🗨️ feat: Granular Prompt Permissions via ACL and Permission Bits

feat: Implement prompt permissions management and access control middleware

fix: agent deletion process to remove associated permissions and ACL entries

fix: Import Permissions for enhanced access control in GrantAccessDialog

feat: use PromptGroup for access control

- Added migration script for PromptGroup permissions, categorizing groups into global view access and private groups.
- Created unit tests for the migration script to ensure correct categorization and permission granting.
- Introduced middleware for checking access permissions on PromptGroups and prompts via their groups.
- Updated routes to utilize new access control middleware for PromptGroups.
- Enhanced access role definitions to include roles specific to PromptGroups.
- Modified ACL entry schema and types to accommodate PromptGroup resource type.
- Updated data provider to include new access role identifiers for PromptGroups.

feat: add generic access management dialogs and hooks for resource permissions

fix: remove duplicate imports in FileContext component

fix: remove duplicate mongoose dependency in package.json

feat: add access permissions handling for dynamic resource types and add promptGroup roles

feat: implement centralized role localization and update access role types

refactor: simplify author handling in prompt group routes and enhance ACL checks

feat: implement addPromptToGroup functionality and update PromptForm to use it

feat: enhance permission handling in ChatGroupItem, DashGroupItem, and PromptForm components

chore: rename migration script for prompt group permissions and update package.json scripts

chore: update prompt tests

client/src/utils/index.ts

@@ -14,6 +14,8 @@ export * from './textarea';
 export * from './messages';
 export * from './languages';
 export * from './endpoints';
+export * from './resources';
+export * from './roles';
 export * from './localStorage';
 export * from './promptGroups';
 export { default as cn } from './cn';

client/src/utils/resources.ts

@@ -0,0 +1,43 @@
+import { ACCESS_ROLE_IDS } from 'librechat-data-provider';
+
+export interface ResourceConfig {
+  resourceType: string;
+  defaultViewerRoleId: string;
+  defaultEditorRoleId: string;
+  defaultOwnerRoleId: string;
+  getResourceUrl?: (resourceId: string) => string;
+  getResourceName: (resourceName?: string) => string;
+  getShareMessage: (resourceName?: string) => string;
+  getManageMessage: (resourceName?: string) => string;
+  getCopyUrlMessage: () => string;
+}
+
+export const RESOURCE_CONFIGS: Record<string, ResourceConfig> = {
+  agent: {
+    resourceType: 'agent',
+    defaultViewerRoleId: ACCESS_ROLE_IDS.AGENT_VIEWER,
+    defaultEditorRoleId: ACCESS_ROLE_IDS.AGENT_EDITOR,
+    defaultOwnerRoleId: ACCESS_ROLE_IDS.AGENT_OWNER,
+    getResourceUrl: (agentId: string) => `${window.location.origin}/c/new?agent_id=${agentId}`,
+    getResourceName: (name?: string) => (name && name !== '' ? `"${name}"` : 'agent'),
+    getShareMessage: (name?: string) => (name && name !== '' ? `"${name}"` : 'agent'),
+    getManageMessage: (name?: string) =>
+      `Manage permissions for ${name && name !== '' ? `"${name}"` : 'agent'}`,
+    getCopyUrlMessage: () => 'Agent URL copied',
+  },
+  promptGroup: {
+    resourceType: 'promptGroup',
+    defaultViewerRoleId: ACCESS_ROLE_IDS.PROMPTGROUP_VIEWER,
+    defaultEditorRoleId: ACCESS_ROLE_IDS.PROMPTGROUP_EDITOR,
+    defaultOwnerRoleId: ACCESS_ROLE_IDS.PROMPTGROUP_OWNER,
+    getResourceName: (name?: string) => (name && name !== '' ? `"${name}"` : 'prompt'),
+    getShareMessage: (name?: string) => (name && name !== '' ? `"${name}"` : 'prompt'),
+    getManageMessage: (name?: string) =>
+      `Manage permissions for ${name && name !== '' ? `"${name}"` : 'prompt'}`,
+    getCopyUrlMessage: () => 'Prompt URL copied',
+  },
+};
+
+export const getResourceConfig = (resourceType: string): ResourceConfig | undefined => {
+  return RESOURCE_CONFIGS[resourceType];
+};

client/src/utils/roles.ts

@@ -0,0 +1,52 @@
+import type { ACCESS_ROLE_IDS } from 'librechat-data-provider';
+import type { TranslationKeys } from '~/hooks/useLocalize';
+
+/**
+ * Centralized mapping for role localizations
+ * Maps role IDs to their localization keys
+ */
+export const ROLE_LOCALIZATIONS = {
+  agent_viewer: {
+    name: 'com_ui_role_viewer' as const,
+    description: 'com_ui_role_viewer_desc' as const,
+  } as const,
+  agent_editor: {
+    name: 'com_ui_role_editor' as const,
+    description: 'com_ui_role_editor_desc' as const,
+  } as const,
+  agent_manager: {
+    name: 'com_ui_role_manager' as const,
+    description: 'com_ui_role_manager_desc' as const,
+  } as const,
+  agent_owner: {
+    name: 'com_ui_role_owner' as const,
+    description: 'com_ui_role_owner_desc' as const,
+  } as const,
+  // PromptGroup roles
+  promptGroup_viewer: {
+    name: 'com_ui_role_viewer' as const,
+    description: 'com_ui_role_viewer_desc' as const,
+  } as const,
+  promptGroup_editor: {
+    name: 'com_ui_role_editor' as const,
+    description: 'com_ui_role_editor_desc' as const,
+  } as const,
+  promptGroup_owner: {
+    name: 'com_ui_role_owner' as const,
+    description: 'com_ui_role_owner_desc' as const,
+  } as const,
+};
+
+/**
+ * Get localization keys for a given role ID
+ * @param roleId - The role ID to get localization keys for
+ * @returns Object with name and description localization keys, or unknown keys if not found
+ */
+export const getRoleLocalizationKeys = (
+  roleId: ACCESS_ROLE_IDS,
+): {
+  name: TranslationKeys;
+  description: TranslationKeys;
+} => {
+  return ROLE_LOCALIZATIONS[roleId] || { name: 'com_ui_unknown', description: 'com_ui_unknown' };
+};