mirror of
https://github.com/danny-avila/LibreChat.git
synced 2026-03-15 04:06:33 +01:00
🔧 refactor: Permission handling for Resource Sharing (#11283)
* 🔧 refactor: permission handling for public sharing - Updated permission keys from SHARED_GLOBAL to SHARE across various files for consistency. - Added public access configuration in librechat.example.yaml. - Adjusted related tests and components to reflect the new permission structure. * chore: Update default SHARE permission to false * fix: Update SHARE permissions in tests and implementation - Added SHARE permission handling for user and admin roles in permissions.spec.ts and permissions.ts. - Updated expected permissions in tests to reflect new SHARE permission values for various permission types. * fix: Handle undefined values in PeoplePickerAdminSettings component - Updated the checked and value props of the Switch component to handle undefined values gracefully by defaulting to false. This ensures consistent behavior when the field value is not set. * feat: Add CREATE permission handling for prompts and agents - Introduced CREATE permission for user and admin roles in permissions.spec.ts and permissions.ts. - Updated expected permissions in tests to include CREATE permission for various permission types. * 🔧 refactor: Enhance permission handling for sharing dialog usability * refactor: public sharing permissions for resources - Added middleware to check SHARE_PUBLIC permissions for agents, prompts, and MCP servers. - Updated interface configuration in librechat.example.yaml to include public sharing options. - Enhanced components and hooks to support public sharing functionality. - Adjusted tests to validate new permission handling for public sharing across various resource types. * refactor: update Share2Icon styling in GenericGrantAccessDialog * refactor: update Share2Icon size in GenericGrantAccessDialog for consistency * refactor: improve layout and styling of Share2Icon in GenericGrantAccessDialog * refactor: update Share2Icon size in GenericGrantAccessDialog for improved consistency * chore: remove redundant public sharing option from People Picker * refactor: add SHARE_PUBLIC permission handling in updateInterfacePermissions tests
This commit is contained in:
Danny Avila
GitHub
parent
083251508e
commit
76e17ba701
32 changed files with 646 additions and 109 deletions
|
|
@ -587,6 +587,7 @@ const mcpServersSchema = z
|
|||
use: z.boolean().optional(),
|
||||
create: z.boolean().optional(),
|
||||
share: z.boolean().optional(),
|
||||
public: z.boolean().optional(),
|
||||
trustCheckbox: z
|
||||
.object({
|
||||
label: localizedStringSchema.optional(),
|
||||
|
|
@ -617,8 +618,26 @@ export const interfaceSchema = z
|
|||
bookmarks: z.boolean().optional(),
|
||||
memories: z.boolean().optional(),
|
||||
presets: z.boolean().optional(),
|
||||
prompts: z.boolean().optional(),
|
||||
agents: z.boolean().optional(),
|
||||
prompts: z
|
||||
.union([
|
||||
z.boolean(),
|
||||
z.object({
|
||||
use: z.boolean().optional(),
|
||||
share: z.boolean().optional(),
|
||||
public: z.boolean().optional(),
|
||||
}),
|
||||
])
|
||||
.optional(),
|
||||
agents: z
|
||||
.union([
|
||||
z.boolean(),
|
||||
z.object({
|
||||
use: z.boolean().optional(),
|
||||
share: z.boolean().optional(),
|
||||
public: z.boolean().optional(),
|
||||
}),
|
||||
])
|
||||
.optional(),
|
||||
temporaryChat: z.boolean().optional(),
|
||||
temporaryChatRetention: z.number().min(1).max(8760).optional(),
|
||||
runCode: z.boolean().optional(),
|
||||
|
|
@ -647,8 +666,16 @@ export const interfaceSchema = z
|
|||
multiConvo: true,
|
||||
bookmarks: true,
|
||||
memories: true,
|
||||
prompts: true,
|
||||
agents: true,
|
||||
prompts: {
|
||||
use: true,
|
||||
share: false,
|
||||
public: false,
|
||||
},
|
||||
agents: {
|
||||
use: true,
|
||||
share: false,
|
||||
public: false,
|
||||
},
|
||||
temporaryChat: true,
|
||||
runCode: true,
|
||||
webSearch: true,
|
||||
|
|
@ -664,6 +691,7 @@ export const interfaceSchema = z
|
|||
use: true,
|
||||
create: true,
|
||||
share: false,
|
||||
public: false,
|
||||
},
|
||||
fileSearch: true,
|
||||
fileCitations: true,
|
||||
|
|
|
|||
|
|
@ -62,7 +62,6 @@ export enum PermissionTypes {
|
|||
* Enum for Role-Based Access Control Constants
|
||||
*/
|
||||
export enum Permissions {
|
||||
SHARED_GLOBAL = 'SHARED_GLOBAL',
|
||||
USE = 'USE',
|
||||
CREATE = 'CREATE',
|
||||
UPDATE = 'UPDATE',
|
||||
|
|
@ -74,13 +73,15 @@ export enum Permissions {
|
|||
VIEW_USERS = 'VIEW_USERS',
|
||||
VIEW_GROUPS = 'VIEW_GROUPS',
|
||||
VIEW_ROLES = 'VIEW_ROLES',
|
||||
/** Can share resources publicly (with everyone) */
|
||||
SHARE_PUBLIC = 'SHARE_PUBLIC',
|
||||
}
|
||||
|
||||
export const promptPermissionsSchema = z.object({
|
||||
[Permissions.SHARED_GLOBAL]: z.boolean().default(false),
|
||||
[Permissions.USE]: z.boolean().default(true),
|
||||
[Permissions.CREATE]: z.boolean().default(true),
|
||||
// [Permissions.SHARE]: z.boolean().default(false),
|
||||
[Permissions.SHARE]: z.boolean().default(false),
|
||||
[Permissions.SHARE_PUBLIC]: z.boolean().default(false),
|
||||
});
|
||||
export type TPromptPermissions = z.infer<typeof promptPermissionsSchema>;
|
||||
|
||||
|
|
@ -99,10 +100,10 @@ export const memoryPermissionsSchema = z.object({
|
|||
export type TMemoryPermissions = z.infer<typeof memoryPermissionsSchema>;
|
||||
|
||||
export const agentPermissionsSchema = z.object({
|
||||
[Permissions.SHARED_GLOBAL]: z.boolean().default(false),
|
||||
[Permissions.USE]: z.boolean().default(true),
|
||||
[Permissions.CREATE]: z.boolean().default(true),
|
||||
// [Permissions.SHARE]: z.boolean().default(false),
|
||||
[Permissions.SHARE]: z.boolean().default(false),
|
||||
[Permissions.SHARE_PUBLIC]: z.boolean().default(false),
|
||||
});
|
||||
export type TAgentPermissions = z.infer<typeof agentPermissionsSchema>;
|
||||
|
||||
|
|
@ -152,6 +153,7 @@ export const mcpServersPermissionsSchema = z.object({
|
|||
[Permissions.USE]: z.boolean().default(true),
|
||||
[Permissions.CREATE]: z.boolean().default(true),
|
||||
[Permissions.SHARE]: z.boolean().default(false),
|
||||
[Permissions.SHARE_PUBLIC]: z.boolean().default(false),
|
||||
});
|
||||
export type TMcpServersPermissions = z.infer<typeof mcpServersPermissionsSchema>;
|
||||
|
||||
|
|
|
|||
|
|
@ -43,10 +43,10 @@ const defaultRolesSchema = z.object({
|
|||
name: z.literal(SystemRoles.ADMIN),
|
||||
permissions: permissionsSchema.extend({
|
||||
[PermissionTypes.PROMPTS]: promptPermissionsSchema.extend({
|
||||
[Permissions.SHARED_GLOBAL]: z.boolean().default(true),
|
||||
[Permissions.USE]: z.boolean().default(true),
|
||||
[Permissions.CREATE]: z.boolean().default(true),
|
||||
// [Permissions.SHARE]: z.boolean().default(true),
|
||||
[Permissions.SHARE]: z.boolean().default(true),
|
||||
[Permissions.SHARE_PUBLIC]: z.boolean().default(true),
|
||||
}),
|
||||
[PermissionTypes.BOOKMARKS]: bookmarkPermissionsSchema.extend({
|
||||
[Permissions.USE]: z.boolean().default(true),
|
||||
|
|
@ -59,10 +59,10 @@ const defaultRolesSchema = z.object({
|
|||
[Permissions.OPT_OUT]: z.boolean().default(true),
|
||||
}),
|
||||
[PermissionTypes.AGENTS]: agentPermissionsSchema.extend({
|
||||
[Permissions.SHARED_GLOBAL]: z.boolean().default(true),
|
||||
[Permissions.USE]: z.boolean().default(true),
|
||||
[Permissions.CREATE]: z.boolean().default(true),
|
||||
// [Permissions.SHARE]: z.boolean().default(true),
|
||||
[Permissions.SHARE]: z.boolean().default(true),
|
||||
[Permissions.SHARE_PUBLIC]: z.boolean().default(true),
|
||||
}),
|
||||
[PermissionTypes.MULTI_CONVO]: multiConvoPermissionsSchema.extend({
|
||||
[Permissions.USE]: z.boolean().default(true),
|
||||
|
|
@ -94,6 +94,7 @@ const defaultRolesSchema = z.object({
|
|||
[Permissions.USE]: z.boolean().default(true),
|
||||
[Permissions.CREATE]: z.boolean().default(true),
|
||||
[Permissions.SHARE]: z.boolean().default(true),
|
||||
[Permissions.SHARE_PUBLIC]: z.boolean().default(true),
|
||||
}),
|
||||
}),
|
||||
}),
|
||||
|
|
@ -108,9 +109,10 @@ export const roleDefaults = defaultRolesSchema.parse({
|
|||
name: SystemRoles.ADMIN,
|
||||
permissions: {
|
||||
[PermissionTypes.PROMPTS]: {
|
||||
[Permissions.SHARED_GLOBAL]: true,
|
||||
[Permissions.USE]: true,
|
||||
[Permissions.CREATE]: true,
|
||||
[Permissions.SHARE]: true,
|
||||
[Permissions.SHARE_PUBLIC]: true,
|
||||
},
|
||||
[PermissionTypes.BOOKMARKS]: {
|
||||
[Permissions.USE]: true,
|
||||
|
|
@ -123,9 +125,10 @@ export const roleDefaults = defaultRolesSchema.parse({
|
|||
[Permissions.OPT_OUT]: true,
|
||||
},
|
||||
[PermissionTypes.AGENTS]: {
|
||||
[Permissions.SHARED_GLOBAL]: true,
|
||||
[Permissions.USE]: true,
|
||||
[Permissions.CREATE]: true,
|
||||
[Permissions.SHARE]: true,
|
||||
[Permissions.SHARE_PUBLIC]: true,
|
||||
},
|
||||
[PermissionTypes.MULTI_CONVO]: {
|
||||
[Permissions.USE]: true,
|
||||
|
|
@ -157,6 +160,7 @@ export const roleDefaults = defaultRolesSchema.parse({
|
|||
[Permissions.USE]: true,
|
||||
[Permissions.CREATE]: true,
|
||||
[Permissions.SHARE]: true,
|
||||
[Permissions.SHARE_PUBLIC]: true,
|
||||
},
|
||||
},
|
||||
},
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue