feat(server): user and server license endpoints (#10682)

* feat: user license endpoints * feat: server license endpoints * chore: pr feedback * chore: add more test cases * chore: add prod license public keys * chore: open-api generation
immich-app · Jul 1, 2024 · 3b37b70 · 3b37b70
1 parent 4193b0d
commit 3b37b70
Show file tree

Hide file tree

Showing 40 changed files with 1,474 additions and 18 deletions.
diff --git a/e2e/docker-compose.yml b/e2e/docker-compose.yml
@@ -22,6 +22,7 @@ services:
       - DB_DATABASE_NAME=immich
       - IMMICH_MACHINE_LEARNING_ENABLED=false
       - IMMICH_METRICS=true
+      - IMMICH_ENV=testing
     volumes:
       - upload:/usr/src/app/upload
       - ./test-assets:/test-assets

diff --git a/e2e/src/api/specs/server-info.e2e-spec.ts b/e2e/src/api/specs/server-info.e2e-spec.ts
@@ -44,6 +44,7 @@ describe('/server-info', () => {
         imagemagick: expect.any(String),
         libvips: expect.any(String),
         exiftool: expect.any(String),
+        licensed: false,
       });
     });
   });

diff --git a/e2e/src/api/specs/server.e2e-spec.ts b/e2e/src/api/specs/server.e2e-spec.ts
@@ -5,6 +5,12 @@ import { app, utils } from 'src/utils';
 import request from 'supertest';
 import { beforeAll, describe, expect, it } from 'vitest';
 
+const serverLicense = {
+  licenseKey: 'IMSV-6ECZ-91TE-WZRM-Q7AQ-MBN4-UW48-2CPT-71X9',
+  activationKey:
+    '4kJUNUWMq13J14zqPFm1NodRcI6MV6DeOGvQNIgrM8Sc9nv669wyEVvFw1Nz4Kb1W7zLWblOtXEQzpRRqC4r4fKjewJxfbpeo9sEsqAVIfl4Ero-Vp1Dg21-sVdDGZEAy2oeTCXAyCT5d1JqrqR6N1qTAm4xOx9ujXQRFYhjRG8uwudw7_Q49pF18Tj5OEv9qCqElxztoNck4i6O_azsmsoOQrLIENIWPh3EynBN3ESpYERdCgXO8MlWeuG14_V1HbNjnJPZDuvYg__YfMzoOEtfm1sCqEaJ2Ww-BaX7yGfuCL4XsuZlCQQNHjfscy_WywVfIZPKCiW8QR74i0cSzQ',
+};
+
 describe('/server', () => {
   let admin: LoginResponseDto;
   let nonAdmin: LoginResponseDto;
@@ -44,6 +50,7 @@ describe('/server', () => {
         imagemagick: expect.any(String),
         libvips: expect.any(String),
         exiftool: expect.any(String),
+        licensed: false,
       });
     });
   });
@@ -197,4 +204,104 @@ describe('/server', () => {
       });
     });
   });
+
+  describe('GET /server/license', () => {
+    it('should require authentication', async () => {
+      const { status, body } = await request(app).get('/server/license');
+      expect(status).toBe(401);
+      expect(body).toEqual(errorDto.unauthorized);
+    });
+
+    it('should only work for admins', async () => {
+      const { status, body } = await request(app)
+        .get('/server/license')
+        .set('Authorization', `Bearer ${nonAdmin.accessToken}`);
+      expect(status).toBe(403);
+      expect(body).toEqual(errorDto.forbidden);
+    });
+
+    it('should return the server license', async () => {
+      await request(app).put('/server/license').set('Authorization', `Bearer ${admin.accessToken}`).send(serverLicense);
+      const { status, body } = await request(app)
+        .get('/server/license')
+        .set('Authorization', `Bearer ${admin.accessToken}`);
+      expect(status).toBe(200);
+      expect(body).toEqual({
+        ...serverLicense,
+        activatedAt: expect.any(String),
+      });
+    });
+  });
+
+  describe('DELETE /server/license', () => {
+    it('should require authentication', async () => {
+      const { status, body } = await request(app).delete('/server/license');
+      expect(status).toBe(401);
+      expect(body).toEqual(errorDto.unauthorized);
+    });
+
+    it('should only work for admins', async () => {
+      const { status, body } = await request(app)
+        .delete('/server/license')
+        .set('Authorization', `Bearer ${nonAdmin.accessToken}`);
+      expect(status).toBe(403);
+      expect(body).toEqual(errorDto.forbidden);
+    });
+
+    it('should delete the server license', async () => {
+      await request(app)
+        .delete('/server/license')
+        .set('Authorization', `Bearer ${admin.accessToken}`)
+        .send(serverLicense);
+      const { status } = await request(app).get('/server/license').set('Authorization', `Bearer ${admin.accessToken}`);
+      expect(status).toBe(200);
+    });
+  });
+
+  describe('PUT /server/license', () => {
+    it('should require authentication', async () => {
+      const { status, body } = await request(app).put('/server/license');
+      expect(status).toBe(401);
+      expect(body).toEqual(errorDto.unauthorized);
+    });
+
+    it('should only work for admins', async () => {
+      const { status, body } = await request(app)
+        .put('/server/license')
+        .set('Authorization', `Bearer ${nonAdmin.accessToken}`);
+      expect(status).toBe(403);
+      expect(body).toEqual(errorDto.forbidden);
+    });
+
+    it('should set the server license', async () => {
+      const { status, body } = await request(app)
+        .put('/server/license')
+        .set('Authorization', `Bearer ${admin.accessToken}`)
+        .send(serverLicense);
+      expect(status).toBe(200);
+      expect(body).toEqual({ ...serverLicense, activatedAt: expect.any(String) });
+      const { body: licenseBody } = await request(app)
+        .get('/server/license')
+        .set('Authorization', `Bearer ${admin.accessToken}`);
+      expect(licenseBody).toEqual({ ...serverLicense, activatedAt: expect.any(String) });
+    });
+
+    it('should reject license not starting with IMSV-', async () => {
+      const { status, body } = await request(app)
+        .put('/server/license')
+        .set('Authorization', `Bearer ${admin.accessToken}`)
+        .send({ licenseKey: 'IMCL-ABCD-ABCD-ABCD-ABCD-ABCD-ABCD-ABCD-ABCD', activationKey: 'activationKey' });
+      expect(status).toBe(400);
+      expect(body.message).toBe('Invalid license key');
+    });
+
+    it('should reject license with invalid activation key', async () => {
+      const { status, body } = await request(app)
+        .put('/server/license')
+        .set('Authorization', `Bearer ${admin.accessToken}`)
+        .send({ licenseKey: serverLicense.licenseKey, activationKey: `invalid${serverLicense.activationKey}` });
+      expect(status).toBe(400);
+      expect(body.message).toBe('Invalid license key');
+    });
+  });
 });
diff --git a/e2e/src/api/specs/user.e2e-spec.ts b/e2e/src/api/specs/user.e2e-spec.ts
@@ -5,6 +5,12 @@ import { app, asBearerAuth, utils } from 'src/utils';
 import request from 'supertest';
 import { beforeAll, describe, expect, it } from 'vitest';
 
+const userLicense = {
+  licenseKey: 'IMCL-FF69-TUK1-RWZU-V9Q8-QGQS-S5GC-X4R2-UFK4',
+  activationKey:
+    'KuX8KsktrBSiXpQMAH0zLgA5SpijXVr_PDkzLdWUlAogCTMBZ0I3KCHXK0eE9EEd7harxup8_EHMeqAWeHo5VQzol6LGECpFv585U9asXD4Zc-UXt3mhJr2uhazqipBIBwJA2YhmUCDy8hiyiGsukDQNu9Rg9C77UeoKuZBWVjWUBWG0mc1iRqfvF0faVM20w53czAzlhaMxzVGc3Oimbd7xi_CAMSujF_2y8QpA3X2fOVkQkzdcH9lV0COejl7IyH27zQQ9HrlrXv3Lai5Hw67kNkaSjmunVBxC5PS0TpKoc9SfBJMaAGWnaDbjhjYUrm-8nIDQnoeEAidDXVAdPw',
+};
+
 describe('/users', () => {
   let admin: LoginResponseDto;
   let deletedUser: LoginResponseDto;
@@ -72,6 +78,24 @@ describe('/users', () => {
         quotaUsageInBytes: 0,
       });
     });
+
+    it('should get my user with license info', async () => {
+      const { status: licenseStatus } = await request(app)
+        .put(`/users/me/license`)
+        .send(userLicense)
+        .set('Authorization', `Bearer ${nonAdmin.accessToken}`);
+      expect(licenseStatus).toBe(200);
+      const { status, body } = await request(app)
+        .get(`/users/me`)
+        .set('Authorization', `Bearer ${nonAdmin.accessToken}`);
+      expect(status).toBe(200);
+      expect(body).toMatchObject({
+        id: nonAdmin.userId,
+        email: nonAdmin.userEmail,
+        quotaUsageInBytes: 0,
+        license: userLicense,
+      });
+    });
   });
 
   describe('PUT /users/me', () => {
@@ -236,4 +260,81 @@ describe('/users', () => {
       });
     });
   });
+
+  describe('GET /server/license', () => {
+    it('should require authentication', async () => {
+      const { status, body } = await request(app).get('/users/me/license');
+      expect(status).toBe(401);
+      expect(body).toEqual(errorDto.unauthorized);
+    });
+
+    it('should return the user license', async () => {
+      await request(app)
+        .put('/users/me/license')
+        .set('Authorization', `Bearer ${nonAdmin.accessToken}`)
+        .send(userLicense);
+      const { status, body } = await request(app)
+        .get('/users/me/license')
+        .set('Authorization', `Bearer ${nonAdmin.accessToken}`);
+      expect(status).toBe(200);
+      expect(body).toEqual({
+        ...userLicense,
+        activatedAt: expect.any(String),
+      });
+    });
+  });
+
+  describe('PUT /users/me/license', () => {
+    it('should require authentication', async () => {
+      const { status } = await request(app).put(`/users/me/license`);
+      expect(status).toEqual(401);
+    });
+
+    it('should set the user license', async () => {
+      const { status, body } = await request(app)
+        .put(`/users/me/license`)
+        .send(userLicense)
+        .set('Authorization', `Bearer ${nonAdmin.accessToken}`);
+      expect(status).toBe(200);
+      expect(body).toMatchObject({ ...userLicense, activatedAt: expect.any(String) });
+      expect(status).toBe(200);
+      expect(body).toEqual({ ...userLicense, activatedAt: expect.any(String) });
+      const { body: licenseBody } = await request(app)
+        .get('/users/me/license')
+        .set('Authorization', `Bearer ${nonAdmin.accessToken}`);
+      expect(licenseBody).toEqual({ ...userLicense, activatedAt: expect.any(String) });
+    });
+
+    it('should reject license not starting with IMCL-', async () => {
+      const { status, body } = await request(app)
+        .put('/users/me/license')
+        .set('Authorization', `Bearer ${nonAdmin.accessToken}`)
+        .send({ licenseKey: 'IMSV-ABCD-ABCD-ABCD-ABCD-ABCD-ABCD-ABCD-ABCD', activationKey: 'activationKey' });
+      expect(status).toBe(400);
+      expect(body.message).toBe('Invalid license key');
+    });
+
+    it('should reject license with invalid activation key', async () => {
+      const { status, body } = await request(app)
+        .put('/users/me/license')
+        .set('Authorization', `Bearer ${nonAdmin.accessToken}`)
+        .send({ licenseKey: userLicense.licenseKey, activationKey: `invalid${userLicense.activationKey}` });
+      expect(status).toBe(400);
+      expect(body.message).toBe('Invalid license key');
+    });
+  });
+
+  describe('DELETE /users/me/license', () => {
+    it('should require authentication', async () => {
+      const { status } = await request(app).put(`/users/me/license`);
+      expect(status).toEqual(401);
+    });
+
+    it('should delete the user license', async () => {
+      const { status } = await request(app)
+        .delete(`/users/me/license`)
+        .set('Authorization', `Bearer ${nonAdmin.accessToken}`);
+      expect(status).toBe(200);
+    });
+  });
 });
diff --git a/e2e/src/responses.ts b/e2e/src/responses.ts
@@ -81,6 +81,7 @@ export const signupResponseDto = {
     quotaUsageInBytes: 0,
     quotaSizeInBytes: null,
     status: 'active',
+    license: null,
   },
 };
 

diff --git a/mobile/openapi/README.md b/mobile/openapi/README.md
diff --git a/mobile/openapi/lib/api.dart b/mobile/openapi/lib/api.dart