Andreas/LibreChat
1
0
Fork 0
mirror of https://github.com/danny-avila/LibreChat.git synced 2026-03-08 09:02:36 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

🛂 feat: Role as Permission Principal Type

Browse source 
WIP: Role as Permission Principal Type

WIP: add user role check optimization to user principal check, update type comparisons

WIP: cover edge cases for string vs ObjectId handling in permission granting and checking

chore: Update people picker access middleware to use PrincipalType constants

feat: Enhance people picker access control to include roles permissions

chore: add missing default role schema values for people picker perms, cleanup typing

feat: Enhance PeoplePicker component with role-specific UI and localization updates

chore: Add missing `VIEW_ROLES` permission to role schema
This commit is contained in:
Danny Avila 2025-08-03 19:24:40 -04:00
parent 28d63dab71
commit 39346d6b8e
No known key found for this signature in database
GPG key ID: BF31EEB2C5CA0956
49 changed files with 2879 additions and 258 deletions
Download patch file Download diff file Expand all files Collapse all files

5
packages/data-provider/src/roles.ts
View file

@ -30,7 +30,6 @@ export enum SystemRoles {
USER = 'USER',
}
// The role schema now only needs to reference the permissions schema.
export const roleSchema = z.object({
name: z.string(),
permissions: permissionsSchema,
@ -38,7 +37,6 @@ export const roleSchema = z.object({
export type TRole = z.infer<typeof roleSchema>;
// Define default roles using the new structure.
const defaultRolesSchema = z.object({
[SystemRoles.ADMIN]: roleSchema.extend({
name: z.literal(SystemRoles.ADMIN),
@ -80,6 +78,7 @@ const defaultRolesSchema = z.object({
[PermissionTypes.PEOPLE_PICKER]: peoplePickerPermissionsSchema.extend({
[Permissions.VIEW_USERS]: z.boolean().default(true),
[Permissions.VIEW_GROUPS]: z.boolean().default(true),
[Permissions.VIEW_ROLES]: z.boolean().default(true),
}),
[PermissionTypes.MARKETPLACE]: z.object({
[Permissions.USE]: z.boolean().default(false),
@ -137,6 +136,7 @@ export const roleDefaults = defaultRolesSchema.parse({
[PermissionTypes.PEOPLE_PICKER]: {
[Permissions.VIEW_USERS]: true,
[Permissions.VIEW_GROUPS]: true,
[Permissions.VIEW_ROLES]: true,
},
[PermissionTypes.MARKETPLACE]: {
[Permissions.USE]: true,
@ -163,6 +163,7 @@ export const roleDefaults = defaultRolesSchema.parse({
[PermissionTypes.PEOPLE_PICKER]: {
[Permissions.VIEW_USERS]: false,
[Permissions.VIEW_GROUPS]: false,
[Permissions.VIEW_ROLES]: false,
},
[PermissionTypes.MARKETPLACE]: {
[Permissions.USE]: false,