ti.sil/open-webui
1
0
Fork 0
mirror of https://github.com/open-webui/open-webui.git synced 2025-12-12 04:15:25 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

fix: uploaded file should not be deleted

Browse source
This commit is contained in:
Timothy Jaeryang Baek 2025-01-29 14:20:51 -08:00
parent 40a4443949
commit 4abede9a2b
1 changed files with 7 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
backend/open_webui/routers/knowledge.py
View file

@ -264,7 +264,8 @@ def add_file_to_knowledge_by_id(
detail=ERROR_MESSAGES.NOT_FOUND, detail=ERROR_MESSAGES.NOT_FOUND,
) )
if (knowledge.user_id != user.id if (
knowledge.user_id != user.id
and not has_access(user.id, "write", knowledge.access_control) and not has_access(user.id, "write", knowledge.access_control)
and user.role != "admin" and user.role != "admin"
): ):
@ -349,7 +350,7 @@ def update_file_from_knowledge_by_id(
knowledge.user_id != user.id knowledge.user_id != user.id
and not has_access(user.id, "write", knowledge.access_control) and not has_access(user.id, "write", knowledge.access_control)
and user.role != "admin" and user.role != "admin"
): ):
raise HTTPException( raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST, status_code=status.HTTP_400_BAD_REQUEST,
@ -418,7 +419,7 @@ def remove_file_from_knowledge_by_id(
knowledge.user_id != user.id knowledge.user_id != user.id
and not has_access(user.id, "write", knowledge.access_control) and not has_access(user.id, "write", knowledge.access_control)
and user.role != "admin" and user.role != "admin"
): ):
raise HTTPException( raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST, status_code=status.HTTP_400_BAD_REQUEST,
detail=ERROR_MESSAGES.ACCESS_PROHIBITED, detail=ERROR_MESSAGES.ACCESS_PROHIBITED,
@ -441,10 +442,6 @@ def remove_file_from_knowledge_by_id(
if VECTOR_DB_CLIENT.has_collection(collection_name=file_collection): if VECTOR_DB_CLIENT.has_collection(collection_name=file_collection):
VECTOR_DB_CLIENT.delete_collection(collection_name=file_collection) VECTOR_DB_CLIENT.delete_collection(collection_name=file_collection)
# Delete physical file
if file.path:
Storage.delete_file(file.path)
# Delete file from database # Delete file from database
Files.delete_file_by_id(form_data.file_id) Files.delete_file_by_id(form_data.file_id)
@ -500,7 +497,7 @@ async def delete_knowledge_by_id(id: str, user=Depends(get_verified_user)):
knowledge.user_id != user.id knowledge.user_id != user.id
and not has_access(user.id, "write", knowledge.access_control) and not has_access(user.id, "write", knowledge.access_control)
and user.role != "admin" and user.role != "admin"
): ):
raise HTTPException( raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST, status_code=status.HTTP_400_BAD_REQUEST,
detail=ERROR_MESSAGES.ACCESS_PROHIBITED, detail=ERROR_MESSAGES.ACCESS_PROHIBITED,
@ -563,7 +560,7 @@ async def reset_knowledge_by_id(id: str, user=Depends(get_verified_user)):
knowledge.user_id != user.id knowledge.user_id != user.id
and not has_access(user.id, "write", knowledge.access_control) and not has_access(user.id, "write", knowledge.access_control)
and user.role != "admin" and user.role != "admin"
): ):
raise HTTPException( raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST, status_code=status.HTTP_400_BAD_REQUEST,
detail=ERROR_MESSAGES.ACCESS_PROHIBITED, detail=ERROR_MESSAGES.ACCESS_PROHIBITED,
@ -606,7 +603,7 @@ def add_files_to_knowledge_batch(
knowledge.user_id != user.id knowledge.user_id != user.id
and not has_access(user.id, "write", knowledge.access_control) and not has_access(user.id, "write", knowledge.access_control)
and user.role != "admin" and user.role != "admin"
): ):
raise HTTPException( raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST, status_code=status.HTTP_400_BAD_REQUEST,
detail=ERROR_MESSAGES.ACCESS_PROHIBITED, detail=ERROR_MESSAGES.ACCESS_PROHIBITED,