feat: support share agent with specific users, extend permission control#428
feat: support share agent with specific users, extend permission control#428zonglinZhang wants to merge 5 commits intodataelement:mainfrom
Conversation
# Conflicts: # helm/clawith/Chart.yaml
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 34b16067ef
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
| scope_type: newScope, | ||
| scope_ids: newScope === 'user' ? permData?.scope_ids || [] : [], | ||
| access_level: permData?.access_level || 'use' |
There was a problem hiding this comment.
When the radio is switched to user, this request sends scope_ids from the previous state, which is usually empty for company/private agents. The backend treats scope_type='user' with an empty list as a fallback to private, so the scope immediately flips back and the UI cannot reliably enter/keep “Specific Users” mode to add users.
Useful? React with 👍 / 👎.
| permission_scope_type: form.permission_scope_type, | ||
| permission_scope_ids: scopeIds.length > 0 ? scopeIds : undefined, | ||
| max_tokens_per_day: form.max_tokens_per_day ? Number(form.max_tokens_per_day) : undefined, | ||
| max_tokens_per_month: form.max_tokens_per_month ? Number(form.max_tokens_per_month) : undefined, | ||
| skill_ids: agentType === 'native' ? form.skill_ids : [], |
There was a problem hiding this comment.
The create payload no longer includes permission_access_level, so backend schema defaults force new agents to use access regardless of the UI choice. This makes the “Default Access Level” control ineffective for company-wide creation and silently downgrades intended manage grants.
Useful? React with 👍 / 👎.
| elif scope_type == "private": | ||
| # Private: only creator can access | ||
| db.add(AgentPermission(agent_id=agent_id, scope_type="private", scope_id=current_user.id, access_level="manage")) |
There was a problem hiding this comment.
Private scope is documented as creator-only, but this code writes scope_id=current_user.id. If an admin or another user with manage access changes scope to private, they become the stored private principal, which breaks ownership semantics and grants persistent private access to the editor rather than the agent creator.
Useful? React with 👍 / 👎.
| Enum("company", "department", "user", "private", name="permission_scope_enum"), | ||
| nullable=False, |
There was a problem hiding this comment.
This adds private to permission_scope_enum in the ORM, but the commit does not include an Alembic revision updating the existing database enum. On deployed databases with the old enum values, inserts/updates using scope_type='private' will fail at runtime with enum-value errors.
Useful? React with 👍 / 👎.
zonglinZhang
changed the title
1 participant
Summary
Checklist