ti.sil/open-webui
1
0
Fork 0
mirror of https://github.com/open-webui/open-webui.git synced 2025-12-12 20:35:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

refac

Browse source
This commit is contained in:
Timothy Jaeryang Baek 2025-07-12 00:34:18 +04:00
parent 9b84a8e443
commit d509ca1133
1 changed files with 12 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
backend/open_webui/socket/main.py
View file

@ -353,8 +353,12 @@ async def yjs_document_join(sid, data):
log.error(f"Note {note_id} not found")
return
if user.get("role") != "admin" and has_access(
user.get("id"), type="read", access_control=note.access_control
if (
user.get("role") != "admin"
and user.get("id") != note.user_id
and not has_access(
user.get("id"), type="read", access_control=note.access_control
)
):
log.error(
f"User {user.get('id')} does not have access to note {note_id}"
@ -424,8 +428,12 @@ async def document_save_handler(document_id, data, user):
log.error(f"Note {note_id} not found")
return
if user.get("role") != "admin" and has_access(
user.get("id"), type="read", access_control=note.access_control
if (
user.get("role") != "admin"
and user.get("id") != note.user_id
and not has_access(
user.get("id"), type="read", access_control=note.access_control
)
):
log.error(f"User {user.get('id')} does not have access to note {note_id}")
return