ti.sil/open-webui
1
0
Fork 0
mirror of https://github.com/open-webui/open-webui.git synced 2025-12-12 04:15:25 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

feat: Add administrator permission control to the two remaining APIs

Browse source
This commit is contained in:
Shirasawa 2025-08-13 07:02:36 +00:00
parent 1e67035bd3
commit e966f54001
1 changed files with 7 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
backend/open_webui/main.py
View file

@ -327,6 +327,7 @@ from open_webui.config import (
ENABLE_MESSAGE_RATING, ENABLE_MESSAGE_RATING,
ENABLE_USER_WEBHOOKS, ENABLE_USER_WEBHOOKS,
ENABLE_EVALUATION_ARENA_MODELS, ENABLE_EVALUATION_ARENA_MODELS,
ENABLE_ADMIN_WORKSPACE_CONTENT_ACCESS,
USER_PERMISSIONS, USER_PERMISSIONS,
DEFAULT_USER_ROLE, DEFAULT_USER_ROLE,
PENDING_USER_OVERLAY_CONTENT, PENDING_USER_OVERLAY_CONTENT,
@ -1321,7 +1322,9 @@ async def get_models(
) )
# Filter out models that the user does not have access to # Filter out models that the user does not have access to
if user.role == "user" and not BYPASS_MODEL_ACCESS_CONTROL: if not BYPASS_MODEL_ACCESS_CONTROL and (
user.role != "admin" or not ENABLE_ADMIN_WORKSPACE_CONTENT_ACCESS
):
models = get_filtered_models(models, user) models = get_filtered_models(models, user)
log.debug( log.debug(
@ -1392,7 +1395,9 @@ async def chat_completion(
model_info = Models.get_model_by_id(model_id) model_info = Models.get_model_by_id(model_id)
# Check if user has access to the model # Check if user has access to the model
if not BYPASS_MODEL_ACCESS_CONTROL and user.role == "user": if not BYPASS_MODEL_ACCESS_CONTROL and (
user.role != "admin" or not ENABLE_ADMIN_WORKSPACE_CONTENT_ACCESS
):
try: try:
check_model_access(user, model) check_model_access(user, model)
except Exception as e: except Exception as e: