Skip to content

fix(enterprise): correct error message for DISABLE_ADMIN_ENDPOINTS #19861

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
ishaan-jaff merged 1 commit into from
Jan 27, 2026
Merged

fix(enterprise): correct error message for DISABLE_ADMIN_ENDPOINTS #19861

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion enterprise/litellm_enterprise/proxy/auth/route_checks.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ def is_management_routes_disabled() -> bool:
if not premium_user:
raise HTTPException(
status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
detail=f"🚨🚨🚨 DISABLING LLM API ENDPOINTS is an Enterprise feature\n🚨 {CommonProxyErrors.not_premium_user.value}",
detail=f"🚨🚨🚨 DISABLING ADMIN ENDPOINTS is an Enterprise feature\n🚨 {CommonProxyErrors.not_premium_user.value}",
)

return get_secret_bool("DISABLE_ADMIN_ENDPOINTS") is True
Expand Down
65 changes: 65 additions & 0 deletions tests/enterprise/litellm_enterprise/proxy/auth/test_route_checks.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -180,3 +180,68 @@ def test_should_call_route_llm_disabled_management_enabled(

# Should not raise exception since management routes are enabled
EnterpriseRouteChecks.should_call_route("/config/update")


class TestEnterpriseRouteChecksErrorMessages:
"""Test that error messages correctly identify which feature requires Enterprise license"""

@patch("litellm.secret_managers.main.get_secret_bool")
@patch("litellm.proxy.proxy_server.premium_user", False)
def test_disable_llm_api_endpoints_error_message(self, mock_get_secret_bool):
"""
Test that when DISABLE_LLM_API_ENDPOINTS is set without Enterprise license,
the error message correctly mentions 'LLM API ENDPOINTS'
"""
with patch.dict(os.environ, {"DISABLE_LLM_API_ENDPOINTS": "true"}):
with pytest.raises(HTTPException) as exc_info:
EnterpriseRouteChecks.is_llm_api_route_disabled()

assert exc_info.value.status_code == 500
assert "DISABLING LLM API ENDPOINTS is an Enterprise feature" in str(
exc_info.value.detail
)

@patch("litellm.secret_managers.main.get_secret_bool")
@patch("litellm.proxy.proxy_server.premium_user", False)
def test_disable_admin_endpoints_error_message(self, mock_get_secret_bool):
"""
Test that when DISABLE_ADMIN_ENDPOINTS is set without Enterprise license,
the error message correctly mentions 'ADMIN ENDPOINTS' (not 'LLM API ENDPOINTS')

This is a regression test for a bug where the error message incorrectly said
'DISABLING LLM API ENDPOINTS' when the actual issue was DISABLE_ADMIN_ENDPOINTS.
"""
with patch.dict(os.environ, {"DISABLE_ADMIN_ENDPOINTS": "true"}):
with pytest.raises(HTTPException) as exc_info:
EnterpriseRouteChecks.is_management_routes_disabled()

assert exc_info.value.status_code == 500
assert "DISABLING ADMIN ENDPOINTS is an Enterprise feature" in str(
exc_info.value.detail
)
# Ensure it does NOT mention LLM API ENDPOINTS (the old buggy message)
assert "LLM API ENDPOINTS" not in str(exc_info.value.detail)

@patch("litellm.secret_managers.main.get_secret_bool")
@patch("litellm.proxy.proxy_server.premium_user", True)
def test_disable_llm_api_endpoints_with_premium_user(self, mock_get_secret_bool):
"""
Test that premium users can use DISABLE_LLM_API_ENDPOINTS without error
"""
mock_get_secret_bool.return_value = True
with patch.dict(os.environ, {"DISABLE_LLM_API_ENDPOINTS": "true"}):
# Should not raise exception for premium users
result = EnterpriseRouteChecks.is_llm_api_route_disabled()
assert result is True

@patch("litellm.secret_managers.main.get_secret_bool")
@patch("litellm.proxy.proxy_server.premium_user", True)
def test_disable_admin_endpoints_with_premium_user(self, mock_get_secret_bool):
"""
Test that premium users can use DISABLE_ADMIN_ENDPOINTS without error
"""
mock_get_secret_bool.return_value = True
with patch.dict(os.environ, {"DISABLE_ADMIN_ENDPOINTS": "true"}):
# Should not raise exception for premium users
result = EnterpriseRouteChecks.is_management_routes_disabled()
assert result is True
Loading