LibreChat/api/server/middleware/error.js
Marco Beretta 84ab681adf
fix: enforce forced retention on message edits, feedback, and error saves
Two more message-write paths bypassed ephemeral enforcement:

- The edit and feedback endpoints call updateMessage directly, without loading
  retention config, so editing an older permanent message after a switch to
  ephemeral left the message and its conversation non-temporary and visible.
  Load config on those routes and run a new applyForcedRetention helper after the
  update, which stamps the message and cascades the conversation/messages.

- The sendError and denyRequest middleware save messages with retention config
  but never call saveConvo, so a validation/model error or denied-request message
  could outlive its conversation. Pass capExpiryToConversation like the other
  message-only paths.

Extract the conversation cascade into a shared cascadeForcedConversationRetention
helper used by both saveMessage and applyForcedRetention.
2026-07-01 19:38:01 +02:00

111 lines
3.3 KiB
JavaScript

const crypto = require('crypto');
const { logger } = require('@librechat/data-schemas');
const { parseConvo } = require('librechat-data-provider');
const { sendEvent, handleError, sanitizeMessageForTransmit } = require('@librechat/api');
const { saveMessage, getMessages, getConvo } = require('~/models');
/**
* Processes an error with provided options, saves the error message and sends a corresponding SSE response
* @async
* @param {object} req - The request.
* @param {object} res - The response.
* @param {object} options - The options for handling the error containing message properties.
* @param {object} options.user - The user ID.
* @param {string} options.sender - The sender of the message.
* @param {string} options.conversationId - The conversation ID.
* @param {string} options.messageId - The message ID.
* @param {string} options.parentMessageId - The parent message ID.
* @param {string} options.text - The error message.
* @param {boolean} options.shouldSaveMessage - [Optional] Whether the message should be saved. Default is true.
* @param {function} callback - [Optional] The callback function to be executed.
*/
const sendError = async (req, res, options, callback) => {
const {
user,
sender,
conversationId,
messageId,
parentMessageId,
text,
shouldSaveMessage,
...rest
} = options;
const errorMessage = {
sender,
messageId: messageId ?? crypto.randomUUID(),
conversationId,
parentMessageId,
unfinished: false,
error: true,
final: true,
text,
isCreatedByUser: false,
...rest,
};
if (callback && typeof callback === 'function') {
await callback();
}
if (shouldSaveMessage) {
await saveMessage(
{
userId: req?.user?.id,
isTemporary: req?.body?.isTemporary,
interfaceConfig: req?.config?.interfaceConfig,
},
{ ...errorMessage, user },
{
context: 'api/server/utils/streamResponse.js - sendError',
capExpiryToConversation: true,
},
);
}
if (!errorMessage.error) {
const requestMessage = { messageId: parentMessageId, conversationId };
let query = [],
convo = {};
try {
query = await getMessages(requestMessage);
convo = await getConvo(user, conversationId);
} catch (err) {
logger.error('[sendError] Error retrieving conversation data:', err);
convo = parseConvo(errorMessage);
}
return sendEvent(res, {
final: true,
requestMessage: sanitizeMessageForTransmit(query?.[0] ?? requestMessage),
responseMessage: errorMessage,
conversation: convo,
});
}
handleError(res, errorMessage);
};
/**
* Sends the response based on whether headers have been sent or not.
* @param {ServerRequest} req - The server response.
* @param {Express.Response} res - The server response.
* @param {Object} data - The data to be sent.
* @param {string} [errorMessage] - The error message, if any.
*/
const sendResponse = (req, res, data, errorMessage) => {
if (!res.headersSent) {
if (errorMessage) {
return res.status(500).json({ error: errorMessage });
}
return res.json(data);
}
if (errorMessage) {
return sendError(req, res, { ...data, text: errorMessage });
}
return sendEvent(res, data);
};
module.exports = {
sendError,
sendResponse,
};