kamp/anything-llm
1
0
Fork 0
mirror of https://github.com/Mintplex-Labs/anything-llm.git synced 2024-06-02 22:00:09 +02:00
Code Issues Packages Projects Releases Wiki Activity

Apply permissioning on document modification endpoints (#637)

Browse Source
This commit is contained in:
Timothy Carambat 2024-01-22 14:31:19 -08:00 committed by GitHub
parent 9a237db3d1
commit d5cde8b7c2
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 15 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
server/endpoints/system.js
View File

@ -189,7 +189,7 @@ function systemEndpoints(app) {
app.get(
"/system/system-vectors",
[validatedRequest],
[validatedRequest, flexUserRoleValid([ROLES.admin, ROLES.manager])],
async (request, response) => {
try {
const query = queryParams(request);
@ -207,7 +207,7 @@ function systemEndpoints(app) {
app.delete(
"/system/remove-document",
[validatedRequest],
[validatedRequest, flexUserRoleValid([ROLES.admin, ROLES.manager])],
async (request, response) => {
try {
const { name } = reqBody(request);
@ -222,7 +222,7 @@ function systemEndpoints(app) {
app.delete(
"/system/remove-folder",
[validatedRequest],
[validatedRequest, flexUserRoleValid([ROLES.admin, ROLES.manager])],
async (request, response) => {
try {
const { name } = reqBody(request);
@ -235,15 +235,19 @@ function systemEndpoints(app) {
}
);
app.get("/system/local-files", [validatedRequest], async (_, response) => {
try {
const localFiles = await viewLocalFiles();
response.status(200).json({ localFiles });
} catch (e) {
console.log(e.message, e);
response.sendStatus(500).end();
app.get(
"/system/local-files",
[validatedRequest, flexUserRoleValid([ROLES.admin, ROLES.manager])],
async (_, response) => {
try {
const localFiles = await viewLocalFiles();
response.status(200).json({ localFiles });
} catch (e) {
console.log(e.message, e);
response.sendStatus(500).end();
}
}
});
);
app.get(
"/system/document-processing-status",