Skip to content

Disable file traversal functionality when --album-lock set #165

New issue
New issue
Closed
#166
Closed
Disable file traversal functionality when --album-lock set#165
#166
Assignees
lsteincopilot-swe-agent
@lstein

Description

@lstein
lstein
opened on Dec 23, 2025

When the --album-lock command-line option is set, various functions that allow access to the server's filesystem need to be locked out. These user interface elements should be disabled:

  1. Bookmarks menu: The Move command.
  2. Bookmarks menu: The Delete command.
  3. Curate panel: The Export Dataset button.
  4. Curate panel: The EXPORT PATH field (grey out and put "disabled" there)
  5. Curate panel: The folder (filesystem browser) button

In addition, these API routes should be disabled and return an error if they are called (some of them are already disabled, please use them as examples of the code style):

  1. /move_images
  2. /add_album
  3. /update_album
  4. /delete_album
  5. /filetree/home
  6. /filetree/directories
  7. /filetree/create_directory
  8. /api/curation/export

Metadata

Metadata

Assignees

Labels

No labels
No labels

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions