ti.sil/open-webui
1
0
Fork 0
mirror of https://github.com/open-webui/open-webui.git synced 2025-12-12 04:15:25 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

fix/refac: workspace shared model list

Browse source
This commit is contained in:
Timothy Jaeryang Baek 2025-11-25 06:32:27 -05:00
parent f3547568e4
commit 69722ba973
2 changed files with 35 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

33
backend/open_webui/models/models.py
View file

@ -220,6 +220,34 @@ class ModelsTable:
or has_access(user_id, permission, model.access_control, user_group_ids) or has_access(user_id, permission, model.access_control, user_group_ids)
] ]
def _has_write_permission(self, query, filter: dict):
if filter.get("group_ids") or filter.get("user_id"):
conditions = []
# --- ANY group_ids match ("write".group_ids) ---
if filter.get("group_ids"):
group_ids = filter["group_ids"]
like_clauses = []
for gid in group_ids:
like_clauses.append(
cast(Model.access_control, String).like(
f'%"write"%"group_ids"%"{gid}"%'
)
)
# ANY → OR
conditions.append(or_(*like_clauses))
# --- user_id match (owner) ---
if filter.get("user_id"):
conditions.append(Model.user_id == filter["user_id"])
# Apply OR across the two groups of conditions
query = query.filter(or_(*conditions))
return query
def search_models( def search_models(
self, user_id: str, filter: dict = {}, skip: int = 0, limit: int = 30 self, user_id: str, filter: dict = {}, skip: int = 0, limit: int = 30
) -> ModelListResponse: ) -> ModelListResponse:
@ -238,11 +266,10 @@ class ModelsTable:
) )
) )
if filter.get("user_id"): # Apply access control filtering
query = query.filter(Model.user_id == filter.get("user_id")) query = self._has_write_permission(query, filter)
view_option = filter.get("view_option") view_option = filter.get("view_option")
if view_option == "created": if view_option == "created":
query = query.filter(Model.user_id == user_id) query = query.filter(Model.user_id == user_id)
elif view_option == "shared": elif view_option == "shared":

5
backend/open_webui/routers/models.py
View file

@ -5,6 +5,7 @@ import json
import asyncio import asyncio
import logging import logging
from open_webui.models.groups import Groups
from open_webui.models.models import ( from open_webui.models.models import (
ModelForm, ModelForm,
ModelModel, ModelModel,
@ -78,6 +79,10 @@ async def get_models(
filter["direction"] = direction filter["direction"] = direction
if not user.role == "admin" or not BYPASS_ADMIN_ACCESS_CONTROL: if not user.role == "admin" or not BYPASS_ADMIN_ACCESS_CONTROL:
groups = Groups.get_groups_by_member_id(user.id)
if groups:
filter["group_ids"] = [group.id for group in groups]
filter["user_id"] = user.id filter["user_id"] = user.id
return Models.search_models(user.id, filter=filter, skip=skip, limit=limit) return Models.search_models(user.id, filter=filter, skip=skip, limit=limit)