refac

2024-11-21 23:57:51 +00:00 · 2024-11-14 20:13:43 -08:00 · 2024-11-14 20:13:43 -08:00 · dff85c733d
commit dff85c733d
parent 150d0adea2
6 changed files with 64 additions and 23 deletions
--- a/backend/open_webui/apps/webui/models/groups.py
+++ b/backend/open_webui/apps/webui/models/groups.py
@ -34,7 +34,6 @@ class Group(Base):

    permissions = Column(JSON, nullable=True)
    user_ids = Column(JSON, nullable=True)
-    admin_ids = Column(JSON, nullable=True)

    created_at = Column(BigInteger)
    updated_at = Column(BigInteger)
@ -51,7 +50,6 @@ class GroupModel(BaseModel):

    permissions: Optional[dict] = None
    user_ids: list[str] = []
-    admin_ids: list[str] = []

    created_at: int  # timestamp in epoch
    updated_at: int  # timestamp in epoch
--- a/backend/open_webui/apps/webui/models/knowledge.py
+++ b/backend/open_webui/apps/webui/models/knowledge.py
@ -35,10 +35,21 @@ class Knowledge(Base):
    meta = Column(JSON, nullable=True)

    access_control = Column(JSON, nullable=True)  # Controls data access levels.
-    # NULL for public access (open to all users with "user" role).
-    # {} for individual access (private to the owner).
-    # {"group_ids": ["group_id1", "group_id2"]} for access restricted to specific groups.
-    # {"user_ids": ["user_id1", "user_id2"]} for access restricted to specific users.
+    # Defines access control rules for this entry.
+    # - `None`: Public access, available to all users with the "user" role.
+    # - `{}`: Private access, restricted exclusively to the owner.
+    # - Custom permissions: Specific access control for reading and writing;
+    #   Can specify group or user-level restrictions:
+    #   {
+    #      "read": {
+    #          "group_ids": ["group_id1", "group_id2"],
+    #          "user_ids":  ["user_id1", "user_id2"]
+    #      },
+    #      "write": {
+    #          "group_ids": ["group_id1", "group_id2"],
+    #          "user_ids":  ["user_id1", "user_id2"]
+    #      }
+    #   }

    created_at = Column(BigInteger)
    updated_at = Column(BigInteger)
@ -56,7 +67,7 @@ class KnowledgeModel(BaseModel):
    data: Optional[dict] = None
    meta: Optional[dict] = None

-    access_control = Optional[dict] = None
+    access_control: Optional[dict] = None

    created_at: int  # timestamp in epoch
    updated_at: int  # timestamp in epoch
--- a/backend/open_webui/apps/webui/models/models.py
+++ b/backend/open_webui/apps/webui/models/models.py
@ -68,10 +68,21 @@ class Model(Base):
    """

    access_control = Column(JSON, nullable=True)  # Controls data access levels.
-    # NULL for public access (open to all users with "user" role).
-    # {} for individual access (private to the owner).
-    # {"group_ids": ["group_id1", "group_id2"]} for access restricted to specific groups.
-    # {"user_ids": ["user_id1", "user_id2"]} for access restricted to specific users.
+    # Defines access control rules for this entry.
+    # - `None`: Public access, available to all users with the "user" role.
+    # - `{}`: Private access, restricted exclusively to the owner.
+    # - Custom permissions: Specific access control for reading and writing;
+    #   Can specify group or user-level restrictions:
+    #   {
+    #      "read": {
+    #          "group_ids": ["group_id1", "group_id2"],
+    #          "user_ids":  ["user_id1", "user_id2"]
+    #      },
+    #      "write": {
+    #          "group_ids": ["group_id1", "group_id2"],
+    #          "user_ids":  ["user_id1", "user_id2"]
+    #      }
+    #   }

    updated_at = Column(BigInteger)
    created_at = Column(BigInteger)
@ -86,7 +97,7 @@ class ModelModel(BaseModel):
    params: ModelParams
    meta: ModelMeta

-    access_control = Optional[dict] = None
+    access_control: Optional[dict] = None

    updated_at: int  # timestamp in epoch
    created_at: int  # timestamp in epoch
--- a/backend/open_webui/apps/webui/models/prompts.py
+++ b/backend/open_webui/apps/webui/models/prompts.py
@ -20,10 +20,21 @@ class Prompt(Base):
    timestamp = Column(BigInteger)

    access_control = Column(JSON, nullable=True)  # Controls data access levels.
-    # NULL for public access (open to all users with "user" role).
-    # {} for individual access (private to the owner).
-    # {"group_ids": ["group_id1", "group_id2"]} for access restricted to specific groups.
-    # {"user_ids": ["user_id1", "user_id2"]} for access restricted to specific users.
+    # Defines access control rules for this entry.
+    # - `None`: Public access, available to all users with the "user" role.
+    # - `{}`: Private access, restricted exclusively to the owner.
+    # - Custom permissions: Specific access control for reading and writing;
+    #   Can specify group or user-level restrictions:
+    #   {
+    #      "read": {
+    #          "group_ids": ["group_id1", "group_id2"],
+    #          "user_ids":  ["user_id1", "user_id2"]
+    #      },
+    #      "write": {
+    #          "group_ids": ["group_id1", "group_id2"],
+    #          "user_ids":  ["user_id1", "user_id2"]
+    #      }
+    #   }


 class PromptModel(BaseModel):
@ -33,7 +44,7 @@ class PromptModel(BaseModel):
    content: str
    timestamp: int  # timestamp in epoch

-    access_control = Optional[dict] = None
+    access_control: Optional[dict] = None
    model_config = ConfigDict(from_attributes=True)


--- a/backend/open_webui/apps/webui/models/tools.py
+++ b/backend/open_webui/apps/webui/models/tools.py
@ -28,10 +28,21 @@ class Tool(Base):
    valves = Column(JSONField)

    access_control = Column(JSON, nullable=True)  # Controls data access levels.
-    # NULL for public access (open to all users with "user" role).
-    # {} for individual access (private to the owner).
-    # {"group_ids": ["group_id1", "group_id2"]} for access restricted to specific groups.
-    # {"user_ids": ["user_id1", "user_id2"]} for access restricted to specific users.
+    # Defines access control rules for this entry.
+    # - `None`: Public access, available to all users with the "user" role.
+    # - `{}`: Private access, restricted exclusively to the owner.
+    # - Custom permissions: Specific access control for reading and writing;
+    #   Can specify group or user-level restrictions:
+    #   {
+    #      "read": {
+    #          "group_ids": ["group_id1", "group_id2"],
+    #          "user_ids":  ["user_id1", "user_id2"]
+    #      },
+    #      "write": {
+    #          "group_ids": ["group_id1", "group_id2"],
+    #          "user_ids":  ["user_id1", "user_id2"]
+    #      }
+    #   }

    updated_at = Column(BigInteger)
    created_at = Column(BigInteger)
@ -49,7 +60,7 @@ class ToolModel(BaseModel):
    content: str
    specs: list[dict]
    meta: ToolMeta
-    access_control = Optional[dict] = None
+    access_control: Optional[dict] = None

    updated_at: int  # timestamp in epoch
    created_at: int  # timestamp in epoch
--- a/backend/open_webui/migrations/versions/922e7a387820_add_group_table.py
+++ b/backend/open_webui/migrations/versions/922e7a387820_add_group_table.py
@ -25,7 +25,6 @@ def upgrade():
        sa.Column("meta", sa.JSON(), nullable=True),
        sa.Column("permissions", sa.JSON(), nullable=True),
        sa.Column("user_ids", sa.JSON(), nullable=True),
-        sa.Column("admin_ids", sa.JSON(), nullable=True),
        sa.Column("created_at", sa.BigInteger(), nullable=True),
        sa.Column("updated_at", sa.BigInteger(), nullable=True),
    )