mirror of
https://github.com/danny-avila/LibreChat.git
synced 2025-12-19 09:50:15 +01:00
🛂 feat: Role as Permission Principal Type
WIP: Role as Permission Principal Type WIP: add user role check optimization to user principal check, update type comparisons WIP: cover edge cases for string vs ObjectId handling in permission granting and checking chore: Update people picker access middleware to use PrincipalType constants feat: Enhance people picker access control to include roles permissions chore: add missing default role schema values for people picker perms, cleanup typing feat: Enhance PeoplePicker component with role-specific UI and localization updates chore: Add missing `VIEW_ROLES` permission to role schema
This commit is contained in:
parent
28d63dab71
commit
39346d6b8e
49 changed files with 2879 additions and 258 deletions
|
|
@ -1,5 +1,5 @@
|
|||
import { useMemo } from 'react';
|
||||
import { PermissionTypes, Permissions } from 'librechat-data-provider';
|
||||
import { PermissionTypes, PrincipalType, Permissions } from 'librechat-data-provider';
|
||||
import { useHasAccess } from '~/hooks';
|
||||
|
||||
/**
|
||||
|
|
@ -17,21 +17,33 @@ export const usePeoplePickerPermissions = () => {
|
|||
permission: Permissions.VIEW_GROUPS,
|
||||
});
|
||||
|
||||
const hasPeoplePickerAccess = canViewUsers || canViewGroups;
|
||||
const canViewRoles = useHasAccess({
|
||||
permissionType: PermissionTypes.PEOPLE_PICKER,
|
||||
permission: Permissions.VIEW_ROLES,
|
||||
});
|
||||
|
||||
const peoplePickerTypeFilter = useMemo(() => {
|
||||
if (canViewUsers && canViewGroups) {
|
||||
return null; // Both types allowed
|
||||
const hasPeoplePickerAccess = canViewUsers || canViewGroups || canViewRoles;
|
||||
|
||||
const peoplePickerTypeFilter:
|
||||
| PrincipalType.USER
|
||||
| PrincipalType.GROUP
|
||||
| PrincipalType.ROLE
|
||||
| null = useMemo(() => {
|
||||
if (canViewUsers && canViewGroups && canViewRoles) {
|
||||
return null; // All types allowed
|
||||
} else if (canViewUsers) {
|
||||
return 'user' as const;
|
||||
return PrincipalType.USER;
|
||||
} else if (canViewGroups) {
|
||||
return 'group' as const;
|
||||
return PrincipalType.GROUP;
|
||||
} else if (canViewRoles) {
|
||||
return PrincipalType.ROLE;
|
||||
}
|
||||
return null;
|
||||
}, [canViewUsers, canViewGroups]);
|
||||
}, [canViewUsers, canViewGroups, canViewRoles]);
|
||||
|
||||
return {
|
||||
canViewUsers,
|
||||
canViewRoles,
|
||||
canViewGroups,
|
||||
hasPeoplePickerAccess,
|
||||
peoplePickerTypeFilter,
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue