mirror of
https://github.com/open-webui/open-webui.git
synced 2026-07-16 06:03:26 -05:00
[PR #21358] [MERGED] fix: enforce public sharing permission checks across all resource types #41673
Reference in New Issue
Block a user
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
📋 Pull Request Information
Original PR: https://github.com/open-webui/open-webui/pull/21358
Author: @Classic298
Created: 2/13/2026
Status: ✅ Merged
Merged: 2/13/2026
Merged by: @tjbck
Base:
dev← Head:fix-public-sharing-access-control📝 Commits (1)
39d0ff8fix: enforce public sharing permission checks across all resource types📊 Changes
11 files changed (+122 additions, -10 deletions)
View changed files
📝
backend/open_webui/routers/knowledge.py(+19 -0)📝
backend/open_webui/routers/models.py(+20 -1)📝
backend/open_webui/routers/notes.py(+18 -0)📝
backend/open_webui/routers/prompts.py(+20 -1)📝
backend/open_webui/routers/skills.py(+20 -1)📝
backend/open_webui/routers/tools.py(+20 -1)📝
src/lib/components/workspace/Knowledge/KnowledgeBase.svelte(+1 -2)📝
src/lib/components/workspace/Models/ModelEditor.svelte(+1 -1)📝
src/lib/components/workspace/Prompts/PromptEditor.svelte(+1 -1)📝
src/lib/components/workspace/Skills/SkillEditor.svelte(+1 -1)📝
src/lib/components/workspace/Tools/ToolkitEditor.svelte(+1 -1)📄 Description
The sharePublic prop in editor components (Knowledge, Tools, Skills, Prompts, Models) incorrectly included an "|| edit" / "|| write_access" condition, allowing users with write access to see and use the "Public" sharing option regardless of their actual public sharing permission. Additionally, all backend access/update endpoints only verified write authorization but did not check the corresponding sharing.public_* permission, allowing direct API calls to bypass frontend restrictions entirely.
Frontend: removed the edit/write_access bypass from sharePublic in all five editor components so visibility is gated solely by the user's sharing.public_* permission or admin role.
Backend: added has_public_read_access_grant checks to the access/update endpoints in knowledge.py, tools.py, prompts.py, skills.py, models.py, and notes.py. Public grants are silently stripped when the user lacks the corresponding permission.
Fixes #21356
Contributor License Agreement
By submitting this pull request, I confirm that I have read and fully agree to the Contributor License Agreement (CLA), and I am providing my contributions under its terms.
🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.