Skip to content

GitLab

Switch branch/tag
Find file Normal viewHistoryPermalink
users.py 6.88 KB
Newer Older
Jonathan Rohde's avatar
feat(sqlalchemy): Replace peewee with sqlalchemy  
Jonathan Rohde committed
1 
from pydantic import BaseModel, ConfigDict, parse_obj_as
Timothy J. Baek's avatar
feat: multi-user support w/ RBAC  
Timothy J. Baek committed
2
3 
from typing import List, Union, Optional
import time
Jonathan Rohde's avatar
feat(sqlalchemy): Replace peewee with sqlalchemy  
Jonathan Rohde committed
4
5
6 

from sqlalchemy import String, Column, BigInteger, Text
Timothy J. Baek's avatar
feat: basic RBAC support  
Timothy J. Baek committed
7
8 
from utils.misc import get_gravatar_url
Jonathan Rohde's avatar
feat(sqlalchemy): use session factory instead of context manager  
Jonathan Rohde committed
9 
from apps.webui.internal.db import Base, JSONField, Session
Timothy J. Baek's avatar
refac: folder rename web -> webui  
Timothy J. Baek committed
10 
from apps.webui.models.chats import Chats
Timothy J. Baek's avatar
feat: delete user backend support  
Timothy J. Baek committed
11
Timothy J. Baek's avatar
feat: multi-user support w/ RBAC  
Timothy J. Baek committed
12
13
14
15
16 
####################
# User DB Schema
####################
Jonathan Rohde's avatar
feat(sqlalchemy): Replace peewee with sqlalchemy  
Jonathan Rohde committed
17
18 
class User(Base):
    __tablename__ = "user"
Timothy J. Baek's avatar
feat: user last active  
Timothy J. Baek committed
19
Jonathan Rohde's avatar
feat(sqlalchemy): Replace peewee with sqlalchemy  
Jonathan Rohde committed
20
21
22
23
24 
    id = Column(String, primary_key=True)
    name = Column(String)
    email = Column(String)
    role = Column(String)
    profile_image_url = Column(String)
Timothy J. Baek's avatar
feat: user last active  
Timothy J. Baek committed
25
Jonathan Rohde's avatar
feat(sqlalchemy): Replace peewee with sqlalchemy  
Jonathan Rohde committed
26
27
28 
    last_active_at = Column(BigInteger)
    updated_at = Column(BigInteger)
    created_at = Column(BigInteger)
Timothy J. Baek's avatar
feat: db migration to sqlite  
Timothy J. Baek committed
29
Jonathan Rohde's avatar
feat(sqlalchemy): Replace peewee with sqlalchemy  
Jonathan Rohde committed
30
31
32 
    api_key = Column(String, nullable=True, unique=True)
    settings = Column(JSONField, nullable=True)
    info = Column(JSONField, nullable=True)
Jun Siang Cheah's avatar
feat: experimental SSO support for Google, Microsoft, and OIDC  
Jun Siang Cheah committed
33
Jonathan Rohde's avatar
feat(sqlalchemy): Replace peewee with sqlalchemy  
Jonathan Rohde committed
34 
    oauth_sub = Column(Text, unique=True)
Timothy J. Baek's avatar
feat: db migration to sqlite  
Timothy J. Baek committed
35
36
Timothy J. Baek's avatar
feat: save user settings to db  
Timothy J. Baek committed
37
38
39
40
41
42 
class UserSettings(BaseModel):
    ui: Optional[dict] = {}
    model_config = ConfigDict(extra="allow")
    pass
Timothy J. Baek's avatar
feat: multi-user support w/ RBAC  
Timothy J. Baek committed
43
44
45
46 
class UserModel(BaseModel):
    id: str
    name: str
    email: str
Timothy J. Baek's avatar
feat: basic RBAC support  
Timothy J. Baek committed
47 
    role: str = "pending"
Danny Liu's avatar
feat: api endpoint to receive profile_image_uirl on signup  
Danny Liu committed
48 
    profile_image_url: str
Timothy J. Baek's avatar
feat: user last active  
Timothy J. Baek committed
49
50
51
52
53 

    last_active_at: int  # timestamp in epoch
    updated_at: int  # timestamp in epoch
    created_at: int  # timestamp in epoch
Timothy J. Baek's avatar
refac: api_key field moved to user  
Timothy J. Baek committed
54 
    api_key: Optional[str] = None
Timothy J. Baek's avatar
feat: save user settings to db  
Timothy J. Baek committed
55 
    settings: Optional[UserSettings] = None
Timothy J. Baek's avatar
feat: user_location  
Timothy J. Baek committed
56 
    info: Optional[dict] = None
Timothy J. Baek's avatar
feat: multi-user support w/ RBAC  
Timothy J. Baek committed
57
Jun Siang Cheah's avatar
feat: experimental SSO support for Google, Microsoft, and OIDC  
Jun Siang Cheah committed
58
59 
    oauth_sub: Optional[str] = None
Jonathan Rohde's avatar
feat(sqlalchemy): remove session reference from router  
Jonathan Rohde committed
60
61 
    model_config = ConfigDict(from_attributes=True)
Timothy J. Baek's avatar
feat: multi-user support w/ RBAC  
Timothy J. Baek committed
62
63
64
65
66
67 

####################
# Forms
####################
Timothy J. Baek's avatar
feat: admin panel added  
Timothy J. Baek committed
68
69
70
71
72 
class UserRoleUpdateForm(BaseModel):
    id: str
    role: str
Timothy J. Baek's avatar
feat: edit user support  
Timothy J. Baek committed
73
74
75
76
77
78 
class UserUpdateForm(BaseModel):
    name: str
    email: str
    profile_image_url: str
    password: Optional[str] = None
ThatOneCalculator's avatar
chore: :rotating_light: lint and format  
ThatOneCalculator committed
79
Timothy J. Baek's avatar
feat: edit user support  
Timothy J. Baek committed
80 
class UsersTable:
Timothy J. Baek's avatar
feat: multi-user support w/ RBAC  
Timothy J. Baek committed
81
Timothy J. Baek's avatar
feat: edit user support  
Timothy J. Baek committed
82 
    def insert_new_user(
Danny Liu's avatar
run npm run lint:backend  
Danny Liu committed
83
84
85
86 
        self,
        id: str,
        name: str,
        email: str,
Timothy J. Baek's avatar
refac  
Timothy J. Baek committed
87 
        profile_image_url: str = "/user.png",
Danny Liu's avatar
run npm run lint:backend  
Danny Liu committed
88 
        role: str = "pending",
Jun Siang Cheah's avatar
feat: experimental SSO support for Google, Microsoft, and OIDC  
Jun Siang Cheah committed
89 
        oauth_sub: Optional[str] = None,
Timothy J. Baek's avatar
feat: edit user support  
Timothy J. Baek committed
90 
    ) -> Optional[UserModel]:
Jonathan Rohde's avatar
feat(sqlalchemy): use session factory instead of context manager  
Jonathan Rohde committed
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111 
        user = UserModel(
            **{
                "id": id,
                "name": name,
                "email": email,
                "role": role,
                "profile_image_url": profile_image_url,
                "last_active_at": int(time.time()),
                "created_at": int(time.time()),
                "updated_at": int(time.time()),
                "oauth_sub": oauth_sub,
            }
        )
        result = User(**user.model_dump())
        Session.add(result)
        Session.commit()
        Session.refresh(result)
        if result:
            return user
        else:
            return None
Jonathan Rohde's avatar
feat(sqlalchemy): remove session reference from router  
Jonathan Rohde committed
112
113 

    def get_user_by_id(self, id: str) -> Optional[UserModel]:
Jonathan Rohde's avatar
feat(sqlalchemy): use session factory instead of context manager  
Jonathan Rohde committed
114
115
116
117
118 
        try:
            user = Session.query(User).filter_by(id=id).first()
            return UserModel.model_validate(user)
        except Exception as e:
            return None
Jonathan Rohde's avatar
feat(sqlalchemy): remove session reference from router  
Jonathan Rohde committed
119
120 

    def get_user_by_api_key(self, api_key: str) -> Optional[UserModel]:
Jonathan Rohde's avatar
feat(sqlalchemy): use session factory instead of context manager  
Jonathan Rohde committed
121
122
123
124
125 
        try:
            user = Session.query(User).filter_by(api_key=api_key).first()
            return UserModel.model_validate(user)
        except:
            return None
Jonathan Rohde's avatar
feat(sqlalchemy): remove session reference from router  
Jonathan Rohde committed
126
127 

    def get_user_by_email(self, email: str) -> Optional[UserModel]:
Jonathan Rohde's avatar
feat(sqlalchemy): use session factory instead of context manager  
Jonathan Rohde committed
128
129
130
131
132 
        try:
            user = Session.query(User).filter_by(email=email).first()
            return UserModel.model_validate(user)
        except:
            return None
Timothy J. Baek's avatar
feat: multi-user support w/ RBAC  
Timothy J. Baek committed
133
Jun Siang Cheah's avatar
feat: experimental SSO support for Google, Microsoft, and OIDC  
Jun Siang Cheah committed
134 
    def get_user_by_oauth_sub(self, sub: str) -> Optional[UserModel]:
Jonathan Rohde's avatar
feat(sqlalchemy): use session factory instead of context manager  
Jonathan Rohde committed
135
136
137
138
139 
        try:
            user = Session.query(User).filter_by(oauth_sub=sub).first()
            return UserModel.model_validate(user)
        except:
            return None
Jonathan Rohde's avatar
feat(sqlalchemy): remove session reference from router  
Jonathan Rohde committed
140
141 

    def get_users(self, skip: int = 0, limit: int = 50) -> List[UserModel]:
Jonathan Rohde's avatar
feat(sqlalchemy): use session factory instead of context manager  
Jonathan Rohde committed
142
143
144
145
146
147 
        users = (
            Session.query(User)
            # .offset(skip).limit(limit)
            .all()
        )
        return [UserModel.model_validate(user) for user in users]
Jonathan Rohde's avatar
feat(sqlalchemy): remove session reference from router  
Jonathan Rohde committed
148
149 

    def get_num_users(self) -> Optional[int]:
Jonathan Rohde's avatar
feat(sqlalchemy): use session factory instead of context manager  
Jonathan Rohde committed
150 
        return Session.query(User).count()
Jonathan Rohde's avatar
feat(sqlalchemy): remove session reference from router  
Jonathan Rohde committed
151
152 

    def get_first_user(self) -> UserModel:
Jonathan Rohde's avatar
feat(sqlalchemy): use session factory instead of context manager  
Jonathan Rohde committed
153
154
155
156
157 
        try:
            user = Session.query(User).order_by(User.created_at).first()
            return UserModel.model_validate(user)
        except:
            return None
Timothy J. Baek's avatar
feat: super-admin (first one to signup)  
Timothy J. Baek committed
158
Jonathan Rohde's avatar
feat(sqlalchemy): format backend  
Jonathan Rohde committed
159 
    def update_user_role_by_id(self, id: str, role: str) -> Optional[UserModel]:
Jonathan Rohde's avatar
feat(sqlalchemy): use session factory instead of context manager  
Jonathan Rohde committed
160
161
162 
        try:
            Session.query(User).filter_by(id=id).update({"role": role})
            Session.commit()
Timothy J. Baek's avatar
feat: db migration to sqlite  
Timothy J. Baek committed
163
Jonathan Rohde's avatar
feat(sqlalchemy): use session factory instead of context manager  
Jonathan Rohde committed
164
165
166
167 
            user = Session.query(User).filter_by(id=id).first()
            return UserModel.model_validate(user)
        except:
            return None
Timothy J. Baek's avatar
feat: admin panel added  
Timothy J. Baek committed
168
Timothy J. Baek's avatar
feat: profile image update backend  
Timothy J. Baek committed
169 
    def update_user_profile_image_url_by_id(
Jonathan Rohde's avatar
feat(sqlalchemy): remove session reference from router  
Jonathan Rohde committed
170 
        self, id: str, profile_image_url: str
Timothy J. Baek's avatar
feat: profile image update backend  
Timothy J. Baek committed
171 
    ) -> Optional[UserModel]:
Jonathan Rohde's avatar
feat(sqlalchemy): use session factory instead of context manager  
Jonathan Rohde committed
172
173
174
175
176
177
178
179
180
181 
        try:
            Session.query(User).filter_by(id=id).update(
                {"profile_image_url": profile_image_url}
            )
            Session.commit()

            user = Session.query(User).filter_by(id=id).first()
            return UserModel.model_validate(user)
        except:
            return None
Timothy J. Baek's avatar
feat: profile image update backend  
Timothy J. Baek committed
182
Jonathan Rohde's avatar
feat(sqlalchemy): format backend  
Jonathan Rohde committed
183 
    def update_user_last_active_by_id(self, id: str) -> Optional[UserModel]:
Jonathan Rohde's avatar
feat(sqlalchemy): use session factory instead of context manager  
Jonathan Rohde committed
184
185
186
187 
        try:
            Session.query(User).filter_by(id=id).update(
                {"last_active_at": int(time.time())}
            )
Timothy J. Baek's avatar
feat: user last active  
Timothy J. Baek committed
188
Jonathan Rohde's avatar
feat(sqlalchemy): use session factory instead of context manager  
Jonathan Rohde committed
189
190
191
192 
            user = Session.query(User).filter_by(id=id).first()
            return UserModel.model_validate(user)
        except:
            return None
Timothy J. Baek's avatar
feat: user last active  
Timothy J. Baek committed
193
Jun Siang Cheah's avatar
refac: move things around, uplift oauth endpoints  
Jun Siang Cheah committed
194 
    def update_user_oauth_sub_by_id(
Jonathan Rohde's avatar
feat(sqlalchemy): remove session reference from router  
Jonathan Rohde committed
195 
        self, id: str, oauth_sub: str
Jun Siang Cheah's avatar
refac: move things around, uplift oauth endpoints  
Jun Siang Cheah committed
196 
    ) -> Optional[UserModel]:
Jonathan Rohde's avatar
feat(sqlalchemy): use session factory instead of context manager  
Jonathan Rohde committed
197
198 
        try:
            Session.query(User).filter_by(id=id).update({"oauth_sub": oauth_sub})
Jun Siang Cheah's avatar
refac: move things around, uplift oauth endpoints  
Jun Siang Cheah committed
199
Jonathan Rohde's avatar
feat(sqlalchemy): use session factory instead of context manager  
Jonathan Rohde committed
200
201
202
203 
            user = Session.query(User).filter_by(id=id).first()
            return UserModel.model_validate(user)
        except:
            return None
Jun Siang Cheah's avatar
refac: move things around, uplift oauth endpoints  
Jun Siang Cheah committed
204
Jonathan Rohde's avatar
feat(sqlalchemy): format backend  
Jonathan Rohde committed
205 
    def update_user_by_id(self, id: str, updated: dict) -> Optional[UserModel]:
Jonathan Rohde's avatar
feat(sqlalchemy): use session factory instead of context manager  
Jonathan Rohde committed
206
207
208 
        try:
            Session.query(User).filter_by(id=id).update(updated)
            Session.commit()
Timothy J. Baek's avatar
feat: edit user support  
Timothy J. Baek committed
209
Jonathan Rohde's avatar
feat(sqlalchemy): use session factory instead of context manager  
Jonathan Rohde committed
210
211
212
213
214 
            user = Session.query(User).filter_by(id=id).first()
            return UserModel.model_validate(user)
            # return UserModel(**user.dict())
        except Exception as e:
            return None
Jonathan Rohde's avatar
feat(sqlalchemy): remove session reference from router  
Jonathan Rohde committed
215
216 

    def delete_user_by_id(self, id: str) -> bool:
Jonathan Rohde's avatar
feat(sqlalchemy): use session factory instead of context manager  
Jonathan Rohde committed
217
218
219
220
221
222
223
224
225
226
227 
        try:
            # Delete User Chats
            result = Chats.delete_chats_by_user_id(id)

            if result:
                # Delete User
                Session.query(User).filter_by(id=id).delete()
                Session.commit()

                return True
            else:
Jonathan Rohde's avatar
feat(sqlalchemy): remove session reference from router  
Jonathan Rohde committed
228 
                return False
Jonathan Rohde's avatar
feat(sqlalchemy): use session factory instead of context manager  
Jonathan Rohde committed
229
230 
        except:
            return False
Timothy J. Baek's avatar
feat: delete user backend support  
Timothy J. Baek committed
231
Jonathan Rohde's avatar
feat(sqlalchemy): remove session reference from router  
Jonathan Rohde committed
232 
    def update_user_api_key_by_id(self, id: str, api_key: str) -> str:
Jonathan Rohde's avatar
feat(sqlalchemy): use session factory instead of context manager  
Jonathan Rohde committed
233
234
235
236
237
238 
        try:
            result = Session.query(User).filter_by(id=id).update({"api_key": api_key})
            Session.commit()
            return True if result == 1 else False
        except:
            return False
Timothy J. Baek's avatar
feat: delete user backend support  
Timothy J. Baek committed
239
Jonathan Rohde's avatar
feat(sqlalchemy): remove session reference from router  
Jonathan Rohde committed
240 
    def get_user_api_key_by_id(self, id: str) -> Optional[str]:
Jonathan Rohde's avatar
feat(sqlalchemy): use session factory instead of context manager  
Jonathan Rohde committed
241
242
243
244
245 
        try:
            user = Session.query(User).filter_by(id=id).first()
            return user.api_key
        except Exception as e:
            return None
Timothy J. Baek's avatar
refac  
Timothy J. Baek committed
246
Timothy J. Baek's avatar
feat: multi-user support w/ RBAC  
Timothy J. Baek committed
247
Jonathan Rohde's avatar
feat(sqlalchemy): Replace peewee with sqlalchemy  
Jonathan Rohde committed
248 
Users = UsersTable()