mirror of
https://github.com/danny-avila/LibreChat.git
synced 2026-03-17 05:06:32 +01:00
8dc6d60750
* 🛡️ fix: Enforce MULTI_CONVO and agent ACL checks on addedConvo
addedConvo.agent_id was passed through to loadAddedAgent without any
permission check, enabling an authenticated user to load and execute
another user's private agent via the parallel multi-convo feature.
The middleware now chains a checkAddedConvoAccess gate after the primary
agent check: when req.body.addedConvo is present it verifies the user
has MULTI_CONVO:USE role permission, and when the addedConvo agent_id is
a real (non-ephemeral) agent it runs the same canAccessResource ACL
check used for the primary agent.
* refactor: Harden addedConvo middleware and avoid duplicate agent fetch
- Convert checkAddedConvoAccess to curried factory matching Express
middleware signature: (requiredPermission) => (req, res, next)
- Call checkPermission directly for the addedConvo agent instead of
routing through canAccessResource's tempReq pattern; this avoids
orphaning the resolved agent document and enables caching it on
req.resolvedAddedAgent for downstream loadAddedAgent
- Update loadAddedAgent to use req.resolvedAddedAgent when available,
eliminating a duplicate getAgent DB call per chat request
- Validate addedConvo is a plain object and agent_id is a string
before passing to isEphemeralAgentId (prevents TypeError on object
injection, returns 400-equivalent early exit instead of 500)
- Fix JSDoc: "VIEW access" → "same permission as primary agent",
add @param/@returns to helpers, restore @example on factory
- Fix redundant return await in resolveAgentIdFromBody
* test: Add canAccessAgentFromBody spec covering IDOR fix
26 integration tests using MongoMemoryServer with real models, ACL
entries, and PermissionService — no mocks for core logic.
Covered paths:
- Factory validation (requiredPermission type check)
- Primary agent: missing agent_id, ephemeral, non-agents endpoint
- addedConvo absent / invalid shape (string, array, object injection)
- MULTI_CONVO:USE gate: denied, missing role, ADMIN bypass
- Agent resource ACL: no ACL → 403, insufficient bits → 403,
nonexistent agent → 404, valid ACL → next + cached on req
- End-to-end: both real agents, primary denied short-circuits,
ephemeral primary + real addedConvo
|
||
|---|---|---|
| .. | ||
| Action.js | ||
| Action.spec.js | ||
| Agent.js | ||
| Agent.spec.js | ||
| Assistant.js | ||
| balanceMethods.js | ||
| Banner.js | ||
| Categories.js | ||
| Conversation.js | ||
| Conversation.spec.js | ||
| ConversationTag.js | ||
| convoStructure.spec.js | ||
| File.js | ||
| File.spec.js | ||
| index.js | ||
| interface.js | ||
| inviteUser.js | ||
| loadAddedAgent.js | ||
| Message.js | ||
| Message.spec.js | ||
| Preset.js | ||
| Project.js | ||
| Prompt.js | ||
| Prompt.spec.js | ||
| PromptGroupMigration.spec.js | ||
| Role.js | ||
| Role.spec.js | ||
| spendTokens.js | ||
| spendTokens.spec.js | ||
| ToolCall.js | ||
| Transaction.js | ||
| Transaction.spec.js | ||
| tx.js | ||
| tx.spec.js | ||
| userMethods.js | ||