Andreas/LibreChat
1
0
Fork 0
mirror of https://github.com/danny-avila/LibreChat.git synced 2026-02-22 18:34:08 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

🛂 feat: Role as Permission Principal Type

Browse source 
WIP: Role as Permission Principal Type

WIP: add user role check optimization to user principal check, update type comparisons

WIP: cover edge cases for string vs ObjectId handling in permission granting and checking

chore: Update people picker access middleware to use PrincipalType constants

feat: Enhance people picker access control to include roles permissions

chore: add missing default role schema values for people picker perms, cleanup typing

feat: Enhance PeoplePicker component with role-specific UI and localization updates

chore: Add missing `VIEW_ROLES` permission to role schema
This commit is contained in:
Danny Avila 2025-08-03 19:24:40 -04:00
parent 28d63dab71
commit 39346d6b8e
No known key found for this signature in database
GPG key ID: BF31EEB2C5CA0956
49 changed files with 2879 additions and 258 deletions
Download patch file Download diff file Expand all files Collapse all files

2
packages/data-schemas/src/schema/aclEntry.ts
View file

@ -10,7 +10,7 @@ const aclEntrySchema = new Schema<IAclEntry>(
required: true,
},
principalId: {
type: Schema.Types.ObjectId,
type: Schema.Types.Mixed, // Can be ObjectId for users/groups or String for roles
refPath: 'principalModel',
required: function (this: IAclEntry) {
return this.principalType !== PrincipalType.PUBLIC;

2
packages/data-schemas/src/schema/role.ts
View file

@ -42,6 +42,7 @@ const rolePermissionsSchema = new Schema(
[PermissionTypes.PEOPLE_PICKER]: {
[Permissions.VIEW_USERS]: { type: Boolean, default: false },
[Permissions.VIEW_GROUPS]: { type: Boolean, default: false },
[Permissions.VIEW_ROLES]: { type: Boolean, default: false },
},
[PermissionTypes.MARKETPLACE]: {
[Permissions.USE]: { type: Boolean, default: false },
@ -85,6 +86,7 @@ const roleSchema: Schema<IRole> = new Schema({
[PermissionTypes.PEOPLE_PICKER]: {
[Permissions.VIEW_USERS]: false,
[Permissions.VIEW_GROUPS]: false,
[Permissions.VIEW_ROLES]: false,
},
[PermissionTypes.MARKETPLACE]: { [Permissions.USE]: false },
[PermissionTypes.FILE_SEARCH]: { [Permissions.USE]: true },