Fix unexpected password propagation behaviour

[ildyria]

Summary by CodeRabbit

• New Features
  • Album unlock can now propagate to related albums sharing the same password.
  • Added expert-level configuration option to enable/disable unlock propagation (disabled by default).

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

📝 Walkthrough

Walkthrough

Introduces unlock propagation functionality for albums sharing the same password. When an album is unlocked, the system propagates this unlock to related albums with matching passwords, controlled by a new expert-level configuration flag that defaults to disabled.

Changes

Cohort / File(s)	Summary
Album Unlock Action Logic app/Actions/Album/Unlock.php	Added ConfigManager dependency and propagate method. After successful password verification, unlock propagates to albums with matching passwords if the enable_propagate_unlock_option config flag is enabled; short-circuits if disabled.
Configuration Migration database/migrations/2026_01_22_000000_propagate_unlock_option.php	New migration file introduces enable_propagate_unlock_option config (disabled by default). Marked as expert-level, boolean type, includes detailed description of propagation behavior and confidentiality implications.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

🐰 A rabbit unlocks albums with glee,
And spreads the key, wild and free,
Yet guards with a flag, oh so wise,
To keep the propagation's surprise!
One config to rule them all bright! 🔓✨

Pre-merge checks

✅ Passed checks (1 passed)

Check name	Status	Explanation
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[ildyria]

@coderabbitai review ?

[codecov]

Codecov Report

❌ Patch coverage is 0% with 4 lines in your changes missing coverage. Please review.
✅ Project coverage is 90.10%. Comparing base (219eb90) to head (0fe5aff).
⚠️ Report is 1 commits behind head on master.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[coderabbitai]

@ildyria: I'll review the changes in this PR now.

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[ildyria]

@coderabbitai review ?

[coderabbitai]

@ildyria: I'll review the changes in this PR now.

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (2)

app/Actions/Album/Unlock.php (2)

79-79: Remove unused owner_id selection.

The owner_id field is selected in the query but never used in the subsequent logic. This adds unnecessary data retrieval overhead.

🔎 Proposed fix

 		$albums = BaseAlbumImpl::query()
-			->select(['base_albums.id', 'base_albums.owner_id', APC::PASSWORD])
+			->select(['base_albums.id', APC::PASSWORD])
 			->join(APC::ACCESS_PERMISSIONS, 'base_album_id', '=', 'base_albums.id', 'inner')

---

85-89: Check if album is already unlocked before calling unlock.

The loop calls $this->album_policy->unlock($album) for every matching album without checking if it's already unlocked. This could add redundant entries to the session.

🔎 Proposed fix

 		/** @var BaseAlbumImpl $album */
 		foreach ($albums as $album) {
-			if (Hash::check($password, $album->password)) {
+			if (Hash::check($password, $album->password) && !$this->album_policy->isUnlocked($album)) {
 				$this->album_policy->unlock($album);
 			}
 		}

📜 Review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 219eb90 and 0fe5aff.

📒 Files selected for processing (2)

• app/Actions/Album/Unlock.php
• database/migrations/2026_01_22_000000_propagate_unlock_option.php

🧰 Additional context used

📓 Path-based instructions (1)

**/*.php

📄 CodeRabbit inference engine (.github/copilot-instructions.md)

**/*.php: Any new PHP file should contain the license header and have a single blank line after the opening PHP tag
Variable names should be in snake_case in PHP
Apply the PSR-4 coding standard in PHP
Use in_array() with true as the third parameter in PHP
Only use booleans in if statements, not integers or strings
Use strict comparison (===) instead of loose comparison (==)
Avoid code duplication in both if and else statements
Do not use empty() in PHP
Use the moneyphp/money library for handling monetary values in PHP
Never use floats or doubles to represent monetary values; use integers representing the smallest currency unit (e.g., cents for USD)

**/*.php: Write or extend executable specifications (unit, behaviour, or scenario tests) ahead of implementation, confirm they fail, and then drive code to green before refactoring. List the expected success, validation, and failure branches and add thin failing tests for each path.
For PHP code, adhere to conventions: license headers in new files, strict comparison (===), no empty(), in_array() with third parameter true, snake_case variables, PSR-4 standard, test base classes (AbstractTestCase for Unit, BaseApiWithDataTest for Feature_v2).
Always run phpunit tests. If a test remains red, disable it with a TODO, note the reason, and capture the follow-up in the relevant plan.
Spotless now uses Palantir Java Format 2.78.0 with a 120-character wrap; configure IDE formatters to match before pushing code changes.
Keep each increment's control flow flat by delegating validation/normalisation into tiny pure helpers that return simple enums or result records, then compose them instead of introducing inline branching that inflates the branch count per change.
When introducing new helpers/utilities or editing files prone to style violations (records, DTOs, generated adapters), run the narrowest applicable lint target (for example phpstan) before the full pipeline. Note the command in the related plan/task.
For PHP changes, ru...

Files:

• app/Actions/Album/Unlock.php
• database/migrations/2026_01_22_000000_propagate_unlock_option.php

🧠 Learnings (4)

📚 Learning: 2025-09-16T21:56:01.607Z

Learnt from: ildyria
Repo: LycheeOrg/Lychee PR: 3683
File: app/Actions/Shop/OrderService.php:65-73
Timestamp: 2025-09-16T21:56:01.607Z
Learning: The validation for album-photo membership in OrderService::addPhotoToOrder() is implemented within PurchasableService::getEffectivePurchasableForPhoto() using a whereHas('albums') constraint that ensures the photo belongs to the specified album_id before applying pricing logic.

Applied to files:

• app/Actions/Album/Unlock.php

📚 Learning: 2025-12-28T18:12:55.752Z

Learnt from: ildyria
Repo: LycheeOrg/Lychee PR: 3901
File: app/Providers/AppServiceProvider.php:0-0
Timestamp: 2025-12-28T18:12:55.752Z
Learning: When using Laravel Octane's tick API, Octane::tick(...) returns an InvokeTickCallable that only has ->seconds(int) and ->immediate() methods. There is no ->every(N) method. Use the correct usage: Octane::tick('name', fn() => ...)->seconds(N) or Octane::tick('name', fn() => ..., N). Apply this guideline to PHP files across the project (not just AppServiceProvider.php).

Applied to files:

• app/Actions/Album/Unlock.php
• database/migrations/2026_01_22_000000_propagate_unlock_option.php

📚 Learning: 2025-08-18T10:19:04.946Z

Learnt from: ildyria
Repo: LycheeOrg/Lychee PR: 3626
File: database/migrations/2025_06_07_144157_photo_tags_to_table.php:87-105
Timestamp: 2025-08-18T10:19:04.946Z
Learning: In the Lychee photo management system, the migration `2025_06_07_144157_photo_tags_to_table.php` runs on data that only contains comma-separated tag names in tag_albums.show_tags - OR/AND expressions do not exist at this migration time, so handling them is unnecessary.

Applied to files:

• database/migrations/2026_01_22_000000_propagate_unlock_option.php

📚 Learning: 2025-09-22T12:35:38.842Z

Learnt from: ildyria
Repo: LycheeOrg/Lychee PR: 3706
File: tests/Unit/Http/Controllers/ImportFromServerControllerTest.php:59-66
Timestamp: 2025-09-22T12:35:38.842Z
Learning: In the Lychee codebase, the Configs class extends Laravel's Model, making config values database-backed. Tests using the DatabaseTransactions trait automatically have config changes rolled back without requiring manual restoration in tearDown() methods.

Applied to files:

• database/migrations/2026_01_22_000000_propagate_unlock_option.php

🧬 Code graph analysis (1)

app/Actions/Album/Unlock.php (2)

app/Http/Controllers/Gallery/AlbumController.php (1)

• unlock (354-357)

app/Policies/AlbumPolicy.php (1)

• unlock (546-549)

🔇 Additional comments (1)

database/migrations/2026_01_22_000000_propagate_unlock_option.php (1)

1-35: Confirm the migration timestamp is intentional.

No ordering conflicts were found with other migrations. The timestamp 2026_01_22_000000 chronologically follows the previous migrations (2026_01_01_*) and has no subsequent migrations that would be affected. However, if this date is not intentional for scheduled deployment, update the timestamp to reflect the actual creation date.