Andreas/LibreChat
1
0
Fork 0
mirror of https://github.com/danny-avila/LibreChat.git synced 2025-12-21 02:40:14 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

refactor: Replace marketplace interface config with permission-based system

Browse source 
- Add MARKETPLACE permission type to handle marketplace access control
  - Update interface configuration to use role-based marketplace settings (admin/user)
  - Replace direct marketplace boolean config with permission-based checks
  - Modify frontend components to use marketplace permissions instead of interface config
  - Update agent query hooks to use marketplace permissions for determining permission levels
  - Add marketplace configuration structure similar to peoplePicker in YAML config
  - Backend now sets MARKETPLACE permissions based on interface configuration
  - When marketplace enabled: users get agents with EDIT permissions in dropdown lists  (builder mode)
  - When marketplace disabled: users get agents with VIEW permissions  in dropdown lists (browse mode)
This commit is contained in:
Atef Bellaaj 2025-07-01 17:46:07 +02:00 committed by Danny Avila
parent 73fb4181fe
commit bbafa8e306
No known key found for this signature in database
GPG key ID: BF31EEB2C5CA0956
12 changed files with 128 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

14
api/server/services/start/interface.js
View file

@ -61,6 +61,14 @@ async function loadDefaultInterface(config, configDefaults, roleName = SystemRol
groups: interfaceConfig?.peoplePicker?.user?.groups ?? defaults.peoplePicker.user.groups, groups: interfaceConfig?.peoplePicker?.user?.groups ?? defaults.peoplePicker.user.groups,
}, },
}, },
marketplace: {
admin: {
use: interfaceConfig?.marketplace?.admin?.use ?? defaults.marketplace.admin.use,
},
user: {
use: interfaceConfig?.marketplace?.user?.use ?? defaults.marketplace.user.use,
},
},
}); });
await updateAccessPermissions(roleName, { await updateAccessPermissions(roleName, {
@ -79,6 +87,9 @@ async function loadDefaultInterface(config, configDefaults, roleName = SystemRol
[Permissions.VIEW_USERS]: loadedInterface.peoplePicker.user?.users, [Permissions.VIEW_USERS]: loadedInterface.peoplePicker.user?.users,
[Permissions.VIEW_GROUPS]: loadedInterface.peoplePicker.user?.groups, [Permissions.VIEW_GROUPS]: loadedInterface.peoplePicker.user?.groups,
}, },
[PermissionTypes.MARKETPLACE]: {
[Permissions.USE]: loadedInterface.marketplace.user?.use,
},
}); });
await updateAccessPermissions(SystemRoles.ADMIN, { await updateAccessPermissions(SystemRoles.ADMIN, {
[PermissionTypes.PROMPTS]: { [Permissions.USE]: loadedInterface.prompts }, [PermissionTypes.PROMPTS]: { [Permissions.USE]: loadedInterface.prompts },
@ -96,6 +107,9 @@ async function loadDefaultInterface(config, configDefaults, roleName = SystemRol
[Permissions.VIEW_USERS]: loadedInterface.peoplePicker.admin?.users, [Permissions.VIEW_USERS]: loadedInterface.peoplePicker.admin?.users,
[Permissions.VIEW_GROUPS]: loadedInterface.peoplePicker.admin?.groups, [Permissions.VIEW_GROUPS]: loadedInterface.peoplePicker.admin?.groups,
}, },
[PermissionTypes.MARKETPLACE]: {
[Permissions.USE]: loadedInterface.marketplace.admin?.use,
},
}); });
let i = 0; let i = 0;

9
client/src/components/Nav/NewChat.tsx
View file

@ -34,6 +34,10 @@ export default function NewChat({
permissionType: PermissionTypes.AGENTS, permissionType: PermissionTypes.AGENTS,
permission: Permissions.USE, permission: Permissions.USE,
}); });
const hasAccessToMarketplace = useHasAccess({
permissionType: PermissionTypes.MARKETPLACE,
permission: Permissions.USE,
});
const clickHandler: React.MouseEventHandler<HTMLButtonElement> = useCallback( const clickHandler: React.MouseEventHandler<HTMLButtonElement> = useCallback(
(e) => { (e) => {
@ -67,9 +71,8 @@ export default function NewChat({
authContext?.isAuthenticated !== undefined && authContext?.isAuthenticated !== undefined &&
(authContext?.isAuthenticated === false || authContext?.user !== undefined); (authContext?.isAuthenticated === false || authContext?.user !== undefined);
// Show agent marketplace when auth is ready and user has access // Show agent marketplace when marketplace permission is enabled, auth is ready, and user has access to agents
// Note: endpointsConfig[agents] is null, but we can still show the marketplace const showAgentMarketplace = authReady && hasAccessToAgents && hasAccessToMarketplace;
const showAgentMarketplace = authReady && hasAccessToAgents;
return ( return (
<> <>

11
client/src/components/SidePanel/Agents/AgentMarketplace.tsx
View file

@ -7,7 +7,7 @@ import type t from 'librechat-data-provider';
import type { ContextType } from '~/common'; import type { ContextType } from '~/common';
import { useGetEndpointsQuery, useGetAgentCategoriesQuery } from '~/data-provider'; import { useGetEndpointsQuery, useGetAgentCategoriesQuery } from '~/data-provider';
import { useDocumentTitle } from '~/hooks'; import { useDocumentTitle, useHasAccess } from '~/hooks';
import useLocalize from '~/hooks/useLocalize'; import useLocalize from '~/hooks/useLocalize';
import { TooltipAnchor, Button } from '~/components/ui'; import { TooltipAnchor, Button } from '~/components/ui';
import { NewChatIcon } from '~/components/svg'; import { NewChatIcon } from '~/components/svg';
@ -19,6 +19,7 @@ import AgentDetail from './AgentDetail';
import SearchBar from './SearchBar'; import SearchBar from './SearchBar';
import AgentGrid from './AgentGrid'; import AgentGrid from './AgentGrid';
import store from '~/store'; import store from '~/store';
import { PermissionTypes, Permissions } from 'librechat-data-provider';
interface AgentMarketplaceProps { interface AgentMarketplaceProps {
className?: string; className?: string;
@ -168,6 +169,14 @@ const AgentMarketplace: React.FC<AgentMarketplaceProps> = ({ className = '' }) =
const fullCollapse = useMemo(() => localStorage.getItem('fullPanelCollapse') === 'true', []); const fullCollapse = useMemo(() => localStorage.getItem('fullPanelCollapse') === 'true', []);
const hasAccessToMarketplace = useHasAccess({
permissionType: PermissionTypes.MARKETPLACE,
permission: Permissions.USE,
});
if (!hasAccessToMarketplace) {
navigate('/not-found', { replace: true });
return null;
}
return ( return (
<div className={`relative flex w-full grow overflow-hidden bg-presentation ${className}`}> <div className={`relative flex w-full grow overflow-hidden bg-presentation ${className}`}>
<MarketplaceProvider> <MarketplaceProvider>

16
client/src/components/SidePanel/Agents/AgentSelect.tsx
View file

@ -1,16 +1,16 @@
import { EarthIcon } from 'lucide-react'; import { EarthIcon } from 'lucide-react';
import { useCallback, useEffect, useRef } from 'react'; import { useCallback, useEffect, useRef } from 'react';
import { useFormContext, Controller } from 'react-hook-form'; import { useFormContext, Controller } from 'react-hook-form';
import { import { AgentCapabilities, defaultAgentFormValues } from 'librechat-data-provider';
AgentCapabilities,
defaultAgentFormValues,
PERMISSION_BITS,
} from 'librechat-data-provider';
import type { UseMutationResult, QueryObserverResult } from '@tanstack/react-query'; import type { UseMutationResult, QueryObserverResult } from '@tanstack/react-query';
import type { Agent, AgentCreateParams } from 'librechat-data-provider'; import type { Agent, AgentCreateParams } from 'librechat-data-provider';
import type { TAgentCapabilities, AgentForm } from '~/common'; import type { TAgentCapabilities, AgentForm } from '~/common';
import { cn, createProviderOption, processAgentOption, getDefaultAgentFormValues } from '~/utils'; import { cn, createProviderOption, processAgentOption, getDefaultAgentFormValues } from '~/utils';
import { useListAgentsQuery, useGetStartupConfig } from '~/data-provider'; import {
useListAgentsQuery,
useGetStartupConfig,
useAgentListingDefaultPermissionLevel,
} from '~/data-provider';
import ControlCombobox from '~/components/ui/ControlCombobox'; import ControlCombobox from '~/components/ui/ControlCombobox';
import { useLocalize } from '~/hooks'; import { useLocalize } from '~/hooks';
@ -32,8 +32,10 @@ export default function AgentSelect({
const { control, reset } = useFormContext(); const { control, reset } = useFormContext();
const { data: startupConfig } = useGetStartupConfig(); const { data: startupConfig } = useGetStartupConfig();
const permissionLevel = useAgentListingDefaultPermissionLevel();
const { data: agents = null } = useListAgentsQuery( const { data: agents = null } = useListAgentsQuery(
{ requiredPermission: PERMISSION_BITS.EDIT }, { requiredPermission: permissionLevel },
{ {
select: (res) => select: (res) =>
res.data.map((agent) => res.data.map((agent) =>

25
client/src/data-provider/Agents/queries.ts
View file

@ -1,11 +1,34 @@
import { QueryKeys, dataService, EModelEndpoint, PERMISSION_BITS } from 'librechat-data-provider'; import {
QueryKeys,
dataService,
EModelEndpoint,
PERMISSION_BITS,
PermissionTypes,
Permissions,
} from 'librechat-data-provider';
import { useQuery, useInfiniteQuery, useQueryClient } from '@tanstack/react-query'; import { useQuery, useInfiniteQuery, useQueryClient } from '@tanstack/react-query';
import { useMemo } from 'react';
import type { import type {
QueryObserverResult, QueryObserverResult,
UseQueryOptions, UseQueryOptions,
UseInfiniteQueryOptions, UseInfiniteQueryOptions,
} from '@tanstack/react-query'; } from '@tanstack/react-query';
import type t from 'librechat-data-provider'; import type t from 'librechat-data-provider';
import { useHasAccess } from '~/hooks';
/**
* Hook to determine the appropriate permission level for agent queries based on marketplace configuration
*/
export const useAgentListingDefaultPermissionLevel = () => {
const hasMarketplaceAccess = useHasAccess({
permissionType: PermissionTypes.MARKETPLACE,
permission: Permissions.USE,
});
// When marketplace is active: EDIT permissions (builder mode)
// When marketplace is not active: VIEW permissions (browse mode)
return hasMarketplaceAccess ? PERMISSION_BITS.EDIT : PERMISSION_BITS.VIEW;
};
/** /**
* AGENTS * AGENTS

8
client/src/hooks/Agents/useAgentsMap.ts
View file

@ -1,6 +1,6 @@
import { PERMISSION_BITS, TAgentsMap } from 'librechat-data-provider'; import { TAgentsMap } from 'librechat-data-provider';
import { useMemo } from 'react'; import { useMemo } from 'react';
import { useListAgentsQuery } from '~/data-provider'; import { useListAgentsQuery, useAgentListingDefaultPermissionLevel } from '~/data-provider';
import { mapAgents } from '~/utils'; import { mapAgents } from '~/utils';
export default function useAgentsMap({ export default function useAgentsMap({
@ -8,8 +8,10 @@ export default function useAgentsMap({
}: { }: {
isAuthenticated: boolean; isAuthenticated: boolean;
}): TAgentsMap | undefined { }): TAgentsMap | undefined {
const permissionLevel = useAgentListingDefaultPermissionLevel();
const { data: agentsList = null } = useListAgentsQuery( const { data: agentsList = null } = useListAgentsQuery(
{ requiredPermission: PERMISSION_BITS.EDIT }, { requiredPermission: permissionLevel },
{ {
select: (res) => mapAgents(res.data), select: (res) => mapAgents(res.data),
enabled: isAuthenticated, enabled: isAuthenticated,

12
librechat.example.yaml
View file

@ -73,6 +73,18 @@ interface:
bookmarks: true bookmarks: true
multiConvo: true multiConvo: true
agents: true agents: true
peoplePicker:
admin:
users: true
groups: true
user:
users: false
groups: false
marketplace:
admin:
use: false # Enable marketplace mode for admin role
user:
use: false # Enable marketplace mode for user role
# Temporary chat retention period in hours (default: 720, min: 1, max: 8760) # Temporary chat retention period in hours (default: 720, min: 1, max: 8760)
# temporaryChatRetention: 1 # temporaryChatRetention: 1

22
packages/data-provider/src/config.ts
View file

@ -529,6 +529,20 @@ export const interfaceSchema = z
.optional(), .optional(),
}) })
.optional(), .optional(),
marketplace: z
.object({
admin: z
.object({
use: z.boolean().optional(),
})
.optional(),
user: z
.object({
use: z.boolean().optional(),
})
.optional(),
})
.optional(),
}) })
.default({ .default({
endpointsMenu: true, endpointsMenu: true,
@ -554,6 +568,14 @@ export const interfaceSchema = z
groups: false, groups: false,
}, },
}, },
marketplace: {
admin: {
use: false,
},
user: {
use: false,
},
},
}); });
export type TInterfaceConfig = z.infer<typeof interfaceSchema>; export type TInterfaceConfig = z.infer<typeof interfaceSchema>;

10
packages/data-provider/src/permissions.ts
View file

@ -40,6 +40,10 @@ export enum PermissionTypes {
* Type for People Picker Permissions * Type for People Picker Permissions
*/ */
PEOPLE_PICKER = 'PEOPLE_PICKER', PEOPLE_PICKER = 'PEOPLE_PICKER',
/**
* Type for Marketplace Permissions
*/
MARKETPLACE = 'MARKETPLACE',
} }
/** /**
@ -115,6 +119,11 @@ export const peoplePickerPermissionsSchema = z.object({
}); });
export type TPeoplePickerPermissions = z.infer<typeof peoplePickerPermissionsSchema>; export type TPeoplePickerPermissions = z.infer<typeof peoplePickerPermissionsSchema>;
export const marketplacePermissionsSchema = z.object({
[Permissions.USE]: z.boolean().default(false),
});
export type TMarketplacePermissions = z.infer<typeof marketplacePermissionsSchema>;
// Define a single permissions schema that holds all permission types. // Define a single permissions schema that holds all permission types.
export const permissionsSchema = z.object({ export const permissionsSchema = z.object({
[PermissionTypes.PROMPTS]: promptPermissionsSchema, [PermissionTypes.PROMPTS]: promptPermissionsSchema,
@ -126,4 +135,5 @@ export const permissionsSchema = z.object({
[PermissionTypes.RUN_CODE]: runCodePermissionsSchema, [PermissionTypes.RUN_CODE]: runCodePermissionsSchema,
[PermissionTypes.WEB_SEARCH]: webSearchPermissionsSchema, [PermissionTypes.WEB_SEARCH]: webSearchPermissionsSchema,
[PermissionTypes.PEOPLE_PICKER]: peoplePickerPermissionsSchema, [PermissionTypes.PEOPLE_PICKER]: peoplePickerPermissionsSchema,
[PermissionTypes.MARKETPLACE]: marketplacePermissionsSchema,
}); });

9
packages/data-provider/src/roles.ts
View file

@ -79,6 +79,9 @@ const defaultRolesSchema = z.object({
[Permissions.VIEW_USERS]: z.boolean().default(true), [Permissions.VIEW_USERS]: z.boolean().default(true),
[Permissions.VIEW_GROUPS]: z.boolean().default(true), [Permissions.VIEW_GROUPS]: z.boolean().default(true),
}), }),
[PermissionTypes.MARKETPLACE]: z.object({
[Permissions.USE]: z.boolean().default(false),
}),
}), }),
}), }),
[SystemRoles.USER]: roleSchema.extend({ [SystemRoles.USER]: roleSchema.extend({
@ -127,6 +130,9 @@ export const roleDefaults = defaultRolesSchema.parse({
[Permissions.VIEW_USERS]: true, [Permissions.VIEW_USERS]: true,
[Permissions.VIEW_GROUPS]: true, [Permissions.VIEW_GROUPS]: true,
}, },
[PermissionTypes.MARKETPLACE]: {
[Permissions.USE]: true,
},
}, },
}, },
[SystemRoles.USER]: { [SystemRoles.USER]: {
@ -144,6 +150,9 @@ export const roleDefaults = defaultRolesSchema.parse({
[Permissions.VIEW_USERS]: false, [Permissions.VIEW_USERS]: false,
[Permissions.VIEW_GROUPS]: false, [Permissions.VIEW_GROUPS]: false,
}, },
[PermissionTypes.MARKETPLACE]: {
[Permissions.USE]: false,
},
}, },
}, },
}); });

4
packages/data-schemas/src/schema/role.ts
View file

@ -41,6 +41,9 @@ const rolePermissionsSchema = new Schema(
[Permissions.VIEW_USERS]: { type: Boolean, default: false }, [Permissions.VIEW_USERS]: { type: Boolean, default: false },
[Permissions.VIEW_GROUPS]: { type: Boolean, default: false }, [Permissions.VIEW_GROUPS]: { type: Boolean, default: false },
}, },
[PermissionTypes.MARKETPLACE]: {
[Permissions.USE]: { type: Boolean, default: false },
},
}, },
{ _id: false }, { _id: false },
); );
@ -75,6 +78,7 @@ const roleSchema: Schema<IRole> = new Schema({
[Permissions.VIEW_USERS]: false, [Permissions.VIEW_USERS]: false,
[Permissions.VIEW_GROUPS]: false, [Permissions.VIEW_GROUPS]: false,
}, },
[PermissionTypes.MARKETPLACE]: { [Permissions.USE]: false },
}), }),
}, },
}); });

3
packages/data-schemas/src/types/role.ts
View file

@ -39,5 +39,8 @@ export interface IRole extends Document {
[Permissions.VIEW_USERS]?: boolean; [Permissions.VIEW_USERS]?: boolean;
[Permissions.VIEW_GROUPS]?: boolean; [Permissions.VIEW_GROUPS]?: boolean;
}; };
[PermissionTypes.MARKETPLACE]?: {
[Permissions.USE]?: boolean;
};
}; };
} }