mirror of
https://github.com/danny-avila/LibreChat.git
synced 2025-09-21 21:50:49 +02:00
9a210971f5
* WIP: app.locals refactoring
WIP: appConfig
fix: update memory configuration retrieval to use getAppConfig based on user role
fix: update comment for AppConfig interface to clarify purpose
🏷️ refactor: Update tests to use getAppConfig for endpoint configurations
ci: Update AppService tests to initialize app config instead of app.locals
ci: Integrate getAppConfig into remaining tests
refactor: Update multer storage destination to use promise-based getAppConfig and improve error handling in tests
refactor: Rename initializeAppConfig to setAppConfig and update related tests
ci: Mock getAppConfig in various tests to provide default configurations
refactor: Update convertMCPToolsToPlugins to use mcpManager for server configuration and adjust related tests
chore: rename `Config/getAppConfig` -> `Config/app`
fix: streamline OpenAI image tools configuration by removing direct appConfig dependency and using function parameters
chore: correct parameter documentation for imageOutputType in ToolService.js
refactor: remove `getCustomConfig` dependency in config route
refactor: update domain validation to use appConfig for allowed domains
refactor: use appConfig registration property
chore: remove app parameter from AppService invocation
refactor: update AppConfig interface to correct registration and turnstile configurations
refactor: remove getCustomConfig dependency and use getAppConfig in PluginController, multer, and MCP services
refactor: replace getCustomConfig with getAppConfig in STTService, TTSService, and related files
refactor: replace getCustomConfig with getAppConfig in Conversation and Message models, update tempChatRetention functions to use AppConfig type
refactor: update getAppConfig calls in Conversation and Message models to include user role for temporary chat expiration
ci: update related tests
refactor: update getAppConfig call in getCustomConfigSpeech to include user role
fix: update appConfig usage to access allowedDomains from actions instead of registration
refactor: enhance AppConfig to include fileStrategies and update related file strategy logic
refactor: update imports to use normalizeEndpointName from @librechat/api and remove redundant definitions
chore: remove deprecated unused RunManager
refactor: get balance config primarily from appConfig
refactor: remove customConfig dependency for appConfig and streamline loadConfigModels logic
refactor: remove getCustomConfig usage and use app config in file citations
refactor: consolidate endpoint loading logic into loadEndpoints function
refactor: update appConfig access to use endpoints structure across various services
refactor: implement custom endpoints configuration and streamline endpoint loading logic
refactor: update getAppConfig call to include user role parameter
refactor: streamline endpoint configuration and enhance appConfig usage across services
refactor: replace getMCPAuthMap with getUserMCPAuthMap and remove unused getCustomConfig file
refactor: add type annotation for loadedEndpoints in loadEndpoints function
refactor: move /services/Files/images/parse to TS API
chore: add missing FILE_CITATIONS permission to IRole interface
refactor: restructure toolkits to TS API
refactor: separate manifest logic into its own module
refactor: consolidate tool loading logic into a new tools module for startup logic
refactor: move interface config logic to TS API
refactor: migrate checkEmailConfig to TypeScript and update imports
refactor: add FunctionTool interface and availableTools to AppConfig
refactor: decouple caching and DB operations from AppService, make part of consolidated `getAppConfig`
WIP: fix tests
* fix: rebase conflicts
* refactor: remove app.locals references
* refactor: replace getBalanceConfig with getAppConfig in various strategies and middleware
* refactor: replace appConfig?.balance with getBalanceConfig in various controllers and clients
* test: add balance configuration to titleConvo method in AgentClient tests
* chore: remove unused `openai-chat-tokens` package
* chore: remove unused imports in initializeMCPs.js
* refactor: update balance configuration to use getAppConfig instead of getBalanceConfig
* refactor: integrate configMiddleware for centralized configuration handling
* refactor: optimize email domain validation by removing unnecessary async calls
* refactor: simplify multer storage configuration by removing async calls
* refactor: reorder imports for better readability in user.js
* refactor: replace getAppConfig calls with req.config for improved performance
* chore: replace getAppConfig calls with req.config in tests for centralized configuration handling
* chore: remove unused override config
* refactor: add configMiddleware to endpoint route and replace getAppConfig with req.config
* chore: remove customConfig parameter from TTSService constructor
* refactor: pass appConfig from request to processFileCitations for improved configuration handling
* refactor: remove configMiddleware from endpoint route and retrieve appConfig directly in getEndpointsConfig if not in `req.config`
* test: add mockAppConfig to processFileCitations tests for improved configuration handling
* fix: pass req.config to hasCustomUserVars and call without await after synchronous refactor
* fix: type safety in useExportConversation
* refactor: retrieve appConfig using getAppConfig in PluginController and remove configMiddleware from plugins route, to avoid always retrieving when plugins are cached
* chore: change `MongoUser` typedef to `IUser`
* fix: Add `user` and `config` fields to ServerRequest and update JSDoc type annotations from Express.Request to ServerRequest
* fix: remove unused setAppConfig mock from Server configuration tests
73 lines
2.4 KiB
JavaScript
73 lines
2.4 KiB
JavaScript
const { isEnabled } = require('@librechat/api');
|
|
const { Constants, ViolationTypes, Time } = require('librechat-data-provider');
|
|
const { searchConversation } = require('~/models/Conversation');
|
|
const denyRequest = require('~/server/middleware/denyRequest');
|
|
const { logViolation, getLogStores } = require('~/cache');
|
|
|
|
const { USE_REDIS, CONVO_ACCESS_VIOLATION_SCORE: score = 0 } = process.env ?? {};
|
|
|
|
/**
|
|
* Middleware to validate user's authorization for a conversation.
|
|
*
|
|
* This middleware checks if a user has the right to access a specific conversation.
|
|
* If the user doesn't have access, an error is returned. If the conversation doesn't exist,
|
|
* a not found error is returned. If the access is valid, the middleware allows the request to proceed.
|
|
* If the `cache` store is not available, the middleware will skip its logic.
|
|
*
|
|
* @function
|
|
* @param {ServerRequest} req - Express request object containing user information.
|
|
* @param {Express.Response} res - Express response object.
|
|
* @param {function} next - Express next middleware function.
|
|
* @throws {Error} Throws an error if the user doesn't have access to the conversation.
|
|
*/
|
|
const validateConvoAccess = async (req, res, next) => {
|
|
const namespace = ViolationTypes.CONVO_ACCESS;
|
|
const cache = getLogStores(namespace);
|
|
|
|
const conversationId = req.body.conversationId;
|
|
|
|
if (!conversationId || conversationId === Constants.NEW_CONVO) {
|
|
return next();
|
|
}
|
|
|
|
const userId = req.user?.id ?? req.user?._id ?? '';
|
|
const type = ViolationTypes.CONVO_ACCESS;
|
|
const key = `${isEnabled(USE_REDIS) ? namespace : ''}:${userId}:${conversationId}`;
|
|
|
|
try {
|
|
if (cache) {
|
|
const cachedAccess = await cache.get(key);
|
|
if (cachedAccess === 'authorized') {
|
|
return next();
|
|
}
|
|
}
|
|
|
|
const conversation = await searchConversation(conversationId);
|
|
|
|
if (!conversation) {
|
|
return next();
|
|
}
|
|
|
|
if (conversation.user !== userId) {
|
|
const errorMessage = {
|
|
type,
|
|
error: 'User not authorized for this conversation',
|
|
};
|
|
|
|
if (cache) {
|
|
await logViolation(req, res, type, errorMessage, score);
|
|
}
|
|
return await denyRequest(req, res, errorMessage);
|
|
}
|
|
|
|
if (cache) {
|
|
await cache.set(key, 'authorized', Time.TEN_MINUTES);
|
|
}
|
|
next();
|
|
} catch (error) {
|
|
console.error('Error validating conversation access:', error);
|
|
res.status(500).json({ error: 'Internal server error' });
|
|
}
|
|
};
|
|
|
|
module.exports = validateConvoAccess;
|