refac: async db

backend/open_webui/utils/access_control/files.py

@@ -9,16 +9,16 @@ from open_webui.models.groups import Groups
 from open_webui.models.models import Models
 from open_webui.models.access_grants import AccessGrants
 
-from sqlalchemy.orm import Session
+from sqlalchemy.ext.asyncio import AsyncSession
 
 log = logging.getLogger(__name__)
 
 
-def has_access_to_file(
+async def has_access_to_file(
     file_id: str | None,
     access_type: str,
     user: UserModel,
-    db: Session | None = None,
+    db: AsyncSession | None = None,
 ) -> bool:
     """
     Check if a user has the specified access to a file through any of:
@@ -30,7 +30,7 @@ def has_access_to_file(
     NOTE: This does NOT check direct file ownership — callers should check
     file.user_id == user.id separately before calling this.
     """
-    file = Files.get_file_by_id(file_id, db=db)
+    file = await Files.get_file_by_id(file_id, db=db)
     log.debug(f'Checking if user has {access_type} access to file')
     if not file:
         return False
@@ -40,10 +40,10 @@ def has_access_to_file(
         return True
 
     # Check if the file is associated with any knowledge bases the user has access to
-    knowledge_bases = Knowledges.get_knowledges_by_file_id(file_id, db=db)
-    user_group_ids = {group.id for group in Groups.get_groups_by_member_id(user.id, db=db)}
+    knowledge_bases = await Knowledges.get_knowledges_by_file_id(file_id, db=db)
+    user_group_ids = {group.id for group in await Groups.get_groups_by_member_id(user.id, db=db)}
     for knowledge_base in knowledge_bases:
-        if knowledge_base.user_id == user.id or AccessGrants.has_access(
+        if knowledge_base.user_id == user.id or await AccessGrants.has_access(
             user_id=user.id,
             resource_type='knowledge',
             resource_id=knowledge_base.id,
@@ -55,24 +55,24 @@ def has_access_to_file(
 
     knowledge_base_id = file.meta.get('collection_name') if file.meta else None
     if knowledge_base_id:
-        knowledge_bases = Knowledges.get_knowledge_bases_by_user_id(user.id, access_type, db=db)
+        knowledge_bases = await Knowledges.get_knowledge_bases_by_user_id(user.id, access_type, db=db)
         for knowledge_base in knowledge_bases:
             if knowledge_base.id == knowledge_base_id:
                 return True
 
     # Check if the file is associated with any channels the user has access to
-    channels = Channels.get_channels_by_file_id_and_user_id(file_id, user.id, db=db)
+    channels = await Channels.get_channels_by_file_id_and_user_id(file_id, user.id, db=db)
     if access_type == 'read' and channels:
         return True
 
     # Check if the file is associated with any chats the user has access to
     # TODO: Granular access control for chats
-    chats = Chats.get_shared_chats_by_file_id(file_id, db=db)
+    chats = await Chats.get_shared_chats_by_file_id(file_id, db=db)
     if chats:
         return True
 
     # Check if the file is directly attached to a shared workspace model
-    for model in Models.get_models_by_user_id(user.id, permission=access_type, db=db):
+    for model in await Models.get_models_by_user_id(user.id, permission=access_type, db=db):
         knowledge_items = getattr(model.meta, 'knowledge', None) or []
         for item in knowledge_items:
             if isinstance(item, dict) and item.get('type') == 'file' and item.get('id') == file.id: