root
/
open-webui
mirror of https://github.com/open-webui/open-webui.git
1
0
Fork 0
Code Issues Actions 4 Packages Projects Releases Wiki Activity
open-webui/backend/open_webui/routers/notes.py

236 lines
6.6 KiB
Python
Raw Normal View History

feat: notes
2025-05-03 22:16:32 +08:00
import json
import logging
from typing import Optional
from fastapi import APIRouter, Depends, HTTPException, Request, status, BackgroundTasks
from pydantic import BaseModel
enh/refac: note image upload
2025-07-17 21:36:06 +08:00
from open_webui.socket.main import sio
feat: note list ui
2025-05-03 22:52:13 +08:00
from open_webui.models.users import Users, UserResponse
feat: notes
2025-05-03 22:16:32 +08:00
from open_webui.models.notes import Notes, NoteModel, NoteForm, NoteUserResponse
from open_webui.config import ENABLE_ADMIN_CHAT_ACCESS, ENABLE_ADMIN_EXPORT
from open_webui.constants import ERROR_MESSAGES
from open_webui.env import SRC_LOG_LEVELS
from open_webui.utils.auth import get_admin_user, get_verified_user
fix: notes non admin issue
2025-05-06 03:29:40 +08:00
from open_webui.utils.access_control import has_access, has_permission
feat: notes
2025-05-03 22:16:32 +08:00
log = logging.getLogger(__name__)
log.setLevel(SRC_LOG_LEVELS["MODELS"])
router = APIRouter()
############################
# GetNotes
############################
@router.get("/", response_model=list[NoteUserResponse])
enh: notes user group permission
2025-05-04 21:22:51 +08:00
async def get_notes(request: Request, user=Depends(get_verified_user)):
if user.role != "admin" and not has_permission(
user.id, "features.notes", request.app.state.config.USER_PERMISSIONS
):
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail=ERROR_MESSAGES.UNAUTHORIZED,
)
feat: notes
2025-05-03 22:16:32 +08:00
notes = [
NoteUserResponse(
**{
**note.model_dump(),
feat: note list ui
2025-05-03 22:52:13 +08:00
"user": UserResponse(**Users.get_user_by_id(note.user_id).model_dump()),
feat: notes
2025-05-03 22:16:32 +08:00
}
)
refac/fix: proper notes db operations
2025-09-26 02:47:43 +08:00
for note in Notes.get_notes_by_permission(user.id, "write")
feat: notes
2025-05-03 22:16:32 +08:00
]
return notes
enh: reference note in chat
2025-07-09 05:17:25 +08:00
class NoteTitleIdResponse(BaseModel):
id: str
title: str
updated_at: int
created_at: int
@router.get("/list", response_model=list[NoteTitleIdResponse])
refac/feat: note/knowledge/chat select input menu
2025-09-14 15:54:06 +08:00
async def get_note_list(
request: Request, page: Optional[int] = None, user=Depends(get_verified_user)
):
enh: notes user group permission
2025-05-04 21:22:51 +08:00
if user.role != "admin" and not has_permission(
user.id, "features.notes", request.app.state.config.USER_PERMISSIONS
):
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail=ERROR_MESSAGES.UNAUTHORIZED,
)
refac/feat: note/knowledge/chat select input menu
2025-09-14 15:54:06 +08:00
limit = None
skip = None
if page is not None:
limit = 60
skip = (page - 1) * limit
feat: notes
2025-05-03 22:16:32 +08:00
notes = [
enh: reference note in chat
2025-07-09 05:17:25 +08:00
NoteTitleIdResponse(**note.model_dump())
refac/fix: proper notes db operations
2025-09-26 02:47:43 +08:00
for note in Notes.get_notes_by_permission(
user.id, "write", skip=skip, limit=limit
)
feat: notes
2025-05-03 22:16:32 +08:00
]
return notes
############################
# CreateNewNote
############################
@router.post("/create", response_model=Optional[NoteModel])
enh: notes user group permission
2025-05-04 21:22:51 +08:00
async def create_new_note(
request: Request, form_data: NoteForm, user=Depends(get_verified_user)
):
if user.role != "admin" and not has_permission(
user.id, "features.notes", request.app.state.config.USER_PERMISSIONS
):
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail=ERROR_MESSAGES.UNAUTHORIZED,
)
feat: notes
2025-05-03 22:16:32 +08:00
try:
note = Notes.insert_new_note(form_data, user.id)
return note
except Exception as e:
log.exception(e)
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST, detail=ERROR_MESSAGES.DEFAULT()
)
############################
# GetNoteById
############################
@router.get("/{id}", response_model=Optional[NoteModel])
enh: notes user group permission
2025-05-04 21:22:51 +08:00
async def get_note_by_id(request: Request, id: str, user=Depends(get_verified_user)):
if user.role != "admin" and not has_permission(
user.id, "features.notes", request.app.state.config.USER_PERMISSIONS
):
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail=ERROR_MESSAGES.UNAUTHORIZED,
)
feat: notes
2025-05-03 22:16:32 +08:00
note = Notes.get_note_by_id(id)
if not note:
raise HTTPException(
status_code=status.HTTP_404_NOT_FOUND, detail=ERROR_MESSAGES.NOT_FOUND
)
fix: notes permissions issue
2025-06-16 15:35:01 +08:00
if user.role != "admin" and (
refac
2025-06-05 05:05:33 +08:00
user.id != note.user_id
fix: notes permissions issue
2025-06-16 15:35:01 +08:00
and (not has_access(user.id, type="read", access_control=note.access_control))
feat: notes
2025-05-03 22:16:32 +08:00
):
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN, detail=ERROR_MESSAGES.DEFAULT()
)
return note
############################
# UpdateNoteById
############################
@router.post("/{id}/update", response_model=Optional[NoteModel])
async def update_note_by_id(
enh: notes user group permission
2025-05-04 21:22:51 +08:00
request: Request, id: str, form_data: NoteForm, user=Depends(get_verified_user)
feat: notes
2025-05-03 22:16:32 +08:00
):
enh: notes user group permission
2025-05-04 21:22:51 +08:00
if user.role != "admin" and not has_permission(
user.id, "features.notes", request.app.state.config.USER_PERMISSIONS
):
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail=ERROR_MESSAGES.UNAUTHORIZED,
)
feat: notes
2025-05-03 22:16:32 +08:00
note = Notes.get_note_by_id(id)
if not note:
raise HTTPException(
status_code=status.HTTP_404_NOT_FOUND, detail=ERROR_MESSAGES.NOT_FOUND
)
fix: notes permissions issue
2025-06-16 15:35:01 +08:00
if user.role != "admin" and (
refac
2025-06-05 05:05:33 +08:00
user.id != note.user_id
and not has_access(user.id, type="write", access_control=note.access_control)
feat: notes
2025-05-03 22:16:32 +08:00
):
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN, detail=ERROR_MESSAGES.DEFAULT()
)
try:
note = Notes.update_note_by_id(id, form_data)
enh/refac: note image upload
2025-07-17 21:36:06 +08:00
await sio.emit(
"note-events",
note.model_dump(),
to=f"note:{note.id}",
)
feat: notes
2025-05-03 22:16:32 +08:00
return note
except Exception as e:
log.exception(e)
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST, detail=ERROR_MESSAGES.DEFAULT()
)
############################
# DeleteNoteById
############################
@router.delete("/{id}/delete", response_model=bool)
enh: notes user group permission
2025-05-04 21:22:51 +08:00
async def delete_note_by_id(request: Request, id: str, user=Depends(get_verified_user)):
if user.role != "admin" and not has_permission(
user.id, "features.notes", request.app.state.config.USER_PERMISSIONS
):
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail=ERROR_MESSAGES.UNAUTHORIZED,
)
feat: notes
2025-05-03 22:16:32 +08:00
note = Notes.get_note_by_id(id)
if not note:
raise HTTPException(
status_code=status.HTTP_404_NOT_FOUND, detail=ERROR_MESSAGES.NOT_FOUND
)
fix: notes permissions issue
2025-06-16 15:35:01 +08:00
if user.role != "admin" and (
refac
2025-06-05 05:05:33 +08:00
user.id != note.user_id
and not has_access(user.id, type="write", access_control=note.access_control)
feat: notes
2025-05-03 22:16:32 +08:00
):
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN, detail=ERROR_MESSAGES.DEFAULT()
)
try:
note = Notes.delete_note_by_id(id)
return True
except Exception as e:
log.exception(e)
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST, detail=ERROR_MESSAGES.DEFAULT()
)