This commit is contained in:
Timothy Jaeryang Baek
2026-04-17 13:59:46 +09:00
parent 2c7acb9285
commit f44b7a01f5

View File

@@ -939,12 +939,16 @@ async def filter_accessible_collections(
) -> set[str]:
"""
Return only the collection names the user is allowed to access.
Admins bypass all checks. For non-admins:
Admins bypass all checks. For non-admins the policy is:
- file-* → validated via has_access_to_file
- user-memory-* → must match user's own memory collection
- knowledge-bases → always denied (meta-collection)
- known KB ids validated via Knowledges.check_access_by_user_id
- everything else → allowed (ephemeral collections like web-search-*)
- web-search-* → ephemeral per-query collections, always allowed
- knowledge-bases → always denied (system meta-collection)
- everything else → if the name matches a knowledge base, validated
via Knowledges.check_access_by_user_id; if no
such KB exists, the name is treated as an
ephemeral/legacy collection and allowed
"""
if user.role == 'admin':
return collection_names
@@ -952,6 +956,7 @@ async def filter_accessible_collections(
validated = set()
for name in collection_names:
if name == 'knowledge-bases':
# System meta-collection — never exposed to non-admins.
continue
elif name.startswith('file-'):
file_id = name[len('file-'):]
@@ -960,12 +965,20 @@ async def filter_accessible_collections(
elif name.startswith('user-memory-'):
if name == f'user-memory-{user.id}':
validated.add(name)
elif name.startswith('web-search-'):
# Ephemeral collections created by process_web_search — safe
# to allow because they contain only transient web-search
# results scoped to the requesting user's session.
validated.add(name)
else:
# May be a knowledge-base ID or an ephemeral collection
# May be a knowledge-base ID or a legacy/ephemeral collection.
# If it IS a KB, enforce access control. If no such KB
# exists, treat it as a non-sensitive collection (e.g. legacy
# model knowledge, process_text SHA256 collections) and allow.
if await Knowledges.check_access_by_user_id(name, user.id, permission=access_type):
validated.add(name)
elif not await Knowledges.get_knowledge_by_id(name):
# Not a KB at all — ephemeral collection (e.g. web-search-*), allow
# Not a KB at all — legacy/ephemeral collection, allow
validated.add(name)
return validated