Simplify control flow

server/apps/immich/src/api-v1/asset/asset.service.ts

@@ -644,23 +644,29 @@ export class AssetService {
 
   async checkAssetsAccess(authUser: AuthUserDto, assetIds: string[], mustBeOwner = false) {
     for (const assetId of assetIds) {
+      // Default: DENY
+      let accessAllowed = false;
+
       // Step 1: Check if user owns asset
       if ((await this._assetRepository.countByIdAndUser(assetId, authUser.id)) == 1) {
-        continue;
+        accessAllowed = true;
       }
 
       // Avoid additional checks if ownership is required
       if (!mustBeOwner) {
         // Step 2: Check if asset is part of an album shared with me
         if ((await this._albumRepository.getSharedWithUserAlbumCount(authUser.id, assetId)) > 0) {
-          continue;
+          accessAllowed = true;
         }
 
         //TODO: Step 3: Check if asset is part of a public album
       }
+
+      if (!accessAllowed) {
         throw new ForbiddenException();
       }
     }
+  }
 }
 
 async function processETag(path: string, res: Res, headers: Record<string, string>): Promise<boolean> {