From 646d926f706ead2ab39bae3906bea113eb781281 Mon Sep 17 00:00:00 2001 From: Timothy Jaeryang Baek Date: Sat, 16 Nov 2024 02:31:04 -0800 Subject: [PATCH] enh: chat file upload permission --- backend/open_webui/apps/webui/routers/chats.py | 4 ++-- backend/open_webui/apps/webui/routers/users.py | 1 + backend/open_webui/config.py | 9 +++++++-- .../components/admin/Users/Groups/Permissions.svelte | 11 ++++++++++- 4 files changed, 20 insertions(+), 5 deletions(-) diff --git a/backend/open_webui/apps/webui/routers/chats.py b/backend/open_webui/apps/webui/routers/chats.py index b149b2eb4..5beea549e 100644 --- a/backend/open_webui/apps/webui/routers/chats.py +++ b/backend/open_webui/apps/webui/routers/chats.py @@ -52,7 +52,7 @@ async def get_session_user_chat_list( async def delete_all_user_chats(request: Request, user=Depends(get_verified_user)): if user.role == "user" and not request.app.state.config.USER_PERMISSIONS.get( "chat", {} - ).get("deletion", {}): + ).get("delete", {}): raise HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail=ERROR_MESSAGES.ACCESS_PROHIBITED, @@ -386,7 +386,7 @@ async def delete_chat_by_id(request: Request, id: str, user=Depends(get_verified return result else: if not request.app.state.config.USER_PERMISSIONS.get("chat", {}).get( - "deletion", {} + "delete", {} ): raise HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, diff --git a/backend/open_webui/apps/webui/routers/users.py b/backend/open_webui/apps/webui/routers/users.py index a4e21a5d7..b6b91a5c3 100644 --- a/backend/open_webui/apps/webui/routers/users.py +++ b/backend/open_webui/apps/webui/routers/users.py @@ -62,6 +62,7 @@ class WorkspacePermissions(BaseModel): class ChatPermissions(BaseModel): + file_upload: bool delete: bool edit: bool temporary: bool diff --git a/backend/open_webui/config.py b/backend/open_webui/config.py index c1070dbbd..cbe85ce6d 100644 --- a/backend/open_webui/config.py +++ b/backend/open_webui/config.py @@ -759,6 +759,10 @@ USER_PERMISSIONS_WORKSPACE_TOOLS_ACCESS = ( os.environ.get("USER_PERMISSIONS_WORKSPACE_TOOLS_ACCESS", "False").lower() == "true" ) +USER_PERMISSIONS_CHAT_FILE_UPLOAD = ( + os.environ.get("USER_PERMISSIONS_CHAT_FILE_UPLOAD", "True").lower() == "true" +) + USER_PERMISSIONS_CHAT_DELETE = ( os.environ.get("USER_PERMISSIONS_CHAT_DELETE", "True").lower() == "true" ) @@ -782,8 +786,9 @@ USER_PERMISSIONS = PersistentConfig( "tools": USER_PERMISSIONS_WORKSPACE_TOOLS_ACCESS, }, "chat": { - "deletion": USER_PERMISSIONS_CHAT_DELETE, - "editing": USER_PERMISSIONS_CHAT_EDIT, + "file_upload": USER_PERMISSIONS_CHAT_FILE_UPLOAD, + "delete": USER_PERMISSIONS_CHAT_DELETE, + "edit": USER_PERMISSIONS_CHAT_EDIT, "temporary": USER_PERMISSIONS_CHAT_TEMPORARY, }, }, diff --git a/src/lib/components/admin/Users/Groups/Permissions.svelte b/src/lib/components/admin/Users/Groups/Permissions.svelte index 7bb61e14a..5d67ff768 100644 --- a/src/lib/components/admin/Users/Groups/Permissions.svelte +++ b/src/lib/components/admin/Users/Groups/Permissions.svelte @@ -15,7 +15,8 @@ chat: { delete: true, edit: true, - temporary: true + temporary: true, + file_upload: true } }; @@ -168,6 +169,14 @@
{$i18n.t('Chat Permissions')}
+
+
+ {$i18n.t('Allow File Upload')} +
+ + +
+
{$i18n.t('Allow Chat Delete')}