Andreas/LibreChat
1
0
Fork 0
mirror of https://github.com/danny-avila/LibreChat.git synced 2026-02-10 11:34:23 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

refactor permission service with reuse of model methods from data-schema package

Browse source
This commit is contained in:
Atef Bellaaj 2025-06-12 18:11:25 +02:00 committed by Danny Avila
parent 25b97ba388
commit 5979efd607
No known key found for this signature in database
GPG key ID: BF31EEB2C5CA0956
2 changed files with 22 additions and 96 deletions
Download patch file Download diff file Expand all files Collapse all files

31
packages/data-schemas/src/methods/aclEntry.ts
View file

@ -85,7 +85,7 @@ export function createAclEntryMethods(mongoose: typeof import('mongoose')) {
$or: principalsQuery,
resourceType,
resourceId,
permBits: { $bitsAnySet: permissionBit },
permBits: { $bitsAllSet: permissionBit },
}).lean();
return !!entry;
@ -96,22 +96,13 @@ export function createAclEntryMethods(mongoose: typeof import('mongoose')) {
* @param principalsList - List of principals, each containing { principalType, principalId }
* @param resourceType - The type of resource
* @param resourceId - The ID of the resource
* @returns Object with effectiveBits (combined permissions) and sources (individual entries)
* @returns {Promise<number>} Effective permission bitmask
*/
async function getEffectivePermissions(
principalsList: Array<{ principalType: string; principalId?: string | Types.ObjectId }>,
resourceType: string,
resourceId: string | Types.ObjectId,
): Promise<{
effectiveBits: number;
sources: Array<{
from: string;
principalId?: Types.ObjectId;
permBits: number;
direct: boolean;
inheritedFrom?: Types.ObjectId;
}>;
}> {
): Promise<number> {
const aclEntries = await findEntriesByPrincipalsAndResource(
principalsList,
resourceType,
@ -119,18 +110,10 @@ export function createAclEntryMethods(mongoose: typeof import('mongoose')) {
);
let effectiveBits = 0;
const sources = aclEntries.map((entry) => {
for (const entry of aclEntries) {
effectiveBits |= entry.permBits;
return {
from: entry.principalType,
principalId: entry.principalId,
permBits: entry.permBits,
direct: !entry.inheritedFrom,
inheritedFrom: entry.inheritedFrom,
};
});
return { effectiveBits, sources };
}
return effectiveBits;
}
/**
@ -286,7 +269,7 @@ export function createAclEntryMethods(mongoose: typeof import('mongoose')) {
const entries = await AclEntry.find({
$or: principalsQuery,
resourceType,
permBits: { $bitsAnySet: requiredPermBit },
permBits: { $bitsAllSet: requiredPermBit },
}).distinct('resourceId');
return entries;