Mirrors/open-webui
1
0
Fork 0
mirror of https://github.com/open-webui/open-webui.git synced 2025-12-16 20:07:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Adding more checks for write access. Adding accessRoles to Model & Knowledge creation

Browse Source
This commit is contained in:
tarmst
2025-01-27 18:11:52 +00:00
parent 6eb51ab62e
commit 751a61a364
6 changed files with 53 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
backend/open_webui/routers/models.py
View File

@@ -183,7 +183,11 @@ async def delete_model_by_id(id: str, user=Depends(get_verified_user)):
detail=ERROR_MESSAGES.NOT_FOUND,
)
if model.user_id != user.id and user.role != "admin":
if (
user.role == "admin"
or model.user_id == user.id
or has_access(user.id, "write", model.access_control)
):
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail=ERROR_MESSAGES.UNAUTHORIZED,