mirror of
https://github.com/immich-app/immich.git
synced 2025-11-04 03:39:37 -05:00
e171fec5aa
* Added read-only flag for assets, endpoint to trigger file import vs upload * updated fixtures with new property * if upload is 'read-only', ensure there is no existing asset at the designated originalPath * added test for file import as well as detecting existing image at read-only destination location * Added storage service test for a case where it should not move read-only assets * upload doesn't need the read-only flag available, just importing * default isReadOnly on import endpoint to true * formatting fixes * create-asset dto needs isReadOnly, so set it to false by default on create, updated api generation * updated code to reflect changes in MR * fixed read stream promise return type * new index for originalPath, check for existing path on import, reglardless of user, to prevent duplicates * refactor: import asset * chore: open api * chore: tests * Added externalPath support for individual users, updated UI to allow this to be set by admin * added missing var for externalPath in ui * chore: open api * fix: compilation issues * fix: server test * built api, fixed user-response dto to include externalPath * reverted accidental commit * bad commit of duplicate externalPath in user response dto * fixed tests to include externalPath on expected result * fix: unit tests * centralized supported filetypes, perform file type checking of asset and sidecar during file import process * centralized supported filetype check method to keep regex DRY * fixed typo * combined migrations into one * update api * Removed externalPath from shared-link code, added column to admin user page whether external paths / import is enabled or not * update mimetype * Fixed detect correct mimetype * revert asset-upload config * reverted domain.constant * refactor * fix mime-type issue * fix format --------- Co-authored-by: Jason Rasmussen <jrasm91@gmail.com> Co-authored-by: Alex Tran <alex.tran1502@gmail.com>
207 lines
6.5 KiB
TypeScript
207 lines
6.5 KiB
TypeScript
import { AuthService, AuthUserDto, CreateUserDto, UserResponseDto, UserService } from '@app/domain';
|
|
import { AppModule } from '@app/immich/app.module';
|
|
import { INestApplication } from '@nestjs/common';
|
|
import { Test, TestingModule } from '@nestjs/testing';
|
|
import request from 'supertest';
|
|
import { DataSource } from 'typeorm';
|
|
import { authCustom, clearDb } from '../test/test-utils';
|
|
|
|
function _createUser(userService: UserService, data: CreateUserDto) {
|
|
return userService.createUser(data);
|
|
}
|
|
|
|
describe('User', () => {
|
|
let app: INestApplication;
|
|
let database: DataSource;
|
|
|
|
afterAll(async () => {
|
|
await clearDb(database);
|
|
await app.close();
|
|
});
|
|
|
|
describe('without auth', () => {
|
|
beforeAll(async () => {
|
|
const moduleFixture: TestingModule = await Test.createTestingModule({ imports: [AppModule] }).compile();
|
|
|
|
app = moduleFixture.createNestApplication();
|
|
database = app.get(DataSource);
|
|
await app.init();
|
|
});
|
|
|
|
afterAll(async () => {
|
|
await app.close();
|
|
});
|
|
|
|
it('prevents fetching users if not auth', async () => {
|
|
const { status } = await request(app.getHttpServer()).get('/user');
|
|
expect(status).toEqual(401);
|
|
});
|
|
});
|
|
|
|
describe('with admin auth', () => {
|
|
let userService: UserService;
|
|
let authService: AuthService;
|
|
let authUser: AuthUserDto;
|
|
let userOne: UserResponseDto;
|
|
|
|
beforeAll(async () => {
|
|
const builder = Test.createTestingModule({ imports: [AppModule] });
|
|
const moduleFixture: TestingModule = await authCustom(builder, () => authUser).compile();
|
|
|
|
app = moduleFixture.createNestApplication();
|
|
userService = app.get(UserService);
|
|
authService = app.get(AuthService);
|
|
database = app.get(DataSource);
|
|
await app.init();
|
|
});
|
|
|
|
describe('with users in DB', () => {
|
|
const authUserEmail = 'auth-user@test.com';
|
|
const userOneEmail = 'one@test.com';
|
|
const userTwoEmail = 'two@test.com';
|
|
|
|
beforeAll(async () => {
|
|
// first user must be admin
|
|
const adminSignupResponseDto = await authService.adminSignUp({
|
|
firstName: 'auth-user',
|
|
lastName: 'test',
|
|
email: authUserEmail,
|
|
password: '1234',
|
|
});
|
|
authUser = { ...adminSignupResponseDto, isAdmin: true }; // TODO: find out why adminSignUp doesn't have isAdmin (maybe can just return UserResponseDto)
|
|
|
|
[userOne] = await Promise.all([
|
|
_createUser(userService, {
|
|
firstName: 'one',
|
|
lastName: 'test',
|
|
email: userOneEmail,
|
|
password: '1234',
|
|
}),
|
|
_createUser(userService, {
|
|
firstName: 'two',
|
|
lastName: 'test',
|
|
email: userTwoEmail,
|
|
password: '1234',
|
|
}),
|
|
]);
|
|
});
|
|
|
|
it('fetches the user collection including the auth user', async () => {
|
|
const { status, body } = await request(app.getHttpServer()).get('/user?isAll=false');
|
|
expect(status).toEqual(200);
|
|
expect(body).toHaveLength(3);
|
|
expect(body).toEqual(
|
|
expect.arrayContaining([
|
|
{
|
|
email: userOneEmail,
|
|
firstName: 'one',
|
|
lastName: 'test',
|
|
id: expect.anything(),
|
|
createdAt: expect.anything(),
|
|
isAdmin: false,
|
|
shouldChangePassword: true,
|
|
profileImagePath: '',
|
|
deletedAt: null,
|
|
updatedAt: expect.anything(),
|
|
oauthId: '',
|
|
storageLabel: null,
|
|
externalPath: null,
|
|
},
|
|
{
|
|
email: userTwoEmail,
|
|
firstName: 'two',
|
|
lastName: 'test',
|
|
id: expect.anything(),
|
|
createdAt: expect.anything(),
|
|
isAdmin: false,
|
|
shouldChangePassword: true,
|
|
profileImagePath: '',
|
|
deletedAt: null,
|
|
updatedAt: expect.anything(),
|
|
oauthId: '',
|
|
storageLabel: null,
|
|
externalPath: null,
|
|
},
|
|
{
|
|
email: authUserEmail,
|
|
firstName: 'auth-user',
|
|
lastName: 'test',
|
|
id: expect.anything(),
|
|
createdAt: expect.anything(),
|
|
isAdmin: true,
|
|
shouldChangePassword: true,
|
|
profileImagePath: '',
|
|
deletedAt: null,
|
|
updatedAt: expect.anything(),
|
|
oauthId: '',
|
|
storageLabel: 'admin',
|
|
externalPath: null,
|
|
},
|
|
]),
|
|
);
|
|
});
|
|
|
|
it('disallows admin user from creating a second admin account', async () => {
|
|
const { status } = await request(app.getHttpServer())
|
|
.put('/user')
|
|
.send({
|
|
...userOne,
|
|
isAdmin: true,
|
|
});
|
|
expect(status).toEqual(400);
|
|
});
|
|
|
|
it('ignores updates to createdAt, updatedAt and deletedAt', async () => {
|
|
const { status, body } = await request(app.getHttpServer())
|
|
.put('/user')
|
|
.send({
|
|
...userOne,
|
|
createdAt: '2023-01-01T00:00:00.000Z',
|
|
updatedAt: '2023-01-01T00:00:00.000Z',
|
|
deletedAt: '2023-01-01T00:00:00.000Z',
|
|
});
|
|
expect(status).toEqual(200);
|
|
expect(body).toStrictEqual({
|
|
...userOne,
|
|
createdAt: new Date(userOne.createdAt).toISOString(),
|
|
updatedAt: expect.anything(),
|
|
});
|
|
});
|
|
|
|
it('ignores updates to profileImagePath', async () => {
|
|
const { status, body } = await request(app.getHttpServer())
|
|
.put('/user')
|
|
.send({
|
|
...userOne,
|
|
profileImagePath: 'invalid.jpg',
|
|
});
|
|
expect(status).toEqual(200);
|
|
expect(body).toStrictEqual({
|
|
...userOne,
|
|
createdAt: new Date(userOne.createdAt).toISOString(),
|
|
updatedAt: expect.anything(),
|
|
});
|
|
});
|
|
|
|
it('allows to update first and last name', async () => {
|
|
const { status, body } = await request(app.getHttpServer())
|
|
.put('/user')
|
|
.send({
|
|
...userOne,
|
|
firstName: 'newFirstName',
|
|
lastName: 'newLastName',
|
|
});
|
|
|
|
expect(status).toEqual(200);
|
|
expect(body).toMatchObject({
|
|
...userOne,
|
|
createdAt: new Date(userOne.createdAt).toISOString(),
|
|
updatedAt: expect.anything(),
|
|
firstName: 'newFirstName',
|
|
lastName: 'newLastName',
|
|
});
|
|
});
|
|
});
|
|
});
|
|
});
|