mirror of
https://github.com/danny-avila/LibreChat.git
synced 2025-12-23 20:00:15 +01:00
9a210971f5
* WIP: app.locals refactoring
WIP: appConfig
fix: update memory configuration retrieval to use getAppConfig based on user role
fix: update comment for AppConfig interface to clarify purpose
🏷️ refactor: Update tests to use getAppConfig for endpoint configurations
ci: Update AppService tests to initialize app config instead of app.locals
ci: Integrate getAppConfig into remaining tests
refactor: Update multer storage destination to use promise-based getAppConfig and improve error handling in tests
refactor: Rename initializeAppConfig to setAppConfig and update related tests
ci: Mock getAppConfig in various tests to provide default configurations
refactor: Update convertMCPToolsToPlugins to use mcpManager for server configuration and adjust related tests
chore: rename `Config/getAppConfig` -> `Config/app`
fix: streamline OpenAI image tools configuration by removing direct appConfig dependency and using function parameters
chore: correct parameter documentation for imageOutputType in ToolService.js
refactor: remove `getCustomConfig` dependency in config route
refactor: update domain validation to use appConfig for allowed domains
refactor: use appConfig registration property
chore: remove app parameter from AppService invocation
refactor: update AppConfig interface to correct registration and turnstile configurations
refactor: remove getCustomConfig dependency and use getAppConfig in PluginController, multer, and MCP services
refactor: replace getCustomConfig with getAppConfig in STTService, TTSService, and related files
refactor: replace getCustomConfig with getAppConfig in Conversation and Message models, update tempChatRetention functions to use AppConfig type
refactor: update getAppConfig calls in Conversation and Message models to include user role for temporary chat expiration
ci: update related tests
refactor: update getAppConfig call in getCustomConfigSpeech to include user role
fix: update appConfig usage to access allowedDomains from actions instead of registration
refactor: enhance AppConfig to include fileStrategies and update related file strategy logic
refactor: update imports to use normalizeEndpointName from @librechat/api and remove redundant definitions
chore: remove deprecated unused RunManager
refactor: get balance config primarily from appConfig
refactor: remove customConfig dependency for appConfig and streamline loadConfigModels logic
refactor: remove getCustomConfig usage and use app config in file citations
refactor: consolidate endpoint loading logic into loadEndpoints function
refactor: update appConfig access to use endpoints structure across various services
refactor: implement custom endpoints configuration and streamline endpoint loading logic
refactor: update getAppConfig call to include user role parameter
refactor: streamline endpoint configuration and enhance appConfig usage across services
refactor: replace getMCPAuthMap with getUserMCPAuthMap and remove unused getCustomConfig file
refactor: add type annotation for loadedEndpoints in loadEndpoints function
refactor: move /services/Files/images/parse to TS API
chore: add missing FILE_CITATIONS permission to IRole interface
refactor: restructure toolkits to TS API
refactor: separate manifest logic into its own module
refactor: consolidate tool loading logic into a new tools module for startup logic
refactor: move interface config logic to TS API
refactor: migrate checkEmailConfig to TypeScript and update imports
refactor: add FunctionTool interface and availableTools to AppConfig
refactor: decouple caching and DB operations from AppService, make part of consolidated `getAppConfig`
WIP: fix tests
* fix: rebase conflicts
* refactor: remove app.locals references
* refactor: replace getBalanceConfig with getAppConfig in various strategies and middleware
* refactor: replace appConfig?.balance with getBalanceConfig in various controllers and clients
* test: add balance configuration to titleConvo method in AgentClient tests
* chore: remove unused `openai-chat-tokens` package
* chore: remove unused imports in initializeMCPs.js
* refactor: update balance configuration to use getAppConfig instead of getBalanceConfig
* refactor: integrate configMiddleware for centralized configuration handling
* refactor: optimize email domain validation by removing unnecessary async calls
* refactor: simplify multer storage configuration by removing async calls
* refactor: reorder imports for better readability in user.js
* refactor: replace getAppConfig calls with req.config for improved performance
* chore: replace getAppConfig calls with req.config in tests for centralized configuration handling
* chore: remove unused override config
* refactor: add configMiddleware to endpoint route and replace getAppConfig with req.config
* chore: remove customConfig parameter from TTSService constructor
* refactor: pass appConfig from request to processFileCitations for improved configuration handling
* refactor: remove configMiddleware from endpoint route and retrieve appConfig directly in getEndpointsConfig if not in `req.config`
* test: add mockAppConfig to processFileCitations tests for improved configuration handling
* fix: pass req.config to hasCustomUserVars and call without await after synchronous refactor
* fix: type safety in useExportConversation
* refactor: retrieve appConfig using getAppConfig in PluginController and remove configMiddleware from plugins route, to avoid always retrieving when plugins are cached
* chore: change `MongoUser` typedef to `IUser`
* fix: Add `user` and `config` fields to ServerRequest and update JSDoc type annotations from Express.Request to ServerRequest
* fix: remove unused setAppConfig mock from Server configuration tests
1159 lines
39 KiB
TypeScript
1159 lines
39 KiB
TypeScript
import { SystemRoles, Permissions, PermissionTypes, roleDefaults } from 'librechat-data-provider';
|
|
import type { TConfigDefaults, TCustomConfig } from 'librechat-data-provider';
|
|
import type { AppConfig } from '~/types/config';
|
|
import { updateInterfacePermissions } from './permissions';
|
|
import { loadDefaultInterface } from './interface';
|
|
|
|
const mockUpdateAccessPermissions = jest.fn();
|
|
const mockGetRoleByName = jest.fn();
|
|
|
|
jest.mock('~/memory', () => ({
|
|
isMemoryEnabled: jest.fn((config) => config?.enable === true),
|
|
}));
|
|
|
|
describe('updateInterfacePermissions - permissions', () => {
|
|
beforeEach(() => {
|
|
jest.clearAllMocks();
|
|
// Mock getRoleByName to return null (no existing permissions)
|
|
mockGetRoleByName.mockResolvedValue(null);
|
|
});
|
|
|
|
it('should call updateAccessPermissions with the correct parameters when permission types are true', async () => {
|
|
const config = {
|
|
interface: {
|
|
prompts: true,
|
|
bookmarks: true,
|
|
memories: true,
|
|
multiConvo: true,
|
|
agents: true,
|
|
temporaryChat: true,
|
|
runCode: true,
|
|
webSearch: true,
|
|
fileSearch: true,
|
|
fileCitations: true,
|
|
peoplePicker: {
|
|
users: true,
|
|
groups: true,
|
|
roles: true,
|
|
},
|
|
marketplace: {
|
|
use: true,
|
|
},
|
|
},
|
|
};
|
|
const configDefaults = { interface: {} } as TConfigDefaults;
|
|
const interfaceConfig = await loadDefaultInterface({ config, configDefaults });
|
|
const appConfig = { config, interfaceConfig } as unknown as AppConfig;
|
|
|
|
await updateInterfacePermissions({
|
|
appConfig,
|
|
getRoleByName: mockGetRoleByName,
|
|
updateAccessPermissions: mockUpdateAccessPermissions,
|
|
});
|
|
|
|
const expectedPermissionsForUser = {
|
|
[PermissionTypes.PROMPTS]: {
|
|
[Permissions.USE]: true,
|
|
},
|
|
[PermissionTypes.BOOKMARKS]: { [Permissions.USE]: true },
|
|
[PermissionTypes.MEMORIES]: {
|
|
[Permissions.USE]: true,
|
|
[Permissions.OPT_OUT]: undefined,
|
|
},
|
|
[PermissionTypes.MULTI_CONVO]: { [Permissions.USE]: true },
|
|
[PermissionTypes.AGENTS]: {
|
|
[Permissions.USE]: true,
|
|
},
|
|
[PermissionTypes.TEMPORARY_CHAT]: { [Permissions.USE]: true },
|
|
[PermissionTypes.RUN_CODE]: { [Permissions.USE]: true },
|
|
[PermissionTypes.WEB_SEARCH]: { [Permissions.USE]: true },
|
|
[PermissionTypes.MARKETPLACE]: { [Permissions.USE]: true },
|
|
[PermissionTypes.PEOPLE_PICKER]: {
|
|
[Permissions.VIEW_USERS]: true,
|
|
[Permissions.VIEW_GROUPS]: true,
|
|
[Permissions.VIEW_ROLES]: true,
|
|
},
|
|
[PermissionTypes.FILE_SEARCH]: { [Permissions.USE]: true },
|
|
[PermissionTypes.FILE_CITATIONS]: { [Permissions.USE]: true },
|
|
};
|
|
|
|
const expectedPermissionsForAdmin = {
|
|
[PermissionTypes.PROMPTS]: {
|
|
[Permissions.USE]: true,
|
|
},
|
|
[PermissionTypes.BOOKMARKS]: { [Permissions.USE]: true },
|
|
[PermissionTypes.MEMORIES]: {
|
|
[Permissions.USE]: true,
|
|
[Permissions.OPT_OUT]: undefined,
|
|
},
|
|
[PermissionTypes.MULTI_CONVO]: { [Permissions.USE]: true },
|
|
[PermissionTypes.AGENTS]: {
|
|
[Permissions.USE]: true,
|
|
},
|
|
[PermissionTypes.TEMPORARY_CHAT]: { [Permissions.USE]: true },
|
|
[PermissionTypes.RUN_CODE]: { [Permissions.USE]: true },
|
|
[PermissionTypes.WEB_SEARCH]: { [Permissions.USE]: true },
|
|
[PermissionTypes.MARKETPLACE]: { [Permissions.USE]: true },
|
|
[PermissionTypes.PEOPLE_PICKER]: {
|
|
[Permissions.VIEW_USERS]: true,
|
|
[Permissions.VIEW_GROUPS]: true,
|
|
[Permissions.VIEW_ROLES]: true,
|
|
},
|
|
[PermissionTypes.FILE_SEARCH]: { [Permissions.USE]: true },
|
|
[PermissionTypes.FILE_CITATIONS]: { [Permissions.USE]: true },
|
|
};
|
|
|
|
expect(mockUpdateAccessPermissions).toHaveBeenCalledTimes(2);
|
|
|
|
// Check USER role call
|
|
expect(mockUpdateAccessPermissions).toHaveBeenCalledWith(
|
|
SystemRoles.USER,
|
|
expectedPermissionsForUser,
|
|
null,
|
|
);
|
|
|
|
// Check ADMIN role call
|
|
expect(mockUpdateAccessPermissions).toHaveBeenCalledWith(
|
|
SystemRoles.ADMIN,
|
|
expectedPermissionsForAdmin,
|
|
null,
|
|
);
|
|
});
|
|
|
|
it('should call updateAccessPermissions with false when permission types are false', async () => {
|
|
const config = {
|
|
interface: {
|
|
prompts: false,
|
|
bookmarks: false,
|
|
memories: false,
|
|
multiConvo: false,
|
|
agents: false,
|
|
temporaryChat: false,
|
|
runCode: false,
|
|
webSearch: false,
|
|
fileSearch: false,
|
|
fileCitations: false,
|
|
peoplePicker: {
|
|
users: false,
|
|
groups: false,
|
|
roles: false,
|
|
},
|
|
marketplace: {
|
|
use: false,
|
|
},
|
|
},
|
|
};
|
|
const configDefaults = { interface: {} } as TConfigDefaults;
|
|
const interfaceConfig = await loadDefaultInterface({ config, configDefaults });
|
|
const appConfig = { config, interfaceConfig } as unknown as AppConfig;
|
|
|
|
await updateInterfacePermissions({
|
|
appConfig,
|
|
getRoleByName: mockGetRoleByName,
|
|
updateAccessPermissions: mockUpdateAccessPermissions,
|
|
});
|
|
|
|
const expectedPermissionsForUser = {
|
|
[PermissionTypes.PROMPTS]: {
|
|
[Permissions.USE]: false,
|
|
},
|
|
[PermissionTypes.BOOKMARKS]: { [Permissions.USE]: false },
|
|
[PermissionTypes.MEMORIES]: {
|
|
[Permissions.USE]: false,
|
|
[Permissions.OPT_OUT]: undefined,
|
|
},
|
|
[PermissionTypes.MULTI_CONVO]: { [Permissions.USE]: false },
|
|
[PermissionTypes.AGENTS]: {
|
|
[Permissions.USE]: false,
|
|
},
|
|
[PermissionTypes.TEMPORARY_CHAT]: { [Permissions.USE]: false },
|
|
[PermissionTypes.RUN_CODE]: { [Permissions.USE]: false },
|
|
[PermissionTypes.WEB_SEARCH]: { [Permissions.USE]: false },
|
|
[PermissionTypes.MARKETPLACE]: { [Permissions.USE]: false },
|
|
[PermissionTypes.PEOPLE_PICKER]: {
|
|
[Permissions.VIEW_USERS]: false,
|
|
[Permissions.VIEW_GROUPS]: false,
|
|
[Permissions.VIEW_ROLES]: false,
|
|
},
|
|
[PermissionTypes.FILE_SEARCH]: { [Permissions.USE]: false },
|
|
[PermissionTypes.FILE_CITATIONS]: { [Permissions.USE]: false },
|
|
};
|
|
|
|
const expectedPermissionsForAdmin = {
|
|
[PermissionTypes.PROMPTS]: {
|
|
[Permissions.USE]: false,
|
|
},
|
|
[PermissionTypes.BOOKMARKS]: { [Permissions.USE]: false },
|
|
[PermissionTypes.MEMORIES]: {
|
|
[Permissions.USE]: false,
|
|
[Permissions.OPT_OUT]: undefined,
|
|
},
|
|
[PermissionTypes.MULTI_CONVO]: { [Permissions.USE]: false },
|
|
[PermissionTypes.AGENTS]: {
|
|
[Permissions.USE]: false,
|
|
},
|
|
[PermissionTypes.TEMPORARY_CHAT]: { [Permissions.USE]: false },
|
|
[PermissionTypes.RUN_CODE]: { [Permissions.USE]: false },
|
|
[PermissionTypes.WEB_SEARCH]: { [Permissions.USE]: false },
|
|
[PermissionTypes.MARKETPLACE]: { [Permissions.USE]: false },
|
|
[PermissionTypes.PEOPLE_PICKER]: {
|
|
[Permissions.VIEW_USERS]: false,
|
|
[Permissions.VIEW_GROUPS]: false,
|
|
[Permissions.VIEW_ROLES]: false,
|
|
},
|
|
[PermissionTypes.FILE_SEARCH]: { [Permissions.USE]: false },
|
|
[PermissionTypes.FILE_CITATIONS]: { [Permissions.USE]: false },
|
|
};
|
|
|
|
expect(mockUpdateAccessPermissions).toHaveBeenCalledTimes(2);
|
|
|
|
// Check USER role call
|
|
expect(mockUpdateAccessPermissions).toHaveBeenCalledWith(
|
|
SystemRoles.USER,
|
|
expectedPermissionsForUser,
|
|
null,
|
|
);
|
|
|
|
// Check ADMIN role call
|
|
expect(mockUpdateAccessPermissions).toHaveBeenCalledWith(
|
|
SystemRoles.ADMIN,
|
|
expectedPermissionsForAdmin,
|
|
null,
|
|
);
|
|
});
|
|
|
|
it('should call updateAccessPermissions with role-specific defaults when permission types are not specified in config', async () => {
|
|
const config = {};
|
|
const configDefaults = {
|
|
interface: {
|
|
prompts: true,
|
|
bookmarks: true,
|
|
memories: true,
|
|
multiConvo: true,
|
|
agents: true,
|
|
temporaryChat: true,
|
|
runCode: true,
|
|
webSearch: true,
|
|
fileSearch: true,
|
|
fileCitations: true,
|
|
peoplePicker: {
|
|
users: true,
|
|
groups: true,
|
|
roles: true,
|
|
},
|
|
marketplace: {
|
|
use: false,
|
|
},
|
|
},
|
|
} as TConfigDefaults;
|
|
const interfaceConfig = await loadDefaultInterface({ config, configDefaults });
|
|
const appConfig = { config, interfaceConfig } as unknown as AppConfig;
|
|
|
|
await updateInterfacePermissions({
|
|
appConfig,
|
|
getRoleByName: mockGetRoleByName,
|
|
updateAccessPermissions: mockUpdateAccessPermissions,
|
|
});
|
|
|
|
const expectedPermissionsForUser = {
|
|
[PermissionTypes.PROMPTS]: {
|
|
[Permissions.USE]: true,
|
|
},
|
|
[PermissionTypes.BOOKMARKS]: { [Permissions.USE]: true },
|
|
[PermissionTypes.MEMORIES]: {
|
|
[Permissions.USE]: true,
|
|
[Permissions.OPT_OUT]: undefined,
|
|
},
|
|
[PermissionTypes.MULTI_CONVO]: { [Permissions.USE]: true },
|
|
[PermissionTypes.AGENTS]: {
|
|
[Permissions.USE]: true,
|
|
},
|
|
[PermissionTypes.TEMPORARY_CHAT]: { [Permissions.USE]: true },
|
|
[PermissionTypes.RUN_CODE]: { [Permissions.USE]: true },
|
|
[PermissionTypes.WEB_SEARCH]: { [Permissions.USE]: true },
|
|
[PermissionTypes.MARKETPLACE]: { [Permissions.USE]: false },
|
|
[PermissionTypes.PEOPLE_PICKER]: {
|
|
[Permissions.VIEW_USERS]: false,
|
|
[Permissions.VIEW_GROUPS]: false,
|
|
[Permissions.VIEW_ROLES]: false,
|
|
},
|
|
[PermissionTypes.FILE_SEARCH]: { [Permissions.USE]: true },
|
|
[PermissionTypes.FILE_CITATIONS]: { [Permissions.USE]: true },
|
|
};
|
|
|
|
const expectedPermissionsForAdmin = {
|
|
[PermissionTypes.PROMPTS]: {
|
|
[Permissions.USE]: true,
|
|
},
|
|
[PermissionTypes.BOOKMARKS]: { [Permissions.USE]: true },
|
|
[PermissionTypes.MEMORIES]: {
|
|
[Permissions.USE]: true,
|
|
[Permissions.OPT_OUT]: undefined,
|
|
},
|
|
[PermissionTypes.MULTI_CONVO]: { [Permissions.USE]: true },
|
|
[PermissionTypes.AGENTS]: {
|
|
[Permissions.USE]: true,
|
|
},
|
|
[PermissionTypes.TEMPORARY_CHAT]: { [Permissions.USE]: true },
|
|
[PermissionTypes.RUN_CODE]: { [Permissions.USE]: true },
|
|
[PermissionTypes.WEB_SEARCH]: { [Permissions.USE]: true },
|
|
[PermissionTypes.MARKETPLACE]: { [Permissions.USE]: true },
|
|
[PermissionTypes.PEOPLE_PICKER]: {
|
|
[Permissions.VIEW_USERS]: true,
|
|
[Permissions.VIEW_GROUPS]: true,
|
|
[Permissions.VIEW_ROLES]: true,
|
|
},
|
|
[PermissionTypes.FILE_SEARCH]: { [Permissions.USE]: true },
|
|
[PermissionTypes.FILE_CITATIONS]: { [Permissions.USE]: true },
|
|
};
|
|
|
|
expect(mockUpdateAccessPermissions).toHaveBeenCalledTimes(2);
|
|
|
|
// Check USER role call
|
|
expect(mockUpdateAccessPermissions).toHaveBeenCalledWith(
|
|
SystemRoles.USER,
|
|
expectedPermissionsForUser,
|
|
null,
|
|
);
|
|
|
|
// Check ADMIN role call
|
|
expect(mockUpdateAccessPermissions).toHaveBeenCalledWith(
|
|
SystemRoles.ADMIN,
|
|
expectedPermissionsForAdmin,
|
|
null,
|
|
);
|
|
});
|
|
|
|
it('should call updateAccessPermissions with mixed values for permission types', async () => {
|
|
const config = {
|
|
interface: {
|
|
prompts: true,
|
|
bookmarks: false,
|
|
memories: true,
|
|
multiConvo: undefined,
|
|
agents: true,
|
|
temporaryChat: undefined,
|
|
runCode: false,
|
|
webSearch: true,
|
|
fileSearch: false,
|
|
fileCitations: true,
|
|
},
|
|
};
|
|
const configDefaults = {
|
|
interface: {
|
|
prompts: true,
|
|
bookmarks: true,
|
|
memories: true,
|
|
multiConvo: true,
|
|
agents: true,
|
|
temporaryChat: true,
|
|
runCode: true,
|
|
webSearch: true,
|
|
fileSearch: true,
|
|
fileCitations: true,
|
|
peoplePicker: {
|
|
users: true,
|
|
groups: true,
|
|
roles: true,
|
|
},
|
|
marketplace: {
|
|
use: false,
|
|
},
|
|
},
|
|
} as TConfigDefaults;
|
|
const interfaceConfig = await loadDefaultInterface({ config, configDefaults });
|
|
const appConfig = { config, interfaceConfig } as unknown as AppConfig;
|
|
|
|
await updateInterfacePermissions({
|
|
appConfig,
|
|
getRoleByName: mockGetRoleByName,
|
|
updateAccessPermissions: mockUpdateAccessPermissions,
|
|
});
|
|
|
|
const expectedPermissionsForUser = {
|
|
[PermissionTypes.PROMPTS]: {
|
|
[Permissions.USE]: true,
|
|
},
|
|
[PermissionTypes.BOOKMARKS]: { [Permissions.USE]: false },
|
|
[PermissionTypes.MEMORIES]: {
|
|
[Permissions.USE]: true,
|
|
[Permissions.OPT_OUT]: undefined,
|
|
},
|
|
[PermissionTypes.MULTI_CONVO]: { [Permissions.USE]: true },
|
|
[PermissionTypes.AGENTS]: {
|
|
[Permissions.USE]: true,
|
|
},
|
|
[PermissionTypes.TEMPORARY_CHAT]: { [Permissions.USE]: true },
|
|
[PermissionTypes.RUN_CODE]: { [Permissions.USE]: false },
|
|
[PermissionTypes.WEB_SEARCH]: { [Permissions.USE]: true },
|
|
[PermissionTypes.MARKETPLACE]: { [Permissions.USE]: false },
|
|
[PermissionTypes.PEOPLE_PICKER]: {
|
|
[Permissions.VIEW_USERS]: false,
|
|
[Permissions.VIEW_GROUPS]: false,
|
|
[Permissions.VIEW_ROLES]: false,
|
|
},
|
|
[PermissionTypes.FILE_SEARCH]: { [Permissions.USE]: false },
|
|
[PermissionTypes.FILE_CITATIONS]: { [Permissions.USE]: true },
|
|
};
|
|
|
|
const expectedPermissionsForAdmin = {
|
|
[PermissionTypes.PROMPTS]: {
|
|
[Permissions.USE]: true,
|
|
},
|
|
[PermissionTypes.BOOKMARKS]: { [Permissions.USE]: false },
|
|
[PermissionTypes.MEMORIES]: {
|
|
[Permissions.USE]: true,
|
|
[Permissions.OPT_OUT]: undefined,
|
|
},
|
|
[PermissionTypes.MULTI_CONVO]: { [Permissions.USE]: true },
|
|
[PermissionTypes.AGENTS]: {
|
|
[Permissions.USE]: true,
|
|
},
|
|
[PermissionTypes.TEMPORARY_CHAT]: { [Permissions.USE]: true },
|
|
[PermissionTypes.RUN_CODE]: { [Permissions.USE]: false },
|
|
[PermissionTypes.WEB_SEARCH]: { [Permissions.USE]: true },
|
|
[PermissionTypes.MARKETPLACE]: { [Permissions.USE]: true },
|
|
[PermissionTypes.PEOPLE_PICKER]: {
|
|
[Permissions.VIEW_USERS]: true,
|
|
[Permissions.VIEW_GROUPS]: true,
|
|
[Permissions.VIEW_ROLES]: true,
|
|
},
|
|
[PermissionTypes.FILE_SEARCH]: { [Permissions.USE]: false },
|
|
[PermissionTypes.FILE_CITATIONS]: { [Permissions.USE]: true },
|
|
};
|
|
|
|
expect(mockUpdateAccessPermissions).toHaveBeenCalledTimes(2);
|
|
|
|
// Check USER role call
|
|
expect(mockUpdateAccessPermissions).toHaveBeenCalledWith(
|
|
SystemRoles.USER,
|
|
expectedPermissionsForUser,
|
|
null,
|
|
);
|
|
|
|
// Check ADMIN role call
|
|
expect(mockUpdateAccessPermissions).toHaveBeenCalledWith(
|
|
SystemRoles.ADMIN,
|
|
expectedPermissionsForAdmin,
|
|
null,
|
|
);
|
|
});
|
|
|
|
it('should use default values when config is undefined', async () => {
|
|
const config = undefined;
|
|
const configDefaults = {
|
|
interface: {
|
|
prompts: true,
|
|
bookmarks: true,
|
|
memories: true,
|
|
multiConvo: true,
|
|
agents: true,
|
|
temporaryChat: true,
|
|
runCode: true,
|
|
webSearch: true,
|
|
fileSearch: true,
|
|
fileCitations: true,
|
|
peoplePicker: {
|
|
users: true,
|
|
groups: true,
|
|
roles: true,
|
|
},
|
|
marketplace: {
|
|
use: false,
|
|
},
|
|
},
|
|
} as TConfigDefaults;
|
|
const interfaceConfig = await loadDefaultInterface({ config, configDefaults });
|
|
const appConfig = { interfaceConfig } as unknown as AppConfig;
|
|
|
|
await updateInterfacePermissions({
|
|
appConfig,
|
|
getRoleByName: mockGetRoleByName,
|
|
updateAccessPermissions: mockUpdateAccessPermissions,
|
|
});
|
|
|
|
const expectedPermissionsForUser = {
|
|
[PermissionTypes.PROMPTS]: {
|
|
[Permissions.USE]: true,
|
|
},
|
|
[PermissionTypes.BOOKMARKS]: { [Permissions.USE]: true },
|
|
[PermissionTypes.MEMORIES]: {
|
|
[Permissions.USE]: true,
|
|
[Permissions.OPT_OUT]: undefined,
|
|
},
|
|
[PermissionTypes.MULTI_CONVO]: { [Permissions.USE]: true },
|
|
[PermissionTypes.AGENTS]: {
|
|
[Permissions.USE]: true,
|
|
},
|
|
[PermissionTypes.TEMPORARY_CHAT]: { [Permissions.USE]: true },
|
|
[PermissionTypes.RUN_CODE]: { [Permissions.USE]: true },
|
|
[PermissionTypes.WEB_SEARCH]: { [Permissions.USE]: true },
|
|
[PermissionTypes.MARKETPLACE]: { [Permissions.USE]: false },
|
|
[PermissionTypes.PEOPLE_PICKER]: {
|
|
[Permissions.VIEW_USERS]: false,
|
|
[Permissions.VIEW_GROUPS]: false,
|
|
[Permissions.VIEW_ROLES]: false,
|
|
},
|
|
[PermissionTypes.FILE_SEARCH]: { [Permissions.USE]: true },
|
|
[PermissionTypes.FILE_CITATIONS]: { [Permissions.USE]: true },
|
|
};
|
|
|
|
const expectedPermissionsForAdmin = {
|
|
[PermissionTypes.PROMPTS]: {
|
|
[Permissions.USE]: true,
|
|
},
|
|
[PermissionTypes.BOOKMARKS]: { [Permissions.USE]: true },
|
|
[PermissionTypes.MEMORIES]: {
|
|
[Permissions.USE]: true,
|
|
[Permissions.OPT_OUT]: undefined,
|
|
},
|
|
[PermissionTypes.MULTI_CONVO]: { [Permissions.USE]: true },
|
|
[PermissionTypes.AGENTS]: {
|
|
[Permissions.USE]: true,
|
|
},
|
|
[PermissionTypes.TEMPORARY_CHAT]: { [Permissions.USE]: true },
|
|
[PermissionTypes.RUN_CODE]: { [Permissions.USE]: true },
|
|
[PermissionTypes.WEB_SEARCH]: { [Permissions.USE]: true },
|
|
[PermissionTypes.MARKETPLACE]: { [Permissions.USE]: true },
|
|
[PermissionTypes.PEOPLE_PICKER]: {
|
|
[Permissions.VIEW_USERS]: true,
|
|
[Permissions.VIEW_GROUPS]: true,
|
|
[Permissions.VIEW_ROLES]: true,
|
|
},
|
|
[PermissionTypes.FILE_SEARCH]: { [Permissions.USE]: true },
|
|
[PermissionTypes.FILE_CITATIONS]: { [Permissions.USE]: true },
|
|
};
|
|
|
|
expect(mockUpdateAccessPermissions).toHaveBeenCalledTimes(2);
|
|
|
|
// Check USER role call
|
|
expect(mockUpdateAccessPermissions).toHaveBeenCalledWith(
|
|
SystemRoles.USER,
|
|
expectedPermissionsForUser,
|
|
null,
|
|
);
|
|
|
|
// Check ADMIN role call
|
|
expect(mockUpdateAccessPermissions).toHaveBeenCalledWith(
|
|
SystemRoles.ADMIN,
|
|
expectedPermissionsForAdmin,
|
|
null,
|
|
);
|
|
});
|
|
|
|
it('should only update permissions that do not exist when no config provided', async () => {
|
|
// Mock that some permissions already exist
|
|
mockGetRoleByName.mockResolvedValue({
|
|
permissions: {
|
|
[PermissionTypes.PROMPTS]: { [Permissions.USE]: false },
|
|
[PermissionTypes.AGENTS]: { [Permissions.USE]: true },
|
|
},
|
|
});
|
|
|
|
const config = undefined;
|
|
const configDefaults = {
|
|
interface: {
|
|
prompts: true,
|
|
bookmarks: true,
|
|
memories: true,
|
|
multiConvo: true,
|
|
agents: true,
|
|
temporaryChat: true,
|
|
runCode: true,
|
|
webSearch: true,
|
|
fileSearch: true,
|
|
fileCitations: true,
|
|
peoplePicker: {
|
|
users: true,
|
|
groups: true,
|
|
roles: true,
|
|
},
|
|
marketplace: {
|
|
use: false,
|
|
},
|
|
},
|
|
} as TConfigDefaults;
|
|
const interfaceConfig = await loadDefaultInterface({ config, configDefaults });
|
|
const appConfig = { interfaceConfig } as unknown as AppConfig;
|
|
|
|
await updateInterfacePermissions({
|
|
appConfig,
|
|
getRoleByName: mockGetRoleByName,
|
|
updateAccessPermissions: mockUpdateAccessPermissions,
|
|
});
|
|
|
|
// Should be called with all permissions EXCEPT prompts and agents (which already exist)
|
|
const expectedPermissionsForUser = {
|
|
[PermissionTypes.BOOKMARKS]: { [Permissions.USE]: true },
|
|
[PermissionTypes.MEMORIES]: {
|
|
[Permissions.USE]: true,
|
|
[Permissions.OPT_OUT]: undefined,
|
|
},
|
|
[PermissionTypes.MULTI_CONVO]: { [Permissions.USE]: true },
|
|
[PermissionTypes.TEMPORARY_CHAT]: { [Permissions.USE]: true },
|
|
[PermissionTypes.RUN_CODE]: { [Permissions.USE]: true },
|
|
[PermissionTypes.WEB_SEARCH]: { [Permissions.USE]: true },
|
|
[PermissionTypes.MARKETPLACE]: { [Permissions.USE]: false },
|
|
[PermissionTypes.PEOPLE_PICKER]: {
|
|
[Permissions.VIEW_USERS]: false,
|
|
[Permissions.VIEW_GROUPS]: false,
|
|
[Permissions.VIEW_ROLES]: false,
|
|
},
|
|
[PermissionTypes.FILE_SEARCH]: { [Permissions.USE]: true },
|
|
[PermissionTypes.FILE_CITATIONS]: { [Permissions.USE]: true },
|
|
};
|
|
|
|
const expectedPermissionsForAdmin = {
|
|
[PermissionTypes.BOOKMARKS]: { [Permissions.USE]: true },
|
|
[PermissionTypes.MEMORIES]: {
|
|
[Permissions.USE]: true,
|
|
[Permissions.OPT_OUT]: undefined,
|
|
},
|
|
[PermissionTypes.MULTI_CONVO]: { [Permissions.USE]: true },
|
|
[PermissionTypes.TEMPORARY_CHAT]: { [Permissions.USE]: true },
|
|
[PermissionTypes.RUN_CODE]: { [Permissions.USE]: true },
|
|
[PermissionTypes.WEB_SEARCH]: { [Permissions.USE]: true },
|
|
[PermissionTypes.MARKETPLACE]: { [Permissions.USE]: true },
|
|
[PermissionTypes.PEOPLE_PICKER]: {
|
|
[Permissions.VIEW_USERS]: true,
|
|
[Permissions.VIEW_GROUPS]: true,
|
|
[Permissions.VIEW_ROLES]: true,
|
|
},
|
|
[PermissionTypes.FILE_SEARCH]: { [Permissions.USE]: true },
|
|
[PermissionTypes.FILE_CITATIONS]: { [Permissions.USE]: true },
|
|
};
|
|
|
|
expect(mockUpdateAccessPermissions).toHaveBeenCalledTimes(2);
|
|
expect(mockUpdateAccessPermissions).toHaveBeenCalledWith(
|
|
SystemRoles.USER,
|
|
expectedPermissionsForUser,
|
|
expect.objectContaining({
|
|
permissions: {
|
|
[PermissionTypes.PROMPTS]: { [Permissions.USE]: false },
|
|
[PermissionTypes.AGENTS]: { [Permissions.USE]: true },
|
|
},
|
|
}),
|
|
);
|
|
expect(mockUpdateAccessPermissions).toHaveBeenCalledWith(
|
|
SystemRoles.ADMIN,
|
|
expectedPermissionsForAdmin,
|
|
expect.objectContaining({
|
|
permissions: {
|
|
[PermissionTypes.PROMPTS]: { [Permissions.USE]: false },
|
|
[PermissionTypes.AGENTS]: { [Permissions.USE]: true },
|
|
},
|
|
}),
|
|
);
|
|
});
|
|
|
|
it('should override existing permissions when explicitly configured', async () => {
|
|
// Mock that some permissions already exist
|
|
mockGetRoleByName.mockResolvedValue({
|
|
permissions: {
|
|
[PermissionTypes.PROMPTS]: { [Permissions.USE]: false },
|
|
[PermissionTypes.AGENTS]: { [Permissions.USE]: false },
|
|
[PermissionTypes.BOOKMARKS]: { [Permissions.USE]: false },
|
|
},
|
|
});
|
|
|
|
const config = {
|
|
interface: {
|
|
prompts: true, // Explicitly set, should override existing false
|
|
// agents not specified, so existing false should be preserved
|
|
// bookmarks not specified, so existing false should be preserved
|
|
},
|
|
};
|
|
const configDefaults = {
|
|
interface: {
|
|
prompts: false,
|
|
agents: true,
|
|
bookmarks: true,
|
|
memories: true,
|
|
multiConvo: true,
|
|
temporaryChat: true,
|
|
runCode: true,
|
|
webSearch: true,
|
|
fileSearch: true,
|
|
fileCitations: true,
|
|
peoplePicker: {
|
|
users: true,
|
|
groups: true,
|
|
roles: true,
|
|
},
|
|
marketplace: {
|
|
use: false,
|
|
},
|
|
},
|
|
} as TConfigDefaults;
|
|
const interfaceConfig = await loadDefaultInterface({ config, configDefaults });
|
|
const appConfig = { config, interfaceConfig } as unknown as AppConfig;
|
|
|
|
await updateInterfacePermissions({
|
|
appConfig,
|
|
getRoleByName: mockGetRoleByName,
|
|
updateAccessPermissions: mockUpdateAccessPermissions,
|
|
});
|
|
|
|
// Should update prompts (explicitly configured) and all other permissions that don't exist
|
|
const expectedPermissionsForUser = {
|
|
[PermissionTypes.PROMPTS]: {
|
|
[Permissions.USE]: true,
|
|
}, // Explicitly configured
|
|
// All other permissions that don't exist in the database
|
|
[PermissionTypes.MEMORIES]: {
|
|
[Permissions.USE]: true,
|
|
[Permissions.OPT_OUT]: undefined,
|
|
},
|
|
[PermissionTypes.MULTI_CONVO]: { [Permissions.USE]: true },
|
|
[PermissionTypes.TEMPORARY_CHAT]: { [Permissions.USE]: true },
|
|
[PermissionTypes.RUN_CODE]: { [Permissions.USE]: true },
|
|
[PermissionTypes.WEB_SEARCH]: { [Permissions.USE]: true },
|
|
[PermissionTypes.MARKETPLACE]: { [Permissions.USE]: false },
|
|
[PermissionTypes.PEOPLE_PICKER]: {
|
|
[Permissions.VIEW_USERS]: false,
|
|
[Permissions.VIEW_GROUPS]: false,
|
|
[Permissions.VIEW_ROLES]: false,
|
|
},
|
|
[PermissionTypes.FILE_SEARCH]: { [Permissions.USE]: true },
|
|
[PermissionTypes.FILE_CITATIONS]: { [Permissions.USE]: true },
|
|
};
|
|
|
|
const expectedPermissionsForAdmin = {
|
|
[PermissionTypes.PROMPTS]: {
|
|
[Permissions.USE]: true,
|
|
}, // Explicitly configured
|
|
// All other permissions that don't exist in the database
|
|
[PermissionTypes.MEMORIES]: {
|
|
[Permissions.USE]: true,
|
|
[Permissions.OPT_OUT]: undefined,
|
|
},
|
|
[PermissionTypes.MULTI_CONVO]: { [Permissions.USE]: true },
|
|
[PermissionTypes.TEMPORARY_CHAT]: { [Permissions.USE]: true },
|
|
[PermissionTypes.RUN_CODE]: { [Permissions.USE]: true },
|
|
[PermissionTypes.WEB_SEARCH]: { [Permissions.USE]: true },
|
|
[PermissionTypes.MARKETPLACE]: { [Permissions.USE]: true },
|
|
[PermissionTypes.PEOPLE_PICKER]: {
|
|
[Permissions.VIEW_USERS]: true,
|
|
[Permissions.VIEW_GROUPS]: true,
|
|
[Permissions.VIEW_ROLES]: true,
|
|
},
|
|
[PermissionTypes.FILE_SEARCH]: { [Permissions.USE]: true },
|
|
[PermissionTypes.FILE_CITATIONS]: { [Permissions.USE]: true },
|
|
};
|
|
|
|
expect(mockUpdateAccessPermissions).toHaveBeenCalledTimes(2);
|
|
expect(mockUpdateAccessPermissions).toHaveBeenCalledWith(
|
|
SystemRoles.USER,
|
|
expectedPermissionsForUser,
|
|
expect.objectContaining({
|
|
permissions: expect.any(Object),
|
|
}),
|
|
);
|
|
expect(mockUpdateAccessPermissions).toHaveBeenCalledWith(
|
|
SystemRoles.ADMIN,
|
|
expectedPermissionsForAdmin,
|
|
expect.objectContaining({
|
|
permissions: expect.any(Object),
|
|
}),
|
|
);
|
|
});
|
|
|
|
it('should handle memories OPT_OUT based on personalization when memories are enabled', async () => {
|
|
const config = {
|
|
interface: {
|
|
memories: true,
|
|
},
|
|
memory: {
|
|
// Memory enabled with personalization
|
|
agent: {
|
|
id: 'test-agent-id',
|
|
},
|
|
personalize: true,
|
|
} as unknown as TCustomConfig['memory'],
|
|
};
|
|
const configDefaults = { interface: {} } as TConfigDefaults;
|
|
const interfaceConfig = await loadDefaultInterface({ config, configDefaults });
|
|
const appConfig = { config, interfaceConfig } as unknown as AppConfig;
|
|
|
|
await updateInterfacePermissions({
|
|
appConfig,
|
|
getRoleByName: mockGetRoleByName,
|
|
updateAccessPermissions: mockUpdateAccessPermissions,
|
|
});
|
|
|
|
const userCall = mockUpdateAccessPermissions.mock.calls.find(
|
|
(call) => call[0] === SystemRoles.USER,
|
|
);
|
|
const adminCall = mockUpdateAccessPermissions.mock.calls.find(
|
|
(call) => call[0] === SystemRoles.ADMIN,
|
|
);
|
|
|
|
// Both roles should have OPT_OUT set to true when personalization is enabled
|
|
expect(userCall[1][PermissionTypes.MEMORIES][Permissions.OPT_OUT]).toBe(true);
|
|
expect(adminCall[1][PermissionTypes.MEMORIES][Permissions.OPT_OUT]).toBe(true);
|
|
});
|
|
|
|
it('should use role-specific defaults for PEOPLE_PICKER when peoplePicker config is undefined', async () => {
|
|
const config = {
|
|
interface: {
|
|
// peoplePicker is not defined at all
|
|
prompts: true,
|
|
bookmarks: true,
|
|
},
|
|
};
|
|
const configDefaults = { interface: {} } as TConfigDefaults;
|
|
const interfaceConfig = await loadDefaultInterface({ config, configDefaults });
|
|
const appConfig = { config, interfaceConfig } as unknown as AppConfig;
|
|
|
|
await updateInterfacePermissions({
|
|
appConfig,
|
|
getRoleByName: mockGetRoleByName,
|
|
updateAccessPermissions: mockUpdateAccessPermissions,
|
|
});
|
|
|
|
expect(mockUpdateAccessPermissions).toHaveBeenCalledTimes(2);
|
|
|
|
// Get the calls to updateAccessPermissions
|
|
const userCall = mockUpdateAccessPermissions.mock.calls.find(
|
|
(call) => call[0] === SystemRoles.USER,
|
|
);
|
|
const adminCall = mockUpdateAccessPermissions.mock.calls.find(
|
|
(call) => call[0] === SystemRoles.ADMIN,
|
|
);
|
|
|
|
// For USER role, PEOPLE_PICKER should use USER defaults (false)
|
|
expect(userCall[1][PermissionTypes.PEOPLE_PICKER]).toEqual({
|
|
[Permissions.VIEW_USERS]: false,
|
|
[Permissions.VIEW_GROUPS]: false,
|
|
[Permissions.VIEW_ROLES]: false,
|
|
});
|
|
|
|
// For ADMIN role, PEOPLE_PICKER should use ADMIN defaults (true)
|
|
expect(adminCall[1][PermissionTypes.PEOPLE_PICKER]).toEqual({
|
|
[Permissions.VIEW_USERS]: true,
|
|
[Permissions.VIEW_GROUPS]: true,
|
|
[Permissions.VIEW_ROLES]: true,
|
|
});
|
|
});
|
|
|
|
it('should only call getRoleByName once per role for efficiency', async () => {
|
|
const config = {
|
|
interface: {
|
|
prompts: true,
|
|
bookmarks: true,
|
|
},
|
|
};
|
|
const configDefaults = { interface: {} } as TConfigDefaults;
|
|
const interfaceConfig = await loadDefaultInterface({ config, configDefaults });
|
|
const appConfig = { config, interfaceConfig } as unknown as AppConfig;
|
|
|
|
await updateInterfacePermissions({
|
|
appConfig,
|
|
getRoleByName: mockGetRoleByName,
|
|
updateAccessPermissions: mockUpdateAccessPermissions,
|
|
});
|
|
|
|
// Should call getRoleByName exactly twice (once for USER, once for ADMIN)
|
|
expect(mockGetRoleByName).toHaveBeenCalledTimes(2);
|
|
expect(mockGetRoleByName).toHaveBeenCalledWith(SystemRoles.USER);
|
|
expect(mockGetRoleByName).toHaveBeenCalledWith(SystemRoles.ADMIN);
|
|
});
|
|
|
|
it('should use role-specific defaults for complex permissions when not configured', async () => {
|
|
const config = {
|
|
interface: {
|
|
// Only configure some permissions, leave others undefined
|
|
bookmarks: true,
|
|
multiConvo: false,
|
|
},
|
|
};
|
|
const configDefaults = {
|
|
interface: {
|
|
prompts: true,
|
|
bookmarks: true,
|
|
memories: true,
|
|
multiConvo: true,
|
|
agents: true,
|
|
temporaryChat: true,
|
|
runCode: true,
|
|
webSearch: true,
|
|
fileSearch: true,
|
|
fileCitations: true,
|
|
peoplePicker: {
|
|
users: true,
|
|
groups: true,
|
|
roles: true,
|
|
},
|
|
marketplace: {
|
|
use: false,
|
|
},
|
|
},
|
|
} as TConfigDefaults;
|
|
const interfaceConfig = await loadDefaultInterface({ config, configDefaults });
|
|
const appConfig = { config, interfaceConfig } as unknown as AppConfig;
|
|
|
|
await updateInterfacePermissions({
|
|
appConfig,
|
|
getRoleByName: mockGetRoleByName,
|
|
updateAccessPermissions: mockUpdateAccessPermissions,
|
|
});
|
|
|
|
const userCall = mockUpdateAccessPermissions.mock.calls.find(
|
|
(call) => call[0] === SystemRoles.USER,
|
|
);
|
|
const adminCall = mockUpdateAccessPermissions.mock.calls.find(
|
|
(call) => call[0] === SystemRoles.ADMIN,
|
|
);
|
|
|
|
// Check PROMPTS permissions use role defaults
|
|
expect(userCall[1][PermissionTypes.PROMPTS]).toEqual({
|
|
[Permissions.USE]: true,
|
|
});
|
|
|
|
expect(adminCall[1][PermissionTypes.PROMPTS]).toEqual({
|
|
[Permissions.USE]: true,
|
|
});
|
|
|
|
// Check AGENTS permissions use role defaults
|
|
expect(userCall[1][PermissionTypes.AGENTS]).toEqual({
|
|
[Permissions.USE]: true,
|
|
});
|
|
|
|
expect(adminCall[1][PermissionTypes.AGENTS]).toEqual({
|
|
[Permissions.USE]: true,
|
|
});
|
|
|
|
// Check MEMORIES permissions use role defaults
|
|
expect(userCall[1][PermissionTypes.MEMORIES]).toEqual({
|
|
[Permissions.USE]: true,
|
|
[Permissions.OPT_OUT]: undefined,
|
|
});
|
|
|
|
expect(adminCall[1][PermissionTypes.MEMORIES]).toEqual({
|
|
[Permissions.USE]: true,
|
|
[Permissions.OPT_OUT]: undefined,
|
|
});
|
|
});
|
|
|
|
it('should populate missing PEOPLE_PICKER and MARKETPLACE permissions with role-specific defaults', async () => {
|
|
// Mock that PEOPLE_PICKER and MARKETPLACE permissions don't exist yet
|
|
mockGetRoleByName.mockResolvedValue({
|
|
permissions: {
|
|
[PermissionTypes.PROMPTS]: { [Permissions.USE]: true },
|
|
[PermissionTypes.BOOKMARKS]: { [Permissions.USE]: true },
|
|
// PEOPLE_PICKER and MARKETPLACE are missing
|
|
},
|
|
});
|
|
|
|
const config = {
|
|
interface: {
|
|
prompts: true,
|
|
bookmarks: true,
|
|
},
|
|
};
|
|
const configDefaults = {
|
|
interface: {
|
|
prompts: true,
|
|
bookmarks: true,
|
|
peoplePicker: {
|
|
users: true,
|
|
groups: true,
|
|
roles: true,
|
|
},
|
|
marketplace: {
|
|
use: false,
|
|
},
|
|
},
|
|
} as TConfigDefaults;
|
|
const interfaceConfig = await loadDefaultInterface({ config, configDefaults });
|
|
const appConfig = { config, interfaceConfig } as unknown as AppConfig;
|
|
|
|
await updateInterfacePermissions({
|
|
appConfig,
|
|
getRoleByName: mockGetRoleByName,
|
|
updateAccessPermissions: mockUpdateAccessPermissions,
|
|
});
|
|
|
|
const userCall = mockUpdateAccessPermissions.mock.calls.find(
|
|
(call) => call[0] === SystemRoles.USER,
|
|
);
|
|
const adminCall = mockUpdateAccessPermissions.mock.calls.find(
|
|
(call) => call[0] === SystemRoles.ADMIN,
|
|
);
|
|
|
|
// Check that PEOPLE_PICKER uses role-specific defaults from roleDefaults
|
|
expect(userCall[1][PermissionTypes.PEOPLE_PICKER]).toEqual({
|
|
[Permissions.VIEW_USERS]:
|
|
roleDefaults[SystemRoles.USER].permissions[PermissionTypes.PEOPLE_PICKER][
|
|
Permissions.VIEW_USERS
|
|
],
|
|
[Permissions.VIEW_GROUPS]:
|
|
roleDefaults[SystemRoles.USER].permissions[PermissionTypes.PEOPLE_PICKER][
|
|
Permissions.VIEW_GROUPS
|
|
],
|
|
[Permissions.VIEW_ROLES]:
|
|
roleDefaults[SystemRoles.USER].permissions[PermissionTypes.PEOPLE_PICKER][
|
|
Permissions.VIEW_ROLES
|
|
],
|
|
});
|
|
|
|
expect(adminCall[1][PermissionTypes.PEOPLE_PICKER]).toEqual({
|
|
[Permissions.VIEW_USERS]:
|
|
roleDefaults[SystemRoles.ADMIN].permissions[PermissionTypes.PEOPLE_PICKER][
|
|
Permissions.VIEW_USERS
|
|
],
|
|
[Permissions.VIEW_GROUPS]:
|
|
roleDefaults[SystemRoles.ADMIN].permissions[PermissionTypes.PEOPLE_PICKER][
|
|
Permissions.VIEW_GROUPS
|
|
],
|
|
[Permissions.VIEW_ROLES]:
|
|
roleDefaults[SystemRoles.ADMIN].permissions[PermissionTypes.PEOPLE_PICKER][
|
|
Permissions.VIEW_ROLES
|
|
],
|
|
});
|
|
|
|
// Check that MARKETPLACE uses role-specific defaults from roleDefaults
|
|
expect(userCall[1][PermissionTypes.MARKETPLACE]).toEqual({
|
|
[Permissions.USE]:
|
|
roleDefaults[SystemRoles.USER].permissions[PermissionTypes.MARKETPLACE][Permissions.USE],
|
|
});
|
|
|
|
expect(adminCall[1][PermissionTypes.MARKETPLACE]).toEqual({
|
|
[Permissions.USE]:
|
|
roleDefaults[SystemRoles.ADMIN].permissions[PermissionTypes.MARKETPLACE][Permissions.USE],
|
|
});
|
|
});
|
|
|
|
it('should leave all existing permissions unchanged when nothing is configured', async () => {
|
|
// Mock existing permissions with values that differ from defaults
|
|
const existingUserPermissions = {
|
|
[PermissionTypes.PROMPTS]: { [Permissions.USE]: false },
|
|
[PermissionTypes.BOOKMARKS]: { [Permissions.USE]: false },
|
|
[PermissionTypes.MEMORIES]: { [Permissions.USE]: false },
|
|
[PermissionTypes.PEOPLE_PICKER]: {
|
|
[Permissions.VIEW_USERS]: true,
|
|
[Permissions.VIEW_GROUPS]: false,
|
|
[Permissions.VIEW_ROLES]: true,
|
|
},
|
|
[PermissionTypes.MARKETPLACE]: { [Permissions.USE]: true },
|
|
};
|
|
|
|
mockGetRoleByName.mockResolvedValue({
|
|
permissions: existingUserPermissions,
|
|
});
|
|
|
|
// No config provided
|
|
const config = undefined;
|
|
const configDefaults = {
|
|
interface: {
|
|
prompts: true,
|
|
bookmarks: true,
|
|
memories: true,
|
|
peoplePicker: {
|
|
users: true,
|
|
groups: true,
|
|
roles: true,
|
|
},
|
|
marketplace: {
|
|
use: false,
|
|
},
|
|
},
|
|
} as TConfigDefaults;
|
|
const interfaceConfig = await loadDefaultInterface({ config, configDefaults });
|
|
const appConfig = { interfaceConfig } as unknown as AppConfig;
|
|
|
|
await updateInterfacePermissions({
|
|
appConfig,
|
|
getRoleByName: mockGetRoleByName,
|
|
updateAccessPermissions: mockUpdateAccessPermissions,
|
|
});
|
|
|
|
// Should only update permissions that don't exist
|
|
const userCall = mockUpdateAccessPermissions.mock.calls.find(
|
|
(call) => call[0] === SystemRoles.USER,
|
|
);
|
|
|
|
// Should only have permissions for things that don't exist in the role
|
|
expect(userCall[1]).not.toHaveProperty(PermissionTypes.PROMPTS);
|
|
expect(userCall[1]).not.toHaveProperty(PermissionTypes.BOOKMARKS);
|
|
expect(userCall[1]).not.toHaveProperty(PermissionTypes.MEMORIES);
|
|
expect(userCall[1]).not.toHaveProperty(PermissionTypes.PEOPLE_PICKER);
|
|
expect(userCall[1]).not.toHaveProperty(PermissionTypes.MARKETPLACE);
|
|
|
|
// Should have other permissions that weren't in existingUserPermissions
|
|
expect(userCall[1]).toHaveProperty(PermissionTypes.MULTI_CONVO);
|
|
expect(userCall[1]).toHaveProperty(PermissionTypes.AGENTS);
|
|
});
|
|
|
|
it('should only update explicitly configured permissions and leave others unchanged', async () => {
|
|
// Mock existing permissions
|
|
mockGetRoleByName.mockResolvedValue({
|
|
permissions: {
|
|
[PermissionTypes.PROMPTS]: { [Permissions.USE]: false },
|
|
[PermissionTypes.BOOKMARKS]: { [Permissions.USE]: false },
|
|
[PermissionTypes.MEMORIES]: { [Permissions.USE]: false },
|
|
[PermissionTypes.PEOPLE_PICKER]: {
|
|
[Permissions.VIEW_USERS]: false,
|
|
[Permissions.VIEW_GROUPS]: false,
|
|
[Permissions.VIEW_ROLES]: false,
|
|
},
|
|
[PermissionTypes.MARKETPLACE]: { [Permissions.USE]: false },
|
|
},
|
|
});
|
|
|
|
// Only configure some permissions
|
|
const config = {
|
|
interface: {
|
|
prompts: true, // Explicitly set to true
|
|
bookmarks: true, // Explicitly set to true
|
|
// memories not configured - should remain unchanged
|
|
// peoplePicker not configured - should remain unchanged
|
|
marketplace: {
|
|
use: true, // Explicitly set to true
|
|
},
|
|
},
|
|
};
|
|
const configDefaults = {
|
|
interface: {
|
|
prompts: false,
|
|
bookmarks: false,
|
|
memories: true,
|
|
peoplePicker: {
|
|
users: true,
|
|
groups: true,
|
|
roles: true,
|
|
},
|
|
marketplace: {
|
|
use: false,
|
|
},
|
|
},
|
|
} as TConfigDefaults;
|
|
const interfaceConfig = await loadDefaultInterface({ config, configDefaults });
|
|
const appConfig = { config, interfaceConfig } as unknown as AppConfig;
|
|
|
|
await updateInterfacePermissions({
|
|
appConfig,
|
|
getRoleByName: mockGetRoleByName,
|
|
updateAccessPermissions: mockUpdateAccessPermissions,
|
|
});
|
|
|
|
const userCall = mockUpdateAccessPermissions.mock.calls.find(
|
|
(call) => call[0] === SystemRoles.USER,
|
|
);
|
|
|
|
// Explicitly configured permissions should be updated
|
|
expect(userCall[1][PermissionTypes.PROMPTS]).toEqual({
|
|
[Permissions.USE]: true,
|
|
});
|
|
expect(userCall[1][PermissionTypes.BOOKMARKS]).toEqual({ [Permissions.USE]: true });
|
|
expect(userCall[1][PermissionTypes.MARKETPLACE]).toEqual({ [Permissions.USE]: true });
|
|
|
|
// Unconfigured permissions should not be present (left unchanged)
|
|
expect(userCall[1]).not.toHaveProperty(PermissionTypes.MEMORIES);
|
|
expect(userCall[1]).not.toHaveProperty(PermissionTypes.PEOPLE_PICKER);
|
|
|
|
// New permissions that didn't exist should still be added
|
|
expect(userCall[1]).toHaveProperty(PermissionTypes.AGENTS);
|
|
expect(userCall[1]).toHaveProperty(PermissionTypes.MULTI_CONVO);
|
|
});
|
|
});
|