fix: reset override for kebab buttons

2026-06-30 10:07:09 -07:00 · 2026-06-29 23:41:45 +05:30
12 changed files with 51 additions and 137 deletions
@@ -103,7 +103,7 @@ jobs:
        working-directory: ./mobile
        run: printf "%s" $KEY_JKS | base64 -d > android/key.jks

-      - uses: actions/setup-java@1bcf9fb12cf4aa7d266a90ae39939e61372fe520 # v5.4.0
+      - uses: actions/setup-java@ad2b38190b15e4d6bdf0c97fb4fca8412226d287 # v5.3.0
        with:
          distribution: 'zulu'
          java-version: '17'
@@ -237,7 +237,7 @@ jobs:
        run: flutter build ios --config-only --no-codesign

      - name: Setup Ruby
-        uses: ruby/setup-ruby@9eb537ca036ebaed86729dcb9309076e4c5c3b74 # v1.314.0
+        uses: ruby/setup-ruby@89f90524b88a01fe6e0b732220432cc6142926af # v1.313.0
        with:
          ruby-version: '3.3'
          bundler-cache: true
@@ -25,7 +25,7 @@ jobs:
          persist-credentials: false

      - name: Check for breaking API changes
-        uses: oasdiff/oasdiff-action/breaking@ccc2442df0d99f8c419ed73e3de88641c91b3bc6 # v0.1.3
+        uses: oasdiff/oasdiff-action/breaking@e24529087d93f837b28b50bb66ba9016380a7fcc # v0.1.2
        with:
          base: https://raw.githubusercontent.com/${{ github.repository }}/main/open-api/immich-openapi-specs.json
          revision: open-api/immich-openapi-specs.json
@@ -149,7 +149,7 @@ jobs:
          github-token: ${{ steps.generate-token.outputs.token }}

      - name: Create draft release
-        uses: softprops/action-gh-release@718ea10b132b3b2eba29c1007bb80653f286566b # v3.0.1
+        uses: softprops/action-gh-release@b4309332981a82ec1c5618f44dd2e27cc8bfbfda # v3.0.0
        with:
          draft: true
          prerelease: ${{ needs.bump_version.outputs.rc }}
@@ -63,7 +63,7 @@ class ViewerTopAppBar extends ConsumerWidget implements PreferredSizeWidget {

      ActionIconButtonWidget(action: FavoriteAction(assets: assetForAction)),

-      ViewerKebabMenu(originalTheme: originalTheme),
+      ImmichColorOverride(color: null, child: ViewerKebabMenu(originalTheme: originalTheme)),
    ];

    final lockedViewActions = <Widget>[ViewerKebabMenu(originalTheme: originalTheme)];
@@ -3,7 +3,7 @@ import 'package:flutter/widgets.dart';
 class ImmichColorOverride extends InheritedWidget {
  const ImmichColorOverride({super.key, required this.color, required super.child});

-  final Color color;
+  final Color? color;

  static Color? maybeOf(BuildContext context) =>
      context.dependOnInheritedWidgetOfExactType<ImmichColorOverride>()?.color;
@@ -7,17 +7,18 @@ from
  "asset"
  inner join "asset_exif" on "asset"."id" = "asset_exif"."assetId"
 where
-  "asset"."fileCreatedAt" >= $1
-  and "asset_exif"."lensModel" = $2
-  and "asset"."ownerId" = any ($3::uuid[])
-  and "asset"."isFavorite" = $4
+  "asset"."visibility" = $1
+  and "asset"."fileCreatedAt" >= $2
+  and "asset_exif"."lensModel" = $3
+  and "asset"."ownerId" = any ($4::uuid[])
+  and "asset"."isFavorite" = $5
  and "asset"."deletedAt" is null
 order by
  "asset"."fileCreatedAt" desc
 limit
-  $5
-offset
  $6
+offset
+  $7

 -- SearchRepository.searchStatistics
 select
@@ -26,10 +27,11 @@ from
  "asset"
  inner join "asset_exif" on "asset"."id" = "asset_exif"."assetId"
 where
-  "asset"."fileCreatedAt" >= $1
-  and "asset_exif"."lensModel" = $2
-  and "asset"."ownerId" = any ($3::uuid[])
-  and "asset"."isFavorite" = $4
+  "asset"."visibility" = $1
+  and "asset"."fileCreatedAt" >= $2
+  and "asset_exif"."lensModel" = $3
+  and "asset"."ownerId" = any ($4::uuid[])
+  and "asset"."isFavorite" = $5
  and "asset"."deletedAt" is null

 -- SearchRepository.searchRandom
@@ -39,15 +41,16 @@ from
  "asset"
  inner join "asset_exif" on "asset"."id" = "asset_exif"."assetId"
 where
-  "asset"."fileCreatedAt" >= $1
-  and "asset_exif"."lensModel" = $2
-  and "asset"."ownerId" = any ($3::uuid[])
-  and "asset"."isFavorite" = $4
+  "asset"."visibility" = $1
+  and "asset"."fileCreatedAt" >= $2
+  and "asset_exif"."lensModel" = $3
+  and "asset"."ownerId" = any ($4::uuid[])
+  and "asset"."isFavorite" = $5
  and "asset"."deletedAt" is null
 order by
  random()
 limit
-  $5
+  $6

 -- SearchRepository.searchLargeAssets
 select
@@ -57,16 +60,17 @@ from
  "asset"
  inner join "asset_exif" on "asset"."id" = "asset_exif"."assetId"
 where
-  "asset"."fileCreatedAt" >= $1
-  and "asset_exif"."lensModel" = $2
-  and "asset"."ownerId" = any ($3::uuid[])
-  and "asset"."isFavorite" = $4
+  "asset"."visibility" = $1
+  and "asset"."fileCreatedAt" >= $2
+  and "asset_exif"."lensModel" = $3
+  and "asset"."ownerId" = any ($4::uuid[])
+  and "asset"."isFavorite" = $5
  and "asset"."deletedAt" is null
-  and "asset_exif"."fileSizeInByte" > $5
+  and "asset_exif"."fileSizeInByte" > $6
 order by
  "asset_exif"."fileSizeInByte" desc
 limit
-  $6
+  $7

 -- SearchRepository.searchSmart
 begin
@@ -79,17 +83,18 @@ from
  inner join "asset_exif" on "asset"."id" = "asset_exif"."assetId"
  inner join "smart_search" on "asset"."id" = "smart_search"."assetId"
 where
-  "asset"."fileCreatedAt" >= $1
-  and "asset_exif"."lensModel" = $2
-  and "asset"."ownerId" = any ($3::uuid[])
-  and "asset"."isFavorite" = $4
+  "asset"."visibility" = $1
+  and "asset"."fileCreatedAt" >= $2
+  and "asset_exif"."lensModel" = $3
+  and "asset"."ownerId" = any ($4::uuid[])
+  and "asset"."isFavorite" = $5
  and "asset"."deletedAt" is null
 order by
-  smart_search.embedding <=> $5
+  smart_search.embedding <=> $6
 limit
-  $6
-offset
  $7
+offset
+  $8
 commit

 -- SearchRepository.getEmbedding
@@ -117,8 +117,7 @@ type BaseAssetSearchOptions = SearchDateOptions &
  SearchAlbumOptions &
  SearchOcrOptions;

-export type AssetSearchOptions = Omit<BaseAssetSearchOptions, 'visibility'> &
-  SearchRelationOptions & { visibility?: AssetVisibility | 'not-locked' };
+export type AssetSearchOptions = BaseAssetSearchOptions & SearchRelationOptions;

 export type AssetSearchBuilderOptions = Omit<AssetSearchOptions, 'orderDirection'>;

@@ -126,11 +125,11 @@ export type SmartSearchOptions = SearchDateOptions &
  SearchEmbeddingOptions &
  SearchExifOptions &
  SearchOneToOneRelationOptions &
-  Omit<SearchStatusOptions, 'visibility'> &
+  SearchStatusOptions &
  SearchUserIdOptions &
  SearchPeopleOptions &
  SearchTagOptions &
-  SearchOcrOptions & { visibility?: AssetVisibility | 'not-locked' };
+  SearchOcrOptions;

 export type OcrSearchOptions = SearchDateOptions & SearchOcrOptions;

@@ -250,7 +250,7 @@ describe(SearchService.name, () => {
      );
      expect(mocks.search.searchSmart).toHaveBeenCalledWith(
        { page: 1, size: 100 },
-        { query: 'test', embedding: '[1, 2, 3]', userIds: [authStub.user1.user.id], visibility: 'not-locked' },
+        { query: 'test', embedding: '[1, 2, 3]', userIds: [authStub.user1.user.id] },
      );
    });

@@ -73,22 +73,14 @@ export class SearchService extends BaseService {
      checksum = Buffer.from(dto.checksum, encoding);
    }

-    let userIds: string[] | undefined;
-
-    if (dto.albumIds && dto.albumIds.length > 0) {
-      await this.requireAccess({ auth, ids: dto.albumIds, permission: Permission.AlbumRead });
-    } else {
-      userIds = await this.getUserIdsToSearch(auth, dto.visibility);
-    }
-
    const page = dto.page ?? 1;
    const size = dto.size || 250;
+    const userIds = await this.getUserIdsToSearch(auth, dto.visibility);
    const { hasNextPage, items } = await this.searchRepository.searchMetadata(
      { page, size },
      {
        ...dto,
        checksum,
-        visibility: dto.visibility ?? (auth.session?.hasElevatedPermission ? undefined : 'not-locked'),
        userIds,
        orderDirection: dto.order ?? AssetOrder.Desc,
      },
@@ -99,13 +91,9 @@ export class SearchService extends BaseService {

  async searchStatistics(auth: AuthDto, dto: StatisticsSearchDto): Promise<SearchStatisticsResponseDto> {
    const userIds = await this.getUserIdsToSearch(auth);
-    if (dto.visibility === AssetVisibility.Locked) {
-      requireElevatedPermission(auth);
-    }

    return await this.searchRepository.searchStatistics({
      ...dto,
-      visibility: dto.visibility ?? (auth.session?.hasElevatedPermission ? undefined : 'not-locked'),
      userIds,
    });
  }
@@ -126,11 +114,7 @@ export class SearchService extends BaseService {
    }

    const userIds = await this.getUserIdsToSearch(auth, dto.visibility);
-    const items = await this.searchRepository.searchLargeAssets(dto.size || 250, {
-      ...dto,
-      visibility: dto.visibility ?? (auth.session?.hasElevatedPermission ? undefined : 'not-locked'),
-      userIds,
-    });
+    const items = await this.searchRepository.searchLargeAssets(dto.size || 250, { ...dto, userIds });
    return items.map((item) => mapAsset(item, { auth }));
  }

@@ -171,12 +155,7 @@ export class SearchService extends BaseService {
    const size = dto.size || 100;
    const { hasNextPage, items } = await this.searchRepository.searchSmart(
      { page, size },
-      {
-        ...dto,
-        userIds: await userIds,
-        embedding,
-        visibility: dto.visibility ?? (auth.session?.hasElevatedPermission ? undefined : 'not-locked'),
-      },
+      { ...dto, userIds: await userIds, embedding },
    );

    return this.mapResponse(items, hasNextPage ? (page + 1).toString() : null, { auth });
@@ -373,15 +373,12 @@ const joinDeduplicationPlugin = new DeduplicateJoinsPlugin();

 export function searchAssetBuilder(kysely: Kysely<DB>, options: AssetSearchBuilderOptions) {
  options.withDeleted ||= !!(options.trashedAfter || options.trashedBefore || options.isOffline);
+  const visibility = options.visibility == null ? AssetVisibility.Timeline : options.visibility;

  return kysely
    .withPlugin(joinDeduplicationPlugin)
    .selectFrom('asset')
-    .$if(!!options.visibility, (qb) =>
-      options.visibility === 'not-locked'
-        ? qb.where('asset.visibility', '!=', AssetVisibility.Locked)
-        : qb.where('asset.visibility', '=', options.visibility!),
-    )
+    .where('asset.visibility', '=', visibility)
    .$if(!!options.albumIds && options.albumIds.length > 0, (qb) => inAlbums(qb, options.albumIds!))
    .$if(!!options.tagIds && options.tagIds.length > 0, (qb) => hasTags(qb, options.tagIds!))
    .$if(options.tagIds === null, (qb) =>
@@ -1,6 +1,5 @@
 import { Kysely } from 'kysely';
 import { SearchSuggestionType } from 'src/dtos/search.dto';
-import { AlbumUserRole, AssetVisibility } from 'src/enum';
 import { AccessRepository } from 'src/repositories/access.repository';
 import { AssetRepository } from 'src/repositories/asset.repository';
 import { DatabaseRepository } from 'src/repositories/database.repository';
@@ -109,71 +108,6 @@ describe(SearchService.name, () => {
      expect(response.assets.items.length).toBe(1);
      expect(response.assets.items[0].id).toBe(unstackedAsset.id);
    });
-
-    describe('visibility', () => {
-      it('should filter out locked assets in a default session', async () => {
-        const { sut, ctx } = setup();
-        const { user } = await ctx.newUser();
-
-        await ctx.newAsset({ ownerId: user.id, visibility: AssetVisibility.Locked });
-
-        const auth = factory.auth({ user: { id: user.id } });
-
-        const response = await sut.searchMetadata(auth, { withStacked: false });
-
-        expect(response.assets.items.length).toBe(0);
-      });
-
-      it('should return locked assets in an elevated session', async () => {
-        const { sut, ctx } = setup();
-        const { user } = await ctx.newUser();
-
-        await ctx.newAsset({ ownerId: user.id, visibility: AssetVisibility.Locked });
-
-        const auth = factory.auth({ user: { id: user.id }, session: { hasElevatedPermission: true } });
-
-        const response = await sut.searchMetadata(auth, { withStacked: false });
-
-        expect(response.assets.items.length).toBe(1);
-      });
-    });
-  });
-
-  describe('albumIds option', () => {
-    it('should return assets from shared album', async () => {
-      const { sut, ctx } = setup();
-      const { user } = await ctx.newUser();
-      const { user: otherUser } = await ctx.newUser();
-
-      const { asset } = await ctx.newAsset({ ownerId: otherUser.id });
-      const { album } = await ctx.newAlbum({ ownerId: otherUser.id });
-      await ctx.newAlbumAsset({ albumId: album.id, assetId: asset.id });
-      await ctx.newAlbumUser({ albumId: album.id, userId: user.id, role: AlbumUserRole.Editor });
-
-      const auth = factory.auth({ user: { id: user.id } });
-
-      const response = await sut.searchMetadata(auth, { albumIds: [album.id] });
-
-      expect(response.assets.items.length).toBe(1);
-    });
-
-    it('should not return assets for album, a user is not in, when partner sharing is enabled', async () => {
-      const { sut, ctx } = setup();
-      const { user } = await ctx.newUser();
-      const { user: otherUser } = await ctx.newUser();
-
-      await ctx.newPartner({ sharedById: otherUser.id, sharedWithId: user.id });
-
-      const { asset } = await ctx.newAsset({ ownerId: otherUser.id });
-      const { album } = await ctx.newAlbum({ ownerId: otherUser.id });
-      await ctx.newAlbumAsset({ albumId: album.id, assetId: asset.id });
-
-      const auth = factory.auth({ user: { id: user.id } });
-
-      await expect(sut.searchMetadata(auth, { albumIds: [album.id] })).rejects.toThrow(
-        'Not found or no album.read access',
-      );
-    });
  });

  describe('getSearchSuggestions', () => {
@@ -27,7 +27,7 @@ const authFactory = ({
  user,
 }: {
  apiKey?: Partial<AuthApiKey>;
-  session?: { id?: string; hasElevatedPermission?: boolean };
+  session?: { id: string };
  user?: Omit<
    Partial<UserAdmin>,
    'createdAt' | 'updatedAt' | 'deletedAt' | 'fileCreatedAt' | 'fileModifiedAt' | 'localDateTime' | 'profileChangedAt'
@@ -46,8 +46,8 @@ const authFactory = ({

  if (session) {
    auth.session = {
-      id: session.id ?? newUuid(),
-      hasElevatedPermission: session.hasElevatedPermission ?? false,
+      id: session.id,
+      hasElevatedPermission: false,
    };
  }