapValueOfType<bool>(json, r'resized'),
        stack: AssetStackResponseDto.fromJson(json[r'stack']),
        tags: TagResponseDto.listFromJson(json[r'tags']),
@@ -433,6 +440,7 @@ class AssetResponseDto {
    'originalFileName',
    'originalPath',
    'ownerId',
+    'permissions',
    'thumbhash',
    'type',
    'updatedAt',
@@ -42,6 +42,7 @@ class JobName {
  static const databaseBackup = JobName._(r'DatabaseBackup');
  static const facialRecognitionQueueAll = JobName._(r'FacialRecognitionQueueAll');
  static const facialRecognition = JobName._(r'FacialRecognition');
+  static const facialRecognitionMerge = JobName._(r'FacialRecognitionMerge');
  static const fileDelete = JobName._(r'FileDelete');
  static const fileMigrationQueueAll = JobName._(r'FileMigrationQueueAll');
  static const libraryDeleteCheck = JobName._(r'LibraryDeleteCheck');
@@ -100,6 +101,7 @@ class JobName {
    databaseBackup,
    facialRecognitionQueueAll,
    facialRecognition,
+    facialRecognitionMerge,
    fileDelete,
    fileMigrationQueueAll,
    libraryDeleteCheck,
@@ -193,6 +195,7 @@ class JobNameTypeTransformer {
        case r'DatabaseBackup': return JobName.databaseBackup;
        case r'FacialRecognitionQueueAll': return JobName.facialRecognitionQueueAll;
        case r'FacialRecognition': return JobName.facialRecognition;
+        case r'FacialRecognitionMerge': return JobName.facialRecognitionMerge;
        case r'FileDelete': return JobName.fileDelete;
        case r'FileMigrationQueueAll': return JobName.fileMigrationQueueAll;
        case r'LibraryDeleteCheck': return JobName.libraryDeleteCheck;
@@ -29,6 +29,7 @@ class ManualJobName {
  static const memoryCleanup = ManualJobName._(r'memory-cleanup');
  static const memoryCreate = ManualJobName._(r'memory-create');
  static const backupDatabase = ManualJobName._(r'backup-database');
+  static const personGroupMerge = ManualJobName._(r'person-group-merge');

  /// List of all possible values in this [enum][ManualJobName].
  static const values = <ManualJobName>[
@@ -38,6 +39,7 @@ class ManualJobName {
    memoryCleanup,
    memoryCreate,
    backupDatabase,
+    personGroupMerge,
  ];

  static ManualJobName? fromJson(dynamic value) => ManualJobNameTypeTransformer().decode(value);
@@ -82,6 +84,7 @@ class ManualJobNameTypeTransformer {
        case r'memory-cleanup': return ManualJobName.memoryCleanup;
        case r'memory-create': return ManualJobName.memoryCreate;
        case r'backup-database': return ManualJobName.backupDatabase;
+        case r'person-group-merge': return ManualJobName.personGroupMerge;
        default:
          if (!allowNull) {
            throw ArgumentError('Unknown enum value to decode: $data');
@@ -10,17 +10,17 @@

 part of openapi.api;

-class MergePersonDto {
-  /// Returns a new [MergePersonDto] instance.
-  MergePersonDto({
+class MergeFaceClusterDto {
+  /// Returns a new [MergeFaceClusterDto] instance.
+  MergeFaceClusterDto({
    this.ids = const [],
  });

-  /// Person IDs to merge
+  /// Face cluster IDs to merge
  List<String> ids;

  @override
-  bool operator ==(Object other) => identical(this, other) || other is MergePersonDto &&
+  bool operator ==(Object other) => identical(this, other) || other is MergeFaceClusterDto &&
    _deepEquality.equals(other.ids, ids);

  @override
@@ -29,7 +29,7 @@ class MergePersonDto {
    (ids.hashCode);

  @override
-  String toString() => 'MergePersonDto[ids=$ids]';
+  String toString() => 'MergeFaceClusterDto[ids=$ids]';

  Map<String, dynamic> toJson() {
    final json = <String, dynamic>{};
@@ -37,15 +37,15 @@ class MergePersonDto {
    return json;
  }

-  /// Returns a new [MergePersonDto] instance and imports its values from
+  /// Returns a new [MergeFaceClusterDto] instance and imports its values from
  /// [value] if it's a [Map], null otherwise.
  // ignore: prefer_constructors_over_static_methods
-  static MergePersonDto? fromJson(dynamic value) {
-    upgradeDto(value, "MergePersonDto");
+  static MergeFaceClusterDto? fromJson(dynamic value) {
+    upgradeDto(value, "MergeFaceClusterDto");
    if (value is Map) {
      final json = value.cast<String, dynamic>();

-      return MergePersonDto(
+      return MergeFaceClusterDto(
        ids: json[r'ids'] is Iterable
            ? (json[r'ids'] as Iterable).cast<String>().toList(growable: false)
            : const [],
@@ -54,11 +54,11 @@ class MergePersonDto {
    return null;
  }

-  static List<MergePersonDto> listFromJson(dynamic json, {bool growable = false,}) {
-    final result = <MergePersonDto>[];
+  static List<MergeFaceClusterDto> listFromJson(dynamic json, {bool growable = false,}) {
+    final result = <MergeFaceClusterDto>[];
    if (json is List && json.isNotEmpty) {
      for (final row in json) {
-        final value = MergePersonDto.fromJson(row);
+        final value = MergeFaceClusterDto.fromJson(row);
        if (value != null) {
          result.add(value);
        }
@@ -67,12 +67,12 @@ class MergePersonDto {
    return result.toList(growable: growable);
  }

-  static Map<String, MergePersonDto> mapFromJson(dynamic json) {
-    final map = <String, MergePersonDto>{};
+  static Map<String, MergeFaceClusterDto> mapFromJson(dynamic json) {
+    final map = <String, MergeFaceClusterDto>{};
    if (json is Map && json.isNotEmpty) {
      json = json.cast<String, dynamic>(); // ignore: parameter_assignments
      for (final entry in json.entries) {
-        final value = MergePersonDto.fromJson(entry.value);
+        final value = MergeFaceClusterDto.fromJson(entry.value);
        if (value != null) {
          map[entry.key] = value;
        }
@@ -81,14 +81,14 @@ class MergePersonDto {
    return map;
  }

-  // maps a json object with a list of MergePersonDto-objects as value to a dart map
-  static Map<String, List<MergePersonDto>> mapListFromJson(dynamic json, {bool growable = false,}) {
-    final map = <String, List<MergePersonDto>>{};
+  // maps a json object with a list of MergeFaceClusterDto-objects as value to a dart map
+  static Map<String, List<MergeFaceClusterDto>> mapListFromJson(dynamic json, {bool growable = false,}) {
+    final map = <String, List<MergeFaceClusterDto>>{};
    if (json is Map && json.isNotEmpty) {
      // ignore: parameter_assignments
      json = json.cast<String, dynamic>();
      for (final entry in json.entries) {
-        map[entry.key] = MergePersonDto.listFromJson(entry.value, growable: growable,);
+        map[entry.key] = MergeFaceClusterDto.listFromJson(entry.value, growable: growable,);
      }
    }
    return map;
@@ -15,6 +15,7 @@ class PersonResponseDto {
  PersonResponseDto({
    required this.birthDate,
    this.color,
+    required this.faceClusterId,
    required this.id,
    this.isFavorite,
    required this.isHidden,
@@ -35,6 +36,9 @@ class PersonResponseDto {
  ///
  String? color;

+  /// Face cluster ID
+  String? faceClusterId;
+
  /// Person ID
  String id;

@@ -69,6 +73,7 @@ class PersonResponseDto {
  bool operator ==(Object other) => identical(this, other) || other is PersonResponseDto &&
    other.birthDate == birthDate &&
    other.color == color &&
+    other.faceClusterId == faceClusterId &&
    other.id == id &&
    other.isFavorite == isFavorite &&
    other.isHidden == isHidden &&
@@ -81,6 +86,7 @@ class PersonResponseDto {
    // ignore: unnecessary_parenthesis
    (birthDate == null ? 0 : birthDate!.hashCode) +
    (color == null ? 0 : color!.hashCode) +
+    (faceClusterId == null ? 0 : faceClusterId!.hashCode) +
    (id.hashCode) +
    (isFavorite == null ? 0 : isFavorite!.hashCode) +
    (isHidden.hashCode) +
@@ -89,7 +95,7 @@ class PersonResponseDto {
    (updatedAt == null ? 0 : updatedAt!.hashCode);

  @override
-  String toString() => 'PersonResponseDto[birthDate=$birthDate, color=$color, id=$id, isFavorite=$isFavorite, isHidden=$isHidden, name=$name, thumbnailPath=$thumbnailPath, updatedAt=$updatedAt]';
+  String toString() => 'PersonResponseDto[birthDate=$birthDate, color=$color, faceClusterId=$faceClusterId, id=$id, isFavorite=$isFavorite, isHidden=$isHidden, name=$name, thumbnailPath=$thumbnailPath, updatedAt=$updatedAt]';

  Map<String, dynamic> toJson() {
    final json = <String, dynamic>{};
@@ -102,6 +108,11 @@ class PersonResponseDto {
      json[r'color'] = this.color;
    } else {
    //  json[r'color'] = null;
+    }
+    if (this.faceClusterId != null) {
+      json[r'faceClusterId'] = this.faceClusterId;
+    } else {
+    //  json[r'faceClusterId'] = null;
    }
      json[r'id'] = this.id;
    if (this.isFavorite != null) {
@@ -131,6 +142,7 @@ class PersonResponseDto {
      return PersonResponseDto(
        birthDate: mapDateTime(json, r'birthDate', r''),
        color: mapValueOfType<String>(json, r'color'),
+        faceClusterId: mapValueOfType<String>(json, r'faceClusterId'),
        id: mapValueOfType<String>(json, r'id')!,
        isFavorite: mapValueOfType<bool>(json, r'isFavorite'),
        isHidden: mapValueOfType<bool>(json, r'isHidden')!,
@@ -185,6 +197,7 @@ class PersonResponseDto {
  /// The list of required keys that must be present in a JSON.
  static const requiredKeys = <String>{
    'birthDate',
+    'faceClusterId',
    'id',
    'isHidden',
    'name',
@@ -0,0 +1,107 @@
+//
+// AUTO-GENERATED FILE, DO NOT MODIFY!
+//
+// @dart=2.18
+
+// ignore_for_file: unused_element, unused_import
+// ignore_for_file: always_put_required_named_parameters_first
+// ignore_for_file: constant_identifier_names
+// ignore_for_file: lines_longer_than_80_chars
+
+part of openapi.api;
+
+class SharingOptionsResponseDto {
+  /// Returns a new [SharingOptionsResponseDto] instance.
+  SharingOptionsResponseDto({
+    required this.inTimeline,
+    this.permissions = const [],
+  });
+
+  bool inTimeline;
+
+  List<SharingPermission> permissions;
+
+  @override
+  bool operator ==(Object other) => identical(this, other) || other is SharingOptionsResponseDto &&
+    other.inTimeline == inTimeline &&
+    _deepEquality.equals(other.permissions, permissions);
+
+  @override
+  int get hashCode =>
+    // ignore: unnecessary_parenthesis
+    (inTimeline.hashCode) +
+    (permissions.hashCode);
+
+  @override
+  String toString() => 'SharingOptionsResponseDto[inTimeline=$inTimeline, permissions=$permissions]';
+
+  Map<String, dynamic> toJson() {
+    final json = <String, dynamic>{};
+      json[r'inTimeline'] = this.inTimeline;
+      json[r'permissions'] = this.permissions;
+    return json;
+  }
+
+  /// Returns a new [SharingOptionsResponseDto] instance and imports its values from
+  /// [value] if it's a [Map], null otherwise.
+  // ignore: prefer_constructors_over_static_methods
+  static SharingOptionsResponseDto? fromJson(dynamic value) {
+    upgradeDto(value, "SharingOptionsResponseDto");
+    if (value is Map) {
+      final json = value.cast<String, dynamic>();
+
+      return SharingOptionsResponseDto(
+        inTimeline: mapValueOfType<bool>(json, r'inTimeline')!,
+        permissions: SharingPermission.listFromJson(json[r'permissions']),
+      );
+    }
+    return null;
+  }
+
+  static List<SharingOptionsResponseDto> listFromJson(dynamic json, {bool growable = false,}) {
+    final result = <SharingOptionsResponseDto>[];
+    if (json is List && json.isNotEmpty) {
+      for (final row in json) {
+        final value = SharingOptionsResponseDto.fromJson(row);
+        if (value != null) {
+          result.add(value);
+        }
+      }
+    }
+    return result.toList(growable: growable);
+  }
+
+  static Map<String, SharingOptionsResponseDto> mapFromJson(dynamic json) {
+    final map = <String, SharingOptionsResponseDto>{};
+    if (json is Map && json.isNotEmpty) {
+      json = json.cast<String, dynamic>(); // ignore: parameter_assignments
+      for (final entry in json.entries) {
+        final value = SharingOptionsResponseDto.fromJson(entry.value);
+        if (value != null) {
+          map[entry.key] = value;
+        }
+      }
+    }
+    return map;
+  }
+
+  // maps a json object with a list of SharingOptionsResponseDto-objects as value to a dart map
+  static Map<String, List<SharingOptionsResponseDto>> mapListFromJson(dynamic json, {bool growable = false,}) {
+    final map = <String, List<SharingOptionsResponseDto>>{};
+    if (json is Map && json.isNotEmpty) {
+      // ignore: parameter_assignments
+      json = json.cast<String, dynamic>();
+      for (final entry in json.entries) {
+        map[entry.key] = SharingOptionsResponseDto.listFromJson(entry.value, growable: growable,);
+      }
+    }
+    return map;
+  }
+
+  /// The list of required keys that must be present in a JSON.
+  static const requiredKeys = <String>{
+    'inTimeline',
+    'permissions',
+  };
+}
+
@@ -0,0 +1,112 @@
+//
+// AUTO-GENERATED FILE, DO NOT MODIFY!
+//
+// @dart=2.18
+
+// ignore_for_file: unused_element, unused_import
+// ignore_for_file: always_put_required_named_parameters_first
+// ignore_for_file: constant_identifier_names
+// ignore_for_file: lines_longer_than_80_chars
+
+part of openapi.api;
+
+/// Sharing permission schema
+class SharingPermission {
+  /// Instantiate a new enum with the provided [value].
+  const SharingPermission._(this.value);
+
+  /// The underlying value of this enum member.
+  final String value;
+
+  @override
+  String toString() => value;
+
+  String toJson() => value;
+
+  static const all = SharingPermission._(r'all');
+  static const assetPeriodRead = SharingPermission._(r'asset.read');
+  static const assetPeriodUpdate = SharingPermission._(r'asset.update');
+  static const assetPeriodEdit = SharingPermission._(r'asset.edit');
+  static const assetPeriodDelete = SharingPermission._(r'asset.delete');
+  static const assetPeriodShare = SharingPermission._(r'asset.share');
+  static const exifPeriodRead = SharingPermission._(r'exif.read');
+  static const personPeriodRead = SharingPermission._(r'person.read');
+  static const personPeriodUpdate = SharingPermission._(r'person.update');
+  static const personPeriodMerge = SharingPermission._(r'person.merge');
+  static const personPeriodDelete = SharingPermission._(r'person.delete');
+
+  /// List of all possible values in this [enum][SharingPermission].
+  static const values = <SharingPermission>[
+    all,
+    assetPeriodRead,
+    assetPeriodUpdate,
+    assetPeriodEdit,
+    assetPeriodDelete,
+    assetPeriodShare,
+    exifPeriodRead,
+    personPeriodRead,
+    personPeriodUpdate,
+    personPeriodMerge,
+    personPeriodDelete,
+  ];
+
+  static SharingPermission? fromJson(dynamic value) => SharingPermissionTypeTransformer().decode(value);
+
+  static List<SharingPermission> listFromJson(dynamic json, {bool growable = false,}) {
+    final result = <SharingPermission>[];
+    if (json is List && json.isNotEmpty) {
+      for (final row in json) {
+        final value = SharingPermission.fromJson(row);
+        if (value != null) {
+          result.add(value);
+        }
+      }
+    }
+    return result.toList(growable: growable);
+  }
+}
+
+/// Transformation class that can [encode] an instance of [SharingPermission] to String,
+/// and [decode] dynamic data back to [SharingPermission].
+class SharingPermissionTypeTransformer {
+  factory SharingPermissionTypeTransformer() => _instance ??= const SharingPermissionTypeTransformer._();
+
+  const SharingPermissionTypeTransformer._();
+
+  String encode(SharingPermission data) => data.value;
+
+  /// Decodes a [dynamic value][data] to a SharingPermission.
+  ///
+  /// If [allowNull] is true and the [dynamic value][data] cannot be decoded successfully,
+  /// then null is returned. However, if [allowNull] is false and the [dynamic value][data]
+  /// cannot be decoded successfully, then an [UnimplementedError] is thrown.
+  ///
+  /// The [allowNull] is very handy when an API changes and a new enum value is added or removed,
+  /// and users are still using an old app with the old code.
+  SharingPermission? decode(dynamic data, {bool allowNull = true}) {
+    if (data != null) {
+      switch (data) {
+        case r'all': return SharingPermission.all;
+        case r'asset.read': return SharingPermission.assetPeriodRead;
+        case r'asset.update': return SharingPermission.assetPeriodUpdate;
+        case r'asset.edit': return SharingPermission.assetPeriodEdit;
+        case r'asset.delete': return SharingPermission.assetPeriodDelete;
+        case r'asset.share': return SharingPermission.assetPeriodShare;
+        case r'exif.read': return SharingPermission.exifPeriodRead;
+        case r'person.read': return SharingPermission.personPeriodRead;
+        case r'person.update': return SharingPermission.personPeriodUpdate;
+        case r'person.merge': return SharingPermission.personPeriodMerge;
+        case r'person.delete': return SharingPermission.personPeriodDelete;
+        default:
+          if (!allowNull) {
+            throw ArgumentError('Unknown enum value to decode: $data');
+          }
+      }
+    }
+    return null;
+  }
+
+  /// Singleton [SharingPermissionTypeTransformer] instance.
+  static SharingPermissionTypeTransformer? _instance;
+}
+
@@ -19,11 +19,11 @@ class SyncAssetFaceV2 {
    required this.boundingBoxY1,
    required this.boundingBoxY2,
    required this.deletedAt,
+    required this.faceClusterId,
    required this.id,
    required this.imageHeight,
    required this.imageWidth,
    required this.isVisible,
-    required this.personId,
    required this.sourceType,
  });

@@ -57,6 +57,9 @@ class SyncAssetFaceV2 {
  /// Face deleted at
  DateTime? deletedAt;

+  /// Person ID
+  String? faceClusterId;
+
  /// Asset face ID
  String id;

@@ -75,9 +78,6 @@ class SyncAssetFaceV2 {
  /// Is the face visible in the asset
  bool isVisible;

-  /// Person ID
-  String? personId;
-
  /// Source type
  String sourceType;

@@ -89,11 +89,11 @@ class SyncAssetFaceV2 {
    other.boundingBoxY1 == boundingBoxY1 &&
    other.boundingBoxY2 == boundingBoxY2 &&
    other.deletedAt == deletedAt &&
+    other.faceClusterId == faceClusterId &&
    other.id == id &&
    other.imageHeight == imageHeight &&
    other.imageWidth == imageWidth &&
    other.isVisible == isVisible &&
-    other.personId == personId &&
    other.sourceType == sourceType;

  @override
@@ -105,15 +105,15 @@ class SyncAssetFaceV2 {
    (boundingBoxY1.hashCode) +
    (boundingBoxY2.hashCode) +
    (deletedAt == null ? 0 : deletedAt!.hashCode) +
+    (faceClusterId == null ? 0 : faceClusterId!.hashCode) +
    (id.hashCode) +
    (imageHeight.hashCode) +
    (imageWidth.hashCode) +
    (isVisible.hashCode) +
-    (personId == null ? 0 : personId!.hashCode) +
    (sourceType.hashCode);

  @override
-  String toString() => 'SyncAssetFaceV2[assetId=$assetId, boundingBoxX1=$boundingBoxX1, boundingBoxX2=$boundingBoxX2, boundingBoxY1=$boundingBoxY1, boundingBoxY2=$boundingBoxY2, deletedAt=$deletedAt, id=$id, imageHeight=$imageHeight, imageWidth=$imageWidth, isVisible=$isVisible, personId=$personId, sourceType=$sourceType]';
+  String toString() => 'SyncAssetFaceV2[assetId=$assetId, boundingBoxX1=$boundingBoxX1, boundingBoxX2=$boundingBoxX2, boundingBoxY1=$boundingBoxY1, boundingBoxY2=$boundingBoxY2, deletedAt=$deletedAt, faceClusterId=$faceClusterId, id=$id, imageHeight=$imageHeight, imageWidth=$imageWidth, isVisible=$isVisible, sourceType=$sourceType]';

  Map<String, dynamic> toJson() {
    final json = <String, dynamic>{};
@@ -128,16 +128,16 @@ class SyncAssetFaceV2 {
        : this.deletedAt!.toUtc().toIso8601String();
    } else {
    //  json[r'deletedAt'] = null;
+    }
+    if (this.faceClusterId != null) {
+      json[r'faceClusterId'] = this.faceClusterId;
+    } else {
+    //  json[r'faceClusterId'] = null;
    }
      json[r'id'] = this.id;
      json[r'imageHeight'] = this.imageHeight;
      json[r'imageWidth'] = this.imageWidth;
      json[r'isVisible'] = this.isVisible;
-    if (this.personId != null) {
-      json[r'personId'] = this.personId;
-    } else {
-    //  json[r'personId'] = null;
-    }
      json[r'sourceType'] = this.sourceType;
    return json;
  }
@@ -157,11 +157,11 @@ class SyncAssetFaceV2 {
        boundingBoxY1: mapValueOfType<int>(json, r'boundingBoxY1')!,
        boundingBoxY2: mapValueOfType<int>(json, r'boundingBoxY2')!,
        deletedAt: mapDateTime(json, r'deletedAt', r'/^(?:(?:\\d\\d[2468][048]|\\d\\d[13579][26]|\\d\\d0[48]|[02468][048]00|[13579][26]00)-02-29|\\d{4}-(?:(?:0[13578]|1[02])-(?:0[1-9]|[12]\\d|3[01])|(?:0[469]|11)-(?:0[1-9]|[12]\\d|30)|(?:02)-(?:0[1-9]|1\\d|2[0-8])))T(?:(?:[01]\\d|2[0-3]):[0-5]\\d(?::[0-5]\\d(?:\\.\\d+)?)?(?:Z))$/'),
+        faceClusterId: mapValueOfType<String>(json, r'faceClusterId'),
        id: mapValueOfType<String>(json, r'id')!,
        imageHeight: mapValueOfType<int>(json, r'imageHeight')!,
        imageWidth: mapValueOfType<int>(json, r'imageWidth')!,
        isVisible: mapValueOfType<bool>(json, r'isVisible')!,
-        personId: mapValueOfType<String>(json, r'personId'),
        sourceType: mapValueOfType<String>(json, r'sourceType')!,
      );
    }
@@ -216,11 +216,11 @@ class SyncAssetFaceV2 {
    'boundingBoxY1',
    'boundingBoxY2',
    'deletedAt',
+    'faceClusterId',
    'id',
    'imageHeight',
    'imageWidth',
    'isVisible',
-    'personId',
    'sourceType',
  };
 }
@@ -0,0 +1,107 @@
+//
+// AUTO-GENERATED FILE, DO NOT MODIFY!
+//
+// @dart=2.18
+
+// ignore_for_file: unused_element, unused_import
+// ignore_for_file: always_put_required_named_parameters_first
+// ignore_for_file: constant_identifier_names
+// ignore_for_file: lines_longer_than_80_chars
+
+part of openapi.api;
+
+class UpdateSharingOptionsDto {
+  /// Returns a new [UpdateSharingOptionsDto] instance.
+  UpdateSharingOptionsDto({
+    required this.inTimeline,
+    this.permissions = const [],
+  });
+
+  bool inTimeline;
+
+  List<SharingPermission> permissions;
+
+  @override
+  bool operator ==(Object other) => identical(this, other) || other is UpdateSharingOptionsDto &&
+    other.inTimeline == inTimeline &&
+    _deepEquality.equals(other.permissions, permissions);
+
+  @override
+  int get hashCode =>
+    // ignore: unnecessary_parenthesis
+    (inTimeline.hashCode) +
+    (permissions.hashCode);
+
+  @override
+  String toString() => 'UpdateSharingOptionsDto[inTimeline=$inTimeline, permissions=$permissions]';
+
+  Map<String, dynamic> toJson() {
+    final json = <String, dynamic>{};
+      json[r'inTimeline'] = this.inTimeline;
+      json[r'permissions'] = this.permissions;
+    return json;
+  }
+
+  /// Returns a new [UpdateSharingOptionsDto] instance and imports its values from
+  /// [value] if it's a [Map], null otherwise.
+  // ignore: prefer_constructors_over_static_methods
+  static UpdateSharingOptionsDto? fromJson(dynamic value) {
+    upgradeDto(value, "UpdateSharingOptionsDto");
+    if (value is Map) {
+      final json = value.cast<String, dynamic>();
+
+      return UpdateSharingOptionsDto(
+        inTimeline: mapValueOfType<bool>(json, r'inTimeline')!,
+        permissions: SharingPermission.listFromJson(json[r'permissions']),
+      );
+    }
+    return null;
+  }
+
+  static List<UpdateSharingOptionsDto> listFromJson(dynamic json, {bool growable = false,}) {
+    final result = <UpdateSharingOptionsDto>[];
+    if (json is List && json.isNotEmpty) {
+      for (final row in json) {
+        final value = UpdateSharingOptionsDto.fromJson(row);
+        if (value != null) {
+          result.add(value);
+        }
+      }
+    }
+    return result.toList(growable: growable);
+  }
+
+  static Map<String, UpdateSharingOptionsDto> mapFromJson(dynamic json) {
+    final map = <String, UpdateSharingOptionsDto>{};
+    if (json is Map && json.isNotEmpty) {
+      json = json.cast<String, dynamic>(); // ignore: parameter_assignments
+      for (final entry in json.entries) {
+        final value = UpdateSharingOptionsDto.fromJson(entry.value);
+        if (value != null) {
+          map[entry.key] = value;
+        }
+      }
+    }
+    return map;
+  }
+
+  // maps a json object with a list of UpdateSharingOptionsDto-objects as value to a dart map
+  static Map<String, List<UpdateSharingOptionsDto>> mapListFromJson(dynamic json, {bool growable = false,}) {
+    final map = <String, List<UpdateSharingOptionsDto>>{};
+    if (json is Map && json.isNotEmpty) {
+      // ignore: parameter_assignments
+      json = json.cast<String, dynamic>();
+      for (final entry in json.entries) {
+        map[entry.key] = UpdateSharingOptionsDto.listFromJson(entry.value, growable: growable,);
+      }
+    }
+    return map;
+  }
+
+  /// The list of required keys that must be present in a JSON.
+  static const requiredKeys = <String>{
+    'inTimeline',
+    'permissions',
+  };
+}
+
@@ -28,7 +28,6 @@ SyncAssetV1 _createAsset({
  String ownerId = 'user-1',
  int? width,
  int? height,
-  String? libraryId,
 }) {
  return SyncAssetV1(
    id: id,
@@ -46,38 +45,7 @@ SyncAssetV1 _createAsset({
    height: height,
    deletedAt: null,
    duration: null,
-    libraryId: libraryId,
-    livePhotoVideoId: null,
-    stackId: null,
-    thumbhash: null,
-    isEdited: false,
-  );
-}
-
-SyncAssetV2 _createAssetV2({
-  required String id,
-  required String checksum,
-  required String fileName,
-  String ownerId = 'user-1',
-  String? libraryId,
-}) {
-  return SyncAssetV2(
-    id: id,
-    checksum: checksum,
-    originalFileName: fileName,
-    type: AssetTypeEnum.IMAGE,
-    ownerId: ownerId,
-    isFavorite: false,
-    fileCreatedAt: DateTime(2024, 1, 1),
-    fileModifiedAt: DateTime(2024, 1, 1),
-    createdAt: DateTime(2024, 1, 1),
-    localDateTime: DateTime(2024, 1, 1),
-    visibility: AssetVisibility.timeline,
-    width: null,
-    height: null,
-    deletedAt: null,
-    duration: 0,
-    libraryId: libraryId,
+    libraryId: null,
    livePhotoVideoId: null,
    stackId: null,
    thumbhash: null,
@@ -272,82 +240,4 @@ void main() {
      expect(after.backupSelection, equals(BackupSelection.none));
    });
  });
-
-  group('SyncStreamRepository - updateAssetsV1 dedupe (#22522 #27186)', () {
-    test('replaces stale row when new id arrives with same (ownerId, checksum) and library is null', () async {
-      await sut.updateUsersV1([_createUser()]);
-      await sut.updateAssetsV1([_createAsset(id: 'old-id', checksum: 'AAA', fileName: 'photo.jpg')]);
-
-      // Server re-issues a new id for the same content (replace-with-upload, immich-go, etc.)
-      await sut.updateAssetsV1([_createAsset(id: 'new-id', checksum: 'AAA', fileName: 'photo.jpg')]);
-
-      final rows = await db.remoteAssetEntity.select().get();
-      expect(rows, hasLength(1));
-      expect(rows.single.id, equals('new-id'));
-      expect(rows.single.checksum, equals('AAA'));
-    });
-
-    test('replaces stale row by (ownerId, libraryId, checksum) when library is not null', () async {
-      await sut.updateUsersV1([_createUser()]);
-      await sut.updateAssetsV1([
-        _createAsset(id: 'old-id', checksum: 'AAA', fileName: 'photo.jpg', libraryId: 'lib-1'),
-      ]);
-
-      await sut.updateAssetsV1([
-        _createAsset(id: 'new-id', checksum: 'AAA', fileName: 'photo.jpg', libraryId: 'lib-1'),
-      ]);
-
-      final rows = await db.remoteAssetEntity.select().get();
-      expect(rows, hasLength(1));
-      expect(rows.single.id, equals('new-id'));
-      expect(rows.single.libraryId, equals('lib-1'));
-    });
-
-    test('library and non-library rows with same (ownerId, checksum) coexist', () async {
-      await sut.updateUsersV1([_createUser()]);
-      await sut.updateAssetsV1([
-        _createAsset(id: 'lib-row', checksum: 'AAA', fileName: 'photo.jpg', libraryId: 'lib-1'),
-        _createAsset(id: 'main-row', checksum: 'AAA', fileName: 'photo.jpg'),
-      ]);
-
-      final rows = await db.remoteAssetEntity.select().get();
-      expect(rows, hasLength(2), reason: 'library NULL and NOT NULL match different partial indexes');
-      expect(rows.map((r) => r.id).toSet(), equals({'lib-row', 'main-row'}));
-    });
-
-    test('different owners with same checksum coexist', () async {
-      await sut.updateUsersV1([_createUser(id: 'user-1')]);
-      await sut.updateUsersV1([_createUser(id: 'user-2')]);
-      await sut.updateAssetsV1([
-        _createAsset(id: 'a-id', checksum: 'AAA', fileName: 'photo.jpg', ownerId: 'user-1'),
-        _createAsset(id: 'b-id', checksum: 'AAA', fileName: 'photo.jpg', ownerId: 'user-2'),
-      ]);
-
-      final rows = await db.remoteAssetEntity.select().get();
-      expect(rows, hasLength(2));
-    });
-
-    test('same id arriving again updates in place (no self-delete)', () async {
-      await sut.updateUsersV1([_createUser()]);
-      await sut.updateAssetsV1([_createAsset(id: 'same-id', checksum: 'AAA', fileName: 'photo.jpg')]);
-
-      await sut.updateAssetsV1([_createAsset(id: 'same-id', checksum: 'AAA', fileName: 'renamed.jpg')]);
-
-      final rows = await db.remoteAssetEntity.select().get();
-      expect(rows, hasLength(1));
-      expect(rows.single.id, equals('same-id'));
-      expect(rows.single.name, equals('renamed.jpg'), reason: 'ON CONFLICT(id) DO UPDATE path still works');
-    });
-
-    test('updateAssetsV2 dedupes the same way', () async {
-      await sut.updateUsersV1([_createUser()]);
-      await sut.updateAssetsV2([_createAssetV2(id: 'old-id', checksum: 'AAA', fileName: 'photo.jpg')]);
-
-      await sut.updateAssetsV2([_createAssetV2(id: 'new-id', checksum: 'AAA', fileName: 'photo.jpg')]);
-
-      final rows = await db.remoteAssetEntity.select().get();
-      expect(rows, hasLength(1));
-      expect(rows.single.id, equals('new-id'));
-    });
-  });
 }
@@ -2298,6 +2298,121 @@
        "x-immich-permission": "album.read"
      }
    },
+    "/albums/{id}/user/self": {
+      "get": {
+        "description": "Get the own sharing permissions in a specific album.",
+        "operationId": "getOwnAlbumUser",
+        "parameters": [
+          {
+            "name": "id",
+            "required": true,
+            "in": "path",
+            "schema": {
+              "format": "uuid",
+              "pattern": "^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-4[0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12})$",
+              "type": "string"
+            }
+          }
+        ],
+        "responses": {
+          "200": {
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/SharingOptionsResponseDto"
+                }
+              }
+            },
+            "description": ""
+          }
+        },
+        "security": [
+          {
+            "bearer": []
+          },
+          {
+            "cookie": []
+          },
+          {
+            "api_key": []
+          }
+        ],
+        "summary": "Get own sharing permissions",
+        "tags": [
+          "Albums"
+        ],
+        "x-immich-history": [
+          {
+            "version": "v3",
+            "state": "Added"
+          },
+          {
+            "version": "v3",
+            "state": "Stable"
+          }
+        ],
+        "x-immich-permission": "albumAsset.create",
+        "x-immich-state": "Stable"
+      },
+      "put": {
+        "description": "Change the own sharing permissions in a specific album.",
+        "operationId": "updateOwnAlbumUser",
+        "parameters": [
+          {
+            "name": "id",
+            "required": true,
+            "in": "path",
+            "schema": {
+              "format": "uuid",
+              "pattern": "^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-4[0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12})$",
+              "type": "string"
+            }
+          }
+        ],
+        "requestBody": {
+          "content": {
+            "application/json": {
+              "schema": {
+                "$ref": "#/components/schemas/UpdateSharingOptionsDto"
+              }
+            }
+          },
+          "required": true
+        },
+        "responses": {
+          "204": {
+            "description": ""
+          }
+        },
+        "security": [
+          {
+            "bearer": []
+          },
+          {
+            "cookie": []
+          },
+          {
+            "api_key": []
+          }
+        ],
+        "summary": "Update own sharing permissions",
+        "tags": [
+          "Albums"
+        ],
+        "x-immich-history": [
+          {
+            "version": "v3",
+            "state": "Added"
+          },
+          {
+            "version": "v3",
+            "state": "Stable"
+          }
+        ],
+        "x-immich-permission": "albumAsset.create",
+        "x-immich-state": "Stable"
+      }
+    },
    "/albums/{id}/user/{userId}": {
      "delete": {
        "description": "Remove a user from an album. Use an ID of \"me\" to leave a shared album.",
@@ -8366,7 +8481,7 @@
          "content": {
            "application/json": {
              "schema": {
-                "$ref": "#/components/schemas/MergePersonDto"
+                "$ref": "#/components/schemas/MergeFaceClusterDto"
              }
            }
          },
@@ -16726,6 +16841,12 @@
            },
            "type": "array"
          },
+          "permissions": {
+            "items": {
+              "$ref": "#/components/schemas/SharingPermission"
+            },
+            "type": "array"
+          },
          "resized": {
            "description": "Is resized",
            "type": "boolean",
@@ -16797,6 +16918,7 @@
          "originalFileName",
          "originalPath",
          "ownerId",
+          "permissions",
          "thumbhash",
          "type",
          "updatedAt",
@@ -17856,6 +17978,7 @@
          "DatabaseBackup",
          "FacialRecognitionQueueAll",
          "FacialRecognition",
+          "FacialRecognitionMerge",
          "FileDelete",
          "FileMigrationQueueAll",
          "LibraryDeleteCheck",
@@ -18265,7 +18388,8 @@
          "user-cleanup",
          "memory-cleanup",
          "memory-create",
-          "backup-database"
+          "backup-database",
+          "person-group-merge"
        ],
        "type": "string"
      },
@@ -18591,10 +18715,10 @@
        },
        "type": "object"
      },
-      "MergePersonDto": {
+      "MergeFaceClusterDto": {
        "properties": {
          "ids": {
-            "description": "Person IDs to merge",
+            "description": "Face cluster IDs to merge",
            "items": {
              "format": "uuid",
              "pattern": "^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-4[0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12})$",
@@ -19619,6 +19743,11 @@
            ],
            "x-immich-state": "Stable"
          },
+          "faceClusterId": {
+            "description": "Face cluster ID",
+            "nullable": true,
+            "type": "string"
+          },
          "id": {
            "description": "Person ID",
            "type": "string"
@@ -19669,6 +19798,7 @@
        },
        "required": [
          "birthDate",
+          "faceClusterId",
          "id",
          "isHidden",
          "name",
@@ -21752,6 +21882,41 @@
        },
        "type": "object"
      },
+      "SharingOptionsResponseDto": {
+        "properties": {
+          "inTimeline": {
+            "type": "boolean"
+          },
+          "permissions": {
+            "items": {
+              "$ref": "#/components/schemas/SharingPermission"
+            },
+            "type": "array"
+          }
+        },
+        "required": [
+          "inTimeline",
+          "permissions"
+        ],
+        "type": "object"
+      },
+      "SharingPermission": {
+        "description": "Sharing permission schema",
+        "enum": [
+          "all",
+          "asset.read",
+          "asset.update",
+          "asset.edit",
+          "asset.delete",
+          "asset.share",
+          "exif.read",
+          "person.read",
+          "person.update",
+          "person.merge",
+          "person.delete"
+        ],
+        "type": "string"
+      },
      "SignUpDto": {
        "properties": {
          "email": {
@@ -22848,6 +23013,11 @@
            "pattern": "^(?:(?:\\d\\d[2468][048]|\\d\\d[13579][26]|\\d\\d0[48]|[02468][048]00|[13579][26]00)-02-29|\\d{4}-(?:(?:0[13578]|1[02])-(?:0[1-9]|[12]\\d|3[01])|(?:0[469]|11)-(?:0[1-9]|[12]\\d|30)|(?:02)-(?:0[1-9]|1\\d|2[0-8])))T(?:(?:[01]\\d|2[0-3]):[0-5]\\d(?::[0-5]\\d(?:\\.\\d+)?)?(?:Z))$",
            "type": "string"
          },
+          "faceClusterId": {
+            "description": "Person ID",
+            "nullable": true,
+            "type": "string"
+          },
          "id": {
            "description": "Asset face ID",
            "type": "string"
@@ -22868,11 +23038,6 @@
            "description": "Is the face visible in the asset",
            "type": "boolean"
          },
-          "personId": {
-            "description": "Person ID",
-            "nullable": true,
-            "type": "string"
-          },
          "sourceType": {
            "description": "Source type",
            "type": "string"
@@ -22885,11 +23050,11 @@
          "boundingBoxY1",
          "boundingBoxY2",
          "deletedAt",
+          "faceClusterId",
          "id",
          "imageHeight",
          "imageWidth",
          "isVisible",
-          "personId",
          "sourceType"
        ],
        "type": "object"
@@ -25381,6 +25546,24 @@
        },
        "type": "object"
      },
+      "UpdateSharingOptionsDto": {
+        "properties": {
+          "inTimeline": {
+            "type": "boolean"
+          },
+          "permissions": {
+            "items": {
+              "$ref": "#/components/schemas/SharingPermission"
+            },
+            "type": "array"
+          }
+        },
+        "required": [
+          "inTimeline",
+          "permissions"
+        ],
+        "type": "object"
+      },
      "UsageByUserDto": {
        "properties": {
          "photos": {
@@ -555,6 +555,14 @@ export type MapMarkerResponseDto = {
    /** State/Province name */
    state: string | null;
 };
+export type SharingOptionsResponseDto = {
+    inTimeline: boolean;
+    permissions: SharingPermission[];
+};
+export type UpdateSharingOptionsDto = {
+    inTimeline: boolean;
+    permissions: SharingPermission[];
+};
 export type UpdateAlbumUserDto = {
    role: AlbumUserRole;
 };
@@ -792,6 +800,8 @@ export type PersonResponseDto = {
    birthDate: string | null;
    /** Person color (hex) */
    color?: string;
+    /** Face cluster ID */
+    faceClusterId: string | null;
    /** Person ID */
    id: string;
    /** Is favorite */
@@ -875,6 +885,7 @@ export type AssetResponseDto = {
    /** Owner user ID */
    ownerId: string;
    people?: PersonResponseDto[];
+    permissions: SharingPermission[];
    /** Is resized */
    resized?: boolean;
    stack?: (AssetStackResponseDto) | null;
@@ -1460,8 +1471,8 @@ export type PersonUpdateDto = {
    /** Person name */
    name?: string;
 };
-export type MergePersonDto = {
-    /** Person IDs to merge */
+export type MergeFaceClusterDto = {
+    /** Face cluster IDs to merge */
    ids: string[];
 };
 export type AssetFaceUpdateItem = {
@@ -2973,6 +2984,8 @@ export type SyncAssetFaceV2 = {
    boundingBoxY2: number;
    /** Face deleted at */
    deletedAt: string | null;
+    /** Person ID */
+    faceClusterId: string | null;
    /** Asset face ID */
    id: string;
    /** Image height */
@@ -2981,8 +2994,6 @@ export type SyncAssetFaceV2 = {
    imageWidth: number;
    /** Is the face visible in the asset */
    isVisible: boolean;
-    /** Person ID */
-    personId: string | null;
    /** Source type */
    sourceType: string;
 };
@@ -3778,6 +3789,32 @@ export function getAlbumMapMarkers({ id, key, slug }: {
        ...opts
    }));
 }
+/**
+ * Get own sharing permissions
+ */
+export function getOwnAlbumUser({ id }: {
+    id: string;
+}, opts?: Oazapfts.RequestOpts) {
+    return oazapfts.ok(oazapfts.fetchJson<{
+        status: 200;
+        data: SharingOptionsResponseDto;
+    }>(`/albums/${encodeURIComponent(id)}/user/self`, {
+        ...opts
+    }));
+}
+/**
+ * Update own sharing permissions
+ */
+export function updateOwnAlbumUser({ id, updateSharingOptionsDto }: {
+    id: string;
+    updateSharingOptionsDto: UpdateSharingOptionsDto;
+}, opts?: Oazapfts.RequestOpts) {
+    return oazapfts.ok(oazapfts.fetchText(`/albums/${encodeURIComponent(id)}/user/self`, oazapfts.json({
+        ...opts,
+        method: "PUT",
+        body: updateSharingOptionsDto
+    })));
+}
 /**
 * Remove user from album
 */
@@ -5182,9 +5219,9 @@ export function updatePerson({ id, personUpdateDto }: {
 /**
 * Merge people
 */
-export function mergePerson({ id, mergePersonDto }: {
+export function mergePerson({ id, mergeFaceClusterDto }: {
    id: string;
-    mergePersonDto: MergePersonDto;
+    mergeFaceClusterDto: MergeFaceClusterDto;
 }, opts?: Oazapfts.RequestOpts) {
    return oazapfts.ok(oazapfts.fetchJson<{
        status: 200;
@@ -5192,7 +5229,7 @@ export function mergePerson({ id, mergePersonDto }: {
    }>(`/people/${encodeURIComponent(id)}/merge`, oazapfts.json({
        ...opts,
        method: "POST",
-        body: mergePersonDto
+        body: mergeFaceClusterDto
    })));
 }
 /**
@@ -6769,6 +6806,19 @@ export enum BulkIdErrorReason {
    Unknown = "unknown",
    Validation = "validation"
 }
+export enum SharingPermission {
+    All = "all",
+    AssetRead = "asset.read",
+    AssetUpdate = "asset.update",
+    AssetEdit = "asset.edit",
+    AssetDelete = "asset.delete",
+    AssetShare = "asset.share",
+    ExifRead = "exif.read",
+    PersonRead = "person.read",
+    PersonUpdate = "person.update",
+    PersonMerge = "person.merge",
+    PersonDelete = "person.delete"
+}
 export enum Permission {
    All = "all",
    ActivityCreate = "activity.create",
@@ -6976,7 +7026,8 @@ export enum ManualJobName {
    UserCleanup = "user-cleanup",
    MemoryCleanup = "memory-cleanup",
    MemoryCreate = "memory-create",
-    BackupDatabase = "backup-database"
+    BackupDatabase = "backup-database",
+    PersonGroupMerge = "person-group-merge"
 }
 export enum QueueName {
    ThumbnailGeneration = "thumbnailGeneration",
@@ -7063,6 +7114,7 @@ export enum JobName {
    DatabaseBackup = "DatabaseBackup",
    FacialRecognitionQueueAll = "FacialRecognitionQueueAll",
    FacialRecognition = "FacialRecognition",
+    FacialRecognitionMerge = "FacialRecognitionMerge",
    FileDelete = "FileDelete",
    FileMigrationQueueAll = "FileMigrationQueueAll",
    LibraryDeleteCheck = "LibraryDeleteCheck",
@@ -343,7 +343,7 @@ importers:
        specifier: 2.0.0-rc13
        version: 2.0.0-rc13
      '@immich/sql-tools':
-        specifier: ^0.5.1
+        specifier: ^0.5.2
        version: 0.5.2
      '@nestjs/bullmq':
        specifier: ^11.0.1
@@ -37,29 +37,24 @@
  <a href="README_th_TH.md">ภาษาไทย</a>
 </p>

-## تنصل
+> [!WARNING]
+> ⚠️ اتبع دائمًا خطة النسخ الاحتياطي [١-٢-٣](https://www.backblaze.com/blog/the-3-2-1-backup-strategy/) لصورك ومقاطع الفيديو الثمينة الخاصة بك
+>

- ⚠️ هذا التطبيق قيد التطوير النشط للغاية
- ⚠️ توقع الأخطاء والتغييرات العاجلة
- ⚠️ **لا تستخدم التطبيق باعتباره الطريقة الوحيدة لتخزين الصور ومقاطع الفيديو الخاصة بك**
- ⚠️ اتبع دائمًا خطة النسخ الاحتياطي [١-٢-٣](https://www.backblaze.com/blog/the-3-2-1-backup-strategy/) لصورك ومقاطع الفيديو الثمينة الخاصة بك
+> [!NOTE]
+> يمكنك العثور على الوثائق الرئيسية، بما في ذلك أدلة التثبيت، على https://immich.app/

+## روابط

-## محتوى
-
- [الوثائق الرسمية](https://docs.immich.app)
- [خريطة الطريق](https://github.com/orgs/immich-app/projects/1)
- [تجريبي](#demo)
- [سمات](#features)
+- [الوثائق الرسمية](https://docs.immich.app/)
 - [مقدمة](https://docs.immich.app/overview/introduction)
 - [تعليمات التحميل](https://docs.immich.app/install/requirements)
+- [خريطة الطريق](https://immich.app/roadmap)
+- [تجريبي](#تجريبي)
+- [سمات](#سمات)
+- [الترجمات](https://docs.immich.app/developer/translations)
 - [قواعد المساهمة](https://docs.immich.app/overview/support-the-project)

-## توثيق
-
-يمكنك العثور على الوثائق الرئيسية، بما في ذلك أدلة التثبيت، هنا 
-https://immich.app
-
 ## تجريبي

 يمكنك الوصول إلى العرض التوضيحي على الويب على
@@ -37,26 +37,24 @@
  <a href="README_th_TH.md">ภาษาไทย</a>
 </p>

-## Avís legal
+> [!WARNING]
+> ⚠️ Always follow [3-2-1](https://www.backblaze.com/blog/the-3-2-1-backup-strategy/) backup plan for your precious photos and videos!
+>

- ⚠️ El projecte està en desenvolupament **molt actiu**.
- ⚠️ Espereu errors i canvis que poden trencar coses.
- ⚠️ **No utilitzeu l'aplicació com a única manera de guardar les vostres fotos i vídeos!**
+> [!NOTE]
+> Podeu trobar la documentació principal, incloent les guies d'instal·lació, a https://immich.app/.

 ## Contingut

- [Documentació oficial](https://docs.immich.app)
- [Mapa de ruta](https://github.com/orgs/immich-app/projects/1)
- [Demo](#demo)
- [Funcionalitats](#funcionalitats)
+- [Documentació](https://docs.immich.app/)
 - [Introducció](https://docs.immich.app/overview/introduction)
 - [Instal·lació](https://docs.immich.app/install/requirements)
+- [Mapa de ruta](https://immich.app/roadmap)
+- [Demo](#demo)
+- [Funcionalitats](#funcionalitats)
+- [Traduccions](https://docs.immich.app/developer/translations)
 - [Directrius de contribució](https://docs.immich.app/overview/support-the-project)

-## Documentació
-
-Podeu trobar la documentació principal, incloent les guies d'instal·lació, a https://immich.app/.
-
 ## Demo

 Podeu accedir a la demostració web a https://demo.immich.app. Per a l'aplicació mòbil, podeu utilitzar `https://demo.immich.app` com a "URL de punt final del servidor".
@@ -38,7 +38,9 @@
  <a href="README_th_TH.md">ภาษาไทย</a>
 </p>

- ⚠️ Befolge immer die [3-2-1](https://www.backblaze.com/blog/the-3-2-1-backup-strategy/) Backup-Regel für deine wertvollen Fotos und Videos!
+> [!WARNING]
+> ⚠️ Befolge immer die [3-2-1](https://www.backblaze.com/blog/the-3-2-1-backup-strategy/) Backup-Regel für deine wertvollen Fotos und Videos!
+>

 > [!NOTE]
 > Die Hauptdokumentation, einschließlich der Installationsanleitungen, befinden sich unter https://immich.app/.
@@ -49,7 +51,7 @@
 - [Offizielle Dokumentation](https://docs.immich.app)
 - [Über Immich](https://docs.immich.app/overview/introduction)
 - [Installation](https://docs.immich.app/install/requirements)
- [Roadmap](https://github.com/orgs/immich-app/projects/1)
+- [Roadmap](https://immich.app/roadmap)
 - [Demo](#demo)
 - [Funktionen](#funktionen)
 - [Übersetzungen](https://docs.immich.app/developer/translations)
@@ -37,27 +37,24 @@
  <a href="README_th_TH.md">ภาษาไทย</a>
 </p>

-## Advertencia
+> [!WARNING]
+> ⚠️ Siempre sigue el plan de backups [3-2-1](https://www.backblaze.com/blog/the-3-2-1-backup-strategy/) para tus fotos y videos.
+>

- ⚠️ El proyecto está en **activo desarrollo**.
- ⚠️ Es probable que haya errores y cambios disruptivos.
- ⚠️ **¡No utilices la aplicación como única forma de almacenar tus fotos y videos!**
- ⚠️ Siempre sigue el plan de backups [3-2-1](https://www.backblaze.com/blog/the-3-2-1-backup-strategy/) para tus fotos y videos.
+> [!NOTE]
+> Puedes encontrar la documentación oficial, incluidas las guías de instalación, en <https://immich.app/>.

 ## Contenido

- [Documentación oficial](https://docs.immich.app)
- [Hoja de ruta](https://github.com/orgs/immich-app/projects/1)
- [Demo](#demo)
- [Funciones](#funciones)
+- [Documentación](https://docs.immich.app/)
 - [Introducción](https://docs.immich.app/overview/introduction)
 - [Instalación](https://docs.immich.app/install/requirements)
+- [Hoja de ruta](https://immich.app/roadmap)
+- [Demo](#demo)
+- [Funciones](#funciones)
+- [Traducciones](https://docs.immich.app/developer/translations)
 - [Directrices para contribuir](https://docs.immich.app/overview/support-the-project)

-## Documentación
-
-Puedes encontrar la documentación oficial, incluidas las guías de instalación, en <https://immich.app/>.
-
 ## Demo

 Puedes acceder a la demostración web en <https://demo.immich.app>. Para la aplicación móvil, puedes usar `https://demo.immich.app` en la `URL del servidor`.
@@ -37,27 +37,24 @@
  <a href="README_th_TH.md">ภาษาไทย</a>
 </p>

-## Clause de non-responsabilité
+> [!WARNING]
+> ⚠️ Ayez toujours un plan de sauvegarde en [3-2-1](https://www.backblaze.com/blog/the-3-2-1-backup-strategy/) pour vos précieuses photos et vidéos !
+>

- ⚠️ Le projet est en **très fort** développement.
- ⚠️ Attendez-vous à rencontrer des bogues et des changements importants.
- ⚠️ **N'utilisez pas cette application comme seul support de sauvegarde de vos photos et vos vidéos.**
- ⚠️ Ayez toujours un plan de sauvegarde en [3-2-1](https://www.seagate.com/fr/fr/blog/what-is-a-3-2-1-backup-strategy/) pour vos précieuses photos et vidéos !
+> [!NOTE]
+> Vous pouvez trouver la documentation principale ainsi que les guides d'installation sur https://immich.app/.

 ## Sommaire

- [Documentation officielle](https://docs.immich.app)
- [Feuille de route](https://github.com/orgs/immich-app/projects/1)
- [Démo](#démo)
- [Fonctionnalités](#fonctionnalités)
+- [Documentation](https://docs.immich.app/)
 - [Introduction](https://docs.immich.app/overview/introduction)
 - [Installation](https://docs.immich.app/install/requirements)
+- [Feuille de route](https://immich.app/roadmap)
+- [Démo](#démo)
+- [Fonctionnalités](#fonctionnalités)
+- [Traductions](https://docs.immich.app/developer/translations)
 - [Contribution](https://docs.immich.app/overview/support-the-project)

-## Documentation
-
-Vous pouvez trouver la documentation principale ainsi que les guides d'installation sur https://immich.app/.
-
 ## Démo

 Vous pouvez accéder à la démo en ligne sur https://demo.immich.app. Pour l'application mobile, vous pouvez utiliser `https://demo.immich.app` dans le champ `URL du point d'accès au serveur`
@@ -38,12 +38,9 @@
  <a href="README_th_TH.md">ภาษาไทย</a>
 </p>

-## Avvertenze
-
- ⚠️ Il progetto è in fase di sviluppo **molto attivo**.  
- ⚠️ Possono esserci bug o cambiamenti radicali, che possono non essere retrocompatibili (breaking changes).
- ⚠️ **Non usare l’app come unico modo per archiviare le tue foto e i tuoi video.**  
- ⚠️ Segui sempre la regola di backup [3-2-1](https://www.backblaze.com/blog/the-3-2-1-backup-strategy/) per proteggere i tuoi ricordi e le foto a cui tieni!  
+> [!WARNING]
+> ⚠️ Segui sempre la regola di backup [3-2-1](https://www.backblaze.com/blog/the-3-2-1-backup-strategy/) per proteggere i tuoi ricordi e le foto a cui tieni!
+>

 > [!NOTE]  
 > La documentazione principale, comprese le guide all’installazione, si trova su https://immich.app/.  
@@ -36,27 +36,24 @@
  <a href="README_th_TH.md">ภาษาไทย</a>
 </p>

-## 免責事項
+> [!WARNING]
+> ⚠️ 大切な写真やビデオは、常に [3-2-1](https://www.backblaze.com/blog/the-3-2-1-backup-strategy/) のバックアッププランに従ってください！
+>

- ⚠️ このプロジェクトは **非常に活発に** 開発中です。
- ⚠️ バグの存在や変更が入ることも予想されます。
- ⚠️ **写真やビデオを保存する唯一の方法としてこのアプリを使用しないでください。**
- ⚠️ 大切な写真やビデオは、常に [3-2-1](https://www.backblaze.com/blog/the-3-2-1-backup-strategy/) のバックアッププランに従ってください！
+> [!NOTE]
+> インストールガイドを含む主なドキュメントは、https://immich.app/ です。

 ## コンテンツ

- [公式ドキュメント](https://docs.immich.app)
- [ロードマップ](https://github.com/orgs/immich-app/projects/1)
- [デモ](#デモ)
- [機能](#機能)
+- [公式ドキュメント](https://docs.immich.app/)
 - [紹介](https://docs.immich.app/overview/introduction)
 - [インストール](https://docs.immich.app/install/requirements)
+- [ロードマップ](https://immich.app/roadmap)
+- [デモ](#デモ)
+- [機能](#機能)
+- [翻訳](https://docs.immich.app/developer/translations)
 - [コントリビューションガイド](https://docs.immich.app/overview/support-the-project)

-## ドキュメント
-
-インストールガイドを含む主なドキュメントは、https://immich.app/ です。
-
 ## デモ

 web デモは https://demo.immich.app からアクセスできます。モバイルアプリの場合、`Server Endpoint URL` には `https://demo.immich.app` を使用することができます
@@ -39,12 +39,9 @@

 </p>

-## 주의 사항
-
- ⚠️ 이 프로젝트는 **매우 활발하게** 개발 중입니다.
- ⚠️ 버그와 잦은 변경 사항이 있을 것으로 예상됩니다.
- ⚠️ **사진과 동영상을 이 앱에만 단독으로 저장하지 마세요.**
- ⚠️ 중요한 사진과 동영상을 위해 항상 [3-2-1](https://www.backblaze.com/blog/the-3-2-1-backup-strategy/) 백업 계획을 따르세요!
+> [!WARNING]
+> ⚠️ 중요한 사진과 동영상을 위해 항상 [3-2-1](https://www.backblaze.com/blog/the-3-2-1-backup-strategy/) 백업 계획을 따르세요!
+>

 > [!NOTE]
 > 설치하는 방법을 포함한 주요 문서는 https://immich.app/ 에서 확인할 수 있습니다.
@@ -57,7 +54,7 @@
 - [로드맵](https://immich.app/roadmap)
 - [데모](#데모)
 - [기능](#기능)
- [번역](https://docs.immich.app/developer/tranlations)
+- [번역](https://docs.immich.app/developer/translations)
 - [기여](https://docs.immich.app/overview/support-the-project)

 ## 데모
@@ -37,27 +37,24 @@
  <a href="README_th_TH.md">ภาษาไทย</a>
 </p>

-## Disclaimer
+> [!WARNING]
+> ⚠️ Volg altijd het [3-2-1](https://www.backblaze.com/blog/the-3-2-1-backup-strategy/) backup plan voor je kostbare foto's en video's!
+>

- ⚠️ Het project wordt momenteel **zeer actief** ontwikkeld.
- ⚠️ Verwacht bugs en ingrijpende wijzigingen.
- ⚠️ **Gebruik de app niet als de enige manier om uw foto's en video's op te slaan.**
- ⚠️ Volg altijd het [3-2-1](https://www.backblaze.com/blog/the-3-2-1-backup-strategy/) backup plan voor je kostbare foto's en video's!
+> [!NOTE]
+> De belangrijkste documentatie, inclusief installatie handleidingen, zijn te vinden op https://immich.app/.

 ## Inhoud

- [Officiële documentatie](https://docs.immich.app)
- [Toekomstplannen](https://github.com/orgs/immich-app/projects/1)
- [Demo](#demo)
- [Functies](#functies)
+- [Officiële documentatie](https://docs.immich.app/)
 - [Introductie](https://docs.immich.app/overview/introduction)
 - [Installatie](https://docs.immich.app/install/requirements)
+- [Toekomstplannen](https://immich.app/roadmap)
+- [Demo](#demo)
+- [Functies](#functies)
+- [Vertalingen](https://docs.immich.app/developer/translations)
 - [Richtlijnen voor bijdragen](https://docs.immich.app/overview/support-the-project)

-## Documentatie
-
-De belangrijkste documentatie, inclusief installatie handleidingen, zijn te vinden op https://immich.app/.
-
 ## Demo

 Je kunt de demo [hier](https://demo.immich.app/) bekijken. Voor de mobiele app kun je gebruik maken van `https://demo.immich.app` voor de `Server Endpoint URL`.
@@ -40,16 +40,9 @@

 </p>

-## Avisos
-
- ⚠️ Este projeto está sob **desenvolvimento constante**.
- ⚠️ Podem ocorrer bugs e _breaking changes_ (alterações que quebram a
-  compatibilidade com versões anteriores).
- ⚠️ **Não use esta solução como a única forma de fazer backup das suas fotos e
-  vídeos.**
- ⚠️ Sempre siga o plano
-  [3-2-1](https://www.backblaze.com/blog/the-3-2-1-backup-strategy/) de backup
-  para as suas mídias preciosas!
+> [!WARNING]
+> ⚠️ Sempre siga o plano [3-2-1](https://www.backblaze.com/blog/the-3-2-1-backup-strategy/) de backup para as suas mídias preciosas!
+>

 > [!NOTE]
 > Você pode encontrar a documentação principal, incluindo guias de instalação, em https://immich.app/.
@@ -39,13 +39,9 @@
  <a href="README_th_TH.md">ภาษาไทย</a>
 </p>

-## Предупреждение
-
- ⚠️ Этот проект находится **в очень активной** разработке.
- ⚠️ Ожидайте недоработки и глобальные изменения.
- ⚠️ **Не используйте это приложение как единственное хранилище своих фото и видео.**
- ⚠️ Всегда следуйте [плану резервного копирования «3-2-1»](https://www.backblaze.com/blog/the-3-2-1-backup-strategy/ "Стратегии резервного копирования: Почему стратегия резервного копирования «3-2-1» — лучшая") для ваших драгоценных фотографий и видео!
-
+> [!WARNING]
+> ⚠️ Всегда следуйте [плану резервного копирования «3-2-1»](https://www.backblaze.com/blog/the-3-2-1-backup-strategy/) для ваших драгоценных фотографий и видео!
+>

 > [!NOTE]
 > Инструкции по установке и документация по ссылке https://immich.app/
@@ -55,7 +51,7 @@
 - [Официальная документация](https://docs.immich.app)
 - [Введение](https://docs.immich.app/overview/introduction)
 - [Установка](https://docs.immich.app/install/requirements)
- [План разработки](https://github.com/orgs/immich-app/projects/1)
+- [План разработки](https://immich.app/roadmap)
 - [Демо](#demo)
 - [Возможности](#features)
 - [Перевод](https://docs.immich.app/developer/translations)
@@ -38,27 +38,24 @@
  <a href="README_th_TH.md">ภาษาไทย</a>
 </p>

-## Ansvarsfriskrivning
+> [!WARNING]
+> ⚠️ Tillämpa alltid [3-2-1](https://www.backblaze.com/blog/the-3-2-1-backup-strategy/)-strategin för säkerhetskopiering av dina foton och videor!
+>

- ⚠️ Projektet är under **mycket aktiv** utveckling.
- ⚠️ Förvänta dig buggar och brytande förändringar.
- ⚠️ **Använd inte appen som enda lagringssätt för dina foton och videor.**
- ⚠️ Tillämpa alltid [3-2-1](https://www.backblaze.com/blog/the-3-2-1-backup-strategy/)-strategin för säkerhetskopiering av dina foton och videor!
+> [!NOTE]
+> Dokumentation och installationsguider hittas på https://immich.app/.

 ## Innehåll

- [Officiell Dokumentation](https://docs.immich.app)
- [Roadmap](https://github.com/orgs/immich-app/projects/1)
- [Demo](#demo)
- [Funktioner](#features)
+- [Officiell Dokumentation](https://docs.immich.app/)
 - [Introduktion](https://docs.immich.app/overview/introduction)
 - [Installation](https://docs.immich.app/install/requirements)
+- [Roadmap](https://immich.app/roadmap)
+- [Demo](#demo)
+- [Funktioner](#funktioner)
+- [Översättningar](https://docs.immich.app/developer/translations)
 - [Riktlinjer för Bidrag](https://docs.immich.app/overview/support-the-project)

-## Dokumentation
-
-Dokumentation och installationsguider hittas på https://imiich.app/.
-
 ## Demo

 Ett webb-demo finns att testa på https://demo.immich.app. Använd `https://demo.immich.app` i mobilappen som `Server Endpoint URL`
@@ -37,26 +37,24 @@
  <a href="README_th_TH.md">ภาษาไทย</a>
 </p>

-## Feragatname
+> [!WARNING]
+> ⚠️ Always follow [3-2-1](https://www.backblaze.com/blog/the-3-2-1-backup-strategy/) backup plan for your precious photos and videos!
+>

- ⚠️ Proje **çok aktif** bir şekilde geliştirilmektedir.
- ⚠️ Hatalar ve uygulama yapısını bozan değişiklikler olabilir.
- ⚠️ **Uygulamayı, fotoğraflarınızı ve videolarınızı saklamanın tek yöntemi olarak kullanmayın!**
+> [!NOTE]
+> Kurulum dahil olmak üzere resmi belgeleri https://immich.app/ adresinde bulabilirsiniz.

-## Content
+## Bağlantılar

- [Resmi Belgeler](https://docs.immich.app)
- [Yol Haritası](https://github.com/orgs/immich-app/projects/1)
- [Demo](#demo)
- [Özellikler](#özellikler)
+- [Resmi Belgeler](https://docs.immich.app/)
 - [Giriş](https://docs.immich.app/overview/introduction)
 - [Kurulum](https://docs.immich.app/install/requirements)
+- [Yol Haritası](https://immich.app/roadmap)
+- [Demo](#demo)
+- [Özellikler](#özellikler)
+- [Çeviriler](https://docs.immich.app/developer/translations)
 - [Katkı Sağlama Rehberi](https://docs.immich.app/overview/support-the-project)

-## Belgeler
-
-Kurulum dahil olmak üzere resmi belgeleri https://immich.app/ adresinde bulabilirsiniz.
-
 ## Demo

 Web demo adresi: https://demo.immich.app. Mobil uygulama için `Server Endpoint URL` olarak `https://demo.immich.app` adresini kullanabilirsiniz.
@@ -39,12 +39,9 @@
  <a href="README_th_TH.md">ภาษาไทย</a>
 </p>

-## Застереження
-
- ⚠️ Цей проєкт перебуває **в дуже активній** розробці.
- ⚠️ Очікуйте безліч помилок і глобальних змін.
- ⚠️ **Не використовуйте цей застосунок як єдине сховище своїх фото та відео.**
- ⚠️ Завжди дотримуйтесь [плану резервного копіювання 3-2-1](https://www.backblaze.com/blog/the-3-2-1-backup-strategy/) для ваших дорогоцінних фотографій та відео!
+> [!WARNING]
+> ⚠️ Завжди дотримуйтесь [плану резервного копіювання 3-2-1](https://www.backblaze.com/blog/the-3-2-1-backup-strategy/) для ваших дорогоцінних фотографій та відео!
+>

 > [!NOTE]
 > Основну документацію, зокрема посібники зі встановлення, можна знайти за адресою https://immich.app/.
@@ -41,12 +41,9 @@

 </p>

-## Tuyên bố miễn trừ trách nhiệm
-
- ⚠️ Dự án đang được phát triển **rất tích cực**.
- ⚠️ Dự kiến sẽ có lỗi và thay đổi đột ngột.
- ⚠️ **Không sử dụng ứng dụng như là cách duy nhất để lưu trữ ảnh và video của bạn.**
- ⚠️ Luôn tuân thủ kế hoạch sao lưu [3-2-1](https://www.backblaze.com/blog/the-3-2-1-backup-strategy/) cho những bức ảnh và video quý giá của bạn!
+> [!WARNING]
+> ⚠️ Luôn tuân thủ kế hoạch sao lưu [3-2-1](https://www.backblaze.com/blog/the-3-2-1-backup-strategy/) cho những bức ảnh và video quý giá của bạn!
+>

 > [!NOTE]
 > Bạn có thể tìm thấy tài liệu chính, bao gồm hướng dẫn cài đặt, tại https://immich.app/.
@@ -43,12 +43,9 @@

 </p>

-## 免责声明
-
- ⚠️ 本项目正在 **非常活跃** 地开发中。
- ⚠️ 可能存在 bug 或者随时有重大变更。
- ⚠️ **不要把本软件作为您存储照片或视频的唯一方式。**
- ⚠️ 为了您宝贵的照片与视频，请始终遵守 [3-2-1](https://www.backblaze.com/blog/the-3-2-1-backup-strategy/) 备份方案！
+> [!WARNING]
+> ⚠️ 为了您宝贵的照片与视频，请始终遵守 [3-2-1](https://www.backblaze.com/blog/the-3-2-1-backup-strategy/) 备份方案！
+>

 > [!NOTE]
 > 完整的项目文档以及安装教程请参见：<https://immich.app/>。
@@ -37,7 +37,7 @@
  },
  "dependencies": {
    "@extism/extism": "2.0.0-rc13",
-    "@immich/sql-tools": "^0.5.1",
+    "@immich/sql-tools": "^0.5.2",
    "@nestjs/bullmq": "^11.0.1",
    "@nestjs/common": "^11.0.4",
    "@nestjs/core": "^11.0.4",
@@ -11,6 +11,7 @@ import {
  GetAlbumsDto,
  UpdateAlbumDto,
  UpdateAlbumUserDto,
+  UpdateSharingPermissionsDto as UpdateSharingOptionsDto,
 } from 'src/dtos/album.dto';
 import { BulkIdResponseDto, BulkIdsDto } from 'src/dtos/asset-ids.response.dto';
 import { AuthDto } from 'src/dtos/auth.dto';
@@ -165,6 +166,33 @@ export class AlbumController {
    return this.service.addUsers(auth, id, dto);
  }

+  @Get(':id/user/self')
+  @Authenticated({ permission: Permission.AlbumAssetCreate })
+  @Endpoint({
+    summary: 'Get own sharing permissions',
+    description: 'Get the own sharing permissions in a specific album.',
+    history: new HistoryBuilder().added('v3').stable('v3'),
+  })
+  getOwnAlbumUser(@Auth() auth: AuthDto, @Param() { id }: UUIDParamDto) {
+    return this.service.getSelf(auth, id);
+  }
+
+  @Put(':id/user/self')
+  @Authenticated({ permission: Permission.AlbumAssetCreate })
+  @HttpCode(HttpStatus.NO_CONTENT)
+  @Endpoint({
+    summary: 'Update own sharing permissions',
+    description: 'Change the own sharing permissions in a specific album.',
+    history: new HistoryBuilder().added('v3').stable('v3'),
+  })
+  updateOwnAlbumUser(
+    @Auth() auth: AuthDto,
+    @Param() { id }: UUIDParamDto,
+    @Body() dto: UpdateSharingOptionsDto,
+  ): Promise<void> {
+    return this.service.updateSelf(auth, id, dto);
+  }
+
  @Put(':id/user/:userId')
  @Authenticated({ permission: Permission.AlbumUserUpdate })
  @HttpCode(HttpStatus.NO_CONTENT)
@@ -19,7 +19,7 @@ import { BulkIdResponseDto, BulkIdsDto } from 'src/dtos/asset-ids.response.dto';
 import { AuthDto } from 'src/dtos/auth.dto';
 import {
  AssetFaceUpdateDto,
-  MergePersonDto,
+  MergeFaceClusterDto,
  PeopleResponseDto,
  PeopleUpdateDto,
  PersonCreateDto,
@@ -182,7 +182,7 @@ export class PersonController {
  mergePerson(
    @Auth() auth: AuthDto,
    @Param() { id }: UUIDParamDto,
-    @Body() dto: MergePersonDto,
+    @Body() dto: MergeFaceClusterDto,
  ): Promise<BulkIdResponseDto[]> {
    return this.service.mergePerson(auth, id, dto);
  }
@@ -11,6 +11,7 @@ import {
  PluginContext,
  PluginTriggerType,
  SharedLinkType,
+  SharingPermission,
  SourceType,
  UserAvatarColor,
  UserStatus,
@@ -213,6 +214,7 @@ export type Partner = {
  updatedAt: Date;
  updateId: string;
  inTimeline: boolean;
+  permissions: SharingPermission[];
 };

 export type Place = {
@@ -256,6 +258,7 @@ export type Person = {
  faceAssetId: string | null;
  isHidden: boolean;
  thumbnailPath: string;
+  faceClusterId: string | null;
 };

 export type AssetFace = {
@@ -268,7 +271,7 @@ export type AssetFace = {
  boundingBoxY2: number;
  imageHeight: number;
  imageWidth: number;
-  personId: string | null;
+  faceClusterId: string | null;
  sourceType: SourceType;
  person?: ShallowDehydrateObject<Person> | null;
  updatedAt: Date;
@@ -3,8 +3,8 @@ import { createZodDto } from 'nestjs-zod';
 import { AlbumUser, AuthSharedLink } from 'src/database';
 import { BulkIdErrorReasonSchema } from 'src/dtos/asset-ids.response.dto';
 import { MapAsset } from 'src/dtos/asset-response.dto';
-import { UserResponseSchema, mapUser } from 'src/dtos/user.dto';
-import { AlbumUserRole, AlbumUserRoleSchema, AssetOrder, AssetOrderSchema } from 'src/enum';
+import { mapUser, UserResponseSchema } from 'src/dtos/user.dto';
+import { AlbumUserRole, AlbumUserRoleSchema, AssetOrder, AssetOrderSchema, SharingPermissionSchema } from 'src/enum';
 import { MaybeDehydrated } from 'src/types';
 import { asDateString } from 'src/utils/date';
 import { stringToBool } from 'src/validation';
@@ -63,6 +63,14 @@ const UpdateAlbumSchema = z
  })
  .meta({ id: 'UpdateAlbumDto' });

+const UpdateSharingOptionsSchema = z
+  .object({ inTimeline: z.boolean(), permissions: z.array(SharingPermissionSchema) })
+  .meta({ id: 'UpdateSharingOptionsDto' });
+
+const SharingOptionsResponseSchema = z
+  .object({ inTimeline: z.boolean(), permissions: z.array(SharingPermissionSchema) })
+  .meta({ id: 'SharingOptionsResponseDto' });
+
 const GetAlbumsSchema = z
  .object({
    isOwned: stringToBool
@@ -147,6 +155,8 @@ export class UpdateAlbumDto extends createZodDto(UpdateAlbumSchema) {}
 export class GetAlbumsDto extends createZodDto(GetAlbumsSchema) {}
 export class AlbumStatisticsResponseDto extends createZodDto(AlbumStatisticsResponseSchema) {}
 export class UpdateAlbumUserDto extends createZodDto(UpdateAlbumUserSchema) {}
+export class UpdateSharingPermissionsDto extends createZodDto(UpdateSharingOptionsSchema) {}
+export class SharingPermissionsResponseDto extends createZodDto(SharingOptionsResponseSchema) {}
 export class AlbumResponseDto extends createZodDto(AlbumResponseSchema) {}
 class AlbumUserResponseDto extends createZodDto(AlbumUserResponseSchema) {}

@@ -15,6 +15,8 @@ import {
  AssetVisibility,
  AssetVisibilitySchema,
  ChecksumAlgorithm,
+  SharingPermission,
+  SharingPermissionSchema,
 } from 'src/enum';
 import { MaybeDehydrated } from 'src/types';
 import { hexOrBufferToBase64 } from 'src/utils/bytes';
@@ -45,6 +47,7 @@ const SanitizedAssetResponseSchema = z
    hasMetadata: z.boolean().describe('Whether asset has metadata'),
    width: z.int().min(0).nullable().describe('Asset width'),
    height: z.int().min(0).nullable().describe('Asset height'),
+    permissions: z.array(SharingPermissionSchema),
  })
  .meta({ id: 'SanitizedAssetResponseDto' });

@@ -113,6 +116,7 @@ export const AssetResponseSchema = SanitizedAssetResponseSchema.extend(
      .boolean()
      .describe('Is edited')
      .meta(new HistoryBuilder().added('v2.5.0').beta('v2.5.0').getExtensions()),
+    permissions: z.array(SharingPermissionSchema),
  }).shape,
 ).meta({ id: 'AssetResponseDto' });

@@ -154,6 +158,7 @@ export type MapAsset = {
  width: number | null;
  height: number | null;
  isEdited: boolean;
+  permissions?: { permission: SharingPermission }[];
 };

 export type AssetMapOptions = {
@@ -192,8 +197,16 @@ const mapStack = (entity: { stack?: Stack | null }) => {

 export function mapAsset(entity: MaybeDehydrated<MapAsset>, options: AssetMapOptions = {}): AssetResponseDto {
  const { stripMetadata = false, withStack = false } = options;
+  const permissions =
+    options.auth?.user.id === entity.ownerId
+      ? [SharingPermission.All]
+      : (entity.permissions?.map(({ permission }) => permission) ?? []);

-  if (stripMetadata) {
+  if (
+    stripMetadata ||
+    (entity.permissions &&
+      !(permissions.includes(SharingPermission.All) || permissions.includes(SharingPermission.ExifRead)))
+  ) {
    const sanitizedAssetResponse: SanitizedAssetResponseDto = {
      id: entity.id,
      type: entity.type,
@@ -205,6 +218,7 @@ export function mapAsset(entity: MaybeDehydrated<MapAsset>, options: AssetMapOpt
      hasMetadata: false,
      width: entity.width,
      height: entity.height,
+      permissions,
    };
    return sanitizedAssetResponse as AssetResponseDto;
  }
@@ -242,5 +256,6 @@ export function mapAsset(entity: MaybeDehydrated<MapAsset>, options: AssetMapOpt
    width: entity.width,
    height: entity.height,
    isEdited: entity.isEdited,
+    permissions,
  };
 }
@@ -40,11 +40,11 @@ const PeopleUpdateSchema = z
  })
  .meta({ id: 'PeopleUpdateDto' });

-const MergePersonSchema = z
+const MergeFaceClusterSchema = z
  .object({
-    ids: z.array(z.uuidv4()).describe('Person IDs to merge'),
+    ids: z.array(z.uuidv4()).describe('Face cluster IDs to merge'),
  })
-  .meta({ id: 'MergePersonDto' });
+  .meta({ id: 'MergeFaceClusterDto' });

 const PersonSearchSchema = z
  .object({
@@ -81,13 +81,14 @@ export const PersonResponseSchema = z
      .optional()
      .describe('Person color (hex)')
      .meta(new HistoryBuilder().added('v1.126.0').stable('v2').getExtensions()),
+    faceClusterId: z.string().nullable().describe('Face cluster ID'),
  })
  .meta({ id: 'PersonResponseDto' });

 export class PersonCreateDto extends createZodDto(PersonCreateSchema) {}
 export class PersonUpdateDto extends createZodDto(PersonUpdateSchema) {}
 export class PeopleUpdateDto extends createZodDto(PeopleUpdateSchema) {}
-export class MergePersonDto extends createZodDto(MergePersonSchema) {}
+export class MergeFaceClusterDto extends createZodDto(MergeFaceClusterSchema) {}
 export class PersonSearchDto extends createZodDto(PersonSearchSchema) {}
 export class PersonResponseDto extends createZodDto(PersonResponseSchema) {}

@@ -179,6 +180,7 @@ export function mapPerson(person: MaybeDehydrated<Person>): PersonResponseDto {
    isFavorite: person.isFavorite,
    color: person.color ?? undefined,
    updatedAt: asDateString(person.updatedAt),
+    faceClusterId: person.faceClusterId,
  };
 }

@@ -374,10 +374,13 @@ const SyncAssetFaceV1Schema = z
  })
  .meta({ id: 'SyncAssetFaceV1' });

-const SyncAssetFaceV2Schema = SyncAssetFaceV1Schema.extend({
-  deletedAt: isoDatetimeToDate.nullable().describe('Face deleted at'),
-  isVisible: z.boolean().describe('Is the face visible in the asset'),
-}).meta({ id: 'SyncAssetFaceV2' });
+const SyncAssetFaceV2Schema = SyncAssetFaceV1Schema.omit({ personId: true })
+  .extend({
+    deletedAt: isoDatetimeToDate.nullable().describe('Face deleted at'),
+    isVisible: z.boolean().describe('Is the face visible in the asset'),
+    faceClusterId: z.string().nullable().describe('Person ID'),
+  })
+  .meta({ id: 'SyncAssetFaceV2' });

 const SyncAssetFaceDeleteV1Schema = z
  .object({ assetFaceId: z.string().describe('Asset face ID') })
@@ -306,6 +306,28 @@ export enum Permission {
  AdminAuthUnlinkAll = 'adminAuth.unlinkAll',
 }

+export enum SharingPermission {
+  All = 'all',
+
+  AssetRead = 'asset.read',
+  AssetUpdate = 'asset.update',
+  AssetEdit = 'asset.edit',
+  AssetDelete = 'asset.delete',
+  AssetShare = 'asset.share',
+
+  ExifRead = 'exif.read',
+
+  PersonRead = 'person.read',
+  PersonUpdate = 'person.update',
+  PersonMerge = 'person.merge',
+  PersonDelete = 'person.delete',
+}
+
+export const SharingPermissionSchema = z
+  .enum(SharingPermission)
+  .describe('Sharing permission schema')
+  .meta({ id: 'SharingPermission' });
+
 export enum SharedLinkType {
  Album = 'ALBUM',

@@ -404,6 +426,7 @@ export enum ManualJobName {
  MemoryCleanup = 'memory-cleanup',
  MemoryCreate = 'memory-create',
  BackupDatabase = 'backup-database',
+  PersonGroupMerge = 'person-group-merge',
 }

 export const ManualJobNameSchema = z.enum(ManualJobName).describe('Manual job name').meta({ id: 'ManualJobName' });
@@ -810,6 +833,7 @@ export enum JobName {

  FacialRecognitionQueueAll = 'FacialRecognitionQueueAll',
  FacialRecognition = 'FacialRecognition',
+  FacialRecognitionMerge = 'FacialRecognitionMerge',

  FileDelete = 'FileDelete',
  FileMigrationQueueAll = 'FileMigrationQueueAll',
@@ -149,6 +149,40 @@ where
    "albumAssets"."livePhotoVideoId"
  ] && array[$2]::uuid[]

+-- AccessRepository.asset.checkSharedAccess
+select
+  "album_asset"."assetId"
+from
+  "album_asset"
+  inner join "album_user" on "album_asset"."albumId" = "album_user"."albumId"
+  and "album_user"."userId" = $1
+where
+  "album_asset"."assetId" in ($2)
+  and "album_asset"."albumId" in (
+    select
+      "album_user"."albumId"
+    from
+      "album_user"
+    where
+      (
+        "album_user"."permissions" @> $3::sharing_permission_enum[]
+        or $4 = any ("album_user"."permissions")
+      )
+  )
+union
+select
+  "asset"."id" as "assetId"
+from
+  "partner"
+  inner join "asset" on "asset"."ownerId" = "partner"."sharedById"
+  and "asset"."id" in ($5)
+where
+  "partner"."sharedWithId" = $6
+  and (
+    "partner"."permissions" @> $7::sharing_permission_enum[]
+    or $8 = any ("partner"."permissions")
+  )
+
 -- AccessRepository.authDevice.checkOwnerAccess
 select
  "session"."id"
@@ -182,18 +182,25 @@ select
    from
      (
        select
-          "asset_face".*,
-          "person" as "person"
+          (
+            select
+              to_json(obj)
+            from
+              (
+                select
+                  "person".*
+                from
+                  "face_cluster"
+                  inner join "person" on "person"."faceClusterId" = "face_cluster"."id"
+                where
+                  "face_cluster"."id" = "asset_face"."faceClusterId"
+                limit
+                  $1
+              ) as obj
+          ) as "person",
+          "asset_face".*
        from
          "asset_face"
-          left join lateral (
-            select
-              "person".*
-            from
-              "person"
-            where
-              "asset_face"."personId" = "person"."id"
-          ) as "person" on true
        where
          "asset_face"."assetId" = "asset"."id"
          and "asset_face"."deletedAt" is null
@@ -224,7 +231,7 @@ from
  "asset"
  left join "asset_exif" on "asset"."id" = "asset_exif"."assetId"
 where
-  "asset"."id" = any ($1::uuid[])
+  "asset"."id" = any ($2::uuid[])

 -- AssetRepository.deleteAll
 delete from "asset"
@@ -290,13 +297,44 @@ limit

 -- AssetRepository.getById
 select
-  "asset".*
+  "asset".*,
+  (
+    select
+      coalesce(json_agg(agg), '[]')
+    from
+      (
+        select distinct
+          unnest("album_user"."permissions") as "permission"
+        from
+          "album_user"
+          inner join "album_asset" on "album_user"."albumId" = "album_asset"."albumId"
+        where
+          "album_asset"."assetId" = "asset"."id"
+          and "album_user"."userId" = "asset"."ownerId"
+          and "album_user"."albumId" in (
+            select
+              "album_user"."albumId"
+            from
+              "album_user"
+            where
+              "album_user"."userId" = $1
+          )
+        union
+        select distinct
+          unnest("partner"."permissions") as "permission"
+        from
+          "partner"
+        where
+          "partner"."sharedById" = "asset"."ownerId"
+          and "partner"."sharedWithId" = $2
+      ) as agg
+  ) as "permissions"
 from
  "asset"
 where
-  "asset"."id" = $1::uuid
+  "asset"."id" = $3::uuid
 limit
-  $2
+  $4

 -- AssetRepository.updateAll
 update "asset"
@@ -47,7 +47,7 @@ select
              $1 as "one"
            from
              "asset_face"
-              inner join "person" on "person"."id" = "asset_face"."personId"
+              inner join "person" on "person"."faceClusterId" = "asset_face"."faceClusterId"
            where
              "asset_face"."assetId" = "asset"."id"
              and "person"."isHidden" = $2
@@ -86,7 +86,7 @@ select
              $1 as "one"
            from
              "asset_face"
-              inner join "person" on "person"."id" = "asset_face"."personId"
+              inner join "person" on "person"."faceClusterId" = "asset_face"."faceClusterId"
            where
              "asset_face"."assetId" = "asset"."id"
              and "person"."isHidden" = $2
@@ -3,9 +3,6 @@
 -- PersonRepository.reassignFaces
 update "asset_face"
 set
-  "personId" = $1
-where
-  "asset_face"."personId" = $2

 -- PersonRepository.delete
 delete from "person"
@@ -24,27 +21,64 @@ limit
  3

 -- PersonRepository.getAllForUser
-select
-  "person".*
+select distinct
+  on ("person"."faceClusterId") "person".*
 from
  "person"
-  inner join "asset_face" on "asset_face"."personId" = "person"."id"
+  inner join "asset_face" on "asset_face"."faceClusterId" = "person"."faceClusterId"
  inner join "asset" on "asset_face"."assetId" = "asset"."id"
  and "asset"."visibility" = 'timeline'
  and "asset"."deletedAt" is null
 where
-  "person"."ownerId" = $1
+  (
+    "person"."ownerId" = $1
+    or (
+      exists (
+        select
+        from
+          "partner"
+        where
+          "partner"."sharedById" = "person"."ownerId"
+          and "partner"."sharedWithId" = $2
+          and (
+            $3 = any ("partner"."permissions")
+            or "partner"."permissions" @> $4
+          )
+      )
+      or exists (
+        select
+        from
+          "album_user"
+        where
+          "album_user"."albumId" in (
+            select
+              "album_user"."albumId"
+            from
+              "album_user"
+            where
+              "album_user"."userId" = $5
+          )
+          and "album_user"."userId" = "person"."ownerId"
+          and (
+            $6 = any ("album_user"."permissions")
+            or "album_user"."permissions" @> $7
+          )
+      )
+    )
+  )
  and "asset_face"."deletedAt" is null
  and "asset_face"."isVisible" is true
-  and "person"."isHidden" = $2
+  and "person"."isHidden" = $8
 group by
  "person"."id"
 having
  (
-    "person"."name" != $3
-    or count("asset_face"."assetId") >= $4
+    "person"."name" != $9
+    or count("asset_face"."assetId") >= $10
  )
 order by
+  "person"."faceClusterId",
+  "person"."ownerId" = $11 desc,
  "person"."isHidden" asc,
  "person"."isFavorite" desc,
  NULLIF(person.name, '') is null asc,
@@ -52,16 +86,16 @@ order by
  NULLIF(person.name, '') asc nulls last,
  "person"."createdAt"
 limit
-  $5
+  $12
 offset
-  $6
+  $13

 -- PersonRepository.getAllWithoutFaces
 select
  "person".*
 from
  "person"
-  left join "asset_face" on "asset_face"."personId" = "person"."id"
+  left join "asset_face" on "asset_face"."faceClusterId" = "person"."faceClusterId"
 where
  "asset_face"."deletedAt" is null
  and "asset_face"."isVisible" is true
@@ -72,20 +106,7 @@ having

 -- PersonRepository.getFaces
 select
-  "asset_face".*,
-  (
-    select
-      to_json(obj)
-    from
-      (
-        select
-          "person".*
-        from
-          "person"
-        where
-          "person"."id" = "asset_face"."personId"
-      ) as obj
-  ) as "person"
+  "asset_face".*
 from
  "asset_face"
 where
@@ -108,19 +129,30 @@ select
        from
          "person"
        where
-          "person"."id" = "asset_face"."personId"
+          "person"."faceClusterId" = "asset_face"."faceClusterId"
+        order by
+          "person"."ownerId" = (
+            select
+              "asset"."ownerId"
+            from
+              "asset"
+            where
+              "asset"."id" = "asset_face"."assetId"
+          ) desc
+        limit
+          $1
      ) as obj
  ) as "person"
 from
  "asset_face"
 where
-  "asset_face"."id" = $1
+  "asset_face"."id" = $2
  and "asset_face"."deletedAt" is null

 -- PersonRepository.getFaceForFacialRecognitionJob
 select
  "asset_face"."id",
-  "asset_face"."personId",
+  "asset_face"."faceClusterId",
  "asset_face"."sourceType",
  (
    select
@@ -190,7 +222,7 @@ where
 -- PersonRepository.reassignFace
 update "asset_face"
 set
-  "personId" = $1
+  "faceClusterId" = $1
 where
  "asset_face"."id" = $2

@@ -209,9 +241,10 @@ where
  "person"."ownerId" = $1
  and f_unaccent ("person"."name") %> f_unaccent ($2)
 order by
-  f_unaccent ("person"."name") <->>> f_unaccent ($3)
+  f_unaccent ("person"."name") <->>> f_unaccent ($3),
+  "person"."ownerId" = $4 desc
 limit
-  $4
+  $5

 -- PersonRepository.getDistinctNames
 select distinct
@@ -234,9 +267,45 @@ from
  and "asset"."visibility" = 'timeline'
  and "asset"."deletedAt" is null
 where
-  "asset_face"."deletedAt" is null
+  (
+    "asset"."ownerId" = $1
+    or exists (
+      select
+      from
+        "partner"
+      where
+        "partner"."sharedById" = "asset"."ownerId"
+        and "partner"."sharedWithId" = $2
+        and (
+          $3 = any ("partner"."permissions")
+          or "partner"."permissions" @> $4
+        )
+    )
+    or exists (
+      select
+      from
+        "album_asset"
+        inner join "album_user" on "album_user"."albumId" = "album_asset"."albumId"
+        and "album_user"."userId" = $5
+      where
+        "album_asset"."assetId" = "asset"."id"
+        and "album_user"."albumId" in (
+          select
+            "album_user"."albumId"
+          from
+            "album_user"
+          where
+            "album_user"."userId" = "asset"."ownerId"
+            and (
+              $6 = any ("album_user"."permissions")
+              or "album_user"."permissions" @> $7
+            )
+        )
+    )
+  )
+  and "asset_face"."deletedAt" is null
  and "asset_face"."isVisible" is true
-  and "asset_face"."personId" = $1
+  and "asset_face"."faceClusterId" = $8

 -- PersonRepository.getNumberOfPeople
 select
@@ -256,7 +325,7 @@ where
    from
      "asset_face"
    where
-      "asset_face"."personId" = "person"."id"
+      "asset_face"."faceClusterId" = "person"."faceClusterId"
      and "asset_face"."deletedAt" is null
      and "asset_face"."isVisible" = $2
      and exists (
@@ -269,7 +338,42 @@ where
          and "asset"."deletedAt" is null
      )
  )
-  and "person"."ownerId" = $3
+  and (
+    "person"."ownerId" = $3
+    or (
+      exists (
+        select
+        from
+          "partner"
+        where
+          "partner"."sharedById" = "person"."ownerId"
+          and "partner"."sharedWithId" = $4
+          and (
+            $5 = any ("partner"."permissions")
+            or "partner"."permissions" @> $6
+          )
+      )
+      or exists (
+        select
+        from
+          "album_user"
+        where
+          "album_user"."albumId" in (
+            select
+              "album_user"."albumId"
+            from
+              "album_user"
+            where
+              "album_user"."userId" = $7
+          )
+          and "album_user"."userId" = "person"."ownerId"
+          and (
+            $8 = any ("album_user"."permissions")
+            or "album_user"."permissions" @> $9
+          )
+      )
+    )
+  )

 -- PersonRepository.refreshFaces
 with
@@ -299,14 +403,26 @@ select
        from
          "person"
        where
-          "person"."id" = "asset_face"."personId"
+          "person"."faceClusterId" = "asset_face"."faceClusterId"
+        order by
+          "person"."ownerId" = (
+            select
+              "asset"."ownerId"
+            from
+              "asset"
+            where
+              "asset"."id" = "asset_face"."assetId"
+          ) desc
+        limit
+          $1
      ) as obj
  ) as "person"
 from
  "asset_face"
+  inner join "person" on "person"."faceClusterId" = "asset_face"."faceClusterId"
 where
-  "asset_face"."assetId" in ($1)
-  and "asset_face"."personId" in ($2)
+  "person"."id" in ($2)
+  and "asset_face"."assetId" in ($3)
  and "asset_face"."deletedAt" is null

 -- PersonRepository.getRandomFace
@@ -315,7 +431,7 @@ select
 from
  "asset_face"
 where
-  "asset_face"."personId" = $1
+  "asset_face"."faceClusterId" = $1
  and "asset_face"."deletedAt" is null
  and "asset_face"."isVisible" is true

@@ -351,8 +467,9 @@ select
  "asset_face"."id"
 from
  "asset_face"
+  inner join "person" on "person"."faceClusterId" = "asset_face"."faceClusterId"
+  and "person"."id" = $1
  inner join "asset" on "asset"."id" = "asset_face"."assetId"
-  and "asset"."isOffline" = $1
+  and "asset"."isOffline" = $2
 where
-  "asset_face"."assetId" = $2
-  and "asset_face"."personId" = $3
+  "asset_face"."assetId" = $3
@@ -10,15 +10,52 @@ where
  "asset"."visibility" = $1
  and "asset"."fileCreatedAt" >= $2
  and "asset_exif"."lensModel" = $3
-  and "asset"."ownerId" = any ($4::uuid[])
-  and "asset"."isFavorite" = $5
+  and (
+    "asset"."ownerId" = $4
+    or exists (
+      select
+      from
+        "partner"
+      where
+        "partner"."sharedById" = "asset"."ownerId"
+        and "partner"."sharedWithId" = $5
+        and (
+          $6 = any ("partner"."permissions")
+          or "partner"."permissions" @> $7
+        )
+        and "partner"."inTimeline" = $8
+    )
+    or exists (
+      select
+      from
+        "album_asset"
+        inner join "album_user" on "album_user"."albumId" = "album_asset"."albumId"
+        and "album_user"."userId" = $9
+      where
+        "album_asset"."assetId" = "asset"."id"
+        and "album_user"."inTimeline" = $10
+        and "album_user"."albumId" in (
+          select
+            "album_user"."albumId"
+          from
+            "album_user"
+          where
+            "album_user"."userId" = "asset"."ownerId"
+            and (
+              $11 = any ("album_user"."permissions")
+              or "album_user"."permissions" @> $12
+            )
+        )
+    )
+  )
+  and "asset"."isFavorite" = $13
  and "asset"."deletedAt" is null
 order by
  "asset"."fileCreatedAt" desc
 limit
-  $6
+  $14
 offset
-  $7
+  $15

 -- SearchRepository.searchStatistics
 select
@@ -30,8 +67,45 @@ where
  "asset"."visibility" = $1
  and "asset"."fileCreatedAt" >= $2
  and "asset_exif"."lensModel" = $3
-  and "asset"."ownerId" = any ($4::uuid[])
-  and "asset"."isFavorite" = $5
+  and (
+    "asset"."ownerId" = $4
+    or exists (
+      select
+      from
+        "partner"
+      where
+        "partner"."sharedById" = "asset"."ownerId"
+        and "partner"."sharedWithId" = $5
+        and (
+          $6 = any ("partner"."permissions")
+          or "partner"."permissions" @> $7
+        )
+        and "partner"."inTimeline" = $8
+    )
+    or exists (
+      select
+      from
+        "album_asset"
+        inner join "album_user" on "album_user"."albumId" = "album_asset"."albumId"
+        and "album_user"."userId" = $9
+      where
+        "album_asset"."assetId" = "asset"."id"
+        and "album_user"."inTimeline" = $10
+        and "album_user"."albumId" in (
+          select
+            "album_user"."albumId"
+          from
+            "album_user"
+          where
+            "album_user"."userId" = "asset"."ownerId"
+            and (
+              $11 = any ("album_user"."permissions")
+              or "album_user"."permissions" @> $12
+            )
+        )
+    )
+  )
+  and "asset"."isFavorite" = $13
  and "asset"."deletedAt" is null

 -- SearchRepository.searchRandom
@@ -44,13 +118,50 @@ where
  "asset"."visibility" = $1
  and "asset"."fileCreatedAt" >= $2
  and "asset_exif"."lensModel" = $3
-  and "asset"."ownerId" = any ($4::uuid[])
-  and "asset"."isFavorite" = $5
+  and (
+    "asset"."ownerId" = $4
+    or exists (
+      select
+      from
+        "partner"
+      where
+        "partner"."sharedById" = "asset"."ownerId"
+        and "partner"."sharedWithId" = $5
+        and (
+          $6 = any ("partner"."permissions")
+          or "partner"."permissions" @> $7
+        )
+        and "partner"."inTimeline" = $8
+    )
+    or exists (
+      select
+      from
+        "album_asset"
+        inner join "album_user" on "album_user"."albumId" = "album_asset"."albumId"
+        and "album_user"."userId" = $9
+      where
+        "album_asset"."assetId" = "asset"."id"
+        and "album_user"."inTimeline" = $10
+        and "album_user"."albumId" in (
+          select
+            "album_user"."albumId"
+          from
+            "album_user"
+          where
+            "album_user"."userId" = "asset"."ownerId"
+            and (
+              $11 = any ("album_user"."permissions")
+              or "album_user"."permissions" @> $12
+            )
+        )
+    )
+  )
+  and "asset"."isFavorite" = $13
  and "asset"."deletedAt" is null
 order by
  random()
 limit
-  $6
+  $14

 -- SearchRepository.searchLargeAssets
 select
@@ -63,14 +174,51 @@ where
  "asset"."visibility" = $1
  and "asset"."fileCreatedAt" >= $2
  and "asset_exif"."lensModel" = $3
-  and "asset"."ownerId" = any ($4::uuid[])
-  and "asset"."isFavorite" = $5
+  and (
+    "asset"."ownerId" = $4
+    or exists (
+      select
+      from
+        "partner"
+      where
+        "partner"."sharedById" = "asset"."ownerId"
+        and "partner"."sharedWithId" = $5
+        and (
+          $6 = any ("partner"."permissions")
+          or "partner"."permissions" @> $7
+        )
+        and "partner"."inTimeline" = $8
+    )
+    or exists (
+      select
+      from
+        "album_asset"
+        inner join "album_user" on "album_user"."albumId" = "album_asset"."albumId"
+        and "album_user"."userId" = $9
+      where
+        "album_asset"."assetId" = "asset"."id"
+        and "album_user"."inTimeline" = $10
+        and "album_user"."albumId" in (
+          select
+            "album_user"."albumId"
+          from
+            "album_user"
+          where
+            "album_user"."userId" = "asset"."ownerId"
+            and (
+              $11 = any ("album_user"."permissions")
+              or "album_user"."permissions" @> $12
+            )
+        )
+    )
+  )
+  and "asset"."isFavorite" = $13
  and "asset"."deletedAt" is null
-  and "asset_exif"."fileSizeInByte" > $6
+  and "asset_exif"."fileSizeInByte" > $14
 order by
  "asset_exif"."fileSizeInByte" desc
 limit
-  $7
+  $15

 -- SearchRepository.searchSmart
 begin
@@ -86,15 +234,52 @@ where
  "asset"."visibility" = $1
  and "asset"."fileCreatedAt" >= $2
  and "asset_exif"."lensModel" = $3
-  and "asset"."ownerId" = any ($4::uuid[])
-  and "asset"."isFavorite" = $5
+  and (
+    "asset"."ownerId" = $4
+    or exists (
+      select
+      from
+        "partner"
+      where
+        "partner"."sharedById" = "asset"."ownerId"
+        and "partner"."sharedWithId" = $5
+        and (
+          $6 = any ("partner"."permissions")
+          or "partner"."permissions" @> $7
+        )
+        and "partner"."inTimeline" = $8
+    )
+    or exists (
+      select
+      from
+        "album_asset"
+        inner join "album_user" on "album_user"."albumId" = "album_asset"."albumId"
+        and "album_user"."userId" = $9
+      where
+        "album_asset"."assetId" = "asset"."id"
+        and "album_user"."inTimeline" = $10
+        and "album_user"."albumId" in (
+          select
+            "album_user"."albumId"
+          from
+            "album_user"
+          where
+            "album_user"."userId" = "asset"."ownerId"
+            and (
+              $11 = any ("album_user"."permissions")
+              or "album_user"."permissions" @> $12
+            )
+        )
+    )
+  )
+  and "asset"."isFavorite" = $13
  and "asset"."deletedAt" is null
 order by
-  smart_search.embedding <=> $6
+  smart_search.embedding <=> $14
 limit
-  $7
+  $15
 offset
-  $8
+  $16
 commit

 -- SearchRepository.getEmbedding
@@ -113,15 +298,30 @@ with
  "cte" as (
    select
      "asset_face"."id",
-      "asset_face"."personId",
-      face_search.embedding <=> $1 as "distance"
+      "asset_face"."faceClusterId",
+      face_search.embedding <=> $1 as "distance",
+      "asset"."ownerId"
    from
      "asset_face"
      inner join "asset" on "asset"."id" = "asset_face"."assetId"
      inner join "face_search" on "face_search"."faceId" = "asset_face"."id"
-      left join "person" on "person"."id" = "asset_face"."personId"
+      left join "person" on "person"."faceClusterId" = "asset_face"."faceClusterId"
    where
-      "asset"."ownerId" = any ($2::uuid[])
+      "asset"."ownerId" in (
+        select
+          "user"."id"
+        from
+          "user"
+        where
+          "user"."trustedGroupId" in (
+            select
+              "user"."trustedGroupId"
+            from
+              "user"
+            where
+              "user"."id" = any ($2::uuid[])
+          )
+      )
      and "asset"."deletedAt" is null
    order by
      "distance"
@@ -527,7 +527,7 @@ order by
 select
  "asset_face"."id",
  "assetId",
-  "personId",
+  "faceClusterId",
  "imageWidth",
  "imageHeight",
  "boundingBoxX1",
@@ -397,3 +397,73 @@ set
 where
  "user"."deletedAt" is null
  and "user"."id" = $2::uuid
+
+-- UserRepository.getInSameTrustedGroup
+select
+  "user"."id"
+from
+  "user"
+where
+  "user"."trustedGroupId" = (
+    select
+      "user"."trustedGroupId"
+    from
+      "user"
+    where
+      "user"."id" = $1
+  )
+
+-- UserRepository.mergeTrustedGroups
+update "user"
+set
+  "trustedGroupId" = "u"."trustedGroupId"
+from
+  "user" as "u"
+where
+  "u"."id" = $1
+  and "user"."trustedGroupId" = (
+    select
+      "user"."trustedGroupId"
+    from
+      "user"
+    where
+      "user"."id" = $2
+      and "user"."trustedGroupId" != "u"."trustedGroupId"
+  )
+
+-- UserRepository.updateTrustedGroups
+update "user"
+set
+  "trustedGroupId" = uuid_generate_v4 ()
+where
+  "user"."trustedGroupId" = (
+    select
+      "user"."trustedGroupId"
+    from
+      "user"
+    where
+      "user"."id" = $1
+  )
+  and "user"."id" != $2
+  and "user"."id" not in (
+    select
+      "partner"."sharedById" as "userId"
+    from
+      "partner"
+    where
+      "sharedWithId" = $3
+    union
+    select
+      "album_user"."userId"
+    from
+      "album_user"
+    where
+      "album_user"."albumId" in (
+        select
+          "album_user"."albumId"
+        from
+          "album_user"
+        where
+          "album_user"."userId" = $4
+      )
+  )
@@ -2,7 +2,9 @@ import { Injectable } from '@nestjs/common';
 import { Kysely, NotNull, sql } from 'kysely';
 import { InjectKysely } from 'nestjs-kysely';
 import { ChunkedSet, DummyValue, GenerateSql } from 'src/decorators';
-import { AlbumUserRole, AssetVisibility } from 'src/enum';
+import { AlbumUserRole, AssetVisibility, SharingPermission } from 'src/enum';
+import { hasAssetPermissions } from 'src/repositories/asset.repository';
+import { hasPermissions } from 'src/repositories/person.repository';
 import { DB } from 'src/schema';
 import { asUuid } from 'src/utils/database';

@@ -273,6 +275,46 @@ class AssetAccess {
        return allowedIds;
      });
  }
+
+  @GenerateSql({ params: [DummyValue.UUID, DummyValue.UUID_SET, [SharingPermission.All]] })
+  async checkSharedAccess(userId: string, assetIds: Set<string>, permissions: SharingPermission[]) {
+    const ids = await this.db
+      .selectFrom('album_asset')
+      .select('album_asset.assetId')
+      .where('album_asset.assetId', 'in', [...assetIds])
+      .where('album_asset.albumId', 'in', (eb) =>
+        eb
+          .selectFrom('album_user')
+          .select('album_user.albumId')
+          .where((eb) =>
+            eb.or([
+              eb('album_user.permissions', '@>', sql<SharingPermission[]>`${permissions}::sharing_permission_enum[]`),
+              eb(eb.val(SharingPermission.All), '=', eb.fn.any('album_user.permissions')),
+            ]),
+          ),
+      )
+      .innerJoin('album_user', (join) =>
+        join.onRef('album_asset.albumId', '=', 'album_user.albumId').on('album_user.userId', '=', userId),
+      )
+      .union((eb) =>
+        eb
+          .selectFrom('partner')
+          .where('partner.sharedWithId', '=', userId)
+          .where((eb) =>
+            eb.or([
+              eb('partner.permissions', '@>', sql<SharingPermission[]>`${permissions}::sharing_permission_enum[]`),
+              eb(eb.val(SharingPermission.All), '=', eb.fn.any('partner.permissions')),
+            ]),
+          )
+          .innerJoin('asset', (join) =>
+            join.onRef('asset.ownerId', '=', 'partner.sharedById').on('asset.id', 'in', [...assetIds]),
+          )
+          .select('asset.id as assetId'),
+      )
+      .execute();
+
+    return new Set(ids.map(({ assetId }) => assetId));
+  }
 }

 class AuthDeviceAccess {
@@ -452,6 +494,37 @@ class PersonAccess {
      .execute()
      .then((faces) => new Set(faces.map((face) => face.id)));
  }
+
+  async checkSharedAccess(userId: string, personIds: Set<string>, permissions: SharingPermission[]) {
+    if (personIds.size === 0) {
+      return new Set<string>();
+    }
+
+    const ids = await this.db
+      .selectFrom('person')
+      .select('person.id')
+      .where('person.id', 'in', [...personIds])
+      .where(hasPermissions(userId, permissions))
+      .execute();
+
+    return new Set(ids.map(({ id }) => id));
+  }
+
+  async checkSharedFaceAccess(userId: string, faceIds: Set<string>, permissions: SharingPermission[]) {
+    if (faceIds.size === 0) {
+      return new Set<string>();
+    }
+
+    const ids = await this.db
+      .selectFrom('asset_face')
+      .select('asset_face.id')
+      .leftJoin('asset', (join) => join.onRef('asset.id', '=', 'asset_face.assetId'))
+      .where('asset_face.id', 'in', [...faceIds])
+      .where(hasAssetPermissions(userId, permissions))
+      .execute();
+
+    return new Set(ids.map(({ id }) => id));
+  }
 }

 class PartnerAccess {
@@ -38,4 +38,13 @@ export class AlbumUserRepository {
  async delete({ userId, albumId }: AlbumPermissionId): Promise<void> {
    await this.db.deleteFrom('album_user').where('userId', '=', userId).where('albumId', '=', albumId).execute();
  }
+
+  get({ userId, albumId }: AlbumPermissionId) {
+    return this.db
+      .selectFrom('album_user')
+      .select(['permissions', 'inTimeline'])
+      .where('userId', '=', userId)
+      .where('albumId', '=', albumId)
+      .executeTakeFirstOrThrow();
+  }
 }
@@ -17,7 +17,15 @@ import { InjectKysely } from 'nestjs-kysely';
 import { LockableProperty, Stack } from 'src/database';
 import { Chunked, ChunkedArray, DummyValue, GenerateSql } from 'src/decorators';
 import { AuthDto } from 'src/dtos/auth.dto';
-import { AssetFileType, AssetOrder, AssetOrderBy, AssetStatus, AssetType, AssetVisibility } from 'src/enum';
+import {
+  AssetFileType,
+  AssetOrder,
+  AssetOrderBy,
+  AssetStatus,
+  AssetType,
+  AssetVisibility,
+  SharingPermission,
+} from 'src/enum';
 import { DB } from 'src/schema';
 import { AssetAudioTable, AssetKeyframeTable, AssetVideoTable } from 'src/schema/tables/asset-av.table';
 import { AssetExifTable } from 'src/schema/tables/asset-exif.table';
@@ -41,6 +49,7 @@ import {
  withFiles,
  withLibrary,
  withOwner,
+  withPermissions,
  withSmartSearch,
  withTagId,
  withTags,
@@ -165,6 +174,47 @@ const withBoundingBox = <T>(qb: SelectQueryBuilder<DB, 'asset' | 'asset_exif', T
  );
 };

+export const hasAssetPermissions =
+  (userId: string, permissions: SharingPermission[], ignoreTimelineVisibility: boolean = false) =>
+  (eb: ExpressionBuilder<DB, 'asset'>) =>
+    eb.or([
+      eb('asset.ownerId', '=', userId),
+      eb.exists(
+        eb
+          .selectFrom('partner')
+          .whereRef('partner.sharedById', '=', 'asset.ownerId')
+          .where('partner.sharedWithId', '=', userId)
+          .where((eb) =>
+            eb.or([
+              eb(eb.val(SharingPermission.All), '=', eb.fn.any('partner.permissions')),
+              eb('partner.permissions', '@>', eb.val(permissions)),
+            ]),
+          )
+          .$if(!ignoreTimelineVisibility, (qb) => qb.where('partner.inTimeline', '=', true)),
+      ),
+      eb.exists(
+        eb
+          .selectFrom('album_asset')
+          .whereRef('album_asset.assetId', '=', 'asset.id')
+          .innerJoin('album_user', (join) =>
+            join.onRef('album_user.albumId', '=', 'album_asset.albumId').on('album_user.userId', '=', userId),
+          )
+          .$if(!ignoreTimelineVisibility, (qb) => qb.where('album_user.inTimeline', '=', true))
+          .where('album_user.albumId', 'in', (eb) =>
+            eb
+              .selectFrom('album_user')
+              .select('album_user.albumId')
+              .whereRef('album_user.userId', '=', 'asset.ownerId')
+              .where((eb) =>
+                eb.or([
+                  eb(eb.val(SharingPermission.All), '=', eb.fn.any('album_user.permissions')),
+                  eb('album_user.permissions', '@>', eb.val(permissions)),
+                ]),
+              ),
+          ),
+      ),
+    ]);
+
@Injectable()
 export class AssetRepository {
  constructor(@InjectKysely() private db: Kysely<DB>) {}
@@ -556,17 +606,22 @@ export class AssetRepository {
      .executeTakeFirst();
  }

-  @GenerateSql({ params: [DummyValue.UUID] })
+  @GenerateSql({ params: [DummyValue.UUID, {}, DummyValue.UUID] })
  getById(
    id: string,
    { exifInfo, faces, files, library, owner, smartSearch, stack, tags, edits }: GetByIdsRelations = {},
+    userId?: string,
  ) {
    return this.db
      .selectFrom('asset')
      .selectAll('asset')
      .where('asset.id', '=', asUuid(id))
      .$if(!!exifInfo, withExif)
-      .$if(!!faces, (qb) => qb.select(faces?.person ? withFacesAndPeople : withFaces).$narrowType<{ faces: NotNull }>())
+      .$if(!!faces, (qb) =>
+        qb
+          .select(faces?.person ? (eb) => withFacesAndPeople(eb, { userId }) : withFaces)
+          .$narrowType<{ faces: NotNull }>(),
+      )
      .$if(!!library, (qb) => qb.select(withLibrary))
      .$if(!!owner, (qb) => qb.select(withOwner))
      .$if(!!smartSearch, withSmartSearch)
@@ -602,6 +657,7 @@ export class AssetRepository {
      .$if(!!files, (qb) => qb.select(withFiles))
      .$if(!!tags, (qb) => qb.select(withTags))
      .$if(!!edits, (qb) => qb.select(withEdits))
+      .$if(!!userId, (qb) => qb.select(withPermissions(userId!)))
      .limit(1)
      .executeTakeFirst();
  }
@@ -744,7 +800,9 @@ export class AssetRepository {
              )
              .where((eb) => eb.or([eb('asset.stackId', 'is', null), eb(eb.table('stack'), 'is not', null)])),
          )
-          .$if(!!options.userIds, (qb) => qb.where('asset.ownerId', '=', anyUuid(options.userIds!)))
+          .$if(!!options.userIds, (qb) =>
+            qb.where(hasAssetPermissions(options.userIds![0], [SharingPermission.AssetRead], !!options.personId)),
+          )
          .$if(options.isFavorite !== undefined, (qb) => qb.where('asset.isFavorite', '=', options.isFavorite!))
          .$if(!!options.assetType, (qb) => qb.where('asset.type', '=', options.assetType!))
          .$if(options.isDuplicate !== undefined, (qb) =>
@@ -829,7 +887,9 @@ export class AssetRepository {
            ),
          )
          .$if(!!options.personId, (qb) => hasPeople(qb, [options.personId!]))
-          .$if(!!options.userIds, (qb) => qb.where('asset.ownerId', '=', anyUuid(options.userIds!)))
+          .$if(!!options.userIds, (qb) =>
+            qb.where(hasAssetPermissions(options.userIds![0], [SharingPermission.AssetRead], !!options.personId)),
+          )
          .$if(options.isFavorite !== undefined, (qb) => qb.where('asset.isFavorite', '=', options.isFavorite!))
          .$if(!!options.withStacked, (qb) =>
            qb
@@ -15,7 +15,7 @@ import { getKeyByValue, getMethodNames, ImmichStartupError } from 'src/utils/mis
 type JobMapItem = {
  jobName: JobName;
  queueName: QueueName;
-  handler: (job: JobOf<any>) => Promise<JobStatus>;
+  handler: (job?: JobOf<any>) => Promise<JobStatus>;
  label: string;
 };

@@ -95,14 +95,17 @@ export class JobRepository {
    }
  }

-  async run({ name, data }: JobItem) {
-    const item = this.handlers[name as JobName];
+  async run(job: JobItem) {
+    const item = this.handlers[job.name];
    if (!item) {
-      this.logger.warn(`Skipping unknown job: "${name}"`);
+      this.logger.warn(`Skipping unknown job: "${job.name}"`);
      return JobStatus.Skipped;
    }

-    return item.handler(data);
+    if ('data' in job) {
+      return item.handler(job.data);
+    }
+    return item.handler();
  }

  setConcurrency(queueName: QueueName, concurrency: number) {
@@ -167,7 +170,7 @@ export class JobRepository {
      const queueName = this.getQueueName(item.name);
      const job = {
        name: item.name,
-        data: item.data || {},
+        data: ('data' in item ? item.data : undefined) || {},
        options: this.getJobOptions(item) || undefined,
      } as JobItem & { data: any; options: JobsOptions | undefined };

@@ -73,7 +73,7 @@ export class MemoryRepository implements IBulkAsset {
                eb.exists(
                  eb
                    .selectFrom('asset_face')
-                    .innerJoin('person', 'person.id', 'asset_face.personId')
+                    .innerJoin('person', 'person.faceClusterId', 'asset_face.faceClusterId')
                    .select((eb) => eb.val(1).as('one'))
                    .whereRef('asset_face.assetId', '=', 'asset.id')
                    .where('person.isHidden', '=', true),
@@ -4,7 +4,8 @@ import { jsonObjectFrom } from 'kysely/helpers/postgres';
 import { InjectKysely } from 'nestjs-kysely';
 import { AssetFace } from 'src/database';
 import { Chunked, ChunkedArray, DummyValue, GenerateSql } from 'src/decorators';
-import { AssetFileType, AssetVisibility, SourceType } from 'src/enum';
+import { AssetFileType, AssetVisibility, SharingPermission, SourceType } from 'src/enum';
+import { hasAssetPermissions } from 'src/repositories/asset.repository';
 import { DB } from 'src/schema';
 import { AssetFaceTable } from 'src/schema/tables/asset-face.table';
 import { FaceSearchTable } from 'src/schema/tables/face-search.table';
@@ -33,9 +34,9 @@ export interface AssetFaceId {
 }

 export interface UpdateFacesData {
-  oldPersonId?: string;
+  oldFaceClusterId?: string;
  faceIds?: string[];
-  newPersonId: string;
+  newFaceClusterId: string;
 }

 export interface PersonStatistics {
@@ -54,7 +55,7 @@ export interface GetAllPeopleOptions {
 }

 export interface GetAllFacesOptions {
-  personId?: string | null;
+  faceClusterId?: string | null;
  assetId?: string;
  sourceType?: SourceType;
 }
@@ -65,7 +66,20 @@ export type SelectFaceOptions = (keyof Selectable<AssetFaceTable>)[];

 const withPerson = (eb: ExpressionBuilder<DB, 'asset_face'>) => {
  return jsonObjectFrom(
-    eb.selectFrom('person').selectAll('person').whereRef('person.id', '=', 'asset_face.personId'),
+    eb
+      .selectFrom('person')
+      .selectAll('person')
+      .whereRef('person.faceClusterId', '=', 'asset_face.faceClusterId')
+      .orderBy(
+        (eb) =>
+          eb(
+            'person.ownerId',
+            '=',
+            eb.selectFrom('asset').select('asset.ownerId').whereRef('asset.id', '=', 'asset_face.assetId'),
+          ),
+        'desc',
+      )
+      .limit(1),
  ).as('person');
 };

@@ -75,16 +89,47 @@ const withFaceSearch = (eb: ExpressionBuilder<DB, 'asset_face'>) => {
  ).as('faceSearch');
 };

+export const hasPermissions =
+  (userId: string, permissions: SharingPermission[]) => (eb: ExpressionBuilder<DB, 'person'>) =>
+    eb.or([
+      eb.exists((eb) =>
+        eb
+          .selectFrom('partner')
+          .whereRef('partner.sharedById', '=', 'person.ownerId')
+          .where('partner.sharedWithId', '=', userId)
+          .where((eb) =>
+            eb.or([
+              eb(eb.val(SharingPermission.All), '=', eb.fn.any('partner.permissions')),
+              eb('partner.permissions', '@>', eb.val(permissions)),
+            ]),
+          ),
+      ),
+      eb.exists((eb) =>
+        eb
+          .selectFrom('album_user')
+          .where('album_user.albumId', 'in', (eb) =>
+            eb.selectFrom('album_user').select('album_user.albumId').where('album_user.userId', '=', userId),
+          )
+          .whereRef('album_user.userId', '=', 'person.ownerId')
+          .where((eb) =>
+            eb.or([
+              eb(eb.val(SharingPermission.All), '=', eb.fn.any('album_user.permissions')),
+              eb('album_user.permissions', '@>', eb.val(permissions)),
+            ]),
+          ),
+      ),
+    ]);
+
@Injectable()
 export class PersonRepository {
  constructor(@InjectKysely() private db: Kysely<DB>) {}

  @GenerateSql({ params: [{ oldPersonId: DummyValue.UUID, newPersonId: DummyValue.UUID }] })
-  async reassignFaces({ oldPersonId, faceIds, newPersonId }: UpdateFacesData): Promise<number> {
+  async reassignFaces({ oldFaceClusterId, faceIds, newFaceClusterId }: UpdateFacesData): Promise<number> {
    const result = await this.db
      .updateTable('asset_face')
-      .set({ personId: newPersonId })
-      .$if(!!oldPersonId, (qb) => qb.where('asset_face.personId', '=', oldPersonId!))
+      .set({ faceClusterId: newFaceClusterId })
+      .$if(!!oldFaceClusterId, (qb) => qb.where('asset_face.faceClusterId', '=', oldFaceClusterId!))
      .$if(!!faceIds, (qb) => qb.where('asset_face.id', 'in', faceIds!))
      .executeTakeFirst();

@@ -94,7 +139,7 @@ export class PersonRepository {
  async unassignFaces({ sourceType }: UnassignFacesOptions): Promise<void> {
    await this.db
      .updateTable('asset_face')
-      .set({ personId: null })
+      .set({ faceClusterId: null })
      .where('asset_face.sourceType', '=', sourceType)
      .execute();
  }
@@ -117,8 +162,8 @@ export class PersonRepository {
    return this.db
      .selectFrom('asset_face')
      .selectAll('asset_face')
-      .$if(options.personId === null, (qb) => qb.where('asset_face.personId', 'is', null))
-      .$if(!!options.personId, (qb) => qb.where('asset_face.personId', '=', options.personId!))
+      .$if(options.faceClusterId === null, (qb) => qb.where('asset_face.faceClusterId', 'is', null))
+      .$if(!!options.faceClusterId, (qb) => qb.where('asset_face.faceClusterId', '=', options.faceClusterId!))
      .$if(!!options.sourceType, (qb) => qb.where('asset_face.sourceType', '=', options.sourceType!))
      .$if(!!options.assetId, (qb) => qb.where('asset_face.assetId', '=', options.assetId!))
      .where('asset_face.deletedAt', 'is', null)
@@ -153,16 +198,20 @@ export class PersonRepository {
    const items = await this.db
      .selectFrom('person')
      .selectAll('person')
-      .innerJoin('asset_face', 'asset_face.personId', 'person.id')
+      .innerJoin('asset_face', 'asset_face.faceClusterId', 'person.faceClusterId')
      .innerJoin('asset', (join) =>
        join
          .onRef('asset_face.assetId', '=', 'asset.id')
          .on('asset.visibility', '=', sql.lit(AssetVisibility.Timeline))
          .on('asset.deletedAt', 'is', null),
      )
-      .where('person.ownerId', '=', userId)
+      .where((eb) =>
+        eb.or([eb('person.ownerId', '=', userId), hasPermissions(userId, [SharingPermission.PersonRead])(eb)]),
+      )
      .where('asset_face.deletedAt', 'is', null)
      .where('asset_face.isVisible', 'is', true)
+      .orderBy('person.faceClusterId')
+      .orderBy((eb) => eb('person.ownerId', '=', userId), 'desc')
      .orderBy('person.isHidden', 'asc')
      .orderBy('person.isFavorite', 'desc')
      .having((eb) =>
@@ -171,6 +220,7 @@ export class PersonRepository {
          eb((innerEb) => innerEb.fn.count('asset_face.assetId'), '>=', options?.minimumFaceCount || 1),
        ]),
      )
+      .distinctOn('person.faceClusterId')
      .groupBy('person.id')
      .$if(!!options?.closestFaceAssetId, (qb) =>
        qb.orderBy((eb) =>
@@ -209,7 +259,7 @@ export class PersonRepository {
    return this.db
      .selectFrom('person')
      .selectAll('person')
-      .leftJoin('asset_face', 'asset_face.personId', 'person.id')
+      .leftJoin('asset_face', 'asset_face.faceClusterId', 'person.faceClusterId')
      .where('asset_face.deletedAt', 'is', null)
      .where('asset_face.isVisible', 'is', true)
      .having((eb) => eb.fn.count('asset_face.assetId'), '=', 0)
@@ -224,7 +274,6 @@ export class PersonRepository {
    return this.db
      .selectFrom('asset_face')
      .selectAll('asset_face')
-      .select(withPerson)
      .where('asset_face.assetId', '=', assetId)
      .where('asset_face.deletedAt', 'is', null)
      .$if(isVisible !== undefined, (qb) => qb.where('asset_face.isVisible', '=', isVisible!))
@@ -248,7 +297,7 @@ export class PersonRepository {
  getFaceForFacialRecognitionJob(id: string) {
    return this.db
      .selectFrom('asset_face')
-      .select(['asset_face.id', 'asset_face.personId', 'asset_face.sourceType'])
+      .select(['asset_face.id', 'asset_face.faceClusterId', 'asset_face.sourceType'])
      .select((eb) =>
        jsonObjectFrom(
          eb
@@ -289,10 +338,10 @@ export class PersonRepository {
  }

  @GenerateSql({ params: [DummyValue.UUID, DummyValue.UUID] })
-  async reassignFace(assetFaceId: string, newPersonId: string): Promise<number> {
+  async reassignFace(assetFaceId: string, newFaceClusterId: string): Promise<number> {
    const result = await this.db
      .updateTable('asset_face')
-      .set({ personId: newPersonId })
+      .set({ faceClusterId: newFaceClusterId })
      .where('asset_face.id', '=', assetFaceId)
      .executeTakeFirst();

@@ -318,6 +367,7 @@ export class PersonRepository {
      .where('person.ownerId', '=', userId)
      .where(() => sql`f_unaccent("person"."name") %> f_unaccent(${personName})`)
      .orderBy(sql`f_unaccent("person"."name") <->>> f_unaccent(${personName})`)
+      .orderBy((eb) => eb('person.ownerId', '=', userId), 'desc')
      .limit(100)
      .$if(!withHidden, (qb) => qb.where('person.isHidden', '=', false))
      .execute();
@@ -335,7 +385,7 @@ export class PersonRepository {
  }

  @GenerateSql({ params: [DummyValue.UUID] })
-  async getStatistics(personId: string): Promise<PersonStatistics> {
+  async getStatistics(userId: string, faceClusterId: string): Promise<PersonStatistics> {
    const result = await this.db
      .selectFrom('asset_face')
      .leftJoin('asset', (join) =>
@@ -344,10 +394,11 @@ export class PersonRepository {
          .on('asset.visibility', '=', sql.lit(AssetVisibility.Timeline))
          .on('asset.deletedAt', 'is', null),
      )
+      .where(hasAssetPermissions(userId, [SharingPermission.AssetRead], true))
      .select((eb) => eb.fn.count(eb.fn('distinct', ['asset.id'])).as('count'))
      .where('asset_face.deletedAt', 'is', null)
      .where('asset_face.isVisible', 'is', true)
-      .where('asset_face.personId', '=', personId)
+      .where('asset_face.faceClusterId', '=', faceClusterId)
      .executeTakeFirst();

    return {
@@ -364,7 +415,7 @@ export class PersonRepository {
        eb.exists((eb) =>
          eb
            .selectFrom('asset_face')
-            .whereRef('asset_face.personId', '=', 'person.id')
+            .whereRef('asset_face.faceClusterId', '=', 'person.faceClusterId')
            .where('asset_face.deletedAt', 'is', null)
            .where('asset_face.isVisible', '=', true)
            .where((eb) =>
@@ -378,13 +429,20 @@ export class PersonRepository {
            ),
        ),
      )
-      .where('person.ownerId', '=', userId)
+      .where((eb) =>
+        eb.or([eb('person.ownerId', '=', userId), hasPermissions(userId, [SharingPermission.PersonRead])(eb)]),
+      )
      .select((eb) => eb.fn.coalesce(eb.fn.countAll<number>(), zero).as('total'))
      .select((eb) => eb.fn.coalesce(eb.fn.countAll<number>().filterWhere('isHidden', '=', true), zero).as('hidden'))
      .executeTakeFirstOrThrow();
  }

-  create(person: Insertable<PersonTable>) {
+  async create(person: Insertable<PersonTable>) {
+    if (!person.faceClusterId) {
+      const { id } = await this.db.insertInto('face_cluster').defaultValues().returning('id').executeTakeFirstOrThrow();
+      person.faceClusterId = id;
+    }
+
    return this.db.insertInto('person').values(person).returningAll().executeTakeFirstOrThrow();
  }

@@ -475,18 +533,19 @@ export class PersonRepository {
      .selectFrom('asset_face')
      .selectAll('asset_face')
      .select(withPerson)
+      .innerJoin('person', (join) => join.onRef('person.faceClusterId', '=', 'asset_face.faceClusterId'))
+      .where('person.id', 'in', personIds)
      .where('asset_face.assetId', 'in', assetIds)
-      .where('asset_face.personId', 'in', personIds)
      .where('asset_face.deletedAt', 'is', null)
      .execute();
  }

  @GenerateSql({ params: [DummyValue.UUID] })
-  getRandomFace(personId: string) {
+  getRandomFace(faceClusterId: string) {
    return this.db
      .selectFrom('asset_face')
      .selectAll('asset_face')
-      .where('asset_face.personId', '=', personId)
+      .where('asset_face.faceClusterId', '=', faceClusterId)
      .where('asset_face.deletedAt', 'is', null)
      .where('asset_face.isVisible', 'is', true)
      .executeTakeFirst();
@@ -573,8 +632,14 @@ export class PersonRepository {
      .selectFrom('asset_face')
      .select('asset_face.id')
      .where('asset_face.assetId', '=', assetId)
-      .where('asset_face.personId', '=', personId)
+      .innerJoin('person', (join) =>
+        join.onRef('person.faceClusterId', '=', 'asset_face.faceClusterId').on('person.id', '=', personId),
+      )
      .innerJoin('asset', (join) => join.onRef('asset.id', '=', 'asset_face.assetId').on('asset.isOffline', '=', false))
      .executeTakeFirst();
  }
+
+  getByFaceClusterId(faceClusterId: string) {
+    return this.db.selectFrom('person').selectAll().where('person.faceClusterId', '=', faceClusterId).execute();
+  }
 }
@@ -325,15 +325,23 @@ export class SearchRepository {
            .selectFrom('asset_face')
            .select([
              'asset_face.id',
-              'asset_face.personId',
+              'asset_face.faceClusterId',
              sql<number>`face_search.embedding <=> ${embedding}`.as('distance'),
            ])
            .innerJoin('asset', 'asset.id', 'asset_face.assetId')
+            .select('asset.ownerId')
            .innerJoin('face_search', 'face_search.faceId', 'asset_face.id')
-            .leftJoin('person', 'person.id', 'asset_face.personId')
-            .where('asset.ownerId', '=', anyUuid(userIds))
+            .leftJoin('person', 'person.faceClusterId', 'asset_face.faceClusterId')
+            .where('asset.ownerId', 'in', (eb) =>
+              eb
+                .selectFrom('user')
+                .select('user.id')
+                .where('user.trustedGroupId', 'in', (eb) =>
+                  eb.selectFrom('user').select('user.trustedGroupId').where('user.id', '=', anyUuid(userIds)),
+                ),
+            )
            .where('asset.deletedAt', 'is', null)
-            .$if(!!hasPerson, (qb) => qb.where('asset_face.personId', 'is not', null))
+            .$if(!!hasPerson, (qb) => qb.where('asset_face.faceClusterId', 'is not', null))
            .$if(!!minBirthDate, (qb) =>
              qb.where((eb) =>
                eb.or([eb('person.birthDate', 'is', null), eb('person.birthDate', '<=', minBirthDate!)]),
@@ -443,7 +443,7 @@ class AssetFaceSync extends BaseSync {
      .select([
        'asset_face.id',
        'assetId',
-        'personId',
+        'faceClusterId',
        'imageWidth',
        'imageHeight',
        'boundingBoxX1',
@@ -325,4 +325,61 @@ export class UserRepository {

    await query.execute();
  }
+
+  @GenerateSql({ params: [DummyValue.UUID] })
+  async getInSameTrustedGroup(userId: string) {
+    return this.db
+      .selectFrom('user')
+      .select('user.id')
+      .where('user.trustedGroupId', '=', (eb) =>
+        eb.selectFrom('user').select('user.trustedGroupId').where('user.id', '=', userId),
+      )
+      .execute()
+      .then((result) => result.map(({ id }) => id));
+  }
+
+  @GenerateSql({ params: [{ userId: DummyValue.UUID, userIdToMerge: DummyValue.UUID }] })
+  async mergeTrustedGroups({ userId, userIdToMerge }: { userId: string; userIdToMerge: string }) {
+    return this.db
+      .updateTable('user')
+      .from('user as u')
+      .where('u.id', '=', userId)
+      .where('user.trustedGroupId', '=', (eb) =>
+        eb
+          .selectFrom('user')
+          .select('user.trustedGroupId')
+          .where('user.id', '=', userIdToMerge)
+          .whereRef('user.trustedGroupId', '!=', 'u.trustedGroupId'),
+      )
+      .set((eb) => ({
+        trustedGroupId: eb.ref('u.trustedGroupId'),
+      }))
+      .executeTakeFirst();
+  }
+
+  @GenerateSql({ params: [DummyValue.UUID] })
+  async updateTrustedGroups(userId: string) {
+    return this.db
+      .updateTable('user')
+      .set((eb) => ({ trustedGroupId: eb.fn('uuid_generate_v4') }))
+      .where('user.trustedGroupId', '=', (eb) =>
+        eb.selectFrom('user').select('user.trustedGroupId').where('user.id', '=', userId),
+      )
+      .where('user.id', '!=', userId)
+      .where('user.id', 'not in', (eb) =>
+        eb
+          .selectFrom('partner')
+          .select('partner.sharedById as userId')
+          .where('sharedWithId', '=', userId)
+          .union((eb) =>
+            eb
+              .selectFrom('album_user')
+              .select('album_user.userId')
+              .where('album_user.albumId', 'in', (eb) =>
+                eb.selectFrom('album_user').select('album_user.albumId').where('album_user.userId', '=', userId),
+              ),
+          ),
+      )
+      .executeTakeFirst();
+  }
 }
@@ -4,6 +4,7 @@ import {
  AssetStatus,
  AssetVisibility,
  ChecksumAlgorithm,
+  SharingPermission,
  SourceType,
  VideoSegmentCodec,
 } from 'src/enum';
@@ -37,3 +38,8 @@ export const video_stream_variant_codec_enum = registerEnum({
  name: 'video_stream_variant_codec_enum',
  values: Object.values(VideoSegmentCodec),
 });
+
+export const sharing_permission_enum = registerEnum({
+  name: 'sharing_permission_enum',
+  values: Object.values(SharingPermission),
+});
@@ -4,6 +4,7 @@ import {
  asset_face_source_type,
  asset_visibility_enum,
  assets_status_enum,
+  sharing_permission_enum,
 } from 'src/schema/enums';
 import {
  album_user_after_insert,
@@ -45,6 +46,7 @@ import { AssetMetadataAuditTable } from 'src/schema/tables/asset-metadata-audit.
 import { AssetMetadataTable } from 'src/schema/tables/asset-metadata.table';
 import { AssetOcrTable } from 'src/schema/tables/asset-ocr.table';
 import { AssetTable } from 'src/schema/tables/asset.table';
+import { FaceClusterTable } from 'src/schema/tables/face-cluster.table';
 import { FaceSearchTable } from 'src/schema/tables/face-search.table';
 import { GeodataPlacesTable } from 'src/schema/tables/geodata-places.table';
 import { LibraryTable } from 'src/schema/tables/library.table';
@@ -108,6 +110,7 @@ export class ImmichDatabase {
    AssetTable,
    AssetFileTable,
    AssetExifTable,
+    FaceClusterTable,
    FaceSearchTable,
    GeodataPlacesTable,
    LibraryTable,
@@ -170,7 +173,13 @@ export class ImmichDatabase {
    asset_face_audit,
  ];

-  enum = [album_user_role_enum, assets_status_enum, asset_face_source_type, asset_visibility_enum];
+  enum = [
+    album_user_role_enum,
+    assets_status_enum,
+    asset_face_source_type,
+    asset_visibility_enum,
+    sharing_permission_enum,
+  ];
 }

 export interface Migrations {
@@ -211,6 +220,7 @@ export interface DB {
  ocr_search: OcrSearchTable;

  face_search: FaceSearchTable;
+  face_cluster: FaceClusterTable;

  geodata_places: GeodataPlacesTable;

@@ -0,0 +1,17 @@
+import { Kysely, sql } from 'kysely';
+
+export async function up(db: Kysely<any>): Promise<void> {
+  await sql`CREATE TYPE "sharing_permission_enum" AS ENUM ('all','asset.read','asset.update','asset.edit','asset.delete','asset.share','exif.read','person.read','person.update','person.merge','person.delete');`.execute(db);
+  await sql`ALTER TABLE "user" ADD "trustedGroupId" uuid NOT NULL DEFAULT uuid_generate_v4();`.execute(db);
+  await sql`ALTER TABLE "album_user" ADD "permissions" sharing_permission_enum[] NOT NULL DEFAULT '{asset.read,exif.read}';`.execute(db);
+  await sql`ALTER TABLE "album_user" ADD "inTimeline" boolean NOT NULL DEFAULT false;`.execute(db);
+  await sql`ALTER TABLE "partner" ADD "permissions" sharing_permission_enum[] NOT NULL DEFAULT '{all}';`.execute(db);
+}
+
+export async function down(db: Kysely<any>): Promise<void> {
+  await sql`DROP TYPE "sharing_permission_enum";`.execute(db);
+  await sql`ALTER TABLE "partner" DROP COLUMN "permissions";`.execute(db);
+  await sql`ALTER TABLE "user" DROP COLUMN "trustedGroupId";`.execute(db);
+  await sql`ALTER TABLE "album_user" DROP COLUMN "permissions";`.execute(db);
+  await sql`ALTER TABLE "album_user" DROP COLUMN "inTimeline";`.execute(db);
+}
@@ -0,0 +1,51 @@
+import { Kysely, sql } from 'kysely';
+
+export async function up(db: Kysely<any>): Promise<void> {
+  await sql`ALTER TABLE "asset_face" RENAME COLUMN "personId" TO "faceClusterId";`.execute(db);
+  await sql`CREATE INDEX "asset_face_faceClusterId_assetId_idx" ON "asset_face" ("faceClusterId", "assetId");`.execute(db);
+  await sql`CREATE INDEX "asset_face_faceClusterId_assetId_notDeleted_isVisible_idx" ON "asset_face" ("faceClusterId", "assetId") WHERE ("deletedAt" IS NULL AND "isVisible" IS TRUE);`.execute(db);
+  await sql`CREATE INDEX "asset_face_assetId_faceClusterId_idx" ON "asset_face" ("assetId", "faceClusterId");`.execute(db);
+  await sql`DROP INDEX "asset_face_personId_assetId_notDeleted_isVisible_idx";`.execute(db);
+  await sql`DROP INDEX "asset_face_assetId_personId_idx";`.execute(db);
+  await sql`DROP INDEX "asset_face_personId_assetId_idx";`.execute(db);
+  await sql`CREATE TABLE "face_cluster" (
+  "id" uuid NOT NULL DEFAULT uuid_generate_v4(),
+  "createdAt" timestamp with time zone NOT NULL DEFAULT now(),
+  "updatedAt" timestamp with time zone NOT NULL DEFAULT now(),
+  "updateId" uuid NOT NULL DEFAULT immich_uuid_v7(),
+  CONSTRAINT "face_cluster_pkey" PRIMARY KEY ("id")
+);`.execute(db);
+  await sql`ALTER TABLE "asset_face" ADD CONSTRAINT "asset_face_faceClusterId_fkey" FOREIGN KEY ("faceClusterId") REFERENCES "face_cluster" ("id") ON UPDATE CASCADE ON DELETE SET NULL;`.execute(db);
+  await sql`ALTER TABLE "asset_face" DROP CONSTRAINT "asset_face_personId_fkey";`.execute(db);
+  await sql`ALTER TABLE "person" ADD "faceClusterId" uuid;`.execute(db);
+  await sql`CREATE INDEX "person_faceClusterId_idx" ON "person" ("faceClusterId");`.execute(db);
+  await sql`ALTER TABLE "person" ADD CONSTRAINT "person_faceClusterId_fkey" FOREIGN KEY ("faceClusterId") REFERENCES "face_cluster" ("id") ON UPDATE CASCADE ON DELETE CASCADE;`.execute(db);
+  await sql`CREATE INDEX "face_cluster_updateId_idx" ON "face_cluster" ("updateId");`.execute(db);
+  await sql`CREATE OR REPLACE TRIGGER "face_cluster_updatedAt"
+  BEFORE UPDATE ON "face_cluster"
+  FOR EACH ROW
+  EXECUTE FUNCTION updated_at();`.execute(db);
+  await sql`INSERT INTO "migration_overrides" ("name", "value") VALUES ('trigger_face_cluster_updatedAt', '{"type":"trigger","name":"face_cluster_updatedAt","sql":"CREATE OR REPLACE TRIGGER \\"face_cluster_updatedAt\\"\\n  BEFORE UPDATE ON \\"face_cluster\\"\\n  FOR EACH ROW\\n  EXECUTE FUNCTION updated_at();"}'::jsonb);`.execute(db);
+  await sql`INSERT INTO "migration_overrides" ("name", "value") VALUES ('index_asset_face_faceClusterId_assetId_notDeleted_isVisible_idx', '{"type":"index","name":"asset_face_faceClusterId_assetId_notDeleted_isVisible_idx","sql":"CREATE INDEX \\"asset_face_faceClusterId_assetId_notDeleted_isVisible_idx\\" ON \\"asset_face\\" (\\"faceClusterId\\", \\"assetId\\") WHERE (\\"deletedAt\\" IS NULL AND \\"isVisible\\" IS TRUE);"}'::jsonb);`.execute(db);
+  await sql`DELETE FROM "migration_overrides" WHERE "name" = 'index_asset_face_personId_assetId_notDeleted_isVisible_idx';`.execute(db);
+}
+
+export async function down(db: Kysely<any>): Promise<void> {
+  await sql`ALTER TABLE "person" DROP COLUMN "faceClusterId";`.execute(db);
+  await sql`DROP INDEX "person_faceClusterId_idx";`.execute(db);
+  await sql`ALTER TABLE "person" DROP CONSTRAINT "person_faceClusterId_fkey";`.execute(db);
+  await sql`ALTER TABLE "asset_face" RENAME COLUMN "faceClusterId" TO "personId";`.execute(db);
+  await sql`CREATE INDEX "asset_face_personId_assetId_notDeleted_isVisible_idx" ON "asset_face" ("personId", "assetId") WHERE ((("deletedAt" IS NULL) AND ("isVisible" IS TRUE)));`.execute(db);
+  await sql`CREATE INDEX "asset_face_assetId_personId_idx" ON "asset_face" ("assetId", "personId");`.execute(db);
+  await sql`CREATE INDEX "asset_face_personId_assetId_idx" ON "asset_face" ("personId", "assetId");`.execute(db);
+  await sql`DROP INDEX "asset_face_faceClusterId_assetId_idx";`.execute(db);
+  await sql`DROP INDEX "asset_face_faceClusterId_assetId_notDeleted_isVisible_idx";`.execute(db);
+  await sql`DROP INDEX "asset_face_assetId_faceClusterId_idx";`.execute(db);
+  await sql`ALTER TABLE "asset_face" ADD CONSTRAINT "asset_face_personId_fkey" FOREIGN KEY ("personId") REFERENCES "person" ("id") ON UPDATE CASCADE ON DELETE SET NULL;`.execute(db);
+  await sql`ALTER TABLE "asset_face" DROP CONSTRAINT "asset_face_faceClusterId_fkey";`.execute(db);
+  await sql`DROP TABLE "face_cluster";`.execute(db);
+  await sql`DROP TRIGGER "face_cluster_updatedAt" ON "face_cluster";`.execute(db);
+  await sql`INSERT INTO "migration_overrides" ("name", "value") VALUES ('index_asset_face_personId_assetId_notDeleted_isVisible_idx', '{"sql":"CREATE INDEX \\"asset_face_personId_assetId_notDeleted_isVisible_idx\\" ON \\"asset_face\\" (\\"personId\\", \\"assetId\\") WHERE (\\"deletedAt\\" IS NULL AND \\"isVisible\\" IS TRUE);","name":"asset_face_personId_assetId_notDeleted_isVisible_idx","type":"index"}'::jsonb);`.execute(db);
+  await sql`DELETE FROM "migration_overrides" WHERE "name" = 'trigger_face_cluster_updatedAt';`.execute(db);
+  await sql`DELETE FROM "migration_overrides" WHERE "name" = 'index_asset_face_faceClusterId_assetId_notDeleted_isVisible_idx';`.execute(db);
+}
@@ -11,8 +11,8 @@ import {
  UpdateDateColumn,
 } from '@immich/sql-tools';
 import { CreateIdColumn, UpdatedAtTrigger, UpdateIdColumn } from 'src/decorators';
-import { AlbumUserRole } from 'src/enum';
-import { album_user_role_enum } from 'src/schema/enums';
+import { AlbumUserRole, SharingPermission } from 'src/enum';
+import { album_user_role_enum, sharing_permission_enum } from 'src/schema/enums';
 import { album_user_after_insert, album_user_delete_audit } from 'src/schema/functions';
 import { AlbumTable } from 'src/schema/tables/album.table';
 import { UserTable } from 'src/schema/tables/user.table';
@@ -69,4 +69,14 @@ export class AlbumUserTable {

  @UpdateDateColumn()
  updatedAt!: Generated<Timestamp>;
+
+  @Column({
+    array: true,
+    enum: sharing_permission_enum,
+    default: [SharingPermission.AssetRead, SharingPermission.ExifRead],
+  })
+  permissions!: Generated<SharingPermission[]>;
+
+  @Column({ type: 'boolean', default: false })
+  inTimeline!: Generated<boolean>;
 }
@@ -15,7 +15,7 @@ import { SourceType } from 'src/enum';
 import { asset_face_source_type } from 'src/schema/enums';
 import { asset_face_audit } from 'src/schema/functions';
 import { AssetTable } from 'src/schema/tables/asset.table';
-import { PersonTable } from 'src/schema/tables/person.table';
+import { FaceClusterTable } from 'src/schema/tables/face-cluster.table';

@Table({ name: 'asset_face' })
@UpdatedAtTrigger('asset_face_updatedAt')
@@ -26,13 +26,13 @@ import { PersonTable } from 'src/schema/tables/person.table';
  when: 'pg_trigger_depth() = 0',
 })
 // schemaFromDatabase does not preserve column order
-@Index({ name: 'asset_face_assetId_personId_idx', columns: ['assetId', 'personId'] })
+@Index({ name: 'asset_face_assetId_faceClusterId_idx', columns: ['assetId', 'faceClusterId'] })
@Index({
-  name: 'asset_face_personId_assetId_notDeleted_isVisible_idx',
-  columns: ['personId', 'assetId'],
+  name: 'asset_face_faceClusterId_assetId_notDeleted_isVisible_idx',
+  columns: ['faceClusterId', 'assetId'],
  where: '"deletedAt" IS NULL AND "isVisible" IS TRUE',
 })
-@Index({ columns: ['personId', 'assetId'] })
+@Index({ columns: ['faceClusterId', 'assetId'] })
 export class AssetFaceTable {
  @PrimaryGeneratedColumn()
  id!: Generated<string>;
@@ -45,14 +45,14 @@ export class AssetFaceTable {
  })
  assetId!: string;

-  @ForeignKeyColumn(() => PersonTable, {
+  @ForeignKeyColumn(() => FaceClusterTable, {
    onDelete: 'SET NULL',
    onUpdate: 'CASCADE',
    nullable: true,
-    // [personId, assetId] makes this redundant
+    // [faceClusterId, assetId] makes this redundant
    index: false,
  })
-  personId!: string | null;
+  faceClusterId!: string | null;

  @Column({ default: 0, type: 'integer' })
  imageWidth!: Generated<number>;
@@ -0,0 +1,25 @@
+import {
+  CreateDateColumn,
+  Generated,
+  PrimaryGeneratedColumn,
+  Table,
+  Timestamp,
+  UpdateDateColumn,
+} from '@immich/sql-tools';
+import { UpdatedAtTrigger, UpdateIdColumn } from 'src/decorators';
+
+@Table('face_cluster')
+@UpdatedAtTrigger('face_cluster_updatedAt')
+export class FaceClusterTable {
+  @PrimaryGeneratedColumn('uuid')
+  id!: Generated<string>;
+
+  @CreateDateColumn()
+  createdAt!: Generated<Timestamp>;
+
+  @UpdateDateColumn()
+  updatedAt!: Generated<Timestamp>;
+
+  @UpdateIdColumn({ index: true })
+  updateId!: Generated<string>;
+}
@@ -9,6 +9,8 @@ import {
  UpdateDateColumn,
 } from '@immich/sql-tools';
 import { CreateIdColumn, UpdatedAtTrigger, UpdateIdColumn } from 'src/decorators';
+import { SharingPermission } from 'src/enum';
+import { sharing_permission_enum } from 'src/schema/enums';
 import { partner_delete_audit } from 'src/schema/functions';
 import { UserTable } from 'src/schema/tables/user.table';

@@ -46,4 +48,7 @@ export class PartnerTable {

  @UpdateIdColumn({ index: true })
  updateId!: Generated<string>;
+
+  @Column({ array: true, enum: sharing_permission_enum, default: [SharingPermission.All] })
+  permissions!: Generated<SharingPermission[]>;
 }
@@ -14,6 +14,7 @@ import {
 import { UpdatedAtTrigger, UpdateIdColumn } from 'src/decorators';
 import { person_delete_audit } from 'src/schema/functions';
 import { AssetFaceTable } from 'src/schema/tables/asset-face.table';
+import { FaceClusterTable } from 'src/schema/tables/face-cluster.table';
 import { UserTable } from 'src/schema/tables/user.table';

@Table('person')
@@ -43,9 +44,6 @@ export class PersonTable {
  @ForeignKeyColumn(() => UserTable, { onDelete: 'CASCADE', onUpdate: 'CASCADE', nullable: false })
  ownerId!: string;

-  @Column({ default: '' })
-  name!: Generated<string>;
-
  @Column({ default: '' })
  thumbnailPath!: Generated<string>;

@@ -55,6 +53,9 @@ export class PersonTable {
  @Column({ type: 'date', nullable: true })
  birthDate!: Timestamp | null;

+  @Column({ default: '' })
+  name!: Generated<string>;
+
  @ForeignKeyColumn(() => AssetFaceTable, { onDelete: 'SET NULL', nullable: true })
  faceAssetId!: string | null;

@@ -66,4 +67,7 @@ export class PersonTable {

  @UpdateIdColumn({ index: true })
  updateId!: Generated<string>;
+
+  @ForeignKeyColumn(() => FaceClusterTable, { onDelete: 'CASCADE', onUpdate: 'CASCADE', nullable: true, index: true })
+  faceClusterId!: string | null;
 }
@@ -4,6 +4,7 @@ import {
  CreateDateColumn,
  DeleteDateColumn,
  Generated,
+  GeneratedColumn,
  Index,
  PrimaryGeneratedColumn,
  Table,
@@ -82,4 +83,7 @@ export class UserTable {

  @UpdateIdColumn({ index: true })
  updateId!: Generated<string>;
+
+  @GeneratedColumn('uuid')
+  trustedGroupId!: Generated<string>;
 }
@@ -8,13 +8,15 @@ import {
  CreateAlbumDto,
  GetAlbumsDto,
  mapAlbum,
+  SharingPermissionsResponseDto,
  UpdateAlbumDto,
  UpdateAlbumUserDto,
+  UpdateSharingPermissionsDto,
 } from 'src/dtos/album.dto';
 import { BulkIdErrorReason, BulkIdResponseDto, BulkIdsDto } from 'src/dtos/asset-ids.response.dto';
 import { AuthDto } from 'src/dtos/auth.dto';
 import { MapMarkerResponseDto } from 'src/dtos/map.dto';
-import { AlbumUserRole, Permission } from 'src/enum';
+import { AlbumUserRole, Permission, SharingPermission } from 'src/enum';
 import { AlbumAssetCount, AlbumInfoOptions } from 'src/repositories/album.repository';
 import { BaseService } from 'src/services/base.service';
 import { addAssets, removeAssets } from 'src/utils/asset.util';
@@ -137,6 +139,11 @@ export class AlbumService extends BaseService {
    );

    for (const { userId } of albumUsers) {
+      await this.userRepository.mergeTrustedGroups({
+        userId: auth.user.id,
+        userIdToMerge: userId,
+      });
+
      await this.eventRepository.emit('AlbumInvite', { id: album.id, userId, senderName: auth.user.name });
    }

@@ -306,7 +313,17 @@ export class AlbumService extends BaseService {
        throw new BadRequestException('Invalid user');
      }

-      await this.albumUserRepository.create({ userId, albumId: id, role });
+      await this.userRepository.mergeTrustedGroups({
+        userId: auth.user.id,
+        userIdToMerge: userId,
+      });
+      await this.albumUserRepository.create({
+        userId,
+        albumId: id,
+        role,
+        permissions: [SharingPermission.AssetRead, SharingPermission.ExifRead],
+      });
+
      await this.eventRepository.emit('AlbumInvite', { id, userId, senderName: auth.user.name });
    }

@@ -345,6 +362,19 @@ export class AlbumService extends BaseService {
    await this.albumUserRepository.update({ albumId: id, userId }, { role: dto.role });
  }

+  async updateSelf(auth: AuthDto, albumId: string, dto: UpdateSharingPermissionsDto): Promise<void> {
+    await this.requireAccess({ auth, permission: Permission.AlbumAssetCreate, ids: [albumId] });
+    await this.albumUserRepository.update(
+      { albumId, userId: auth.user.id },
+      { permissions: dto.permissions, inTimeline: dto.inTimeline },
+    );
+  }
+
+  async getSelf(auth: AuthDto, albumId: string): Promise<SharingPermissionsResponseDto> {
+    await this.requireAccess({ auth, permission: Permission.AlbumAssetCreate, ids: [albumId] });
+    return this.albumUserRepository.get({ userId: auth.user.id, albumId });
+  }
+
  private async findOrFail(id: string, authUserId: string, options: AlbumInfoOptions) {
    const album = await this.albumRepository.getById(id, options, authUserId);
    if (!album) {
@@ -32,10 +32,11 @@ import {
  JobStatus,
  Permission,
  QueueName,
+  SharingPermission,
 } from 'src/enum';
 import { BaseService } from 'src/services/base.service';
 import { JobItem, JobOf } from 'src/types';
-import { requireElevatedPermission } from 'src/utils/access';
+import { hasPermissions, requireElevatedPermission } from 'src/utils/access';
 import {
  getAssetFiles,
  getDimensions,
@@ -62,14 +63,18 @@ export class AssetService extends BaseService {
  async get(auth: AuthDto, id: string): Promise<AssetResponseDto | SanitizedAssetResponseDto> {
    await this.requireAccess({ auth, permission: Permission.AssetRead, ids: [id] });

-    const asset = await this.assetRepository.getById(id, {
-      exifInfo: true,
-      owner: true,
-      faces: { person: true },
-      stack: { assets: true },
-      edits: true,
-      tags: true,
-    });
+    const asset = await this.assetRepository.getById(
+      id,
+      {
+        exifInfo: true,
+        owner: true,
+        faces: { person: true },
+        stack: { assets: true },
+        edits: true,
+        tags: true,
+      },
+      auth.user.id,
+    );

    if (!asset) {
      throw new BadRequestException('Asset not found');
@@ -85,7 +90,7 @@ export class AssetService extends BaseService {
      delete data.owner;
    }

-    if (data.ownerId !== auth.user.id || auth.sharedLink) {
+    if (!hasPermissions(data, SharingPermission.PersonRead)) {
      data.people = [];
    }

@@ -85,7 +85,11 @@ export class NotificationService extends BaseService {
      return;
    }

-    this.logger.error(`Unable to run job handler (${job.name}): ${error}`, error?.stack, JSON.stringify(job.data));
+    this.logger.error(
+      `Unable to run job handler (${job.name}): ${error}`,
+      error?.stack,
+      'data' in job ? JSON.stringify(job.data) : {},
+    );

    switch (job.name) {
      case JobName.DatabaseBackup: {
@@ -3,7 +3,7 @@ import { Partner } from 'src/database';
 import { AuthDto } from 'src/dtos/auth.dto';
 import { PartnerCreateDto, PartnerResponseDto, PartnerSearchDto, PartnerUpdateDto } from 'src/dtos/partner.dto';
 import { mapUser } from 'src/dtos/user.dto';
-import { Permission } from 'src/enum';
+import { JobName, Permission, SharingPermission } from 'src/enum';
 import { PartnerDirection, PartnerIds } from 'src/repositories/partner.repository';
 import { BaseService } from 'src/services/base.service';

@@ -16,7 +16,15 @@ export class PartnerService extends BaseService {
      throw new BadRequestException(`Partner already exists`);
    }

-    const partner = await this.partnerRepository.create(partnerId);
+    const { numUpdatedRows } = await this.userRepository.mergeTrustedGroups({
+      userId: auth.user.id,
+      userIdToMerge: sharedWithId,
+    });
+    const partner = await this.partnerRepository.create({ ...partnerId, permissions: [SharingPermission.All] });
+    if (numUpdatedRows > 0) {
+      await this.jobRepository.queue({ name: JobName.FacialRecognitionMerge, data: { id: sharedWithId } });
+    }
+
    return this.mapPartner(partner, PartnerDirection.SharedBy);
  }

@@ -28,6 +36,10 @@ export class PartnerService extends BaseService {
    }

    await this.partnerRepository.remove(partnerId);
+    const { numUpdatedRows } = await this.userRepository.updateTrustedGroups(auth.user.id);
+    if (numUpdatedRows > 0) {
+      await this.jobRepository.queue({ name: JobName.FacialRecognitionQueueAll, data: { force: true } });
+    }
  }

  async search(auth: AuthDto, { direction }: PartnerSearchDto): Promise<PartnerResponseDto[]> {
@@ -13,7 +13,7 @@ import {
  FaceDto,
  mapFaces,
  mapPerson,
-  MergePersonDto,
+  MergeFaceClusterDto,
  PeopleResponseDto,
  PeopleUpdateDto,
  PersonCreateDto,
@@ -159,7 +159,7 @@ export class PersonService extends BaseService {

  async getStatistics(auth: AuthDto, id: string): Promise<PersonStatisticsResponseDto> {
    await this.requireAccess({ auth, permission: Permission.PersonRead, ids: [id] });
-    return this.personRepository.getStatistics(id);
+    return this.personRepository.getStatistics(auth.user.id, id);
  }

  async getThumbnail(auth: AuthDto, id: string): Promise<ImmichFileResponse> {
@@ -438,7 +438,7 @@ export class PersonService extends BaseService {

    const lastRun = new Date().toISOString();
    const facePagination = this.personRepository.getAllFaces(
-      force ? undefined : { personId: null, sourceType: SourceType.MachineLearning },
+      force ? undefined : { faceClusterId: null, sourceType: SourceType.MachineLearning },
    );

    let jobs: { name: JobName.FacialRecognition; data: { id: string; deferred: false } }[] = [];
@@ -481,8 +481,8 @@ export class PersonService extends BaseService {
      return JobStatus.Failed;
    }

-    if (face.personId) {
-      this.logger.debug(`Face ${id} already has a person assigned`);
+    if (face.faceClusterId) {
+      this.logger.debug(`Face ${id} already belongs to a face cluster`);
      return JobStatus.Skipped;
    }

@@ -511,8 +511,8 @@ export class PersonService extends BaseService {
      return JobStatus.Skipped;
    }

-    let personId = matches.find((match) => match.personId)?.personId;
-    if (!personId) {
+    let faceClusterId = matches.find((match) => match.faceClusterId)?.faceClusterId;
+    if (!faceClusterId) {
      const matchWithPerson = await this.searchRepository.searchFaces({
        userIds: [face.asset.ownerId],
        embedding: face.faceSearch.embedding,
@@ -523,20 +523,100 @@ export class PersonService extends BaseService {
      });

      if (matchWithPerson.length > 0) {
-        personId = matchWithPerson[0].personId;
+        faceClusterId = matchWithPerson[0].faceClusterId;
      }
    }

-    if (isCore && !personId) {
+    if (isCore && !faceClusterId) {
      this.logger.log(`Creating new person for face ${id}`);
      const newPerson = await this.personRepository.create({ ownerId: face.asset.ownerId, faceAssetId: face.id });
      await this.jobRepository.queue({ name: JobName.PersonGenerateThumbnail, data: { id: newPerson.id } });
-      personId = newPerson.id;
+      faceClusterId = newPerson.faceClusterId;
    }

-    if (personId) {
-      this.logger.debug(`Assigning face ${id} to person ${personId}`);
-      await this.personRepository.reassignFaces({ faceIds: [id], newPersonId: personId });
+    if (faceClusterId) {
+      this.logger.debug(`Assigning face ${id} to face cluster ${faceClusterId}`);
+      await this.personRepository.reassignFaces({ faceIds: [id], newFaceClusterId: faceClusterId });
+    }
+
+    return JobStatus.Success;
+  }
+
+  @OnJob({ name: JobName.FacialRecognitionMerge, queue: QueueName.FacialRecognition })
+  async mergeClusters({ id: userId }: JobOf<JobName.FacialRecognitionMerge>): Promise<JobStatus> {
+    const { machineLearning } = await this.getConfig({ withCache: true });
+    if (!isFacialRecognitionEnabled(machineLearning)) {
+      return JobStatus.Skipped;
+    }
+
+    const faces = this.personRepository.getAllFaces({ sourceType: SourceType.MachineLearning });
+    for await (const { id } of faces) {
+      const face = await this.personRepository.getFaceForFacialRecognitionJob(id);
+      if (!face?.faceSearch || !face.asset) {
+        this.logger.warn(`Face ${id} does not have an embedding`);
+        return JobStatus.Failed;
+      }
+
+      let faceClusterId: string | null = null;
+      const matchWithPerson = await this.searchRepository.searchFaces({
+        userIds: [face.asset.ownerId],
+        embedding: face.faceSearch.embedding,
+        maxDistance: machineLearning.facialRecognition.maxDistance,
+        numResults: 10,
+        hasPerson: true,
+        minBirthDate: new Date(face.asset.fileCreatedAt),
+      });
+
+      if (matchWithPerson.length > 0) {
+        // favor a person that's not owned by us to merge people with a newly shared with user
+        // probably do smarter stuff here like pick the person with a name, if both have a name set aliases or whatever
+        const match = matchWithPerson.find((match) => match.ownerId !== userId) ?? matchWithPerson[0];
+        if (match.faceClusterId && face.asset.ownerId !== match.ownerId) {
+          // TODO should probably be a DB constraint?
+          const people = await this.personRepository.getByFaceClusterId(match.faceClusterId);
+
+          if (!people.some((person) => person.ownerId === face.asset?.ownerId)) {
+            const person = await this.personRepository.create({
+              ownerId: face.asset.ownerId,
+              faceClusterId: match.faceClusterId,
+            });
+            await this.jobRepository.queue({ name: JobName.PersonGenerateThumbnail, data: { id: person.id } });
+          }
+        }
+
+        faceClusterId = match.faceClusterId;
+      }
+
+      if (!faceClusterId) {
+        const matches = await this.searchRepository.searchFaces({
+          userIds: [userId],
+          embedding: face.faceSearch.embedding,
+          maxDistance: machineLearning.facialRecognition.maxDistance,
+          numResults: machineLearning.facialRecognition.minFaces,
+          minBirthDate: new Date(face.asset.fileCreatedAt),
+        });
+
+        const match = matches.find((match) => match.faceClusterId);
+        if (match && match.faceClusterId && face.asset.ownerId !== match.ownerId) {
+          // TODO should probably be a DB constraint?
+          const people = await this.personRepository.getByFaceClusterId(match.faceClusterId);
+
+          if (!people.some((person) => person.ownerId === face.asset?.ownerId)) {
+            const person = await this.personRepository.create({
+              ownerId: face.asset.ownerId,
+              faceClusterId: match.faceClusterId,
+            });
+            await this.jobRepository.queue({ name: JobName.PersonGenerateThumbnail, data: { id: person.id } });
+          }
+        }
+
+        faceClusterId = match?.faceClusterId ?? null;
+      }
+
+      if (faceClusterId) {
+        this.logger.log(`Assigning face ${id} to face cluster ${faceClusterId}`);
+        await this.personRepository.reassignFaces({ faceIds: [id], newFaceClusterId: faceClusterId });
+      }
    }

    return JobStatus.Success;
@@ -554,7 +634,7 @@ export class PersonService extends BaseService {
    return JobStatus.Success;
  }

-  async mergePerson(auth: AuthDto, id: string, dto: MergePersonDto): Promise<BulkIdResponseDto[]> {
+  async mergePerson(auth: AuthDto, id: string, dto: MergeFaceClusterDto): Promise<BulkIdResponseDto[]> {
    const mergeIds = dto.ids;
    if (mergeIds.includes(id)) {
      throw new BadRequestException('Cannot merge a person into themselves');
@@ -600,7 +680,7 @@ export class PersonService extends BaseService {
        }

        const mergeName = mergePerson.name || mergePerson.id;
-        const mergeData: UpdateFacesData = { oldPersonId: mergeId, newPersonId: id };
+        const mergeData: UpdateFacesData = { oldFaceClusterId: mergeId, newFaceClusterId: id };
        this.logger.log(`Merging ${mergeName} into ${primaryName}`);

        await this.personRepository.reassignFaces(mergeData);
@@ -613,6 +693,7 @@ export class PersonService extends BaseService {
        results.push({ id: mergeId, success: false, error: BulkIdErrorReason.UNKNOWN });
      }
    }
+
    return results;
  }

@@ -682,8 +763,12 @@ export class PersonService extends BaseService {
      dto.imageHeight = originalDimensions.height;
    }

+    if (!person?.faceClusterId) {
+      throw new Error('Person must already have some recognized faces and belong to a face cluster');
+    }
+
    await this.personRepository.createAssetFace({
-      personId: dto.personId,
+      faceClusterId: person.faceClusterId,
      assetId: dto.assetId,
      imageHeight: dto.imageHeight,
      imageWidth: dto.imageWidth,
@@ -208,6 +208,7 @@ export class SearchService extends BaseService {
      repository: this.partnerRepository,
      timelineEnabled: true,
    });
+    console.log(auth.user.id, partnerIds);
    return [auth.user.id, ...partnerIds];
  }

@@ -202,7 +202,9 @@ export type ConcurrentQueueName = Exclude<
  | QueueName.BackupDatabase
 >;

-export type Jobs = { [K in JobItem['name']]: (JobItem & { name: K })['data'] };
+export type Jobs = {
+  [K in JobItem['name']]: 'data' extends keyof (JobItem & { name: K }) ? (JobItem & { name: K })['data'] : never;
+};
 export type JobOf<T extends JobName> = Jobs[T];

 export interface IBaseJob {
@@ -360,6 +362,7 @@ export type JobItem =
  | { name: JobName.AssetDetectFaces; data: IEntityJob }
  | { name: JobName.FacialRecognitionQueueAll; data: INightlyJob }
  | { name: JobName.FacialRecognition; data: IDeferrableJob }
+  | { name: JobName.FacialRecognitionMerge; data: IEntityJob }
  | { name: JobName.PersonGenerateThumbnail; data: IEntityJob }

  // Smart Search
@@ -1,7 +1,7 @@
 import { BadRequestException, UnauthorizedException } from '@nestjs/common';
 import { AuthSharedLink } from 'src/database';
 import { AuthDto } from 'src/dtos/auth.dto';
-import { AlbumUserRole, Permission } from 'src/enum';
+import { AlbumUserRole, Permission, SharingPermission } from 'src/enum';
 import { AccessRepository } from 'src/repositories/access.repository';
 import { setDifference, setIsEqual, setIsSuperset, setUnion } from 'src/utils/set';

@@ -115,37 +115,41 @@ const checkOtherAccess = async (access: AccessRepository, request: OtherAccessRe

    case Permission.AssetRead: {
      const isOwner = await access.asset.checkOwnerAccess(auth.user.id, ids, auth.session?.hasElevatedPermission);
-      const isAlbum = await access.asset.checkAlbumAccess(auth.user.id, setDifference(ids, isOwner));
-      const isPartner = await access.asset.checkPartnerAccess(auth.user.id, setDifference(ids, isOwner, isAlbum));
-      return setUnion(isOwner, isAlbum, isPartner);
+      const isShared = await access.asset.checkSharedAccess(auth.user.id, ids, [SharingPermission.AssetRead]);
+      return setUnion(isOwner, isShared);
    }

    case Permission.AssetShare: {
      const isOwner = await access.asset.checkOwnerAccess(auth.user.id, ids, false);
-      const isPartner = await access.asset.checkPartnerAccess(auth.user.id, setDifference(ids, isOwner));
-      return setUnion(isOwner, isPartner);
+      const isShared = await access.asset.checkSharedAccess(auth.user.id, ids, [SharingPermission.AssetShare]);
+      return setUnion(isOwner, isShared);
    }

    case Permission.AssetView: {
      const isOwner = await access.asset.checkOwnerAccess(auth.user.id, ids, auth.session?.hasElevatedPermission);
-      const isAlbum = await access.asset.checkAlbumAccess(auth.user.id, setDifference(ids, isOwner));
-      const isPartner = await access.asset.checkPartnerAccess(auth.user.id, setDifference(ids, isOwner, isAlbum));
-      return setUnion(isOwner, isAlbum, isPartner);
+      const isShared = await access.asset.checkSharedAccess(auth.user.id, ids, [SharingPermission.AssetRead]);
+      return setUnion(isOwner, isShared);
    }

    case Permission.AssetDownload: {
      const isOwner = await access.asset.checkOwnerAccess(auth.user.id, ids, auth.session?.hasElevatedPermission);
-      const isAlbum = await access.asset.checkAlbumAccess(auth.user.id, setDifference(ids, isOwner));
-      const isPartner = await access.asset.checkPartnerAccess(auth.user.id, setDifference(ids, isOwner, isAlbum));
-      return setUnion(isOwner, isAlbum, isPartner);
+      const isShared = await access.asset.checkSharedAccess(auth.user.id, ids, [
+        SharingPermission.AssetRead,
+        SharingPermission.ExifRead,
+      ]);
+      return setUnion(isOwner, isShared);
    }

    case Permission.AssetUpdate: {
-      return await access.asset.checkOwnerAccess(auth.user.id, ids, auth.session?.hasElevatedPermission);
+      const isOwner = await access.asset.checkOwnerAccess(auth.user.id, ids, auth.session?.hasElevatedPermission);
+      const isShared = await access.asset.checkSharedAccess(auth.user.id, ids, [SharingPermission.AssetUpdate]);
+      return setUnion(isOwner, isShared);
    }

    case Permission.AssetDelete: {
-      return await access.asset.checkOwnerAccess(auth.user.id, ids, auth.session?.hasElevatedPermission);
+      const isOwner = await access.asset.checkOwnerAccess(auth.user.id, ids, auth.session?.hasElevatedPermission);
+      const isShared = await access.asset.checkSharedAccess(auth.user.id, ids, [SharingPermission.AssetDelete]);
+      return setUnion(isOwner, isShared);
    }

    case Permission.AssetCopy: {
@@ -153,15 +157,21 @@ const checkOtherAccess = async (access: AccessRepository, request: OtherAccessRe
    }

    case Permission.AssetEditGet: {
-      return await access.asset.checkOwnerAccess(auth.user.id, ids, auth.session?.hasElevatedPermission);
+      const isOwner = await access.asset.checkOwnerAccess(auth.user.id, ids, auth.session?.hasElevatedPermission);
+      const isShared = await access.asset.checkSharedAccess(auth.user.id, ids, [SharingPermission.AssetEdit]);
+      return setUnion(isOwner, isShared);
    }

    case Permission.AssetEditCreate: {
-      return await access.asset.checkOwnerAccess(auth.user.id, ids, auth.session?.hasElevatedPermission);
+      const isOwner = await access.asset.checkOwnerAccess(auth.user.id, ids, auth.session?.hasElevatedPermission);
+      const isShared = await access.asset.checkSharedAccess(auth.user.id, ids, [SharingPermission.AssetEdit]);
+      return setUnion(isOwner, isShared);
    }

    case Permission.AssetEditDelete: {
-      return await access.asset.checkOwnerAccess(auth.user.id, ids, auth.session?.hasElevatedPermission);
+      const isOwner = await access.asset.checkOwnerAccess(auth.user.id, ids, auth.session?.hasElevatedPermission);
+      const isShared = await access.asset.checkSharedAccess(auth.user.id, ids, [SharingPermission.AssetEdit]);
+      return setUnion(isOwner, isShared);
    }

    case Permission.AlbumRead: {
@@ -246,7 +256,11 @@ const checkOtherAccess = async (access: AccessRepository, request: OtherAccessRe
    }

    case Permission.FaceDelete: {
-      return access.person.checkFaceOwnerAccess(auth.user.id, ids);
+      const isOwner = await access.person.checkFaceOwnerAccess(auth.user.id, ids);
+      const isShared = await access.person.checkSharedFaceAccess(auth.user.id, setDifference(ids, isOwner), [
+        SharingPermission.AssetUpdate,
+      ]);
+      return setUnion(isOwner, isShared);
    }

    case Permission.NotificationRead:
@@ -288,11 +302,40 @@ const checkOtherAccess = async (access: AccessRepository, request: OtherAccessRe
      return access.person.checkFaceOwnerAccess(auth.user.id, ids);
    }

-    case Permission.PersonRead:
-    case Permission.PersonUpdate:
-    case Permission.PersonDelete:
+    case Permission.PersonRead: {
+      const isOwner = await access.person.checkOwnerAccess(auth.user.id, ids);
+      const isShared = await access.person.checkSharedAccess(auth.user.id, setDifference(ids, isOwner), [
+        SharingPermission.PersonRead,
+      ]);
+
+      return setUnion(isOwner, isShared);
+    }
+
    case Permission.PersonMerge: {
-      return await access.person.checkOwnerAccess(auth.user.id, ids);
+      const isOwner = await access.person.checkOwnerAccess(auth.user.id, ids);
+      const isShared = await access.person.checkSharedAccess(auth.user.id, setDifference(ids, isOwner), [
+        SharingPermission.PersonMerge,
+      ]);
+
+      return setUnion(isOwner, isShared);
+    }
+
+    case Permission.PersonUpdate: {
+      const isOwner = await access.person.checkOwnerAccess(auth.user.id, ids);
+      const isShared = await access.person.checkSharedAccess(auth.user.id, setDifference(ids, isOwner), [
+        SharingPermission.PersonUpdate,
+      ]);
+
+      return setUnion(isOwner, isShared);
+    }
+
+    case Permission.PersonDelete: {
+      const isOwner = await access.person.checkOwnerAccess(auth.user.id, ids);
+      const isShared = await access.person.checkSharedAccess(auth.user.id, setDifference(ids, isOwner), [
+        SharingPermission.PersonDelete,
+      ]);
+
+      return setUnion(isOwner, isShared);
    }

    case Permission.PersonReassign: {
@@ -339,3 +382,20 @@ export const requireElevatedPermission = (auth: AuthDto) => {
    throw new UnauthorizedException('Elevated permission is required');
  }
 };
+
+export const hasPermissions = (
+  assetLike: { permissions: SharingPermission[] },
+  ...permissions: SharingPermission[]
+) => {
+  if (assetLike.permissions.includes(SharingPermission.All)) {
+    return true;
+  }
+
+  for (const permission of permissions) {
+    if (!assetLike.permissions.includes(permission)) {
+      return false;
+    }
+  }
+
+  return true;
+};
@@ -4,7 +4,7 @@ import { AssetFile } from 'src/database';
 import { BulkIdErrorReason, BulkIdResponseDto } from 'src/dtos/asset-ids.response.dto';
 import { UploadFieldName } from 'src/dtos/asset-media.dto';
 import { AuthDto } from 'src/dtos/auth.dto';
-import { AssetFileType, AssetType, AssetVisibility, Permission } from 'src/enum';
+import { AssetFileType, AssetType, AssetVisibility, Permission, SharingPermission } from 'src/enum';
 import { AuthRequest } from 'src/middleware/auth.guard';
 import { AccessRepository } from 'src/repositories/access.repository';
 import { AssetRepository } from 'src/repositories/asset.repository';
@@ -134,6 +134,11 @@ export const getMyPartnerIds = async ({ userId, repository, timelineEnabled }: P
      continue;
    }

+    const permissions = [SharingPermission.All, SharingPermission.AssetRead];
+    if (!permissions.some((permission) => partner.permissions.includes(permission))) {
+      continue;
+    }
+
    partnerIds.add(partner.sharedById);
  }

@@ -15,9 +15,17 @@ import {
 import { PostgresJSDialect } from 'kysely-postgres-js';
 import { jsonArrayFrom, jsonObjectFrom } from 'kysely/helpers/postgres';
 import { Notice, PostgresError } from 'postgres';
-import { columns, lockableProperties, LockableProperty, Person } from 'src/database';
+import { columns, lockableProperties, LockableProperty } from 'src/database';
 import { AssetEditActionItem } from 'src/dtos/editing.dto';
-import { AssetFileType, AssetOrderBy, AssetVisibility, DatabaseExtension, ExifOrientation } from 'src/enum';
+import {
+  AssetFileType,
+  AssetOrderBy,
+  AssetVisibility,
+  DatabaseExtension,
+  ExifOrientation,
+  SharingPermission,
+} from 'src/enum';
+import { hasAssetPermissions } from 'src/repositories/asset.repository';
 import { AssetSearchBuilderOptions } from 'src/repositories/search.repository';
 import { DB } from 'src/schema';
 import { AssetExifTable } from 'src/schema/tables/asset-exif.table';
@@ -212,19 +220,22 @@ export function withFilePath(eb: ExpressionBuilder<DB, 'asset'>, type: AssetFile

 export function withFacesAndPeople(
  eb: ExpressionBuilder<DB, 'asset'>,
-  withHidden?: boolean,
-  withDeletedFace?: boolean,
+  { withHidden, withDeletedFace, userId: _ }: { withHidden?: boolean; withDeletedFace?: boolean; userId?: string } = {},
 ) {
  return jsonArrayFrom(
    eb
      .selectFrom('asset_face')
-      .leftJoinLateral(
-        (eb) =>
-          eb.selectFrom('person').selectAll('person').whereRef('asset_face.personId', '=', 'person.id').as('person'),
-        (join) => join.onTrue(),
+      .select((eb) =>
+        jsonObjectFrom(
+          eb
+            .selectFrom('face_cluster')
+            .whereRef('face_cluster.id', '=', 'asset_face.faceClusterId')
+            .innerJoin('person', 'person.faceClusterId', 'face_cluster.id')
+            .selectAll('person')
+            .limit(1),
+        ).as('person'),
      )
      .selectAll('asset_face')
-      .select((eb) => eb.table('person').$castTo<ShallowDehydrateObject<Person>>().as('person'))
      .whereRef('asset_face.assetId', '=', 'asset.id')
      .$if(!withDeletedFace, (qb) => qb.where('asset_face.deletedAt', 'is', null))
      .$if(!withHidden, (qb) => qb.where('asset_face.isVisible', 'is', true)),
@@ -237,11 +248,12 @@ export function hasPeople<O>(qb: SelectQueryBuilder<DB, 'asset', O>, personIds:
      eb
        .selectFrom('asset_face')
        .select('assetId')
-        .where('personId', '=', anyUuid(personIds!))
+        .innerJoin('person', 'person.faceClusterId', 'asset_face.faceClusterId')
+        .where('person.id', '=', anyUuid(personIds!))
        .where('deletedAt', 'is', null)
        .where('isVisible', 'is', true)
        .groupBy('assetId')
-        .having((eb) => eb.fn.count('personId').distinct(), '=', personIds.length)
+        .having((eb) => eb.fn.count('person.id').distinct(), '=', personIds.length)
        .as('has_people'),
    (join) => join.onRef('has_people.assetId', '=', 'asset.id'),
  );
@@ -302,6 +314,30 @@ export function truncatedDate<O>(order: AssetOrderBy = AssetOrderBy.TakenAt) {
  return sql<O>`date_trunc(${sql.lit('MONTH')}, ${sql.ref(order === AssetOrderBy.CreatedAt ? 'asset.createdAt' : 'localDateTime')} AT TIME ZONE 'UTC') AT TIME ZONE 'UTC'`;
 }

+export function withPermissions(userId: string) {
+  return (eb: ExpressionBuilder<DB, 'asset'>) =>
+    jsonArrayFrom(
+      eb
+        .selectFrom('album_user')
+        .select((eb) => eb.fn<SharingPermission>('unnest', ['album_user.permissions']).as('permission'))
+        .distinct()
+        .innerJoin('album_asset', 'album_user.albumId', 'album_asset.albumId')
+        .whereRef('album_asset.assetId', '=', 'asset.id')
+        .whereRef('album_user.userId', '=', 'asset.ownerId')
+        .where('album_user.albumId', 'in', (eb) =>
+          eb.selectFrom('album_user').select('album_user.albumId').where('album_user.userId', '=', userId),
+        )
+        .union(
+          eb
+            .selectFrom('partner')
+            .select((eb) => eb.fn<SharingPermission>('unnest', ['partner.permissions']).as('permission'))
+            .distinct()
+            .whereRef('partner.sharedById', '=', 'asset.ownerId')
+            .where('partner.sharedWithId', '=', userId),
+        ),
+    ).as('permissions');
+}
+
 export function withTagId<O>(qb: SelectQueryBuilder<DB, 'asset', O>, tagId: string) {
  return qb.where((eb) =>
    eb.exists(
@@ -428,7 +464,7 @@ export function searchAssetBuilder(kysely: Kysely<DB>, options: AssetSearchBuild
    .$if(!!options.checksum, (qb) => qb.where('asset.checksum', '=', options.checksum!))
    .$if(!!options.id, (qb) => qb.where('asset.id', '=', asUuid(options.id!)))
    .$if(!!options.libraryId, (qb) => qb.where('asset.libraryId', '=', asUuid(options.libraryId!)))
-    .$if(!!options.userIds, (qb) => qb.where('asset.ownerId', '=', anyUuid(options.userIds!)))
+    .$if(!!options.userIds, (qb) => qb.where(hasAssetPermissions(options.userIds![0], [SharingPermission.AssetRead])))
    .$if(!!options.encodedVideoPath, (qb) =>
      qb
        .innerJoin('asset_file', (join) =>
@@ -38,6 +38,7 @@ const createAsset = (
    fileSizeInByte !== null || Object.keys(exifFields).length > 0
      ? ExifResponseSchema.parse({ fileSizeInByte, ...exifFields })
      : undefined,
+  permissions: [],
 });

 describe('duplicate utils', () => {
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Daniel Dietzler	46c266e160	feat: sharing permissions	2026-05-18 16:11:20 +02:00
Yaros	3eb03f7934	chore: update readmes to match main (#28458 )	2026-05-17 13:08:27 -05:00
Alex	03ed3daa31	chore: improve mobile slideshow (#28460 )	2026-05-17 10:54:21 -05:00
Min Idzelis	02581e81a7	fix(web): work around Chrome HDR image seam lines during zoom (#27715 ) Change-Id: Ic5a5b1a476c2af93b465ef23dabc601a6a6a6964 Co-authored-by: Alex <alex.tran1502@gmail.com>	2026-05-16 02:15:24 +00:00
Santo Shakil	3ab3d5cf43	fix(mobile): don't force-unwrap nil localizedTitle in ios getAlbums (#28452 ) crashes on ios 26 when a PHAssetCollection returns nil for localizedTitle. fall back to localIdentifier. ref #28428	2026-05-15 18:12:28 -05:00
Ben Beckford	0ef04d9baa	feat(mobile): slideshow view (#28421 ) * feat(mobile): slideshow view * move slideshow settings to metadata store * remove watch in initState * wrap progress bar in safearea * show slideshow button on remote albums * fix crash on unknown assets * always show slideshow option * add zoom effect * add padding to slideshow settings * chore: styling tweak --------- Co-authored-by: Alex <alex.tran1502@gmail.com>	2026-05-15 18:12:04 -05:00
Santo Shakil	df016f9228	fix(mobile): mounted check in ThumbnailTile hero flight listener (#28451 ) When the user pops back from the asset viewer mid-flight, the hero animation can fire its status listener after _ThumbnailTileState has been disposed. setState then throws a null check on State._element. Guard the listener with `if (!mounted) return;` — same pattern as #28300 in the album sync action.	2026-05-15 21:41:04 +00:00
Santo Shakil	17779c1e74	fix(mobile): cronet thumbnail buffer overflow regression from #28439 (#28450 ) The hybrid added in onReadCompleted reuses Cronet's ByteBuffer between reads to save a JNI wrap call when no grow is needed. That reuse breaks advance() — Cronet's position() is cumulative across reads, so the same K bytes get counted on every subsequent iteration. b.offset overshoots b.capacity, the reuse branch keeps firing on a now-empty buffer, and request.read() throws the original IllegalArgumentException again. Always pass a fresh wrap from wrapRemaining() so byteBuffer.position() reflects only this iteration's bytes. Same shape as the original PR had before the broken optimization was layered on top.	2026-05-15 17:25:31 -04:00
Santo Shakil	01d6a244d8	fix(mobile): cronet buffer overflow on compressed thumbnails (#28439 ) CronetImageFetcher sized the response buffer from Content-Length, which is the compressed wire size. Cronet auto-decompresses gzip/br responses and writes decompressed bytes into the buffer, exceeding it and throwing IllegalArgumentException: ByteBuffer is already full on the next read. Use the growable path; Content-Length becomes an initial alloc hint only, capped at 128 MB so an untrusted server can't overflow Int.MAX_VALUE or OOM us upfront. Reuse Cronet's ByteBuffer between reads when no grow is needed.	2026-05-15 14:48:23 -04:00