Add toggle to read/write perms on access control

2025-12-15 19:37:47 +01:00 · 2025-01-10 18:44:26 +00:00
parent cd20c578d2
commit 49eca68e28
5 changed files with 39 additions and 7 deletions
--- a/backend/open_webui/routers/knowledge.py
+++ b/backend/open_webui/routers/knowledge.py
@@ -213,8 +213,8 @@ async def update_knowledge_by_id(
            status_code=status.HTTP_400_BAD_REQUEST,
            detail=ERROR_MESSAGES.NOT_FOUND,
        )
-
-    if knowledge.user_id != user.id and user.role != "admin":
+    # Is the user the original creator, in a group with write access, or an admin
+    if knowledge.user_id != user.id and not has_access(user.id, "write", knowledge.access_control) and user.role != "admin":
        raise HTTPException(
            status_code=status.HTTP_400_BAD_REQUEST,
            detail=ERROR_MESSAGES.ACCESS_PROHIBITED,