Mirrors/open-webui
1
0
Fork 0
mirror of https://github.com/open-webui/open-webui.git synced 2026-02-24 12:11:56 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
dev
open-webui/backend/open_webui/routers/knowledge.py

1121 lines
34 KiB
Python
Raw Permalink Normal View History

Add batching
2024-12-13 15:29:43 +01:00
from typing import List, Optional
refac: rename projects -> knowledge
2024-10-01 22:45:04 -07:00
from pydantic import BaseModel
enh: delete_file query param
2025-09-02 21:32:07 +04:00
from fastapi import APIRouter, Depends, HTTPException, status, Request, Query
feat: export kb to zip
2026-01-08 12:49:45 +04:00
from fastapi.responses import StreamingResponse
Update knowledge.py (#19434)
2025-11-24 21:22:23 +01:00
from fastapi.concurrency import run_in_threadpool
fix: empty knowledge delete issue
2024-10-04 11:11:53 -07:00
import logging
feat: export kb to zip
2026-01-08 12:49:45 +04:00
import io
import zipfile
refac: rename projects -> knowledge
2024-10-01 22:45:04 -07:00
refac/enh: db session sharing
2025-12-29 00:21:18 +04:00
from sqlalchemy.orm import Session
from open_webui.internal.db import get_session
enh/refac: kb pagination
2025-12-10 23:19:19 -05:00
from open_webui.models.groups import Groups
wip
2024-12-10 00:54:13 -08:00
from open_webui.models.knowledge import (
feat/enh: kb file pagination
2025-12-10 00:53:41 -05:00
KnowledgeFileListResponse,
refac: rename projects -> knowledge
2024-10-01 22:45:04 -07:00
Knowledges,
KnowledgeForm,
KnowledgeResponse,
enh: knowledge author info
2024-11-18 05:51:01 -08:00
KnowledgeUserResponse,
refac: rename projects -> knowledge
2024-10-01 22:45:04 -07:00
)
feat: Lazy load file content on click
2025-04-18 01:40:30 +02:00
from open_webui.models.files import Files, FileModel, FileMetadataResponse
feat:Add vector type and vector factory class for vector database integration
2025-05-12 23:15:32 +08:00
from open_webui.retrieval.vector.factory import VECTOR_DB_CLIENT
npm run format
2024-12-18 12:18:31 -05:00
from open_webui.routers.retrieval import (
process_file,
ProcessFileForm,
process_files_batch,
BatchProcessFilesForm,
)
fix: complete file cleanup when removing from Knowledge Base
2025-01-12 18:33:27 +01:00
from open_webui.storage.provider import Storage
refac
2024-10-02 20:42:10 -07:00
refac: rename projects -> knowledge
2024-10-01 22:45:04 -07:00
from open_webui.constants import ERROR_MESSAGES
feat: export kb to zip
2026-01-08 12:49:45 +04:00
from open_webui.utils.auth import get_verified_user, get_admin_user
refac
2026-02-23 16:01:03 -06:00
from open_webui.utils.access_control import has_permission, filter_allowed_access_grants
from open_webui.models.access_grants import AccessGrants
refac: knowledge access control
2024-11-16 18:00:57 -08:00
refac: ENABLE_ADMIN_WORKSPACE_CONTENT_ACCESS renamed to BYPASS_ADMIN_ACCESS_CONTROL
2025-08-21 13:08:22 +04:00
from open_webui.config import BYPASS_ADMIN_ACCESS_CONTROL
fix: Knowledge Base Detachment from Models
2025-01-09 16:47:12 +01:00
from open_webui.models.models import Models, ModelForm
fix: empty knowledge delete issue
2024-10-04 11:11:53 -07:00
log = logging.getLogger(__name__)
enh: add/remove file from knowledge
2024-10-03 06:46:20 -07:00
refac: rename projects -> knowledge
2024-10-01 22:45:04 -07:00
router = APIRouter()
############################
enh: knowledge access control
2024-11-16 16:51:55 -08:00
# getKnowledgeBases
refac: rename projects -> knowledge
2024-10-01 22:45:04 -07:00
############################
enh/refac: kb pagination
2025-12-10 23:19:19 -05:00
PAGE_ITEM_COUNT = 30
enh: kb metadata search
2026-01-09 22:21:00 +04:00
############################
# Knowledge Base Embedding
############################
KNOWLEDGE_BASES_COLLECTION = "knowledge-bases"
async def embed_knowledge_base_metadata(
request: Request,
knowledge_base_id: str,
name: str,
description: str,
) -> bool:
"""Generate and store embedding for knowledge base."""
try:
content = f"{name}\n\n{description}" if description else name
embedding = await request.app.state.EMBEDDING_FUNCTION(content)
VECTOR_DB_CLIENT.upsert(
collection_name=KNOWLEDGE_BASES_COLLECTION,
items=[
{
"id": knowledge_base_id,
"text": content,
"vector": embedding,
"metadata": {
"knowledge_base_id": knowledge_base_id,
},
}
],
)
return True
except Exception as e:
log.error(f"Failed to embed knowledge base {knowledge_base_id}: {e}")
return False
def remove_knowledge_base_metadata_embedding(knowledge_base_id: str) -> bool:
"""Remove knowledge base embedding."""
try:
VECTOR_DB_CLIENT.delete(
collection_name=KNOWLEDGE_BASES_COLLECTION,
ids=[knowledge_base_id],
)
return True
except Exception as e:
log.debug(f"Failed to remove embedding for {knowledge_base_id}: {e}")
return False
refac: rename projects -> knowledge
2024-10-01 22:45:04 -07:00
enh/refac: show read only kbs
2025-12-10 16:58:53 -05:00
class KnowledgeAccessResponse(KnowledgeUserResponse):
write_access: Optional[bool] = False
enh/refac: kb pagination
2025-12-10 23:19:19 -05:00
class KnowledgeAccessListResponse(BaseModel):
items: list[KnowledgeAccessResponse]
total: int
enh: more robust knowledge file info retrieval
2024-10-25 21:58:29 -07:00
enh: knowledge access control
2024-11-16 16:51:55 -08:00
enh/refac: kb pagination
2025-12-10 23:19:19 -05:00
@router.get("/", response_model=KnowledgeAccessListResponse)
refac/enh: db session sharing
2025-12-29 00:21:18 +04:00
async def get_knowledge_bases(
page: Optional[int] = 1,
user=Depends(get_verified_user),
db: Session = Depends(get_session),
):
enh/refac: kb pagination
2025-12-10 23:19:19 -05:00
page = max(page, 1)
limit = PAGE_ITEM_COUNT
skip = (page - 1) * limit
filter = {}
refac
2026-02-13 13:56:29 -06:00
groups = Groups.get_groups_by_member_id(user.id, db=db)
user_group_ids = {group.id for group in groups}
enh/refac: kb pagination
2025-12-10 23:19:19 -05:00
if not user.role == "admin" or not BYPASS_ADMIN_ACCESS_CONTROL:
if groups:
filter["group_ids"] = [group.id for group in groups]
filter["user_id"] = user.id
result = Knowledges.search_knowledge_bases(
refac/enh: db session sharing
2025-12-29 00:21:18 +04:00
user.id, filter=filter, skip=skip, limit=limit, db=db
enh/refac: kb pagination
2025-12-10 23:19:19 -05:00
)
refac
2026-02-13 13:56:29 -06:00
# Batch-fetch writable knowledge IDs in a single query instead of N has_access calls
knowledge_base_ids = [knowledge_base.id for knowledge_base in result.items]
writable_knowledge_base_ids = AccessGrants.get_accessible_resource_ids(
user_id=user.id,
resource_type="knowledge",
resource_ids=knowledge_base_ids,
permission="write",
user_group_ids=user_group_ids,
db=db,
)
enh/refac: kb pagination
2025-12-10 23:19:19 -05:00
return KnowledgeAccessListResponse(
items=[
KnowledgeAccessResponse(
**knowledge_base.model_dump(),
write_access=(
user.id == knowledge_base.user_id
feat: Add read-only access support for Knowledge Bases (#20371) - Backend: Add BYPASS_ADMIN_ACCESS_CONTROL check to write_access calculation - Frontend: Knowledge already has Read Only badge and disabled inputs
2026-01-05 01:45:48 +01:00
or (user.role == "admin" and BYPASS_ADMIN_ACCESS_CONTROL)
refac
2026-02-13 13:56:29 -06:00
or knowledge_base.id in writable_knowledge_base_ids
enh/refac: kb pagination
2025-12-10 23:19:19 -05:00
),
)
for knowledge_base in result.items
],
total=result.total,
)
@router.get("/search", response_model=KnowledgeAccessListResponse)
async def search_knowledge_bases(
query: Optional[str] = None,
view_option: Optional[str] = None,
page: Optional[int] = 1,
user=Depends(get_verified_user),
refac/enh: db session sharing
2025-12-29 00:21:18 +04:00
db: Session = Depends(get_session),
enh/refac: kb pagination
2025-12-10 23:19:19 -05:00
):
page = max(page, 1)
limit = PAGE_ITEM_COUNT
skip = (page - 1) * limit
filter = {}
if query:
filter["query"] = query
if view_option:
filter["view_option"] = view_option
refac
2026-02-13 13:56:29 -06:00
groups = Groups.get_groups_by_member_id(user.id, db=db)
user_group_ids = {group.id for group in groups}
enh/refac: kb pagination
2025-12-10 23:19:19 -05:00
if not user.role == "admin" or not BYPASS_ADMIN_ACCESS_CONTROL:
if groups:
filter["group_ids"] = [group.id for group in groups]
filter["user_id"] = user.id
result = Knowledges.search_knowledge_bases(
refac/enh: db session sharing
2025-12-29 00:21:18 +04:00
user.id, filter=filter, skip=skip, limit=limit, db=db
enh/refac: kb pagination
2025-12-10 23:19:19 -05:00
)
refac
2026-02-13 13:56:29 -06:00
# Batch-fetch writable knowledge IDs in a single query instead of N has_access calls
knowledge_base_ids = [knowledge_base.id for knowledge_base in result.items]
writable_knowledge_base_ids = AccessGrants.get_accessible_resource_ids(
user_id=user.id,
resource_type="knowledge",
resource_ids=knowledge_base_ids,
permission="write",
user_group_ids=user_group_ids,
db=db,
)
enh/refac: kb pagination
2025-12-10 23:19:19 -05:00
return KnowledgeAccessListResponse(
items=[
KnowledgeAccessResponse(
**knowledge_base.model_dump(),
write_access=(
user.id == knowledge_base.user_id
feat: Add read-only access support for Knowledge Bases (#20371) - Backend: Add BYPASS_ADMIN_ACCESS_CONTROL check to write_access calculation - Frontend: Knowledge already has Read Only badge and disabled inputs
2026-01-05 01:45:48 +01:00
or (user.role == "admin" and BYPASS_ADMIN_ACCESS_CONTROL)
refac
2026-02-13 13:56:29 -06:00
or knowledge_base.id in writable_knowledge_base_ids
enh/refac: kb pagination
2025-12-10 23:19:19 -05:00
),
)
for knowledge_base in result.items
],
total=result.total,
)
@router.get("/search/files", response_model=KnowledgeFileListResponse)
async def search_knowledge_files(
query: Optional[str] = None,
page: Optional[int] = 1,
user=Depends(get_verified_user),
refac/enh: db session sharing
2025-12-29 00:21:18 +04:00
db: Session = Depends(get_session),
enh/refac: kb pagination
2025-12-10 23:19:19 -05:00
):
page = max(page, 1)
limit = PAGE_ITEM_COUNT
skip = (page - 1) * limit
filter = {}
if query:
filter["query"] = query
refac/enh: db session sharing
2025-12-29 00:21:18 +04:00
groups = Groups.get_groups_by_member_id(user.id, db=db)
enh/refac: kb pagination
2025-12-10 23:19:19 -05:00
if groups:
filter["group_ids"] = [group.id for group in groups]
filter["user_id"] = user.id
refac/enh: db session sharing
2025-12-29 00:21:18 +04:00
return Knowledges.search_knowledge_files(
filter=filter, skip=skip, limit=limit, db=db
)
refac: rename projects -> knowledge
2024-10-01 22:45:04 -07:00
############################
# CreateNewKnowledge
############################
@router.post("/create", response_model=Optional[KnowledgeResponse])
enh: knowledge access control
2024-11-16 16:51:55 -08:00
async def create_new_knowledge(
refac/enh: db session sharing
2025-12-29 00:21:18 +04:00
request: Request,
form_data: KnowledgeForm,
user=Depends(get_verified_user),
enh: knowledge access control
2024-11-16 16:51:55 -08:00
):
fix(db): release connection before embedding in knowledge /create (#20575) Remove Depends(get_session) from POST /create endpoint to prevent database connections from being held during embedding API calls (1-5+ seconds). The has_permission() and Knowledges.insert_new_knowledge() functions manage their own short-lived sessions internally, releasing connections before the slow embed_knowledge_base_metadata() call begins.
2026-01-11 20:37:05 +01:00
# NOTE: We intentionally do NOT use Depends(get_session) here.
refac
2026-02-23 16:01:03 -06:00
# Database operations (has_permission, filter_allowed_access_grants, insert_new_knowledge) manage their own sessions.
fix(db): release connection before embedding in knowledge /create (#20575) Remove Depends(get_session) from POST /create endpoint to prevent database connections from being held during embedding API calls (1-5+ seconds). The has_permission() and Knowledges.insert_new_knowledge() functions manage their own short-lived sessions internally, releasing connections before the slow embed_knowledge_base_metadata() call begins.
2026-01-11 20:37:05 +01:00
# This prevents holding a connection during embed_knowledge_base_metadata()
# which makes external embedding API calls (1-5+ seconds).
refac: user permissions validation
2024-11-17 03:04:31 -08:00
if user.role != "admin" and not has_permission(
fix(db): release connection before embedding in knowledge /create (#20575) Remove Depends(get_session) from POST /create endpoint to prevent database connections from being held during embedding API calls (1-5+ seconds). The has_permission() and Knowledges.insert_new_knowledge() functions manage their own short-lived sessions internally, releasing connections before the slow embed_knowledge_base_metadata() call begins.
2026-01-11 20:37:05 +01:00
user.id, "workspace.knowledge", request.app.state.config.USER_PERMISSIONS
refac: user permissions validation
2024-11-17 03:04:31 -08:00
):
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail=ERROR_MESSAGES.UNAUTHORIZED,
)
refac
2026-02-23 16:01:03 -06:00
form_data.access_grants = filter_allowed_access_grants(
request.app.state.config.USER_PERMISSIONS,
user.id,
user.role,
form_data.access_grants,
"sharing.public_knowledge",
)
enh: access grant level perms
2026-02-23 15:49:05 -06:00
fix(db): release connection before embedding in knowledge /create (#20575) Remove Depends(get_session) from POST /create endpoint to prevent database connections from being held during embedding API calls (1-5+ seconds). The has_permission() and Knowledges.insert_new_knowledge() functions manage their own short-lived sessions internally, releasing connections before the slow embed_knowledge_base_metadata() call begins.
2026-01-11 20:37:05 +01:00
knowledge = Knowledges.insert_new_knowledge(user.id, form_data)
refac: rename projects -> knowledge
2024-10-01 22:45:04 -07:00
if knowledge:
enh: kb metadata search
2026-01-09 22:21:00 +04:00
# Embed knowledge base for semantic search
await embed_knowledge_base_metadata(
request,
knowledge.id,
knowledge.name,
knowledge.description,
)
refac: rename projects -> knowledge
2024-10-01 22:45:04 -07:00
return knowledge
else:
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail=ERROR_MESSAGES.FILE_EXISTS,
)
feat: add new admin func - reindex knowledge files
2025-04-08 00:44:10 +09:00
############################
# ReindexKnowledgeFiles
############################
@router.post("/reindex", response_model=bool)
refac/enh: db session sharing
2025-12-29 00:21:18 +04:00
async def reindex_knowledge_files(
request: Request,
user=Depends(get_verified_user),
db: Session = Depends(get_session),
):
feat: add new admin func - reindex knowledge files
2025-04-08 00:44:10 +09:00
if user.role != "admin":
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail=ERROR_MESSAGES.UNAUTHORIZED,
)
chore: format
2025-04-12 16:35:11 -07:00
refac/enh: db session sharing
2025-12-29 00:21:18 +04:00
knowledge_bases = Knowledges.get_knowledge_bases(db=db)
chore: format
2025-04-12 16:35:11 -07:00
feat: add new admin func - reindex knowledge files
2025-04-08 00:44:10 +09:00
log.info(f"Starting reindexing for {len(knowledge_bases)} knowledge bases")
chore: format
2025-04-12 16:35:11 -07:00
feat: add new admin func - reindex knowledge files
2025-04-08 00:44:10 +09:00
for knowledge_base in knowledge_bases:
Update knowledge.py Improve Error Handling ReIndexing Knowledge Database
2025-04-28 16:39:20 +10:00
try:
refac/enh: db session sharing
2025-12-29 00:21:18 +04:00
files = Knowledges.get_files_by_id(knowledge_base.id, db=db)
feat: add new admin func - reindex knowledge files
2025-04-08 00:44:10 +09:00
try:
if VECTOR_DB_CLIENT.has_collection(collection_name=knowledge_base.id):
VECTOR_DB_CLIENT.delete_collection(
collection_name=knowledge_base.id
)
except Exception as e:
log.error(f"Error deleting collection {knowledge_base.id}: {str(e)}")
Update knowledge.py Improve Error Handling ReIndexing Knowledge Database
2025-04-28 16:39:20 +10:00
continue # Skip, don't raise
chore: format
2025-04-12 16:35:11 -07:00
feat: add new admin func - reindex knowledge files
2025-04-08 00:44:10 +09:00
failed_files = []
for file in files:
try:
Update knowledge.py (#19434)
2025-11-24 21:22:23 +01:00
await run_in_threadpool(
process_file,
feat: add new admin func - reindex knowledge files
2025-04-08 00:44:10 +09:00
request,
chore: format
2025-04-12 16:35:11 -07:00
ProcessFileForm(
file_id=file.id, collection_name=knowledge_base.id
),
feat: add new admin func - reindex knowledge files
2025-04-08 00:44:10 +09:00
user=user,
refac/enh: db session sharing
2025-12-29 00:21:18 +04:00
db=db,
feat: add new admin func - reindex knowledge files
2025-04-08 00:44:10 +09:00
)
except Exception as e:
chore: format
2025-04-12 16:35:11 -07:00
log.error(
f"Error processing file {file.filename} (ID: {file.id}): {str(e)}"
)
feat: add new admin func - reindex knowledge files
2025-04-08 00:44:10 +09:00
failed_files.append({"file_id": file.id, "error": str(e)})
continue
chore: format
2025-04-12 16:35:11 -07:00
feat: add new admin func - reindex knowledge files
2025-04-08 00:44:10 +09:00
except Exception as e:
log.error(f"Error processing knowledge base {knowledge_base.id}: {str(e)}")
Update knowledge.py Improve Error Handling ReIndexing Knowledge Database
2025-04-28 16:39:20 +10:00
# Don't raise, just continue
continue
chore: format
2025-04-12 16:35:11 -07:00
feat: add new admin func - reindex knowledge files
2025-04-08 00:44:10 +09:00
if failed_files:
chore: format
2025-04-12 16:35:11 -07:00
log.warning(
f"Failed to process {len(failed_files)} files in knowledge base {knowledge_base.id}"
)
feat: add new admin func - reindex knowledge files
2025-04-08 00:44:10 +09:00
for failed in failed_files:
log.warning(f"File ID: {failed['file_id']}, Error: {failed['error']}")
chore: format
2025-04-12 16:35:11 -07:00
feat/enh: kb files db migration
2025-12-02 10:53:32 -05:00
log.info(f"Reindexing completed.")
feat: add new admin func - reindex knowledge files
2025-04-08 00:44:10 +09:00
return True
refac: rename projects -> knowledge
2024-10-01 22:45:04 -07:00
enh: kb metadata search
2026-01-09 22:21:00 +04:00
############################
# ReindexKnowledgeBases
############################
@router.post("/metadata/reindex", response_model=dict)
async def reindex_knowledge_base_metadata_embeddings(
request: Request,
user=Depends(get_admin_user),
):
fix(db): release connection before embeddings in knowledge /metadata/reindex (#20577) Remove Depends(get_session) from POST /metadata/reindex endpoint to prevent database connections from being held during N embedding API calls. This endpoint is CRITICAL as it loops through ALL knowledge bases and calls embed_knowledge_base_metadata() for each one. With the original code, a single connection would be held for the entire duration (potentially minutes for large deployments), completely exhausting the pool. The Knowledges.get_knowledge_bases() function manages its own short-lived session, releasing the connection before the embedding loop begins.
2026-01-11 20:33:04 +01:00
"""Batch embed all existing knowledge bases. Admin only.
chore: format
2026-02-11 16:24:11 -06:00
fix(db): release connection before embeddings in knowledge /metadata/reindex (#20577) Remove Depends(get_session) from POST /metadata/reindex endpoint to prevent database connections from being held during N embedding API calls. This endpoint is CRITICAL as it loops through ALL knowledge bases and calls embed_knowledge_base_metadata() for each one. With the original code, a single connection would be held for the entire duration (potentially minutes for large deployments), completely exhausting the pool. The Knowledges.get_knowledge_bases() function manages its own short-lived session, releasing the connection before the embedding loop begins.
2026-01-11 20:33:04 +01:00
NOTE: We intentionally do NOT use Depends(get_session) here.
This endpoint loops through ALL knowledge bases and calls embed_knowledge_base_metadata()
for each one, making N external embedding API calls. Holding a session during
this entire operation would exhaust the connection pool.
"""
knowledge_bases = Knowledges.get_knowledge_bases()
enh: kb metadata search
2026-01-09 22:21:00 +04:00
log.info(f"Reindexing embeddings for {len(knowledge_bases)} knowledge bases")
success_count = 0
for kb in knowledge_bases:
if await embed_knowledge_base_metadata(request, kb.id, kb.name, kb.description):
success_count += 1
log.info(f"Embedding reindex complete: {success_count}/{len(knowledge_bases)}")
return {"total": len(knowledge_bases), "success": success_count}
refac: rename projects -> knowledge
2024-10-01 22:45:04 -07:00
############################
# GetKnowledgeById
############################
refac
2024-10-02 20:42:10 -07:00
class KnowledgeFilesResponse(KnowledgeResponse):
enh/refac: kb pagination
2025-12-10 23:19:19 -05:00
files: Optional[list[FileMetadataResponse]] = None
enh/refac: show read only kbs
2025-12-10 16:58:53 -05:00
write_access: Optional[bool] = False
refac
2024-10-02 20:42:10 -07:00
@router.get("/{id}", response_model=Optional[KnowledgeFilesResponse])
refac/enh: db session sharing
2025-12-29 00:21:18 +04:00
async def get_knowledge_by_id(
id: str, user=Depends(get_verified_user), db: Session = Depends(get_session)
):
knowledge = Knowledges.get_knowledge_by_id(id=id, db=db)
refac: rename projects -> knowledge
2024-10-01 22:45:04 -07:00
if knowledge:
refac: knowledge access control
2024-11-16 18:00:57 -08:00
if (
user.role == "admin"
or knowledge.user_id == user.id
refac
2026-02-09 13:28:14 -06:00
or AccessGrants.has_access(
user_id=user.id,
resource_type="knowledge",
resource_id=knowledge.id,
permission="read",
db=db,
)
refac: knowledge access control
2024-11-16 18:00:57 -08:00
):
return KnowledgeFilesResponse(
**knowledge.model_dump(),
refac
2025-12-10 17:00:28 -05:00
write_access=(
user.id == knowledge.user_id
feat: Add read-only access support for Knowledge Bases (#20371) - Backend: Add BYPASS_ADMIN_ACCESS_CONTROL check to write_access calculation - Frontend: Knowledge already has Read Only badge and disabled inputs
2026-01-05 01:45:48 +01:00
or (user.role == "admin" and BYPASS_ADMIN_ACCESS_CONTROL)
refac
2026-02-09 13:28:14 -06:00
or AccessGrants.has_access(
user_id=user.id,
resource_type="knowledge",
resource_id=knowledge.id,
permission="write",
db=db,
)
refac
2025-12-10 17:00:28 -05:00
),
refac: knowledge access control
2024-11-16 18:00:57 -08:00
)
fix: add explicit HTTPException for access control failures (#20280) Fix implicit None returns in get_model_by_id, get_knowledge_by_id, get_tools_by_id, and get_prompt_by_command. Now properly returns 401 for access denied and 404 for not found instead of silently returning None.
2025-12-31 08:28:59 +01:00
else:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail=ERROR_MESSAGES.ACCESS_PROHIBITED,
)
refac: rename projects -> knowledge
2024-10-01 22:45:04 -07:00
else:
raise HTTPException(
fix: add explicit HTTPException for access control failures (#20280) Fix implicit None returns in get_model_by_id, get_knowledge_by_id, get_tools_by_id, and get_prompt_by_command. Now properly returns 401 for access denied and 404 for not found instead of silently returning None.
2025-12-31 08:28:59 +01:00
status_code=status.HTTP_404_NOT_FOUND,
refac: rename projects -> knowledge
2024-10-01 22:45:04 -07:00
detail=ERROR_MESSAGES.NOT_FOUND,
)
############################
# UpdateKnowledgeById
############################
enh: add/remove file from knowledge
2024-10-03 06:46:20 -07:00
@router.post("/{id}/update", response_model=Optional[KnowledgeFilesResponse])
refac: rename projects -> knowledge
2024-10-01 22:45:04 -07:00
async def update_knowledge_by_id(
refac/enh: knowledge ac backend validation
2025-09-09 18:08:31 +04:00
request: Request,
refac: rename projects -> knowledge
2024-10-01 22:45:04 -07:00
id: str,
refac: access control
2024-11-16 20:47:45 -08:00
form_data: KnowledgeForm,
enh: knowledge access control
2024-11-16 16:51:55 -08:00
user=Depends(get_verified_user),
refac: rename projects -> knowledge
2024-10-01 22:45:04 -07:00
):
fix(db): release connection before embedding in knowledge /{id}/update (#20574) Remove Depends(get_session) from POST /{id}/update endpoint to prevent database connections from being held during embedding API calls (1-5+ seconds). All database operations (get_knowledge_by_id, has_access, has_permission, update_knowledge_by_id, get_file_metadatas_by_id) manage their own short-lived sessions internally, releasing connections before and after the slow embed_knowledge_base_metadata() call.
2026-01-11 20:36:36 +01:00
# NOTE: We intentionally do NOT use Depends(get_session) here.
# Database operations manage their own short-lived sessions internally.
# This prevents holding a connection during embed_knowledge_base_metadata()
# which makes external embedding API calls (1-5+ seconds).
knowledge = Knowledges.get_knowledge_by_id(id=id)
refac: knowledge access control
2024-11-16 18:00:57 -08:00
if not knowledge:
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail=ERROR_MESSAGES.NOT_FOUND,
)
Add toggle to read/write perms on access control
2025-01-10 18:44:26 +00:00
# Is the user the original creator, in a group with write access, or an admin
chore: format backend
2025-01-19 11:59:07 -08:00
if (
knowledge.user_id != user.id
refac
2026-02-09 13:28:14 -06:00
and not AccessGrants.has_access(
user_id=user.id,
resource_type="knowledge",
resource_id=knowledge.id,
permission="write",
)
chore: format backend
2025-01-19 11:59:07 -08:00
and user.role != "admin"
):
refac: knowledge access control
2024-11-16 18:00:57 -08:00
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail=ERROR_MESSAGES.ACCESS_PROHIBITED,
)
refac: rename projects -> knowledge
2024-10-01 22:45:04 -07:00
refac
2026-02-23 16:01:03 -06:00
form_data.access_grants = filter_allowed_access_grants(
request.app.state.config.USER_PERMISSIONS,
user.id,
user.role,
form_data.access_grants,
"sharing.public_knowledge",
)
enh: access grant level perms
2026-02-23 15:49:05 -06:00
fix(db): release connection before embedding in knowledge /{id}/update (#20574) Remove Depends(get_session) from POST /{id}/update endpoint to prevent database connections from being held during embedding API calls (1-5+ seconds). All database operations (get_knowledge_by_id, has_access, has_permission, update_knowledge_by_id, get_file_metadatas_by_id) manage their own short-lived sessions internally, releasing connections before and after the slow embed_knowledge_base_metadata() call.
2026-01-11 20:36:36 +01:00
knowledge = Knowledges.update_knowledge_by_id(id=id, form_data=form_data)
refac: rename projects -> knowledge
2024-10-01 22:45:04 -07:00
if knowledge:
enh: kb metadata search
2026-01-09 22:21:00 +04:00
# Re-embed knowledge base for semantic search
await embed_knowledge_base_metadata(
request,
knowledge.id,
knowledge.name,
knowledge.description,
)
enh: add/remove file from knowledge
2024-10-03 06:46:20 -07:00
return KnowledgeFilesResponse(
**knowledge.model_dump(),
fix(db): release connection before embedding in knowledge /{id}/update (#20574) Remove Depends(get_session) from POST /{id}/update endpoint to prevent database connections from being held during embedding API calls (1-5+ seconds). All database operations (get_knowledge_by_id, has_access, has_permission, update_knowledge_by_id, get_file_metadatas_by_id) manage their own short-lived sessions internally, releasing connections before and after the slow embed_knowledge_base_metadata() call.
2026-01-11 20:36:36 +01:00
files=Knowledges.get_file_metadatas_by_id(knowledge.id),
enh: add/remove file from knowledge
2024-10-03 06:46:20 -07:00
)
refac: rename projects -> knowledge
2024-10-01 22:45:04 -07:00
else:
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail=ERROR_MESSAGES.ID_TAKEN,
)
refac
2026-02-10 15:47:21 -06:00
############################
# UpdateKnowledgeAccessById
############################
class KnowledgeAccessGrantsForm(BaseModel):
access_grants: list[dict]
@router.post("/{id}/access/update", response_model=Optional[KnowledgeFilesResponse])
async def update_knowledge_access_by_id(
fix: enforce public sharing permission checks across all resource types (#21358) The sharePublic prop in editor components (Knowledge, Tools, Skills, Prompts, Models) incorrectly included an "|| edit" / "|| write_access" condition, allowing users with write access to see and use the "Public" sharing option regardless of their actual public sharing permission. Additionally, all backend access/update endpoints only verified write authorization but did not check the corresponding sharing.public_* permission, allowing direct API calls to bypass frontend restrictions entirely. Frontend: removed the edit/write_access bypass from sharePublic in all five editor components so visibility is gated solely by the user's sharing.public_* permission or admin role. Backend: added has_public_read_access_grant checks to the access/update endpoints in knowledge.py, tools.py, prompts.py, skills.py, models.py, and notes.py. Public grants are silently stripped when the user lacks the corresponding permission. Fixes #21356
2026-02-13 18:22:32 +01:00
request: Request,
refac
2026-02-10 15:47:21 -06:00
id: str,
form_data: KnowledgeAccessGrantsForm,
user=Depends(get_verified_user),
db: Session = Depends(get_session),
):
knowledge = Knowledges.get_knowledge_by_id(id=id, db=db)
if not knowledge:
raise HTTPException(
status_code=status.HTTP_404_NOT_FOUND,
detail=ERROR_MESSAGES.NOT_FOUND,
)
if (
knowledge.user_id != user.id
and not AccessGrants.has_access(
user_id=user.id,
resource_type="knowledge",
resource_id=knowledge.id,
permission="write",
db=db,
)
and user.role != "admin"
):
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail=ERROR_MESSAGES.ACCESS_PROHIBITED,
)
refac
2026-02-23 16:01:03 -06:00
form_data.access_grants = filter_allowed_access_grants(
request.app.state.config.USER_PERMISSIONS,
user.id,
user.role,
form_data.access_grants,
"sharing.public_knowledge"
)
enh: access grant level perms
2026-02-23 15:49:05 -06:00
chore: format
2026-02-11 16:24:11 -06:00
AccessGrants.set_access_grants("knowledge", id, form_data.access_grants, db=db)
refac
2026-02-10 15:47:21 -06:00
return KnowledgeFilesResponse(
**Knowledges.get_knowledge_by_id(id=id, db=db).model_dump(),
files=Knowledges.get_file_metadatas_by_id(id, db=db),
)
feat/enh: kb file pagination
2025-12-10 00:53:41 -05:00
############################
# GetKnowledgeFilesById
############################
@router.get("/{id}/files", response_model=KnowledgeFileListResponse)
async def get_knowledge_files_by_id(
id: str,
query: Optional[str] = None,
view_option: Optional[str] = None,
order_by: Optional[str] = None,
direction: Optional[str] = None,
page: Optional[int] = 1,
user=Depends(get_verified_user),
refac/enh: db session sharing
2025-12-29 00:21:18 +04:00
db: Session = Depends(get_session),
feat/enh: kb file pagination
2025-12-10 00:53:41 -05:00
):
refac/enh: db session sharing
2025-12-29 00:21:18 +04:00
knowledge = Knowledges.get_knowledge_by_id(id=id, db=db)
feat/enh: kb file pagination
2025-12-10 00:53:41 -05:00
if not knowledge:
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail=ERROR_MESSAGES.NOT_FOUND,
)
if not (
user.role == "admin"
or knowledge.user_id == user.id
refac
2026-02-09 13:28:14 -06:00
or AccessGrants.has_access(
user_id=user.id,
resource_type="knowledge",
resource_id=knowledge.id,
permission="read",
db=db,
)
feat/enh: kb file pagination
2025-12-10 00:53:41 -05:00
):
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail=ERROR_MESSAGES.ACCESS_PROHIBITED,
)
page = max(page, 1)
limit = 30
skip = (page - 1) * limit
filter = {}
if query:
filter["query"] = query
if view_option:
filter["view_option"] = view_option
if order_by:
filter["order_by"] = order_by
if direction:
filter["direction"] = direction
return Knowledges.search_files_by_id(
refac/enh: db session sharing
2025-12-29 00:21:18 +04:00
id, user.id, filter=filter, skip=skip, limit=limit, db=db
feat/enh: kb file pagination
2025-12-10 00:53:41 -05:00
)
enh: add/remove file from knowledge
2024-10-03 06:46:20 -07:00
############################
# AddFileToKnowledge
############################
class KnowledgeFileIdForm(BaseModel):
file_id: str
@router.post("/{id}/file/add", response_model=Optional[KnowledgeFilesResponse])
refac
2024-10-03 22:22:22 -07:00
def add_file_to_knowledge_by_id(
refac
2024-12-12 22:32:28 -08:00
request: Request,
enh: add/remove file from knowledge
2024-10-03 06:46:20 -07:00
id: str,
form_data: KnowledgeFileIdForm,
enh: knowledge access control
2024-11-16 16:51:55 -08:00
user=Depends(get_verified_user),
refac/enh: db session sharing
2025-12-29 00:21:18 +04:00
db: Session = Depends(get_session),
enh: add/remove file from knowledge
2024-10-03 06:46:20 -07:00
):
refac/enh: db session sharing
2025-12-29 00:21:18 +04:00
knowledge = Knowledges.get_knowledge_by_id(id=id, db=db)
refac: knowledge access control
2024-11-16 18:00:57 -08:00
if not knowledge:
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail=ERROR_MESSAGES.NOT_FOUND,
)
fix: uploaded file should not be deleted
2025-01-29 14:20:51 -08:00
if (
knowledge.user_id != user.id
refac
2026-02-09 13:28:14 -06:00
and not AccessGrants.has_access(
user_id=user.id,
resource_type="knowledge",
resource_id=knowledge.id,
permission="write",
db=db,
)
Adding more checks for write access. Adding accessRoles to Model & Knowledge creation
2025-01-27 18:11:52 +00:00
and user.role != "admin"
):
refac: knowledge access control
2024-11-16 18:00:57 -08:00
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail=ERROR_MESSAGES.ACCESS_PROHIBITED,
)
refac/enh: db session sharing
2025-12-29 00:21:18 +04:00
file = Files.get_file_by_id(form_data.file_id, db=db)
enh: add/remove file from knowledge
2024-10-03 06:46:20 -07:00
if not file:
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail=ERROR_MESSAGES.NOT_FOUND,
)
refac
2024-10-03 22:22:22 -07:00
if not file.data:
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail=ERROR_MESSAGES.FILE_NOT_PROCESSED,
)
enh: add/remove file from knowledge
2024-10-03 06:46:20 -07:00
refac
2024-10-03 22:35:43 -07:00
# Add content to the vector database
refac
2024-10-03 23:06:47 -07:00
try:
refac
2024-12-12 22:32:28 -08:00
process_file(
Add user related headers when calling an external embedding api
2025-01-29 10:55:52 +00:00
request,
ProcessFileForm(file_id=form_data.file_id, collection_name=id),
chore: format
2025-02-05 00:07:45 -08:00
user=user,
refac/enh: db session sharing
2025-12-29 00:21:18 +04:00
db=db,
refac
2024-12-12 22:32:28 -08:00
)
refac: kb files
2025-12-10 15:48:27 -05:00
# Add file to knowledge base
Knowledges.add_file_to_knowledge_by_id(
refac/enh: db session sharing
2025-12-29 00:21:18 +04:00
knowledge_id=id, file_id=form_data.file_id, user_id=user.id, db=db
refac: kb files
2025-12-10 15:48:27 -05:00
)
refac
2024-10-03 23:06:47 -07:00
except Exception as e:
refac
2024-10-04 16:16:16 -07:00
log.debug(e)
refac: deprecate docs_dir
2024-10-04 18:22:55 -07:00
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail=str(e),
)
refac
2024-10-03 22:35:43 -07:00
enh: add/remove file from knowledge
2024-10-03 06:46:20 -07:00
if knowledge:
feat/enh: kb files db migration
2025-12-02 10:53:32 -05:00
return KnowledgeFilesResponse(
**knowledge.model_dump(),
refac/enh: db session sharing
2025-12-29 00:21:18 +04:00
files=Knowledges.get_file_metadatas_by_id(knowledge.id, db=db),
feat/enh: kb files db migration
2025-12-02 10:53:32 -05:00
)
enh: add/remove file from knowledge
2024-10-03 06:46:20 -07:00
else:
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail=ERROR_MESSAGES.NOT_FOUND,
)
feat: edit file content support
2024-10-04 00:46:32 -07:00
@router.post("/{id}/file/update", response_model=Optional[KnowledgeFilesResponse])
def update_file_from_knowledge_by_id(
refac
2024-12-12 22:32:28 -08:00
request: Request,
feat: edit file content support
2024-10-04 00:46:32 -07:00
id: str,
form_data: KnowledgeFileIdForm,
enh: knowledge access control
2024-11-16 16:51:55 -08:00
user=Depends(get_verified_user),
refac/enh: db session sharing
2025-12-29 00:21:18 +04:00
db: Session = Depends(get_session),
feat: edit file content support
2024-10-04 00:46:32 -07:00
):
refac/enh: db session sharing
2025-12-29 00:21:18 +04:00
knowledge = Knowledges.get_knowledge_by_id(id=id, db=db)
refac: knowledge access control
2024-11-16 18:00:57 -08:00
if not knowledge:
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail=ERROR_MESSAGES.NOT_FOUND,
)
Adding more checks for write access. Adding accessRoles to Model & Knowledge creation
2025-01-27 18:11:52 +00:00
if (
knowledge.user_id != user.id
refac
2026-02-09 13:28:14 -06:00
and not AccessGrants.has_access(
user_id=user.id,
resource_type="knowledge",
resource_id=knowledge.id,
permission="write",
db=db,
)
Adding more checks for write access. Adding accessRoles to Model & Knowledge creation
2025-01-27 18:11:52 +00:00
and user.role != "admin"
fix: uploaded file should not be deleted
2025-01-29 14:20:51 -08:00
):
Adding more checks for write access. Adding accessRoles to Model & Knowledge creation
2025-01-27 18:11:52 +00:00
refac: knowledge access control
2024-11-16 18:00:57 -08:00
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail=ERROR_MESSAGES.ACCESS_PROHIBITED,
)
refac/enh: db session sharing
2025-12-29 00:21:18 +04:00
file = Files.get_file_by_id(form_data.file_id, db=db)
feat: edit file content support
2024-10-04 00:46:32 -07:00
if not file:
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail=ERROR_MESSAGES.NOT_FOUND,
)
# Remove content from the vector database
VECTOR_DB_CLIENT.delete(
collection_name=knowledge.id, filter={"file_id": form_data.file_id}
)
# Add content to the vector database
try:
refac
2024-12-12 22:32:28 -08:00
process_file(
Add user related headers when calling an external embedding api
2025-01-29 10:55:52 +00:00
request,
ProcessFileForm(file_id=form_data.file_id, collection_name=id),
chore: format
2025-02-05 00:07:45 -08:00
user=user,
refac/enh: db session sharing
2025-12-29 00:21:18 +04:00
db=db,
refac
2024-12-12 22:32:28 -08:00
)
feat: edit file content support
2024-10-04 00:46:32 -07:00
except Exception as e:
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail=str(e),
)
if knowledge:
return KnowledgeFilesResponse(
**knowledge.model_dump(),
refac/enh: db session sharing
2025-12-29 00:21:18 +04:00
files=Knowledges.get_file_metadatas_by_id(knowledge.id, db=db),
feat: edit file content support
2024-10-04 00:46:32 -07:00
)
else:
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail=ERROR_MESSAGES.NOT_FOUND,
)
enh: add/remove file from knowledge
2024-10-03 06:46:20 -07:00
############################
# RemoveFileFromKnowledge
############################
@router.post("/{id}/file/remove", response_model=Optional[KnowledgeFilesResponse])
refac
2024-10-03 22:22:22 -07:00
def remove_file_from_knowledge_by_id(
enh: add/remove file from knowledge
2024-10-03 06:46:20 -07:00
id: str,
form_data: KnowledgeFileIdForm,
enh: delete_file query param
2025-09-02 21:32:07 +04:00
delete_file: bool = Query(True),
enh: knowledge access control
2024-11-16 16:51:55 -08:00
user=Depends(get_verified_user),
refac/enh: db session sharing
2025-12-29 00:21:18 +04:00
db: Session = Depends(get_session),
enh: add/remove file from knowledge
2024-10-03 06:46:20 -07:00
):
refac/enh: db session sharing
2025-12-29 00:21:18 +04:00
knowledge = Knowledges.get_knowledge_by_id(id=id, db=db)
refac: knowledge access control
2024-11-16 18:00:57 -08:00
if not knowledge:
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail=ERROR_MESSAGES.NOT_FOUND,
)
Adding more checks for write access. Adding accessRoles to Model & Knowledge creation
2025-01-27 18:11:52 +00:00
if (
knowledge.user_id != user.id
refac
2026-02-09 13:28:14 -06:00
and not AccessGrants.has_access(
user_id=user.id,
resource_type="knowledge",
resource_id=knowledge.id,
permission="write",
db=db,
)
Adding more checks for write access. Adding accessRoles to Model & Knowledge creation
2025-01-27 18:11:52 +00:00
and user.role != "admin"
fix: uploaded file should not be deleted
2025-01-29 14:20:51 -08:00
):
refac: knowledge access control
2024-11-16 18:00:57 -08:00
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail=ERROR_MESSAGES.ACCESS_PROHIBITED,
)
refac/enh: db session sharing
2025-12-29 00:21:18 +04:00
file = Files.get_file_by_id(form_data.file_id, db=db)
enh: add/remove file from knowledge
2024-10-03 06:46:20 -07:00
if not file:
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail=ERROR_MESSAGES.NOT_FOUND,
)
feat/enh: kb files db migration
2025-12-02 10:53:32 -05:00
Knowledges.remove_file_from_knowledge_by_id(
refac/enh: db session sharing
2025-12-29 00:21:18 +04:00
knowledge_id=id, file_id=form_data.file_id, db=db
feat/enh: kb files db migration
2025-12-02 10:53:32 -05:00
)
refac
2024-10-03 22:35:43 -07:00
# Remove content from the vector database
fix: file delete from knowledge not working with bypass embedding
2025-03-20 17:46:11 -07:00
try:
VECTOR_DB_CLIENT.delete(
collection_name=knowledge.id, filter={"file_id": form_data.file_id}
refac: knowledge file delete behaviour
2025-11-29 13:19:06 -05:00
) # Remove by file_id first
VECTOR_DB_CLIENT.delete(
collection_name=knowledge.id, filter={"hash": file.hash}
) # Remove by hash as well in case of duplicates
fix: file delete from knowledge not working with bypass embedding
2025-03-20 17:46:11 -07:00
except Exception as e:
log.debug("This was most likely caused by bypassing embedding processing")
log.debug(e)
pass
enh: add/remove file from knowledge
2024-10-03 06:46:20 -07:00
enh: delete_file query param
2025-09-02 21:32:07 +04:00
if delete_file:
try:
# Remove the file's collection from vector database
file_collection = f"file-{form_data.file_id}"
if VECTOR_DB_CLIENT.has_collection(collection_name=file_collection):
VECTOR_DB_CLIENT.delete_collection(collection_name=file_collection)
except Exception as e:
log.debug("This was most likely caused by bypassing embedding processing")
log.debug(e)
pass
fix: complete file cleanup when removing from Knowledge Base
2025-01-12 18:33:27 +01:00
enh: delete_file query param
2025-09-02 21:32:07 +04:00
# Delete file from database
refac/enh: db session sharing
2025-12-29 00:21:18 +04:00
Files.delete_file_by_id(form_data.file_id, db=db)
fix: complete file cleanup when removing from Knowledge Base
2025-01-12 18:33:27 +01:00
enh: add/remove file from knowledge
2024-10-03 06:46:20 -07:00
if knowledge:
feat/enh: kb files db migration
2025-12-02 10:53:32 -05:00
return KnowledgeFilesResponse(
**knowledge.model_dump(),
refac/enh: db session sharing
2025-12-29 00:21:18 +04:00
files=Knowledges.get_file_metadatas_by_id(knowledge.id, db=db),
feat/enh: kb files db migration
2025-12-02 10:53:32 -05:00
)
enh: add/remove file from knowledge
2024-10-03 06:46:20 -07:00
else:
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail=ERROR_MESSAGES.NOT_FOUND,
)
enh: sync directory
2024-10-04 18:44:57 -07:00
############################
refac: knowledge access control
2024-11-16 18:00:57 -08:00
# DeleteKnowledgeById
enh: sync directory
2024-10-04 18:44:57 -07:00
############################
refac: knowledge access control
2024-11-16 18:00:57 -08:00
@router.delete("/{id}/delete", response_model=bool)
refac/enh: db session sharing
2025-12-29 00:21:18 +04:00
async def delete_knowledge_by_id(
id: str, user=Depends(get_verified_user), db: Session = Depends(get_session)
):
knowledge = Knowledges.get_knowledge_by_id(id=id, db=db)
refac: knowledge access control
2024-11-16 18:00:57 -08:00
if not knowledge:
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail=ERROR_MESSAGES.NOT_FOUND,
)
Adding more checks for write access. Adding accessRoles to Model & Knowledge creation
2025-01-27 18:11:52 +00:00
if (
knowledge.user_id != user.id
refac
2026-02-09 13:28:14 -06:00
and not AccessGrants.has_access(
user_id=user.id,
resource_type="knowledge",
resource_id=knowledge.id,
permission="write",
db=db,
)
Adding more checks for write access. Adding accessRoles to Model & Knowledge creation
2025-01-27 18:11:52 +00:00
and user.role != "admin"
fix: uploaded file should not be deleted
2025-01-29 14:20:51 -08:00
):
refac: knowledge access control
2024-11-16 18:00:57 -08:00
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail=ERROR_MESSAGES.ACCESS_PROHIBITED,
)
fix: Knowledge Base Detachment from Models
2025-01-09 16:47:12 +01:00
log.info(f"Deleting knowledge base: {id} (name: {knowledge.name})")
# Get all models
refac/enh: db session sharing
2025-12-29 00:21:18 +04:00
models = Models.get_all_models(db=db)
fix: Knowledge Base Detachment from Models
2025-01-09 16:47:12 +01:00
log.info(f"Found {len(models)} models to check for knowledge base {id}")
# Update models that reference this knowledge base
for model in models:
if model.meta and hasattr(model.meta, "knowledge"):
knowledge_list = model.meta.knowledge or []
# Filter out the deleted knowledge base
updated_knowledge = [k for k in knowledge_list if k.get("id") != id]
fix format
2025-01-09 18:41:18 +01:00
fix: Knowledge Base Detachment from Models
2025-01-09 16:47:12 +01:00
# If the knowledge list changed, update the model
if len(updated_knowledge) != len(knowledge_list):
log.info(f"Updating model {model.id} to remove knowledge base {id}")
model.meta.knowledge = updated_knowledge
# Create a ModelForm for the update
model_form = ModelForm(
id=model.id,
name=model.name,
base_model_id=model.base_model_id,
meta=model.meta,
params=model.params,
refac
2026-02-09 13:28:14 -06:00
access_grants=model.access_grants,
fix format
2025-01-09 18:41:18 +01:00
is_active=model.is_active,
fix: Knowledge Base Detachment from Models
2025-01-09 16:47:12 +01:00
)
refac/enh: db session sharing
2025-12-29 00:21:18 +04:00
Models.update_model_by_id(model.id, model_form, db=db)
fix: Knowledge Base Detachment from Models
2025-01-09 16:47:12 +01:00
# Clean up vector DB
enh: sync directory
2024-10-04 18:44:57 -07:00
try:
VECTOR_DB_CLIENT.delete_collection(collection_name=id)
except Exception as e:
log.debug(e)
pass
enh: kb metadata search
2026-01-09 22:21:00 +04:00
# Remove knowledge base embedding
remove_knowledge_base_metadata_embedding(id)
refac/enh: db session sharing
2025-12-29 00:21:18 +04:00
result = Knowledges.delete_knowledge_by_id(id=id, db=db)
refac: knowledge access control
2024-11-16 18:00:57 -08:00
return result
enh: sync directory
2024-10-04 18:44:57 -07:00
refac: rename projects -> knowledge
2024-10-01 22:45:04 -07:00
############################
refac: knowledge access control
2024-11-16 18:00:57 -08:00
# ResetKnowledgeById
refac: rename projects -> knowledge
2024-10-01 22:45:04 -07:00
############################
refac: knowledge access control
2024-11-16 18:00:57 -08:00
@router.post("/{id}/reset", response_model=Optional[KnowledgeResponse])
refac/enh: db session sharing
2025-12-29 00:21:18 +04:00
async def reset_knowledge_by_id(
id: str, user=Depends(get_verified_user), db: Session = Depends(get_session)
):
knowledge = Knowledges.get_knowledge_by_id(id=id, db=db)
refac: knowledge access control
2024-11-16 18:00:57 -08:00
if not knowledge:
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail=ERROR_MESSAGES.NOT_FOUND,
)
Adding more checks for write access. Adding accessRoles to Model & Knowledge creation
2025-01-27 18:11:52 +00:00
if (
knowledge.user_id != user.id
refac
2026-02-09 13:28:14 -06:00
and not AccessGrants.has_access(
user_id=user.id,
resource_type="knowledge",
resource_id=knowledge.id,
permission="write",
db=db,
)
Adding more checks for write access. Adding accessRoles to Model & Knowledge creation
2025-01-27 18:11:52 +00:00
and user.role != "admin"
fix: uploaded file should not be deleted
2025-01-29 14:20:51 -08:00
):
refac: knowledge access control
2024-11-16 18:00:57 -08:00
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail=ERROR_MESSAGES.ACCESS_PROHIBITED,
)
fix: empty knowledge delete issue
2024-10-04 11:11:53 -07:00
try:
VECTOR_DB_CLIENT.delete_collection(collection_name=id)
except Exception as e:
log.debug(e)
pass
refac: knowledge access control
2024-11-16 18:00:57 -08:00
refac/enh: db session sharing
2025-12-29 00:21:18 +04:00
knowledge = Knowledges.reset_knowledge_by_id(id=id, db=db)
refac: knowledge access control
2024-11-16 18:00:57 -08:00
return knowledge
Add batching
2024-12-13 15:29:43 +01:00
############################
# AddFilesToKnowledge
############################
npm run format
2024-12-18 12:18:31 -05:00
Add batching
2024-12-13 15:29:43 +01:00
@router.post("/{id}/files/batch/add", response_model=Optional[KnowledgeFilesResponse])
refac/fix: files batch/add endpoint
2025-11-27 04:35:12 -05:00
async def add_files_to_knowledge_batch(
fix: missing parameter
2024-12-30 17:36:34 +01:00
request: Request,
Add batching
2024-12-13 15:29:43 +01:00
id: str,
form_data: list[KnowledgeFileIdForm],
user=Depends(get_verified_user),
refac/enh: db session sharing
2025-12-29 00:21:18 +04:00
db: Session = Depends(get_session),
Add batching
2024-12-13 15:29:43 +01:00
):
"""
Add multiple files to a knowledge base
"""
refac/enh: db session sharing
2025-12-29 00:21:18 +04:00
knowledge = Knowledges.get_knowledge_by_id(id=id, db=db)
Add batching
2024-12-13 15:29:43 +01:00
if not knowledge:
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail=ERROR_MESSAGES.NOT_FOUND,
)
Adding more checks for write access. Adding accessRoles to Model & Knowledge creation
2025-01-27 18:11:52 +00:00
if (
knowledge.user_id != user.id
refac
2026-02-09 13:28:14 -06:00
and not AccessGrants.has_access(
user_id=user.id,
resource_type="knowledge",
resource_id=knowledge.id,
permission="write",
db=db,
)
Adding more checks for write access. Adding accessRoles to Model & Knowledge creation
2025-01-27 18:11:52 +00:00
and user.role != "admin"
fix: uploaded file should not be deleted
2025-01-29 14:20:51 -08:00
):
Add batching
2024-12-13 15:29:43 +01:00
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail=ERROR_MESSAGES.ACCESS_PROHIBITED,
)
fix: resolve N+1 query in knowledge batch file add (#21006)
2026-02-09 23:17:30 +01:00
# Batch-fetch all files to avoid N+1 queries
refactor: replace print statements with logging for better error tracking
2025-02-25 15:36:25 +01:00
log.info(f"files/batch/add - {len(form_data)} files")
fix: resolve N+1 query in knowledge batch file add (#21006)
2026-02-09 23:17:30 +01:00
file_ids = [form.file_id for form in form_data]
files = Files.get_files_by_ids(file_ids, db=db)
# Verify all requested files were found
found_ids = {file.id for file in files}
missing_ids = [fid for fid in file_ids if fid not in found_ids]
if missing_ids:
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail=f"File {missing_ids[0]} not found",
)
Add batching
2024-12-13 15:29:43 +01:00
# Process files
Fix process/files/batch
2024-12-14 10:45:27 +01:00
try:
refac/fix: files batch/add endpoint
2025-11-27 04:35:12 -05:00
result = await process_files_batch(
fix: missing parameter
2024-12-30 17:36:34 +01:00
request=request,
form_data=BatchProcessFilesForm(files=files, collection_name=id),
refac: formatting
2024-12-30 17:45:43 +01:00
user=user,
refac/enh: db session sharing
2025-12-29 00:21:18 +04:00
db=db,
npm run format
2024-12-18 12:18:31 -05:00
)
Fix process/files/batch
2024-12-14 10:45:27 +01:00
except Exception as e:
npm run format
2024-12-18 12:18:31 -05:00
log.error(
f"add_files_to_knowledge_batch: Exception occurred: {e}", exc_info=True
Fix process/files/batch
2024-12-14 10:45:27 +01:00
)
npm run format
2024-12-18 12:18:31 -05:00
raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST, detail=str(e))
Add batching
2024-12-13 15:29:43 +01:00
# Only add files that were successfully processed
successful_file_ids = [r.file_id for r in result.results if r.status == "completed"]
for file_id in successful_file_ids:
feat/enh: kb files db migration
2025-12-02 10:53:32 -05:00
Knowledges.add_file_to_knowledge_by_id(
refac/enh: db session sharing
2025-12-29 00:21:18 +04:00
knowledge_id=id, file_id=file_id, user_id=user.id, db=db
feat/enh: kb files db migration
2025-12-02 10:53:32 -05:00
)
Add batching
2024-12-13 15:29:43 +01:00
# If there were any errors, include them in the response
if result.errors:
error_details = [f"{err.file_id}: {err.error}" for err in result.errors]
return KnowledgeFilesResponse(
**knowledge.model_dump(),
refac/enh: db session sharing
2025-12-29 00:21:18 +04:00
files=Knowledges.get_file_metadatas_by_id(knowledge.id, db=db),
Add batching
2024-12-13 15:29:43 +01:00
warnings={
"message": "Some files failed to process",
npm run format
2024-12-18 12:18:31 -05:00
"errors": error_details,
},
Add batching
2024-12-13 15:29:43 +01:00
)
return KnowledgeFilesResponse(
Add support for configuring FastAPI/AnyIO Thread Pool Size
2025-04-18 09:22:23 -04:00
**knowledge.model_dump(),
refac/enh: db session sharing
2025-12-29 00:21:18 +04:00
files=Knowledges.get_file_metadatas_by_id(knowledge.id, db=db),
Add batching
2024-12-13 15:29:43 +01:00
)
feat: export kb to zip
2026-01-08 12:49:45 +04:00
############################
# ExportKnowledgeById
############################
@router.get("/{id}/export")
async def export_knowledge_by_id(
id: str, user=Depends(get_admin_user), db: Session = Depends(get_session)
):
"""
Export a knowledge base as a zip file containing .txt files.
Admin only.
"""
knowledge = Knowledges.get_knowledge_by_id(id=id, db=db)
if not knowledge:
raise HTTPException(
status_code=status.HTTP_404_NOT_FOUND,
detail=ERROR_MESSAGES.NOT_FOUND,
)
files = Knowledges.get_files_by_id(id, db=db)
# Create zip file in memory
zip_buffer = io.BytesIO()
with zipfile.ZipFile(zip_buffer, "w", zipfile.ZIP_DEFLATED) as zf:
for file in files:
content = file.data.get("content", "") if file.data else ""
if content:
# Use original filename with .txt extension
filename = file.filename
if not filename.endswith(".txt"):
filename = f"{filename}.txt"
zf.writestr(filename, content)
zip_buffer.seek(0)
# Sanitize knowledge name for filename
safe_name = "".join(c if c.isalnum() or c in " -_" else "_" for c in knowledge.name)
zip_filename = f"{safe_name}.zip"
return StreamingResponse(
zip_buffer,
media_type="application/zip",
headers={"Content-Disposition": f"attachment; filename={zip_filename}"},
)
Reference in New Issue Copy Permalink