OpenWebUI/open-webui
1
0
Fork 0
mirror of https://github.com/open-webui/open-webui synced 2025-06-26 18:26:48 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

enh: notes user group permission

Browse Source
This commit is contained in:
Timothy Jaeryang Baek 2025-05-04 17:22:51 +04:00
parent f716968009
commit 84a05bec7b
8 changed files with 165 additions and 77 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
backend/open_webui/config.py
View File

@ -1137,6 +1137,10 @@ USER_PERMISSIONS_FEATURES_CODE_INTERPRETER = (
== "true" == "true"
) )
USER_PERMISSIONS_FEATURES_NOTES = (
os.environ.get("USER_PERMISSIONS_FEATURES_NOTES", "True").lower() == "true"
)
DEFAULT_USER_PERMISSIONS = { DEFAULT_USER_PERMISSIONS = {
"workspace": { "workspace": {
@ -1170,6 +1174,7 @@ DEFAULT_USER_PERMISSIONS = {
"web_search": USER_PERMISSIONS_FEATURES_WEB_SEARCH, "web_search": USER_PERMISSIONS_FEATURES_WEB_SEARCH,
"image_generation": USER_PERMISSIONS_FEATURES_IMAGE_GENERATION, "image_generation": USER_PERMISSIONS_FEATURES_IMAGE_GENERATION,
"code_interpreter": USER_PERMISSIONS_FEATURES_CODE_INTERPRETER, "code_interpreter": USER_PERMISSIONS_FEATURES_CODE_INTERPRETER,
"notes": USER_PERMISSIONS_FEATURES_NOTES,
}, },
} }

67
backend/open_webui/routers/notes.py
View File

@ -15,7 +15,7 @@ from open_webui.env import SRC_LOG_LEVELS
from open_webui.utils.auth import get_admin_user, get_verified_user from open_webui.utils.auth import get_admin_user, get_verified_user
from open_webui.utils.access_control import has_access from open_webui.utils.access_control import has_permission
log = logging.getLogger(__name__) log = logging.getLogger(__name__)
log.setLevel(SRC_LOG_LEVELS["MODELS"]) log.setLevel(SRC_LOG_LEVELS["MODELS"])
@ -28,7 +28,16 @@ router = APIRouter()
@router.get("/", response_model=list[NoteUserResponse]) @router.get("/", response_model=list[NoteUserResponse])
async def get_notes(user=Depends(get_verified_user)): async def get_notes(request: Request, user=Depends(get_verified_user)):
if user.role != "admin" and not has_permission(
user.id, "features.notes", request.app.state.config.USER_PERMISSIONS
):
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail=ERROR_MESSAGES.UNAUTHORIZED,
)
notes = [ notes = [
NoteUserResponse( NoteUserResponse(
**{ **{
@ -43,7 +52,16 @@ async def get_notes(user=Depends(get_verified_user)):
@router.get("/list", response_model=list[NoteUserResponse]) @router.get("/list", response_model=list[NoteUserResponse])
async def get_note_list(user=Depends(get_verified_user)): async def get_note_list(request: Request, user=Depends(get_verified_user)):
if user.role != "admin" and not has_permission(
user.id, "features.notes", request.app.state.config.USER_PERMISSIONS
):
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail=ERROR_MESSAGES.UNAUTHORIZED,
)
notes = [ notes = [
NoteUserResponse( NoteUserResponse(
**{ **{
@ -63,7 +81,18 @@ async def get_note_list(user=Depends(get_verified_user)):
@router.post("/create", response_model=Optional[NoteModel]) @router.post("/create", response_model=Optional[NoteModel])
async def create_new_note(form_data: NoteForm, user=Depends(get_admin_user)): async def create_new_note(
request: Request, form_data: NoteForm, user=Depends(get_verified_user)
):
if user.role != "admin" and not has_permission(
user.id, "features.notes", request.app.state.config.USER_PERMISSIONS
):
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail=ERROR_MESSAGES.UNAUTHORIZED,
)
try: try:
note = Notes.insert_new_note(form_data, user.id) note = Notes.insert_new_note(form_data, user.id)
return note return note
@ -80,7 +109,15 @@ async def create_new_note(form_data: NoteForm, user=Depends(get_admin_user)):
@router.get("/{id}", response_model=Optional[NoteModel]) @router.get("/{id}", response_model=Optional[NoteModel])
async def get_note_by_id(id: str, user=Depends(get_verified_user)): async def get_note_by_id(request: Request, id: str, user=Depends(get_verified_user)):
if user.role != "admin" and not has_permission(
user.id, "features.notes", request.app.state.config.USER_PERMISSIONS
):
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail=ERROR_MESSAGES.UNAUTHORIZED,
)
note = Notes.get_note_by_id(id) note = Notes.get_note_by_id(id)
if not note: if not note:
raise HTTPException( raise HTTPException(
@ -104,8 +141,16 @@ async def get_note_by_id(id: str, user=Depends(get_verified_user)):
@router.post("/{id}/update", response_model=Optional[NoteModel]) @router.post("/{id}/update", response_model=Optional[NoteModel])
async def update_note_by_id( async def update_note_by_id(
id: str, form_data: NoteForm, user=Depends(get_verified_user) request: Request, id: str, form_data: NoteForm, user=Depends(get_verified_user)
): ):
if user.role != "admin" and not has_permission(
user.id, "features.notes", request.app.state.config.USER_PERMISSIONS
):
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail=ERROR_MESSAGES.UNAUTHORIZED,
)
note = Notes.get_note_by_id(id) note = Notes.get_note_by_id(id)
if not note: if not note:
raise HTTPException( raise HTTPException(
@ -135,7 +180,15 @@ async def update_note_by_id(
@router.delete("/{id}/delete", response_model=bool) @router.delete("/{id}/delete", response_model=bool)
async def delete_note_by_id(id: str, user=Depends(get_verified_user)): async def delete_note_by_id(request: Request, id: str, user=Depends(get_verified_user)):
if user.role != "admin" and not has_permission(
user.id, "features.notes", request.app.state.config.USER_PERMISSIONS
):
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail=ERROR_MESSAGES.UNAUTHORIZED,
)
note = Notes.get_note_by_id(id) note = Notes.get_note_by_id(id)
if not note: if not note:
raise HTTPException( raise HTTPException(

1
backend/open_webui/routers/users.py
View File

@ -129,6 +129,7 @@ class FeaturesPermissions(BaseModel):
web_search: bool = True web_search: bool = True
image_generation: bool = True image_generation: bool = True
code_interpreter: bool = True code_interpreter: bool = True
notes: bool = True
class UserPermissions(BaseModel): class UserPermissions(BaseModel):

3
src/lib/components/admin/Users/Groups.svelte
View File

@ -81,7 +81,8 @@
direct_tool_servers: false, direct_tool_servers: false,
web_search: true, web_search: true,
image_generation: true, image_generation: true,
code_interpreter: true code_interpreter: true,
notes: true
} }
}; };

11
src/lib/components/admin/Users/Groups/Permissions.svelte
View File

@ -37,7 +37,8 @@
direct_tool_servers: false, direct_tool_servers: false,
web_search: true, web_search: true,
image_generation: true, image_generation: true,
code_interpreter: true code_interpreter: true,
notes: true
} }
}; };
@ -380,5 +381,13 @@
<Switch bind:state={permissions.features.code_interpreter} /> <Switch bind:state={permissions.features.code_interpreter} />
</div> </div>
<div class=" flex w-full justify-between my-2 pr-2">
<div class=" self-center text-xs font-medium">
{$i18n.t('Notes')}
</div>
<Switch bind:state={permissions.features.notes} />
</div>
</div> </div>
</div> </div>

2
src/lib/components/layout/Sidebar.svelte
View File

@ -570,7 +570,7 @@
</div> </div>
{/if} --> {/if} -->
{#if $config?.features?.enable_notes ?? false} {#if ($config?.features?.enable_notes ?? false) && ($user?.role === 'admin' || ($user?.permissions?.features?.notes ?? true))}
<div class="px-1.5 flex justify-center text-gray-800 dark:text-gray-200"> <div class="px-1.5 flex justify-center text-gray-800 dark:text-gray-200">
<a <a
class="grow flex items-center space-x-3 rounded-lg px-2 py-[7px] hover:bg-gray-100 dark:hover:bg-gray-900 transition" class="grow flex items-center space-x-3 rounded-lg px-2 py-[7px] hover:bg-gray-100 dark:hover:bg-gray-900 transition"

13
src/lib/components/notes/NoteEditor.svelte
View File

@ -53,7 +53,9 @@
export let id: null | string = null; export let id: null | string = null;
let note = { let note = null;
const newNote = {
title: '', title: '',
data: { data: {
content: { content: {
@ -85,8 +87,7 @@
note = res; note = res;
files = res.data.files || []; files = res.data.files || [];
} else { } else {
toast.error($i18n.t('Note not found')); goto('/');
goto('/notes');
return; return;
} }
@ -101,6 +102,12 @@
} }
debounceTimeout = setTimeout(async () => { debounceTimeout = setTimeout(async () => {
if (!note) {
return;
}
console.log('Saving note:', note);
const res = await updateNoteById(localStorage.token, id, { const res = await updateNoteById(localStorage.token, id, {
...note, ...note,
title: note.title === '' ? $i18n.t('Untitled') : note.title title: note.title === '' ? $i18n.t('Untitled') : note.title

140
src/routes/(app)/notes/+layout.svelte
View File

@ -1,17 +1,27 @@
<script lang="ts"> <script lang="ts">
import { onMount, getContext } from 'svelte'; import { onMount, getContext } from 'svelte';
import { WEBUI_NAME, showSidebar, functions, config, user, showArchivedChats } from '$lib/stores'; import { WEBUI_NAME, showSidebar, functions, config, user, showArchivedChats } from '$lib/stores';
import { goto } from '$app/navigation';
import MenuLines from '$lib/components/icons/MenuLines.svelte'; import MenuLines from '$lib/components/icons/MenuLines.svelte';
import { page } from '$app/stores';
import UserMenu from '$lib/components/layout/Sidebar/UserMenu.svelte'; import UserMenu from '$lib/components/layout/Sidebar/UserMenu.svelte';
const i18n = getContext('i18n'); const i18n = getContext('i18n');
let loaded = false;
onMount(async () => { onMount(async () => {
if (!$config?.features?.enable_notes) { if (
!(
($config?.features?.enable_notes ?? false) &&
($user?.role === 'admin' || ($user?.permissions?.features?.notes ?? true))
)
) {
// If the feature is not enabled, redirect to the home page // If the feature is not enabled, redirect to the home page
goto('/'); goto('/');
} }
loaded = true;
}); });
</script> </script>
@ -21,71 +31,73 @@
</title> </title>
</svelte:head> </svelte:head>
<div {#if loaded}
class=" flex flex-col w-full h-screen max-h-[100dvh] transition-width duration-200 ease-in-out {$showSidebar <div
? 'md:max-w-[calc(100%-260px)]' class=" flex flex-col w-full h-screen max-h-[100dvh] transition-width duration-200 ease-in-out {$showSidebar
: ''} max-w-full" ? 'md:max-w-[calc(100%-260px)]'
> : ''} max-w-full"
<nav class=" px-2 pt-1 backdrop-blur-xl w-full drag-region"> >
<div class=" flex items-center"> <nav class=" px-2 pt-1 backdrop-blur-xl w-full drag-region">
<div class="{$showSidebar ? 'md:hidden' : ''} flex flex-none items-center"> <div class=" flex items-center">
<button <div class="{$showSidebar ? 'md:hidden' : ''} flex flex-none items-center">
id="sidebar-toggle-button" <button
class="cursor-pointer p-1.5 flex rounded-xl hover:bg-gray-100 dark:hover:bg-gray-850 transition" id="sidebar-toggle-button"
on:click={() => { class="cursor-pointer p-1.5 flex rounded-xl hover:bg-gray-100 dark:hover:bg-gray-850 transition"
showSidebar.set(!$showSidebar); on:click={() => {
}} showSidebar.set(!$showSidebar);
aria-label="Toggle Sidebar" }}
> aria-label="Toggle Sidebar"
<div class=" m-auto self-center">
<MenuLines />
</div>
</button>
</div>
<div class="ml-2 py-0.5 self-center flex items-center justify-between w-full">
<div class="">
<div
class="flex gap-1 scrollbar-none overflow-x-auto w-fit text-center text-sm font-medium bg-transparent py-1 touch-auto pointer-events-auto"
> >
<a class="min-w-fit transition" href="/notes"> <div class=" m-auto self-center">
{$i18n.t('Notes')} <MenuLines />
</a> </div>
</button>
</div>
<div class="ml-2 py-0.5 self-center flex items-center justify-between w-full">
<div class="">
<div
class="flex gap-1 scrollbar-none overflow-x-auto w-fit text-center text-sm font-medium bg-transparent py-1 touch-auto pointer-events-auto"
>
<a class="min-w-fit transition" href="/notes">
{$i18n.t('Notes')}
</a>
</div>
</div>
<div class=" self-center flex items-center gap-1">
{#if $user !== undefined && $user !== null}
<UserMenu
className="max-w-[200px]"
role={$user?.role}
on:show={(e) => {
if (e.detail === 'archived-chat') {
showArchivedChats.set(true);
}
}}
>
<button
class="select-none flex rounded-xl p-1.5 w-full hover:bg-gray-50 dark:hover:bg-gray-850 transition"
aria-label="User Menu"
>
<div class=" self-center">
<img
src={$user?.profile_image_url}
class="size-6 object-cover rounded-full"
alt="User profile"
draggable="false"
/>
</div>
</button>
</UserMenu>
{/if}
</div> </div>
</div> </div>
<div class=" self-center flex items-center gap-1">
{#if $user !== undefined && $user !== null}
<UserMenu
className="max-w-[200px]"
role={$user?.role}
on:show={(e) => {
if (e.detail === 'archived-chat') {
showArchivedChats.set(true);
}
}}
>
<button
class="select-none flex rounded-xl p-1.5 w-full hover:bg-gray-50 dark:hover:bg-gray-850 transition"
aria-label="User Menu"
>
<div class=" self-center">
<img
src={$user?.profile_image_url}
class="size-6 object-cover rounded-full"
alt="User profile"
draggable="false"
/>
</div>
</button>
</UserMenu>
{/if}
</div>
</div> </div>
</div> </nav>
</nav>
<div class=" pb-1 flex-1 max-h-full overflow-y-auto @container"> <div class=" pb-1 flex-1 max-h-full overflow-y-auto @container">
<slot /> <slot />
</div>
</div> </div>
</div> {/if}