o ưi@@sNdZddlmZddlmZddlmZmZedZdededd fd d Z d S) z RBAC utility helpers for feature-level access control. These helpers are used by agent and vector store endpoints to enforce proxy-admin-configurable toggles that restrict access for internal users. )Literal) HTTPException)LitellmUserRolesUserAPIKeyAuth)ZagentsZ vector_storesuser_api_key_dict feature_namereturnNc s|jtjtjtjjtjjfvrdSddlm}m}m}d|d}d|d}| |ds0dS| |drJdd l m }||||d IdH}|rJdSt d d d |did)a Raise HTTP 403 if the user's role is blocked from accessing the given feature by the UI settings stored in general_settings. Args: user_api_key_dict: The authenticated user. feature_name: Either "agents" or "vector_stores". Nr)general_settings prisma_clientuser_api_key_cacheZdisable_Z_for_internal_usersZallow_Z_for_team_adminsF)_user_has_admin_privileges)rr r ierrorz Access to z5 is disabled for your role. Contact your proxy admin.) status_codedetail) Z user_rolerZ PROXY_ADMINZPROXY_ADMIN_VIEW_ONLYvalueZlitellm.proxy.proxy_serverr r r getZ/litellm.proxy.management_endpoints.common_utilsr r) rrr r r Z disable_flagZallow_team_admins_flagr Zis_adminr\/home/app/Keep/.python/lib/python3.10/site-packages/litellm/proxy/common_utils/rbac_utils.pycheck_feature_access_for_users6        r) __doc__typingrZfastapirZlitellm.proxy._typesrrZ FeatureNamerrrrrs