eliott/open-webui
1
0
Fork 0
mirror of https://github.com/open-webui/open-webui.git synced 2026-05-05 06:42:22 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #21277 from open-webui/acl

Browse Source 
refac: acl
This commit is contained in:
Tim Baek
2026-02-09 13:34:36 -06:00
committed by GitHub
parent 65904b867e 68c77295bd
commit 48a0abb40f
57 changed files with 2994 additions and 879 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
backend/open_webui/utils/tools.py
View File

@@ -38,6 +38,7 @@ from open_webui.utils.misc import is_string_allowed
from open_webui.models.tools import Tools
from open_webui.models.users import UserModel
from open_webui.models.groups import Groups
from open_webui.models.access_grants import AccessGrants
from open_webui.utils.plugin import load_tool_module_by_id
from open_webui.utils.access_control import has_access
from open_webui.config import BYPASS_ADMIN_ACCESS_CONTROL
@@ -168,7 +169,13 @@ async def get_tools(
if (
not (user.role == "admin" and BYPASS_ADMIN_ACCESS_CONTROL)
and tool.user_id != user.id
and not has_access(user.id, "read", tool.access_control, user_group_ids)
and not AccessGrants.has_access(
user_id=user.id,
resource_type="tool",
resource_id=tool.id,
permission="read",
user_group_ids=user_group_ids,
)
):
log.warning(f"Access denied to tool {tool_id} for user {user.id}")
continue