mirror of
https://github.com/Mintplex-Labs/anything-llm.git
synced 2026-07-19 14:13:35 -04:00
Closed
opened 2026-02-22 18:35:38 -05:00 by yindo
·
0 comments
No Branch/Tag Specified
master
5846-bug-when-scrolling-up-scrolling-jumps
refactor-remove-workspace-pfp
5969-bug-stopgenerationbutton-disappears-on-the-first-prompt-that-initiates-an-agent-session
2235-bug-how-to-upload-a-folder-with-subfolders-with-files-to-anythingllm
5990-workspace-update-fails-with-unknown-argument-router_id-v1130v1150-intel-mac
opencomputer-examples
pg
feat/image-generation-translations
feat/image-generation
5924-bug-meeting-summary-fails-with-sincludes-is-not-a-function-when-default-llm-is-anthropic-claude
render
feat/uniform-modal-component
5883-bug-unescaped-content-in-json-strings-being-passed-to-document-generator-tools
5901-bug-api-update-embeddings-fails-prisma-argument-filename-is-missing-on-workspace_documentscreate-desktop-windows-v1141
hybrid-search
1981-translations
5752-bug-prompts-to-local-jan-endpoint-unresponsive
feat-disable-native-tool-calling-env-var
5676-bug-non-ollama-agent-providers-do-not-parse-and-present-reasoning-content
feat/markdown-web-scraping
5717-bug-apiv1documentupload-silently-drops-metadata-field-in-desktop-1130-arg-count-mismatch-nested-payload-key
fix/aibitat-context-overflow
5711-bug-erratic-deepseek-v4-flash-the-agent-model-failed-to-respond-400-the-reasoning_content
5631-feat-custom-api-request-timeouts-for-ai-providers
feat-reasoning-control
feat-agent-clarifying-questions-translations
5583-bug-lm-studio-provider-does-not-present-reasoning-output
5313-normalize-translations
feat/memory-translations
5305-lemonade-embedding-engine-swallows-errors-falsely-reports-documents-as-embedded
5060-bug-agent-interactions-agent-are-not-persisted-to-thread-history-via-api
pptx-subagent
feat-render-images-from-mcp-tool-results
stt-provider-expansion-openai-api-compatible
feat-file-search-agent-tool
feat-native-embedder-job-queue
5189-normalize-translations
feat-file-search-agent-tool-translations
i18n-eslint
5140-auto-migration
5112-bug-openrouter-failed-message-bug
3506-feat-parameters-for-openrouter-models
4992-feat-preserve-scroll-position
4973-bug-markdown-numbered-list-display-in-reasoning-pane
desktop
4938-bug-pending-chat-rerendering-ui-bug
quickstart-env
node-llama-cpp-in-container-cuda
node-llama-cpp-in-container
ollama-in-container
4817-feat-set-cooldown-per-mcp-server
4845-keyboard-shortcuts-to-navigate-in-chat
4844-feat-reorder-threads-by-latest-interaction
standardize-username-constraints-normalize-translations
4792-feat-refactor-workspacepfp-image
1382-embed-ip-improvements
1382-bug-embed-api-improvements
refactor-eslint-frontend
4687-feat-refactor-vector-db-providers
4615-feat-disable-apidocs-with-environment-variable
4559-feat-agent-web-search-enable-ordering-of-results
4599-bug-ollama-race-condition-bug
4572-bug-lmstudio-provided-llm-stopped-working-with-anything-llm-after-upgrading-to-190
4508-agent-youtube-transcript-analysis
4497-feat-workspace-names
frontend-eslint
ollama-lmstudio-auto-context-window
4431-validate-vector-database-connectioN
2019-slash-command-keyboard-selection
microsoft-foundry-provider
4431-validate-vector-database-connection
4325-sys-prompt-var-improvements
3209-feat-apiv1workspacestream-chat-sources-citations
4210-bug-voice-to-text-overwrite
4136-feat-jan-as-a-backend-server-option
4172-feat-openai-o3-support
1.8.3-rerelease
web-push-notifications-service
tasks
3955-feat-jinaai-embedder-provider-support
3921-feat-agent-skills-uiux-improvements
3901-bug-validfunccall-checks-optional-arguments
keyboard-dev
1787-custom-roles-and-permissions
add-jira-slack-data-connector
office-extension-wip
lightmode-dropdown-color-update
3586-bug-agent-flow-function-description-provided-by-user-is-not-seen-in-the-llm-query
3463-bug-agent-continues-to-run-if-request-failed-even-after-exit
3439-feat-call-variables-within-the-flow-api-block-url-field
3282-manager-view-models-workspace
3280-token-counting-server-side-truncation-improvements
3147-bug-embedded-chat-widget---not-considering-query-mode-option-always-working-in-chat-mode
2995-feat-disable-temperature-setting-for-deepseek-r1-deepseek-reasoner-model
2827-feat-perplexity-citations
2866-feat-finally-a-gemini-models-endpoint
2647-feat-hpp-header-for-a-c++-code-file-mime-addition
lancedb-revert
1656-feat-implement-tooltip-ui-designs
2011-feat-bump-perplexity-models
1873-feat-auto-add-and-watch-folder-for-document-uploads
1297-feat-gemini-agent-support
1759-bug-ui-bug-fixes
1686-feat-implement-winston-for-logging
1536-bug-toggling-on-users-can-delete-workspaces-does-not-take-effect
agent-ui-mobile-styles
1522-feat-chromadb-support
1595-bug-unable-to-get-live-web-search-and-browsing-agent-working-using-google-custom-search-engine-error-getaddrinfo-enotfound-http-errno-3008
1582-bug-lm-studio-does-not-allow-for-different-model-selection
1312-bug-usernames-should-not-be-case-sensitive-when-logging-in
1029-feat-hf-serverless-inference-api
1086-feat-implement-normalized-input-fields
knowledge-graph-support
644-bug-uploaded-file-name-does-not-match-the-displayed-file-name-after-the-upload
v1.15.0
v1.14.2
v1.14.1
v1.14.0
v1.13.0
v1.12.1
v1.12.0
v1.11.2
v1.11.1
v1.11.0
v1.10.0
v1.9.1
v1.9.0
v1.8.5
v1.8.4
v1.8.3
v1.8.2
v1.8.1
v1.8.0
v1.7.8
v1.7.6
v1.7.5
v1.7.4
v1.4.0
v1.3.0
v1.2.4
v1.2.3
v1.2.2
v1.2.1
v1.2.0
v1.1.1
v1.1.0
v1.0.0
Labels
Clear labels
Desktop
Docker
Integration Request
Integration Request
OS: Linux
OS: Mobile
OS: Windows
UI/UX
blocked
bug
bug
core-team-only
documentation
duplicate
embed-widget
enhancement
feature request
github_actions
good first issue
investigating
needs info / can't replicate
possible bug
pull-request
question
stage: specifications
wontfix
Mirrored from GitHub Pull Request
No Label
pull-request
Milestone
No items
No Milestone
Projects
Clear projects
No project
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: Mintplex-Labs/anything-llm#4342
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
📋 Pull Request Information
Original PR: https://github.com/Mintplex-Labs/anything-llm/pull/3638
Author: @felixfaassen
Created: 4/13/2025
Status: ❌ Closed
Base:
master← Head:issue-3347📝 Commits (5)
ccf0287Add document upload permissions for regular users with quota management5d8b009fix: Update document upload endpoints to use canUploadDocuments middlewareb5b66b9docs: Add documentation for document upload permissions2de1357style: Format code to match project style guidelines458eaedchore: Add docker-compose.override.yml to gitignore📊 Changes
18 files changed (+363 additions, -38 deletions)
View changed files
📝
.gitignore(+1 -0)📝
README.md(+1 -1)➕
docker/docker-compose.override.yml(+4 -0)📝
frontend/src/components/WorkspaceChat/ChatContainer/DnDWrapper/index.jsx(+8 -5)📝
frontend/src/components/WorkspaceChat/ChatContainer/PromptInput/AttachItem/index.jsx(+2 -1)📝
frontend/src/pages/Admin/Users/UserRow/EditUserModal/index.jsx(+23 -1)📝
frontend/src/pages/Admin/Users/index.jsx(+62 -0)📝
server/endpoints/api/document/index.js(+10 -7)📝
server/endpoints/document.js(+6 -3)📝
server/endpoints/workspaces.js(+9 -18)📝
server/models/documents.js(+15 -0)📝
server/models/user.js(+44 -0)➕
server/prisma/migrations/20250413101107_add_document_upload_permissions/migration.sql(+44 -0)📝
server/prisma/migrations/migration_lock.toml(+2 -2)📝
server/prisma/schema.prisma(+7 -0)📝
server/swagger/openapi.json(+21 -0)➕
server/utils/middleware/USER_PERMISSIONS.md(+71 -0)📝
server/utils/middleware/validatedRequest.js(+33 -0)📄 Description
Pull Request Type
Relevant Issues
https://github.com/Mintplex-Labs/anything-llm/issues/3347
resolves #3347
What is in this change?
This Pull Request implements a feature that allows administrators to grant document upload permissions to regular users in multi-user mode, with the ability to set upload quotas. Previously, only admin
and manager roles could upload documents to workspaces.
Feature Overview:
- Regular users can now be granted document upload permissions by administrators
- A quota system limits how many documents a regular user can upload
- Added canUploadDocuments (boolean) field to User model
- Added documentUploadLimit (integer) field to User model
- Added document ownership tracking (uploadedBy field in workspace_documents)
- New canUploadDocuments middleware to enforce permissions
- Permission check considers both permission flag and upload quota
- All document upload endpoints now use this middleware
- Added UI in Admin panel for enabling/disabling document upload permissions
- Added UI for setting document upload quotas
- Conditional rendering for upload buttons based on permissions
- Regular users can only upload to workspaces they have access to
- Quotas prevent excessive uploads
- All uploads go through the same content validation process
Technical Implementation:
- Modified Prisma schema to add new user fields
- Created relation between users and documents
- Implemented canUploadDocuments middleware that checks both permission flag and remaining quota
- Updated all document upload endpoints to use the new middleware:
- Added comprehensive documentation for the feature in USER_PERMISSIONS.md
- Updated README to mention the new granular permissions system
This PR addresses issue #3347 by expanding AnythingLLM's permission system to give administrators more control over who can upload documents while maintaining security and preventing resource abuse
through the quota system.
Additional Information
This PR introduces a significant enhancement to AnythingLLM's multi-user permission system by allowing finer-grained control over document uploads. Some additional context worth noting:
- Organizations can now delegate document upload capabilities to trusted regular users without needing to grant them full manager privileges
- This creates a more flexible workflow where subject matter experts can contribute documents while maintaining appropriate access control
- We chose to extend the existing permission system rather than creating a new role type
- This approach preserves backward compatibility and minimizes changes to the existing role system
- The implementation builds on the established middleware pattern already used throughout the application
- The document count per user is tracked efficiently to maintain performance
- Permission checks only cause minimal overhead during document upload operations
- This permission framework could serve as a model for other granular permissions in the future
- The quota system pattern could be adapted for other resource limitations (e.g., API usage, workspace creation)
- Tested extensively in Docker environment with multi-user mode enabled
- Verified that all document upload endpoints correctly respect the new permission system
- Confirmed UI elements appear/disappear appropriately based on permissions
- We deliberately chose to make document upload permissions administrator-controlled only
- The decision to track document ownership allows for potential future features (such as user-specific document management)
- Regular users are shown upload UI elements only when they have permission, providing a cleaner experience
This enhancement balances security with flexibility, giving administrators more control over how users interact with the system while maintaining AnythingLLM's robust permission model.
Developer Validations
yarn lintfrom the root of the repo & committed changes🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.
[PR #3638] PR #3347 - Default User File Uploadto [PR #3638] [CLOSED] PR #3347 - Default User File Upload