e115934061
Publish `@librechat/data-schemas` to NPM / pack (push) Failing after 8s
Publish `@librechat/client` to NPM / pack (push) Failing after 0s
GitNexus Index / index (push) Failing after 1s
Sync Locize Translations & Create Translation PR / Create Translation PR on Version Published (push) Has been skipped
Sync Helm Chart Tags / Sync chart tags (push) Failing after 2s
Publish `librechat-data-provider` to NPM / pack (push) Failing after 1s
Docker Dev Images Build / build (Dockerfile, librechat-dev, node) (push) Failing after 1s
Docker Dev Images Build / build (Dockerfile.multi, librechat-dev-api, api-build) (push) Failing after 0s
Sync Helm Chart Tags / Ignore non-main push (push) Has been skipped
Sync Locize Translations & Create Translation PR / Sync Translation Keys with Locize (push) Failing after 1s
Publish `@librechat/client` to NPM / publish-npm (push) Has been cancelled
Publish `librechat-data-provider` to NPM / publish-npm (push) Has been cancelled
GitNexus Index / post-index (push) Has been cancelled
Publish `@librechat/data-schemas` to NPM / publish-npm (push) Has been cancelled
60 lines
1.9 KiB
JavaScript
60 lines
1.9 KiB
JavaScript
const { ResourceType } = require('librechat-data-provider');
|
|
const { canAccessResource } = require('./canAccessResource');
|
|
const { getAgent } = require('~/models');
|
|
|
|
/**
|
|
* Agent ID resolver function
|
|
* Resolves custom agent ID (e.g., "agent_abc123") to MongoDB ObjectId
|
|
*
|
|
* @param {string} agentCustomId - Custom agent ID from route parameter
|
|
* @returns {Promise<Object|null>} Agent document with _id field, or null if not found
|
|
*/
|
|
const resolveAgentId = async (agentCustomId) => {
|
|
return await getAgent({ id: agentCustomId });
|
|
};
|
|
|
|
/**
|
|
* Agent-specific middleware factory that creates middleware to check agent access permissions.
|
|
* This middleware extends the generic canAccessResource to handle agent custom ID resolution.
|
|
*
|
|
* @param {Object} options - Configuration options
|
|
* @param {number} options.requiredPermission - The permission bit required (1=view, 2=edit, 4=delete, 8=share)
|
|
* @param {string} [options.resourceIdParam='id'] - The name of the route parameter containing the agent custom ID
|
|
* @returns {Function} Express middleware function
|
|
*
|
|
* @example
|
|
* // Basic usage for viewing agents
|
|
* router.get('/agents/:id',
|
|
* canAccessAgentResource({ requiredPermission: 1 }),
|
|
* getAgent
|
|
* );
|
|
*
|
|
* @example
|
|
* // Custom resource ID parameter and edit permission
|
|
* router.patch('/agents/:agent_id',
|
|
* canAccessAgentResource({
|
|
* requiredPermission: 2,
|
|
* resourceIdParam: 'agent_id'
|
|
* }),
|
|
* updateAgent
|
|
* );
|
|
*/
|
|
const canAccessAgentResource = (options) => {
|
|
const { requiredPermission, resourceIdParam = 'id' } = options;
|
|
|
|
if (!requiredPermission || typeof requiredPermission !== 'number') {
|
|
throw new Error('canAccessAgentResource: requiredPermission is required and must be a number');
|
|
}
|
|
|
|
return canAccessResource({
|
|
resourceType: ResourceType.AGENT,
|
|
requiredPermission,
|
|
resourceIdParam,
|
|
idResolver: resolveAgentId,
|
|
});
|
|
};
|
|
|
|
module.exports = {
|
|
canAccessAgentResource,
|
|
};
|