@librechat/data-schemas 0.0.46 → 0.0.48

package/dist/types/types/role.d.ts

@@ -28,6 +28,7 @@ import type { Document } from 'mongoose';
 import { CursorPaginationParams } from '~/common';
 export interface IRole extends Document {
     name: string;
+    description?: string;
     permissions: {};
     tenantId?: string;
 }
@@ -35,10 +36,12 @@ export type RolePermissions = IRole['permissions'];
 export type RolePermissionsInput = DeepPartial<RolePermissions>;
 export interface CreateRoleRequest {
     name: string;
+    description?: string;
     permissions: RolePermissionsInput;
 }
 export interface UpdateRoleRequest {
     name?: string;
+    description?: string;
     permissions?: RolePermissionsInput;
 }
 export interface RoleFilterOptions extends CursorPaginationParams {

package/dist/types/types/user.d.ts

@@ -26,6 +26,7 @@
 import type { Document, Types } from 'mongoose';
 import { CursorPaginationParams } from '~/common';
 export interface IUser extends Document {
+    _id: Types.ObjectId;
     name?: string;
     username?: string;
     email: string;
@@ -74,6 +75,14 @@ export interface IUser extends Document {
     /** Field for external source identification (for consistency with TPrincipal schema) */
     idOnTheSource?: string;
     tenantId?: string;
+    federatedTokens?: OIDCTokens;
+    openidTokens?: OIDCTokens;
+}
+export interface OIDCTokens {
+    access_token?: string;
+    id_token?: string;
+    refresh_token?: string;
+    expires_at?: number;
 }
 export interface BalanceConfig {
     enabled?: boolean;

package/dist/types/utils/index.d.ts

@@ -1,5 +1,6 @@
 export * from './principal';
 export * from './string';
 export * from './tempChatRetention';
+export { tenantSafeBulkWrite } from './tenantBulkWrite';
 export * from './transactions';
 export * from './objectId';

package/dist/types/utils/tenantBulkWrite.d.ts

@@ -0,0 +1,45 @@
+/// <reference types="mongoose/types/aggregate" />
+/// <reference types="mongoose/types/callback" />
+/// <reference types="mongoose/types/collection" />
+/// <reference types="mongoose/types/connection" />
+/// <reference types="mongoose/types/cursor" />
+/// <reference types="mongoose/types/document" />
+/// <reference types="mongoose/types/error" />
+/// <reference types="mongoose/types/expressions" />
+/// <reference types="mongoose/types/helpers" />
+/// <reference types="mongoose/types/middlewares" />
+/// <reference types="mongoose/types/indexes" />
+/// <reference types="mongoose/types/models" />
+/// <reference types="mongoose/types/mongooseoptions" />
+/// <reference types="mongoose/types/pipelinestage" />
+/// <reference types="mongoose/types/populate" />
+/// <reference types="mongoose/types/query" />
+/// <reference types="mongoose/types/schemaoptions" />
+/// <reference types="mongoose/types/schematypes" />
+/// <reference types="mongoose/types/session" />
+/// <reference types="mongoose/types/types" />
+/// <reference types="mongoose/types/utility" />
+/// <reference types="mongoose/types/validation" />
+/// <reference types="mongoose/types/virtuals" />
+/// <reference types="mongoose/types/inferschematype" />
+/// <reference types="mongoose/types/inferrawdoctype" />
+import type { AnyBulkWriteOperation, Model, MongooseBulkWriteOptions } from 'mongoose';
+import type { BulkWriteResult } from 'mongodb';
+/** Resets the cached strict-mode flag. Exposed for test teardown only. */
+export declare function _resetBulkWriteStrictCache(): void;
+/**
+ * Tenant-safe wrapper around Mongoose `Model.bulkWrite()`.
+ *
+ * Mongoose's `bulkWrite` does not trigger schema-level middleware hooks, so the
+ * `applyTenantIsolation` plugin cannot intercept it. This wrapper injects the
+ * current ALS tenant context into every operation's filter and/or document
+ * before delegating to the native `bulkWrite`.
+ *
+ * Behavior:
+ * - **tenantId present** (normal request): injects `{ tenantId }` into every
+ *   operation filter (updateOne, deleteOne, replaceOne) and document (insertOne).
+ * - **SYSTEM_TENANT_ID**: skips injection (cross-tenant system operation).
+ * - **No tenantId + strict mode**: throws (fail-closed, same as the plugin).
+ * - **No tenantId + non-strict**: passes through without injection (backward compat).
+ */
+export declare function tenantSafeBulkWrite<T>(model: Model<T>, ops: AnyBulkWriteOperation[], options?: MongooseBulkWriteOptions): Promise<BulkWriteResult>;

package/dist/utils/tenantBulkWrite.cjs

@@ -0,0 +1,85 @@
+'use strict';
+
+var tenantContext = require('../config/tenantContext.cjs');
+var winston = require('../config/winston.cjs');
+
+let _strictMode;
+function isStrict() {
+    return (_strictMode !== null && _strictMode !== void 0 ? _strictMode : (_strictMode = process.env.TENANT_ISOLATION_STRICT === 'true'));
+}
+/**
+ * Tenant-safe wrapper around Mongoose `Model.bulkWrite()`.
+ *
+ * Mongoose's `bulkWrite` does not trigger schema-level middleware hooks, so the
+ * `applyTenantIsolation` plugin cannot intercept it. This wrapper injects the
+ * current ALS tenant context into every operation's filter and/or document
+ * before delegating to the native `bulkWrite`.
+ *
+ * Behavior:
+ * - **tenantId present** (normal request): injects `{ tenantId }` into every
+ *   operation filter (updateOne, deleteOne, replaceOne) and document (insertOne).
+ * - **SYSTEM_TENANT_ID**: skips injection (cross-tenant system operation).
+ * - **No tenantId + strict mode**: throws (fail-closed, same as the plugin).
+ * - **No tenantId + non-strict**: passes through without injection (backward compat).
+ */
+async function tenantSafeBulkWrite(model, ops, options) {
+    const tenantId = tenantContext.getTenantId();
+    if (!tenantId) {
+        if (isStrict()) {
+            throw new Error(`[TenantIsolation] bulkWrite on ${model.modelName} attempted without tenant context in strict mode`);
+        }
+        return model.bulkWrite(ops, options);
+    }
+    if (tenantId === tenantContext.SYSTEM_TENANT_ID) {
+        return model.bulkWrite(ops, options);
+    }
+    const injected = ops.map((op) => injectTenantId(op, tenantId));
+    return model.bulkWrite(injected, options);
+}
+/**
+ * Injects `tenantId` into a single bulk-write operation.
+ * Returns a new operation object — does not mutate the original.
+ */
+function injectTenantId(op, tenantId) {
+    if ('insertOne' in op) {
+        return {
+            insertOne: {
+                document: { ...op.insertOne.document, tenantId },
+            },
+        };
+    }
+    if ('updateOne' in op) {
+        const { filter, ...rest } = op.updateOne;
+        return { updateOne: { ...rest, filter: { ...filter, tenantId } } };
+    }
+    if ('updateMany' in op) {
+        const { filter, ...rest } = op.updateMany;
+        return { updateMany: { ...rest, filter: { ...filter, tenantId } } };
+    }
+    if ('deleteOne' in op) {
+        const { filter, ...rest } = op.deleteOne;
+        return { deleteOne: { ...rest, filter: { ...filter, tenantId } } };
+    }
+    if ('deleteMany' in op) {
+        const { filter, ...rest } = op.deleteMany;
+        return { deleteMany: { ...rest, filter: { ...filter, tenantId } } };
+    }
+    if ('replaceOne' in op) {
+        const { filter, replacement, ...rest } = op.replaceOne;
+        return {
+            replaceOne: {
+                ...rest,
+                filter: { ...filter, tenantId },
+                replacement: { ...replacement, tenantId },
+            },
+        };
+    }
+    if (isStrict()) {
+        throw new Error('[TenantIsolation] Unknown bulkWrite operation type in strict mode — refusing to pass through without tenant injection');
+    }
+    winston.warn('[tenantSafeBulkWrite] Unknown bulk op type, passing through without tenant injection');
+    return op;
+}
+
+exports.tenantSafeBulkWrite = tenantSafeBulkWrite;
+//# sourceMappingURL=tenantBulkWrite.cjs.map

package/dist/utils/tenantBulkWrite.cjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"tenantBulkWrite.cjs","sources":["../../src/utils/tenantBulkWrite.ts"],"sourcesContent":[null],"names":["getTenantId","SYSTEM_TENANT_ID","logger"],"mappings":";;;;;AAKA,IAAI,WAAgC;AAEpC,SAAS,QAAQ,GAAA;AACf,IAAA,QAAQ,WAAW,KAAA,IAAA,IAAX,WAAW,KAAA,MAAA,GAAX,WAAW,IAAX,WAAW,GAAK,OAAO,CAAC,GAAG,CAAC,uBAAuB,KAAK,MAAM;AACxE;AAOA;;;;;;;;;;;;;;AAcG;AACI,eAAe,mBAAmB,CACvC,KAAe,EACf,GAA4B,EAC5B,OAAkC,EAAA;AAElC,IAAA,MAAM,QAAQ,GAAGA,yBAAW,EAAE;IAE9B,IAAI,CAAC,QAAQ,EAAE;QACb,IAAI,QAAQ,EAAE,EAAE;YACd,MAAM,IAAI,KAAK,CACb,CAAA,+BAAA,EAAkC,KAAK,CAAC,SAAS,CAAA,gDAAA,CAAkD,CACpG;QACH;QACA,OAAO,KAAK,CAAC,SAAS,CAAC,GAAG,EAAE,OAAO,CAAC;IACtC;AAEA,IAAA,IAAI,QAAQ,KAAKC,8BAAgB,EAAE;QACjC,OAAO,KAAK,CAAC,SAAS,CAAC,GAAG,EAAE,OAAO,CAAC;IACtC;AAEA,IAAA,MAAM,QAAQ,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,cAAc,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC;IAC9D,OAAO,KAAK,CAAC,SAAS,CAAC,QAAQ,EAAE,OAAO,CAAC;AAC3C;AAEA;;;AAGG;AACH,SAAS,cAAc,CAAC,EAAyB,EAAE,QAAgB,EAAA;AACjE,IAAA,IAAI,WAAW,IAAI,EAAE,EAAE;QACrB,OAAO;AACL,YAAA,SAAS,EAAE;gBACT,QAAQ,EAAE,EAAE,GAAG,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,QAAQ,EAAE;AACjD,aAAA;SACF;IACH;AAEA,IAAA,IAAI,WAAW,IAAI,EAAE,EAAE;QACrB,MAAM,EAAE,MAAM,EAAE,GAAG,IAAI,EAAE,GAAG,EAAE,CAAC,SAAS;AACxC,QAAA,OAAO,EAAE,SAAS,EAAE,EAAE,GAAG,IAAI,EAAE,MAAM,EAAE,EAAE,GAAG,MAAM,EAAE,QAAQ,EAAE,EAAE,EAAE;IACpE;AAEA,IAAA,IAAI,YAAY,IAAI,EAAE,EAAE;QACtB,MAAM,EAAE,MAAM,EAAE,GAAG,IAAI,EAAE,GAAG,EAAE,CAAC,UAAU;AACzC,QAAA,OAAO,EAAE,UAAU,EAAE,EAAE,GAAG,IAAI,EAAE,MAAM,EAAE,EAAE,GAAG,MAAM,EAAE,QAAQ,EAAE,EAAE,EAAE;IACrE;AAEA,IAAA,IAAI,WAAW,IAAI,EAAE,EAAE;QACrB,MAAM,EAAE,MAAM,EAAE,GAAG,IAAI,EAAE,GAAG,EAAE,CAAC,SAAS;AACxC,QAAA,OAAO,EAAE,SAAS,EAAE,EAAE,GAAG,IAAI,EAAE,MAAM,EAAE,EAAE,GAAG,MAAM,EAAE,QAAQ,EAAE,EAAE,EAAE;IACpE;AAEA,IAAA,IAAI,YAAY,IAAI,EAAE,EAAE;QACtB,MAAM,EAAE,MAAM,EAAE,GAAG,IAAI,EAAE,GAAG,EAAE,CAAC,UAAU;AACzC,QAAA,OAAO,EAAE,UAAU,EAAE,EAAE,GAAG,IAAI,EAAE,MAAM,EAAE,EAAE,GAAG,MAAM,EAAE,QAAQ,EAAE,EAAE,EAAE;IACrE;AAEA,IAAA,IAAI,YAAY,IAAI,EAAE,EAAE;AACtB,QAAA,MAAM,EAAE,MAAM,EAAE,WAAW,EAAE,GAAG,IAAI,EAAE,GAAG,EAAE,CAAC,UAAU;QACtD,OAAO;AACL,YAAA,UAAU,EAAE;AACV,gBAAA,GAAG,IAAI;AACP,gBAAA,MAAM,EAAE,EAAE,GAAG,MAAM,EAAE,QAAQ,EAAE;AAC/B,gBAAA,WAAW,EAAE,EAAE,GAAG,WAAW,EAAE,QAAQ,EAAE;AAC1C,aAAA;SACF;IACH;IAEA,IAAI,QAAQ,EAAE,EAAE;AACd,QAAA,MAAM,IAAI,KAAK,CACb,uHAAuH,CACxH;IACH;AACA,IAAAC,OAAM,CAAC,IAAI,CACT,sFAAsF,CACvF;AACD,IAAA,OAAO,EAAE;AACX;;;;"}

package/dist/utils/tenantBulkWrite.es.js

@@ -0,0 +1,83 @@
+import { getTenantId, SYSTEM_TENANT_ID } from '../config/tenantContext.es.js';
+import logger from '../config/winston.es.js';
+
+let _strictMode;
+function isStrict() {
+    return (_strictMode !== null && _strictMode !== void 0 ? _strictMode : (_strictMode = process.env.TENANT_ISOLATION_STRICT === 'true'));
+}
+/**
+ * Tenant-safe wrapper around Mongoose `Model.bulkWrite()`.
+ *
+ * Mongoose's `bulkWrite` does not trigger schema-level middleware hooks, so the
+ * `applyTenantIsolation` plugin cannot intercept it. This wrapper injects the
+ * current ALS tenant context into every operation's filter and/or document
+ * before delegating to the native `bulkWrite`.
+ *
+ * Behavior:
+ * - **tenantId present** (normal request): injects `{ tenantId }` into every
+ *   operation filter (updateOne, deleteOne, replaceOne) and document (insertOne).
+ * - **SYSTEM_TENANT_ID**: skips injection (cross-tenant system operation).
+ * - **No tenantId + strict mode**: throws (fail-closed, same as the plugin).
+ * - **No tenantId + non-strict**: passes through without injection (backward compat).
+ */
+async function tenantSafeBulkWrite(model, ops, options) {
+    const tenantId = getTenantId();
+    if (!tenantId) {
+        if (isStrict()) {
+            throw new Error(`[TenantIsolation] bulkWrite on ${model.modelName} attempted without tenant context in strict mode`);
+        }
+        return model.bulkWrite(ops, options);
+    }
+    if (tenantId === SYSTEM_TENANT_ID) {
+        return model.bulkWrite(ops, options);
+    }
+    const injected = ops.map((op) => injectTenantId(op, tenantId));
+    return model.bulkWrite(injected, options);
+}
+/**
+ * Injects `tenantId` into a single bulk-write operation.
+ * Returns a new operation object — does not mutate the original.
+ */
+function injectTenantId(op, tenantId) {
+    if ('insertOne' in op) {
+        return {
+            insertOne: {
+                document: { ...op.insertOne.document, tenantId },
+            },
+        };
+    }
+    if ('updateOne' in op) {
+        const { filter, ...rest } = op.updateOne;
+        return { updateOne: { ...rest, filter: { ...filter, tenantId } } };
+    }
+    if ('updateMany' in op) {
+        const { filter, ...rest } = op.updateMany;
+        return { updateMany: { ...rest, filter: { ...filter, tenantId } } };
+    }
+    if ('deleteOne' in op) {
+        const { filter, ...rest } = op.deleteOne;
+        return { deleteOne: { ...rest, filter: { ...filter, tenantId } } };
+    }
+    if ('deleteMany' in op) {
+        const { filter, ...rest } = op.deleteMany;
+        return { deleteMany: { ...rest, filter: { ...filter, tenantId } } };
+    }
+    if ('replaceOne' in op) {
+        const { filter, replacement, ...rest } = op.replaceOne;
+        return {
+            replaceOne: {
+                ...rest,
+                filter: { ...filter, tenantId },
+                replacement: { ...replacement, tenantId },
+            },
+        };
+    }
+    if (isStrict()) {
+        throw new Error('[TenantIsolation] Unknown bulkWrite operation type in strict mode — refusing to pass through without tenant injection');
+    }
+    logger.warn('[tenantSafeBulkWrite] Unknown bulk op type, passing through without tenant injection');
+    return op;
+}
+
+export { tenantSafeBulkWrite };
+//# sourceMappingURL=tenantBulkWrite.es.js.map

package/dist/utils/tenantBulkWrite.es.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"tenantBulkWrite.es.js","sources":["../../src/utils/tenantBulkWrite.ts"],"sourcesContent":[null],"names":[],"mappings":";;;AAKA,IAAI,WAAgC;AAEpC,SAAS,QAAQ,GAAA;AACf,IAAA,QAAQ,WAAW,KAAA,IAAA,IAAX,WAAW,KAAA,MAAA,GAAX,WAAW,IAAX,WAAW,GAAK,OAAO,CAAC,GAAG,CAAC,uBAAuB,KAAK,MAAM;AACxE;AAOA;;;;;;;;;;;;;;AAcG;AACI,eAAe,mBAAmB,CACvC,KAAe,EACf,GAA4B,EAC5B,OAAkC,EAAA;AAElC,IAAA,MAAM,QAAQ,GAAG,WAAW,EAAE;IAE9B,IAAI,CAAC,QAAQ,EAAE;QACb,IAAI,QAAQ,EAAE,EAAE;YACd,MAAM,IAAI,KAAK,CACb,CAAA,+BAAA,EAAkC,KAAK,CAAC,SAAS,CAAA,gDAAA,CAAkD,CACpG;QACH;QACA,OAAO,KAAK,CAAC,SAAS,CAAC,GAAG,EAAE,OAAO,CAAC;IACtC;AAEA,IAAA,IAAI,QAAQ,KAAK,gBAAgB,EAAE;QACjC,OAAO,KAAK,CAAC,SAAS,CAAC,GAAG,EAAE,OAAO,CAAC;IACtC;AAEA,IAAA,MAAM,QAAQ,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,cAAc,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC;IAC9D,OAAO,KAAK,CAAC,SAAS,CAAC,QAAQ,EAAE,OAAO,CAAC;AAC3C;AAEA;;;AAGG;AACH,SAAS,cAAc,CAAC,EAAyB,EAAE,QAAgB,EAAA;AACjE,IAAA,IAAI,WAAW,IAAI,EAAE,EAAE;QACrB,OAAO;AACL,YAAA,SAAS,EAAE;gBACT,QAAQ,EAAE,EAAE,GAAG,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,QAAQ,EAAE;AACjD,aAAA;SACF;IACH;AAEA,IAAA,IAAI,WAAW,IAAI,EAAE,EAAE;QACrB,MAAM,EAAE,MAAM,EAAE,GAAG,IAAI,EAAE,GAAG,EAAE,CAAC,SAAS;AACxC,QAAA,OAAO,EAAE,SAAS,EAAE,EAAE,GAAG,IAAI,EAAE,MAAM,EAAE,EAAE,GAAG,MAAM,EAAE,QAAQ,EAAE,EAAE,EAAE;IACpE;AAEA,IAAA,IAAI,YAAY,IAAI,EAAE,EAAE;QACtB,MAAM,EAAE,MAAM,EAAE,GAAG,IAAI,EAAE,GAAG,EAAE,CAAC,UAAU;AACzC,QAAA,OAAO,EAAE,UAAU,EAAE,EAAE,GAAG,IAAI,EAAE,MAAM,EAAE,EAAE,GAAG,MAAM,EAAE,QAAQ,EAAE,EAAE,EAAE;IACrE;AAEA,IAAA,IAAI,WAAW,IAAI,EAAE,EAAE;QACrB,MAAM,EAAE,MAAM,EAAE,GAAG,IAAI,EAAE,GAAG,EAAE,CAAC,SAAS;AACxC,QAAA,OAAO,EAAE,SAAS,EAAE,EAAE,GAAG,IAAI,EAAE,MAAM,EAAE,EAAE,GAAG,MAAM,EAAE,QAAQ,EAAE,EAAE,EAAE;IACpE;AAEA,IAAA,IAAI,YAAY,IAAI,EAAE,EAAE;QACtB,MAAM,EAAE,MAAM,EAAE,GAAG,IAAI,EAAE,GAAG,EAAE,CAAC,UAAU;AACzC,QAAA,OAAO,EAAE,UAAU,EAAE,EAAE,GAAG,IAAI,EAAE,MAAM,EAAE,EAAE,GAAG,MAAM,EAAE,QAAQ,EAAE,EAAE,EAAE;IACrE;AAEA,IAAA,IAAI,YAAY,IAAI,EAAE,EAAE;AACtB,QAAA,MAAM,EAAE,MAAM,EAAE,WAAW,EAAE,GAAG,IAAI,EAAE,GAAG,EAAE,CAAC,UAAU;QACtD,OAAO;AACL,YAAA,UAAU,EAAE;AACV,gBAAA,GAAG,IAAI;AACP,gBAAA,MAAM,EAAE,EAAE,GAAG,MAAM,EAAE,QAAQ,EAAE;AAC/B,gBAAA,WAAW,EAAE,EAAE,GAAG,WAAW,EAAE,QAAQ,EAAE;AAC1C,aAAA;SACF;IACH;IAEA,IAAI,QAAQ,EAAE,EAAE;AACd,QAAA,MAAM,IAAI,KAAK,CACb,uHAAuH,CACxH;IACH;AACA,IAAA,MAAM,CAAC,IAAI,CACT,sFAAsF,CACvF;AACD,IAAA,OAAO,EAAE;AACX;;;;"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@librechat/data-schemas",
-  "version": "0.0.46",
+  "version": "0.0.48",
   "description": "Mongoose schemas and models for LibreChat",
   "type": "module",
   "main": "dist/index.cjs",