refac: access controls

backend/open_webui/models/groups.py

@@ -188,5 +188,24 @@ class GroupTable:
             except Exception:
                 return False
 
+    def remove_user_from_all_groups(self, user_id: str) -> bool:
+        with get_db() as db:
+            try:
+                groups = self.get_groups_by_member_id(user_id)
+
+                for group in groups:
+                    group.user_ids.remove(user_id)
+                    db.query(Group).filter_by(id=group.id).update(
+                        {
+                            "user_ids": group.user_ids,
+                            "updated_at": int(time.time()),
+                        }
+                    )
+                    db.commit()
+
+                return True
+            except Exception:
+                return False
+
 
 Groups = GroupTable()

backend/open_webui/models/users.py

@@ -2,7 +2,12 @@ import time
 from typing import Optional
 
 from open_webui.internal.db import Base, JSONField, get_db
+
+
 from open_webui.models.chats import Chats
+from open_webui.models.groups import Groups
+
+
 from pydantic import BaseModel, ConfigDict
 from sqlalchemy import BigInteger, Column, String, Text
 
@@ -268,9 +273,11 @@ class UsersTable:
 
     def delete_user_by_id(self, id: str) -> bool:
         try:
+            # Remove User from Groups
+            Groups.remove_user_from_all_groups(id)
+
             # Delete User Chats
             result = Chats.delete_chats_by_user_id(id)
-
             if result:
                 with get_db() as db:
                     # Delete User

src/lib/components/admin/Settings/Connections/OllamaConnection.svelte

@@ -9,6 +9,7 @@
 	import Cog6 from '$lib/components/icons/Cog6.svelte';
 	import Wrench from '$lib/components/icons/Wrench.svelte';
 	import ManageOllamaModal from './ManageOllamaModal.svelte';
+	import ArrowDownTray from '$lib/components/icons/ArrowDownTray.svelte';
 
 	export let onDelete = () => {};
 	export let onSubmit = () => {};
@@ -70,7 +71,7 @@
 				}}
 				type="button"
 			>
-				<Wrench />
+				<ArrowDownTray />
 			</button>
 		</Tooltip>
 

src/lib/components/workspace/Knowledge/KnowledgeBase.svelte

@@ -620,6 +620,7 @@
 			onChange={() => {
 				changeDebounceHandler();
 			}}
+			accessRoles={['read', 'write']}
 		/>
 		<div class="w-full mb-2.5">
 			<div class=" flex w-full">

src/lib/components/workspace/Prompts/PromptEditor.svelte

@@ -68,7 +68,11 @@
 	});
 </script>
 
-<AccessControlModal bind:show={showAccessControlModal} bind:accessControl />
+<AccessControlModal
+	bind:show={showAccessControlModal}
+	bind:accessControl
+	accessRoles={['read', 'write']}
+/>
 
 <div class="w-full max-h-full flex justify-center">
 	<form

src/lib/components/workspace/Tools/ToolkitEditor.svelte

@@ -179,7 +179,11 @@ class Tools:
 	};
 </script>
 
-<AccessControlModal bind:show={showAccessControlModal} bind:accessControl />
+<AccessControlModal
+	bind:show={showAccessControlModal}
+	bind:accessControl
+	accessRoles={['read', 'write']}
+/>
 
 <div class=" flex flex-col justify-between w-full overflow-y-auto h-full">
 	<div class="mx-auto w-full md:px-0 h-full">

src/lib/components/workspace/common/AccessControl.svelte

@@ -12,6 +12,7 @@
 
 	export let onChange: Function = () => {};
 
+	export let accessRoles = ['read'];
 	export let accessControl = null;
 
 	let selectedGroupId = '';
@@ -192,24 +193,25 @@
 										class=""
 										type="button"
 										on:click={() => {
-											if (accessControl.write.group_ids.includes(group.id)) {
-												accessControl.write.group_ids = accessControl.write.group_ids.filter(
-													(group_id) => group_id !== group.id
-												);
-											} else {
-												accessControl.write.group_ids = [
-													...accessControl.write.group_ids,
-													group.id
-												];
+											if (accessRoles.includes('write')) {
+												if (accessControl.write.group_ids.includes(group.id)) {
+													accessControl.write.group_ids = accessControl.write.group_ids.filter(
+														(group_id) => group_id !== group.id
+													);
+												} else {
+													accessControl.write.group_ids = [
+														...accessControl.write.group_ids,
+														group.id
+													];
+												}
 											}
 										}}
 									>
-										<Badge
-											type={accessControl.write.group_ids.includes(group.id) ? 'info' : 'success'}
-											content={$i18n.t(
-												accessControl.write.group_ids.includes(group.id) ? 'Write' : 'Read'
-											)}
-										/>
+										{#if accessControl.write.group_ids.includes(group.id)}
+											<Badge type={'success'} content={$i18n.t('Write')} />
+										{:else}
+											<Badge type={'info'} content={$i18n.t('Read')} />
+										{/if}
 									</button>
 
 									<button

src/lib/components/workspace/common/AccessControlModal.svelte

@@ -7,6 +7,7 @@
 
 	export let show = false;
 	export let accessControl = null;
+	export let accessRoles = ['read'];
 
 	export let onChange = () => {};
 </script>
@@ -37,7 +38,7 @@
 		</div>
 
 		<div class="w-full px-5 pb-4 dark:text-white">
-			<AccessControl bind:accessControl {onChange} />
+			<AccessControl bind:accessControl {onChange} {accessRoles} />
 		</div>
 	</div>
 </Modal>