Check face ownership before action (#82)

old-stable24
Varun Patil 2022-10-23 11:24:47 -07:00
parent 742e43620d
commit 62bed82f1d
6 changed files with 75 additions and 24 deletions

View File

@ -40,6 +40,7 @@ import { generateUrl } from '@nextcloud/router'
import { NcActions, NcActionButton } from '@nextcloud/vue';
import { translate as t, translatePlural as n } from '@nextcloud/l10n'
import { IHeadRow, IPhoto, ISelectionAction } from '../types';
import { getCurrentUser } from '@nextcloud/auth';
import * as dav from "../services/DavRequests";
import EditDate from "./modal/EditDate.vue"
@ -355,6 +356,12 @@ export default class SelectionHandler extends Mixins(GlobalMixin, UserConfig) {
return;
}
// Check photo ownership
if (this.$route.params.user !== getCurrentUser().uid) {
showError(this.t('memories', 'Only user "{user}" can update this person', { user }));
return;
}
// Run query
for await (let delIds of dav.removeFaceImages(user, name, Array.from(selection.keys()))) {
const delPhotos = delIds.filter(x => x).map(id => selection.get(id));

View File

@ -1,5 +1,5 @@
<template>
<Modal @close="close">
<Modal @close="close" v-if="show">
<template #title>
{{ t('memories', 'Remove person') }}
</template>
@ -17,7 +17,8 @@
<script lang="ts">
import { Component, Emit, Mixins, Watch } from 'vue-property-decorator';
import { NcButton, NcTextField } from '@nextcloud/vue';
import { showError } from '@nextcloud/dialogs'
import { showError } from '@nextcloud/dialogs';
import { getCurrentUser } from '@nextcloud/auth';
import Modal from './Modal.vue';
import GlobalMixin from '../../mixins/GlobalMixin';
import client from '../../services/DavClient';
@ -32,9 +33,21 @@ import client from '../../services/DavClient';
export default class FaceDeleteModal extends Mixins(GlobalMixin) {
private user: string = "";
private name: string = "";
private show = false;
@Emit('close')
public close() {}
public close() {
this.show = false;
}
public open() {
const user = this.$route.params.user || '';
if (this.$route.params.user !== getCurrentUser().uid) {
showError(this.t('memories', 'Only user "{user}" can delete this person', { user }));
return;
}
this.show = true;
}
@Watch('$route')
async routeChange(from: any, to: any) {

View File

@ -1,5 +1,5 @@
<template>
<Modal @close="close">
<Modal @close="close" v-if="show">
<template #title>
{{ t('memories', 'Rename person') }}
</template>
@ -23,7 +23,8 @@
<script lang="ts">
import { Component, Emit, Mixins, Watch } from 'vue-property-decorator';
import { NcButton, NcTextField } from '@nextcloud/vue';
import { showError } from '@nextcloud/dialogs'
import { showError } from '@nextcloud/dialogs';
import { getCurrentUser } from '@nextcloud/auth';
import Modal from './Modal.vue';
import GlobalMixin from '../../mixins/GlobalMixin';
import client from '../../services/DavClient';
@ -39,9 +40,21 @@ export default class FaceEditModal extends Mixins(GlobalMixin) {
private user: string = "";
private name: string = "";
private oldName: string = "";
private show = false;
@Emit('close')
public close() {}
public close() {
this.show = false;
}
public open() {
const user = this.$route.params.user || '';
if (this.$route.params.user !== getCurrentUser().uid) {
showError(this.t('memories', 'Only user "{user}" can update this person', { user }));
return;
}
this.show = true;
}
@Watch('$route')
async routeChange(from: any, to: any) {

View File

@ -1,5 +1,5 @@
<template>
<Modal @close="close" size="large">
<Modal @close="close" size="large" v-if="show">
<template #title>
{{ t('memories', 'Merge {name} with person', { name: $route.params.name }) }}
</template>
@ -26,7 +26,8 @@
<script lang="ts">
import { Component, Emit, Mixins } from 'vue-property-decorator';
import { NcButton, NcTextField } from '@nextcloud/vue';
import { showError } from '@nextcloud/dialogs'
import { showError } from '@nextcloud/dialogs';
import { getCurrentUser } from '@nextcloud/auth';
import { IFileInfo, ITag } from '../../types';
import Tag from '../frame/Tag.vue';
import FaceList from './FaceList.vue';
@ -48,9 +49,21 @@ import * as dav from '../../services/DavRequests';
export default class FaceMergeModal extends Mixins(GlobalMixin) {
private processing = 0;
private procesingTotal = 0;
private show = false;
@Emit('close')
public close() {}
public close() {
this.show = false;
}
public open() {
const user = this.$route.params.user || '';
if (this.$route.params.user !== getCurrentUser().uid) {
showError(this.t('memories', 'Only user "{user}" can update this person', { user }));
return;
}
this.show = true;
}
public async clickFace(face: ITag) {
const user = this.$route.params.user || '';

View File

@ -1,5 +1,5 @@
<template>
<Modal @close="close" size="large" v-if="isOpen">
<Modal @close="close" size="large" v-if="show">
<template #title>
{{ t('memories', 'Move selected photos to person') }}
</template>
@ -19,7 +19,8 @@
<script lang="ts">
import { Component, Emit, Mixins, Prop } from 'vue-property-decorator';
import { NcButton, NcTextField } from '@nextcloud/vue';
import { showError } from '@nextcloud/dialogs'
import { showError } from '@nextcloud/dialogs';
import { getCurrentUser } from '@nextcloud/auth';
import { IPhoto, ITag } from '../../types';
import Tag from '../frame/Tag.vue';
import FaceList from './FaceList.vue';
@ -39,7 +40,7 @@ import * as dav from '../../services/DavRequests';
}
})
export default class FaceMoveModal extends Mixins(GlobalMixin) {
private isOpen = false;
private show = false;
private photos: IPhoto[] = [];
@Prop()
@ -51,14 +52,21 @@ export default class FaceMoveModal extends Mixins(GlobalMixin) {
return;
}
this.isOpen = true;
// check ownership
const user = this.$route.params.user || '';
if (this.$route.params.user !== getCurrentUser().uid) {
showError(this.t('memories', 'Only user "{user}" can update this person', { user }));
return;
}
this.show = true;
this.photos = photos;
}
@Emit('close')
public close() {
this.photos = [];
this.isOpen = false;
this.show = false;
}
@Emit('moved')
@ -71,7 +79,7 @@ export default class FaceMoveModal extends Mixins(GlobalMixin) {
const newName = face.name || face.fileid.toString();
try {
this.isOpen = false;
this.show = false;
this.updateLoading(1);
// Create map to return IPhoto later

View File

@ -11,27 +11,27 @@
<div class="right-actions">
<NcActions :inline="1">
<NcActionButton :aria-label="t('memories', 'Rename person')" @click="showEditModal=true" close-after-click>
<NcActionButton :aria-label="t('memories', 'Rename person')" @click="$refs.editModal.open()" close-after-click>
{{ t('memories', 'Rename person') }}
<template #icon> <EditIcon :size="20" /> </template>
</NcActionButton>
<NcActionButton :aria-label="t('memories', 'Merge with different person')" @click="showMergeModal=true" close-after-click>
<NcActionButton :aria-label="t('memories', 'Merge with different person')" @click="$refs.mergeModal.open()" close-after-click>
{{ t('memories', 'Merge with different person') }}
<template #icon> <MergeIcon :size="20" /> </template>
</NcActionButton>
<NcActionCheckbox :aria-label="t('memories', 'Mark person in preview')" :checked.sync="config_showFaceRect" @change="changeShowFaceRect">
{{ t('memories', 'Mark person in preview') }}
</NcActionCheckbox>
<NcActionButton :aria-label="t('memories', 'Remove person')" @click="showDeleteModal=true" close-after-click>
<NcActionButton :aria-label="t('memories', 'Remove person')" @click="$refs.deleteModal.open()" close-after-click>
{{ t('memories', 'Remove person') }}
<template #icon> <DeleteIcon :size="20" /> </template>
</NcActionButton>
</NcActions>
</div>
<FaceEditModal v-if="showEditModal" @close="showEditModal=false" />
<FaceDeleteModal v-if="showDeleteModal" @close="showDeleteModal=false" />
<FaceMergeModal v-if="showMergeModal" @close="showMergeModal=false" />
<FaceEditModal ref="editModal" />
<FaceDeleteModal ref="deleteModal" />
<FaceMergeModal ref="mergeModal" />
</div>
</template>
@ -65,9 +65,6 @@ import MergeIcon from 'vue-material-design-icons/Merge.vue';
})
export default class FaceTopMatter extends Mixins(GlobalMixin, UserConfig) {
private name: string = '';
private showEditModal: boolean = false;
private showDeleteModal: boolean = false;
private showMergeModal: boolean = false;
@Watch('$route')
async routeChange(from: any, to: any) {