UniqAI/open-webui
1
0
Fork 0
mirror of https://github.com/open-webui/open-webui synced 2025-04-05 05:10:46 +00:00
Code Issues Actions 4 Packages Projects Releases Wiki Activity

refac: get permissions

Browse Source
This commit is contained in:
Timothy Jaeryang Baek 2024-11-16 21:16:42 -08:00
parent c0371f6525
commit 07e0712b87
1 changed files with 22 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
backend/open_webui/utils/access_control.py
View File

@ -1,37 +1,41 @@
from typing import Optional, Union, List, Dict from typing import Optional, Union, List, Dict, Any
from open_webui.apps.webui.models.groups import Groups from open_webui.apps.webui.models.groups import Groups
def get_permissions( def get_permissions(
user_id: str, user_id: str,
default_permissions: Dict[str, bool] = {}, default_permissions: Dict[str, Any] = {},
) -> dict: ) -> Dict[str, Any]:
""" """
Get all permissions for a user by combining the permissions of all groups the user is a member of. Get all permissions for a user by combining the permissions of all groups the user is a member of.
If a permission is defined in multiple groups, the most permissive value is used. If a permission is defined in multiple groups, the most permissive value is used (True > False).
Permissions are nested in a dict with the permission key as the key and a boolean as the value.
""" """
def merge_permissions( def combine_permissions(
permissions: Dict[str, bool], new_permissions: Dict[str, bool] permissions: Dict[str, Any], group_permissions: Dict[str, Any]
) -> Dict[str, bool]: ) -> Dict[str, Any]:
"""Merge two permission dictionaries, keeping the most permissive value.""" """Combine permissions from multiple groups by taking the most permissive value."""
for key, value in new_permissions.items(): for key, value in group_permissions.items():
if key not in permissions: if isinstance(value, dict):
permissions[key] = value if key not in permissions:
permissions[key] = {}
permissions[key] = combine_permissions(permissions[key], value)
else: else:
permissions[key] = ( if key not in permissions:
permissions[key] or value permissions[key] = value
) # Use the most permissive value else:
permissions[key] = permissions[key] or value
return permissions return permissions
user_groups = Groups.get_groups_by_member_id(user_id) user_groups = Groups.get_groups_by_member_id(user_id)
user_permissions = default_permissions.copy() permissions = default_permissions.copy()
for group in user_groups: for group in user_groups:
user_permissions = merge_permissions(user_permissions, group.permissions) group_permissions = group.permissions
permissions = combine_permissions(permissions, group_permissions)
return user_permissions return permissions
def has_permission( def has_permission(