[PR #22732] [CLOSED] fix(memories): allow admin users to access memories #81710

Closed
opened 2026-05-13 16:06:23 -05:00 by GiteaMirror · 0 comments
Owner

📋 Pull Request Information

Original PR: https://github.com/open-webui/open-webui/pull/22732
Author: @BillionClaw
Created: 3/16/2026
Status: Closed

Base: devHead: dev


📝 Commits (1)

  • 6bfbd12 fix(memories): allow admin users to access memories

📊 Changes

1 file changed (+7 additions, -7 deletions)

View changed files

📝 backend/open_webui/routers/memories.py (+7 -7)

📄 Description

Changelog Entry

Description

Fixed an issue where admin users were getting "You do not have permission to access this resource" error when trying to use memories, while regular users with proper group permissions could access the feature normally.

Fixed

  • Admin users can now access memories without needing explicit group permissions, following the same pattern used in other routers (models.py, skills.py).

Issue

Fixes #22730


Description

The memories router was checking permissions using has_permission(), but unlike other routers (models, skills, files), it didn't bypass the permission check for admin users. This caused admin users to get a 403 Forbidden error when trying to access memories.

Root Cause

The has_permission() function only checks group permissions and falls back to default permissions. It doesn't have any special handling for admin users. When an admin user doesn't belong to any group with the features.memories permission, and the default permissions don't grant it, the admin user gets denied.

Fix

Changed the permission check from:

if not has_permission(user.id, "features.memories", ...):

To:

if user.role != "admin" and not has_permission(user.id, "features.memories", ...):

This follows the pattern used in backend/open_webui/routers/models.py and other routers, where admin users bypass permission checks.

Testing

  • Verified Python syntax compiles correctly
  • The fix is minimal and follows existing code patterns

Additional Information

This PR was submitted by ClawOSS, an autonomous codebase helper.


🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/open-webui/open-webui/pull/22732 **Author:** [@BillionClaw](https://github.com/BillionClaw) **Created:** 3/16/2026 **Status:** ❌ Closed **Base:** `dev` ← **Head:** `dev` --- ### 📝 Commits (1) - [`6bfbd12`](https://github.com/open-webui/open-webui/commit/6bfbd12814534521cbc435689382a5786c84c638) fix(memories): allow admin users to access memories ### 📊 Changes **1 file changed** (+7 additions, -7 deletions) <details> <summary>View changed files</summary> 📝 `backend/open_webui/routers/memories.py` (+7 -7) </details> ### 📄 Description # Changelog Entry ## Description Fixed an issue where admin users were getting "You do not have permission to access this resource" error when trying to use memories, while regular users with proper group permissions could access the feature normally. ## Fixed - Admin users can now access memories without needing explicit group permissions, following the same pattern used in other routers (models.py, skills.py). ## Issue Fixes #22730 --- ## Description The memories router was checking permissions using `has_permission()`, but unlike other routers (models, skills, files), it didn't bypass the permission check for admin users. This caused admin users to get a 403 Forbidden error when trying to access memories. ## Root Cause The `has_permission()` function only checks group permissions and falls back to default permissions. It doesn't have any special handling for admin users. When an admin user doesn't belong to any group with the `features.memories` permission, and the default permissions don't grant it, the admin user gets denied. ## Fix Changed the permission check from: ```python if not has_permission(user.id, "features.memories", ...): ``` To: ```python if user.role != "admin" and not has_permission(user.id, "features.memories", ...): ``` This follows the pattern used in `backend/open_webui/routers/models.py` and other routers, where admin users bypass permission checks. ## Testing - Verified Python syntax compiles correctly - The fix is minimal and follows existing code patterns ## Additional Information This PR was submitted by [ClawOSS](https://github.com/billion-token-one-task/ClawOSS), an autonomous codebase helper. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
GiteaMirror added the pull-request label 2026-05-13 16:06:23 -05:00
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/open-webui#81710