Andreas/LibreChat
1
0
Fork 0
mirror of https://github.com/danny-avila/LibreChat.git synced 2025-12-19 09:50:15 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

🔧 refactor: Change Permissions Check from some to every for Stricter Access Validation (#8270)

Browse source 
* 🔧 refactor: Change Permissions Check from `some` to `every` for Stricter Access Validation

* 🧪 ci: Add comprehensive tests for access middleware functions

* fix: custom provider check logic in `getProviderConfig` function
This commit is contained in:
Danny Avila 2025-07-05 15:53:08 -04:00 committed by GitHub
parent 97a99985fa
commit 91a2df4759
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 558 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

4
packages/api/src/middleware/access.ts
View file

@ -64,7 +64,7 @@ export const checkAccess = async ({
const role = await getRoleByName(user.role);
if (role && role.permissions && role.permissions[permissionType]) {
const hasAnyPermission = permissions.some((permission) => {
const hasAnyPermission = permissions.every((permission) => {
if (
role.permissions?.[permissionType as keyof typeof role.permissions]?.[
permission as keyof (typeof role.permissions)[typeof permissionType]
@ -74,7 +74,7 @@ export const checkAccess = async ({
}
if (bodyProps[permission] && checkObject) {
return bodyProps[permission].some((prop) =>
return bodyProps[permission].every((prop) =>
Object.prototype.hasOwnProperty.call(checkObject, prop),
);
}