open-webui/backend/apps/webui/models/users.py

from pydantic import BaseModel, ConfigDict, parse_obj_as
from typing import List, Union, Optional
import time

from sqlalchemy import String, Column, BigInteger, Text

from utils.misc import get_gravatar_url

from apps.webui.internal.db import Base, JSONField, Session, get_db
from apps.webui.models.chats import Chats

####################
# User DB Schema
####################


class User(Base):
    __tablename__ = "user"

    id = Column(String, primary_key=True)
    name = Column(String)
    email = Column(String)
    role = Column(String)
    profile_image_url = Column(Text)

    last_active_at = Column(BigInteger)
    updated_at = Column(BigInteger)
    created_at = Column(BigInteger)

    api_key = Column(String, nullable=True, unique=True)
    settings = Column(JSONField, nullable=True)
    info = Column(JSONField, nullable=True)

    oauth_sub = Column(Text, unique=True)


class UserSettings(BaseModel):
    ui: Optional[dict] = {}
    model_config = ConfigDict(extra="allow")
    pass


class UserModel(BaseModel):
    id: str
    name: str
    email: str
    role: str = "pending"
    profile_image_url: str

    last_active_at: int  # timestamp in epoch
    updated_at: int  # timestamp in epoch
    created_at: int  # timestamp in epoch

    api_key: Optional[str] = None
    settings: Optional[UserSettings] = None
    info: Optional[dict] = None

    oauth_sub: Optional[str] = None

    model_config = ConfigDict(from_attributes=True)


####################
# Forms
####################


class UserRoleUpdateForm(BaseModel):
    id: str
    role: str


class UserUpdateForm(BaseModel):
    name: str
    email: str
    profile_image_url: str
    password: Optional[str] = None


class UsersTable:

    def insert_new_user(
        self,
        id: str,
        name: str,
        email: str,
        profile_image_url: str = "/user.png",
        role: str = "pending",
        oauth_sub: Optional[str] = None,
    ) -> Optional[UserModel]:
        with get_db() as db:
            user = UserModel(
                **{
                    "id": id,
                    "name": name,
                    "email": email,
                    "role": role,
                    "profile_image_url": profile_image_url,
                    "last_active_at": int(time.time()),
                    "created_at": int(time.time()),
                    "updated_at": int(time.time()),
                    "oauth_sub": oauth_sub,
                }
            )
            result = User(**user.model_dump())
            db.add(result)
            db.commit()
            db.refresh(result)
            if result:
                return user
            else:
                return None

    def get_user_by_id(self, id: str) -> Optional[UserModel]:
        try:
            with get_db() as db:
                user = db.query(User).filter_by(id=id).first()
                return UserModel.model_validate(user)
        except Exception as e:
            return None

    def get_user_by_api_key(self, api_key: str) -> Optional[UserModel]:
        try:
            with get_db() as db:

                user = db.query(User).filter_by(api_key=api_key).first()
                return UserModel.model_validate(user)
        except:
            return None

    def get_user_by_email(self, email: str) -> Optional[UserModel]:
        try:
            with get_db() as db:

                user = db.query(User).filter_by(email=email).first()
                return UserModel.model_validate(user)
        except:
            return None

    def get_user_by_oauth_sub(self, sub: str) -> Optional[UserModel]:
        try:
            with get_db() as db:

                user = db.query(User).filter_by(oauth_sub=sub).first()
                return UserModel.model_validate(user)
        except:
            return None

    def get_users(self, skip: int = 0, limit: int = 50) -> List[UserModel]:
        with get_db() as db:
            users = (
                db.query(User)
                # .offset(skip).limit(limit)
                .all()
            )
            return [UserModel.model_validate(user) for user in users]

    def get_num_users(self) -> Optional[int]:
        with get_db() as db:
            return db.query(User).count()

    def get_first_user(self) -> UserModel:
        try:
            with get_db() as db:
                user = db.query(User).order_by(User.created_at).first()
                return UserModel.model_validate(user)
        except:
            return None

    def update_user_role_by_id(self, id: str, role: str) -> Optional[UserModel]:
        try:
            with get_db() as db:
                db.query(User).filter_by(id=id).update({"role": role})
                db.commit()
                user = db.query(User).filter_by(id=id).first()
                return UserModel.model_validate(user)
        except:
            return None

    def update_user_profile_image_url_by_id(
        self, id: str, profile_image_url: str
    ) -> Optional[UserModel]:
        try:
            with get_db() as db:
                db.query(User).filter_by(id=id).update(
                    {"profile_image_url": profile_image_url}
                )
                db.commit()

                user = db.query(User).filter_by(id=id).first()
                return UserModel.model_validate(user)
        except:
            return None

    def update_user_last_active_by_id(self, id: str) -> Optional[UserModel]:
        try:
            with get_db() as db:

                db.query(User).filter_by(id=id).update(
                    {"last_active_at": int(time.time())}
                )
                db.commit()

                user = db.query(User).filter_by(id=id).first()
                return UserModel.model_validate(user)
        except:
            return None

    def update_user_oauth_sub_by_id(
        self, id: str, oauth_sub: str
    ) -> Optional[UserModel]:
        try:
            with get_db() as db:
                db.query(User).filter_by(id=id).update({"oauth_sub": oauth_sub})

                user = db.query(User).filter_by(id=id).first()
                return UserModel.model_validate(user)
        except:
            return None

    def update_user_by_id(self, id: str, updated: dict) -> Optional[UserModel]:
        try:
            with get_db() as db:
                db.query(User).filter_by(id=id).update(updated)
                db.commit()

                user = db.query(User).filter_by(id=id).first()
                return UserModel.model_validate(user)
                # return UserModel(**user.dict())
        except Exception as e:
            return None

    def delete_user_by_id(self, id: str) -> bool:
        try:
            # Delete User Chats
            result = Chats.delete_chats_by_user_id(id)

            if result:
                with get_db() as db:
                    # Delete User
                    db.query(User).filter_by(id=id).delete()
                    db.commit()

                return True
            else:
                return False
        except:
            return False

    def update_user_api_key_by_id(self, id: str, api_key: str) -> str:
        try:
            with get_db() as db:
                result = db.query(User).filter_by(id=id).update({"api_key": api_key})
                db.commit()
                return True if result == 1 else False
        except:
            return False

    def get_user_api_key_by_id(self, id: str) -> Optional[str]:
        try:
            with get_db() as db:
                user = db.query(User).filter_by(id=id).first()
                return user.api_key
        except Exception as e:
            return None


Users = UsersTable()
feat(sqlalchemy): Replace peewee with sqlalchemy 2024-06-18 13:03:31 +00:00			`from pydantic import BaseModel, ConfigDict, parse_obj_as`
feat: multi-user support w/ RBAC 2023-11-19 00:47:12 +00:00			`from typing import List, Union, Optional`
			`import time`
feat(sqlalchemy): Replace peewee with sqlalchemy 2024-06-18 13:03:31 +00:00
			`from sqlalchemy import String, Column, BigInteger, Text`

feat: basic RBAC support 2023-11-19 05:41:43 +00:00			`from utils.misc import get_gravatar_url`

refac 2024-07-04 06:32:39 +00:00			`from apps.webui.internal.db import Base, JSONField, Session, get_db`
refac: folder rename web -> webui 2024-05-26 08:15:48 +00:00			`from apps.webui.models.chats import Chats`
feat: delete user backend support 2023-12-29 07:02:49 +00:00
feat: multi-user support w/ RBAC 2023-11-19 00:47:12 +00:00			`####################`
			`# User DB Schema`
			`####################`


feat(sqlalchemy): Replace peewee with sqlalchemy 2024-06-18 13:03:31 +00:00			`class User(Base):`
			`__tablename__ = "user"`
feat: user last active 2024-04-27 23:38:51 +00:00
feat(sqlalchemy): Replace peewee with sqlalchemy 2024-06-18 13:03:31 +00:00			`id = Column(String, primary_key=True)`
			`name = Column(String)`
			`email = Column(String)`
			`role = Column(String)`
feat(sqlalchemy): fix wrong column types 2024-06-24 11:21:51 +00:00			`profile_image_url = Column(Text)`
feat: user last active 2024-04-27 23:38:51 +00:00
feat(sqlalchemy): Replace peewee with sqlalchemy 2024-06-18 13:03:31 +00:00			`last_active_at = Column(BigInteger)`
			`updated_at = Column(BigInteger)`
			`created_at = Column(BigInteger)`
feat: db migration to sqlite 2023-12-26 05:44:28 +00:00
feat(sqlalchemy): Replace peewee with sqlalchemy 2024-06-18 13:03:31 +00:00			`api_key = Column(String, nullable=True, unique=True)`
			`settings = Column(JSONField, nullable=True)`
			`info = Column(JSONField, nullable=True)`
feat: experimental SSO support for Google, Microsoft, and OIDC 2024-05-26 07:37:09 +00:00
feat(sqlalchemy): Replace peewee with sqlalchemy 2024-06-18 13:03:31 +00:00			`oauth_sub = Column(Text, unique=True)`
feat: db migration to sqlite 2023-12-26 05:44:28 +00:00

feat: save user settings to db 2024-05-27 05:47:42 +00:00			`class UserSettings(BaseModel):`
			`ui: Optional[dict] = {}`
			`model_config = ConfigDict(extra="allow")`
			`pass`


feat: multi-user support w/ RBAC 2023-11-19 00:47:12 +00:00			`class UserModel(BaseModel):`
			`id: str`
			`name: str`
			`email: str`
feat: basic RBAC support 2023-11-19 05:41:43 +00:00			`role: str = "pending"`
feat: api endpoint to receive profile_image_uirl on signup 2024-04-04 05:36:27 +00:00			`profile_image_url: str`
feat: user last active 2024-04-27 23:38:51 +00:00
			`last_active_at: int # timestamp in epoch`
			`updated_at: int # timestamp in epoch`
			`created_at: int # timestamp in epoch`

refac: api_key field moved to user 2024-04-02 16:23:55 +00:00			`api_key: Optional[str] = None`
feat: save user settings to db 2024-05-27 05:47:42 +00:00			`settings: Optional[UserSettings] = None`
feat: user_location 2024-06-16 22:32:26 +00:00			`info: Optional[dict] = None`
feat: multi-user support w/ RBAC 2023-11-19 00:47:12 +00:00
feat: experimental SSO support for Google, Microsoft, and OIDC 2024-05-26 07:37:09 +00:00			`oauth_sub: Optional[str] = None`

feat(sqlalchemy): remove session reference from router 2024-06-21 12:58:57 +00:00			`model_config = ConfigDict(from_attributes=True)`

feat: multi-user support w/ RBAC 2023-11-19 00:47:12 +00:00
			`####################`
			`# Forms`
			`####################`


feat: admin panel added 2023-11-19 08:13:59 +00:00			`class UserRoleUpdateForm(BaseModel):`
			`id: str`
			`role: str`


feat: edit user support 2024-01-06 04:59:56 +00:00			`class UserUpdateForm(BaseModel):`
			`name: str`
			`email: str`
			`profile_image_url: str`
			`password: Optional[str] = None`

chore: :rotating_light: lint and format 2024-01-03 22:33:57 +00:00
feat: edit user support 2024-01-06 04:59:56 +00:00			`class UsersTable:`
feat: multi-user support w/ RBAC 2023-11-19 00:47:12 +00:00
feat: edit user support 2024-01-06 04:59:56 +00:00			`def insert_new_user(`
run npm run lint:backend 2024-04-04 08:10:51 +00:00			`self,`
			`id: str,`
			`name: str,`
			`email: str,`
refac 2024-04-07 06:16:29 +00:00			`profile_image_url: str = "/user.png",`
run npm run lint:backend 2024-04-04 08:10:51 +00:00			`role: str = "pending",`
feat: experimental SSO support for Google, Microsoft, and OIDC 2024-05-26 07:37:09 +00:00			`oauth_sub: Optional[str] = None,`
feat: edit user support 2024-01-06 04:59:56 +00:00			`) -> Optional[UserModel]:`
refac 2024-07-04 06:32:39 +00:00			`with get_db() as db:`
			`user = UserModel(`
			`**{`
			`"id": id,`
			`"name": name,`
			`"email": email,`
			`"role": role,`
			`"profile_image_url": profile_image_url,`
			`"last_active_at": int(time.time()),`
			`"created_at": int(time.time()),`
			`"updated_at": int(time.time()),`
			`"oauth_sub": oauth_sub,`
			`}`
			`)`
			`result = User(**user.model_dump())`
			`db.add(result)`
			`db.commit()`
			`db.refresh(result)`
			`if result:`
			`return user`
			`else:`
			`return None`
feat(sqlalchemy): remove session reference from router 2024-06-21 12:58:57 +00:00
			`def get_user_by_id(self, id: str) -> Optional[UserModel]:`
feat(sqlalchemy): use session factory instead of context manager 2024-06-24 11:06:15 +00:00			`try:`
refac 2024-07-04 06:32:39 +00:00			`with get_db() as db:`
			`user = db.query(User).filter_by(id=id).first()`
			`return UserModel.model_validate(user)`
feat(sqlalchemy): use session factory instead of context manager 2024-06-24 11:06:15 +00:00			`except Exception as e:`
			`return None`
feat(sqlalchemy): remove session reference from router 2024-06-21 12:58:57 +00:00
			`def get_user_by_api_key(self, api_key: str) -> Optional[UserModel]:`
feat(sqlalchemy): use session factory instead of context manager 2024-06-24 11:06:15 +00:00			`try:`
refac 2024-07-04 06:32:39 +00:00			`with get_db() as db:`

			`user = db.query(User).filter_by(api_key=api_key).first()`
			`return UserModel.model_validate(user)`
feat(sqlalchemy): use session factory instead of context manager 2024-06-24 11:06:15 +00:00			`except:`
			`return None`
feat(sqlalchemy): remove session reference from router 2024-06-21 12:58:57 +00:00
			`def get_user_by_email(self, email: str) -> Optional[UserModel]:`
feat(sqlalchemy): use session factory instead of context manager 2024-06-24 11:06:15 +00:00			`try:`
refac 2024-07-04 06:32:39 +00:00			`with get_db() as db:`

			`user = db.query(User).filter_by(email=email).first()`
			`return UserModel.model_validate(user)`
feat(sqlalchemy): use session factory instead of context manager 2024-06-24 11:06:15 +00:00			`except:`
			`return None`
feat: multi-user support w/ RBAC 2023-11-19 00:47:12 +00:00
feat: experimental SSO support for Google, Microsoft, and OIDC 2024-05-26 07:37:09 +00:00			`def get_user_by_oauth_sub(self, sub: str) -> Optional[UserModel]:`
feat(sqlalchemy): use session factory instead of context manager 2024-06-24 11:06:15 +00:00			`try:`
refac 2024-07-04 06:32:39 +00:00			`with get_db() as db:`

			`user = db.query(User).filter_by(oauth_sub=sub).first()`
			`return UserModel.model_validate(user)`
feat(sqlalchemy): use session factory instead of context manager 2024-06-24 11:06:15 +00:00			`except:`
			`return None`
feat(sqlalchemy): remove session reference from router 2024-06-21 12:58:57 +00:00
			`def get_users(self, skip: int = 0, limit: int = 50) -> List[UserModel]:`
refac 2024-07-04 06:32:39 +00:00			`with get_db() as db:`
			`users = (`
			`db.query(User)`
			`# .offset(skip).limit(limit)`
			`.all()`
			`)`
			`return [UserModel.model_validate(user) for user in users]`
feat(sqlalchemy): remove session reference from router 2024-06-21 12:58:57 +00:00
			`def get_num_users(self) -> Optional[int]:`
refac 2024-07-04 06:32:39 +00:00			`with get_db() as db:`
			`return db.query(User).count()`
feat(sqlalchemy): remove session reference from router 2024-06-21 12:58:57 +00:00
			`def get_first_user(self) -> UserModel:`
feat(sqlalchemy): use session factory instead of context manager 2024-06-24 11:06:15 +00:00			`try:`
refac 2024-07-04 06:32:39 +00:00			`with get_db() as db:`
			`user = db.query(User).order_by(User.created_at).first()`
			`return UserModel.model_validate(user)`
feat(sqlalchemy): use session factory instead of context manager 2024-06-24 11:06:15 +00:00			`except:`
			`return None`
feat: super-admin (first one to signup) 2024-05-02 02:59:05 +00:00
feat(sqlalchemy): format backend 2024-06-24 07:57:08 +00:00			`def update_user_role_by_id(self, id: str, role: str) -> Optional[UserModel]:`
feat(sqlalchemy): use session factory instead of context manager 2024-06-24 11:06:15 +00:00			`try:`
refac 2024-07-04 06:32:39 +00:00			`with get_db() as db:`
			`db.query(User).filter_by(id=id).update({"role": role})`
			`db.commit()`
			`user = db.query(User).filter_by(id=id).first()`
			`return UserModel.model_validate(user)`
feat(sqlalchemy): use session factory instead of context manager 2024-06-24 11:06:15 +00:00			`except:`
			`return None`
feat: admin panel added 2023-11-19 08:13:59 +00:00
feat: profile image update backend 2024-01-27 04:27:45 +00:00			`def update_user_profile_image_url_by_id(`
feat(sqlalchemy): remove session reference from router 2024-06-21 12:58:57 +00:00			`self, id: str, profile_image_url: str`
feat: profile image update backend 2024-01-27 04:27:45 +00:00			`) -> Optional[UserModel]:`
feat(sqlalchemy): use session factory instead of context manager 2024-06-24 11:06:15 +00:00			`try:`
refac 2024-07-04 06:32:39 +00:00			`with get_db() as db:`
			`db.query(User).filter_by(id=id).update(`
			`{"profile_image_url": profile_image_url}`
			`)`
			`db.commit()`

			`user = db.query(User).filter_by(id=id).first()`
			`return UserModel.model_validate(user)`
feat(sqlalchemy): use session factory instead of context manager 2024-06-24 11:06:15 +00:00			`except:`
			`return None`
feat: profile image update backend 2024-01-27 04:27:45 +00:00
feat(sqlalchemy): format backend 2024-06-24 07:57:08 +00:00			`def update_user_last_active_by_id(self, id: str) -> Optional[UserModel]:`
feat(sqlalchemy): use session factory instead of context manager 2024-06-24 11:06:15 +00:00			`try:`
refac 2024-07-04 06:32:39 +00:00			`with get_db() as db:`

			`db.query(User).filter_by(id=id).update(`
			`{"last_active_at": int(time.time())}`
			`)`
			`db.commit()`
feat: user last active 2024-04-27 23:38:51 +00:00
refac 2024-07-04 06:32:39 +00:00			`user = db.query(User).filter_by(id=id).first()`
			`return UserModel.model_validate(user)`
feat(sqlalchemy): use session factory instead of context manager 2024-06-24 11:06:15 +00:00			`except:`
			`return None`
feat: user last active 2024-04-27 23:38:51 +00:00
refac: move things around, uplift oauth endpoints 2024-05-27 17:07:38 +00:00			`def update_user_oauth_sub_by_id(`
feat(sqlalchemy): remove session reference from router 2024-06-21 12:58:57 +00:00			`self, id: str, oauth_sub: str`
refac: move things around, uplift oauth endpoints 2024-05-27 17:07:38 +00:00			`) -> Optional[UserModel]:`
feat(sqlalchemy): use session factory instead of context manager 2024-06-24 11:06:15 +00:00			`try:`
refac 2024-07-04 06:32:39 +00:00			`with get_db() as db:`
			`db.query(User).filter_by(id=id).update({"oauth_sub": oauth_sub})`
refac: move things around, uplift oauth endpoints 2024-05-27 17:07:38 +00:00
refac 2024-07-04 06:32:39 +00:00			`user = db.query(User).filter_by(id=id).first()`
			`return UserModel.model_validate(user)`
feat(sqlalchemy): use session factory instead of context manager 2024-06-24 11:06:15 +00:00			`except:`
			`return None`
refac: move things around, uplift oauth endpoints 2024-05-27 17:07:38 +00:00
feat(sqlalchemy): format backend 2024-06-24 07:57:08 +00:00			`def update_user_by_id(self, id: str, updated: dict) -> Optional[UserModel]:`
feat(sqlalchemy): use session factory instead of context manager 2024-06-24 11:06:15 +00:00			`try:`
refac 2024-07-04 06:32:39 +00:00			`with get_db() as db:`
			`db.query(User).filter_by(id=id).update(updated)`
			`db.commit()`
feat: edit user support 2024-01-06 04:59:56 +00:00
refac 2024-07-04 06:32:39 +00:00			`user = db.query(User).filter_by(id=id).first()`
			`return UserModel.model_validate(user)`
			`# return UserModel(**user.dict())`
feat(sqlalchemy): use session factory instead of context manager 2024-06-24 11:06:15 +00:00			`except Exception as e:`
			`return None`
feat(sqlalchemy): remove session reference from router 2024-06-21 12:58:57 +00:00
			`def delete_user_by_id(self, id: str) -> bool:`
feat(sqlalchemy): use session factory instead of context manager 2024-06-24 11:06:15 +00:00			`try:`
			`# Delete User Chats`
			`result = Chats.delete_chats_by_user_id(id)`

			`if result:`
refac 2024-07-04 06:32:39 +00:00			`with get_db() as db:`
			`# Delete User`
			`db.query(User).filter_by(id=id).delete()`
			`db.commit()`
feat(sqlalchemy): use session factory instead of context manager 2024-06-24 11:06:15 +00:00
			`return True`
			`else:`
feat(sqlalchemy): remove session reference from router 2024-06-21 12:58:57 +00:00			`return False`
feat(sqlalchemy): use session factory instead of context manager 2024-06-24 11:06:15 +00:00			`except:`
			`return False`
feat: delete user backend support 2023-12-29 07:02:49 +00:00
feat(sqlalchemy): remove session reference from router 2024-06-21 12:58:57 +00:00			`def update_user_api_key_by_id(self, id: str, api_key: str) -> str:`
feat(sqlalchemy): use session factory instead of context manager 2024-06-24 11:06:15 +00:00			`try:`
refac 2024-07-04 06:32:39 +00:00			`with get_db() as db:`
			`result = db.query(User).filter_by(id=id).update({"api_key": api_key})`
			`db.commit()`
			`return True if result == 1 else False`
feat(sqlalchemy): use session factory instead of context manager 2024-06-24 11:06:15 +00:00			`except:`
			`return False`
feat: delete user backend support 2023-12-29 07:02:49 +00:00
feat(sqlalchemy): remove session reference from router 2024-06-21 12:58:57 +00:00			`def get_user_api_key_by_id(self, id: str) -> Optional[str]:`
feat(sqlalchemy): use session factory instead of context manager 2024-06-24 11:06:15 +00:00			`try:`
refac 2024-07-04 06:32:39 +00:00			`with get_db() as db:`
			`user = db.query(User).filter_by(id=id).first()`
			`return user.api_key`
feat(sqlalchemy): use session factory instead of context manager 2024-06-24 11:06:15 +00:00			`except Exception as e:`
			`return None`
refac 2024-04-02 16:27:35 +00:00
feat: multi-user support w/ RBAC 2023-11-19 00:47:12 +00:00
feat(sqlalchemy): Replace peewee with sqlalchemy 2024-06-18 13:03:31 +00:00			`Users = UsersTable()`