refac

2024-12-28 06:42:47 +00:00 · 2024-12-23 01:37:13 -07:00 · 2024-12-23 01:37:13 -07:00 · 582253fc68
commit 582253fc68
parent 6d02485999
1 changed files with 15 additions and 5 deletions
--- a/backend/open_webui/routers/channels.py
+++ b/backend/open_webui/routers/channels.py
@ -70,7 +70,9 @@ async def get_channel_by_id(id: str, user=Depends(get_verified_user)):
            status_code=status.HTTP_404_NOT_FOUND, detail=ERROR_MESSAGES.NOT_FOUND
        )

-    if not has_access(user.id, type="read", access_control=channel.access_control):
+    if user.role != "admin" and not has_access(
+        user.id, type="read", access_control=channel.access_control
+    ):
        raise HTTPException(
            status_code=status.HTTP_403_FORBIDDEN, detail=ERROR_MESSAGES.DEFAULT()
        )
@ -145,7 +147,9 @@ async def get_channel_messages(
            status_code=status.HTTP_404_NOT_FOUND, detail=ERROR_MESSAGES.NOT_FOUND
        )

-    if not has_access(user.id, type="read", access_control=channel.access_control):
+    if user.role != "admin" and not has_access(
+        user.id, type="read", access_control=channel.access_control
+    ):
        raise HTTPException(
            status_code=status.HTTP_403_FORBIDDEN, detail=ERROR_MESSAGES.DEFAULT()
        )
@ -186,7 +190,9 @@ async def post_new_message(
            status_code=status.HTTP_404_NOT_FOUND, detail=ERROR_MESSAGES.NOT_FOUND
        )

-    if not has_access(user.id, type="read", access_control=channel.access_control):
+    if user.role != "admin" and not has_access(
+        user.id, type="read", access_control=channel.access_control
+    ):
        raise HTTPException(
            status_code=status.HTTP_403_FORBIDDEN, detail=ERROR_MESSAGES.DEFAULT()
        )
@ -236,7 +242,9 @@ async def update_message_by_id(
            status_code=status.HTTP_404_NOT_FOUND, detail=ERROR_MESSAGES.NOT_FOUND
        )

-    if not has_access(user.id, type="read", access_control=channel.access_control):
+    if user.role != "admin" and not has_access(
+        user.id, type="read", access_control=channel.access_control
+    ):
        raise HTTPException(
            status_code=status.HTTP_403_FORBIDDEN, detail=ERROR_MESSAGES.DEFAULT()
        )
@ -294,7 +302,9 @@ async def delete_message_by_id(
            status_code=status.HTTP_404_NOT_FOUND, detail=ERROR_MESSAGES.NOT_FOUND
        )

-    if not has_access(user.id, type="read", access_control=channel.access_control):
+    if user.role != "admin" and not has_access(
+        user.id, type="read", access_control=channel.access_control
+    ):
        raise HTTPException(
            status_code=status.HTTP_403_FORBIDDEN, detail=ERROR_MESSAGES.DEFAULT()
        )