open-webui/backend/open_webui/routers/models.py

from typing import Optional

from open_webui.models.models import (
    ModelForm,
    ModelModel,
    ModelResponse,
    ModelUserResponse,
    Models,
)
from open_webui.constants import ERROR_MESSAGES
from fastapi import APIRouter, Depends, HTTPException, Request, status


from open_webui.utils.auth import get_admin_user, get_verified_user
from open_webui.utils.access_control import has_access, has_permission


router = APIRouter()


###########################
# GetModels
###########################


@router.get("/", response_model=list[ModelUserResponse])
async def get_models(id: Optional[str] = None, user=Depends(get_verified_user)):
    if user.role == "admin":
        return Models.get_models()
    else:
        return Models.get_models_by_user_id(user.id)


###########################
# GetBaseModels
###########################


@router.get("/base", response_model=list[ModelResponse])
async def get_base_models(user=Depends(get_admin_user)):
    return Models.get_base_models()


############################
# CreateNewModel
############################


@router.post("/create", response_model=Optional[ModelModel])
async def create_new_model(
    request: Request,
    form_data: ModelForm,
    user=Depends(get_verified_user),
):
    if user.role != "admin" and not has_permission(
        user.id, "workspace.models", request.app.state.config.USER_PERMISSIONS
    ):
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail=ERROR_MESSAGES.UNAUTHORIZED,
        )

    model = Models.get_model_by_id(form_data.id)
    if model:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail=ERROR_MESSAGES.MODEL_ID_TAKEN,
        )

    else:
        model = Models.insert_new_model(form_data, user.id)
        if model:
            return model
        else:
            raise HTTPException(
                status_code=status.HTTP_401_UNAUTHORIZED,
                detail=ERROR_MESSAGES.DEFAULT(),
            )


###########################
# GetModelById
###########################


# Note: We're not using the typical url path param here, but instead using a query parameter to allow '/' in the id
@router.get("/model", response_model=Optional[ModelResponse])
async def get_model_by_id(id: str, user=Depends(get_verified_user)):
    model = Models.get_model_by_id(id)
    if model:
        if (
            user.role == "admin"
            or model.user_id == user.id
            or has_access(user.id, "read", model.access_control)
        ):
            return model
    else:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail=ERROR_MESSAGES.NOT_FOUND,
        )


############################
# ToggelModelById
############################


@router.post("/model/toggle", response_model=Optional[ModelResponse])
async def toggle_model_by_id(id: str, user=Depends(get_verified_user)):
    model = Models.get_model_by_id(id)
    if model:
        if (
            user.role == "admin"
            or model.user_id == user.id
            or has_access(user.id, "write", model.access_control)
        ):
            model = Models.toggle_model_by_id(id)

            if model:
                return model
            else:
                raise HTTPException(
                    status_code=status.HTTP_400_BAD_REQUEST,
                    detail=ERROR_MESSAGES.DEFAULT("Error updating function"),
                )
        else:
            raise HTTPException(
                status_code=status.HTTP_401_UNAUTHORIZED,
                detail=ERROR_MESSAGES.UNAUTHORIZED,
            )
    else:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail=ERROR_MESSAGES.NOT_FOUND,
        )


############################
# UpdateModelById
############################


@router.post("/model/update", response_model=Optional[ModelModel])
async def update_model_by_id(
    id: str,
    form_data: ModelForm,
    user=Depends(get_verified_user),
):
    model = Models.get_model_by_id(id)

    if not model:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail=ERROR_MESSAGES.NOT_FOUND,
        )

    model = Models.update_model_by_id(id, form_data)
    return model


############################
# DeleteModelById
############################


@router.delete("/model/delete", response_model=bool)
async def delete_model_by_id(id: str, user=Depends(get_verified_user)):
    model = Models.get_model_by_id(id)
    if not model:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail=ERROR_MESSAGES.NOT_FOUND,
        )

    if model.user_id != user.id and user.role != "admin":
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail=ERROR_MESSAGES.UNAUTHORIZED,
        )

    result = Models.delete_model_by_id(id)
    return result


@router.delete("/delete/all", response_model=bool)
async def delete_all_models(user=Depends(get_admin_user)):
    result = Models.delete_all_models()
    return result
sort and fix backend imports 2024-08-28 06:10:27 +08:00			`from typing import Optional`
feat: modelfiles to models 2024-05-24 15:26:00 +08:00
wip 2024-12-10 16:54:13 +08:00			`from open_webui.models.models import (`
refac: mv backend files to /open_webui dir 2024-09-04 22:54:48 +08:00			`ModelForm,`
			`ModelModel,`
			`ModelResponse,`
enh: models display author name 2024-11-18 21:37:04 +08:00			`ModelUserResponse,`
refac: mv backend files to /open_webui dir 2024-09-04 22:54:48 +08:00			`Models,`
			`)`
			`from open_webui.constants import ERROR_MESSAGES`
sort and fix backend imports 2024-08-28 06:10:27 +08:00			`from fastapi import APIRouter, Depends, HTTPException, Request, status`
wip: access control backend 2024-11-15 17:29:07 +08:00

refac 2024-12-09 08:01:56 +08:00			`from open_webui.utils.auth import get_admin_user, get_verified_user`
refac: user permissions validation 2024-11-17 19:04:31 +08:00			`from open_webui.utils.access_control import has_access, has_permission`
enh: knowledge access control 2024-11-17 08:51:55 +08:00
feat: modelfiles to models 2024-05-24 15:26:00 +08:00
			`router = APIRouter()`

wip: access control backend 2024-11-15 17:29:07 +08:00
feat: modelfiles to models 2024-05-24 15:26:00 +08:00			`###########################`
wip: access control backend 2024-11-15 17:29:07 +08:00			`# GetModels`
feat: modelfiles to models 2024-05-24 15:26:00 +08:00			`###########################`


enh: models display author name 2024-11-18 21:37:04 +08:00			`@router.get("/", response_model=list[ModelUserResponse])`
refac 2024-09-13 12:41:20 +08:00			`async def get_models(id: Optional[str] = None, user=Depends(get_verified_user)):`
wip: access control backend 2024-11-15 17:29:07 +08:00			`if user.role == "admin":`
			`return Models.get_models()`
refac 2024-09-13 12:41:20 +08:00			`else:`
wip: access control backend 2024-11-15 17:29:07 +08:00			`return Models.get_models_by_user_id(user.id)`
feat: modelfiles to models 2024-05-24 15:26:00 +08:00

wip: admin models setting 2024-11-16 10:53:50 +08:00			`###########################`
			`# GetBaseModels`
			`###########################`


			`@router.get("/base", response_model=list[ModelResponse])`
			`async def get_base_models(user=Depends(get_admin_user)):`
			`return Models.get_base_models()`


feat: modelfiles to models 2024-05-24 15:26:00 +08:00			`############################`
wip: access control backend 2024-11-15 17:29:07 +08:00			`# CreateNewModel`
feat: modelfiles to models 2024-05-24 15:26:00 +08:00			`############################`


wip: access control backend 2024-11-15 17:29:07 +08:00			`@router.post("/create", response_model=Optional[ModelModel])`
			`async def create_new_model(`
refac: user permissions validation 2024-11-17 19:04:31 +08:00			`request: Request,`
feat(sqlalchemy): Replace peewee with sqlalchemy 2024-06-18 21:03:31 +08:00			`form_data: ModelForm,`
wip: access control backend 2024-11-15 17:29:07 +08:00			`user=Depends(get_verified_user),`
feat: create model 2024-05-25 13:21:57 +08:00			`):`
refac: user permissions validation 2024-11-17 19:04:31 +08:00			`if user.role != "admin" and not has_permission(`
			`user.id, "workspace.models", request.app.state.config.USER_PERMISSIONS`
			`):`
			`raise HTTPException(`
			`status_code=status.HTTP_401_UNAUTHORIZED,`
			`detail=ERROR_MESSAGES.UNAUTHORIZED,`
			`)`
wip: access control backend 2024-11-15 17:29:07 +08:00
			`model = Models.get_model_by_id(form_data.id)`
			`if model:`
feat: modelfiles to models 2024-05-24 15:26:00 +08:00			`raise HTTPException(`
			`status_code=status.HTTP_401_UNAUTHORIZED,`
feat: create model 2024-05-25 13:21:57 +08:00			`detail=ERROR_MESSAGES.MODEL_ID_TAKEN,`
feat: modelfiles to models 2024-05-24 15:26:00 +08:00			`)`
wip: access control backend 2024-11-15 17:29:07 +08:00
feat: create model 2024-05-25 13:21:57 +08:00			`else:`
feat(sqlalchemy): remove session reference from router 2024-06-21 20:58:57 +08:00			`model = Models.insert_new_model(form_data, user.id)`
feat: create model 2024-05-25 13:21:57 +08:00			`if model:`
			`return model`
			`else:`
			`raise HTTPException(`
			`status_code=status.HTTP_401_UNAUTHORIZED,`
			`detail=ERROR_MESSAGES.DEFAULT(),`
			`)`
feat: modelfiles to models 2024-05-24 15:26:00 +08:00

wip: access control backend 2024-11-15 17:29:07 +08:00			`###########################`
			`# GetModelById`
			`###########################`


refac: models api 2024-11-20 10:45:26 +08:00			`# Note: We're not using the typical url path param here, but instead using a query parameter to allow '/' in the id`
			`@router.get("/model", response_model=Optional[ModelResponse])`
wip: access control backend 2024-11-15 17:29:07 +08:00			`async def get_model_by_id(id: str, user=Depends(get_verified_user)):`
			`model = Models.get_model_by_id(id)`
			`if model:`
			`if (`
			`user.role == "admin"`
			`or model.user_id == user.id`
			`or has_access(user.id, "read", model.access_control)`
			`):`
			`return model`
			`else:`
			`raise HTTPException(`
			`status_code=status.HTTP_401_UNAUTHORIZED,`
			`detail=ERROR_MESSAGES.NOT_FOUND,`
			`)`


refac: models 2024-11-16 10:21:41 +08:00			`############################`
			`# ToggelModelById`
			`############################`


refac: models api 2024-11-20 10:45:26 +08:00			`@router.post("/model/toggle", response_model=Optional[ModelResponse])`
refac: models 2024-11-16 10:21:41 +08:00			`async def toggle_model_by_id(id: str, user=Depends(get_verified_user)):`
			`model = Models.get_model_by_id(id)`
			`if model:`
			`if (`
			`user.role == "admin"`
			`or model.user_id == user.id`
			`or has_access(user.id, "write", model.access_control)`
			`):`
			`model = Models.toggle_model_by_id(id)`

			`if model:`
			`return model`
			`else:`
			`raise HTTPException(`
			`status_code=status.HTTP_400_BAD_REQUEST,`
			`detail=ERROR_MESSAGES.DEFAULT("Error updating function"),`
			`)`
			`else:`
			`raise HTTPException(`
			`status_code=status.HTTP_401_UNAUTHORIZED,`
			`detail=ERROR_MESSAGES.UNAUTHORIZED,`
			`)`
			`else:`
			`raise HTTPException(`
			`status_code=status.HTTP_401_UNAUTHORIZED,`
			`detail=ERROR_MESSAGES.NOT_FOUND,`
			`)`


feat: modelfiles to models 2024-05-24 15:26:00 +08:00			`############################`
			`# UpdateModelById`
			`############################`


refac: models api 2024-11-20 10:45:26 +08:00			`@router.post("/model/update", response_model=Optional[ModelModel])`
feat: modelfiles to models 2024-05-24 15:26:00 +08:00			`async def update_model_by_id(`
feat(sqlalchemy): Replace peewee with sqlalchemy 2024-06-18 21:03:31 +08:00			`id: str,`
			`form_data: ModelForm,`
wip: access control backend 2024-11-15 17:29:07 +08:00			`user=Depends(get_verified_user),`
feat: modelfiles to models 2024-05-24 15:26:00 +08:00			`):`
feat(sqlalchemy): remove session reference from router 2024-06-21 20:58:57 +08:00			`model = Models.get_model_by_id(id)`
wip: access control backend 2024-11-15 17:29:07 +08:00
			`if not model:`
			`raise HTTPException(`
			`status_code=status.HTTP_401_UNAUTHORIZED,`
			`detail=ERROR_MESSAGES.NOT_FOUND,`
			`)`

			`model = Models.update_model_by_id(id, form_data)`
			`return model`
feat: modelfiles to models 2024-05-24 15:26:00 +08:00

			`############################`
			`# DeleteModelById`
			`############################`


refac: models api 2024-11-20 10:45:26 +08:00			`@router.delete("/model/delete", response_model=bool)`
wip: access control backend 2024-11-15 17:29:07 +08:00			`async def delete_model_by_id(id: str, user=Depends(get_verified_user)):`
			`model = Models.get_model_by_id(id)`
			`if not model:`
			`raise HTTPException(`
			`status_code=status.HTTP_401_UNAUTHORIZED,`
			`detail=ERROR_MESSAGES.NOT_FOUND,`
			`)`

refac 2024-11-15 19:02:08 +08:00			`if model.user_id != user.id and user.role != "admin":`
wip: access control backend 2024-11-15 17:29:07 +08:00			`raise HTTPException(`
			`status_code=status.HTTP_401_UNAUTHORIZED,`
			`detail=ERROR_MESSAGES.UNAUTHORIZED,`
			`)`

feat(sqlalchemy): remove session reference from router 2024-06-21 20:58:57 +08:00			`result = Models.delete_model_by_id(id)`
feat: modelfiles to models 2024-05-24 15:26:00 +08:00			`return result`
enh: reset models 2024-11-20 03:03:36 +08:00

			`@router.delete("/delete/all", response_model=bool)`
			`async def delete_all_models(user=Depends(get_admin_user)):`
			`result = Models.delete_all_models()`
			`return result`