mirror of
https://github.com/danny-avila/LibreChat.git
synced 2026-02-07 10:11:49 +01:00
🛡️ fix: Preserve CREATE/SHARE/SHARE_PUBLIC Permissions with Boolean Config (#11647)
* 🔧 refactor: Update permissions handling in updateInterfacePermissions function - Removed explicit SHARE and SHARE_PUBLIC permissions for PROMPTS when prompts are true, simplifying the permission logic. - Adjusted the permissions structure to conditionally include SHARE and SHARE_PUBLIC based on the type of interface configuration, enhancing maintainability and clarity in permission management. - Updated related tests to reflect the changes in permission handling for consistency and accuracy. * 🔧 refactor: Enhance permission configuration in updateInterfacePermissions - Introduced a new `create` property in the permission configuration object to improve flexibility in permission management. - Updated helper functions to accommodate the new `create` property, ensuring backward compatibility with existing boolean configurations. - Adjusted default values for prompts and agents to include the new `create` property, enhancing the overall permission structure. * 🧪 test: Add regression tests for SHARE/SHARE_PUBLIC permission handling - Introduced tests to ensure existing SHARE and SHARE_PUBLIC values are preserved when using boolean configuration for agents. - Added validation to confirm that SHARE and SHARE_PUBLIC are included in the update payload when using object configuration, enhancing the accuracy of permission management. - These tests address potential regressions and improve the robustness of the permission handling logic in the updateInterfacePermissions function. * fix: accessing undefined regex - Moved the creation of the domainSeparatorRegex to the beginning of the loadToolDefinitionsWrapper function for improved clarity and performance. - Removed redundant regex initialization within the function's loop, enhancing code efficiency and maintainability. * 🧪 test: Enhance regression tests for SHARE/SHARE_PUBLIC permission handling - Added a new test to ensure that SHARE and SHARE_PUBLIC permissions are preserved when using object configuration without explicit share/public keys. - Updated existing tests to validate the inclusion of SHARE and SHARE_PUBLIC in the update payload when using object configuration, improving the robustness of permission management. - Adjusted the updateInterfacePermissions function to conditionally include SHARE and SHARE_PUBLIC based on the presence of share/public keys in the configuration, enhancing clarity and maintainability. * 🔧 refactor: Update permission handling in updateInterfacePermissions - Simplified the logic for including CREATE, SHARE, and SHARE_PUBLIC permissions in the update payload based on the presence of corresponding keys in the configuration object. - Adjusted tests to reflect the changes, ensuring that only the USE permission is updated when existing permissions are present, preserving the database values for CREATE, SHARE, and SHARE_PUBLIC. - Enhanced clarity in comments to better explain the permission management logic.
This commit is contained in:
Danny Avila
GitHub
parent
24625f5693
commit
8cf5ae7e79
4 changed files with 306 additions and 77 deletions
|
|
@ -146,21 +146,28 @@ export async function updateInterfacePermissions({
|
|||
};
|
||||
|
||||
// Helper to extract value from boolean or object config
|
||||
const getConfigUse = (
|
||||
config: boolean | { use?: boolean; share?: boolean; public?: boolean } | undefined,
|
||||
) => (typeof config === 'boolean' ? config : config?.use);
|
||||
const getConfigShare = (
|
||||
config: boolean | { use?: boolean; share?: boolean; public?: boolean } | undefined,
|
||||
) => (typeof config === 'boolean' ? undefined : config?.share);
|
||||
const getConfigPublic = (
|
||||
config: boolean | { use?: boolean; share?: boolean; public?: boolean } | undefined,
|
||||
) => (typeof config === 'boolean' ? undefined : config?.public);
|
||||
type PermissionConfig =
|
||||
| boolean
|
||||
| { use?: boolean; create?: boolean; share?: boolean; public?: boolean }
|
||||
| undefined;
|
||||
const getConfigUse = (config: PermissionConfig) =>
|
||||
typeof config === 'boolean' ? config : config?.use;
|
||||
const getConfigCreate = (config: PermissionConfig) =>
|
||||
typeof config === 'boolean' ? undefined : config?.create;
|
||||
const getConfigShare = (config: PermissionConfig) =>
|
||||
typeof config === 'boolean' ? undefined : config?.share;
|
||||
const getConfigPublic = (config: PermissionConfig) =>
|
||||
typeof config === 'boolean' ? undefined : config?.public;
|
||||
|
||||
// Get default use values (for backward compat when config is boolean)
|
||||
// Get default values (for backward compat when config is boolean)
|
||||
const promptsDefaultUse =
|
||||
typeof defaults.prompts === 'boolean' ? defaults.prompts : defaults.prompts?.use;
|
||||
const agentsDefaultUse =
|
||||
typeof defaults.agents === 'boolean' ? defaults.agents : defaults.agents?.use;
|
||||
const promptsDefaultCreate =
|
||||
typeof defaults.prompts === 'object' ? defaults.prompts?.create : undefined;
|
||||
const agentsDefaultCreate =
|
||||
typeof defaults.agents === 'object' ? defaults.agents?.create : undefined;
|
||||
const promptsDefaultShare =
|
||||
typeof defaults.prompts === 'object' ? defaults.prompts?.share : undefined;
|
||||
const agentsDefaultShare =
|
||||
|
|
@ -177,21 +184,32 @@ export async function updateInterfacePermissions({
|
|||
defaultPerms[PermissionTypes.PROMPTS]?.[Permissions.USE],
|
||||
promptsDefaultUse,
|
||||
),
|
||||
[Permissions.CREATE]: getPermissionValue(
|
||||
undefined,
|
||||
defaultPerms[PermissionTypes.PROMPTS]?.[Permissions.CREATE],
|
||||
true,
|
||||
),
|
||||
[Permissions.SHARE]: getPermissionValue(
|
||||
getConfigShare(loadedInterface.prompts),
|
||||
defaultPerms[PermissionTypes.PROMPTS]?.[Permissions.SHARE],
|
||||
promptsDefaultShare,
|
||||
),
|
||||
[Permissions.SHARE_PUBLIC]: getPermissionValue(
|
||||
getConfigPublic(loadedInterface.prompts),
|
||||
defaultPerms[PermissionTypes.PROMPTS]?.[Permissions.SHARE_PUBLIC],
|
||||
promptsDefaultPublic,
|
||||
),
|
||||
...((typeof interfaceConfig?.prompts === 'object' && 'create' in interfaceConfig.prompts) ||
|
||||
!existingPermissions?.[PermissionTypes.PROMPTS]
|
||||
? {
|
||||
[Permissions.CREATE]: getPermissionValue(
|
||||
getConfigCreate(loadedInterface.prompts),
|
||||
defaultPerms[PermissionTypes.PROMPTS]?.[Permissions.CREATE],
|
||||
promptsDefaultCreate ?? true,
|
||||
),
|
||||
}
|
||||
: {}),
|
||||
...((typeof interfaceConfig?.prompts === 'object' &&
|
||||
('share' in interfaceConfig.prompts || 'public' in interfaceConfig.prompts)) ||
|
||||
!existingPermissions?.[PermissionTypes.PROMPTS]
|
||||
? {
|
||||
[Permissions.SHARE]: getPermissionValue(
|
||||
getConfigShare(loadedInterface.prompts),
|
||||
defaultPerms[PermissionTypes.PROMPTS]?.[Permissions.SHARE],
|
||||
promptsDefaultShare,
|
||||
),
|
||||
[Permissions.SHARE_PUBLIC]: getPermissionValue(
|
||||
getConfigPublic(loadedInterface.prompts),
|
||||
defaultPerms[PermissionTypes.PROMPTS]?.[Permissions.SHARE_PUBLIC],
|
||||
promptsDefaultPublic,
|
||||
),
|
||||
}
|
||||
: {}),
|
||||
},
|
||||
[PermissionTypes.BOOKMARKS]: {
|
||||
[Permissions.USE]: getPermissionValue(
|
||||
|
|
@ -242,21 +260,32 @@ export async function updateInterfacePermissions({
|
|||
defaultPerms[PermissionTypes.AGENTS]?.[Permissions.USE],
|
||||
agentsDefaultUse,
|
||||
),
|
||||
[Permissions.CREATE]: getPermissionValue(
|
||||
undefined,
|
||||
defaultPerms[PermissionTypes.AGENTS]?.[Permissions.CREATE],
|
||||
true,
|
||||
),
|
||||
[Permissions.SHARE]: getPermissionValue(
|
||||
getConfigShare(loadedInterface.agents),
|
||||
defaultPerms[PermissionTypes.AGENTS]?.[Permissions.SHARE],
|
||||
agentsDefaultShare,
|
||||
),
|
||||
[Permissions.SHARE_PUBLIC]: getPermissionValue(
|
||||
getConfigPublic(loadedInterface.agents),
|
||||
defaultPerms[PermissionTypes.AGENTS]?.[Permissions.SHARE_PUBLIC],
|
||||
agentsDefaultPublic,
|
||||
),
|
||||
...((typeof interfaceConfig?.agents === 'object' && 'create' in interfaceConfig.agents) ||
|
||||
!existingPermissions?.[PermissionTypes.AGENTS]
|
||||
? {
|
||||
[Permissions.CREATE]: getPermissionValue(
|
||||
getConfigCreate(loadedInterface.agents),
|
||||
defaultPerms[PermissionTypes.AGENTS]?.[Permissions.CREATE],
|
||||
agentsDefaultCreate ?? true,
|
||||
),
|
||||
}
|
||||
: {}),
|
||||
...((typeof interfaceConfig?.agents === 'object' &&
|
||||
('share' in interfaceConfig.agents || 'public' in interfaceConfig.agents)) ||
|
||||
!existingPermissions?.[PermissionTypes.AGENTS]
|
||||
? {
|
||||
[Permissions.SHARE]: getPermissionValue(
|
||||
getConfigShare(loadedInterface.agents),
|
||||
defaultPerms[PermissionTypes.AGENTS]?.[Permissions.SHARE],
|
||||
agentsDefaultShare,
|
||||
),
|
||||
[Permissions.SHARE_PUBLIC]: getPermissionValue(
|
||||
getConfigPublic(loadedInterface.agents),
|
||||
defaultPerms[PermissionTypes.AGENTS]?.[Permissions.SHARE_PUBLIC],
|
||||
agentsDefaultPublic,
|
||||
),
|
||||
}
|
||||
: {}),
|
||||
},
|
||||
[PermissionTypes.TEMPORARY_CHAT]: {
|
||||
[Permissions.USE]: getPermissionValue(
|
||||
|
|
@ -328,16 +357,22 @@ export async function updateInterfacePermissions({
|
|||
defaultPerms[PermissionTypes.MCP_SERVERS]?.[Permissions.CREATE],
|
||||
defaults.mcpServers?.create,
|
||||
),
|
||||
[Permissions.SHARE]: getPermissionValue(
|
||||
loadedInterface.mcpServers?.share,
|
||||
defaultPerms[PermissionTypes.MCP_SERVERS]?.[Permissions.SHARE],
|
||||
defaults.mcpServers?.share,
|
||||
),
|
||||
[Permissions.SHARE_PUBLIC]: getPermissionValue(
|
||||
loadedInterface.mcpServers?.public,
|
||||
defaultPerms[PermissionTypes.MCP_SERVERS]?.[Permissions.SHARE_PUBLIC],
|
||||
defaults.mcpServers?.public,
|
||||
),
|
||||
...((typeof interfaceConfig?.mcpServers === 'object' &&
|
||||
('share' in interfaceConfig.mcpServers || 'public' in interfaceConfig.mcpServers)) ||
|
||||
!existingPermissions?.[PermissionTypes.MCP_SERVERS]
|
||||
? {
|
||||
[Permissions.SHARE]: getPermissionValue(
|
||||
loadedInterface.mcpServers?.share,
|
||||
defaultPerms[PermissionTypes.MCP_SERVERS]?.[Permissions.SHARE],
|
||||
defaults.mcpServers?.share,
|
||||
),
|
||||
[Permissions.SHARE_PUBLIC]: getPermissionValue(
|
||||
loadedInterface.mcpServers?.public,
|
||||
defaultPerms[PermissionTypes.MCP_SERVERS]?.[Permissions.SHARE_PUBLIC],
|
||||
defaults.mcpServers?.public,
|
||||
),
|
||||
}
|
||||
: {}),
|
||||
},
|
||||
[PermissionTypes.REMOTE_AGENTS]: {
|
||||
[Permissions.USE]: getPermissionValue(
|
||||
|
|
@ -350,16 +385,22 @@ export async function updateInterfacePermissions({
|
|||
defaultPerms[PermissionTypes.REMOTE_AGENTS]?.[Permissions.CREATE],
|
||||
defaults.remoteAgents?.create,
|
||||
),
|
||||
[Permissions.SHARE]: getPermissionValue(
|
||||
loadedInterface.remoteAgents?.share,
|
||||
defaultPerms[PermissionTypes.REMOTE_AGENTS]?.[Permissions.SHARE],
|
||||
defaults.remoteAgents?.share,
|
||||
),
|
||||
[Permissions.SHARE_PUBLIC]: getPermissionValue(
|
||||
loadedInterface.remoteAgents?.public,
|
||||
defaultPerms[PermissionTypes.REMOTE_AGENTS]?.[Permissions.SHARE_PUBLIC],
|
||||
defaults.remoteAgents?.public,
|
||||
),
|
||||
...((typeof interfaceConfig?.remoteAgents === 'object' &&
|
||||
('share' in interfaceConfig.remoteAgents || 'public' in interfaceConfig.remoteAgents)) ||
|
||||
!existingPermissions?.[PermissionTypes.REMOTE_AGENTS]
|
||||
? {
|
||||
[Permissions.SHARE]: getPermissionValue(
|
||||
loadedInterface.remoteAgents?.share,
|
||||
defaultPerms[PermissionTypes.REMOTE_AGENTS]?.[Permissions.SHARE],
|
||||
defaults.remoteAgents?.share,
|
||||
),
|
||||
[Permissions.SHARE_PUBLIC]: getPermissionValue(
|
||||
loadedInterface.remoteAgents?.public,
|
||||
defaultPerms[PermissionTypes.REMOTE_AGENTS]?.[Permissions.SHARE_PUBLIC],
|
||||
defaults.remoteAgents?.public,
|
||||
),
|
||||
}
|
||||
: {}),
|
||||
},
|
||||
};
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue