^h" SrSSKJrJrJrJr SSKJr SSK7 S\ S\\ S\ 4Sjr S\ S \\\ \\ \\ 444S jrSS \ S\\ S \4S jjrg )z Auth Checks for Organizations )DictListOptionalTuple)status)* request_body user_objectroutec UcgURSS5nUS:XagUR[RR:wa?[ SUR3[ RRS[RS9eUR[RR:XagU[RR;Ga,[U5upEURc6[ SUS3[ RRS[RS9eUc2[ S [ RRS[RS9eURU5nUc6[ S US 3[ RRS[RS9eU[RR:wa>[ S US USUS U3[ RRS[RS9egUS:Xa[U5upEURb[UR5S:aUc5[ SU3[ RRS[RS9eURU5nU[RR:wa;[ SUSUS U3[ RRS[RS9egggg)aF Role based access control checks only run if a user is part of an Organization Organization Checks: ONLY RUN IF user_object.organization_memberships is not None 1. Only Proxy Admins can access /organization/new 2. IF route is a LiteLLMRoutes.org_admin_only_routes, then check if user is an Org Admin for that organization Norganization_idz/organization/newz8Only proxy admins can create new organizations. You are user_role)messagetypeparamcodezTried to access route=z` but you are not a member of any organization. Please contact the proxy admin to request access.zNPassed organization_id is None, please pass an organization_id in your requestzQYou do not have a role within the selected organization. Passed organization_id: z:. Please contact the organization admin to request access.z-You do not have the required role to perform z in Organization z. Your role is z /team/newrz|Passed organization_id is None, please specify the organization_id in your request. You are part of multiple organizations: z*You do not have the required role to call )getrLitellmUserRoles PROXY_ADMINvalueProxyExceptionProxyErrorTypes auth_errorrHTTP_401_UNAUTHORIZED LiteLLMRoutesorg_admin_only_routesget_user_organization_infoorganization_memberships ORG_ADMINlen)r r r passed_organization_id_user_organizations_user_organization_role_mappingr_user_role_in_passed_orgs e/home/james-whalen/.local/lib/python3.13/site-packages/litellm/proxy/auth/auth_checks_organization.py$organization_role_based_access_checkr& sD ,8,<,<=NPT,U ##  $4$@$@$F$F F RS^ShShRij$//55!11   0 < < B BB 33999 &{ 3 =  / / 7 08XY$//55'11   " ) h$//55'11  1P0S0S "1    kmClDD~$//55'11   (2288 8 GwN_`v_wxGHQGRRcdzc{|$//55!11   9 +  '{ 3 =  0 0 <K889A=%-$[\o[pq(3399+55 (G'J'J&( $(+;+E+E+K+KK$H_w^xyJKaJbc(3399%55 L> = returnc/n0nURbUURHEnURcMURUR5 URX#R'MG X4$)an Helper function to extract user organization information. Args: user_object (LiteLLM_UserTable): The user object containing organization memberships. Returns: Tuple[List[str], Dict[str, Optional[LitellmUserRoles]]]: A tuple containing: - List of organization IDs the user is a member of - Dictionary mapping organization IDs to user roles )rr appendr)r r"r# _memberships r%rrrsm&(MO#++7&??K**6#**;+F+FGOZOdOd/0K0KL@  ??r'N request_datacURSS5cgUcgURcgURHOnURURSS5:XdM%UR[R R :XdMO g g)zQ Helper function to check if user is an org admin for the passed organization_id r NFT)rrr rrrr)r,r r+s r%_user_is_org_adminr.s)408++3";;  & &,*:*:;Ld*S S$$(8(B(B(H(HH< r')N)__doc__typingrrrrfastapirlitellm.proxy._typesdictLiteLLM_UserTablestrr&rrboolr.r'r%r8s/."cc+,c cL@"@ 49d3)9 ::; ;<@804+, r'