The HTTP email route guard `_assert_owns_account` and the explicit-account_id path in `_get_email_config` gated cross-tenant access with `if row.owner and row.owner != owner` -- which skips the check entirely when the account row is owner-less (owner NULL or ""). `email_accounts` is the one owner-scoped table left out of the legacy-owner migration backfill (core/database.py), so such rows persist on multi-user deploys: an account configured while auth was disabled, or an imported legacy row. Any authenticated user could then pass that account's id to read/send/update-credentials/delete another tenant's mailbox and read its decrypted IMAP/SMTP creds. Both sibling paths already enforce the intended contract -- the same-file `_owner_or_matching_legacy_account` fallback and the MCP `_account_visible_to_owner` gate (whose comment says it mirrors "the HTTP email route fallback") only expose an owner-less account when its own mailbox (imap_user / from_address) is the caller's. Factor that row-level predicate into `_account_visible_to_owner` and use it in both guards, so owner-less accounts are visible only on a mailbox match. Owned accounts, the legacy-claim path, and single-user mode (owner == "") are unchanged. Complements #5234 (which fixes the same class on the MCP tool layer); this is the HTTP route layer it does not touch.
A self-hosted AI workspace for chat, agents, research, documents, email, notes, calendar, and local model workflows.
Quick Start · Setup Guide · Contributing · Roadmap
Quick Start
devis the default branch and gets the newest changes first. Usemainif you want the more curated branch.
git clone https://github.com/pewdiepie-archdaemon/odysseus.git
cd odysseus
cp .env.example .env
docker compose up -d --build
Open http://localhost:7000 when the containers are healthy. The first admin password is printed in docker compose logs odysseus.
Native installs, GPU notes, Windows/macOS instructions, HTTPS, and configuration live in the setup guide.
Features
- Chat + Agents — local/API models, tools, MCP, files, shell, skills, and memory.
- Cookbook — hardware-aware model recommendations, downloads, and serving.
- Deep Research — multi-step web research with source reading and report generation.
- Compare — blind side-by-side model testing and synthesis.
- Documents — writing-first editor with AI edits, suggestions, Markdown, HTML, CSV, and syntax highlighting.
- Email — IMAP/SMTP inbox with triage, tags, summaries, reminders, and reply drafts.
- Notes, Tasks + Calendar — reminders, todos, scheduled agent tasks, and CalDAV sync.
- Extras — gallery/image editor, themes, uploads, web search, presets, sessions, and 2FA.
Demo
A full hover-to-play tour lives on the landing page: docs/index.html.
Contributing
Help is welcome. The best entry points are fresh-install testing, provider setup bugs, mobile/editor polish, docs, and small focused refactors. See CONTRIBUTING.md and ROADMAP.md.
Security
Odysseus is a self-hosted workspace with powerful local tools. Keep auth enabled, keep private data out of Git, and do not expose raw model/service ports publicly. Deployment details are in the setup guide.
Star History
License
AGPL-3.0-or-later -- see LICENSE and ACKNOWLEDGMENTS.md.

