diff --git a/backend/open_webui/routers/channels.py b/backend/open_webui/routers/channels.py index d15a70798..9a15b0fc1 100644 --- a/backend/open_webui/routers/channels.py +++ b/backend/open_webui/routers/channels.py @@ -70,7 +70,9 @@ async def get_channel_by_id(id: str, user=Depends(get_verified_user)): status_code=status.HTTP_404_NOT_FOUND, detail=ERROR_MESSAGES.NOT_FOUND ) - if not has_access(user.id, type="read", access_control=channel.access_control): + if user.role != "admin" and not has_access( + user.id, type="read", access_control=channel.access_control + ): raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail=ERROR_MESSAGES.DEFAULT() ) @@ -145,7 +147,9 @@ async def get_channel_messages( status_code=status.HTTP_404_NOT_FOUND, detail=ERROR_MESSAGES.NOT_FOUND ) - if not has_access(user.id, type="read", access_control=channel.access_control): + if user.role != "admin" and not has_access( + user.id, type="read", access_control=channel.access_control + ): raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail=ERROR_MESSAGES.DEFAULT() ) @@ -186,7 +190,9 @@ async def post_new_message( status_code=status.HTTP_404_NOT_FOUND, detail=ERROR_MESSAGES.NOT_FOUND ) - if not has_access(user.id, type="read", access_control=channel.access_control): + if user.role != "admin" and not has_access( + user.id, type="read", access_control=channel.access_control + ): raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail=ERROR_MESSAGES.DEFAULT() ) @@ -236,7 +242,9 @@ async def update_message_by_id( status_code=status.HTTP_404_NOT_FOUND, detail=ERROR_MESSAGES.NOT_FOUND ) - if not has_access(user.id, type="read", access_control=channel.access_control): + if user.role != "admin" and not has_access( + user.id, type="read", access_control=channel.access_control + ): raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail=ERROR_MESSAGES.DEFAULT() ) @@ -294,7 +302,9 @@ async def delete_message_by_id( status_code=status.HTTP_404_NOT_FOUND, detail=ERROR_MESSAGES.NOT_FOUND ) - if not has_access(user.id, type="read", access_control=channel.access_control): + if user.role != "admin" and not has_access( + user.id, type="read", access_control=channel.access_control + ): raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail=ERROR_MESSAGES.DEFAULT() )