github-starred/open-webui
2
0
Fork 0
mirror of https://github.com/open-webui/open-webui.git synced 2026-05-07 03:18:23 -05:00
Code Issues 1.3k Packages Projects Releases 126 Wiki Activity

[GH-ISSUE #23946] issue: 400 Model not found for Workspace Models whose base models are not available to the user #35651

New Issue
Closed
opened 2026-04-25 09:49:44 -05:00 by GiteaMirror · 2 comments
GiteaMirror commented 2026-04-25 09:49:44 -05:00
Owner
Copy Link

Originally created by @itsHenry35 on GitHub (Apr 21, 2026).
Original GitHub issue: https://github.com/open-webui/open-webui/issues/23946

Check Existing Issues

  • I have searched for any existing and/or related issues.
  • I have searched for any existing and/or related discussions.
  • I have also searched in the CLOSED issues AND CLOSED discussions and found no related items (your issue might already be addressed on the development branch!).
  • I am using the latest version of Open WebUI.

Installation Method

Docker

Open WebUI Version

v0.9.1

Ollama Version (if applicable)

No response

Operating System

Ubuntu 22.04

Browser (if applicable)

No response

Confirmation

  • I have read and followed all instructions in README.md.
  • I am using the latest version of both Open WebUI and Ollama.
  • I have included the browser console logs.
  • I have included the Docker container logs.
  • I have provided every relevant configuration, setting, and environment variable used in my setup.
  • I have clearly listed every relevant configuration, custom setting, environment variable, and command-line option that influences my setup (such as Docker Compose overrides, .env values, browser settings, authentication configurations, etc).
  • I have documented step-by-step reproduction instructions that are precise, sequential, and leave nothing to interpretation. My steps:
  • Start with the initial platform/version/OS and dependencies used,
  • Specify exact install/launch/configure commands,
  • List URLs visited, user input (incl. example values/emails/passwords if needed),
  • Describe all options and toggles enabled or changed,
  • Include any files or environmental changes,
  • Identify the expected and actual result at each stage,
  • Ensure any reasonably skilled user can follow and hit the same issue.

Expected Behavior

The user should be able to chat with the model

Actual Behavior

400 Model not found

Steps to Reproduce

  1. Create a private workspace model whose base model is private and cannot be used by the following users and share it with some users.
  2. The users try to interact with the model, while the model is listed in the model list, when chatting, the server responds with model not found
  3. If you enable the permission for the users to use that base model, it works

Logs & Screenshots

2026-04-21 14:21:41.953 | DEBUG | aiosqlite.core:run:104 - executing functools.partial(<built-in method execute of sqlite3.Cursor object at 0x7d8eac79c540>, 'SELECT access_grant.id, access_grant.resource_type, access_grant.resource_id, access_grant.principal_type, access_grant.principal_id, access_grant.permission, access_grant.created_at \nFROM access_grant \nWHERE access_grant.resource_type = ? AND access_grant.resource_id = ? AND access_grant.permission = ? AND (access_grant.principal_type = ? AND access_grant.principal_id = ? OR access_grant.principal_type = ? AND access_grant.principal_id = ? OR access_grant.principal_type = ? AND access_grant.principal_id IN (?, ?, ?))\n LIMIT ? OFFSET ?', ('model', 'deepseek-chat', 'read', 'user', '', 'user', 'cc8ed70f-28e5-40f5-b441-4f91c6a82ac8', 'group', '1e40e3d6-c47f-44f0-9d49-464682edca61', '0d24cdd5-fd18-4a61-80a3-833ddfdea11e', 'b75aeadd-1225-4644-9a1f-df243a015e96', 1, 0))
2026-04-21 14:21:41.953 | DEBUG | aiosqlite.core:run:106 - operation functools.partial(<built-in method execute of sqlite3.Cursor object at 0x7d8eac79c540>, 'SELECT access_grant.id, access_grant.resource_type, access_grant.resource_id, access_grant.principal_type, access_grant.principal_id, access_grant.permission, access_grant.created_at \nFROM access_grant \nWHERE access_grant.resource_type = ? AND access_grant.resource_id = ? AND access_grant.permission = ? AND (access_grant.principal_type = ? AND access_grant.principal_id = ? OR access_grant.principal_type = ? AND access_grant.principal_id = ? OR access_grant.principal_type = ? AND access_grant.principal_id IN (?, ?, ?))\n LIMIT ? OFFSET ?', ('model', 'deepseek-chat', 'read', 'user', '', 'user', 'cc8ed70f-28e5-40f5-b441-4f91c6a82ac8', 'group', '1e40e3d6-c47f-44f0-9d49-464682edca61', '0d24cdd5-fd18-4a61-80a3-833ddfdea11e', 'b75aeadd-1225-4644-9a1f-df243a015e96', 1, 0)) completed
2026-04-21 14:21:41.953 | DEBUG | aiosqlite.core:run:104 - executing functools.partial(<built-in method fetchall of sqlite3.Cursor object at 0x7d8eac79c540>)
2026-04-21 14:21:41.953 | DEBUG | aiosqlite.core:run:106 - operation functools.partial(<built-in method fetchall of sqlite3.Cursor object at 0x7d8eac79c540>) completed
2026-04-21 14:21:41.953 | DEBUG | aiosqlite.core:run:104 - executing functools.partial(<built-in method close of sqlite3.Cursor object at 0x7d8eac79c540>)
2026-04-21 14:21:41.953 | DEBUG | aiosqlite.core:run:106 - operation functools.partial(<built-in method close of sqlite3.Cursor object at 0x7d8eac79c540>) completed
2026-04-21 14:21:41.954 | DEBUG | aiosqlite.core:run:104 - executing functools.partial(<built-in method rollback of sqlite3.Connection object at 0x7d8eac6c56c0>)
2026-04-21 14:21:41.954 | DEBUG | aiosqlite.core:run:106 - operation functools.partial(<built-in method rollback of sqlite3.Connection object at 0x7d8eac6c56c0>) completed
2026-04-21 14:21:41.954 | DEBUG | aiosqlite.core:run:104 - executing functools.partial(<built-in method rollback of sqlite3.Connection object at 0x7d8eac6c56c0>)
2026-04-21 14:21:41.954 | DEBUG | aiosqlite.core:run:106 - operation functools.partial(<built-in method rollback of sqlite3.Connection object at 0x7d8eac6c56c0>) completed
2026-04-21 14:21:41.954 | DEBUG | open_webui.main:chat_completion:1835 - Error processing chat metadata: Model not found
2026-04-21 14:21:41.955 | INFO | uvicorn.protocols.http.httptools_impl:send:483 - 100.75.54.65:0 - "POST /api/chat/completions HTTP/1.1" 400

Additional Information

I don't know if this is intentional, but this is necessary because you sometimes don't want to enable raw models for users, but give them models with fine-tuned system prompts and parameters.

Originally created by @itsHenry35 on GitHub (Apr 21, 2026). Original GitHub issue: https://github.com/open-webui/open-webui/issues/23946 ### Check Existing Issues - [x] I have searched for any existing and/or related issues. - [x] I have searched for any existing and/or related discussions. - [x] I have also searched in the CLOSED issues AND CLOSED discussions and found no related items (your issue might already be addressed on the development branch!). - [x] I am using the latest version of Open WebUI. ### Installation Method Docker ### Open WebUI Version v0.9.1 ### Ollama Version (if applicable) _No response_ ### Operating System Ubuntu 22.04 ### Browser (if applicable) _No response_ ### Confirmation - [x] I have read and followed all instructions in `README.md`. - [x] I am using the latest version of **both** Open WebUI and Ollama. - [x] I have included the browser console logs. - [x] I have included the Docker container logs. - [x] I have **provided every relevant configuration, setting, and environment variable used in my setup.** - [x] I have clearly **listed every relevant configuration, custom setting, environment variable, and command-line option that influences my setup** (such as Docker Compose overrides, .env values, browser settings, authentication configurations, etc). - [x] I have documented **step-by-step reproduction instructions that are precise, sequential, and leave nothing to interpretation**. My steps: - Start with the initial platform/version/OS and dependencies used, - Specify exact install/launch/configure commands, - List URLs visited, user input (incl. example values/emails/passwords if needed), - Describe all options and toggles enabled or changed, - Include any files or environmental changes, - Identify the expected and actual result at each stage, - Ensure any reasonably skilled user can follow and hit the same issue. ### Expected Behavior The user should be able to chat with the model ### Actual Behavior 400 Model not found ### Steps to Reproduce 1. Create a private workspace model whose base model is private and cannot be used by the following users and share it with some users. 2. The users try to interact with the model, while the model is listed in the model list, when chatting, the server responds with model not found 3. If you enable the permission for the users to use that base model, it works ### Logs & Screenshots 2026-04-21 14:21:41.953 | DEBUG | aiosqlite.core:run:104 - executing functools.partial(<built-in method execute of sqlite3.Cursor object at 0x7d8eac79c540>, 'SELECT access_grant.id, access_grant.resource_type, access_grant.resource_id, access_grant.principal_type, access_grant.principal_id, access_grant.permission, access_grant.created_at \nFROM access_grant \nWHERE access_grant.resource_type = ? AND access_grant.resource_id = ? AND access_grant.permission = ? AND (access_grant.principal_type = ? AND access_grant.principal_id = ? OR access_grant.principal_type = ? AND access_grant.principal_id = ? OR access_grant.principal_type = ? AND access_grant.principal_id IN (?, ?, ?))\n LIMIT ? OFFSET ?', ('model', 'deepseek-chat', 'read', 'user', '*', 'user', 'cc8ed70f-28e5-40f5-b441-4f91c6a82ac8', 'group', '1e40e3d6-c47f-44f0-9d49-464682edca61', '0d24cdd5-fd18-4a61-80a3-833ddfdea11e', 'b75aeadd-1225-4644-9a1f-df243a015e96', 1, 0)) 2026-04-21 14:21:41.953 | DEBUG | aiosqlite.core:run:106 - operation functools.partial(<built-in method execute of sqlite3.Cursor object at 0x7d8eac79c540>, 'SELECT access_grant.id, access_grant.resource_type, access_grant.resource_id, access_grant.principal_type, access_grant.principal_id, access_grant.permission, access_grant.created_at \nFROM access_grant \nWHERE access_grant.resource_type = ? AND access_grant.resource_id = ? AND access_grant.permission = ? AND (access_grant.principal_type = ? AND access_grant.principal_id = ? OR access_grant.principal_type = ? AND access_grant.principal_id = ? OR access_grant.principal_type = ? AND access_grant.principal_id IN (?, ?, ?))\n LIMIT ? OFFSET ?', ('model', 'deepseek-chat', 'read', 'user', '*', 'user', 'cc8ed70f-28e5-40f5-b441-4f91c6a82ac8', 'group', '1e40e3d6-c47f-44f0-9d49-464682edca61', '0d24cdd5-fd18-4a61-80a3-833ddfdea11e', 'b75aeadd-1225-4644-9a1f-df243a015e96', 1, 0)) completed 2026-04-21 14:21:41.953 | DEBUG | aiosqlite.core:run:104 - executing functools.partial(<built-in method fetchall of sqlite3.Cursor object at 0x7d8eac79c540>) 2026-04-21 14:21:41.953 | DEBUG | aiosqlite.core:run:106 - operation functools.partial(<built-in method fetchall of sqlite3.Cursor object at 0x7d8eac79c540>) completed 2026-04-21 14:21:41.953 | DEBUG | aiosqlite.core:run:104 - executing functools.partial(<built-in method close of sqlite3.Cursor object at 0x7d8eac79c540>) 2026-04-21 14:21:41.953 | DEBUG | aiosqlite.core:run:106 - operation functools.partial(<built-in method close of sqlite3.Cursor object at 0x7d8eac79c540>) completed 2026-04-21 14:21:41.954 | DEBUG | aiosqlite.core:run:104 - executing functools.partial(<built-in method rollback of sqlite3.Connection object at 0x7d8eac6c56c0>) 2026-04-21 14:21:41.954 | DEBUG | aiosqlite.core:run:106 - operation functools.partial(<built-in method rollback of sqlite3.Connection object at 0x7d8eac6c56c0>) completed 2026-04-21 14:21:41.954 | DEBUG | aiosqlite.core:run:104 - executing functools.partial(<built-in method rollback of sqlite3.Connection object at 0x7d8eac6c56c0>) 2026-04-21 14:21:41.954 | DEBUG | aiosqlite.core:run:106 - operation functools.partial(<built-in method rollback of sqlite3.Connection object at 0x7d8eac6c56c0>) completed 2026-04-21 14:21:41.954 | DEBUG | open_webui.main:chat_completion:1835 - Error processing chat metadata: Model not found 2026-04-21 14:21:41.955 | INFO | uvicorn.protocols.http.httptools_impl:send:483 - 100.75.54.65:0 - "POST /api/chat/completions HTTP/1.1" 400 ### Additional Information I don't know if this is intentional, but this is necessary because you sometimes don't want to enable raw models for users, but give them models with fine-tuned system prompts and parameters.
GiteaMirror added the bug label 2026-04-25 09:49:44 -05:00
GiteaMirror commented 2026-04-25 09:49:46 -05:00
Author
Owner
Copy Link

@Classic298 commented on GitHub (Apr 21, 2026):

This is working as designed — access to chained base models is enforced at every hop (has_base_model_access in utils/access_control/init.py). If a user has read-access to the workspace model but not its base model, the request is denied. The "Model not found" wording is misleading (it's actually a 403), we should improve that.

Pragmatic workaround: grant the target users/groups read-access to the base model as well (and hide the base model using the model hide feature if you dont want them to see it). The workspace model's system prompt, params, etc. still apply on top — base-model read-access doesn't automatically expose the raw model in the UI unless you also grant it there.

If you want "workspace model access implies base model access when used through it", please open a separate feature request — it's a meaningful policy change and worth discussing in its own thread rather than as a bug.

<!-- gh-comment-id:4289383370 --> @Classic298 commented on GitHub (Apr 21, 2026): This is working as designed — access to chained base models is enforced at every hop (has_base_model_access in utils/access_control/__init__.py). If a user has read-access to the workspace model but not its base model, the request is denied. The "Model not found" wording is misleading (it's actually a 403), we should improve that. Pragmatic workaround: grant the target users/groups read-access to the base model as well (and hide the base model using the model hide feature if you dont want them to see it). The workspace model's system prompt, params, etc. still apply on top — base-model read-access doesn't automatically expose the raw model in the UI unless you also grant it there. If you want "workspace model access implies base model access when used through it", please open a separate feature request — it's a meaningful policy change and worth discussing in its own thread rather than as a bug.
GiteaMirror commented 2026-04-25 09:49:46 -05:00
Author
Owner
Copy Link

@itsHenry35 commented on GitHub (Apr 21, 2026):

This is working as designed — access to chained base models is enforced at every hop (has_base_model_access in utils/access_control/init.py). If a user has read-access to the workspace model but not its base model, the request is denied. The "Model not found" wording is misleading (it's actually a 403), we should improve that.

Pragmatic workaround: grant the target users/groups read-access to the base model as well (and hide the base model using the model hide feature if you dont want them to see it). The workspace model's system prompt, params, etc. still apply on top — base-model read-access doesn't automatically expose the raw model in the UI unless you also grant it there.

If you want "workspace model access implies base model access when used through it", please open a separate feature request — it's a meaningful policy change and worth discussing in its own thread rather than as a bug.

Thanks! I've opened a new issue.
BTW, this workaround just has one big limitation that I can't do: i want some users to see it, while only hiding if for a group of users using that workspace model

<!-- gh-comment-id:4289449690 --> @itsHenry35 commented on GitHub (Apr 21, 2026): > This is working as designed — access to chained base models is enforced at every hop (has_base_model_access in utils/access_control/**init**.py). If a user has read-access to the workspace model but not its base model, the request is denied. The "Model not found" wording is misleading (it's actually a 403), we should improve that. > > Pragmatic workaround: grant the target users/groups read-access to the base model as well (and hide the base model using the model hide feature if you dont want them to see it). The workspace model's system prompt, params, etc. still apply on top — base-model read-access doesn't automatically expose the raw model in the UI unless you also grant it there. > > If you want "workspace model access implies base model access when used through it", please open a separate feature request — it's a meaningful policy change and worth discussing in its own thread rather than as a bug. Thanks! I've opened a new issue. BTW, this workaround just has one big limitation that I can't do: i want some users to see it, while only hiding if for a group of users using that workspace model
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
bug
confirmed
confirmed issue
core
documentation
enhancement
good first issue
help wanted
non-core
pull-request
Mirrored from GitHub Pull Request
 python
question
testing wanted
No Label bug
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/open-webui#35651
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?