backend/open_webui/routers/groups.py

import os
from pathlib import Path
from typing import Optional
import logging

from open_webui.models.users import Users, UserInfoResponse
from open_webui.models.groups import (
    Groups,
    GroupForm,
    GroupInfoResponse,
    GroupUpdateForm,
    GroupResponse,
    UserIdsForm,
)

from open_webui.config import CACHE_DIR
from open_webui.constants import ERROR_MESSAGES
from fastapi import APIRouter, Depends, HTTPException, Request, status

from open_webui.internal.db import get_session
from sqlalchemy.orm import Session

from open_webui.utils.auth import get_admin_user, get_verified_user

log = logging.getLogger(__name__)

router = APIRouter()

############################
# GetFunctions
############################


@router.get("/", response_model=list[GroupResponse])
async def get_groups(
    share: Optional[bool] = None,
    user=Depends(get_verified_user),
    db: Session = Depends(get_session),
):

    filter = {}

    # Admins can share to all groups regardless of share setting
    if user.role != "admin":
        filter["member_id"] = user.id
        if share is not None:
            filter["share"] = share

    groups = Groups.get_groups(filter=filter, db=db)

    return groups


############################
# CreateNewGroup
############################


@router.post("/create", response_model=Optional[GroupResponse])
async def create_new_group(
    form_data: GroupForm,
    user=Depends(get_admin_user),
    db: Session = Depends(get_session),
):
    try:
        group = Groups.insert_new_group(user.id, form_data, db=db)
        if group:
            return GroupResponse(
                **group.model_dump(),
                member_count=Groups.get_group_member_count_by_id(group.id, db=db),
            )
        else:
            raise HTTPException(
                status_code=status.HTTP_400_BAD_REQUEST,
                detail=ERROR_MESSAGES.DEFAULT("Error creating group"),
            )
    except Exception as e:
        log.exception(f"Error creating a new group: {e}")
        raise HTTPException(
            status_code=status.HTTP_400_BAD_REQUEST,
            detail=ERROR_MESSAGES.DEFAULT(e),
        )


############################
# GetGroupById
############################


@router.get("/id/{id}", response_model=Optional[GroupResponse])
async def get_group_by_id(
    id: str, user=Depends(get_admin_user), db: Session = Depends(get_session)
):
    group = Groups.get_group_by_id(id, db=db)
    if group:
        return GroupResponse(
            **group.model_dump(),
            member_count=Groups.get_group_member_count_by_id(group.id, db=db),
        )
    else:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail=ERROR_MESSAGES.NOT_FOUND,
        )


@router.get("/id/{id}/info", response_model=Optional[GroupInfoResponse])
async def get_group_info_by_id(
    id: str, user=Depends(get_verified_user), db: Session = Depends(get_session)
):
    group = Groups.get_group_by_id(id, db=db)
    if group:
        return GroupInfoResponse(
            **group.model_dump(),
            member_count=Groups.get_group_member_count_by_id(group.id, db=db),
        )
    else:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail=ERROR_MESSAGES.NOT_FOUND,
        )


############################
# ExportGroupById
############################


class GroupExportResponse(GroupResponse):
    user_ids: list[str] = []
    pass


@router.get("/id/{id}/export", response_model=Optional[GroupExportResponse])
async def export_group_by_id(
    id: str, user=Depends(get_admin_user), db: Session = Depends(get_session)
):
    group = Groups.get_group_by_id(id, db=db)
    if group:
        return GroupExportResponse(
            **group.model_dump(),
            member_count=Groups.get_group_member_count_by_id(group.id, db=db),
            user_ids=Groups.get_group_user_ids_by_id(group.id, db=db),
        )
    else:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail=ERROR_MESSAGES.NOT_FOUND,
        )


############################
# GetUsersInGroupById
############################


@router.post("/id/{id}/users", response_model=list[UserInfoResponse])
async def get_users_in_group(
    id: str, user=Depends(get_admin_user), db: Session = Depends(get_session)
):
    try:
        users = Users.get_users_by_group_id(id, db=db)
        return users
    except Exception as e:
        log.exception(f"Error adding users to group {id}: {e}")
        raise HTTPException(
            status_code=status.HTTP_400_BAD_REQUEST,
            detail=ERROR_MESSAGES.DEFAULT(e),
        )


############################
# UpdateGroupById
############################


@router.post("/id/{id}/update", response_model=Optional[GroupResponse])
async def update_group_by_id(
    id: str,
    form_data: GroupUpdateForm,
    user=Depends(get_admin_user),
    db: Session = Depends(get_session),
):
    try:
        group = Groups.update_group_by_id(id, form_data, db=db)
        if group:
            return GroupResponse(
                **group.model_dump(),
                member_count=Groups.get_group_member_count_by_id(group.id, db=db),
            )
        else:
            raise HTTPException(
                status_code=status.HTTP_400_BAD_REQUEST,
                detail=ERROR_MESSAGES.DEFAULT("Error updating group"),
            )
    except Exception as e:
        log.exception(f"Error updating group {id}: {e}")
        raise HTTPException(
            status_code=status.HTTP_400_BAD_REQUEST,
            detail=ERROR_MESSAGES.DEFAULT(e),
        )


############################
# AddUserToGroupByUserIdAndGroupId
############################


@router.post("/id/{id}/users/add", response_model=Optional[GroupResponse])
async def add_user_to_group(
    id: str,
    form_data: UserIdsForm,
    user=Depends(get_admin_user),
    db: Session = Depends(get_session),
):
    try:
        if form_data.user_ids:
            form_data.user_ids = Users.get_valid_user_ids(form_data.user_ids, db=db)

        group = Groups.add_users_to_group(id, form_data.user_ids, db=db)
        if group:
            return GroupResponse(
                **group.model_dump(),
                member_count=Groups.get_group_member_count_by_id(group.id, db=db),
            )
        else:
            raise HTTPException(
                status_code=status.HTTP_400_BAD_REQUEST,
                detail=ERROR_MESSAGES.DEFAULT("Error adding users to group"),
            )
    except Exception as e:
        log.exception(f"Error adding users to group {id}: {e}")
        raise HTTPException(
            status_code=status.HTTP_400_BAD_REQUEST,
            detail=ERROR_MESSAGES.DEFAULT(e),
        )


@router.post("/id/{id}/users/remove", response_model=Optional[GroupResponse])
async def remove_users_from_group(
    id: str,
    form_data: UserIdsForm,
    user=Depends(get_admin_user),
    db: Session = Depends(get_session),
):
    try:
        group = Groups.remove_users_from_group(id, form_data.user_ids, db=db)
        if group:
            return GroupResponse(
                **group.model_dump(),
                member_count=Groups.get_group_member_count_by_id(group.id, db=db),
            )
        else:
            raise HTTPException(
                status_code=status.HTTP_400_BAD_REQUEST,
                detail=ERROR_MESSAGES.DEFAULT("Error removing users from group"),
            )
    except Exception as e:
        log.exception(f"Error removing users from group {id}: {e}")
        raise HTTPException(
            status_code=status.HTTP_400_BAD_REQUEST,
            detail=ERROR_MESSAGES.DEFAULT(e),
        )


############################
# DeleteGroupById
############################


@router.delete("/id/{id}/delete", response_model=bool)
async def delete_group_by_id(
    id: str, user=Depends(get_admin_user), db: Session = Depends(get_session)
):
    try:
        result = Groups.delete_group_by_id(id, db=db)
        if result:
            return result
        else:
            raise HTTPException(
                status_code=status.HTTP_400_BAD_REQUEST,
                detail=ERROR_MESSAGES.DEFAULT("Error deleting group"),
            )
    except Exception as e:
        log.exception(f"Error deleting group {id}: {e}")
        raise HTTPException(
            status_code=status.HTTP_400_BAD_REQUEST,
            detail=ERROR_MESSAGES.DEFAULT(e),
        )
feat: groups backend 2024-11-14 18:35:14 -08:00			`import os`
			`from pathlib import Path`
			`from typing import Optional`
refactor: replace print statements with logging for better error tracking 2025-02-25 15:36:25 +01:00			`import logging`
enh: validate user id before saving group 2025-01-20 23:09:55 -08:00
enh: group members endpoint 2025-12-02 11:24:23 -05:00			`from open_webui.models.users import Users, UserInfoResponse`
wip 2024-12-10 00:54:13 -08:00			`from open_webui.models.groups import (`
feat: groups backend 2024-11-14 18:35:14 -08:00			`Groups,`
			`GroupForm,`
refac 2026-02-09 13:28:14 -06:00			`GroupInfoResponse,`
feat: groups backend 2024-11-14 18:35:14 -08:00			`GroupUpdateForm,`
			`GroupResponse,`
refac/enh: group add/remove users endpoints 2025-07-17 01:50:37 +04:00			`UserIdsForm,`
feat: groups backend 2024-11-14 18:35:14 -08:00			`)`

			`from open_webui.config import CACHE_DIR`
			`from open_webui.constants import ERROR_MESSAGES`
			`from fastapi import APIRouter, Depends, HTTPException, Request, status`
refactor: replace print statements with logging for better error tracking 2025-02-25 15:36:25 +01:00
refac/enh: db session sharing 2025-12-29 00:21:18 +04:00			`from open_webui.internal.db import get_session`
			`from sqlalchemy.orm import Session`

refac 2024-12-08 16:01:56 -08:00			`from open_webui.utils.auth import get_admin_user, get_verified_user`
refactor: replace print statements with logging for better error tracking 2025-02-25 15:36:25 +01:00
			`log = logging.getLogger(__name__)`
feat: groups backend 2024-11-14 18:35:14 -08:00
			`router = APIRouter()`

			`############################`
			`# GetFunctions`
			`############################`


			`@router.get("/", response_model=list[GroupResponse])`
refac/enh: db session sharing 2025-12-29 00:21:18 +04:00			`async def get_groups(`
			`share: Optional[bool] = None,`
			`user=Depends(get_verified_user),`
			`db: Session = Depends(get_session),`
			`):`
feat/enh: group share setting 2025-11-20 19:12:56 -05:00
refac: db group 2025-11-28 22:48:58 -05:00			`filter = {}`
refac: group share to settings 2026-01-05 05:32:56 +04:00
			`# Admins can share to all groups regardless of share setting`
refac: db group 2025-11-28 22:48:58 -05:00			`if user.role != "admin":`
			`filter["member_id"] = user.id`
refac: group share to settings 2026-01-05 05:32:56 +04:00			`if share is not None:`
			`filter["share"] = share`
refac: db group 2025-11-28 22:48:58 -05:00
refac/enh: db session sharing 2025-12-29 00:21:18 +04:00			`groups = Groups.get_groups(filter=filter, db=db)`
refac: db group 2025-11-28 22:48:58 -05:00
			`return groups`
feat: groups backend 2024-11-14 18:35:14 -08:00

			`############################`
			`# CreateNewGroup`
			`############################`


			`@router.post("/create", response_model=Optional[GroupResponse])`
refac/enh: db session sharing 2025-12-29 00:21:18 +04:00			`async def create_new_group(`
			`form_data: GroupForm,`
			`user=Depends(get_admin_user),`
			`db: Session = Depends(get_session),`
			`):`
feat: groups backend 2024-11-14 18:35:14 -08:00			`try:`
refac/enh: db session sharing 2025-12-29 00:21:18 +04:00			`group = Groups.insert_new_group(user.id, form_data, db=db)`
feat: groups backend 2024-11-14 18:35:14 -08:00			`if group:`
refac: group members backend 2025-11-17 05:09:06 -05:00			`return GroupResponse(`
			`**group.model_dump(),`
refac/enh: db session sharing 2025-12-29 00:21:18 +04:00			`member_count=Groups.get_group_member_count_by_id(group.id, db=db),`
refac: group members backend 2025-11-17 05:09:06 -05:00			`)`
feat: groups backend 2024-11-14 18:35:14 -08:00			`else:`
			`raise HTTPException(`
			`status_code=status.HTTP_400_BAD_REQUEST,`
			`detail=ERROR_MESSAGES.DEFAULT("Error creating group"),`
			`)`
			`except Exception as e:`
refactor: replace print statements with logging for better error tracking 2025-02-25 15:36:25 +01:00			`log.exception(f"Error creating a new group: {e}")`
feat: groups backend 2024-11-14 18:35:14 -08:00			`raise HTTPException(`
			`status_code=status.HTTP_400_BAD_REQUEST,`
			`detail=ERROR_MESSAGES.DEFAULT(e),`
			`)`


			`############################`
			`# GetGroupById`
			`############################`


			`@router.get("/id/{id}", response_model=Optional[GroupResponse])`
refac/enh: db session sharing 2025-12-29 00:21:18 +04:00			`async def get_group_by_id(`
			`id: str, user=Depends(get_admin_user), db: Session = Depends(get_session)`
			`):`
			`group = Groups.get_group_by_id(id, db=db)`
feat: groups backend 2024-11-14 18:35:14 -08:00			`if group:`
refac: group members backend 2025-11-17 05:09:06 -05:00			`return GroupResponse(`
			`**group.model_dump(),`
refac/enh: db session sharing 2025-12-29 00:21:18 +04:00			`member_count=Groups.get_group_member_count_by_id(group.id, db=db),`
refac: group members backend 2025-11-17 05:09:06 -05:00			`)`
feat: groups backend 2024-11-14 18:35:14 -08:00			`else:`
			`raise HTTPException(`
			`status_code=status.HTTP_401_UNAUTHORIZED,`
			`detail=ERROR_MESSAGES.NOT_FOUND,`
			`)`


refac 2026-02-09 13:28:14 -06:00			`@router.get("/id/{id}/info", response_model=Optional[GroupInfoResponse])`
			`async def get_group_info_by_id(`
			`id: str, user=Depends(get_verified_user), db: Session = Depends(get_session)`
			`):`
			`group = Groups.get_group_by_id(id, db=db)`
			`if group:`
			`return GroupInfoResponse(`
			`**group.model_dump(),`
			`member_count=Groups.get_group_member_count_by_id(group.id, db=db),`
			`)`
			`else:`
			`raise HTTPException(`
			`status_code=status.HTTP_401_UNAUTHORIZED,`
			`detail=ERROR_MESSAGES.NOT_FOUND,`
			`)`


feat/enh: group export endpoint 2025-11-27 04:44:01 -05:00			`############################`
			`# ExportGroupById`
			`############################`


			`class GroupExportResponse(GroupResponse):`
			`user_ids: list[str] = []`
			`pass`


			`@router.get("/id/{id}/export", response_model=Optional[GroupExportResponse])`
refac/enh: db session sharing 2025-12-29 00:21:18 +04:00			`async def export_group_by_id(`
			`id: str, user=Depends(get_admin_user), db: Session = Depends(get_session)`
			`):`
			`group = Groups.get_group_by_id(id, db=db)`
feat/enh: group export endpoint 2025-11-27 04:44:01 -05:00			`if group:`
			`return GroupExportResponse(`
			`**group.model_dump(),`
refac/enh: db session sharing 2025-12-29 00:21:18 +04:00			`member_count=Groups.get_group_member_count_by_id(group.id, db=db),`
			`user_ids=Groups.get_group_user_ids_by_id(group.id, db=db),`
feat/enh: group export endpoint 2025-11-27 04:44:01 -05:00			`)`
			`else:`
			`raise HTTPException(`
			`status_code=status.HTTP_401_UNAUTHORIZED,`
			`detail=ERROR_MESSAGES.NOT_FOUND,`
			`)`


enh: group members endpoint 2025-12-02 11:24:23 -05:00			`############################`
			`# GetUsersInGroupById`
			`############################`


			`@router.post("/id/{id}/users", response_model=list[UserInfoResponse])`
refac/enh: db session sharing 2025-12-29 00:21:18 +04:00			`async def get_users_in_group(`
			`id: str, user=Depends(get_admin_user), db: Session = Depends(get_session)`
			`):`
enh: group members endpoint 2025-12-02 11:24:23 -05:00			`try:`
refac/enh: db session sharing 2025-12-29 00:21:18 +04:00			`users = Users.get_users_by_group_id(id, db=db)`
enh: group members endpoint 2025-12-02 11:24:23 -05:00			`return users`
			`except Exception as e:`
			`log.exception(f"Error adding users to group {id}: {e}")`
			`raise HTTPException(`
			`status_code=status.HTTP_400_BAD_REQUEST,`
			`detail=ERROR_MESSAGES.DEFAULT(e),`
			`)`


feat: groups backend 2024-11-14 18:35:14 -08:00			`############################`
			`# UpdateGroupById`
			`############################`


			`@router.post("/id/{id}/update", response_model=Optional[GroupResponse])`
			`async def update_group_by_id(`
refac/enh: db session sharing 2025-12-29 00:21:18 +04:00			`id: str,`
			`form_data: GroupUpdateForm,`
			`user=Depends(get_admin_user),`
			`db: Session = Depends(get_session),`
feat: groups backend 2024-11-14 18:35:14 -08:00			`):`
			`try:`
refac/enh: db session sharing 2025-12-29 00:21:18 +04:00			`group = Groups.update_group_by_id(id, form_data, db=db)`
feat: groups backend 2024-11-14 18:35:14 -08:00			`if group:`
refac: group members backend 2025-11-17 05:09:06 -05:00			`return GroupResponse(`
			`**group.model_dump(),`
refac/enh: db session sharing 2025-12-29 00:21:18 +04:00			`member_count=Groups.get_group_member_count_by_id(group.id, db=db),`
refac: group members backend 2025-11-17 05:09:06 -05:00			`)`
feat: groups backend 2024-11-14 18:35:14 -08:00			`else:`
			`raise HTTPException(`
			`status_code=status.HTTP_400_BAD_REQUEST,`
			`detail=ERROR_MESSAGES.DEFAULT("Error updating group"),`
			`)`
			`except Exception as e:`
refactor: replace print statements with logging for better error tracking 2025-02-25 15:36:25 +01:00			`log.exception(f"Error updating group {id}: {e}")`
feat: groups backend 2024-11-14 18:35:14 -08:00			`raise HTTPException(`
			`status_code=status.HTTP_400_BAD_REQUEST,`
			`detail=ERROR_MESSAGES.DEFAULT(e),`
			`)`


refac/enh: group add/remove users endpoints 2025-07-17 01:50:37 +04:00			`############################`
			`# AddUserToGroupByUserIdAndGroupId`
			`############################`


			`@router.post("/id/{id}/users/add", response_model=Optional[GroupResponse])`
			`async def add_user_to_group(`
refac/enh: db session sharing 2025-12-29 00:21:18 +04:00			`id: str,`
			`form_data: UserIdsForm,`
			`user=Depends(get_admin_user),`
			`db: Session = Depends(get_session),`
refac/enh: group add/remove users endpoints 2025-07-17 01:50:37 +04:00			`):`
			`try:`
			`if form_data.user_ids:`
refac/enh: db session sharing 2025-12-29 00:21:18 +04:00			`form_data.user_ids = Users.get_valid_user_ids(form_data.user_ids, db=db)`
refac/enh: group add/remove users endpoints 2025-07-17 01:50:37 +04:00
refac/enh: db session sharing 2025-12-29 00:21:18 +04:00			`group = Groups.add_users_to_group(id, form_data.user_ids, db=db)`
refac/enh: group add/remove users endpoints 2025-07-17 01:50:37 +04:00			`if group:`
refac: group members backend 2025-11-17 05:09:06 -05:00			`return GroupResponse(`
			`**group.model_dump(),`
refac/enh: db session sharing 2025-12-29 00:21:18 +04:00			`member_count=Groups.get_group_member_count_by_id(group.id, db=db),`
refac: group members backend 2025-11-17 05:09:06 -05:00			`)`
refac/enh: group add/remove users endpoints 2025-07-17 01:50:37 +04:00			`else:`
			`raise HTTPException(`
			`status_code=status.HTTP_400_BAD_REQUEST,`
			`detail=ERROR_MESSAGES.DEFAULT("Error adding users to group"),`
			`)`
			`except Exception as e:`
			`log.exception(f"Error adding users to group {id}: {e}")`
			`raise HTTPException(`
			`status_code=status.HTTP_400_BAD_REQUEST,`
			`detail=ERROR_MESSAGES.DEFAULT(e),`
			`)`


			`@router.post("/id/{id}/users/remove", response_model=Optional[GroupResponse])`
			`async def remove_users_from_group(`
refac/enh: db session sharing 2025-12-29 00:21:18 +04:00			`id: str,`
			`form_data: UserIdsForm,`
			`user=Depends(get_admin_user),`
			`db: Session = Depends(get_session),`
refac/enh: group add/remove users endpoints 2025-07-17 01:50:37 +04:00			`):`
			`try:`
refac/enh: db session sharing 2025-12-29 00:21:18 +04:00			`group = Groups.remove_users_from_group(id, form_data.user_ids, db=db)`
refac/enh: group add/remove users endpoints 2025-07-17 01:50:37 +04:00			`if group:`
refac: group members backend 2025-11-17 05:09:06 -05:00			`return GroupResponse(`
			`**group.model_dump(),`
refac/enh: db session sharing 2025-12-29 00:21:18 +04:00			`member_count=Groups.get_group_member_count_by_id(group.id, db=db),`
refac: group members backend 2025-11-17 05:09:06 -05:00			`)`
refac/enh: group add/remove users endpoints 2025-07-17 01:50:37 +04:00			`else:`
			`raise HTTPException(`
			`status_code=status.HTTP_400_BAD_REQUEST,`
			`detail=ERROR_MESSAGES.DEFAULT("Error removing users from group"),`
			`)`
			`except Exception as e:`
			`log.exception(f"Error removing users from group {id}: {e}")`
			`raise HTTPException(`
			`status_code=status.HTTP_400_BAD_REQUEST,`
			`detail=ERROR_MESSAGES.DEFAULT(e),`
			`)`


feat: groups backend 2024-11-14 18:35:14 -08:00			`############################`
			`# DeleteGroupById`
			`############################`


			`@router.delete("/id/{id}/delete", response_model=bool)`
refac/enh: db session sharing 2025-12-29 00:21:18 +04:00			`async def delete_group_by_id(`
			`id: str, user=Depends(get_admin_user), db: Session = Depends(get_session)`
			`):`
feat: groups backend 2024-11-14 18:35:14 -08:00			`try:`
refac/enh: db session sharing 2025-12-29 00:21:18 +04:00			`result = Groups.delete_group_by_id(id, db=db)`
feat: groups backend 2024-11-14 18:35:14 -08:00			`if result:`
			`return result`
			`else:`
			`raise HTTPException(`
			`status_code=status.HTTP_400_BAD_REQUEST,`
			`detail=ERROR_MESSAGES.DEFAULT("Error deleting group"),`
			`)`
			`except Exception as e:`
refactor: replace print statements with logging for better error tracking 2025-02-25 15:36:25 +01:00			`log.exception(f"Error deleting group {id}: {e}")`
feat: groups backend 2024-11-14 18:35:14 -08:00			`raise HTTPException(`
			`status_code=status.HTTP_400_BAD_REQUEST,`
			`detail=ERROR_MESSAGES.DEFAULT(e),`
			`)`