Andreas/LibreChat
1
0
Fork 0
mirror of https://github.com/danny-avila/LibreChat.git synced 2026-04-03 22:37:20 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
LibreChat/api/server/routes/admin/roles.js

39 lines
1.7 KiB
JavaScript
Raw Normal View History

feat: add admin roles handler factory and Express routes
2026-03-24 23:40:12 -07:00
const express = require('express');
const { createAdminRolesHandlers } = require('@librechat/api');
const { SystemCapabilities } = require('@librechat/data-schemas');
const { requireCapability } = require('~/server/middleware/roles/capabilities');
const { requireJwtAuth } = require('~/server/middleware');
const db = require('~/models');
const router = express.Router();
const requireAdminAccess = requireCapability(SystemCapabilities.ACCESS_ADMIN);
const requireReadRoles = requireCapability(SystemCapabilities.READ_ROLES);
const requireManageRoles = requireCapability(SystemCapabilities.MANAGE_ROLES);
const handlers = createAdminRolesHandlers({
listRoles: db.listRoles,
getRoleByName: db.getRoleByName,
fix: rename createRole/deleteRole to avoid AccessRole name collision The existing accessRole.ts already exports createRole/deleteRole for the AccessRole model. In createMethods index.ts, these are spread after roleMethods, overwriting them. Renamed our Role methods to createRoleByName/deleteRoleByName to match the existing pattern (getRoleByName, updateRoleByName) and avoid the collision.
2026-03-25 08:56:38 -07:00
createRoleByName: db.createRoleByName,
feat: add admin roles handler factory and Express routes
2026-03-24 23:40:12 -07:00
updateRoleByName: db.updateRoleByName,
updateAccessPermissions: db.updateAccessPermissions,
fix: rename createRole/deleteRole to avoid AccessRole name collision The existing accessRole.ts already exports createRole/deleteRole for the AccessRole model. In createMethods index.ts, these are spread after roleMethods, overwriting them. Renamed our Role methods to createRoleByName/deleteRoleByName to match the existing pattern (getRoleByName, updateRoleByName) and avoid the collision.
2026-03-25 08:56:38 -07:00
deleteRoleByName: db.deleteRoleByName,
feat: add admin roles handler factory and Express routes
2026-03-24 23:40:12 -07:00
findUser: db.findUser,
updateUser: db.updateUser,
fix: address convention violations in admin roles handlers
2026-03-24 23:54:32 -07:00
listUsersByRole: db.listUsersByRole,
feat: add admin roles handler factory and Express routes
2026-03-24 23:40:12 -07:00
});
router.use(requireJwtAuth, requireAdminAccess);
router.get('/', requireReadRoles, handlers.listRoles);
router.post('/', requireManageRoles, handlers.createRole);
router.get('/:name', requireReadRoles, handlers.getRole);
router.patch('/:name', requireManageRoles, handlers.updateRole);
router.delete('/:name', requireManageRoles, handlers.deleteRole);
router.patch('/:name/permissions', requireManageRoles, handlers.updateRolePermissions);
router.get('/:name/members', requireReadRoles, handlers.getRoleMembers);
router.post('/:name/members', requireManageRoles, handlers.addRoleMember);
router.delete('/:name/members/:userId', requireManageRoles, handlers.removeRoleMember);
module.exports = router;
Reference in a new issue Copy permalink