openai_assistants/chat?ajax_form=1&_wrapper_format=drupal_ajax. Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException: The 'chat with assistant' permission is required. in Drupal\Core\Routing\AccessAwareRouter->checkAccess()

i am attaching the patch which adds this permission

while above patch fixed the permission issue, now there is a new error for anonymous users:

TypeError: Drupal\openai_assistants\Entity\OpenaiThread::getAssistantId(): Return value must be of type string, null returned in Drupal\openai_assistants\Entity\OpenaiThread->getAssistantId() (line 235 of /web/modules/contrib/openai_assistants/src/Entity/OpenaiThread.php).

i did some investigation, and found the reason is because the assistant_id which is stored using tempstore.private is only stored for anonymous users when the cache is cleared, so if cache is not cleared then the assistant_id is not stored which then gives error, so following the instruction here https://www.drupal.org/forum/support/module-development-and-code-questio... → i added this code to both DialogForm and OpenaiChatForm

$form['#cache'] = ['max-age' => 0];

this resolved the issue for anonymous users, i have attached the patch which includes both the permission patch above and the cache changes.

The patch works, after giving the permission for anonymous user I can use it now as anonymous.

I'm not sure if there would be another way than setting the #cache max-age to 0, because it will kill the page cache and for example varnish will not work, making a site vulnerable for DDOS attacks.