Previously, suspended users could continue using browser extension
endpoints if they had created an API key before suspension. The normal
JWT session path blocked suspended users, but the browser extension
middleware did not.
Changes:
- Add suspension and user existence checks to validBrowserExtensionApiKey
- Delete browser extension API keys when a user is deleted
- Add deleteAllForUser method to BrowserExtensionApiKey model
GHSA-7754-8jcc-2rg3
* add eslint config to server
* add break statements to switch case
* add support for browser globals and turn off empty catch blocks
* disable lines with useless try/catch wrappers
* format
* fix no-undef errors
* disbale lines violating no-unsafe-finally
* ignore syncStaticLists.mjs
* use proper null check for creatorId instead of unreachable nullish coalescing
* remove unneeded typescript eslint comment
* make no-unused-private-class-members a warning
* disable line for no-empty-objects
* add new lint script
* fix no-unused-vars violations
* make no-unsued-vars an error
---------
Co-authored-by: shatfield4 <seanhatfield5@gmail.com>
Co-authored-by: Timothy Carambat <rambat1010@gmail.com>
* Migrate all existing deprecated system preferences endpoint services to new service by field | delete old endpoint and service
* format
* destructure settings from response
* nitpick
---------
Co-authored-by: shatfield4 <seanhatfield5@gmail.com>
Co-authored-by: Timothy Carambat <rambat1010@gmail.com>
* Add the ability to edit existing SQL connections
* Enhance SQL connection management by adding connections prop to DBConnection and SQLConnectionModal components for improved duplicate detection and handling.
* format
* fix: prevent input defocus in SQL connection edit modal
Fixed an issue where typing in input fields would cause the field to lose
focus during editing. The useEffect dependency array was using the entire
existingConnection object, which could change reference on parent re-renders,
triggering unnecessary re-fetches and unmounting form inputs.
Changed the dependency to use the primitive database_id value instead of the
object reference, ensuring the effect only runs when the actual connection
being edited changes.
* fix: prevent duplicate SQL connections from being created
Fixed an issue where saving SQL connections multiple times would create
duplicate entries with auto-generated hash suffixes (e.g., my-db-abc7).
This occurred because the frontend maintained stale action properties on
connections after saves, causing the backend to treat already-saved
connections as new additions.
Backend changes (server/models/systemSettings.js):
- Modified mergeConnections to skip action:add items that already exist
- Reject duplicate updates instead of auto-renaming with UUID suffixes
- Check if original connection exists before applying updates
Frontend changes:
- Added hasChanges prop to SQL connector component
- Automatically refresh connections from backend after successful save
- Ensures local state has clean data without stale action properties
This prevents the creation of confusing duplicate entries and ensures
only the connections the user explicitly created are stored.
* Refactor to use existing system settings endpoint for getting agent SQL connections | Add better documentation
* Simplify handleUpdateConnection handler
* refactor mergeConnections to use map
* remove console log
* fix bug where edit SQL connection modal values werent recomputed after re-opening
* Add loading state for fetching agent SQL connections
* tooltip
* remove unused import
* Put skip conditions in switch statement
* throw error if default switch case is triggered
---------
Co-authored-by: shatfield4 <seanhatfield5@gmail.com>
Co-authored-by: Timothy Carambat <rambat1010@gmail.com>
* set message limit per user
* remove old limit user messages + unused admin page
* fix daily message validation
* refactor message limit input
refactor canSendChat on user to a method on user model
---------
Co-authored-by: timothycarambat <rambat1010@gmail.com>
* wip bg workers for live document sync
* Add ability to re-embed specific documents across many workspaces via background queue
bgworkser is gated behind expieremental system setting flag that needs to be explictly enabled
UI for watching/unwatching docments that are embedded.
TODO: UI to easily manage all bg tasks and see run results
TODO: UI to enable this feature and background endpoints to manage it
* create frontend views and paths
Move elements to correct experimental scope
* update migration to delete runs on removal of watched document
* Add watch support to YouTube transcripts (#1716)
* Add watch support to YouTube transcripts
refactor how sync is done for supported types
* Watch specific files in Confluence space (#1718)
Add failure-prune check for runs
* create tmp workflow modifications for beta image
* create tmp workflow modifications for beta image
* create tmp workflow modifications for beta image
* dual build
update copy of alert modals
* update job interval
* Add support for live-sync of Github files
* update copy for document sync feature
* hide Experimental features from UI
* update docs links
* [FEAT] Implement new settings menu for experimental features (#1735)
* implement new settings menu for experimental features
* remove unused context save bar
---------
Co-authored-by: timothycarambat <rambat1010@gmail.com>
* dont run job on boot
* unset workflow changes
* Add persistent encryption service
Relay key to collector so persistent encryption can be used
Encrypt any private data in chunkSources used for replay during resync jobs
* update jsDOC
* Linting and organization
* update modal copy for feature
---------
Co-authored-by: Sean Hatfield <seanhatfield5@gmail.com>
* implement custom icon on login screen for single & multi user + custom app name feature
* hide field when not relevant
* set customApp name
* show original anythingllm login logo unless custom logo is set
* nit-picks
* remove console log
---------
Co-authored-by: timothycarambat <rambat1010@gmail.com>
* Support SQL Agent skill
* add MSSQL agent connector
* Add frontend to agent skills
remove FAKE_DB mock
reset skills to pickup child-skill dynamically
* add prompt examples for tools on untooled
* add better logging on SQL agents
* Wipe toolruns on each chat relay so tools can be used within the same session
* update comments
* members workspace settings menu and admin users UI updates
* change copy/fix admin and managers in workspace when not showing in UI
* remove existing workspace user mgmt modal
---------
Co-authored-by: timothycarambat <rambat1010@gmail.com>
* WIP custom footer icons
* UI for updating footer icons complete and backend to save/modify
* add backend for unprotected footer fetch
* break out footer into separate component and render footer items using a cache for 1 hour
* wip review
* refactor & cleanup
* Optimize footer form component
Optimize caching for footer icons
Add validation on SystemSetting upserts
Normalize fallback items for footer_data
* Adjust max icons to 3
* fix success message on remove
* fix success message on remove
---------
Co-authored-by: timothycarambat <rambat1010@gmail.com>
* WIP event logging - new table for events and new settings view for viewing
* WIP add logging
* UI for log rows
* rename files to Logging to prevent getting gitignore
* add metadata for all logging events and colored badges in logs page
* remove unneeded comment
* cleanup namespace for logging
* clean up backend calls
* update logging to show to => from settings changes
* add logging for invitations, created, deleted, and accepted
* add logging for user created, updated, suspended, or removed
* add logging for workspace deleted
* add logging for chat logs exported
* add logging for API keys, LLM, embedder, vector db, embed chat, and reset button
* modify event logs
* update to event log types
* simplify rendering of event badges
---------
Co-authored-by: timothycarambat <rambat1010@gmail.com>
* Implement total permission overhaul
Add explicit permissions on each flex and strict route
Patch issues with role escalation and CRUD of users
Patch permissions on all routes for coverage
Improve middleware to accept role array for clarity
* update comments
* remove permissions to API-keys for manager. Manager could generate API-key and using high-privelege api-key give themselves admin
* update sidebar permissions for multi-user and single user
* update options for mobile sidebar
* added manager role to options
* block default role from editing workspace settings on workspace and text input box
* block default user from accessing settings at all
* create manager route
* let pass through if in single user mode
* fix permissions for manager and admin roles in settings
* fix settings button for single user and remove unneeded console.logs
* rename routes and paths for clarity
* admin, manager, default roles complete
* remove unneeded comments
* consistency changes
* manage permissions for mum modes
* update sidebar for single-user mode
* update comment on middleware
Modify permission setting for admins
* update render conditional
* Add role usage hint to each role
---------
Co-authored-by: timothycarambat <rambat1010@gmail.com>
* added JSONL export to workspace chats
* change permissions for workspace chat settings
* change permissions for workspace chat settings
* Show error for correct limit on fine-tune
Change sidebar position and permission
Remove check for MUM
---------
Co-authored-by: timothycarambat <rambat1010@gmail.com>
* WIP converted all sqlite models into prisma calls
* modify db setup and fix ApiKey model calls in admin.js
* renaming function params to be consistent
* converted adminEndpoints to utilize prisma orm
* converted chatEndpoints to utilize prisma orm
* converted inviteEndpoints to utilize prisma orm
* converted systemEndpoints to utilize prisma orm
* converted workspaceEndpoints to utilize prisma orm
* converting sql queries to prisma calls
* fixed default param bug for orderBy and limit
* fixed typo for workspace chats
* fixed order of deletion to account for sql relations
* fix invite CRUD and workspace management CRUD
* fixed CRUD for api keys
* created prisma setup scripts/docs for understanding how to use prisma
* prisma dependency change
* removing unneeded console.logs
* removing unneeded sql escape function
* linting and creating migration script
* migration from depreciated sqlite script update
* removing unneeded migrations in prisma folder
* create backup of old sqlite db and use transactions to ensure all operations complete successfully
* adding migrations to gitignore
* updated PRISMA.md docs for info on how to use sqlite migration script
* comment changes
* adding back migrations folder to repo
* Reviewing SQL and prisma integraiton on fresh repo
* update inline key replacement
* ensure migration script executes and maps foreign_keys regardless of db ordering
* run migration endpoint
* support new prisma backend
* bump version
* change migration call
---------
Co-authored-by: timothycarambat <rambat1010@gmail.com>
* Autodocument Swagger API with JSDocs on /v1/ endpoints for API access
implement single-player API keys
WIP Admin API Keys
* Create new api keys as both single and multi-user
* Add boot and telem
* Complete Admin API
* Complete endpoints
dark mode swagger
* update docs
* undo debug
* update docs and readme
* implemented logo customization for single-user mode
* removing unneeded comments
* added dark and light mode support for default logo
* implemented dark and light mode switching in frontend
* fixed dark and light mode switching for failed to load logo from backend
* removed unneeded comment
* custom logos for admin implemented
* refactor logo mgmt functions
abstract logo management utils into their own file for simplicity
* added settings tab for appearance on single-user mode
* unchecking files with unneeded changes
* fixed appearance settings tab to be hidden on multiuser mode
* allow readall for logo
---------
Co-authored-by: timothycarambat <rambat1010@gmail.com>
* multi user wip
* WIP MUM features
* invitation mgmt
* suspend or unsuspend users
* workspace mangement
* manage chats
* manage chats
* add Support for admin system settings for users to delete workspaces and limit chats per user
* fix issue ith system var
update app to lazy load invite page
* cleanup and bug fixes
* wrong method
* update readme
* update readme
* update readme
* bump version to 0.1.0
