wisplite/raster
1
0
Fork 0
mirror of https://github.com/wisplite/raster.git synced 2026-05-01 06:32:44 -05:00
Code Issues Packages Projects Releases Wiki Activity

refactor album access logic to handle guest users and improve state initialization in gallery components

Browse Source
This commit is contained in:
wisplite
2025-11-22 23:56:47 -06:00
parent d9bad97a53
commit eb2691af75
4 changed files with 42 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files
backend/internal/routes/album.go
-4
View File
@@ -11,10 +11,6 @@ func RegisterAlbumRoutes(rg *gin.RouterGroup) {
album := rg.Group("/albums")
album.POST("/getAlbumsInParent", func(c *gin.Context) {
accessToken := c.GetHeader("Authorization")
if accessToken == "" {
c.JSON(http.StatusUnauthorized, gin.H{"error": "Unauthorized"})
return
}
var request struct {
ParentID string `json:"parentId"`
}
backend/internal/services/album.go
+7 -2
View File
@@ -14,17 +14,22 @@ import (
func GetAlbumsInParent(parentID string, authToken string) ([]models.Album, error) {
userID, err := ValidateAccessToken(authToken)
if err != nil {
if err != gorm.ErrRecordNotFound { //if record not found, assume user is guest
return []models.Album{}, err
}
}
accessLevel, err := CheckUserAlbumAccess(userID, parentID)
if err != nil {
if err != gorm.ErrRecordNotFound { //if record not found, assume user is guest
return []models.Album{}, err
}
if accessLevel < 1 {
accessLevel = 1
}
if accessLevel < 0 {
return []models.Album{}, fmt.Errorf("user does not have permission to view albums in this parent")
}
albums := []models.Album{}
result := db.GetDB().Where("private = ?", false).Where("parent_id = ?", parentID).Find(&albums)
result := db.GetDB().Where("parent_id = ?", parentID).Find(&albums)
if result.Error != nil {
return []models.Album{}, result.Error
}
frontend/src/gallery/components/AlbumList.jsx
+15 -21
View File
@@ -11,36 +11,23 @@ export default function AlbumList({ currentAlbumName }) {
const [albums, setAlbums] = useState([])
const navigate = useNavigate()
const { showError } = useNotifier()
useEffect(() => {
let ignore = false;
const getAlbums = async () => {
console.log('Getting albums in parent', currentAlbumName)
if (currentAlbumName === 'gallery') { // Root album
const parentId = currentAlbumName === 'gallery' ? "" : currentAlbumName;
try {
const response = await fetch(`${getServerUrl()}/api/albums/getAlbumsInParent`, {
method: 'POST',
headers: {
'Authorization': getAccessToken(),
},
body: JSON.stringify({
parentId: "",
}),
})
const data = await response.json()
if (data.error) {
setAlbums([])
showError('Failed to get albums')
} else {
setAlbums(data)
}
} else {
const response = await fetch(`${getServerUrl()}/api/albums/getAlbumsInParent`, {
method: 'POST',
headers: {
'Authorization': getAccessToken(),
},
body: JSON.stringify({
parentId: currentAlbumName,
parentId: parentId,
}),
})
const data = await response.json()
if (!ignore) {
if (data.error) {
setAlbums([])
showError('Failed to get albums')
@@ -48,11 +35,18 @@ export default function AlbumList({ currentAlbumName }) {
setAlbums(data)
}
}
} catch (error) {
if (!ignore) {
setAlbums([])
showError('Failed to get albums')
}
useEffect(() => {
if (!open) {
}
}
if (!open && currentAlbumName !== null) {
getAlbums()
}
return () => { ignore = true; }
}, [currentAlbumName, open])
return (
<div className="flex flex-col items-center justify-start h-full w-full bg-[#141414]">
frontend/src/gallery/index.jsx
+1 -1
View File
@@ -9,7 +9,7 @@ export default function Gallery() {
const currentPath = useLocation().pathname;
const pathList = currentPath.split('/').slice(1);
const currentAlbumName = pathList[pathList.length - 1];
const [currentAlbumID, setCurrentAlbumID] = useState("!notfound!"); // set to impossible value to prevent client from fetching root album
const [currentAlbumID, setCurrentAlbumID] = useState(null); // Initialize as null to prevent premature fetching
const { fetchUserData, user } = useAccount()
const { getAccessToken } = useAccount()
const { showError } = useNotifier()