Andreas/LibreChat
1
0
Fork 0
mirror of https://github.com/danny-avila/LibreChat.git synced 2025-12-21 02:40:14 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: Add role-level permissions for agent sharing people picker

Browse source 
- Add PEOPLE_PICKER permission type with VIEW_USERS and VIEW_GROUPS permissions
  - Create custom middleware for query-aware permission validation
  - Implement permission-based type filtering in PeoplePicker component
  - Hide people picker UI when user lacks permissions, show only public toggle
  - Support granular access: users-only, groups-only, or mixed search modes
This commit is contained in:
Atef Bellaaj 2025-07-01 14:25:48 +02:00 committed by Danny Avila
parent b03341517d
commit 73fb4181fe
No known key found for this signature in database
GPG key ID: BF31EEB2C5CA0956
11 changed files with 220 additions and 32 deletions
Download patch file Download diff file Expand all files Collapse all files

3
api/server/routes/accessPermissions.js
View file

@ -8,6 +8,7 @@ const {
searchPrincipals,
} = require('~/server/controllers/PermissionsController');
const { requireJwtAuth, checkBan, uaParser, canAccessResource } = require('~/server/middleware');
const { checkPeoplePickerAccess } = require('~/server/middleware/checkPeoplePickerAccess');
const router = express.Router();
@ -25,7 +26,7 @@ router.use(uaParser);
* GET /api/permissions/search-principals
* Search for users and groups to grant permissions
*/
router.get('/search-principals', searchPrincipals);
router.get('/search-principals', checkPeoplePickerAccess, searchPrincipals);
/**
* GET /api/permissions/{resourceType}/roles