phoenix/litellm-mirror
0
0
Fork 1
mirror of https://github.com/BerriAI/litellm.git synced 2025-04-28 04:04:31 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

(feat) only allow master key to update users

Browse source
This commit is contained in:
ishaan-jaff 2024-02-03 14:16:14 -08:00
parent d1623339f0
commit 351d93b474
1 changed files with 5 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

6
litellm/proxy/proxy_server.py
View file

@ -554,7 +554,6 @@ async def user_api_key_auth(
db=custom_db_client, db=custom_db_client,
) )
) )
if ( if (
route.startswith("/key/") route.startswith("/key/")
or route.startswith("/user/") or route.startswith("/user/")
@ -589,6 +588,11 @@ async def user_api_key_auth(
status_code=status.HTTP_403_FORBIDDEN, status_code=status.HTTP_403_FORBIDDEN,
detail="user not allowed to access this key's info", detail="user not allowed to access this key's info",
) )
elif route == "/user/update":
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="only proxy admin can update user settings. Tried calling `/user/update`",
)
elif route == "/model/info": elif route == "/model/info":
# /model/info just shows models user has access to # /model/info just shows models user has access to
pass pass