|
|
@@ -264,7 +264,8 @@ def add_file_to_knowledge_by_id(
|
|
|
detail=ERROR_MESSAGES.NOT_FOUND,
|
|
|
)
|
|
|
|
|
|
- if (knowledge.user_id != user.id
|
|
|
+ if (
|
|
|
+ knowledge.user_id != user.id
|
|
|
and not has_access(user.id, "write", knowledge.access_control)
|
|
|
and user.role != "admin"
|
|
|
):
|
|
|
@@ -349,7 +350,7 @@ def update_file_from_knowledge_by_id(
|
|
|
knowledge.user_id != user.id
|
|
|
and not has_access(user.id, "write", knowledge.access_control)
|
|
|
and user.role != "admin"
|
|
|
- ):
|
|
|
+ ):
|
|
|
|
|
|
raise HTTPException(
|
|
|
status_code=status.HTTP_400_BAD_REQUEST,
|
|
|
@@ -418,7 +419,7 @@ def remove_file_from_knowledge_by_id(
|
|
|
knowledge.user_id != user.id
|
|
|
and not has_access(user.id, "write", knowledge.access_control)
|
|
|
and user.role != "admin"
|
|
|
- ):
|
|
|
+ ):
|
|
|
raise HTTPException(
|
|
|
status_code=status.HTTP_400_BAD_REQUEST,
|
|
|
detail=ERROR_MESSAGES.ACCESS_PROHIBITED,
|
|
|
@@ -441,10 +442,6 @@ def remove_file_from_knowledge_by_id(
|
|
|
if VECTOR_DB_CLIENT.has_collection(collection_name=file_collection):
|
|
|
VECTOR_DB_CLIENT.delete_collection(collection_name=file_collection)
|
|
|
|
|
|
- # Delete physical file
|
|
|
- if file.path:
|
|
|
- Storage.delete_file(file.path)
|
|
|
-
|
|
|
# Delete file from database
|
|
|
Files.delete_file_by_id(form_data.file_id)
|
|
|
|
|
|
@@ -500,7 +497,7 @@ async def delete_knowledge_by_id(id: str, user=Depends(get_verified_user)):
|
|
|
knowledge.user_id != user.id
|
|
|
and not has_access(user.id, "write", knowledge.access_control)
|
|
|
and user.role != "admin"
|
|
|
- ):
|
|
|
+ ):
|
|
|
raise HTTPException(
|
|
|
status_code=status.HTTP_400_BAD_REQUEST,
|
|
|
detail=ERROR_MESSAGES.ACCESS_PROHIBITED,
|
|
|
@@ -563,7 +560,7 @@ async def reset_knowledge_by_id(id: str, user=Depends(get_verified_user)):
|
|
|
knowledge.user_id != user.id
|
|
|
and not has_access(user.id, "write", knowledge.access_control)
|
|
|
and user.role != "admin"
|
|
|
- ):
|
|
|
+ ):
|
|
|
raise HTTPException(
|
|
|
status_code=status.HTTP_400_BAD_REQUEST,
|
|
|
detail=ERROR_MESSAGES.ACCESS_PROHIBITED,
|
|
|
@@ -606,7 +603,7 @@ def add_files_to_knowledge_batch(
|
|
|
knowledge.user_id != user.id
|
|
|
and not has_access(user.id, "write", knowledge.access_control)
|
|
|
and user.role != "admin"
|
|
|
- ):
|
|
|
+ ):
|
|
|
raise HTTPException(
|
|
|
status_code=status.HTTP_400_BAD_REQUEST,
|
|
|
detail=ERROR_MESSAGES.ACCESS_PROHIBITED,
|
Timothy Jaeryang Baek