feat: Add public album routes and enhance authorization checks for media and albums

2025-11-15 17:18:14 +01:00
parent 199544d1c3
commit a9805b5eb1
16 changed files with 323 additions and 92 deletions
--- a/libertas_api/src/services/person_service.rs
+++ b/libertas_api/src/services/person_service.rs
@@ -59,7 +59,7 @@ impl PersonService for PersonServiceImpl {

    async fn get_person(&self, person_id: Uuid, user_id: Uuid) -> CoreResult<Person> {
        self.auth_service
-            .check_permission(user_id, authz::Permission::ViewPerson(person_id))
+            .check_permission(Some(user_id), authz::Permission::ViewPerson(person_id))
            .await?;

        self.person_repo
@@ -93,7 +93,7 @@ impl PersonService for PersonServiceImpl {
        user_id: Uuid,
    ) -> CoreResult<Person> {
        self.auth_service
-            .check_permission(user_id, authz::Permission::EditPerson(person_id))
+            .check_permission(Some(user_id), authz::Permission::EditPerson(person_id))
            .await?;

        let mut person = self.get_person(person_id).await?;
@@ -105,7 +105,7 @@ impl PersonService for PersonServiceImpl {

    async fn delete_person(&self, person_id: Uuid, user_id: Uuid) -> CoreResult<()> {
        self.auth_service
-            .check_permission(user_id, authz::Permission::DeletePerson(person_id))
+            .check_permission(Some(user_id), authz::Permission::DeletePerson(person_id))
            .await?;

        self.person_repo.delete(person_id).await
@@ -118,10 +118,10 @@ impl PersonService for PersonServiceImpl {
        user_id: Uuid,
    ) -> CoreResult<FaceRegion> {
        self.auth_service
-            .check_permission(user_id, authz::Permission::UsePerson(person_id))
+            .check_permission(Some(user_id), authz::Permission::UsePerson(person_id))
            .await?;
        self.auth_service
-            .check_permission(user_id, authz::Permission::AssignFace(face_region_id))
+            .check_permission(Some(user_id), authz::Permission::AssignFace(face_region_id))
            .await?;

        let mut face =
@@ -147,7 +147,7 @@ impl PersonService for PersonServiceImpl {
        user_id: Uuid,
    ) -> CoreResult<Vec<FaceRegion>> {
        self.auth_service
-            .check_permission(user_id, authz::Permission::ViewFaces(media_id))
+            .check_permission(Some(user_id), authz::Permission::ViewFaces(media_id))
            .await?;

        self.face_repo.find_by_media_id(media_id).await
@@ -161,7 +161,7 @@ impl PersonService for PersonServiceImpl {
        owner_id: Uuid,
    ) -> CoreResult<()> {
        self.auth_service
-            .check_permission(owner_id, authz::Permission::SharePerson(person_id))
+            .check_permission(Some(owner_id), authz::Permission::SharePerson(person_id))
            .await?;

        self.person_share_repo
@@ -176,7 +176,7 @@ impl PersonService for PersonServiceImpl {
        owner_id: Uuid,
    ) -> CoreResult<()> {
        self.auth_service
-            .check_permission(owner_id, authz::Permission::SharePerson(person_id))
+            .check_permission(Some(owner_id), authz::Permission::SharePerson(person_id))
            .await?;

        self.person_share_repo