ti.sil/open-webui
1
0
Fork 0
mirror of https://github.com/open-webui/open-webui.git synced 2025-12-12 04:15:25 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

refac

Browse source
This commit is contained in:
Timothy Jaeryang Baek 2025-11-23 16:09:37 -05:00
parent 682013cee3
commit 288947a648
1 changed files with 7 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
backend/open_webui/utils/auth.py
View file

@ -377,10 +377,13 @@ def get_current_user_by_api_key(request, api_key: str):
detail=ERROR_MESSAGES.INVALID_TOKEN, detail=ERROR_MESSAGES.INVALID_TOKEN,
) )
if not request.state.enable_api_keys or not has_permission( if not request.state.enable_api_keys or (
user.id, user.role != "admin"
"features.api_keys", and not has_permission(
request.app.state.config.USER_PERMISSIONS, user.id,
"features.api_keys",
request.app.state.config.USER_PERMISSIONS,
)
): ):
raise HTTPException( raise HTTPException(
status.HTTP_403_FORBIDDEN, detail=ERROR_MESSAGES.API_KEY_NOT_ALLOWED status.HTTP_403_FORBIDDEN, detail=ERROR_MESSAGES.API_KEY_NOT_ALLOWED