fix: role initialization

2025-12-20 02:10:15 +01:00 · 2024-09-04 00:15:36 -04:00 · 2024-09-04 00:15:36 -04:00 · b71d773f01
commit b71d773f01
parent 350d709763
3 changed files with 143 additions and 10 deletions
--- a/api/models/Role.spec.js
+++ b/api/models/Role.spec.js
@ -1,9 +1,14 @@
 const mongoose = require('mongoose');
 const { MongoMemoryServer } = require('mongodb-memory-server');
-const { SystemRoles, PermissionTypes } = require('librechat-data-provider');
-const Role = require('~/models/schema/roleSchema');
-const { updateAccessPermissions } = require('~/models/Role');
+const {
+  SystemRoles,
+  PermissionTypes,
+  roleDefaults,
+  Permissions,
+} = require('librechat-data-provider');
+const { updateAccessPermissions, initializeRoles } = require('~/models/Role');
 const getLogStores = require('~/cache/getLogStores');
+const Role = require('~/models/schema/roleSchema');

 // Mock the cache
 jest.mock('~/cache/getLogStores', () => {
@ -195,3 +200,117 @@ describe('updateAccessPermissions', () => {
    });
  });
 });
+
+describe('initializeRoles', () => {
+  beforeEach(async () => {
+    await Role.deleteMany({});
+  });
+
+  it('should create default roles if they do not exist', async () => {
+    await initializeRoles();
+
+    const adminRole = await Role.findOne({ name: SystemRoles.ADMIN }).lean();
+    const userRole = await Role.findOne({ name: SystemRoles.USER }).lean();
+
+    expect(adminRole).toBeTruthy();
+    expect(userRole).toBeTruthy();
+
+    // Check if all permission types exist
+    Object.values(PermissionTypes).forEach((permType) => {
+      expect(adminRole[permType]).toBeDefined();
+      expect(userRole[permType]).toBeDefined();
+    });
+
+    // Check if permissions match defaults (example for ADMIN role)
+    expect(adminRole[PermissionTypes.PROMPTS].SHARED_GLOBAL).toBe(true);
+    expect(adminRole[PermissionTypes.BOOKMARKS].USE).toBe(true);
+    expect(adminRole[PermissionTypes.AGENTS].CREATE).toBe(true);
+  });
+
+  it('should not modify existing permissions for existing roles', async () => {
+    const customUserRole = {
+      name: SystemRoles.USER,
+      [PermissionTypes.PROMPTS]: {
+        [Permissions.USE]: false,
+        [Permissions.CREATE]: true,
+        [Permissions.SHARED_GLOBAL]: true,
+      },
+      [PermissionTypes.BOOKMARKS]: {
+        [Permissions.USE]: false,
+      },
+    };
+
+    await new Role(customUserRole).save();
+
+    await initializeRoles();
+
+    const userRole = await Role.findOne({ name: SystemRoles.USER }).lean();
+
+    expect(userRole[PermissionTypes.PROMPTS]).toEqual(customUserRole[PermissionTypes.PROMPTS]);
+    expect(userRole[PermissionTypes.BOOKMARKS]).toEqual(customUserRole[PermissionTypes.BOOKMARKS]);
+    expect(userRole[PermissionTypes.AGENTS]).toBeDefined();
+  });
+
+  it('should add new permission types to existing roles', async () => {
+    const partialUserRole = {
+      name: SystemRoles.USER,
+      [PermissionTypes.PROMPTS]: roleDefaults[SystemRoles.USER][PermissionTypes.PROMPTS],
+      [PermissionTypes.BOOKMARKS]: roleDefaults[SystemRoles.USER][PermissionTypes.BOOKMARKS],
+    };
+
+    await new Role(partialUserRole).save();
+
+    await initializeRoles();
+
+    const userRole = await Role.findOne({ name: SystemRoles.USER }).lean();
+
+    expect(userRole[PermissionTypes.AGENTS]).toBeDefined();
+    expect(userRole[PermissionTypes.AGENTS].CREATE).toBeDefined();
+    expect(userRole[PermissionTypes.AGENTS].USE).toBeDefined();
+    expect(userRole[PermissionTypes.AGENTS].SHARED_GLOBAL).toBeDefined();
+  });
+
+  it('should handle multiple runs without duplicating or modifying data', async () => {
+    await initializeRoles();
+    await initializeRoles();
+
+    const adminRoles = await Role.find({ name: SystemRoles.ADMIN });
+    const userRoles = await Role.find({ name: SystemRoles.USER });
+
+    expect(adminRoles).toHaveLength(1);
+    expect(userRoles).toHaveLength(1);
+
+    const adminRole = adminRoles[0].toObject();
+    const userRole = userRoles[0].toObject();
+
+    // Check if all permission types exist
+    Object.values(PermissionTypes).forEach((permType) => {
+      expect(adminRole[permType]).toBeDefined();
+      expect(userRole[permType]).toBeDefined();
+    });
+  });
+
+  it('should update roles with missing permission types from roleDefaults', async () => {
+    const partialAdminRole = {
+      name: SystemRoles.ADMIN,
+      [PermissionTypes.PROMPTS]: {
+        [Permissions.USE]: false,
+        [Permissions.CREATE]: false,
+        [Permissions.SHARED_GLOBAL]: false,
+      },
+      [PermissionTypes.BOOKMARKS]: roleDefaults[SystemRoles.ADMIN][PermissionTypes.BOOKMARKS],
+    };
+
+    await new Role(partialAdminRole).save();
+
+    await initializeRoles();
+
+    const adminRole = await Role.findOne({ name: SystemRoles.ADMIN }).lean();
+
+    expect(adminRole[PermissionTypes.PROMPTS]).toEqual(partialAdminRole[PermissionTypes.PROMPTS]);
+    expect(adminRole[PermissionTypes.AGENTS]).toBeDefined();
+    expect(adminRole[PermissionTypes.AGENTS].CREATE).toBeDefined();
+    expect(adminRole[PermissionTypes.AGENTS].USE).toBeDefined();
+    expect(adminRole[PermissionTypes.AGENTS].SHARED_GLOBAL).toBeDefined();
+  });
+});