🗨️ feat: Granular Prompt Permissions via ACL and Permission Bits

feat: Implement prompt permissions management and access control middleware

fix: agent deletion process to remove associated permissions and ACL entries

fix: Import Permissions for enhanced access control in GrantAccessDialog

feat: use PromptGroup for access control

- Added migration script for PromptGroup permissions, categorizing groups into global view access and private groups.
- Created unit tests for the migration script to ensure correct categorization and permission granting.
- Introduced middleware for checking access permissions on PromptGroups and prompts via their groups.
- Updated routes to utilize new access control middleware for PromptGroups.
- Enhanced access role definitions to include roles specific to PromptGroups.
- Modified ACL entry schema and types to accommodate PromptGroup resource type.
- Updated data provider to include new access role identifiers for PromptGroups.

feat: add generic access management dialogs and hooks for resource permissions

fix: remove duplicate imports in FileContext component

fix: remove duplicate mongoose dependency in package.json

feat: add access permissions handling for dynamic resource types and add promptGroup roles

feat: implement centralized role localization and update access role types

refactor: simplify author handling in prompt group routes and enhance ACL checks

feat: implement addPromptToGroup functionality and update PromptForm to use it

feat: enhance permission handling in ChatGroupItem, DashGroupItem, and PromptForm components

chore: rename migration script for prompt group permissions and update package.json scripts

chore: update prompt tests

client/src/hooks/Sharing/index.ts

@@ -0,0 +1,2 @@
+export { usePeoplePickerPermissions } from './usePeoplePickerPermissions';
+export { useResourcePermissionState } from './useResourcePermissionState';

client/src/hooks/Sharing/usePeoplePickerPermissions.ts

@@ -0,0 +1,39 @@
+import { useMemo } from 'react';
+import { PermissionTypes, Permissions } from 'librechat-data-provider';
+import { useHasAccess } from '~/hooks';
+
+/**
+ * Hook to check people picker permissions and return the appropriate type filter
+ * @returns Object with permission states and type filter
+ */
+export const usePeoplePickerPermissions = () => {
+  const canViewUsers = useHasAccess({
+    permissionType: PermissionTypes.PEOPLE_PICKER,
+    permission: Permissions.VIEW_USERS,
+  });
+
+  const canViewGroups = useHasAccess({
+    permissionType: PermissionTypes.PEOPLE_PICKER,
+    permission: Permissions.VIEW_GROUPS,
+  });
+
+  const hasPeoplePickerAccess = canViewUsers || canViewGroups;
+
+  const peoplePickerTypeFilter = useMemo(() => {
+    if (canViewUsers && canViewGroups) {
+      return null; // Both types allowed
+    } else if (canViewUsers) {
+      return 'user' as const;
+    } else if (canViewGroups) {
+      return 'group' as const;
+    }
+    return null;
+  }, [canViewUsers, canViewGroups]);
+
+  return {
+    canViewUsers,
+    canViewGroups,
+    hasPeoplePickerAccess,
+    peoplePickerTypeFilter,
+  };
+};

client/src/hooks/Sharing/useResourcePermissionState.ts

@@ -0,0 +1,79 @@
+import { useState, useEffect } from 'react';
+import {
+  useGetResourcePermissionsQuery,
+  useUpdateResourcePermissionsMutation,
+} from 'librechat-data-provider/react-query';
+import type { TPrincipal } from 'librechat-data-provider';
+import { getResourceConfig } from '~/utils';
+
+/**
+ * Hook to manage resource permission state including current shares, public access, and mutations
+ * @param resourceType - Type of resource (e.g., 'agent', 'promptGroup')
+ * @param resourceDbId - Database ID of the resource
+ * @param isModalOpen - Whether the modal is open (for effect dependencies)
+ * @returns Object with permission state and update mutation
+ */
+export const useResourcePermissionState = (
+  resourceType: string,
+  resourceDbId: string | null | undefined,
+  isModalOpen: boolean = false,
+) => {
+  const config = getResourceConfig(resourceType);
+
+  // Only enable the query if we have a valid resourceDbId
+  const isValidResourceId = !!resourceDbId && resourceDbId.trim() !== '';
+
+  const {
+    data: permissionsData,
+    isLoading: isLoadingPermissions,
+    error: permissionsError,
+  } = useGetResourcePermissionsQuery(resourceType, resourceDbId || '', {
+    enabled: isValidResourceId,
+  });
+
+  const updatePermissionsMutation = useUpdateResourcePermissionsMutation();
+
+  // Extract current shares from permissions data
+  const currentShares: TPrincipal[] =
+    permissionsData?.principals?.map((principal) => ({
+      type: principal.type,
+      id: principal.id,
+      name: principal.name,
+      email: principal.email,
+      source: principal.source,
+      avatar: principal.avatar,
+      description: principal.description,
+      accessRoleId: principal.accessRoleId,
+      idOnTheSource: principal.idOnTheSource,
+    })) || [];
+
+  const currentIsPublic = permissionsData?.public ?? false;
+  const currentPublicRole = permissionsData?.publicAccessRoleId || config?.defaultViewerRoleId;
+
+  // State for managing public access
+  const [isPublic, setIsPublic] = useState(false);
+  const [publicRole, setPublicRole] = useState<string>(config?.defaultViewerRoleId ?? '');
+
+  // Sync state with permissions data when modal opens
+  useEffect(() => {
+    if (permissionsData && isModalOpen) {
+      setIsPublic(currentIsPublic ?? false);
+      setPublicRole(currentPublicRole ?? '');
+    }
+  }, [permissionsData, isModalOpen, currentIsPublic, currentPublicRole]);
+
+  return {
+    config,
+    permissionsData,
+    isLoadingPermissions,
+    permissionsError,
+    updatePermissionsMutation,
+    currentShares,
+    currentIsPublic,
+    currentPublicRole,
+    isPublic,
+    setIsPublic,
+    publicRole,
+    setPublicRole,
+  };
+};