UniqAI/open-webui
1
0
Fork 0
mirror of https://github.com/open-webui/open-webui synced 2024-11-21 23:57:51 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

refac: user permissions validation
Some checks failed
Deploy to HuggingFace Spaces / check-secret (push) Successful in 20s
Details
Create and publish Docker images with specific build args / build-main-image (linux/amd64) (push) Failing after 3m26s
Details
Create and publish Docker images with specific build args / build-main-image (linux/arm64) (push) Failing after 5m29s
Details
Create and publish Docker images with specific build args / merge-main-images (push) Has been skipped
Details
Create and publish Docker images with specific build args / build-cuda-image (linux/amd64) (push) Failing after 5m3s
Details
Create and publish Docker images with specific build args / build-cuda-image (linux/arm64) (push) Failing after 10m41s
Details
Create and publish Docker images with specific build args / merge-cuda-images (push) Has been skipped
Details
Create and publish Docker images with specific build args / build-ollama-image (linux/amd64) (push) Failing after 9m46s
Details
Create and publish Docker images with specific build args / build-ollama-image (linux/arm64) (push) Failing after 12m56s
Details
Create and publish Docker images with specific build args / merge-ollama-images (push) Has been skipped
Details
Python CI / Format Backend (3.11) (push) Failing after 1m35s
Details
Frontend Build / Format & Build Frontend (push) Failing after 1m30s
Details
Frontend Build / Frontend Unit Tests (push) Failing after 1m17s
Details
Integration Test / Run Cypress Integration Tests (push) Failing after 3m7s
Details
Integration Test / Run Migration Tests (push) Failing after 3m1s
Details
Deploy to HuggingFace Spaces / deploy (push) Has been skipped
Details

Browse Source
This commit is contained in:
Timothy Jaeryang Baek 2024-11-17 03:04:31 -08:00
parent fbdda55564
commit 37f19f68eb
4 changed files with 42 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
backend/open_webui/apps/webui/routers/knowledge.py
View File

@ -1,7 +1,7 @@
import json import json
from typing import Optional, Union from typing import Optional, Union
from pydantic import BaseModel from pydantic import BaseModel
from fastapi import APIRouter, Depends, HTTPException, status from fastapi import APIRouter, Depends, HTTPException, status, Request
import logging import logging
from open_webui.apps.webui.models.knowledge import ( from open_webui.apps.webui.models.knowledge import (
@ -16,7 +16,7 @@ from open_webui.apps.retrieval.main import process_file, ProcessFileForm
from open_webui.constants import ERROR_MESSAGES from open_webui.constants import ERROR_MESSAGES
from open_webui.utils.utils import get_admin_user, get_verified_user from open_webui.utils.utils import get_admin_user, get_verified_user
from open_webui.utils.access_control import has_access from open_webui.utils.access_control import has_access, has_permission
from open_webui.env import SRC_LOG_LEVELS from open_webui.env import SRC_LOG_LEVELS
@ -129,8 +129,16 @@ async def get_knowledge_list(user=Depends(get_verified_user)):
@router.post("/create", response_model=Optional[KnowledgeResponse]) @router.post("/create", response_model=Optional[KnowledgeResponse])
async def create_new_knowledge( async def create_new_knowledge(
form_data: KnowledgeForm, user=Depends(get_verified_user) request: Request, form_data: KnowledgeForm, user=Depends(get_verified_user)
): ):
if user.role != "admin" and not has_permission(
user.id, "workspace.knowledge", request.app.state.config.USER_PERMISSIONS
):
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail=ERROR_MESSAGES.UNAUTHORIZED,
)
knowledge = Knowledges.insert_new_knowledge(user.id, form_data) knowledge = Knowledges.insert_new_knowledge(user.id, form_data)
if knowledge: if knowledge:

10
backend/open_webui/apps/webui/routers/models.py
View File

@ -11,7 +11,7 @@ from fastapi import APIRouter, Depends, HTTPException, Request, status
from open_webui.utils.utils import get_admin_user, get_verified_user from open_webui.utils.utils import get_admin_user, get_verified_user
from open_webui.utils.access_control import has_access from open_webui.utils.access_control import has_access, has_permission
router = APIRouter() router = APIRouter()
@ -47,9 +47,17 @@ async def get_base_models(user=Depends(get_admin_user)):
@router.post("/create", response_model=Optional[ModelModel]) @router.post("/create", response_model=Optional[ModelModel])
async def create_new_model( async def create_new_model(
request: Request,
form_data: ModelForm, form_data: ModelForm,
user=Depends(get_verified_user), user=Depends(get_verified_user),
): ):
if user.role != "admin" and not has_permission(
user.id, "workspace.models", request.app.state.config.USER_PERMISSIONS
):
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail=ERROR_MESSAGES.UNAUTHORIZED,
)
model = Models.get_model_by_id(form_data.id) model = Models.get_model_by_id(form_data.id)
if model: if model:

16
backend/open_webui/apps/webui/routers/prompts.py
View File

@ -2,9 +2,9 @@ from typing import Optional
from open_webui.apps.webui.models.prompts import PromptForm, PromptModel, Prompts from open_webui.apps.webui.models.prompts import PromptForm, PromptModel, Prompts
from open_webui.constants import ERROR_MESSAGES from open_webui.constants import ERROR_MESSAGES
from fastapi import APIRouter, Depends, HTTPException, status from fastapi import APIRouter, Depends, HTTPException, status, Request
from open_webui.utils.utils import get_admin_user, get_verified_user from open_webui.utils.utils import get_admin_user, get_verified_user
from open_webui.utils.access_control import has_access from open_webui.utils.access_control import has_access, has_permission
router = APIRouter() router = APIRouter()
@ -39,7 +39,17 @@ async def get_prompt_list(user=Depends(get_verified_user)):
@router.post("/create", response_model=Optional[PromptModel]) @router.post("/create", response_model=Optional[PromptModel])
async def create_new_prompt(form_data: PromptForm, user=Depends(get_verified_user)): async def create_new_prompt(
request: Request, form_data: PromptForm, user=Depends(get_verified_user)
):
if user.role != "admin" and not has_permission(
user.id, "workspace.prompts", request.app.state.config.USER_PERMISSIONS
):
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail=ERROR_MESSAGES.UNAUTHORIZED,
)
prompt = Prompts.get_prompt_by_command(form_data.command) prompt = Prompts.get_prompt_by_command(form_data.command)
if prompt is None: if prompt is None:
prompt = Prompts.insert_new_prompt(user.id, form_data) prompt = Prompts.insert_new_prompt(user.id, form_data)

10
backend/open_webui/apps/webui/routers/tools.py
View File

@ -9,7 +9,7 @@ from open_webui.constants import ERROR_MESSAGES
from fastapi import APIRouter, Depends, HTTPException, Request, status from fastapi import APIRouter, Depends, HTTPException, Request, status
from open_webui.utils.tools import get_tools_specs from open_webui.utils.tools import get_tools_specs
from open_webui.utils.utils import get_admin_user, get_verified_user from open_webui.utils.utils import get_admin_user, get_verified_user
from open_webui.utils.access_control import has_access from open_webui.utils.access_control import has_access, has_permission
router = APIRouter() router = APIRouter()
@ -64,6 +64,14 @@ async def create_new_tools(
form_data: ToolForm, form_data: ToolForm,
user=Depends(get_verified_user), user=Depends(get_verified_user),
): ):
if user.role != "admin" and not has_permission(
user.id, "workspace.knowledge", request.app.state.config.USER_PERMISSIONS
):
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail=ERROR_MESSAGES.UNAUTHORIZED,
)
if not form_data.id.isidentifier(): if not form_data.id.isidentifier():
raise HTTPException( raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST, status_code=status.HTTP_400_BAD_REQUEST,