Andreas/LibreChat
1
0
Fork 0
mirror of https://github.com/danny-avila/LibreChat.git synced 2025-12-18 01:10:14 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

🗞️ refactor: Apply Role Permissions at Startup only if Missing or Configured

Browse source
This commit is contained in:
Danny Avila 2025-08-10 21:42:54 -04:00
parent d07c2b3475
commit 53c31b85d0
No known key found for this signature in database
GPG key ID: BF31EEB2C5CA0956
7 changed files with 355 additions and 440 deletions
Download patch file Download diff file Expand all files Collapse all files

8
api/models/Role.js
View file

@ -16,7 +16,7 @@ const { Role } = require('~/db/models');
*
* @param {string} roleName - The name of the role to find or create.
* @param {string|string[]} [fieldsToSelect] - The fields to include or exclude in the returned document.
* @returns {Promise<Object>} A plain object representing the role document.
* @returns {Promise<IRole>} Role document.
*/
const getRoleByName = async function (roleName, fieldsToSelect = null) {
const cache = getLogStores(CacheKeys.ROLES);
@ -72,8 +72,9 @@ const updateRoleByName = async function (roleName, updates) {
* Updates access permissions for a specific role and multiple permission types.
* @param {string} roleName - The role to update.
* @param {Object.<PermissionTypes, Object.<Permissions, boolean>>} permissionsUpdate - Permissions to update and their values.
* @param {IRole} [roleData] - Optional role data to use instead of fetching from the database.
*/
async function updateAccessPermissions(roleName, permissionsUpdate) {
async function updateAccessPermissions(roleName, permissionsUpdate, roleData) {
// Filter and clean the permission updates based on our schema definition.
const updates = {};
for (const [permissionType, permissions] of Object.entries(permissionsUpdate)) {
@ -86,7 +87,7 @@ async function updateAccessPermissions(roleName, permissionsUpdate) {
}
try {
const role = await getRoleByName(roleName);
const role = roleData ?? (await getRoleByName(roleName));
if (!role) {
return;
}
@ -113,7 +114,6 @@ async function updateAccessPermissions(roleName, permissionsUpdate) {
}
}
// Process the current updates
for (const [permissionType, permissions] of Object.entries(updates)) {
const currentTypePermissions = currentPermissions[permissionType] || {};
updatedPermissions[permissionType] = { ...currentTypePermissions };