open-webui/backend/open_webui/routers/prompts.py

158 lines
4.5 KiB
Python
Raw Normal View History

2024-08-27 22:10:27 +00:00
from typing import Optional
2024-01-03 04:51:19 +00:00
2024-12-10 08:54:13 +00:00
from open_webui.models.prompts import (
2024-11-18 14:19:34 +00:00
PromptForm,
PromptUserResponse,
PromptModel,
Prompts,
)
from open_webui.constants import ERROR_MESSAGES
2024-11-17 11:04:31 +00:00
from fastapi import APIRouter, Depends, HTTPException, status, Request
2024-12-09 00:01:56 +00:00
from open_webui.utils.auth import get_admin_user, get_verified_user
2024-11-17 11:04:31 +00:00
from open_webui.utils.access_control import has_access, has_permission
2024-01-03 04:51:19 +00:00
router = APIRouter()
############################
# GetPrompts
############################
2024-08-14 12:46:31 +00:00
@router.get("/", response_model=list[PromptModel])
2024-06-27 18:29:59 +00:00
async def get_prompts(user=Depends(get_verified_user)):
2024-11-17 01:09:15 +00:00
if user.role == "admin":
prompts = Prompts.get_prompts()
else:
prompts = Prompts.get_prompts_by_user_id(user.id, "read")
return prompts
2024-11-18 14:19:34 +00:00
@router.get("/list", response_model=list[PromptUserResponse])
2024-11-17 01:09:15 +00:00
async def get_prompt_list(user=Depends(get_verified_user)):
if user.role == "admin":
prompts = Prompts.get_prompts()
else:
prompts = Prompts.get_prompts_by_user_id(user.id, "write")
return prompts
2024-01-03 04:51:19 +00:00
############################
# CreateNewPrompt
############################
@router.post("/create", response_model=Optional[PromptModel])
2024-11-17 11:04:31 +00:00
async def create_new_prompt(
request: Request, form_data: PromptForm, user=Depends(get_verified_user)
):
if user.role != "admin" and not has_permission(
user.id, "workspace.prompts", request.app.state.config.USER_PERMISSIONS
):
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail=ERROR_MESSAGES.UNAUTHORIZED,
)
prompt = Prompts.get_prompt_by_command(form_data.command)
2024-08-14 12:39:53 +00:00
if prompt is None:
prompt = Prompts.insert_new_prompt(user.id, form_data)
2024-01-03 05:35:47 +00:00
if prompt:
return prompt
2024-01-03 04:51:19 +00:00
raise HTTPException(
2024-01-03 05:35:47 +00:00
status_code=status.HTTP_400_BAD_REQUEST,
detail=ERROR_MESSAGES.DEFAULT(),
2024-01-03 04:51:19 +00:00
)
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail=ERROR_MESSAGES.COMMAND_TAKEN,
)
2024-01-03 04:51:19 +00:00
############################
# GetPromptByCommand
############################
2024-01-07 01:55:41 +00:00
@router.get("/command/{command}", response_model=Optional[PromptModel])
2024-06-27 18:29:59 +00:00
async def get_prompt_by_command(command: str, user=Depends(get_verified_user)):
prompt = Prompts.get_prompt_by_command(f"/{command}")
2024-01-03 04:51:19 +00:00
if prompt:
2024-11-17 02:00:49 +00:00
if (
user.role == "admin"
or prompt.user_id == user.id
or has_access(user.id, "read", prompt.access_control)
):
return prompt
2024-01-03 04:51:19 +00:00
else:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail=ERROR_MESSAGES.NOT_FOUND,
)
############################
# UpdatePromptByCommand
############################
2024-01-07 01:55:41 +00:00
@router.post("/command/{command}/update", response_model=Optional[PromptModel])
async def update_prompt_by_command(
command: str,
form_data: PromptForm,
2024-11-17 01:09:15 +00:00
user=Depends(get_verified_user),
2024-01-07 01:55:41 +00:00
):
2024-11-17 02:00:49 +00:00
prompt = Prompts.get_prompt_by_command(f"/{command}")
if not prompt:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail=ERROR_MESSAGES.NOT_FOUND,
)
2025-01-19 19:59:07 +00:00
# Is the user the original creator, in a group with write access, or an admin
2025-01-19 19:59:07 +00:00
if (
prompt.user_id != user.id
and not has_access(user.id, "write", prompt.access_control)
and user.role != "admin"
):
2024-11-17 02:00:49 +00:00
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail=ERROR_MESSAGES.ACCESS_PROHIBITED,
)
prompt = Prompts.update_prompt_by_command(f"/{command}", form_data)
2024-01-03 04:51:19 +00:00
if prompt:
return prompt
else:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail=ERROR_MESSAGES.ACCESS_PROHIBITED,
)
############################
# DeletePromptByCommand
############################
2024-01-07 01:55:41 +00:00
@router.delete("/command/{command}/delete", response_model=bool)
2024-11-17 01:09:15 +00:00
async def delete_prompt_by_command(command: str, user=Depends(get_verified_user)):
2024-11-17 02:00:49 +00:00
prompt = Prompts.get_prompt_by_command(f"/{command}")
if not prompt:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail=ERROR_MESSAGES.NOT_FOUND,
)
if prompt.user_id != user.id and user.role != "admin":
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail=ERROR_MESSAGES.ACCESS_PROHIBITED,
)
result = Prompts.delete_prompt_by_command(f"/{command}")
2024-01-03 04:51:19 +00:00
return result