mirror of
https://github.com/danny-avila/LibreChat.git
synced 2025-12-23 11:50:14 +01:00
0551a562d8
* 🏗️ feat: Add Group model and schema with GroupType enum * 🏗️ feat: Introduce Permissions module and refactor role-based access control * 🏗️ feat: Refactor permissions handling and consolidate permission schemas * 🏗️ feat: Refactor role permissions handling and improve role initialization logic * 🏗️ feat: Update Role.spec.js to improve imports and enhance test structure * 🏗️ feat: Update access control logic to ensure proper permission checks in role handling * 🏗️ chore: Bump versions for librechat-data-provider to 0.7.75 and @librechat/data-schemas to 0.0.6 * 🏗️ feat: Improve role permissions handling by ensuring defaults are applied correctly * 🏗️ feat: Update role permissions schema to comment out unused SHARE permission * 🏗️ chore: Bump version of librechat-data-provider to 0.7.77 and remove unused groups field from IUser interface * 🏗️ chore: Downgrade version of librechat-data-provider to 0.7.76 * 🔧 chore: Bump versions for librechat-data-provider to 0.7.77 and data-schemas to 0.0.6 * 🏗️ chore: Update version of librechat-data-provider to 0.7.789 --------- Co-authored-by: Danny Avila <danny@librechat.ai>
84 lines
2.6 KiB
TypeScript
84 lines
2.6 KiB
TypeScript
import { Schema, Document } from 'mongoose';
|
|
import { PermissionTypes, Permissions } from 'librechat-data-provider';
|
|
|
|
export interface IRole extends Document {
|
|
name: string;
|
|
permissions: {
|
|
[PermissionTypes.BOOKMARKS]?: {
|
|
[Permissions.USE]?: boolean;
|
|
};
|
|
[PermissionTypes.PROMPTS]?: {
|
|
[Permissions.SHARED_GLOBAL]?: boolean;
|
|
[Permissions.USE]?: boolean;
|
|
[Permissions.CREATE]?: boolean;
|
|
};
|
|
[PermissionTypes.AGENTS]?: {
|
|
[Permissions.SHARED_GLOBAL]?: boolean;
|
|
[Permissions.USE]?: boolean;
|
|
[Permissions.CREATE]?: boolean;
|
|
};
|
|
[PermissionTypes.MULTI_CONVO]?: {
|
|
[Permissions.USE]?: boolean;
|
|
};
|
|
[PermissionTypes.TEMPORARY_CHAT]?: {
|
|
[Permissions.USE]?: boolean;
|
|
};
|
|
[PermissionTypes.RUN_CODE]?: {
|
|
[Permissions.USE]?: boolean;
|
|
};
|
|
};
|
|
}
|
|
|
|
// Create a sub-schema for permissions. Notice we disable _id for this subdocument.
|
|
const rolePermissionsSchema = new Schema(
|
|
{
|
|
[PermissionTypes.BOOKMARKS]: {
|
|
[Permissions.USE]: { type: Boolean, default: true },
|
|
},
|
|
[PermissionTypes.PROMPTS]: {
|
|
[Permissions.SHARED_GLOBAL]: { type: Boolean, default: false },
|
|
[Permissions.USE]: { type: Boolean, default: true },
|
|
[Permissions.CREATE]: { type: Boolean, default: true },
|
|
},
|
|
[PermissionTypes.AGENTS]: {
|
|
[Permissions.SHARED_GLOBAL]: { type: Boolean, default: false },
|
|
[Permissions.USE]: { type: Boolean, default: true },
|
|
[Permissions.CREATE]: { type: Boolean, default: true },
|
|
},
|
|
[PermissionTypes.MULTI_CONVO]: {
|
|
[Permissions.USE]: { type: Boolean, default: true },
|
|
},
|
|
[PermissionTypes.TEMPORARY_CHAT]: {
|
|
[Permissions.USE]: { type: Boolean, default: true },
|
|
},
|
|
[PermissionTypes.RUN_CODE]: {
|
|
[Permissions.USE]: { type: Boolean, default: true },
|
|
},
|
|
},
|
|
{ _id: false },
|
|
);
|
|
|
|
const roleSchema: Schema<IRole> = new Schema({
|
|
name: { type: String, required: true, unique: true, index: true },
|
|
permissions: {
|
|
type: rolePermissionsSchema,
|
|
default: () => ({
|
|
[PermissionTypes.BOOKMARKS]: { [Permissions.USE]: true },
|
|
[PermissionTypes.PROMPTS]: {
|
|
[Permissions.SHARED_GLOBAL]: false,
|
|
[Permissions.USE]: true,
|
|
[Permissions.CREATE]: true,
|
|
},
|
|
[PermissionTypes.AGENTS]: {
|
|
[Permissions.SHARED_GLOBAL]: false,
|
|
[Permissions.USE]: true,
|
|
[Permissions.CREATE]: true,
|
|
},
|
|
[PermissionTypes.MULTI_CONVO]: { [Permissions.USE]: true },
|
|
[PermissionTypes.TEMPORARY_CHAT]: { [Permissions.USE]: true },
|
|
[PermissionTypes.RUN_CODE]: { [Permissions.USE]: true },
|
|
}),
|
|
},
|
|
});
|
|
|
|
export default roleSchema;
|