feat: add ENABLE_USER_STATUS toggle for admin-controlled user status visibility (#20488)
* feat: add ENABLE_USER_STATUS toggle for admin-controlled user status visibility feat: add ENABLE_USER_STATUS toggle for admin-controlled user status visibility Add a new admin panel toggle (Admin > Settings > General) called "User Status" that allows administrators to globally enable or disable user status functionality. When disabled: - User status API endpoints return 403 Forbidden - Status emoji, message, and "Update your status" button are hidden from the user menu The setting: - Defaults to True (enabled) - Can be overridden via ENABLE_USER_STATUS environment variable - Persists across restarts using PersistentConfig Files modified: - backend/open_webui/config.py - Added ENABLE_USER_STATUS PersistentConfig - backend/open_webui/main.py - App state init and features dict - backend/open_webui/routers/auths.py - AdminConfig model and endpoints - backend/open_webui/routers/users.py - 403 guards on status endpoints - src/lib/components/admin/Settings/General.svelte - Toggle UI - src/lib/components/layout/Sidebar/UserMenu.svelte - Conditional status display * Update UserMenu.svelte feat: add ENABLE_USER_STATUS toggle for admin-controlled user status visibility Add a new admin panel toggle (Admin > Settings > General) called "User Status" that allows administrators to globally enable or disable user status functionality. When disabled: - User status API endpoints return 403 Forbidden - Active/Away indicator with blinking dot is hidden from the user menu - Status emoji, message, and "Update your status" button are hidden from the user menu The setting: - Defaults to True (enabled) - Can be overridden via ENABLE_USER_STATUS environment variable - Persists across restarts using PersistentConfig Files modified: - backend/open_webui/config.py - Added ENABLE_USER_STATUS PersistentConfig - backend/open_webui/main.py - App state init and features dict - backend/open_webui/routers/auths.py - AdminConfig model and endpoints - backend/open_webui/routers/users.py - 403 guards on status endpoints - src/lib/components/admin/Settings/General.svelte - Toggle UI - src/lib/components/layout/Sidebar/UserMenu.svelte - Conditional status display * nuke the indicator * fix
This commit is contained in:
Classic298
GitHub
@@ -333,8 +333,14 @@ async def update_user_settings_by_session_user(
|
||||
|
||||
@router.get("/user/status")
|
||||
async def get_user_status_by_session_user(
|
||||
request: Request,
|
||||
user=Depends(get_verified_user), db: Session = Depends(get_session)
|
||||
):
|
||||
if not request.app.state.config.ENABLE_USER_STATUS:
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_403_FORBIDDEN,
|
||||
detail=ERROR_MESSAGES.ACTION_PROHIBITED,
|
||||
)
|
||||
user = Users.get_user_by_id(user.id, db=db)
|
||||
if user:
|
||||
return user
|
||||
@@ -352,10 +358,16 @@ async def get_user_status_by_session_user(
|
||||
|
||||
@router.post("/user/status/update")
|
||||
async def update_user_status_by_session_user(
|
||||
request: Request,
|
||||
form_data: UserStatus,
|
||||
user=Depends(get_verified_user),
|
||||
db: Session = Depends(get_session),
|
||||
):
|
||||
if not request.app.state.config.ENABLE_USER_STATUS:
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_403_FORBIDDEN,
|
||||
detail=ERROR_MESSAGES.ACTION_PROHIBITED,
|
||||
)
|
||||
user = Users.get_user_by_id(user.id, db=db)
|
||||
if user:
|
||||
user = Users.update_user_status_by_id(user.id, form_data, db=db)
|
||||
|
||||
Reference in New Issue
Block a user