litellm-enterprise 0.1.29__tar.gz → 0.1.31__tar.gz

{litellm_enterprise-0.1.29 → litellm_enterprise-0.1.31}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: litellm-enterprise
-Version: 0.1.29
+Version: 0.1.31
 Summary: Package for LiteLLM Enterprise features
 License-File: LICENSE.md
 Author: BerriAI

{litellm_enterprise-0.1.29 → litellm_enterprise-0.1.31}/litellm_enterprise/enterprise_callbacks/send_emails/base_email.py

@@ -30,8 +30,15 @@ from litellm.integrations.email_templates.user_invitation_email import (
 from litellm.integrations.email_templates.templates import (
     MAX_BUDGET_ALERT_EMAIL_TEMPLATE,
     SOFT_BUDGET_ALERT_EMAIL_TEMPLATE,
+    TEAM_SOFT_BUDGET_ALERT_EMAIL_TEMPLATE,
+)
+from litellm.proxy._types import (
+    CallInfo,
+    InvitationNew,
+    Litellm_EntityType,
+    UserAPIKeyAuth,
+    WebhookEvent,
 )
-from litellm.proxy._types import CallInfo, InvitationNew, UserAPIKeyAuth, WebhookEvent
 from litellm.secret_managers.main import get_secret_bool
 from litellm.types.integrations.slack_alerting import LITELLM_LOGO_URL
 from litellm.constants import (
@@ -217,6 +224,78 @@ class BaseEmailLogger(CustomLogger):
         )
         pass
 
+    async def send_team_soft_budget_alert_email(self, event: WebhookEvent):
+        """
+        Send email to team members when team soft budget is crossed
+        Supports multiple recipients via alert_emails field from team metadata
+        """
+        # Collect all recipient emails
+        recipient_emails: List[str] = []
+        
+        # Add additional alert emails from team metadata.soft_budget_alert_emails
+        if hasattr(event, "alert_emails") and event.alert_emails:
+            for email in event.alert_emails:
+                if email and email not in recipient_emails:  # Avoid duplicates
+                    recipient_emails.append(email)
+        
+        # If no recipients found, skip sending
+        if not recipient_emails:
+            verbose_proxy_logger.warning(
+                f"No recipient emails found for team soft budget alert. event={event.model_dump(exclude_none=True)}"
+            )
+            return
+
+        # Validate that we have at least one valid email address
+        first_recipient_email = recipient_emails[0]
+        if not first_recipient_email or not first_recipient_email.strip():
+            verbose_proxy_logger.warning(
+                f"Invalid recipient email found for team soft budget alert. event={event.model_dump(exclude_none=True)}"
+            )
+            return
+
+        verbose_proxy_logger.debug(
+            f"send_team_soft_budget_alert_email_event: {json.dumps(event.model_dump(exclude_none=True), indent=4, default=str)}"
+        )
+
+        # Get email params using the first recipient email (for template formatting)
+        # For team alerts with alert_emails, we don't need user_id lookup since we already have email addresses
+        # Pass user_id=None to prevent _get_email_params from trying to look up email from a potentially None user_id
+        email_params = await self._get_email_params(
+            email_event=EmailEvent.soft_budget_crossed,
+            user_id=None,  # Team alerts don't require user_id when alert_emails are provided
+            user_email=first_recipient_email,
+            event_message=event.event_message,
+        )
+
+        # Format budget values
+        soft_budget_str = f"${event.soft_budget}" if event.soft_budget is not None else "N/A"
+        spend_str = f"${event.spend}" if event.spend is not None else "$0.00"
+        max_budget_info = ""
+        if event.max_budget is not None:
+            max_budget_info = f"<b>Maximum Budget:</b> ${event.max_budget} <br />"
+
+        # Use team alias or generic greeting
+        team_alias = event.team_alias or "Team"
+
+        email_html_content = TEAM_SOFT_BUDGET_ALERT_EMAIL_TEMPLATE.format(
+            email_logo_url=email_params.logo_url,
+            team_alias=team_alias,
+            soft_budget=soft_budget_str,
+            spend=spend_str,
+            max_budget_info=max_budget_info,
+            base_url=email_params.base_url,
+            email_support_contact=email_params.support_contact,
+        )
+        
+        # Send email to all recipients
+        await self.send_email(
+            from_email=self.DEFAULT_LITELLM_EMAIL,
+            to_email=recipient_emails,
+            subject=email_params.subject,
+            html_body=email_html_content,
+        )
+        pass
+
     async def send_max_budget_alert_email(self, event: WebhookEvent):
         """
         Send email to user when max budget alert threshold is reached
@@ -285,15 +364,36 @@ class BaseEmailLogger(CustomLogger):
         # - Don't re-alert, if alert already sent
         _cache: DualCache = self.internal_usage_cache
 
-        # percent of max_budget left to spend
-        if user_info.max_budget is None and user_info.soft_budget is None:
-            return
-
         # For soft_budget alerts, check if we've already sent an alert
         if type == "soft_budget":
+            # For team soft budget alerts, we only need team soft_budget to be set
+            # For other entity types, we need either max_budget or soft_budget
+            if user_info.event_group == Litellm_EntityType.TEAM:
+                if user_info.soft_budget is None:
+                    return
+                # For team soft budget alerts, require alert_emails to be configured
+                # Team soft budget alerts are sent via metadata.soft_budget_alerting_emails
+                if user_info.alert_emails is None or len(user_info.alert_emails) == 0:
+                    verbose_proxy_logger.debug(
+                        "Skipping team soft budget email alert: no alert_emails configured",
+                    )
+                    return
+            else:
+                # For non-team alerts, require either max_budget or soft_budget
+                if user_info.max_budget is None and user_info.soft_budget is None:
+                    return
             if user_info.soft_budget is not None and user_info.spend >= user_info.soft_budget:
                 # Generate cache key based on event type and identifier
-                _id = user_info.token or user_info.user_id or "default_id"
+                # Use appropriate ID based on event_group to ensure unique cache keys per entity type
+                if user_info.event_group == Litellm_EntityType.TEAM:
+                    _id = user_info.team_id or "default_id"
+                elif user_info.event_group == Litellm_EntityType.ORGANIZATION:
+                    _id = user_info.organization_id or "default_id"
+                elif user_info.event_group == Litellm_EntityType.USER:
+                    _id = user_info.user_id or "default_id"
+                else:
+                    # For KEY and other types, use token or user_id
+                    _id = user_info.token or user_info.user_id or "default_id"
                 _cache_key = f"email_budget_alerts:soft_budget_crossed:{_id}"
                 
                 # Check if we've already sent this alert
@@ -318,10 +418,15 @@ class BaseEmailLogger(CustomLogger):
                         projected_exceeded_date=user_info.projected_exceeded_date,
                         projected_spend=user_info.projected_spend,
                         event_group=user_info.event_group,
+                        alert_emails=user_info.alert_emails,
                     )
                     
                     try:
-                        await self.send_soft_budget_alert_email(webhook_event)
+                        # Use team-specific function for team alerts, otherwise use standard function
+                        if user_info.event_group == Litellm_EntityType.TEAM:
+                            await self.send_team_soft_budget_alert_email(webhook_event)
+                        else:
+                            await self.send_soft_budget_alert_email(webhook_event)
                         
                         # Cache the alert to prevent duplicate sends
                         await _cache.async_set_cache(

{litellm_enterprise-0.1.29 → litellm_enterprise-0.1.31}/litellm_enterprise/proxy/common_utils/check_batch_cost.py

@@ -53,7 +53,7 @@ class CheckBatchCost:
 
         jobs = await self.prisma_client.db.litellm_managedobjecttable.find_many(
             where={
-                "status": "validating",
+                "status": {"in": ["validating", "in_progress", "finalizing"]},
                 "file_purpose": "batch",
             }
         )

{litellm_enterprise-0.1.29 → litellm_enterprise-0.1.31}/litellm_enterprise/proxy/hooks/managed_files.py

@@ -166,7 +166,11 @@ class _PROXY_LiteLLMManagedFiles(CustomLogger, BaseFileEndpoints):
                     "updated_by": user_api_key_dict.user_id,
                     "status": file_object.status,
                 },
-                "update": {},  # don't do anything if it already exists
+                "update": {
+                    "file_object": file_object.model_dump_json(),
+                    "status": file_object.status,
+                    "updated_by": user_api_key_dict.user_id,
+                },  # FIX: Update status and file_object on every operation to keep state in sync
             },
         )
 
@@ -354,6 +358,31 @@ class _PROXY_LiteLLMManagedFiles(CustomLogger, BaseFileEndpoints):
                 )
         return False
 
+    async def check_file_ids_access(
+        self, file_ids: List[str], user_api_key_dict: UserAPIKeyAuth
+    ) -> None:
+        """
+        Check if the user has access to a list of file IDs.
+        Only checks managed (unified) file IDs.
+        
+        Args:
+            file_ids: List of file IDs to check access for
+            user_api_key_dict: User API key authentication details
+            
+        Raises:
+            HTTPException: If user doesn't have access to any of the files
+        """
+        for file_id in file_ids:
+            is_unified_file_id = _is_base64_encoded_unified_file_id(file_id)
+            if is_unified_file_id:
+                if not await self.can_user_call_unified_file_id(
+                    file_id, user_api_key_dict
+                ):
+                    raise HTTPException(
+                        status_code=403,
+                        detail=f"User {user_api_key_dict.user_id} does not have access to the file {file_id}",
+                    )
+
     async def async_pre_call_hook(  # noqa: PLR0915
         self,
         user_api_key_dict: UserAPIKeyAuth,
@@ -387,6 +416,9 @@ class _PROXY_LiteLLMManagedFiles(CustomLogger, BaseFileEndpoints):
             if messages:
                 file_ids = self.get_file_ids_from_messages(messages)
                 if file_ids:
+                    # Check user has access to all managed files
+                    await self.check_file_ids_access(file_ids, user_api_key_dict)
+                    
                     # Check if any files are stored in storage backends and need base64 conversion
                     # This is needed for Vertex AI/Gemini which requires base64 content
                     is_vertex_ai = model and ("vertex_ai" in model or "gemini" in model.lower())
@@ -402,15 +434,27 @@ class _PROXY_LiteLLMManagedFiles(CustomLogger, BaseFileEndpoints):
                     )
                     data["model_file_id_mapping"] = model_file_id_mapping
         elif call_type == CallTypes.aresponses.value or call_type == CallTypes.responses.value:
-            # Handle managed files in responses API input
+            # Handle managed files in responses API input and tools
+            file_ids = []
+            
+            # Extract file IDs from input parameter
             input_data = data.get("input")
             if input_data:
-                file_ids = self.get_file_ids_from_responses_input(input_data)
-                if file_ids:
-                    model_file_id_mapping = await self.get_model_file_id_mapping(
-                        file_ids, user_api_key_dict.parent_otel_span
-                    )
-                    data["model_file_id_mapping"] = model_file_id_mapping
+                file_ids.extend(self.get_file_ids_from_responses_input(input_data))
+            
+            # Extract file IDs from tools parameter (e.g., code_interpreter container)
+            tools = data.get("tools")
+            if tools:
+                file_ids.extend(self.get_file_ids_from_responses_tools(tools))
+            
+            if file_ids:
+                # Check user has access to all managed files
+                await self.check_file_ids_access(file_ids, user_api_key_dict)
+                
+                model_file_id_mapping = await self.get_model_file_id_mapping(
+                    file_ids, user_api_key_dict.parent_otel_span
+                )
+                data["model_file_id_mapping"] = model_file_id_mapping
         elif call_type == CallTypes.afile_content.value:
             retrieve_file_id = cast(Optional[str], data.get("file_id"))
             potential_file_id = (
@@ -460,8 +504,6 @@ class _PROXY_LiteLLMManagedFiles(CustomLogger, BaseFileEndpoints):
                 if retrieve_object_id
                 else False
             )
-            print(f"🔥potential_llm_object_id: {potential_llm_object_id}")
-            print(f"🔥retrieve_object_id: {retrieve_object_id}")
             if potential_llm_object_id and retrieve_object_id:
                 ## VALIDATE USER HAS ACCESS TO THE OBJECT ##
                 if not await self.can_user_call_unified_object_id(
@@ -614,6 +656,41 @@ class _PROXY_LiteLLMManagedFiles(CustomLogger, BaseFileEndpoints):
         
         return file_ids
 
+    def get_file_ids_from_responses_tools(
+        self, tools: List[Dict[str, Any]]
+    ) -> List[str]:
+        """
+        Gets file ids from responses API tools parameter.
+        
+        The tools can contain code_interpreter with container.file_ids:
+        [
+            {
+                "type": "code_interpreter",
+                "container": {"type": "auto", "file_ids": ["file-123", "file-456"]}
+            }
+        ]
+        """
+        file_ids: List[str] = []
+        
+        if not isinstance(tools, list):
+            return file_ids
+        
+        for tool in tools:
+            if not isinstance(tool, dict):
+                continue
+            
+            # Check for code_interpreter with container file_ids
+            if tool.get("type") == "code_interpreter":
+                container = tool.get("container")
+                if isinstance(container, dict):
+                    container_file_ids = container.get("file_ids")
+                    if isinstance(container_file_ids, list):
+                        for file_id in container_file_ids:
+                            if isinstance(file_id, str):
+                                file_ids.append(file_id)
+        
+        return file_ids
+
     async def get_model_file_id_mapping(
         self, file_ids: List[str], litellm_parent_otel_span: Span
     ) -> dict:

{litellm_enterprise-0.1.29 → litellm_enterprise-0.1.31}/pyproject.toml

@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "litellm-enterprise"
-version = "0.1.29"
+version = "0.1.31"
 description = "Package for LiteLLM Enterprise features"
 authors = ["BerriAI"]
 readme = "README.md"
@@ -22,7 +22,7 @@ requires = ["poetry-core"]
 build-backend = "poetry.core.masonry.api"
 
 [tool.commitizen]
-version = "0.1.29"
+version = "0.1.31"
 version_files = [
     "pyproject.toml:version",
     "../requirements.txt:litellm-enterprise==",