Skip to content

Edit member - don't allow changing user email/id - just role #10406

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Edit member - don't allow changing user email/id - just role #10406

wants to merge 1 commit into from
+73 −18

Conversation

NANDINI-star
Copy link
Contributor

Edit member - don't allow changing user email/id - just role

This PR enhances the team member update functionality in the /team/member_update endpoint. Key improvements include stricter controls around identity fields and expanded support for role management.

Relevant issues

Pre-Submission checklist

Please complete all items before asking a LiteLLM maintainer to review your PR

-> I have added test in the existing tests/test_team.py

  • I have added a screenshot of my new test passing locally
  • My PR passes all unit tests on (make test-unit)[https://docs.litellm.ai/docs/extras/contributing_code]
  • My PR's scope is as isolated as possible, it only solves 1 specific problem

Type

🐛 Bug Fix
✅ Test

Changes

  • Made user_id and user_email read-only during member updates. User must be able to update only the role.
Screenshot 2025-04-29 at 7 36 50 PM
  • Enabled updating the role field for a team member via the API.
  • Ensured user_email is always included in the response for consistency.
  • Added role to the /team/member_update response to reflect updated values.
  • Added a backend test to verify that the member’s role is correctly updated in the database.
Screenshot 2025-04-29 at 8 53 31 PM

@NANDINI-star
disable edit email and userid
c80910c 
- disable editing email and userid
- make email and userid read only when editing member
- allow updating role
- user_email should not be null in the response
- add role in the /member_update response
- add backend test to verify if the role is updated
@vercel Vercel
Copy link

vercel bot commented Apr 29, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
litellm ✅ Ready (Inspect) Visit Preview 💬 Add feedback Apr 29, 2025 11:57am

@krrishdholakia
Copy link
Contributor

is the change on the backend, that the user can be updated by user_email?

@NANDINI-star
Copy link
Contributor Author

@krrishdholakia

At first it looks like only a frontend change, but we do send user_email as a part of the request in /member_update endpoint. Since we're not allowing it to be sent as a part of the request anymore, changes had to be made in the backend too.

Changes made on frontend - Disable the input fields for email id and user id.

Changes made on backend - Since we're only going to focus on editing member's role, these changes were added in the backend to maintain the integrity of the/member_update endpoint functionality.

  • We won't be sending user_email in the request for /member_update anymore, this resulted in user_email: null in the response. Changes are added to avoid receiving a user_email: null in the response.
  • Added role to the response since we will be updating the role.
  • Added tests for the above.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@NANDINI-star @krrishdholakia