mirror of
				https://github.com/immich-app/immich.git
				synced 2025-10-25 07:52:29 -04:00 
			
		
		
		
	fix(web): don't ask password for invalid shared link (#7456)
* fix(web): don't ask password for invalid shared link * use apiUtils for e2e test
This commit is contained in:
		
							parent
							
								
									fb18129843
								
							
						
					
					
						commit
						21feb69083
					
				| @ -15,6 +15,7 @@ test.describe('Shared Links', () => { | ||||
|   let asset: AssetResponseDto; | ||||
|   let album: AlbumResponseDto; | ||||
|   let sharedLink: SharedLinkResponseDto; | ||||
|   let sharedLinkPassword: SharedLinkResponseDto; | ||||
| 
 | ||||
|   test.beforeAll(async () => { | ||||
|     apiUtils.setup(); | ||||
| @ -29,17 +30,16 @@ test.describe('Shared Links', () => { | ||||
|         }, | ||||
|       }, | ||||
|       { headers: asBearerAuth(admin.accessToken) } | ||||
|       // { headers: asBearerAuth(admin.accessToken)},
 | ||||
|     ); | ||||
|     sharedLink = await createSharedLink( | ||||
|       { | ||||
|         sharedLinkCreateDto: { | ||||
|           type: SharedLinkType.Album, | ||||
|           albumId: album.id, | ||||
|         }, | ||||
|       }, | ||||
|       { headers: asBearerAuth(admin.accessToken) } | ||||
|     ); | ||||
|     sharedLink = await apiUtils.createSharedLink(admin.accessToken, { | ||||
|       type: SharedLinkType.Album, | ||||
|       albumId: album.id, | ||||
|     }); | ||||
|     sharedLinkPassword = await apiUtils.createSharedLink(admin.accessToken, { | ||||
|       type: SharedLinkType.Album, | ||||
|       albumId: album.id, | ||||
|       password: 'test-password', | ||||
|     }); | ||||
|   }); | ||||
| 
 | ||||
|   test.afterAll(async () => { | ||||
| @ -55,4 +55,16 @@ test.describe('Shared Links', () => { | ||||
|     await page.getByRole('button', { name: 'Download' }).click(); | ||||
|     await page.getByText('DOWNLOADING').waitFor(); | ||||
|   }); | ||||
| 
 | ||||
|   test('enter password for a shared link', async ({ page }) => { | ||||
|     await page.goto(`/share/${sharedLinkPassword.key}`); | ||||
|     await page.getByPlaceholder('Password').fill('test-password'); | ||||
|     await page.getByRole('button', { name: 'Submit' }).click(); | ||||
|     await page.getByRole('heading', { name: 'Test Album' }).waitFor(); | ||||
|   }); | ||||
| 
 | ||||
|   test('show error for invalid shared link', async ({ page }) => { | ||||
|     await page.goto('/share/invalid'); | ||||
|     await page.getByRole('heading', { name: 'Invalid share key' }).waitFor(); | ||||
|   }); | ||||
| }); | ||||
|  | ||||
| @ -1,7 +1,14 @@ | ||||
| <script lang="ts"> | ||||
|   import { page } from '$app/stores'; | ||||
| </script> | ||||
| 
 | ||||
| <svelte:head> | ||||
|   <title>Opps! Error - Immich</title> | ||||
| </svelte:head> | ||||
| 
 | ||||
| <section class="flex h-screen w-screen place-content-center place-items-center"> | ||||
|   <div class="p-20 text-4xl text-immich-primary dark:text-immich-dark-primary">Page not found :/</div> | ||||
| <section class="flex flex-col px-4 h-screen w-screen place-content-center place-items-center"> | ||||
|   <h1 class="py-10 text-4xl text-immich-primary dark:text-immich-dark-primary">Page not found :/</h1> | ||||
|   {#if $page.error?.message} | ||||
|     <h2 class="text-xl text-immich-fg dark:text-immich-dark-fg">{$page.error.message}</h2> | ||||
|   {/if} | ||||
| </section> | ||||
|  | ||||
| @ -1,7 +1,6 @@ | ||||
| import { getAssetThumbnailUrl } from '$lib/utils'; | ||||
| import { authenticate } from '$lib/utils/auth'; | ||||
| import { ThumbnailFormat, getMySharedLink } from '@immich/sdk'; | ||||
| import { error as throwError, type HttpError } from '@sveltejs/kit'; | ||||
| import { ThumbnailFormat, getMySharedLink, isHttpError } from '@immich/sdk'; | ||||
| import type { PageLoad } from './$types'; | ||||
| 
 | ||||
| export const load = (async ({ params }) => { | ||||
| @ -22,9 +21,7 @@ export const load = (async ({ params }) => { | ||||
|       }, | ||||
|     }; | ||||
|   } catch (error) { | ||||
|     // handle unauthorized error
 | ||||
|     // TODO this doesn't allow for 404 shared links anymore
 | ||||
|     if ((error as HttpError).status === 401) { | ||||
|     if (isHttpError(error) && error.data.message === 'Invalid password') { | ||||
|       return { | ||||
|         passwordRequired: true, | ||||
|         sharedLinkKey: key, | ||||
| @ -34,8 +31,6 @@ export const load = (async ({ params }) => { | ||||
|       }; | ||||
|     } | ||||
| 
 | ||||
|     throwError(404, { | ||||
|       message: 'Invalid shared link', | ||||
|     }); | ||||
|     throw error; | ||||
|   } | ||||
| }) satisfies PageLoad; | ||||
|  | ||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user