From 6132d5c80ee7cb9c2ec9c27a0687298ca22f1557 Mon Sep 17 00:00:00 2001
From: Dave Glover <dglover@microsoft.com>
Date: Wed, 2 Oct 2024 14:26:47 +1000
Subject: [PATCH] block deletion of global assistant assets

- added enum scope
- tagged global with Scope.Global
- Check deletion requests for Global and return not authorised
---
 src/AzureAIProxy.Shared/Database/Assistant.cs    | 10 ++++++++++
 src/AzureAIProxy/Routes/AzureOpenAIAssistants.cs |  2 ++
 src/AzureAIProxy/Services/AssistantService.cs    |  3 ++-
 3 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/src/AzureAIProxy.Shared/Database/Assistant.cs b/src/AzureAIProxy.Shared/Database/Assistant.cs
index 3d26be1e..d72cb023 100644
--- a/src/AzureAIProxy.Shared/Database/Assistant.cs
+++ b/src/AzureAIProxy.Shared/Database/Assistant.cs
@@ -1,7 +1,17 @@
 namespace AzureAIProxy.Shared.Database;
+using System.ComponentModel.DataAnnotations.Schema;
+
+public enum Scope
+{
+    Personal,
+    Global
+}
 
 public partial class Assistant
 {
     public string ApiKey { get; set; } = null!;
     public string Id { get; set; } = null!;
+
+    [NotMapped]
+    public Scope Scope { get; set; } = Scope.Personal; // Default to Personal
 }
diff --git a/src/AzureAIProxy/Routes/AzureOpenAIAssistants.cs b/src/AzureAIProxy/Routes/AzureOpenAIAssistants.cs
index 6950a03c..80c700a8 100644
--- a/src/AzureAIProxy/Routes/AzureOpenAIAssistants.cs
+++ b/src/AzureAIProxy/Routes/AzureOpenAIAssistants.cs
@@ -134,6 +134,8 @@ private static async Task<IResult> CreateThreadAsync(
                 var assistant = await assistantService.GetIdAsync(requestContext.ApiKey, assistantId.Split("/").First());
                 if (assistant is null)
                     return OpenAIResult.Unauthorized("Unauthorized assistant access.");
+                else if (method == HttpMethod.Delete.Method && assistant.Scope == Scope.Global)
+                    return OpenAIResult.Unauthorized("Unauthorized assistant deletion.");
             }
             else if (threadId is not null)
             {
diff --git a/src/AzureAIProxy/Services/AssistantService.cs b/src/AzureAIProxy/Services/AssistantService.cs
index ae6da98c..fbca469f 100644
--- a/src/AzureAIProxy/Services/AssistantService.cs
+++ b/src/AzureAIProxy/Services/AssistantService.cs
@@ -110,7 +110,8 @@ public async Task DeleteIdAsync(string apiKey, string responseContent)
                     result = new Assistant
                     {
                         ApiKey = apiKey,
-                        Id = id
+                        Id = id,
+                        Scope = Scope.Global
                     };
                     memoryCache.Set(cacheKey, result, TimeSpan.FromMinutes(10));
                 }