Andreas/LibreChat
1
0
Fork 0
mirror of https://github.com/danny-avila/LibreChat.git synced 2025-12-18 09:20:15 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

👷 feat: Allow Admin to Edit Agent/Assistant Actions (#4591)

Browse source 
* feat: allows admin to see and edits all actions

* feat: allows admin to see and edits all actions

* rollback: admins can edit all actions, no configuration

* fix: admins don't override the user of existing actions and they preserve the user of the assistant when creating a new action

---------

Co-authored-by: Olivier Schiavo <olivier.schiavo@wengo.com>
This commit is contained in:
owengo 2025-01-31 13:45:02 +01:00 committed by GitHub
parent 9373f77bb7
commit 8a0c7d92bd
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 58 additions and 27 deletions
Download patch file Download diff file Expand all files Collapse all files

49
api/server/routes/agents/actions.js
View file

@ -1,6 +1,6 @@
const express = require('express'); const express = require('express');
const { nanoid } = require('nanoid'); const { nanoid } = require('nanoid');
const { actionDelimiter } = require('librechat-data-provider'); const { actionDelimiter, SystemRoles } = require('librechat-data-provider');
const { encryptMetadata, domainParser } = require('~/server/services/ActionService'); const { encryptMetadata, domainParser } = require('~/server/services/ActionService');
const { updateAction, getActions, deleteAction } = require('~/models/Action'); const { updateAction, getActions, deleteAction } = require('~/models/Action');
const { isActionDomainAllowed } = require('~/server/services/domains'); const { isActionDomainAllowed } = require('~/server/services/domains');
@ -9,6 +9,12 @@ const { logger } = require('~/config');
const router = express.Router(); const router = express.Router();
// If the user has ADMIN role
// then action edition is possible even if not owner of the assistant
const isAdmin = (req) => {
return req.user.role === SystemRoles.ADMIN;
};
/** /**
* Retrieves all user's actions * Retrieves all user's actions
* @route GET /actions/ * @route GET /actions/
@ -17,7 +23,10 @@ const router = express.Router();
*/ */
router.get('/', async (req, res) => { router.get('/', async (req, res) => {
try { try {
res.json(await getActions({ user: req.user.id })); const admin = isAdmin(req);
// If admin, get all actions, otherwise only user's actions
const searchParams = admin ? {} : { user: req.user.id };
res.json(await getActions(searchParams));
} catch (error) { } catch (error) {
res.status(500).json({ error: error.message }); res.status(500).json({ error: error.message });
} }
@ -57,9 +66,12 @@ router.post('/:agent_id', async (req, res) => {
const action_id = _action_id ?? nanoid(); const action_id = _action_id ?? nanoid();
const initialPromises = []; const initialPromises = [];
const admin = isAdmin(req);
// If admin, can edit any agent, otherwise only user's agents
const agentQuery = admin ? { id: agent_id } : { id: agent_id, author: req.user.id };
// TODO: share agents // TODO: share agents
initialPromises.push(getAgent({ id: agent_id, author: req.user.id })); initialPromises.push(getAgent(agentQuery));
if (_action_id) { if (_action_id) {
initialPromises.push(getActions({ action_id }, true)); initialPromises.push(getActions({ action_id }, true));
} }
@ -75,7 +87,7 @@ router.post('/:agent_id', async (req, res) => {
metadata = { ...action.metadata, ...metadata }; metadata = { ...action.metadata, ...metadata };
} }
const { actions: _actions = [] } = agent ?? {}; const { actions: _actions = [], author: agent_author } = agent ?? {};
const actions = []; const actions = [];
for (const action of _actions) { for (const action of _actions) {
const [_action_domain, current_action_id] = action.split(actionDelimiter); const [_action_domain, current_action_id] = action.split(actionDelimiter);
@ -95,14 +107,19 @@ router.post('/:agent_id', async (req, res) => {
.filter((tool) => !(tool && (tool.includes(domain) || tool.includes(action_id)))) .filter((tool) => !(tool && (tool.includes(domain) || tool.includes(action_id))))
.concat(functions.map((tool) => `${tool.function.name}${actionDelimiter}${domain}`)); .concat(functions.map((tool) => `${tool.function.name}${actionDelimiter}${domain}`));
const updatedAgent = await updateAgent( const updatedAgent = await updateAgent(agentQuery, { tools, actions });
{ id: agent_id, author: req.user.id },
{ tools, actions }, // Only update user field for new actions
); const actionUpdateData = { metadata, agent_id };
if (!actions_result || !actions_result.length) {
// For new actions, use the agent owner's user ID
actionUpdateData.user = agent_author || req.user.id;
}
/** @type {[Action]} */ /** @type {[Action]} */
const updatedAction = await updateAction( const updatedAction = await updateAction(
{ action_id }, { action_id },
{ metadata, agent_id, user: req.user.id }, actionUpdateData,
); );
const sensitiveFields = ['api_key', 'oauth_client_id', 'oauth_client_secret']; const sensitiveFields = ['api_key', 'oauth_client_id', 'oauth_client_secret'];
@ -130,8 +147,11 @@ router.post('/:agent_id', async (req, res) => {
router.delete('/:agent_id/:action_id', async (req, res) => { router.delete('/:agent_id/:action_id', async (req, res) => {
try { try {
const { agent_id, action_id } = req.params; const { agent_id, action_id } = req.params;
const admin = isAdmin(req);
const agent = await getAgent({ id: agent_id, author: req.user.id }); // If admin, can delete any agent, otherwise only user's agents
const agentQuery = admin ? { id: agent_id } : { id: agent_id, author: req.user.id };
const agent = await getAgent(agentQuery);
if (!agent) { if (!agent) {
return res.status(404).json({ message: 'Agent not found for deleting action' }); return res.status(404).json({ message: 'Agent not found for deleting action' });
} }
@ -155,11 +175,10 @@ router.delete('/:agent_id/:action_id', async (req, res) => {
const updatedTools = tools.filter((tool) => !(tool && tool.includes(domain))); const updatedTools = tools.filter((tool) => !(tool && tool.includes(domain)));
await updateAgent( await updateAgent(agentQuery, { tools: updatedTools, actions: updatedActions });
{ id: agent_id, author: req.user.id }, // If admin, can delete any action, otherwise only user's actions
{ tools: updatedTools, actions: updatedActions }, const actionQuery = admin ? { action_id } : { action_id, user: req.user.id };
); await deleteAction(actionQuery);
await deleteAction({ action_id });
res.status(200).json({ message: 'Action deleted successfully' }); res.status(200).json({ message: 'Action deleted successfully' });
} catch (error) { } catch (error) {
const message = 'Trouble deleting the Agent Action'; const message = 'Trouble deleting the Agent Action';

34
api/server/routes/assistants/actions.js
View file

@ -63,7 +63,7 @@ router.post('/:assistant_id', async (req, res) => {
return res.status(404).json({ message: 'Assistant not found' }); return res.status(404).json({ message: 'Assistant not found' });
} }
const { actions: _actions = [] } = assistant_data ?? {}; const { actions: _actions = [], user: assistant_user } = assistant_data ?? {};
const actions = []; const actions = [];
for (const action of _actions) { for (const action of _actions) {
const [_action_domain, current_action_id] = action.split(actionDelimiter); const [_action_domain, current_action_id] = action.split(actionDelimiter);
@ -99,16 +99,26 @@ router.post('/:assistant_id', async (req, res) => {
let updatedAssistant = await openai.beta.assistants.update(assistant_id, { tools }); let updatedAssistant = await openai.beta.assistants.update(assistant_id, { tools });
const promises = []; const promises = [];
// Only update user field for new assistant documents
const assistantUpdateData = { actions };
if (!assistant_data) {
assistantUpdateData.user = req.user.id;
}
promises.push( promises.push(
updateAssistantDoc( updateAssistantDoc(
{ assistant_id }, { assistant_id },
{ assistantUpdateData,
actions, )
user: req.user.id,
},
),
); );
promises.push(updateAction({ action_id }, { metadata, assistant_id, user: req.user.id }));
// Only update user field for new actions
const actionUpdateData = { metadata, assistant_id };
if (!actions_result || !actions_result.length) {
// For new actions, use the assistant owner's user ID
actionUpdateData.user = assistant_user || req.user.id;
}
promises.push(updateAction({ action_id }, actionUpdateData));
/** @type {[AssistantDocument, Action]} */ /** @type {[AssistantDocument, Action]} */
let [assistantDocument, updatedAction] = await Promise.all(promises); let [assistantDocument, updatedAction] = await Promise.all(promises);
@ -180,13 +190,15 @@ router.delete('/:assistant_id/:action_id/:model', async (req, res) => {
await openai.beta.assistants.update(assistant_id, { tools: updatedTools }); await openai.beta.assistants.update(assistant_id, { tools: updatedTools });
const promises = []; const promises = [];
// Only update user field if assistant document doesn't exist
const assistantUpdateData = { actions };
if (!assistant_data) {
assistantUpdateData.user = req.user.id;
}
promises.push( promises.push(
updateAssistantDoc( updateAssistantDoc(
{ assistant_id }, { assistant_id },
{ assistantUpdateData,
actions: updatedActions,
user: req.user.id,
},
), ),
); );
promises.push(deleteAction({ action_id })); promises.push(deleteAction({ action_id }));