mirror of
https://github.com/open-webui/open-webui.git
synced 2026-07-15 21:19:39 -05:00
[GH-ISSUE #22515] feat: Support Whitelist Filtering in AuditLoggingMiddleware #106724
Reference in New Issue
Block a user
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @ShirasawaSama on GitHub (Mar 10, 2026).
Original GitHub issue: https://github.com/open-webui/open-webui/issues/22515
Check Existing Issues
Verify Feature Scope
Problem Description
Currently, AuditLoggingMiddleware only supports
blacklist-basedfiltering. In my use case, I only need to log administrator operations. Using a blacklist makes configuration cumbersome and less reliable because new endpoints or actions may be added and accidentally get logged or ignored incorrectly.Desired Solution you'd like
Add support for a whitelist (allowlist) configuration in
AuditLoggingMiddleware, allowing users to explicitly specify which routes, actions, or users should be logged. This would make it easier to restrict audit logging to specific operations such as administrator actions.Alternatives Considered
Continue using the existing blacklist mechanism, but this requires continuously maintaining and updating the exclusion list, which is error-prone and less clear compared to explicitly defining the operations that should be logged.
Additional Context
No response