issue: USER_PERMISSIONS_CHAT_CONTROLS not being honored #6103

New Issue

Closed

opened 2025-11-11 16:45:00 -06:00 by GiteaMirror · 2 comments

GiteaMirror commented 2025-11-11 16:45:00 -06:00

Owner

Copy Link

Originally created by @y4shg on GitHub (Aug 15, 2025).

Check Existing Issues

• I have searched the existing issues and discussions.
• I am using the latest version of Open WebUI.

Installation Method

Docker

Open WebUI Version

v0.6.22

Ollama Version (if applicable)

v0.11.4

Operating System

Ubuntu 24.04

Browser (if applicable)

Chrome 139.0.7258.127/128

Confirmation

• I have read and followed all instructions in README.md.
• I am using the latest version of both Open WebUI and Ollama.
• I have included the browser console logs.
• I have included the Docker container logs.
• I have provided every relevant configuration, setting, and environment variable used in my setup.
• I have clearly listed every relevant configuration, custom setting, environment variable, and command-line option that influences my setup (such as Docker Compose overrides, .env values, browser settings, authentication configurations, etc).
• I have documented step-by-step reproduction instructions that are precise, sequential, and leave nothing to interpretation. My steps:
• Start with the initial platform/version/OS and dependencies used,
• Specify exact install/launch/configure commands,
• List URLs visited, user input (incl. example values/emails/passwords if needed),
• Describe all options and toggles enabled or changed,
• Include any files or environmental changes,
• Identify the expected and actual result at each stage,
• Ensure any reasonably skilled user can follow and hit the same issue.

Expected Behavior

USER_PERMISSIONS_CHAT_CONTROLS when set to false is to hide/disable the viewing of system prompt and other chat controls.

Actual Behavior

USER_PERMISSIONS_CHAT_CONTROLS is set to False, but Standard User is still able to open settings and change system prompt.

Steps to Reproduce

1. Start with clean Ubuntu 24.04 Install
2. Install docker via docker documentation
3. Start Docker
4. Start ollama in docker
5. clone openwebui to home directory
6. add to docker compose, USER_PERMISSIONS_CHAT_CONTROLS and set to False
7. enable signups for open-webui
8. use default env config variables
9. run docker compose file after edits.
10. open chrome browser in incognito
11. go to http://localhost:8080/ and login/create with admin vovxb@vovxb.com
12. go to admin Panel > users > create new user
13. create new user with name vovxb@gmail.com in SIGN UP not in admin panel
14. go to users > Edit Default Permissions, then set all toggles to off.
15. save
16. approve pending user
17. open new incognito window separately
18. log in with user vovxb@gmail.com
19. click profile in bottom left corner
20. click settings
21. change system prompt to say "you are a helpful assistant. User name is john Bob"
22. click save
23. type to chatbot
24. "hello, what's my name?"
25. chatbot responds "Hello, your name is John Bob"### Logs & Screenshots

2025-08-15 05:19:51.803 | INFO     | uvicorn.protocols.http.httptools_impl:send:476 - 97.70.83.24:0 - "GET /_app/version.json HTTP/1.1" 200
2025-08-15 05:19:55.433 | INFO     | uvicorn.protocols.http.httptools_impl:send:476 - 97.70.83.24:0 - "GET /static/favicon.png HTTP/1.1" 304
2025-08-15 05:19:55.451 | INFO     | uvicorn.protocols.http.httptools_impl:send:476 - 97.70.83.24:0 - "GET /ollama/api/version HTTP/1.1" 200
2025-08-15 05:19:55.452 | INFO     | uvicorn.protocols.http.httptools_impl:send:476 - 97.70.83.24:0 - "GET /static/favicon.png HTTP/1.1" 200
2025-08-15 05:19:55.472 | INFO     | uvicorn.protocols.http.httptools_impl:send:476 - 97.70.83.24:0 - "GET /api/v1/users/user/settings HTTP/1.1" 200

Additional Information

have tried on multiple computers, same result. no errors or warnings or anything related pop up in Logs for openwebui

Originally created by @y4shg on GitHub (Aug 15, 2025). ### Check Existing Issues - [x] I have searched the existing issues and discussions. - [x] I am using the latest version of Open WebUI. ### Installation Method Docker ### Open WebUI Version v0.6.22 ### Ollama Version (if applicable) v0.11.4 ### Operating System Ubuntu 24.04 ### Browser (if applicable) Chrome 139.0.7258.127/128 ### Confirmation - [x] I have read and followed all instructions in `README.md`. - [x] I am using the latest version of **both** Open WebUI and Ollama. - [x] I have included the browser console logs. - [x] I have included the Docker container logs. - [x] I have **provided every relevant configuration, setting, and environment variable used in my setup.** - [x] I have clearly **listed every relevant configuration, custom setting, environment variable, and command-line option that influences my setup** (such as Docker Compose overrides, .env values, browser settings, authentication configurations, etc). - [x] I have documented **step-by-step reproduction instructions that are precise, sequential, and leave nothing to interpretation**. My steps: - Start with the initial platform/version/OS and dependencies used, - Specify exact install/launch/configure commands, - List URLs visited, user input (incl. example values/emails/passwords if needed), - Describe all options and toggles enabled or changed, - Include any files or environmental changes, - Identify the expected and actual result at each stage, - Ensure any reasonably skilled user can follow and hit the same issue. ### Expected Behavior USER_PERMISSIONS_CHAT_CONTROLS when set to false is to hide/disable the viewing of system prompt and other chat controls. ### Actual Behavior USER_PERMISSIONS_CHAT_CONTROLS is set to False, but Standard User is still able to open settings and change system prompt. ### Steps to Reproduce 1. Start with clean Ubuntu 24.04 Install 2. Install docker via docker documentation 3. Start Docker 4. Start ollama in docker 5. clone openwebui to home directory 6. add to docker compose, USER_PERMISSIONS_CHAT_CONTROLS and set to False 7. enable signups for open-webui 8. use default env config variables 9. run docker compose file after edits. 10. open chrome browser in incognito 11. go to http://localhost:8080/ and login/create with admin vovxb@vovxb.com 12. go to admin Panel > users > create new user 13. create new user with name vovxb@gmail.com in SIGN UP not in admin panel 14. go to users > Edit Default Permissions, then set all toggles to off. 15. save 16. approve pending user 17. open new incognito window separately 18. log in with user vovxb@gmail.com 19. click profile in bottom left corner 20. click settings 21. change system prompt to say "you are a helpful assistant. User name is john Bob" 22. click save 23. type to chatbot 24. "hello, what's my name?" 25. chatbot responds "Hello, your name is John Bob"### Logs & Screenshots ``` 2025-08-15 05:19:51.803 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 97.70.83.24:0 - "GET /_app/version.json HTTP/1.1" 200 2025-08-15 05:19:55.433 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 97.70.83.24:0 - "GET /static/favicon.png HTTP/1.1" 304 2025-08-15 05:19:55.451 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 97.70.83.24:0 - "GET /ollama/api/version HTTP/1.1" 200 2025-08-15 05:19:55.452 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 97.70.83.24:0 - "GET /static/favicon.png HTTP/1.1" 200 2025-08-15 05:19:55.472 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 97.70.83.24:0 - "GET /api/v1/users/user/settings HTTP/1.1" 200 ``` ### Additional Information have tried on multiple computers, same result. no errors or warnings or anything related pop up in Logs for openwebui

GiteaMirror added the bug label 2025-11-11 16:45:00 -06:00

GiteaMirror closed this issue 2025-11-11 16:45:00 -06:00

GiteaMirror commented 2025-11-11 16:45:01 -06:00

Author

Owner

Copy Link

@y4shg commented on GitHub (Aug 15, 2025):

I have forgot to mention, This only happens if a user signs up through the sign up screen, waits in pending status, then gets approved. After that the user able to access system prompt. But if the admin directly adds the user through the admin panel such result does not happen and the user is unable to access system prompt.

@y4shg commented on GitHub (Aug 15, 2025): I have forgot to mention, This only happens if a user signs up through the sign up screen, waits in pending status, then gets approved. After that the user able to access system prompt. But if the admin directly adds the user through the admin panel such result does not happen and the user is unable to access system prompt.

GiteaMirror commented 2025-11-11 16:45:01 -06:00

Author

Owner

Copy Link

@tjbck commented on GitHub (Aug 17, 2025):

Unable to reproduce, keep us updated.

@tjbck commented on GitHub (Aug 17, 2025): Unable to reproduce, keep us updated.

GiteaMirror referenced this issue 2025-11-11 18:00:53 -06:00

[PR #6002] [MERGED] 0.3.33 #8606

GiteaMirror referenced this issue 2026-04-19 20:40:08 -05:00

[GH-ISSUE #6103] Functions action Button only works when you set to global using custom model #14242

GiteaMirror referenced this issue 2026-04-20 03:43:55 -05:00

[PR #6002] [MERGED] 0.3.33 #21810

GiteaMirror referenced this issue 2026-04-25 04:11:17 -05:00

[GH-ISSUE #6103] Functions action Button only works when you set to global using custom model #29770

GiteaMirror referenced this issue 2026-04-25 10:55:17 -05:00

[PR #6002] [MERGED] 0.3.33 #37440

GiteaMirror referenced this issue 2026-04-29 19:06:09 -05:00

[PR #6002] [MERGED] 0.3.33 #44858

GiteaMirror referenced this issue 2026-05-05 14:07:00 -05:00

[GH-ISSUE #6103] Functions action Button only works when you set to global using custom model #52908

GiteaMirror referenced this issue 2026-05-06 03:38:14 -05:00

[PR #6002] [MERGED] 0.3.33 #60666

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

dev

v0.9.2

v0.9.1

v0.9.0

v0.8.12

v0.8.11

v0.8.10

v0.8.9

v0.8.8

v0.8.7

v0.8.6

v0.8.5

v0.8.4

v0.8.3

v0.8.2

v0.8.1

v0.8.0

v0.7.2

v0.7.1

v0.7.0

v0.6.43

v0.6.42

v0.6.41

v0.6.40

v0.6.39

v0.6.38

v0.6.37

v0.6.36

v0.6.35

v0.6.34

v0.6.33

v0.6.32

v0.6.31

v0.6.30

v0.6.29

v0.6.28

v0.6.27

v0.6.26

v0.6.25

v0.6.24

v0.6.23

v0.6.22

v0.6.21

v0.6.20

v0.6.19

v0.6.18

v0.6.17

v0.6.16

v0.6.15

v0.6.14

v0.6.13

v0.6.12

v0.6.11

v0.6.10

v0.6.9

v0.6.8

v0.6.7

v0.6.6

v0.6.5

v0.6.4

v0.6.3

v0.6.2

v0.6.1

v0.6.0

v0.5.20

v0.5.19

v0.5.18

v0.5.17

v0.5.16

v0.5.15

v0.5.14

v0.5.13

v0.5.12

v0.5.11

v0.5.10

v0.5.9

v0.5.8

v0.5.7

v0.5.6

v0.5.5

v0.5.4

v0.5.3

v0.5.2

v0.5.1

v0.5.0

v0.4.8

v0.4.7

v0.4.6

v0.4.5

v0.4.4

v0.4.3

v0.4.2

v0.4.1

v0.4.0

v0.3.35

v0.3.34

v0.3.33

v0.3.32

v0.3.31

v0.3.30

v0.3.29

v0.3.28

v0.3.27

v0.3.26

v0.3.25

v0.3.24

v0.3.23

v0.3.22

v0.3.21

v0.3.20

v0.3.19

v0.3.18

v0.3.17

v0.3.16

v0.3.15

v0.3.14

v0.3.13

v0.3.12

v0.3.11

v0.3.10

v0.3.9

v0.3.8

v0.3.7

v0.3.6

v0.3.5

v0.3.4

v0.3.3

v0.3.2

v0.3.1

v0.3.0

v0.2.5

v0.2.4

v0.2.3

v0.2.2

v0.2.1

v0.2.0

v0.1.125

v0.1.124

v0.1.123

v0.1.122

v0.1.121

v0.1.120

v0.1.119

v0.1.118

v0.1.117

v0.1.116

v0.1.115

v0.1.114

v0.1.113

v0.1.112

v0.1.111

v0.1.110

v0.1.109

v0.1.108

v0.1.107

v0.1.106

v0.1.105

v0.1.104

v0.1.103

v0.1.102

Labels

Clear labels

bug

confirmed

confirmed issue

core

documentation

enhancement

good first issue

help wanted

non-core

pull-request

Mirrored from GitHub Pull Request

python

question

testing wanted

No Label bug

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

GiteaMirror ninjasurge

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/open-webui#6103