mirror of
https://github.com/danny-avila/LibreChat.git
synced 2025-12-17 17:00:15 +01:00
🔒 refactor: Apply interface settings to all Roles (#3967)
This commit is contained in:
Danny Avila
GitHub
parent
748b41eda4
commit
0148b9b097
6 changed files with 20 additions and 15 deletions
|
|
@ -1,4 +1,3 @@
|
|||
const { SystemRoles } = require('librechat-data-provider');
|
||||
const { getRoleByName } = require('~/models/Role');
|
||||
|
||||
/**
|
||||
|
|
@ -17,10 +16,6 @@ const generateCheckAccess = (permissionType, permissions, bodyProps = {}) => {
|
|||
return res.status(401).json({ message: 'Authorization required' });
|
||||
}
|
||||
|
||||
if (user.role === SystemRoles.ADMIN) {
|
||||
return next();
|
||||
}
|
||||
|
||||
const role = await getRoleByName(user.role);
|
||||
if (role && role[permissionType]) {
|
||||
const hasAnyPermission = permissions.some((permission) => {
|
||||
|
|
|
|||
|
|
@ -20,7 +20,10 @@ router.get('/:roleName', async (req, res) => {
|
|||
// TODO: TEMP, use a better parsing for roleName
|
||||
const roleName = _r.toUpperCase();
|
||||
|
||||
if (req.user.role !== SystemRoles.ADMIN && !roleDefaults[roleName]) {
|
||||
if (
|
||||
(req.user.role !== SystemRoles.ADMIN && roleName === SystemRoles.ADMIN) ||
|
||||
(req.user.role !== SystemRoles.ADMIN && !roleDefaults[roleName])
|
||||
) {
|
||||
return res.status(403).send({ message: 'Unauthorized' });
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -39,6 +39,11 @@ async function loadDefaultInterface(config, configDefaults, roleName = SystemRol
|
|||
[PermissionTypes.BOOKMARKS]: { [Permissions.USE]: loadedInterface.bookmarks },
|
||||
[PermissionTypes.MULTI_CONVO]: { [Permissions.USE]: loadedInterface.multiConvo },
|
||||
});
|
||||
await updateAccessPermissions(SystemRoles.ADMIN, {
|
||||
[PermissionTypes.PROMPTS]: { [Permissions.USE]: loadedInterface.prompts },
|
||||
[PermissionTypes.BOOKMARKS]: { [Permissions.USE]: loadedInterface.bookmarks },
|
||||
[PermissionTypes.MULTI_CONVO]: { [Permissions.USE]: loadedInterface.multiConvo },
|
||||
});
|
||||
|
||||
let i = 0;
|
||||
const logSettings = () => {
|
||||
|
|
|
|||
|
|
@ -35,7 +35,10 @@ const AuthContextProvider = ({
|
|||
const [error, setError] = useState<string | undefined>(undefined);
|
||||
const [isAuthenticated, setIsAuthenticated] = useState<boolean>(false);
|
||||
const { data: userRole = null } = useGetRole(SystemRoles.USER, {
|
||||
enabled: !!(isAuthenticated && user?.role),
|
||||
enabled: !!(isAuthenticated && (user?.role ?? '')),
|
||||
});
|
||||
const { data: adminRole = null } = useGetRole(SystemRoles.ADMIN, {
|
||||
enabled: !!(isAuthenticated && user?.role === SystemRoles.ADMIN),
|
||||
});
|
||||
|
||||
const navigate = useNavigate();
|
||||
|
|
@ -130,7 +133,7 @@ const AuthContextProvider = ({
|
|||
if (userQuery.data) {
|
||||
setUser(userQuery.data);
|
||||
} else if (userQuery.isError) {
|
||||
doSetError((userQuery?.error as Error).message);
|
||||
doSetError((userQuery.error as Error).message);
|
||||
navigate('/login', { replace: true });
|
||||
}
|
||||
if (error && isAuthenticated) {
|
||||
|
|
@ -179,11 +182,12 @@ const AuthContextProvider = ({
|
|||
setError,
|
||||
roles: {
|
||||
[SystemRoles.USER]: userRole,
|
||||
[SystemRoles.ADMIN]: adminRole,
|
||||
},
|
||||
isAuthenticated,
|
||||
}),
|
||||
// eslint-disable-next-line react-hooks/exhaustive-deps
|
||||
[user, error, isAuthenticated, token, userRole],
|
||||
[user, error, isAuthenticated, token, userRole, adminRole],
|
||||
);
|
||||
|
||||
return <AuthContext.Provider value={memoedValue}>{children}</AuthContext.Provider>;
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
import { useMemo, useCallback } from 'react';
|
||||
import { SystemRoles, PermissionTypes, Permissions } from 'librechat-data-provider';
|
||||
import { PermissionTypes, Permissions } from 'librechat-data-provider';
|
||||
import { useAuthContext } from '~/hooks/AuthContext';
|
||||
|
||||
const useHasAccess = ({
|
||||
|
|
@ -13,9 +13,7 @@ const useHasAccess = ({
|
|||
|
||||
const checkAccess = useCallback(
|
||||
({ user, permissionType, permission }) => {
|
||||
if (isAuthenticated && user?.role === SystemRoles.ADMIN) {
|
||||
return true;
|
||||
} else if (isAuthenticated && user?.role != null && roles && roles[user.role]) {
|
||||
if (isAuthenticated && user?.role != null && roles && roles[user.role]) {
|
||||
return roles[user.role]?.[permissionType]?.[permission] === true;
|
||||
}
|
||||
return false;
|
||||
|
|
|
|||
|
|
@ -10,10 +10,10 @@ import {
|
|||
BreadcrumbList,
|
||||
BreadcrumbSeparator,
|
||||
// BreadcrumbEllipsis,
|
||||
DropdownMenu,
|
||||
// DropdownMenu,
|
||||
// DropdownMenuItem,
|
||||
// DropdownMenuContent,
|
||||
DropdownMenuTrigger,
|
||||
// DropdownMenuTrigger,
|
||||
} from '~/components/ui';
|
||||
import { useLocalize, useCustomLink, useAuthContext } from '~/hooks';
|
||||
import AdvancedSwitch from '~/components/Prompts/AdvancedSwitch';
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue