mirror of
https://github.com/Mintplex-Labs/anything-llm.git
synced 2024-11-19 20:50:09 +01:00
fa29003a46
* added manager role to options * block default role from editing workspace settings on workspace and text input box * block default user from accessing settings at all * create manager route * let pass through if in single user mode * fix permissions for manager and admin roles in settings * fix settings button for single user and remove unneeded console.logs * rename routes and paths for clarity * admin, manager, default roles complete * remove unneeded comments * consistency changes * manage permissions for mum modes * update sidebar for single-user mode * update comment on middleware Modify permission setting for admins * update render conditional * Add role usage hint to each role --------- Co-authored-by: timothycarambat <rambat1010@gmail.com>
42 lines
1.4 KiB
JavaScript
42 lines
1.4 KiB
JavaScript
const { SystemSettings } = require("../../models/systemSettings");
|
|
const { userFromSession } = require("../http");
|
|
|
|
const ROLES = ["admin", "manager"];
|
|
|
|
// Explicitly check that multi user mode is enabled as well as that the
|
|
// requesting user has the appropriate role to modify or call the URL.
|
|
async function strictMultiUserRoleValid(request, response, next) {
|
|
const multiUserMode =
|
|
response.locals?.multiUserMode ?? (await SystemSettings.isMultiUserMode());
|
|
if (!multiUserMode) return response.sendStatus(401).end();
|
|
|
|
const user =
|
|
response.locals?.user ?? (await userFromSession(request, response));
|
|
if (!ROLES.includes(user?.role)) return response.sendStatus(401).end();
|
|
|
|
next();
|
|
}
|
|
|
|
// Apply role permission checks IF the current system is in multi-user mode.
|
|
// This is relevant for routes that are shared between MUM and single-user mode.
|
|
// Checks if the requesting user has the appropriate role to modify or call the URL.
|
|
async function flexUserRoleValid(request, response, next) {
|
|
const multiUserMode =
|
|
response.locals?.multiUserMode ?? (await SystemSettings.isMultiUserMode());
|
|
if (!multiUserMode) {
|
|
next();
|
|
return;
|
|
}
|
|
|
|
const user =
|
|
response.locals?.user ?? (await userFromSession(request, response));
|
|
if (!ROLES.includes(user?.role)) return response.sendStatus(401).end();
|
|
|
|
next();
|
|
}
|
|
|
|
module.exports = {
|
|
strictMultiUserRoleValid,
|
|
flexUserRoleValid,
|
|
};
|