🚫 refactor: Remove Interface Config from Override Processing (#12473)

Add INTERFACE_PERMISSION_FIELDS set defining the interface fields that seed role permissions at startup (prompts, agents, marketplace, etc.). These fields are now stripped from DB config overrides in the merge layer because updateInterfacePermissions() only runs at boot — DB overrides for these fields create a client/server permission mismatch. Pure UI fields (endpointsMenu, modelSelect, parameters, presets, sidePanel, customWelcome, etc.) continue to work in overrides as before. YAML startup path is completely unaffected.
2026-04-06 07:47:20 +02:00 · 2026-03-31 11:07:31 -04:00 · 2026-03-31 11:07:31 -04:00 · c0ce7fee91
commit c0ce7fee91
parent 3d1b883e9d
7 changed files with 607 additions and 20 deletions
--- a/packages/data-provider/src/permissions.ts
+++ b/packages/data-provider/src/permissions.ts
@ -62,6 +62,55 @@ export enum PermissionTypes {
  REMOTE_AGENTS = 'REMOTE_AGENTS',
 }

+/**
+ * Maps PermissionTypes to their corresponding `interface` config field names.
+ * Used to identify which interface fields seed role permissions at startup
+ * and must NOT be overridden via DB config (use the role permissions editor instead).
+ */
+export const PERMISSION_TYPE_INTERFACE_FIELDS: Record<PermissionTypes, string> = {
+  [PermissionTypes.PROMPTS]: 'prompts',
+  [PermissionTypes.AGENTS]: 'agents',
+  [PermissionTypes.BOOKMARKS]: 'bookmarks',
+  [PermissionTypes.MEMORIES]: 'memories',
+  [PermissionTypes.MULTI_CONVO]: 'multiConvo',
+  [PermissionTypes.TEMPORARY_CHAT]: 'temporaryChat',
+  [PermissionTypes.RUN_CODE]: 'runCode',
+  [PermissionTypes.WEB_SEARCH]: 'webSearch',
+  [PermissionTypes.FILE_SEARCH]: 'fileSearch',
+  [PermissionTypes.FILE_CITATIONS]: 'fileCitations',
+  [PermissionTypes.PEOPLE_PICKER]: 'peoplePicker',
+  [PermissionTypes.MARKETPLACE]: 'marketplace',
+  [PermissionTypes.MCP_SERVERS]: 'mcpServers',
+  [PermissionTypes.REMOTE_AGENTS]: 'remoteAgents',
+};
+
+/** Set of interface config field names that correspond to role permissions. */
+export const INTERFACE_PERMISSION_FIELDS = new Set(Object.values(PERMISSION_TYPE_INTERFACE_FIELDS));
+
+/**
+ * YAML sub-keys within composite interface permission fields that map to permission bits.
+ * When an interface permission field is an object, only these sub-keys are stripped from
+ * DB overrides — other sub-keys (like `placeholder`, `trustCheckbox`) are UI-only and pass through.
+ *
+ * Mapping to Permissions enum:
+ *   'use'    → Permissions.USE       (agents, prompts, mcpServers, remoteAgents, marketplace)
+ *   'create' → Permissions.CREATE    (agents, prompts, mcpServers, remoteAgents)
+ *   'share'  → Permissions.SHARE     (agents, prompts, mcpServers, remoteAgents)
+ *   'public' → Permissions.SHARE_PUBLIC (agents, prompts, mcpServers, remoteAgents)
+ *   'users'  → Permissions.VIEW_USERS   (peoplePicker only)
+ *   'groups' → Permissions.VIEW_GROUPS  (peoplePicker only)
+ *   'roles'  → Permissions.VIEW_ROLES   (peoplePicker only)
+ */
+export const PERMISSION_SUB_KEYS = new Set([
+  'use',
+  'create',
+  'share',
+  'public',
+  'users',
+  'groups',
+  'roles',
+]);
+
 /**
 * Enum for Role-Based Access Control Constants
 */