2026-01-10 14:02:56 -05:00
|
|
|
const { ResourceType, PermissionTypes, Permissions } = require('librechat-data-provider');
|
|
|
|
|
const { checkSharePublicAccess } = require('./checkSharePublicAccess');
|
📦 refactor: Consolidate DB models, encapsulating Mongoose usage in `data-schemas` (#11830)
* chore: move database model methods to /packages/data-schemas
* chore: add TypeScript ESLint rule to warn on unused variables
* refactor: model imports to streamline access
- Consolidated model imports across various files to improve code organization and reduce redundancy.
- Updated imports for models such as Assistant, Message, Conversation, and others to a unified import path.
- Adjusted middleware and service files to reflect the new import structure, ensuring functionality remains intact.
- Enhanced test files to align with the new import paths, maintaining test coverage and integrity.
* chore: migrate database models to packages/data-schemas and refactor all direct Mongoose Model usage outside of data-schemas
* test: update agent model mocks in unit tests
- Added `getAgent` mock to `client.test.js` to enhance test coverage for agent-related functionality.
- Removed redundant `getAgent` and `getAgents` mocks from `openai.spec.js` and `responses.unit.spec.js` to streamline test setup and reduce duplication.
- Ensured consistency in agent mock implementations across test files.
* fix: update types in data-schemas
* refactor: enhance type definitions in transaction and spending methods
- Updated type definitions in `checkBalance.ts` to use specific request and response types.
- Refined `spendTokens.ts` to utilize a new `SpendTxData` interface for better clarity and type safety.
- Improved transaction handling in `transaction.ts` by introducing `TransactionResult` and `TxData` interfaces, ensuring consistent data structures across methods.
- Adjusted unit tests in `transaction.spec.ts` to accommodate new type definitions and enhance robustness.
* refactor: streamline model imports and enhance code organization
- Consolidated model imports across various controllers and services to a unified import path, improving code clarity and reducing redundancy.
- Updated multiple files to reflect the new import structure, ensuring all functionalities remain intact.
- Enhanced overall code organization by removing duplicate import statements and optimizing the usage of model methods.
* feat: implement loadAddedAgent and refactor agent loading logic
- Introduced `loadAddedAgent` function to handle loading agents from added conversations, supporting multi-convo parallel execution.
- Created a new `load.ts` file to encapsulate agent loading functionalities, including `loadEphemeralAgent` and `loadAgent`.
- Updated the `index.ts` file to export the new `load` module instead of the deprecated `loadAgent`.
- Enhanced type definitions and improved error handling in the agent loading process.
- Adjusted unit tests to reflect changes in the agent loading structure and ensure comprehensive coverage.
* refactor: enhance balance handling with new update interface
- Introduced `IBalanceUpdate` interface to streamline balance update operations across the codebase.
- Updated `upsertBalanceFields` method signatures in `balance.ts`, `transaction.ts`, and related tests to utilize the new interface for improved type safety.
- Adjusted type imports in `balance.spec.ts` to include `IBalanceUpdate`, ensuring consistency in balance management functionalities.
- Enhanced overall code clarity and maintainability by refining type definitions related to balance operations.
* feat: add unit tests for loadAgent functionality and enhance agent loading logic
- Introduced comprehensive unit tests for the `loadAgent` function, covering various scenarios including null and empty agent IDs, loading of ephemeral agents, and permission checks.
- Enhanced the `initializeClient` function by moving `getConvoFiles` to the correct position in the database method exports, ensuring proper functionality.
- Improved test coverage for agent loading, including handling of non-existent agents and user permissions.
* chore: reorder memory method exports for consistency
- Moved `deleteAllUserMemories` to the correct position in the exported memory methods, ensuring a consistent and logical order of method exports in `memory.ts`.
2026-02-17 18:23:44 -05:00
|
|
|
const { getRoleByName } = require('~/models');
|
2026-01-10 14:02:56 -05:00
|
|
|
|
📦 refactor: Consolidate DB models, encapsulating Mongoose usage in `data-schemas` (#11830)
* chore: move database model methods to /packages/data-schemas
* chore: add TypeScript ESLint rule to warn on unused variables
* refactor: model imports to streamline access
- Consolidated model imports across various files to improve code organization and reduce redundancy.
- Updated imports for models such as Assistant, Message, Conversation, and others to a unified import path.
- Adjusted middleware and service files to reflect the new import structure, ensuring functionality remains intact.
- Enhanced test files to align with the new import paths, maintaining test coverage and integrity.
* chore: migrate database models to packages/data-schemas and refactor all direct Mongoose Model usage outside of data-schemas
* test: update agent model mocks in unit tests
- Added `getAgent` mock to `client.test.js` to enhance test coverage for agent-related functionality.
- Removed redundant `getAgent` and `getAgents` mocks from `openai.spec.js` and `responses.unit.spec.js` to streamline test setup and reduce duplication.
- Ensured consistency in agent mock implementations across test files.
* fix: update types in data-schemas
* refactor: enhance type definitions in transaction and spending methods
- Updated type definitions in `checkBalance.ts` to use specific request and response types.
- Refined `spendTokens.ts` to utilize a new `SpendTxData` interface for better clarity and type safety.
- Improved transaction handling in `transaction.ts` by introducing `TransactionResult` and `TxData` interfaces, ensuring consistent data structures across methods.
- Adjusted unit tests in `transaction.spec.ts` to accommodate new type definitions and enhance robustness.
* refactor: streamline model imports and enhance code organization
- Consolidated model imports across various controllers and services to a unified import path, improving code clarity and reducing redundancy.
- Updated multiple files to reflect the new import structure, ensuring all functionalities remain intact.
- Enhanced overall code organization by removing duplicate import statements and optimizing the usage of model methods.
* feat: implement loadAddedAgent and refactor agent loading logic
- Introduced `loadAddedAgent` function to handle loading agents from added conversations, supporting multi-convo parallel execution.
- Created a new `load.ts` file to encapsulate agent loading functionalities, including `loadEphemeralAgent` and `loadAgent`.
- Updated the `index.ts` file to export the new `load` module instead of the deprecated `loadAgent`.
- Enhanced type definitions and improved error handling in the agent loading process.
- Adjusted unit tests to reflect changes in the agent loading structure and ensure comprehensive coverage.
* refactor: enhance balance handling with new update interface
- Introduced `IBalanceUpdate` interface to streamline balance update operations across the codebase.
- Updated `upsertBalanceFields` method signatures in `balance.ts`, `transaction.ts`, and related tests to utilize the new interface for improved type safety.
- Adjusted type imports in `balance.spec.ts` to include `IBalanceUpdate`, ensuring consistency in balance management functionalities.
- Enhanced overall code clarity and maintainability by refining type definitions related to balance operations.
* feat: add unit tests for loadAgent functionality and enhance agent loading logic
- Introduced comprehensive unit tests for the `loadAgent` function, covering various scenarios including null and empty agent IDs, loading of ephemeral agents, and permission checks.
- Enhanced the `initializeClient` function by moving `getConvoFiles` to the correct position in the database method exports, ensuring proper functionality.
- Improved test coverage for agent loading, including handling of non-existent agents and user permissions.
* chore: reorder memory method exports for consistency
- Moved `deleteAllUserMemories` to the correct position in the exported memory methods, ensuring a consistent and logical order of method exports in `memory.ts`.
2026-02-17 18:23:44 -05:00
|
|
|
jest.mock('~/models');
|
2026-01-10 14:02:56 -05:00
|
|
|
|
|
|
|
|
describe('checkSharePublicAccess middleware', () => {
|
|
|
|
|
let mockReq;
|
|
|
|
|
let mockRes;
|
|
|
|
|
let mockNext;
|
|
|
|
|
|
|
|
|
|
beforeEach(() => {
|
|
|
|
|
jest.clearAllMocks();
|
|
|
|
|
mockReq = {
|
|
|
|
|
user: { id: 'user123', role: 'USER' },
|
|
|
|
|
params: { resourceType: ResourceType.AGENT },
|
|
|
|
|
body: {},
|
|
|
|
|
};
|
|
|
|
|
mockRes = {
|
|
|
|
|
status: jest.fn().mockReturnThis(),
|
|
|
|
|
json: jest.fn(),
|
|
|
|
|
};
|
|
|
|
|
mockNext = jest.fn();
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('should call next() when public is not true', async () => {
|
|
|
|
|
mockReq.body = { public: false };
|
|
|
|
|
|
|
|
|
|
await checkSharePublicAccess(mockReq, mockRes, mockNext);
|
|
|
|
|
|
|
|
|
|
expect(mockNext).toHaveBeenCalled();
|
|
|
|
|
expect(mockRes.status).not.toHaveBeenCalled();
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('should call next() when public is undefined', async () => {
|
|
|
|
|
mockReq.body = { updated: [] };
|
|
|
|
|
|
|
|
|
|
await checkSharePublicAccess(mockReq, mockRes, mockNext);
|
|
|
|
|
|
|
|
|
|
expect(mockNext).toHaveBeenCalled();
|
|
|
|
|
expect(mockRes.status).not.toHaveBeenCalled();
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('should return 401 when user is not authenticated', async () => {
|
|
|
|
|
mockReq.body = { public: true };
|
|
|
|
|
mockReq.user = null;
|
|
|
|
|
|
|
|
|
|
await checkSharePublicAccess(mockReq, mockRes, mockNext);
|
|
|
|
|
|
|
|
|
|
expect(mockRes.status).toHaveBeenCalledWith(401);
|
|
|
|
|
expect(mockRes.json).toHaveBeenCalledWith({
|
|
|
|
|
error: 'Unauthorized',
|
|
|
|
|
message: 'Authentication required',
|
|
|
|
|
});
|
|
|
|
|
expect(mockNext).not.toHaveBeenCalled();
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('should return 403 when user role has no SHARE_PUBLIC permission for agents', async () => {
|
|
|
|
|
mockReq.body = { public: true };
|
|
|
|
|
mockReq.params = { resourceType: ResourceType.AGENT };
|
|
|
|
|
getRoleByName.mockResolvedValue({
|
|
|
|
|
permissions: {
|
|
|
|
|
[PermissionTypes.AGENTS]: {
|
|
|
|
|
[Permissions.SHARE]: true,
|
|
|
|
|
[Permissions.SHARE_PUBLIC]: false,
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
await checkSharePublicAccess(mockReq, mockRes, mockNext);
|
|
|
|
|
|
|
|
|
|
expect(mockRes.status).toHaveBeenCalledWith(403);
|
|
|
|
|
expect(mockRes.json).toHaveBeenCalledWith({
|
|
|
|
|
error: 'Forbidden',
|
|
|
|
|
message: `You do not have permission to share ${ResourceType.AGENT} resources publicly`,
|
|
|
|
|
});
|
|
|
|
|
expect(mockNext).not.toHaveBeenCalled();
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('should call next() when user has SHARE_PUBLIC permission for agents', async () => {
|
|
|
|
|
mockReq.body = { public: true };
|
|
|
|
|
mockReq.params = { resourceType: ResourceType.AGENT };
|
|
|
|
|
getRoleByName.mockResolvedValue({
|
|
|
|
|
permissions: {
|
|
|
|
|
[PermissionTypes.AGENTS]: {
|
|
|
|
|
[Permissions.SHARE]: true,
|
|
|
|
|
[Permissions.SHARE_PUBLIC]: true,
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
await checkSharePublicAccess(mockReq, mockRes, mockNext);
|
|
|
|
|
|
|
|
|
|
expect(mockNext).toHaveBeenCalled();
|
|
|
|
|
expect(mockRes.status).not.toHaveBeenCalled();
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('should check prompts permission for promptgroup resource type', async () => {
|
|
|
|
|
mockReq.body = { public: true };
|
|
|
|
|
mockReq.params = { resourceType: ResourceType.PROMPTGROUP };
|
|
|
|
|
getRoleByName.mockResolvedValue({
|
|
|
|
|
permissions: {
|
|
|
|
|
[PermissionTypes.PROMPTS]: {
|
|
|
|
|
[Permissions.SHARE_PUBLIC]: true,
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
await checkSharePublicAccess(mockReq, mockRes, mockNext);
|
|
|
|
|
|
|
|
|
|
expect(mockNext).toHaveBeenCalled();
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('should check mcp_servers permission for mcpserver resource type', async () => {
|
|
|
|
|
mockReq.body = { public: true };
|
|
|
|
|
mockReq.params = { resourceType: ResourceType.MCPSERVER };
|
|
|
|
|
getRoleByName.mockResolvedValue({
|
|
|
|
|
permissions: {
|
|
|
|
|
[PermissionTypes.MCP_SERVERS]: {
|
|
|
|
|
[Permissions.SHARE_PUBLIC]: true,
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
await checkSharePublicAccess(mockReq, mockRes, mockNext);
|
|
|
|
|
|
|
|
|
|
expect(mockNext).toHaveBeenCalled();
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('should return 400 for unsupported resource type', async () => {
|
|
|
|
|
mockReq.body = { public: true };
|
|
|
|
|
mockReq.params = { resourceType: 'unsupported' };
|
|
|
|
|
|
|
|
|
|
await checkSharePublicAccess(mockReq, mockRes, mockNext);
|
|
|
|
|
|
|
|
|
|
expect(mockRes.status).toHaveBeenCalledWith(400);
|
|
|
|
|
expect(mockRes.json).toHaveBeenCalledWith({
|
|
|
|
|
error: 'Bad Request',
|
|
|
|
|
message: 'Unsupported resource type for public sharing: unsupported',
|
|
|
|
|
});
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('should return 403 when role has no permissions object', async () => {
|
|
|
|
|
mockReq.body = { public: true };
|
|
|
|
|
getRoleByName.mockResolvedValue({ permissions: null });
|
|
|
|
|
|
|
|
|
|
await checkSharePublicAccess(mockReq, mockRes, mockNext);
|
|
|
|
|
|
|
|
|
|
expect(mockRes.status).toHaveBeenCalledWith(403);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('should return 500 on error', async () => {
|
|
|
|
|
mockReq.body = { public: true };
|
|
|
|
|
getRoleByName.mockRejectedValue(new Error('Database error'));
|
|
|
|
|
|
|
|
|
|
await checkSharePublicAccess(mockReq, mockRes, mockNext);
|
|
|
|
|
|
|
|
|
|
expect(mockRes.status).toHaveBeenCalledWith(500);
|
|
|
|
|
expect(mockRes.json).toHaveBeenCalledWith({
|
|
|
|
|
error: 'Internal Server Error',
|
|
|
|
|
message: 'Failed to check public sharing permissions',
|
|
|
|
|
});
|
|
|
|
|
});
|
|
|
|
|
});
|