mirror of
https://github.com/danny-avila/LibreChat.git
synced 2026-07-02 04:12:36 +00:00
Resolve mcpSettings.apps per request through the tenant-scoped allowlist resolver (inheriting the
YAML base when omitted) and consult it in callTool: when a tenant/role/user has apps disabled, the
tool result is returned with no UI resource attached, so those users no longer get a broken iframe
that the gated app endpoints reject. The OAuth-path connection advertises the resolved value.
Constrain query and query-continuation URI-template operators to their declared variable names
instead of the whole query string, so a template like file://items{?id} no longer authorizes
unrelated query parameters such as ?admin=true. The path-traversal guard still applies.
Move the MCP Apps per-endpoint validation and orchestration into packages/api as TypeScript
service functions (readAppResource, listAppResources, listAppResourceTemplates, callAppTool)
exported from @librechat/api, delegating through a structural manager interface to avoid a circular
import. The /api controllers become thin adapters; resolveAppContext, the sandbox file serve, and
the requireMCPAppsEnabled middleware stay in /api as request-bound glue.
|
||
|---|---|---|
| .. | ||
| __tests__ | ||
| agents | ||
| assistants | ||
| auth | ||
| AuthController.js | ||
| AuthController.spec.js | ||
| Balance.js | ||
| Balance.spec.js | ||
| ContextProjectionController.js | ||
| EndpointController.js | ||
| FavoritesController.js | ||
| FavoritesController.spec.js | ||
| mcp.js | ||
| mcpApps.js | ||
| ModelController.js | ||
| PermissionsController.js | ||
| PluginController.js | ||
| PluginController.spec.js | ||
| SkillStatesController.js | ||
| TokenConfigController.js | ||
| tools.js | ||
| TwoFactorController.js | ||
| UserController.js | ||
| UserController.spec.js | ||