From 1a42e96a3b04a780c0b68e4314a7ef9cbb261965 Mon Sep 17 00:00:00 2001 From: Rain6435 Date: Thu, 14 Aug 2025 01:45:02 -0400 Subject: [PATCH 1/2] fix: resolve Azure PostgreSQL pgvector extension permission issue Replace direct CREATE EXTENSION commands with conditional checks to avoid permission errors on Azure PostgreSQL Flexible Server where only azure_pg_admin members can create extensions. - Check pg_extension table before attempting to create vector extension - Apply same fix to pgcrypto extension for consistency - Allows following least privilege principle for database users Fixes #12453 --- .../retrieval/vector/dbs/pgvector.py | 20 +++++++++++++++++-- 1 file changed, 18 insertions(+), 2 deletions(-) diff --git a/backend/open_webui/retrieval/vector/dbs/pgvector.py b/backend/open_webui/retrieval/vector/dbs/pgvector.py index 9deb61f5a3..4c5d1f7dcd 100644 --- a/backend/open_webui/retrieval/vector/dbs/pgvector.py +++ b/backend/open_webui/retrieval/vector/dbs/pgvector.py @@ -111,11 +111,27 @@ class PgvectorClient(VectorDBBase): try: # Ensure the pgvector extension is available - self.session.execute(text("CREATE EXTENSION IF NOT EXISTS vector;")) + # Use a conditional check to avoid permission issues on Azure PostgreSQL + self.session.execute(text(""" + DO $$ + BEGIN + IF NOT EXISTS (SELECT 1 FROM pg_extension WHERE extname = 'vector') THEN + CREATE EXTENSION IF NOT EXISTS vector; + END IF; + END $$; + """)) if PGVECTOR_PGCRYPTO: # Ensure the pgcrypto extension is available for encryption - self.session.execute(text("CREATE EXTENSION IF NOT EXISTS pgcrypto;")) + # Use a conditional check to avoid permission issues on Azure PostgreSQL + self.session.execute(text(""" + DO $$ + BEGIN + IF NOT EXISTS (SELECT 1 FROM pg_extension WHERE extname = 'pgcrypto') THEN + CREATE EXTENSION IF NOT EXISTS pgcrypto; + END IF; + END $$; + """)) if not PGVECTOR_PGCRYPTO_KEY: raise ValueError( From a1e62ab422904660d6892df56d0924a97d5b4f1f Mon Sep 17 00:00:00 2001 From: Rain6435 Date: Thu, 14 Aug 2025 01:50:57 -0400 Subject: [PATCH 2/2] fix: Formatting --- .../open_webui/retrieval/vector/dbs/pgvector.py | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/backend/open_webui/retrieval/vector/dbs/pgvector.py b/backend/open_webui/retrieval/vector/dbs/pgvector.py index 4c5d1f7dcd..d978f0c824 100644 --- a/backend/open_webui/retrieval/vector/dbs/pgvector.py +++ b/backend/open_webui/retrieval/vector/dbs/pgvector.py @@ -112,26 +112,34 @@ class PgvectorClient(VectorDBBase): try: # Ensure the pgvector extension is available # Use a conditional check to avoid permission issues on Azure PostgreSQL - self.session.execute(text(""" + self.session.execute( + text( + """ DO $$ BEGIN IF NOT EXISTS (SELECT 1 FROM pg_extension WHERE extname = 'vector') THEN CREATE EXTENSION IF NOT EXISTS vector; END IF; END $$; - """)) + """ + ) + ) if PGVECTOR_PGCRYPTO: # Ensure the pgcrypto extension is available for encryption # Use a conditional check to avoid permission issues on Azure PostgreSQL - self.session.execute(text(""" + self.session.execute( + text( + """ DO $$ BEGIN IF NOT EXISTS (SELECT 1 FROM pg_extension WHERE extname = 'pgcrypto') THEN CREATE EXTENSION IF NOT EXISTS pgcrypto; END IF; END $$; - """)) + """ + ) + ) if not PGVECTOR_PGCRYPTO_KEY: raise ValueError(