Merge pull request #4351 from cheahjs/feat/disable-admin-chat-view

feat: add ENABLE_ADMIN_CHAT_ACCESS to control admin access to user chats
2025-03-20 11:59:10 +00:00 · 2024-08-04 16:37:30 +02:00 · 2024-08-04 16:37:30 +02:00 · 1bf042ac84
commit 1bf042ac84
parent 080d45239a 565f40c642
5 changed files with 15 additions and 3 deletions
--- a/backend/apps/webui/routers/chats.py
+++ b/backend/apps/webui/routers/chats.py
@ -28,7 +28,7 @@ from apps.webui.models.tags import (

 from constants import ERROR_MESSAGES

-from config import SRC_LOG_LEVELS, ENABLE_ADMIN_EXPORT
+from config import SRC_LOG_LEVELS, ENABLE_ADMIN_EXPORT, ENABLE_ADMIN_CHAT_ACCESS

 log = logging.getLogger(__name__)
 log.setLevel(SRC_LOG_LEVELS["MODELS"])
@ -81,6 +81,11 @@ async def get_user_chat_list_by_user_id(
    skip: int = 0,
    limit: int = 50,
 ):
+    if not ENABLE_ADMIN_CHAT_ACCESS:
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail=ERROR_MESSAGES.ACCESS_PROHIBITED,
+        )
    return Chats.get_chat_list_by_user_id(
        user_id, include_archived=True, skip=skip, limit=limit
    )
@ -183,7 +188,7 @@ async def get_shared_chat_by_id(share_id: str, user=Depends(get_verified_user)):

    if user.role == "user":
        chat = Chats.get_chat_by_share_id(share_id)
-    elif user.role == "admin":
+    elif user.role == "admin" and ENABLE_ADMIN_CHAT_ACCESS:
        chat = Chats.get_chat_by_id(share_id)

    if chat:
--- a/backend/config.py
+++ b/backend/config.py
@ -824,6 +824,10 @@ WEBHOOK_URL = PersistentConfig(

 ENABLE_ADMIN_EXPORT = os.environ.get("ENABLE_ADMIN_EXPORT", "True").lower() == "true"

+ENABLE_ADMIN_CHAT_ACCESS = (
+    os.environ.get("ENABLE_ADMIN_CHAT_ACCESS", "True").lower() == "true"
+)
+
 ENABLE_COMMUNITY_SHARING = PersistentConfig(
    "ENABLE_COMMUNITY_SHARING",
    "ui.enable_community_sharing",
--- a/backend/main.py
+++ b/backend/main.py
@ -116,6 +116,7 @@ from config import (
    WEBUI_SECRET_KEY,
    WEBUI_SESSION_COOKIE_SAME_SITE,
    WEBUI_SESSION_COOKIE_SECURE,
+    ENABLE_ADMIN_CHAT_ACCESS,
    AppConfig,
 )

@ -1996,6 +1997,7 @@ async def get_app_config():
            "enable_image_generation": images_app.state.config.ENABLED,
            "enable_community_sharing": webui_app.state.config.ENABLE_COMMUNITY_SHARING,
            "enable_admin_export": ENABLE_ADMIN_EXPORT,
+            "enable_admin_chat_access": ENABLE_ADMIN_CHAT_ACCESS,
        },
        "audio": {
            "tts": {
--- a/src/lib/stores/index.ts
+++ b/src/lib/stores/index.ts
@ -149,6 +149,7 @@ type Config = {
 		enable_web_search?: boolean;
 		enable_image_generation: boolean;
 		enable_admin_export: boolean;
+		enable_admin_chat_access: boolean;
 		enable_community_sharing: boolean;
 	};
 	oauth: {
--- a/src/routes/(app)/admin/+page.svelte
+++ b/src/routes/(app)/admin/+page.svelte
@ -307,7 +307,7 @@

 						<td class="px-3 py-2 text-right">
 							<div class="flex justify-end w-full">
-								{#if user.role !== 'admin'}
+								{#if $config.features.enable_admin_chat_access && user.role !== 'admin'}
 									<Tooltip content={$i18n.t('Chats')}>
 										<button
 											class="self-center w-fit text-sm px-2 py-2 hover:bg-black/5 dark:hover:bg-white/5 rounded-xl"