diff --git a/backend/ee/onyx/server/enterprise_settings/api.py b/backend/ee/onyx/server/enterprise_settings/api.py index dbc89acd2..d849ab399 100644 --- a/backend/ee/onyx/server/enterprise_settings/api.py +++ b/backend/ee/onyx/server/enterprise_settings/api.py @@ -15,8 +15,8 @@ from sqlalchemy.orm import Session from ee.onyx.server.enterprise_settings.models import AnalyticsScriptUpload from ee.onyx.server.enterprise_settings.models import EnterpriseSettings -from ee.onyx.server.enterprise_settings.store import _LOGO_FILENAME -from ee.onyx.server.enterprise_settings.store import _LOGOTYPE_FILENAME +from ee.onyx.server.enterprise_settings.store import get_logo_filename +from ee.onyx.server.enterprise_settings.store import get_logotype_filename from ee.onyx.server.enterprise_settings.store import load_analytics_script from ee.onyx.server.enterprise_settings.store import load_settings from ee.onyx.server.enterprise_settings.store import store_analytics_script @@ -28,7 +28,7 @@ from onyx.auth.users import get_user_manager from onyx.auth.users import UserManager from onyx.db.engine import get_session from onyx.db.models import User -from onyx.file_store.file_store import get_default_file_store +from onyx.file_store.file_store import PostgresBackedFileStore from onyx.utils.logger import setup_logger admin_router = APIRouter(prefix="/admin/enterprise-settings") @@ -131,31 +131,49 @@ def put_logo( upload_logo(file=file, db_session=db_session, is_logotype=is_logotype) -def fetch_logo_or_logotype(is_logotype: bool, db_session: Session) -> Response: +def fetch_logo_helper(db_session: Session) -> Response: try: - file_store = get_default_file_store(db_session) - filename = _LOGOTYPE_FILENAME if is_logotype else _LOGO_FILENAME - file_io = file_store.read_file(filename, mode="b") - # NOTE: specifying "image/jpeg" here, but it still works for pngs - # TODO: do this properly - return Response(content=file_io.read(), media_type="image/jpeg") + file_store = PostgresBackedFileStore(db_session) + onyx_file = file_store.get_file_with_mime_type(get_logo_filename()) + if not onyx_file: + raise ValueError("get_onyx_file returned None!") except Exception: raise HTTPException( status_code=404, - detail=f"No {'logotype' if is_logotype else 'logo'} file found", + detail="No logo file found", ) + else: + return Response(content=onyx_file.data, media_type=onyx_file.mime_type) + + +def fetch_logotype_helper(db_session: Session) -> Response: + try: + file_store = PostgresBackedFileStore(db_session) + onyx_file = file_store.get_file_with_mime_type(get_logotype_filename()) + if not onyx_file: + raise ValueError("get_onyx_file returned None!") + except Exception: + raise HTTPException( + status_code=404, + detail="No logotype file found", + ) + else: + return Response(content=onyx_file.data, media_type=onyx_file.mime_type) @basic_router.get("/logotype") def fetch_logotype(db_session: Session = Depends(get_session)) -> Response: - return fetch_logo_or_logotype(is_logotype=True, db_session=db_session) + return fetch_logotype_helper(db_session) @basic_router.get("/logo") def fetch_logo( is_logotype: bool = False, db_session: Session = Depends(get_session) ) -> Response: - return fetch_logo_or_logotype(is_logotype=is_logotype, db_session=db_session) + if is_logotype: + return fetch_logotype_helper(db_session) + + return fetch_logo_helper(db_session) @admin_router.put("/custom-analytics-script") diff --git a/backend/ee/onyx/server/enterprise_settings/store.py b/backend/ee/onyx/server/enterprise_settings/store.py index 65a4dd5bf..f7d0e8535 100644 --- a/backend/ee/onyx/server/enterprise_settings/store.py +++ b/backend/ee/onyx/server/enterprise_settings/store.py @@ -13,6 +13,7 @@ from ee.onyx.server.enterprise_settings.models import EnterpriseSettings from onyx.configs.constants import FileOrigin from onyx.configs.constants import KV_CUSTOM_ANALYTICS_SCRIPT_KEY from onyx.configs.constants import KV_ENTERPRISE_SETTINGS_KEY +from onyx.configs.constants import ONYX_DEFAULT_APPLICATION_NAME from onyx.file_store.file_store import get_default_file_store from onyx.key_value_store.factory import get_kv_store from onyx.key_value_store.interface import KvKeyNotFoundError @@ -21,8 +22,18 @@ from onyx.utils.logger import setup_logger logger = setup_logger() +_LOGO_FILENAME = "__logo__" +_LOGOTYPE_FILENAME = "__logotype__" + def load_settings() -> EnterpriseSettings: + """Loads settings data directly from DB. This should be used primarily + for checking what is actually in the DB, aka for editing and saving back settings. + + Runtime settings actually used by the application should be checked with + load_runtime_settings as defaults may be applied at runtime. + """ + dynamic_config_store = get_kv_store() try: settings = EnterpriseSettings( @@ -36,9 +47,24 @@ def load_settings() -> EnterpriseSettings: def store_settings(settings: EnterpriseSettings) -> None: + """Stores settings directly to the kv store / db.""" + get_kv_store().store(KV_ENTERPRISE_SETTINGS_KEY, settings.model_dump()) +def load_runtime_settings() -> EnterpriseSettings: + """Loads settings from DB and applies any defaults or transformations for use + at runtime. + + Should not be stored back to the DB. + """ + enterprise_settings = load_settings() + if not enterprise_settings.application_name: + enterprise_settings.application_name = ONYX_DEFAULT_APPLICATION_NAME + + return enterprise_settings + + _CUSTOM_ANALYTICS_SECRET_KEY = os.environ.get("CUSTOM_ANALYTICS_SECRET_KEY") @@ -60,10 +86,6 @@ def store_analytics_script(analytics_script_upload: AnalyticsScriptUpload) -> No get_kv_store().store(KV_CUSTOM_ANALYTICS_SCRIPT_KEY, analytics_script_upload.script) -_LOGO_FILENAME = "__logo__" -_LOGOTYPE_FILENAME = "__logotype__" - - def is_valid_file_type(filename: str) -> bool: valid_extensions = (".png", ".jpg", ".jpeg") return filename.endswith(valid_extensions) @@ -116,3 +138,11 @@ def upload_logo( file_type=file_type, ) return True + + +def get_logo_filename() -> str: + return _LOGO_FILENAME + + +def get_logotype_filename() -> str: + return _LOGOTYPE_FILENAME diff --git a/backend/onyx/auth/email_utils.py b/backend/onyx/auth/email_utils.py index 15d3fc8ec..1c84eb9c6 100644 --- a/backend/onyx/auth/email_utils.py +++ b/backend/onyx/auth/email_utils.py @@ -1,5 +1,6 @@ import smtplib from datetime import datetime +from email.mime.image import MIMEImage from email.mime.multipart import MIMEMultipart from email.mime.text import MIMEText from email.utils import formatdate @@ -13,8 +14,13 @@ from onyx.configs.app_configs import SMTP_SERVER from onyx.configs.app_configs import SMTP_USER from onyx.configs.app_configs import WEB_DOMAIN from onyx.configs.constants import AuthType +from onyx.configs.constants import ONYX_DEFAULT_APPLICATION_NAME +from onyx.configs.constants import ONYX_SLACK_URL from onyx.configs.constants import TENANT_ID_COOKIE_NAME from onyx.db.models import User +from onyx.server.runtime.onyx_runtime import OnyxRuntime +from onyx.utils.file import FileWithMimeType +from onyx.utils.variable_functionality import fetch_versioned_implementation from shared_configs.configs import MULTI_TENANT HTML_EMAIL_TEMPLATE = """\ @@ -97,8 +103,8 @@ HTML_EMAIL_TEMPLATE = """\ Onyx Logo @@ -113,9 +119,8 @@ HTML_EMAIL_TEMPLATE = """\ - © {year} Onyx. All rights reserved. -
- Have questions? Join our Slack community here. + © {year} {application_name}. All rights reserved. + {slack_fragment} @@ -125,17 +130,27 @@ HTML_EMAIL_TEMPLATE = """\ def build_html_email( - heading: str, message: str, cta_text: str | None = None, cta_link: str | None = None + application_name: str | None, + heading: str, + message: str, + cta_text: str | None = None, + cta_link: str | None = None, ) -> str: + slack_fragment = "" + if application_name == ONYX_DEFAULT_APPLICATION_NAME: + slack_fragment = f'
Have questions? Join our Slack community here.' + if cta_text and cta_link: cta_block = f'{cta_text}' else: cta_block = "" return HTML_EMAIL_TEMPLATE.format( + application_name=application_name, title=heading, heading=heading, message=message, cta_block=cta_block, + slack_fragment=slack_fragment, year=datetime.now().year, ) @@ -146,6 +161,7 @@ def send_email( html_body: str, text_body: str, mail_from: str = EMAIL_FROM, + inline_png: tuple[str, bytes] | None = None, ) -> None: if not EMAIL_CONFIGURED: raise ValueError("Email is not configured.") @@ -164,6 +180,12 @@ def send_email( msg.attach(part_text) msg.attach(part_html) + if inline_png: + img = MIMEImage(inline_png[1], _subtype="png") + img.add_header("Content-ID", inline_png[0]) # CID reference + img.add_header("Content-Disposition", "inline", filename=inline_png[0]) + msg.attach(img) + try: with smtplib.SMTP(SMTP_SERVER, SMTP_PORT) as s: s.starttls() @@ -174,8 +196,21 @@ def send_email( def send_subscription_cancellation_email(user_email: str) -> None: + """This is templated but isn't meaningful for whitelabeling.""" + # Example usage of the reusable HTML - subject = "Your Onyx Subscription Has Been Canceled" + try: + load_runtime_settings_fn = fetch_versioned_implementation( + "onyx.server.enterprise_settings.store", "load_runtime_settings" + ) + settings = load_runtime_settings_fn() + application_name = settings.application_name + except ModuleNotFoundError: + application_name = ONYX_DEFAULT_APPLICATION_NAME + + onyx_file = OnyxRuntime.get_emailable_logo() + + subject = f"Your {application_name} Subscription Has Been Canceled" heading = "Subscription Canceled" message = ( "

We're sorry to see you go.

" @@ -184,23 +219,48 @@ def send_subscription_cancellation_email(user_email: str) -> None: ) cta_text = "Renew Subscription" cta_link = "https://www.onyx.app/pricing" - html_content = build_html_email(heading, message, cta_text, cta_link) + html_content = build_html_email( + application_name, + heading, + message, + cta_text, + cta_link, + ) text_content = ( "We're sorry to see you go.\n" "Your subscription has been canceled and will end on your next billing date.\n" "If you change your mind, visit https://www.onyx.app/pricing" ) - send_email(user_email, subject, html_content, text_content) + send_email( + user_email, + subject, + html_content, + text_content, + inline_png=("logo.png", onyx_file.data), + ) def send_user_email_invite( user_email: str, current_user: User, auth_type: AuthType ) -> None: - subject = "Invitation to Join Onyx Organization" + onyx_file: FileWithMimeType | None = None + + try: + load_runtime_settings_fn = fetch_versioned_implementation( + "onyx.server.enterprise_settings.store", "load_runtime_settings" + ) + settings = load_runtime_settings_fn() + application_name = settings.application_name + except ModuleNotFoundError: + application_name = ONYX_DEFAULT_APPLICATION_NAME + + onyx_file = OnyxRuntime.get_emailable_logo() + + subject = f"Invitation to Join {application_name} Organization" heading = "You've Been Invited!" # the exact action taken by the user, and thus the message, depends on the auth type - message = f"

You have been invited by {current_user.email} to join an organization on Onyx.

" + message = f"

You have been invited by {current_user.email} to join an organization on {application_name}.

" if auth_type == AuthType.CLOUD: message += ( "

To join the organization, please click the button below to set a password " @@ -226,19 +286,32 @@ def send_user_email_invite( cta_text = "Join Organization" cta_link = f"{WEB_DOMAIN}/auth/signup?email={user_email}" - html_content = build_html_email(heading, message, cta_text, cta_link) + + html_content = build_html_email( + application_name, + heading, + message, + cta_text, + cta_link, + ) # text content is the fallback for clients that don't support HTML # not as critical, so not having special cases for each auth type text_content = ( - f"You have been invited by {current_user.email} to join an organization on Onyx.\n" + f"You have been invited by {current_user.email} to join an organization on {application_name}.\n" "To join the organization, please visit the following link:\n" f"{WEB_DOMAIN}/auth/signup?email={user_email}\n" ) if auth_type == AuthType.CLOUD: text_content += "You'll be asked to set a password or login with Google to complete your registration." - send_email(user_email, subject, html_content, text_content) + send_email( + user_email, + subject, + html_content, + text_content, + inline_png=("logo.png", onyx_file.data), + ) def send_forgot_password_email( @@ -248,14 +321,36 @@ def send_forgot_password_email( mail_from: str = EMAIL_FROM, ) -> None: # Builds a forgot password email with or without fancy HTML - subject = "Onyx Forgot Password" + try: + load_runtime_settings_fn = fetch_versioned_implementation( + "onyx.server.enterprise_settings.store", "load_runtime_settings" + ) + settings = load_runtime_settings_fn() + application_name = settings.application_name + except ModuleNotFoundError: + application_name = ONYX_DEFAULT_APPLICATION_NAME + + onyx_file = OnyxRuntime.get_emailable_logo() + + subject = f"{application_name} Forgot Password" link = f"{WEB_DOMAIN}/auth/reset-password?token={token}" if MULTI_TENANT: link += f"&{TENANT_ID_COOKIE_NAME}={tenant_id}" message = f"

Click the following link to reset your password:

{link}

" - html_content = build_html_email("Reset Your Password", message) + html_content = build_html_email( + application_name, + "Reset Your Password", + message, + ) text_content = f"Click the following link to reset your password: {link}" - send_email(user_email, subject, html_content, text_content, mail_from) + send_email( + user_email, + subject, + html_content, + text_content, + mail_from, + inline_png=("logo.png", onyx_file.data), + ) def send_user_verification_email( @@ -264,11 +359,33 @@ def send_user_verification_email( mail_from: str = EMAIL_FROM, ) -> None: # Builds a verification email - subject = "Onyx Email Verification" + try: + load_runtime_settings_fn = fetch_versioned_implementation( + "onyx.server.enterprise_settings.store", "load_runtime_settings" + ) + settings = load_runtime_settings_fn() + application_name = settings.application_name + except ModuleNotFoundError: + application_name = ONYX_DEFAULT_APPLICATION_NAME + + onyx_file = OnyxRuntime.get_emailable_logo() + + subject = f"{application_name} Email Verification" link = f"{WEB_DOMAIN}/auth/verify-email?token={token}" message = ( f"

Click the following link to verify your email address:

{link}

" ) - html_content = build_html_email("Verify Your Email", message) + html_content = build_html_email( + application_name, + "Verify Your Email", + message, + ) text_content = f"Click the following link to verify your email address: {link}" - send_email(user_email, subject, html_content, text_content, mail_from) + send_email( + user_email, + subject, + html_content, + text_content, + mail_from, + inline_png=("logo.png", onyx_file.data), + ) diff --git a/backend/onyx/configs/app_configs.py b/backend/onyx/configs/app_configs.py index 211ed3fc1..17e992582 100644 --- a/backend/onyx/configs/app_configs.py +++ b/backend/onyx/configs/app_configs.py @@ -33,6 +33,10 @@ GENERATIVE_MODEL_ACCESS_CHECK_FREQ = int( ) # 1 day DISABLE_GENERATIVE_AI = os.environ.get("DISABLE_GENERATIVE_AI", "").lower() == "true" +# Controls whether to allow admin query history reports with: +# 1. associated user emails +# 2. anonymized user emails +# 3. no queries ONYX_QUERY_HISTORY_TYPE = QueryHistoryType( (os.environ.get("ONYX_QUERY_HISTORY_TYPE") or QueryHistoryType.NORMAL.value).lower() ) diff --git a/backend/onyx/configs/constants.py b/backend/onyx/configs/constants.py index 4fe52c8e7..80545c064 100644 --- a/backend/onyx/configs/constants.py +++ b/backend/onyx/configs/constants.py @@ -3,6 +3,10 @@ import socket from enum import auto from enum import Enum +ONYX_DEFAULT_APPLICATION_NAME = "Onyx" +ONYX_SLACK_URL = "https://join.slack.com/t/onyx-dot-app/shared_invite/zt-2twesxdr6-5iQitKZQpgq~hYIZ~dv3KA" +ONYX_EMAILABLE_LOGO_MAX_DIM = 512 + SOURCE_TYPE = "source_type" # stored in the `metadata` of a chunk. Used to signify that this chunk should # not be used for QA. For example, Google Drive file types which can't be parsed @@ -40,6 +44,7 @@ DISABLED_GEN_AI_MSG = ( "You can still use Onyx as a search engine." ) + DEFAULT_PERSONA_ID = 0 DEFAULT_CC_PAIR_ID = 1 diff --git a/backend/onyx/file_store/file_store.py b/backend/onyx/file_store/file_store.py index 9d86602dd..b042c8680 100644 --- a/backend/onyx/file_store/file_store.py +++ b/backend/onyx/file_store/file_store.py @@ -1,7 +1,9 @@ from abc import ABC from abc import abstractmethod +from typing import cast from typing import IO +import puremagic from sqlalchemy.orm import Session from onyx.configs.constants import FileOrigin @@ -12,6 +14,7 @@ from onyx.db.pg_file_store import delete_pgfilestore_by_file_name from onyx.db.pg_file_store import get_pgfilestore_by_file_name from onyx.db.pg_file_store import read_lobj from onyx.db.pg_file_store import upsert_pgfilestore +from onyx.utils.file import FileWithMimeType class FileStore(ABC): @@ -140,6 +143,18 @@ class PostgresBackedFileStore(FileStore): self.db_session.rollback() raise + def get_file_with_mime_type(self, filename: str) -> FileWithMimeType | None: + mime_type: str = "application/octet-stream" + try: + file_io = self.read_file(filename, mode="b") + file_content = file_io.read() + matches = puremagic.magic_string(file_content) + if matches: + mime_type = cast(str, matches[0].mime_type) + return FileWithMimeType(data=file_content, mime_type=mime_type) + except Exception: + return None + def get_default_file_store(db_session: Session) -> FileStore: # The only supported file store now is the Postgres File Store diff --git a/backend/onyx/server/manage/users.py b/backend/onyx/server/manage/users.py index 0a2e358ba..26be15f70 100644 --- a/backend/onyx/server/manage/users.py +++ b/backend/onyx/server/manage/users.py @@ -351,9 +351,11 @@ def remove_invited_user( user_emails = get_invited_users() remaining_users = [user for user in user_emails if user != user_email.user_email] - fetch_ee_implementation_or_noop( - "onyx.server.tenants.user_mapping", "remove_users_from_tenant", None - )([user_email.user_email], tenant_id) + if MULTI_TENANT: + fetch_ee_implementation_or_noop( + "onyx.server.tenants.user_mapping", "remove_users_from_tenant", None + )([user_email.user_email], tenant_id) + number_of_invited_users = write_invited_users(remaining_users) try: diff --git a/backend/onyx/server/runtime/onyx_runtime.py b/backend/onyx/server/runtime/onyx_runtime.py new file mode 100644 index 000000000..a77c27881 --- /dev/null +++ b/backend/onyx/server/runtime/onyx_runtime.py @@ -0,0 +1,89 @@ +import io + +from PIL import Image + +from onyx.configs.constants import ONYX_EMAILABLE_LOGO_MAX_DIM +from onyx.db.engine import get_session_with_shared_schema +from onyx.file_store.file_store import PostgresBackedFileStore +from onyx.utils.file import FileWithMimeType +from onyx.utils.file import OnyxStaticFileManager +from onyx.utils.variable_functionality import ( + fetch_ee_implementation_or_noop, +) + + +class OnyxRuntime: + """Used by the application to get the final runtime value of a setting. + + Rationale: Settings and overrides may be persisted in multiple places, including the + DB, Redis, env vars, and default constants, etc. The logic to present a final + setting to the application should be centralized and in one place. + + Example: To get the logo for the application, one must check the DB for an override, + use the override if present, fall back to the filesystem if not present, and worry + about enterprise or not enterprise. + """ + + @staticmethod + def _get_with_static_fallback( + db_filename: str | None, static_filename: str + ) -> FileWithMimeType: + onyx_file: FileWithMimeType | None = None + + if db_filename: + with get_session_with_shared_schema() as db_session: + file_store = PostgresBackedFileStore(db_session) + onyx_file = file_store.get_file_with_mime_type(db_filename) + + if not onyx_file: + onyx_file = OnyxStaticFileManager.get_static(static_filename) + + if not onyx_file: + raise RuntimeError( + f"Resource not found: db={db_filename} static={static_filename}" + ) + + return onyx_file + + @staticmethod + def get_logo() -> FileWithMimeType: + STATIC_FILENAME = "static/images/logo.png" + + db_filename: str | None = fetch_ee_implementation_or_noop( + "onyx.server.enterprise_settings.store", "get_logo_filename", None + ) + + return OnyxRuntime._get_with_static_fallback(db_filename, STATIC_FILENAME) + + @staticmethod + def get_emailable_logo() -> FileWithMimeType: + onyx_file = OnyxRuntime.get_logo() + + # check dimensions and resize downwards if necessary or if not PNG + image = Image.open(io.BytesIO(onyx_file.data)) + if ( + image.size[0] > ONYX_EMAILABLE_LOGO_MAX_DIM + or image.size[1] > ONYX_EMAILABLE_LOGO_MAX_DIM + or image.format != "PNG" + ): + image.thumbnail( + (ONYX_EMAILABLE_LOGO_MAX_DIM, ONYX_EMAILABLE_LOGO_MAX_DIM), + Image.LANCZOS, + ) # maintains aspect ratio + output_buffer = io.BytesIO() + image.save(output_buffer, format="PNG") + onyx_file = FileWithMimeType( + data=output_buffer.getvalue(), mime_type="image/png" + ) + + return onyx_file + + @staticmethod + def get_logotype() -> FileWithMimeType: + STATIC_FILENAME = "static/images/logotype.png" + + db_filename: str | None = fetch_ee_implementation_or_noop( + "onyx.server.enterprise_settings.store", "get_logotype_filename", None + ) + + return OnyxRuntime._get_with_static_fallback(db_filename, STATIC_FILENAME) diff --git a/backend/onyx/utils/file.py b/backend/onyx/utils/file.py new file mode 100644 index 000000000..f62077063 --- /dev/null +++ b/backend/onyx/utils/file.py @@ -0,0 +1,36 @@ +from typing import cast + +import puremagic +from pydantic import BaseModel + +from onyx.utils.logger import setup_logger + +logger = setup_logger() + + +class FileWithMimeType(BaseModel): + data: bytes + mime_type: str + + +class OnyxStaticFileManager: + """Retrieve static resources with this class. Currently, these should all be located + in the static directory ... e.g. static/images/logo.png""" + + @staticmethod + def get_static(filename: str) -> FileWithMimeType | None: + try: + mime_type: str = "application/octet-stream" + with open(filename, "rb") as f: + file_content = f.read() + matches = puremagic.magic_string(file_content) + if matches: + mime_type = cast(str, matches[0].mime_type) + except (OSError, FileNotFoundError, PermissionError) as e: + logger.error(f"Failed to read file {filename}: {e}") + return None + except Exception as e: + logger.error(f"Unexpected exception reading file {filename}: {e}") + return None + + return FileWithMimeType(data=file_content, mime_type=mime_type) diff --git a/backend/requirements/default.txt b/backend/requirements/default.txt index 9bae3b12e..b014d340f 100644 --- a/backend/requirements/default.txt +++ b/backend/requirements/default.txt @@ -52,6 +52,7 @@ openpyxl==3.1.2 playwright==1.41.2 psutil==5.9.5 psycopg2-binary==2.9.9 +puremagic==1.28 pyairtable==3.0.1 pycryptodome==3.19.1 pydantic==2.8.2 diff --git a/backend/static/images/logo.png b/backend/static/images/logo.png new file mode 100644 index 000000000..0a5aecd7c Binary files /dev/null and b/backend/static/images/logo.png differ diff --git a/backend/static/images/logotype.png b/backend/static/images/logotype.png new file mode 100644 index 000000000..509e2c714 Binary files /dev/null and b/backend/static/images/logotype.png differ