diff --git a/.gitignore b/.gitignore index aaa7577d..02f0c972 100644 --- a/.gitignore +++ b/.gitignore @@ -43,5 +43,5 @@ flask_session **/sample_pie.csv **/sample_stacked_column.csv tmp**cwd -tmp_images -nul \ No newline at end of file +/tmp_images +nul diff --git a/application/single_app/config.py b/application/single_app/config.py index a6a3bc99..7094a3c5 100644 --- a/application/single_app/config.py +++ b/application/single_app/config.py @@ -88,7 +88,7 @@ EXECUTOR_TYPE = 'thread' EXECUTOR_MAX_WORKERS = 30 SESSION_TYPE = 'filesystem' -VERSION = "0.238.024" +VERSION = "0.238.025" SECRET_KEY = os.getenv('SECRET_KEY', 'dev-secret-key-change-in-production') diff --git a/application/single_app/route_backend_public_workspaces.py b/application/single_app/route_backend_public_workspaces.py index bce82787..ffe679eb 100644 --- a/application/single_app/route_backend_public_workspaces.py +++ b/application/single_app/route_backend_public_workspaces.py @@ -297,15 +297,8 @@ def api_set_active_public_workspace(): if not ws: return jsonify({"error": "Workspace not found"}), 404 - # verify membership - is_member = ( - ws["owner"]["userId"] == user_id or - user_id in ws.get("admins", []) or - any(dm["userId"] == user_id for dm in ws.get("documentManagers", [])) - ) - if not is_member: - return jsonify({"error": "Not a member"}), 403 - + # Public workspaces are accessible to all authenticated users for chat. + # No membership check needed — any user can set a public workspace as active. update_active_public_workspace_for_user(user_id, ws_id) return jsonify({"message": f"Active set to {ws_id}"}), 200 diff --git a/application/single_app/static/js/agent_modal_stepper.js b/application/single_app/static/js/agent_modal_stepper.js index 800751be..022cae20 100644 --- a/application/single_app/static/js/agent_modal_stepper.js +++ b/application/single_app/static/js/agent_modal_stepper.js @@ -1,6 +1,6 @@ // agent_modal_stepper.js // Multi-step modal functionality for agent creation -import { showToast } from "./chat/chat-toast.js"; +import { showToast } from "../chat/chat-toast.js"; import * as agentsCommon from "./agents_common.js"; import { getModelSupportedLevels } from "./chat/chat-reasoning.js"; diff --git a/application/single_app/static/js/agent_templates_gallery.js b/application/single_app/static/js/agent_templates_gallery.js index 428ebf70..df8147d9 100644 --- a/application/single_app/static/js/agent_templates_gallery.js +++ b/application/single_app/static/js/agent_templates_gallery.js @@ -1,7 +1,7 @@ // agent_templates_gallery.js // Dynamically renders the agent template gallery within the agent builder -import { showToast } from "./chat/chat-toast.js"; +import { showToast } from "../chat/chat-toast.js"; const gallerySelector = ".agent-template-gallery"; let cachedTemplates = null; diff --git a/application/single_app/static/js/control-center.js b/application/single_app/static/js/control-center.js index 7e79d22a..1cc0664f 100644 --- a/application/single_app/static/js/control-center.js +++ b/application/single_app/static/js/control-center.js @@ -2,7 +2,7 @@ // Control Center JavaScript functionality // Handles user management, pagination, modals, and API interactions -import { showToast } from "./chat/chat-toast.js"; +import { showToast } from "../chat/chat-toast.js"; function parseDateKey(dateStr) { if (!dateStr) { diff --git a/application/single_app/static/js/plugin_modal_stepper.js b/application/single_app/static/js/plugin_modal_stepper.js index 89076076..2eb04839 100644 --- a/application/single_app/static/js/plugin_modal_stepper.js +++ b/application/single_app/static/js/plugin_modal_stepper.js @@ -1,6 +1,6 @@ // plugin_modal_stepper.js // Multi-step modal functionality for action/plugin creation -import { showToast } from "./chat/chat-toast.js"; +import { showToast } from "../chat/chat-toast.js"; export class PluginModalStepper { diff --git a/application/single_app/static/js/workspace-manager.js b/application/single_app/static/js/workspace-manager.js index 7b540af7..e8bdac7d 100644 --- a/application/single_app/static/js/workspace-manager.js +++ b/application/single_app/static/js/workspace-manager.js @@ -1,7 +1,7 @@ // workspace-manager.js // Public Workspace Management Functionality -import { showToast } from "./chat/chat-toast.js"; +import { showToast } from "../chat/chat-toast.js"; window.WorkspaceManager = { currentWorkspaceId: null, diff --git a/docs/explanation/release_notes.md b/docs/explanation/release_notes.md index 5f2e3788..48e0e4ac 100644 --- a/docs/explanation/release_notes.md +++ b/docs/explanation/release_notes.md @@ -2,6 +2,17 @@ # Feature Release +### **(v0.238.025)** + +#### Bug Fixes + +* **Public Workspace setActive 403 Fix** + * Fixed issue where non-owner/admin/document-manager users received a 403 "Not a member" error when trying to activate a public workspace for chat. + * Root cause was an overly restrictive membership check on the `/api/public_workspaces/setActive` endpoint that only allowed owners, admins, and document managers — even though public workspaces are intended to be accessible to all authenticated users for chatting. + * Removed the membership verification from the `setActive` endpoint; the route still requires authentication (`@login_required`, `@user_required`) and the public workspaces feature flag (`@enabled_required`). + * Other admin-level endpoints (listing members, viewing stats, ownership transfer) retain their membership checks. + * (Ref: `route_backend_public_workspaces.py`, `api_set_active_public_workspace`) + ### **(v0.238.024)** #### New Features diff --git a/docs/images/workflow-admin_settings_updates.png b/docs/images/workflow-admin_settings_updates.png new file mode 100644 index 00000000..201fcfc8 Binary files /dev/null and b/docs/images/workflow-admin_settings_updates.png differ diff --git a/docs/images/workflow-retention_policy.png b/docs/images/workflow-retention_policy.png new file mode 100644 index 00000000..377b8326 Binary files /dev/null and b/docs/images/workflow-retention_policy.png differ diff --git a/docs/images/workflow-web_search.png b/docs/images/workflow-web_search.png new file mode 100644 index 00000000..a0a862aa Binary files /dev/null and b/docs/images/workflow-web_search.png differ diff --git a/docs/images/workflow-workspace_document_upload.png b/docs/images/workflow-workspace_document_upload.png new file mode 100644 index 00000000..af13e7e7 Binary files /dev/null and b/docs/images/workflow-workspace_document_upload.png differ