fix(proxy/_types.py): fixes issue where internal user able to escalat… (#8740)

* fix(proxy/_types.py): fixes issue where internal user able to escalate their role with ui key Fixes https://github.com/BerriAI/litellm/issues/8029 * style: cleanup * test: handle bedrock instability
2025-04-26 11:14:04 +00:00 · 2025-02-22 22:59:58 -08:00 · 2025-02-22 22:59:58 -08:00 · fd5939f2b0
commit fd5939f2b0
parent d82fa10f93
3 changed files with 24 additions and 14 deletions
--- a/litellm/proxy/_types.py
+++ b/litellm/proxy/_types.py
@ -279,6 +279,7 @@ class LiteLLMRoutes(enum.Enum):
        "/model_group/info",
        "/health",
        "/key/list",
+        "/user/filter/ui",
    ]

    # NOTE: ROUTES ONLY FOR MASTER KEY - only the Master Key should be able to Reset Spend
@ -355,7 +356,6 @@ class LiteLLMRoutes(enum.Enum):
        "/key/info",
        "/config",
        "/spend",
-        "/user",
        "/model/info",
        "/v2/model/info",
        "/v2/key/info",
@ -1569,6 +1569,11 @@ class LiteLLM_UserTable(LiteLLMPydanticObjectBase):
    model_config = ConfigDict(protected_namespaces=())


+class LiteLLM_UserTableFiltered(BaseModel):  # done to avoid exposing sensitive data
+    user_id: str
+    user_email: str
+
+
 class LiteLLM_EndUserTable(LiteLLMPydanticObjectBase):
    user_id: str
    blocked: bool
--- a/litellm/proxy/management_endpoints/internal_user_endpoints.py
+++ b/litellm/proxy/management_endpoints/internal_user_endpoints.py
@ -950,7 +950,7 @@ async def add_internal_user_to_organization(
    dependencies=[Depends(user_api_key_auth)],
    include_in_schema=False,
    responses={
-        200: {"model": List[LiteLLM_UserTable]},
+        200: {"model": List[LiteLLM_UserTableFiltered]},
    },
 )
 async def ui_view_users(
@ -1006,17 +1006,19 @@ async def ui_view_users(
            }

        # Query users with pagination and filters
-        users = await prisma_client.db.litellm_usertable.find_many(
+        users: Optional[List[BaseModel]] = (
+            await prisma_client.db.litellm_usertable.find_many(
                where=where_conditions,
                skip=skip,
                take=page_size,
                order={"created_at": "desc"},
            )
+        )

        if not users:
            return []

-        return users
+        return [LiteLLM_UserTableFiltered(**user.model_dump()) for user in users]

    except Exception as e:
        raise HTTPException(status_code=500, detail=f"Error searching users: {str(e)}")
--- a/tests/llm_translation/test_bedrock_completion.py
+++ b/tests/llm_translation/test_bedrock_completion.py
@ -2559,12 +2559,15 @@ async def test_bedrock_document_understanding(image_url):
        },
    ]

+    try:
        response = await acompletion(
            model=model,
            messages=[{"role": "user", "content": image_content}],
        )
        assert response is not None
        assert response.choices[0].message.content != ""
+    except litellm.ServiceUnavailableError as e:
+        pytest.skip("Skipping test due to ServiceUnavailableError")


 def test_bedrock_custom_proxy():