Samuele Lorefice REDCODE
  • Joined on 2024-01-01
REDCODE pushed to feature/106-auth-redesign at MilkyShots/MilkyShots 2026-07-14 17:03:03 +00:00
08c389026a fix(repo): use PagedParametersDto.MaxPageSize const instead of hardcoded 150
REDCODE pushed to feature/106-auth-redesign at MilkyShots/MilkyShots 2026-07-14 17:02:36 +00:00
bbb2ed8f73 fix(dto): default AssetCreateDto.Visibility to Private instead of Protected
REDCODE pushed to feature/106-auth-redesign at MilkyShots/MilkyShots 2026-07-14 17:02:09 +00:00
fe33fe2044 fix(stats): add ProtectedAssets count, fix PrivateAssets to count only Private
REDCODE pushed to feature/106-auth-redesign at MilkyShots/MilkyShots 2026-07-14 17:01:42 +00:00
a449c792c1 fix(media): replace bool parameter with EAccessLevel, add deleted asset check
REDCODE pushed to feature/106-auth-redesign at MilkyShots/MilkyShots 2026-07-14 17:00:58 +00:00
9323111d0d fix(mapper): allow Maintainer to see Visibility field in DTO responses
REDCODE pushed to feature/106-auth-redesign at MilkyShots/MilkyShots 2026-07-14 17:00:09 +00:00
c2326414b4 fix(controller): add Maintainer scope to Album BulkUpdate, Delete, BulkDelete
REDCODE pushed to feature/106-auth-redesign at MilkyShots/MilkyShots 2026-07-14 16:59:24 +00:00
747ad77f4c fix(controller): scope Maintainer asset access to only maintained cosplayers in Get
REDCODE pushed to feature/106-auth-redesign at MilkyShots/MilkyShots 2026-07-14 16:58:49 +00:00
f77a4574ac fix(controller): scope Maintainer album visibility to only maintained persons
REDCODE pushed to feature/106-auth-redesign at MilkyShots/MilkyShots 2026-07-14 16:58:18 +00:00
c64c1947e6 fix(repo): scope Maintainer to only maintained persons in GetAllVisible and SearchQuery
REDCODE suggested changes for MilkyShots/MilkyShots#125 2026-07-14 16:42:18 +00:00
feat: #106 auth/permissions redesign — 5-actor model, #93 visibility levels (backend)

Above comments are still open

REDCODE commented on pull request MilkyShots/MilkyShots#125 2026-07-14 16:39:13 +00:00
feat: #106 auth/permissions redesign — 5-actor model, #93 visibility levels (backend)

As said above, pageSize should use the const in PagedSearchParams as default.

REDCODE commented on pull request MilkyShots/MilkyShots#125 2026-07-14 16:39:13 +00:00
feat: #106 auth/permissions redesign — 5-actor model, #93 visibility levels (backend)

I'm not 100% sure about having the mapper do the access level filtering. @Fastwind what is your opinion here?

REDCODE commented on pull request MilkyShots/MilkyShots#125 2026-07-14 16:39:13 +00:00
feat: #106 auth/permissions redesign — 5-actor model, #93 visibility levels (backend)

No check for deleted, which should be admin only.

REDCODE commented on pull request MilkyShots/MilkyShots#125 2026-07-14 16:39:13 +00:00
feat: #106 auth/permissions redesign — 5-actor model, #93 visibility levels (backend)

Additionally passing a bool breaks convention, rather accept the enum value of user role

REDCODE commented on pull request MilkyShots/MilkyShots#125 2026-07-14 16:39:13 +00:00
feat: #106 auth/permissions redesign — 5-actor model, #93 visibility levels (backend)

Not sure this is correct either. Persons are visible depending from their visibility, maintainers get a free pass, but only for the persons they are a maintainer of. Currently the code seems to allow maitainers to see all persons regardless of them being a maintainer of them or not

REDCODE commented on pull request MilkyShots/MilkyShots#125 2026-07-14 16:39:13 +00:00
feat: #106 auth/permissions redesign — 5-actor model, #93 visibility levels (backend)

As said before, the same error happens here. Maintainers shoudl be able to see all assets of the people they are a maintainer of.

REDCODE commented on pull request MilkyShots/MilkyShots#125 2026-07-14 16:39:13 +00:00
feat: #106 auth/permissions redesign — 5-actor model, #93 visibility levels (backend)

Stats repository should return also a protected assets stats.