phoenix/litellm
1
0
Fork 0
forked from phoenix/litellm-mirror
Code Pull requests Activity

feat - support litellm_changed_by

Browse source
This commit is contained in:
Ishaan Jaff 2024-06-08 16:02:18 -07:00
parent d88b63264b
commit 9c3c42fa4b
3 changed files with 54 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

1
litellm/proxy/_types.py
View file

@ -1305,6 +1305,7 @@ class LiteLLM_AuditLogs(LiteLLMBase):
id: str id: str
updated_at: datetime updated_at: datetime
changed_by: str changed_by: str
changed_by_api_key: Optional[str] = None
action: Literal["created", "updated", "deleted"] action: Literal["created", "updated", "deleted"]
table_name: Literal[ table_name: Literal[
LitellmTableNames.TEAM_TABLE_NAME, LitellmTableNames.TEAM_TABLE_NAME,

51
litellm/proxy/proxy_server.py
View file

@ -6426,7 +6426,10 @@ async def supported_openai_params(model: str):
async def generate_key_fn( async def generate_key_fn(
data: GenerateKeyRequest, data: GenerateKeyRequest,
user_api_key_dict: UserAPIKeyAuth = Depends(user_api_key_auth), user_api_key_dict: UserAPIKeyAuth = Depends(user_api_key_auth),
Authorization: Optional[str] = Header(None), litellm_changed_by: Optional[str] = Header(
None,
description="The litellm-changed-by header enables tracking of actions performed by authorized users on behalf of other users, providing an audit trail for accountability",
),
): ):
""" """
Generate an API key based on the provided data. Generate an API key based on the provided data.
@ -6611,8 +6614,10 @@ async def generate_key_fn(
request_data=LiteLLM_AuditLogs( request_data=LiteLLM_AuditLogs(
id=str(uuid.uuid4()), id=str(uuid.uuid4()),
updated_at=datetime.now(timezone.utc), updated_at=datetime.now(timezone.utc),
changed_by=user_api_key_dict.user_id changed_by=litellm_changed_by
or user_api_key_dict.user_id
or litellm_proxy_admin_name, or litellm_proxy_admin_name,
changed_by_api_key=user_api_key_dict.api_key,
table_name=LitellmTableNames.KEY_TABLE_NAME, table_name=LitellmTableNames.KEY_TABLE_NAME,
object_id=response.get("token_id", ""), object_id=response.get("token_id", ""),
action="created", action="created",
@ -6654,6 +6659,10 @@ async def update_key_fn(
request: Request, request: Request,
data: UpdateKeyRequest, data: UpdateKeyRequest,
user_api_key_dict: UserAPIKeyAuth = Depends(user_api_key_auth), user_api_key_dict: UserAPIKeyAuth = Depends(user_api_key_auth),
litellm_changed_by: Optional[str] = Header(
None,
description="The litellm-changed-by header enables tracking of actions performed by authorized users on behalf of other users, providing an audit trail for accountability",
),
): ):
""" """
Update an existing key Update an existing key
@ -6714,8 +6723,10 @@ async def update_key_fn(
request_data=LiteLLM_AuditLogs( request_data=LiteLLM_AuditLogs(
id=str(uuid.uuid4()), id=str(uuid.uuid4()),
updated_at=datetime.now(timezone.utc), updated_at=datetime.now(timezone.utc),
changed_by=user_api_key_dict.user_id changed_by=litellm_changed_by
or user_api_key_dict.user_id
or litellm_proxy_admin_name, or litellm_proxy_admin_name,
changed_by_api_key=user_api_key_dict.api_key,
table_name=LitellmTableNames.KEY_TABLE_NAME, table_name=LitellmTableNames.KEY_TABLE_NAME,
object_id=data.key, object_id=data.key,
action="updated", action="updated",
@ -6751,6 +6762,10 @@ async def update_key_fn(
async def delete_key_fn( async def delete_key_fn(
data: KeyRequest, data: KeyRequest,
user_api_key_dict: UserAPIKeyAuth = Depends(user_api_key_auth), user_api_key_dict: UserAPIKeyAuth = Depends(user_api_key_auth),
litellm_changed_by: Optional[str] = Header(
None,
description="The litellm-changed-by header enables tracking of actions performed by authorized users on behalf of other users, providing an audit trail for accountability",
),
): ):
""" """
Delete a key from the key management system. Delete a key from the key management system.
@ -6804,8 +6819,10 @@ async def delete_key_fn(
request_data=LiteLLM_AuditLogs( request_data=LiteLLM_AuditLogs(
id=str(uuid.uuid4()), id=str(uuid.uuid4()),
updated_at=datetime.now(timezone.utc), updated_at=datetime.now(timezone.utc),
changed_by=user_api_key_dict.user_id changed_by=litellm_changed_by
or user_api_key_dict.user_id
or litellm_proxy_admin_name, or litellm_proxy_admin_name,
changed_by_api_key=user_api_key_dict.api_key,
table_name=LitellmTableNames.KEY_TABLE_NAME, table_name=LitellmTableNames.KEY_TABLE_NAME,
object_id=key, object_id=key,
action="deleted", action="deleted",
@ -9809,6 +9826,10 @@ async def delete_end_user(
async def new_team( async def new_team(
data: NewTeamRequest, data: NewTeamRequest,
user_api_key_dict: UserAPIKeyAuth = Depends(user_api_key_auth), user_api_key_dict: UserAPIKeyAuth = Depends(user_api_key_auth),
litellm_changed_by: Optional[str] = Header(
None,
description="The litellm-changed-by header enables tracking of actions performed by authorized users on behalf of other users, providing an audit trail for accountability",
),
): ):
""" """
Allow users to create a new team. Apply user permissions to their team. Allow users to create a new team. Apply user permissions to their team.
@ -9983,7 +10004,10 @@ async def new_team(
request_data=LiteLLM_AuditLogs( request_data=LiteLLM_AuditLogs(
id=str(uuid.uuid4()), id=str(uuid.uuid4()),
updated_at=datetime.now(timezone.utc), updated_at=datetime.now(timezone.utc),
changed_by=user_api_key_dict.user_id or litellm_proxy_admin_name, changed_by=litellm_changed_by
or user_api_key_dict.user_id
or litellm_proxy_admin_name,
changed_by_api_key=user_api_key_dict.api_key,
table_name=LitellmTableNames.TEAM_TABLE_NAME, table_name=LitellmTableNames.TEAM_TABLE_NAME,
object_id=data.team_id, object_id=data.team_id,
action="created", action="created",
@ -10037,6 +10061,10 @@ async def create_audit_log_for_update(request_data: LiteLLM_AuditLogs):
async def update_team( async def update_team(
data: UpdateTeamRequest, data: UpdateTeamRequest,
user_api_key_dict: UserAPIKeyAuth = Depends(user_api_key_auth), user_api_key_dict: UserAPIKeyAuth = Depends(user_api_key_auth),
litellm_changed_by: Optional[str] = Header(
None,
description="The litellm-changed-by header enables tracking of actions performed by authorized users on behalf of other users, providing an audit trail for accountability",
),
): ):
""" """
Use `/team/member_add` AND `/team/member/delete` to add/remove new team members Use `/team/member_add` AND `/team/member/delete` to add/remove new team members
@ -10114,7 +10142,10 @@ async def update_team(
request_data=LiteLLM_AuditLogs( request_data=LiteLLM_AuditLogs(
id=str(uuid.uuid4()), id=str(uuid.uuid4()),
updated_at=datetime.now(timezone.utc), updated_at=datetime.now(timezone.utc),
changed_by=user_api_key_dict.user_id or litellm_proxy_admin_name, changed_by=litellm_changed_by
or user_api_key_dict.user_id
or litellm_proxy_admin_name,
changed_by_api_key=user_api_key_dict.api_key,
table_name=LitellmTableNames.TEAM_TABLE_NAME, table_name=LitellmTableNames.TEAM_TABLE_NAME,
object_id=data.team_id, object_id=data.team_id,
action="updated", action="updated",
@ -10360,6 +10391,10 @@ async def team_member_delete(
async def delete_team( async def delete_team(
data: DeleteTeamRequest, data: DeleteTeamRequest,
user_api_key_dict: UserAPIKeyAuth = Depends(user_api_key_auth), user_api_key_dict: UserAPIKeyAuth = Depends(user_api_key_auth),
litellm_changed_by: Optional[str] = Header(
None,
description="The litellm-changed-by header enables tracking of actions performed by authorized users on behalf of other users, providing an audit trail for accountability",
),
): ):
""" """
delete team and associated team keys delete team and associated team keys
@ -10411,8 +10446,10 @@ async def delete_team(
request_data=LiteLLM_AuditLogs( request_data=LiteLLM_AuditLogs(
id=str(uuid.uuid4()), id=str(uuid.uuid4()),
updated_at=datetime.now(timezone.utc), updated_at=datetime.now(timezone.utc),
changed_by=user_api_key_dict.user_id changed_by=litellm_changed_by
or user_api_key_dict.user_id
or litellm_proxy_admin_name, or litellm_proxy_admin_name,
changed_by_api_key=user_api_key_dict.api_key,
table_name=LitellmTableNames.TEAM_TABLE_NAME, table_name=LitellmTableNames.TEAM_TABLE_NAME,
object_id=team_id, object_id=team_id,
action="deleted", action="deleted",

17
schema.prisma
View file

@ -247,12 +247,13 @@ model LiteLLM_InvitationLink {
model LiteLLM_AuditLog { model LiteLLM_AuditLog {
id String @id @default(uuid()) id String @id @default(uuid())
updated_at DateTime @default(now()) updated_at DateTime @default(now())
changed_by String // user or system that performed the action changed_by String @default("") // user or system that performed the action
action String // create, update, delete changed_by_api_key String @default("") // api key hash that performed the action
table_name String // on of LitellmTableNames.TEAM_TABLE_NAME, LitellmTableNames.USER_TABLE_NAME, LitellmTableNames.PROXY_MODEL_TABLE_NAME, action String // create, update, delete
object_id String // id of the object being audited. This can be the key id, team id, user id, model id table_name String // on of LitellmTableNames.TEAM_TABLE_NAME, LitellmTableNames.USER_TABLE_NAME, LitellmTableNames.PROXY_MODEL_TABLE_NAME,
before_value Json? // value of the row object_id String // id of the object being audited. This can be the key id, team id, user id, model id
updated_values Json? // value of the row after change before_value Json? // value of the row
updated_values Json? // value of the row after change
} }