🛡️ fix: Preserve CREATE/SHARE/SHARE_PUBLIC Permissions with Boolean Config (#11647)

* 🔧 refactor: Update permissions handling in updateInterfacePermissions function

- Removed explicit SHARE and SHARE_PUBLIC permissions for PROMPTS when prompts are true, simplifying the permission logic.
- Adjusted the permissions structure to conditionally include SHARE and SHARE_PUBLIC based on the type of interface configuration, enhancing maintainability and clarity in permission management.
- Updated related tests to reflect the changes in permission handling for consistency and accuracy.

* 🔧 refactor: Enhance permission configuration in updateInterfacePermissions

- Introduced a new `create` property in the permission configuration object to improve flexibility in permission management.
- Updated helper functions to accommodate the new `create` property, ensuring backward compatibility with existing boolean configurations.
- Adjusted default values for prompts and agents to include the new `create` property, enhancing the overall permission structure.

* 🧪 test: Add regression tests for SHARE/SHARE_PUBLIC permission handling

- Introduced tests to ensure existing SHARE and SHARE_PUBLIC values are preserved when using boolean configuration for agents.
- Added validation to confirm that SHARE and SHARE_PUBLIC are included in the update payload when using object configuration, enhancing the accuracy of permission management.
- These tests address potential regressions and improve the robustness of the permission handling logic in the updateInterfacePermissions function.

* fix: accessing undefined regex

- Moved the creation of the domainSeparatorRegex to the beginning of the loadToolDefinitionsWrapper function for improved clarity and performance.
- Removed redundant regex initialization within the function's loop, enhancing code efficiency and maintainability.

* 🧪 test: Enhance regression tests for SHARE/SHARE_PUBLIC permission handling

- Added a new test to ensure that SHARE and SHARE_PUBLIC permissions are preserved when using object configuration without explicit share/public keys.
- Updated existing tests to validate the inclusion of SHARE and SHARE_PUBLIC in the update payload when using object configuration, improving the robustness of permission management.
- Adjusted the updateInterfacePermissions function to conditionally include SHARE and SHARE_PUBLIC based on the presence of share/public keys in the configuration, enhancing clarity and maintainability.

* 🔧 refactor: Update permission handling in updateInterfacePermissions

- Simplified the logic for including CREATE, SHARE, and SHARE_PUBLIC permissions in the update payload based on the presence of corresponding keys in the configuration object.
- Adjusted tests to reflect the changes, ensuring that only the USE permission is updated when existing permissions are present, preserving the database values for CREATE, SHARE, and SHARE_PUBLIC.
- Enhanced clarity in comments to better explain the permission management logic.

api/server/services/ToolService.js

@@ -568,6 +568,7 @@ async function loadToolDefinitionsWrapper({ req, res, agent, streamId = null, to
 
     const definitions = [];
     const allowedDomains = appConfig?.actions?.allowedDomains;
+    const domainSeparatorRegex = new RegExp(actionDomainSeparator, 'g');
 
     for (const action of actionSets) {
       const domain = await domainParser(action.metadata.domain, true);
@@ -590,7 +591,6 @@ async function loadToolDefinitionsWrapper({ req, res, agent, streamId = null, to
 
       const { functionSignatures } = openapiToFunction(validationResult.spec, true);
 
-      const domainSeparatorRegex = new RegExp(actionDomainSeparator, 'g');
       for (const sig of functionSignatures) {
         const toolName = `${sig.name}${actionDelimiter}${normalizedDomain}`;
         if (!actionToolNames.some((name) => name.replace(domainSeparatorRegex, '_') === toolName)) {