enhanced webui

2024-12-18 20:17:50 +00:00 · 2024-04-07 03:51:37 +02:00 · 2024-04-07 03:51:37 +02:00 · 526e79ac7d
commit 526e79ac7d
parent 309b1b3946
8 changed files with 238 additions and 222 deletions
--- a/endpoints/lollms_advanced.py
+++ b/endpoints/lollms_advanced.py
@ -14,7 +14,7 @@ from starlette.responses import StreamingResponse
 from lollms.types import MSG_TYPE
 from lollms.main_config import BaseConfig
 from lollms.utilities import detect_antiprompt, remove_text_from_string, trace_exception, show_yes_no_dialog
-from lollms.security import sanitize_path, forbid_remote_access
+from lollms.security import sanitize_path, forbid_remote_access, check_access
 from ascii_colors import ASCIIColors
 from lollms.databases.discussions_database import DiscussionsDB
 from pathlib import Path
@ -69,7 +69,7 @@ async def execute_code(request: CodeRequest):
    :param request: The HTTP request object.
    :return: A JSON response with the status of the operation.
    """
-    client = lollmsElfServer.session.get_client(request.client_id)
+    client = check_access(lollmsElfServer, request.client_id)
    if lollmsElfServer.config.headless_server_mode:
        return {"status":False,"error":"Code execution is blocked when in headless mode for obvious security reasons!"}

@ -146,17 +146,18 @@ async def open_file(file_path: FilePath):
            return {"status":False,"error":"User refused the opeining file!"}

    forbid_remote_access(lollmsElfServer)
+
    try:
        # Validate the 'path' parameter
-        path = sanitize_path(file_path.path)
-        if not validate_file_path(path):
-            return {"status":False,"error":"Invalid file path"}
-        
-        # Sanitize the 'path' parameter
-        path = os.path.realpath(path)
+        path = sanitize_path(file_path.path, allow_absolute_path=True)
        
+        if Path(path).exists():
            # Use subprocess.Popen to safely open the file
-        subprocess.Popen(["start", path])
+            ASCIIColors.yellow(f"Starting file : {path}")
+            if os.name == "nt": # if the operating system is Windows
+                subprocess.Popen(f'start {path}', shell=True)
+            else: # for other operating systems
+                subprocess.Popen([path], shell=True)
        
        return {"status": True, "execution_time": 0}
    
@ -184,24 +185,22 @@ async def open_folder(file_path: FilePath):
        return {"status":False,"error":"Open file is blocked when in headless mode for obvious security reasons!"}

    if lollmsElfServer.config.turn_on_open_file_validation:
-        if not show_yes_no_dialog("Validation","Do you validate the opening of a file?"):
-            return {"status":False,"error":"User refused the opeining file!"}
+        if not show_yes_no_dialog("Validation","Do you validate the opening of a folder?"):
+            return {"status":False,"error":"User refused the opening folder!"}

    forbid_remote_access(lollmsElfServer)
    try:
        # Validate the 'path' parameter
-        path = file_path.path
-       
-        # Sanitize the 'path' parameter
-        path = os.path.realpath(path)
-        
+        path = sanitize_path(file_path.path, allow_absolute_path=True)
+        ASCIIColors.yellow(f"Opening folder : {path}")
+        if Path(path).exists():
            # Use subprocess.Popen to safely open the file
            if platform.system() == 'Windows':
-            subprocess.Popen(f'explorer "{path}"')
+                subprocess.Popen(f'explorer "{path}"', shell=True)
            elif platform.system() == 'Linux':
-            subprocess.run(['xdg-open', str(path)], check=True)
+                subprocess.run(['xdg-open', str(path)], check=True, shell=True)
            elif platform.system() == 'Darwin':
-            subprocess.run(['open', str(path)], check=True)
+                subprocess.run(['open', str(path)], check=True, shell=True)

        
        return {"status": True, "execution_time": 0}
@ -220,7 +219,7 @@ class OpenCodeFolderInVsCodeRequestModel(BaseModel):
@router.post("/open_code_folder_in_vs_code")
 async def open_code_folder_in_vs_code(request: OpenCodeFolderInVsCodeRequestModel):

-    client = lollmsElfServer.session.get_client(request.client_id)
+    client = check_access(lollmsElfServer, request.client_id)

    if lollmsElfServer.config.headless_server_mode:
        return {"status":False,"error":"Open code folder in vscode is blocked when in headless mode for obvious security reasons!"}
@ -266,7 +265,8 @@ async def open_code_in_vs_code(vs_code_data: VSCodeData):
    :param vs_code_data: The data object.
    :return: A JSON response with the status of the operation.
    """
-    client = lollmsElfServer.session.get_client(vs_code_data.client_id)
+    client = check_access(lollmsElfServer, vs_code_data.client_id)
+
    if lollmsElfServer.config.headless_server_mode:
        return {"status":False,"error":"Open code in vs code is blocked when in headless mode for obvious security reasons!"}

@ -313,7 +313,8 @@ async def open_code_folder(request: FolderRequest):
    :param request: The HTTP request object.
    :return: A JSON response with the status of the operation.
    """
-    client = lollmsElfServer.session.get_client(request.client_id)
+    client = check_access(lollmsElfServer, request.client_id)
+
    if lollmsElfServer.config.headless_server_mode:
        return {"status":False,"error":"Open code folder is blocked when in headless mode for obvious security reasons!"}

--- a/2
+++ b/2
@ -1 +1 @@
-Subproject commit 8e5eb79117c6a9fa0e855737ccc9645f1fd167cb
+Subproject commit 45a0eb22e5affd944e06bcd9ffef2a4e3073c96c
--- a/lollms_webui.py
+++ b/lollms_webui.py
@ -981,7 +981,7 @@ class LOLLMSWebUI(LOLLMSElfServer):
            ASCIIColors.info("Running workflow")
            try:
                self.personality.callback = callback
-                self.personality.processor.run_workflow(prompt, full_prompt, callback, context_details)
+                self.personality.processor.run_workflow(prompt, full_prompt, callback, context_details,client=self.session.get_client(client_id))
            except Exception as ex:
                trace_exception(ex)
                # Catch the exception and get the traceback as a list of strings
--- a/web/dist/assets/index-1f22d0b2.js
+++ b/web/dist/assets/index-1f22d0b2.js
--- a/web/dist/assets/index-73306d64.css
+++ b/web/dist/assets/index-73306d64.css
--- a/web/dist/index.html
+++ b/web/dist/index.html
@ -6,8 +6,8 @@
    
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>LoLLMS WebUI - Welcome</title>
-    <script type="module" crossorigin src="/assets/index-68bc418e.js"></script>
-    <link rel="stylesheet" href="/assets/index-bc280c24.css">
+    <script type="module" crossorigin src="/assets/index-1f22d0b2.js"></script>
+    <link rel="stylesheet" href="/assets/index-73306d64.css">
  </head>
  <body>
    <div id="app"></div>
--- a/web/src/views/SettingsView.vue
+++ b/web/src/views/SettingsView.vue
@ -551,6 +551,21 @@
                                        </td>
                                        </tr>
                                        
+                                        <tr>
+                                        <td style="min-width: 200px;">
+                                            <label for="turn_on_open_file_validation" class="text-sm font-bold" style="margin-right: 1rem;">turn on code validation:</label>
+                                        </td>
+                                        <td style="width: 100%;">
+                                            <input
+                                            type="checkbox"
+                                            id="turn_on_open_file_validation"
+                                            required
+                                            v-model="configFile.turn_on_open_file_validation"
+                                            @change="settingsChanged=true"
+                                            class="mt-1 px-2 py-1 border border-gray-300 rounded  dark:bg-gray-600"
+                                            >
+                                        </td>
+                                        </tr>                                        
                                        <tr>
                                        <td style="min-width: 200px;">
                                            <label for="turn_on_code_validation" class="text-sm font-bold" style="margin-right: 1rem;">turn on code validation:</label>
--- a/zoos/personalities_zoo
+++ b/zoos/personalities_zoo
@ -1 +1 @@
-Subproject commit fa676e5e82c099211b45605408dc669e95f60658
+Subproject commit f4ea8361f9d4adbbf5cc3c7855983c97b3632400