Use RBAC for listing thread snapshots

surfsense_backend/app/services/public_chat_service.py

@@ -366,11 +366,14 @@ async def list_snapshots_for_thread(
     if not thread:
         raise HTTPException(status_code=404, detail="Thread not found")
 
-    if thread.created_by_id != user.id:
+    # Check permission to view public share links
-        raise HTTPException(
+    await check_permission(
-            status_code=403,
+        session,
-            detail="Only the creator can view snapshots",
+        user,
-        )
+        thread.search_space_id,
+        Permission.PUBLIC_SHARING_VIEW.value,
+        "You don't have permission to view public share links",
+    )
 
     result = await session.execute(
         select(PublicChatSnapshot)

surfsense_web/components/new-chat/chat-share-button.tsx

@@ -257,8 +257,8 @@ export function ChatShareButton({ thread, onVisibilityChange, className }: ChatS
 					</TooltipTrigger>
 					<TooltipContent>
 						{snapshotCount === 1
-							? "This chat has a public link - Click to manage"
+							? "This chat has a public link"
-							: `This chat has ${snapshotCount} public links - Click to manage`}
+							: `This chat has ${snapshotCount} public links`}
 					</TooltipContent>
 				</Tooltip>
 			)}