chore: import upstream snapshot with attribution
Publish CLI Package / publish-npm (push) Waiting to run
Publish Python SDK / publish-pypi (push) Waiting to run
Publish TypeScript SDK / publish-npm (push) Waiting to run
CI / Migrate Dev DB (push) Has been skipped
CI / Detect Version (push) Has been cancelled
CI / Migrate DB (push) Has been cancelled
CI / Build Dev ECR (./docker/app.Dockerfile, ECR_APP) (push) Has been cancelled
CI / Build Dev ECR (./docker/db.Dockerfile, ECR_MIGRATIONS) (push) Has been cancelled
CI / Build Dev ECR (./docker/pii.Dockerfile, ECR_PII) (push) Has been cancelled
CI / Build Dev ECR (./docker/realtime.Dockerfile, ECR_REALTIME) (push) Has been cancelled
CI / Deploy Trigger.dev (Dev) (push) Has been cancelled
CI / Build AMD64 (./docker/app.Dockerfile, ECR_APP, ghcr.io/simstudioai/simstudio) (push) Has been cancelled
CI / Build AMD64 (./docker/db.Dockerfile, ECR_MIGRATIONS, ghcr.io/simstudioai/migrations) (push) Has been cancelled
CI / Build AMD64 (./docker/pii.Dockerfile, ECR_PII, ghcr.io/simstudioai/pii) (push) Has been cancelled
CI / Build AMD64 (./docker/realtime.Dockerfile, ECR_REALTIME, ghcr.io/simstudioai/realtime) (push) Has been cancelled
CI / Build ARM64 (GHCR Only) (./docker/app.Dockerfile, ghcr.io/simstudioai/simstudio) (push) Has been cancelled
CI / Build ARM64 (GHCR Only) (./docker/db.Dockerfile, ghcr.io/simstudioai/migrations) (push) Has been cancelled
CI / Build ARM64 (GHCR Only) (./docker/pii.Dockerfile, ghcr.io/simstudioai/pii) (push) Has been cancelled
CI / Build ARM64 (GHCR Only) (./docker/realtime.Dockerfile, ghcr.io/simstudioai/realtime) (push) Has been cancelled
CI / Create GHCR Manifests (ghcr.io/simstudioai/migrations) (push) Has been cancelled
CI / Create GHCR Manifests (ghcr.io/simstudioai/pii) (push) Has been cancelled
CI / Create GHCR Manifests (ghcr.io/simstudioai/realtime) (push) Has been cancelled
CI / Create GHCR Manifests (ghcr.io/simstudioai/simstudio) (push) Has been cancelled
CI / Check Docs Changes (push) Has been cancelled
CI / Process Docs (push) Has been cancelled
CI / Create GitHub Release (push) Has been cancelled
CI / Test and Build (push) Has been cancelled
Publish CLI Package / publish-npm (push) Waiting to run
Publish Python SDK / publish-pypi (push) Waiting to run
Publish TypeScript SDK / publish-npm (push) Waiting to run
CI / Migrate Dev DB (push) Has been skipped
CI / Detect Version (push) Has been cancelled
CI / Migrate DB (push) Has been cancelled
CI / Build Dev ECR (./docker/app.Dockerfile, ECR_APP) (push) Has been cancelled
CI / Build Dev ECR (./docker/db.Dockerfile, ECR_MIGRATIONS) (push) Has been cancelled
CI / Build Dev ECR (./docker/pii.Dockerfile, ECR_PII) (push) Has been cancelled
CI / Build Dev ECR (./docker/realtime.Dockerfile, ECR_REALTIME) (push) Has been cancelled
CI / Deploy Trigger.dev (Dev) (push) Has been cancelled
CI / Build AMD64 (./docker/app.Dockerfile, ECR_APP, ghcr.io/simstudioai/simstudio) (push) Has been cancelled
CI / Build AMD64 (./docker/db.Dockerfile, ECR_MIGRATIONS, ghcr.io/simstudioai/migrations) (push) Has been cancelled
CI / Build AMD64 (./docker/pii.Dockerfile, ECR_PII, ghcr.io/simstudioai/pii) (push) Has been cancelled
CI / Build AMD64 (./docker/realtime.Dockerfile, ECR_REALTIME, ghcr.io/simstudioai/realtime) (push) Has been cancelled
CI / Build ARM64 (GHCR Only) (./docker/app.Dockerfile, ghcr.io/simstudioai/simstudio) (push) Has been cancelled
CI / Build ARM64 (GHCR Only) (./docker/db.Dockerfile, ghcr.io/simstudioai/migrations) (push) Has been cancelled
CI / Build ARM64 (GHCR Only) (./docker/pii.Dockerfile, ghcr.io/simstudioai/pii) (push) Has been cancelled
CI / Build ARM64 (GHCR Only) (./docker/realtime.Dockerfile, ghcr.io/simstudioai/realtime) (push) Has been cancelled
CI / Create GHCR Manifests (ghcr.io/simstudioai/migrations) (push) Has been cancelled
CI / Create GHCR Manifests (ghcr.io/simstudioai/pii) (push) Has been cancelled
CI / Create GHCR Manifests (ghcr.io/simstudioai/realtime) (push) Has been cancelled
CI / Create GHCR Manifests (ghcr.io/simstudioai/simstudio) (push) Has been cancelled
CI / Check Docs Changes (push) Has been cancelled
CI / Process Docs (push) Has been cancelled
CI / Create GitHub Release (push) Has been cancelled
CI / Test and Build (push) Has been cancelled
This commit is contained in:
@@ -0,0 +1,64 @@
|
||||
/**
|
||||
* @vitest-environment node
|
||||
*/
|
||||
import { createMockRequest } from '@sim/testing'
|
||||
import { beforeEach, describe, expect, it, vi } from 'vitest'
|
||||
|
||||
const { mockCheckInternalAuth, mockMaskPIIBatch } = vi.hoisted(() => ({
|
||||
mockCheckInternalAuth: vi.fn(),
|
||||
mockMaskPIIBatch: vi.fn(),
|
||||
}))
|
||||
|
||||
vi.mock('@/lib/auth/hybrid', () => ({
|
||||
checkInternalAuth: mockCheckInternalAuth,
|
||||
}))
|
||||
|
||||
vi.mock('@/lib/guardrails/validate_pii', () => ({
|
||||
maskPIIBatch: mockMaskPIIBatch,
|
||||
}))
|
||||
|
||||
import { POST } from '@/app/api/guardrails/mask-batch/route'
|
||||
|
||||
describe('POST /api/guardrails/mask-batch', () => {
|
||||
beforeEach(() => {
|
||||
vi.clearAllMocks()
|
||||
mockCheckInternalAuth.mockResolvedValue({ success: true })
|
||||
mockMaskPIIBatch.mockImplementation(async (texts: string[]) => texts.map((t) => `M(${t})`))
|
||||
})
|
||||
|
||||
it('returns 401 without internal auth', async () => {
|
||||
mockCheckInternalAuth.mockResolvedValue({
|
||||
success: false,
|
||||
error: 'Internal authentication required',
|
||||
})
|
||||
|
||||
const res = await POST(
|
||||
createMockRequest('POST', { texts: ['a@b.com'], entityTypes: ['EMAIL_ADDRESS'] })
|
||||
)
|
||||
|
||||
expect(res.status).toBe(401)
|
||||
expect(mockMaskPIIBatch).not.toHaveBeenCalled()
|
||||
})
|
||||
|
||||
it('masks the batch in-process and preserves order', async () => {
|
||||
const res = await POST(
|
||||
createMockRequest('POST', {
|
||||
texts: ['a@b.com', 'hello'],
|
||||
entityTypes: ['EMAIL_ADDRESS'],
|
||||
language: 'en',
|
||||
})
|
||||
)
|
||||
|
||||
expect(res.status).toBe(200)
|
||||
const json = await res.json()
|
||||
expect(json.masked).toEqual(['M(a@b.com)', 'M(hello)'])
|
||||
expect(mockMaskPIIBatch).toHaveBeenCalledWith(['a@b.com', 'hello'], ['EMAIL_ADDRESS'], 'en')
|
||||
})
|
||||
|
||||
it('rejects an invalid body with 400', async () => {
|
||||
const res = await POST(createMockRequest('POST', { texts: 'not-an-array', entityTypes: [] }))
|
||||
|
||||
expect(res.status).toBe(400)
|
||||
expect(mockMaskPIIBatch).not.toHaveBeenCalled()
|
||||
})
|
||||
})
|
||||
@@ -0,0 +1,50 @@
|
||||
import { createLogger } from '@sim/logger'
|
||||
import { getErrorMessage } from '@sim/utils/errors'
|
||||
import { type NextRequest, NextResponse } from 'next/server'
|
||||
import { guardrailsMaskBatchContract } from '@/lib/api/contracts'
|
||||
import { parseRequest } from '@/lib/api/server'
|
||||
import { checkInternalAuth } from '@/lib/auth/hybrid'
|
||||
import { withRouteHandler } from '@/lib/core/utils/with-route-handler'
|
||||
import { maskPIIBatch } from '@/lib/guardrails/validate_pii'
|
||||
|
||||
const logger = createLogger('GuardrailsMaskBatchAPI')
|
||||
|
||||
/**
|
||||
* Internal batch PII masking. The log-redaction persist path runs in both the
|
||||
* Next.js server and the trigger.dev runtime, but only the app task reaches the
|
||||
* Presidio service (it holds `PII_URL` and the internal-network access) — so
|
||||
* redaction calls this endpoint server-to-server (internal JWT) to keep the
|
||||
* Presidio call centralized here.
|
||||
*/
|
||||
export const POST = withRouteHandler(async (request: NextRequest) => {
|
||||
const auth = await checkInternalAuth(request, { requireWorkflowId: false })
|
||||
if (!auth.success) {
|
||||
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
|
||||
}
|
||||
|
||||
const parsed = await parseRequest(guardrailsMaskBatchContract, request, {})
|
||||
if (!parsed.success) return parsed.response
|
||||
|
||||
const { texts, entityTypes, language } = parsed.data.body
|
||||
|
||||
try {
|
||||
const startedAt = performance.now()
|
||||
const masked = await maskPIIBatch(texts, entityTypes, language)
|
||||
logger.info('Masked PII batch', {
|
||||
count: texts.length,
|
||||
durationMs: Math.round(performance.now() - startedAt),
|
||||
})
|
||||
return NextResponse.json({ masked })
|
||||
} catch (error) {
|
||||
// An unreachable/misconfigured Presidio service makes maskPIIBatch throw; fail
|
||||
// loudly here (the caller scrubs to REDACTION_FAILED, so PII is never leaked).
|
||||
logger.error('PII batch masking failed', {
|
||||
error: getErrorMessage(error),
|
||||
count: texts.length,
|
||||
})
|
||||
return NextResponse.json(
|
||||
{ error: getErrorMessage(error, 'PII masking failed') },
|
||||
{ status: 500 }
|
||||
)
|
||||
}
|
||||
})
|
||||
@@ -0,0 +1,159 @@
|
||||
/**
|
||||
* @vitest-environment node
|
||||
*/
|
||||
import { createMockRequest, hybridAuthMockFns, workflowAuthzMockFns } from '@sim/testing'
|
||||
import { beforeEach, describe, expect, it, vi } from 'vitest'
|
||||
|
||||
const { mockAuthorizeCredentialUse, mockCheckActorUsageLimits, mockValidateHallucination } =
|
||||
vi.hoisted(() => ({
|
||||
mockAuthorizeCredentialUse: vi.fn(),
|
||||
mockCheckActorUsageLimits: vi.fn(),
|
||||
mockValidateHallucination: vi.fn(),
|
||||
}))
|
||||
|
||||
vi.mock('@/lib/auth/credential-access', () => ({
|
||||
authorizeCredentialUse: mockAuthorizeCredentialUse,
|
||||
}))
|
||||
|
||||
vi.mock('@/lib/billing/calculations/usage-monitor', () => ({
|
||||
checkActorUsageLimits: mockCheckActorUsageLimits,
|
||||
}))
|
||||
|
||||
vi.mock('@/lib/guardrails/validate_hallucination', () => ({
|
||||
validateHallucination: mockValidateHallucination,
|
||||
}))
|
||||
|
||||
vi.mock('@/lib/guardrails/validate_json', () => ({
|
||||
validateJson: vi.fn(() => ({ passed: true })),
|
||||
}))
|
||||
|
||||
vi.mock('@/lib/guardrails/validate_pii', () => ({
|
||||
validatePII: vi.fn(() => ({ passed: true })),
|
||||
}))
|
||||
|
||||
vi.mock('@/lib/guardrails/validate_regex', () => ({
|
||||
validateRegex: vi.fn(() => ({ passed: true })),
|
||||
}))
|
||||
|
||||
vi.mock('@/ee/access-control/utils/permission-check', () => ({
|
||||
assertPermissionsAllowed: vi.fn(),
|
||||
ModelNotAllowedError: class ModelNotAllowedError extends Error {},
|
||||
ProviderNotAllowedError: class ProviderNotAllowedError extends Error {},
|
||||
}))
|
||||
|
||||
import { POST } from '@/app/api/guardrails/validate/route'
|
||||
|
||||
describe('POST /api/guardrails/validate', () => {
|
||||
beforeEach(() => {
|
||||
vi.clearAllMocks()
|
||||
hybridAuthMockFns.mockCheckSessionOrInternalAuth.mockResolvedValue({
|
||||
success: true,
|
||||
userId: 'user-1',
|
||||
authType: 'session',
|
||||
})
|
||||
workflowAuthzMockFns.mockAuthorizeWorkflowByWorkspacePermission.mockResolvedValue({
|
||||
allowed: true,
|
||||
workflow: { id: 'wf-1', workspaceId: 'ws-1' },
|
||||
})
|
||||
mockCheckActorUsageLimits.mockResolvedValue({ isExceeded: false })
|
||||
mockValidateHallucination.mockResolvedValue({ passed: true, score: 8 })
|
||||
})
|
||||
|
||||
it('rejects a vertexCredential the caller does not have access to before calling validateHallucination', async () => {
|
||||
mockAuthorizeCredentialUse.mockResolvedValue({
|
||||
ok: false,
|
||||
error: 'You do not have access to this credential.',
|
||||
})
|
||||
|
||||
const res = await POST(
|
||||
createMockRequest('POST', {
|
||||
validationType: 'hallucination',
|
||||
input: 'test input',
|
||||
knowledgeBaseId: 'kb-1',
|
||||
model: 'vertex/gemini-2.5-pro',
|
||||
workflowId: 'wf-1',
|
||||
vertexCredential: 'someone-elses-account-id',
|
||||
})
|
||||
)
|
||||
|
||||
expect(res.status).toBe(401)
|
||||
expect(mockAuthorizeCredentialUse).toHaveBeenCalledWith(
|
||||
expect.anything(),
|
||||
expect.objectContaining({
|
||||
credentialId: 'someone-elses-account-id',
|
||||
workflowId: 'wf-1',
|
||||
requireWorkflowIdForInternal: false,
|
||||
})
|
||||
)
|
||||
expect(mockValidateHallucination).not.toHaveBeenCalled()
|
||||
})
|
||||
|
||||
it('proceeds with hallucination validation when the caller has access to the vertexCredential', async () => {
|
||||
mockAuthorizeCredentialUse.mockResolvedValue({ ok: true })
|
||||
|
||||
const res = await POST(
|
||||
createMockRequest('POST', {
|
||||
validationType: 'hallucination',
|
||||
input: 'test input',
|
||||
knowledgeBaseId: 'kb-1',
|
||||
model: 'vertex/gemini-2.5-pro',
|
||||
workflowId: 'wf-1',
|
||||
vertexCredential: 'my-own-account-id',
|
||||
})
|
||||
)
|
||||
|
||||
expect(res.status).toBe(200)
|
||||
const json = await res.json()
|
||||
expect(json.output.passed).toBe(true)
|
||||
expect(mockAuthorizeCredentialUse).toHaveBeenCalledWith(
|
||||
expect.anything(),
|
||||
expect.objectContaining({ credentialId: 'my-own-account-id' })
|
||||
)
|
||||
expect(mockValidateHallucination).toHaveBeenCalled()
|
||||
})
|
||||
|
||||
it('does not gate on vertexCredential for non-hallucination validation types', async () => {
|
||||
const res = await POST(
|
||||
createMockRequest('POST', {
|
||||
validationType: 'json',
|
||||
input: '{"a":1}',
|
||||
})
|
||||
)
|
||||
|
||||
expect(res.status).toBe(200)
|
||||
expect(mockAuthorizeCredentialUse).not.toHaveBeenCalled()
|
||||
})
|
||||
|
||||
it('does not gate hallucination validation when no vertexCredential is supplied', async () => {
|
||||
const res = await POST(
|
||||
createMockRequest('POST', {
|
||||
validationType: 'hallucination',
|
||||
input: 'test input',
|
||||
knowledgeBaseId: 'kb-1',
|
||||
model: 'gpt-4o',
|
||||
workflowId: 'wf-1',
|
||||
})
|
||||
)
|
||||
|
||||
expect(res.status).toBe(200)
|
||||
expect(mockAuthorizeCredentialUse).not.toHaveBeenCalled()
|
||||
expect(mockValidateHallucination).toHaveBeenCalled()
|
||||
})
|
||||
|
||||
it('does not gate on a leftover vertexCredential when the resolved model is not vertex', async () => {
|
||||
const res = await POST(
|
||||
createMockRequest('POST', {
|
||||
validationType: 'hallucination',
|
||||
input: 'test input',
|
||||
knowledgeBaseId: 'kb-1',
|
||||
model: 'gpt-4o',
|
||||
workflowId: 'wf-1',
|
||||
vertexCredential: 'someone-elses-account-id',
|
||||
})
|
||||
)
|
||||
|
||||
expect(res.status).toBe(200)
|
||||
expect(mockAuthorizeCredentialUse).not.toHaveBeenCalled()
|
||||
expect(mockValidateHallucination).toHaveBeenCalled()
|
||||
})
|
||||
})
|
||||
@@ -0,0 +1,419 @@
|
||||
import { createLogger } from '@sim/logger'
|
||||
import { authorizeWorkflowByWorkspacePermission } from '@sim/platform-authz/workflow'
|
||||
import { type NextRequest, NextResponse } from 'next/server'
|
||||
import { guardrailsValidateContract } from '@/lib/api/contracts'
|
||||
import { parseRequest } from '@/lib/api/server'
|
||||
import { authorizeCredentialUse } from '@/lib/auth/credential-access'
|
||||
import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
|
||||
import { checkActorUsageLimits } from '@/lib/billing/calculations/usage-monitor'
|
||||
import { generateRequestId } from '@/lib/core/utils/request'
|
||||
import { withRouteHandler } from '@/lib/core/utils/with-route-handler'
|
||||
import { validateHallucination } from '@/lib/guardrails/validate_hallucination'
|
||||
import { validateJson } from '@/lib/guardrails/validate_json'
|
||||
import { validatePII } from '@/lib/guardrails/validate_pii'
|
||||
import { validateRegex } from '@/lib/guardrails/validate_regex'
|
||||
import {
|
||||
assertPermissionsAllowed,
|
||||
ModelNotAllowedError,
|
||||
ProviderNotAllowedError,
|
||||
} from '@/ee/access-control/utils/permission-check'
|
||||
import { getProviderFromModel } from '@/providers/utils'
|
||||
|
||||
const logger = createLogger('GuardrailsValidateAPI')
|
||||
|
||||
export const POST = withRouteHandler(async (request: NextRequest) => {
|
||||
const requestId = generateRequestId()
|
||||
logger.info(`[${requestId}] Guardrails validation request received`)
|
||||
|
||||
try {
|
||||
const auth = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
|
||||
if (!auth.success || !auth.userId) {
|
||||
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
|
||||
}
|
||||
|
||||
const parsed = await parseRequest(guardrailsValidateContract, request, {})
|
||||
if (!parsed.success) return parsed.response
|
||||
const { body } = parsed.data
|
||||
const {
|
||||
validationType,
|
||||
input,
|
||||
regex,
|
||||
knowledgeBaseId,
|
||||
threshold,
|
||||
topK,
|
||||
model,
|
||||
apiKey,
|
||||
azureEndpoint,
|
||||
azureApiVersion,
|
||||
vertexProject,
|
||||
vertexLocation,
|
||||
vertexCredential,
|
||||
bedrockAccessKeyId,
|
||||
bedrockSecretKey,
|
||||
bedrockRegion,
|
||||
workflowId,
|
||||
piiEntityTypes,
|
||||
piiMode,
|
||||
piiLanguage,
|
||||
} = body
|
||||
|
||||
if (!validationType) {
|
||||
return NextResponse.json({
|
||||
success: true,
|
||||
output: {
|
||||
passed: false,
|
||||
validationType: 'unknown',
|
||||
input: input || '',
|
||||
error: 'Missing required field: validationType',
|
||||
},
|
||||
})
|
||||
}
|
||||
|
||||
if (input === undefined || input === null) {
|
||||
return NextResponse.json({
|
||||
success: true,
|
||||
output: {
|
||||
passed: false,
|
||||
validationType,
|
||||
input: '',
|
||||
error: 'Input is missing or undefined',
|
||||
},
|
||||
})
|
||||
}
|
||||
|
||||
if (
|
||||
validationType !== 'json' &&
|
||||
validationType !== 'regex' &&
|
||||
validationType !== 'hallucination' &&
|
||||
validationType !== 'pii'
|
||||
) {
|
||||
return NextResponse.json({
|
||||
success: true,
|
||||
output: {
|
||||
passed: false,
|
||||
validationType,
|
||||
input: input || '',
|
||||
error: 'Invalid validationType. Must be "json", "regex", "hallucination", or "pii"',
|
||||
},
|
||||
})
|
||||
}
|
||||
|
||||
if (validationType === 'regex' && !regex) {
|
||||
return NextResponse.json({
|
||||
success: true,
|
||||
output: {
|
||||
passed: false,
|
||||
validationType,
|
||||
input: input || '',
|
||||
error: 'Regex pattern is required for regex validation',
|
||||
},
|
||||
})
|
||||
}
|
||||
|
||||
if (validationType === 'hallucination' && !model) {
|
||||
return NextResponse.json({
|
||||
success: true,
|
||||
output: {
|
||||
passed: false,
|
||||
validationType,
|
||||
input: input || '',
|
||||
error: 'Model is required for hallucination validation',
|
||||
},
|
||||
})
|
||||
}
|
||||
|
||||
let resolvedWorkspaceId: string | undefined
|
||||
|
||||
if (validationType === 'hallucination' && model) {
|
||||
if (!workflowId || typeof workflowId !== 'string') {
|
||||
return NextResponse.json({
|
||||
success: true,
|
||||
output: {
|
||||
passed: false,
|
||||
validationType,
|
||||
input: input || '',
|
||||
error:
|
||||
'Workflow context is required for hallucination validation. Call this endpoint via a workflow execution, not directly.',
|
||||
},
|
||||
})
|
||||
}
|
||||
|
||||
const authorization = await authorizeWorkflowByWorkspacePermission({
|
||||
workflowId,
|
||||
userId: auth.userId,
|
||||
action: 'read',
|
||||
})
|
||||
|
||||
if (!authorization.allowed || !authorization.workflow?.workspaceId) {
|
||||
return NextResponse.json({
|
||||
success: true,
|
||||
output: {
|
||||
passed: false,
|
||||
validationType,
|
||||
input: input || '',
|
||||
error: authorization.message || 'Workflow not found or access denied.',
|
||||
},
|
||||
})
|
||||
}
|
||||
|
||||
resolvedWorkspaceId = authorization.workflow.workspaceId
|
||||
|
||||
try {
|
||||
await assertPermissionsAllowed({
|
||||
userId: auth.userId,
|
||||
workspaceId: resolvedWorkspaceId,
|
||||
model,
|
||||
})
|
||||
} catch (err) {
|
||||
if (err instanceof ProviderNotAllowedError || err instanceof ModelNotAllowedError) {
|
||||
return NextResponse.json({
|
||||
success: true,
|
||||
output: {
|
||||
passed: false,
|
||||
validationType,
|
||||
input: input || '',
|
||||
error: err.message,
|
||||
},
|
||||
})
|
||||
}
|
||||
throw err
|
||||
}
|
||||
|
||||
// Gate the actor's usage before incurring hosted LLM + RAG cost. In a normal
|
||||
// workflow run this already passed at preprocessing; this also blocks direct
|
||||
// calls to this route by an over-limit or frozen actor.
|
||||
const usage = await checkActorUsageLimits(auth.userId, resolvedWorkspaceId)
|
||||
if (usage.isExceeded) {
|
||||
return NextResponse.json(
|
||||
{ error: usage.message || 'Usage limit exceeded. Please upgrade your plan to continue.' },
|
||||
{ status: 402 }
|
||||
)
|
||||
}
|
||||
|
||||
if (vertexCredential && getProviderFromModel(model) === 'vertex') {
|
||||
const vertexCredAccess = await authorizeCredentialUse(request, {
|
||||
credentialId: vertexCredential,
|
||||
workflowId,
|
||||
requireWorkflowIdForInternal: false,
|
||||
})
|
||||
if (!vertexCredAccess.ok) {
|
||||
logger.warn(`[${requestId}] Vertex credential access denied`, {
|
||||
error: vertexCredAccess.error,
|
||||
credentialId: vertexCredential,
|
||||
})
|
||||
return NextResponse.json(
|
||||
{ error: vertexCredAccess.error || 'Unauthorized' },
|
||||
{ status: 401 }
|
||||
)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
const inputStr = convertInputToString(input)
|
||||
|
||||
logger.info(`[${requestId}] Executing validation locally`, {
|
||||
validationType,
|
||||
inputType: typeof input,
|
||||
})
|
||||
const authHeaders = {
|
||||
cookie: request.headers.get('cookie') || undefined,
|
||||
authorization: request.headers.get('authorization') || undefined,
|
||||
}
|
||||
|
||||
const validationResult = await executeValidation(
|
||||
validationType,
|
||||
inputStr,
|
||||
regex,
|
||||
knowledgeBaseId,
|
||||
threshold,
|
||||
topK,
|
||||
model,
|
||||
apiKey,
|
||||
{
|
||||
azureEndpoint,
|
||||
azureApiVersion,
|
||||
vertexProject,
|
||||
vertexLocation,
|
||||
vertexCredential,
|
||||
bedrockAccessKeyId,
|
||||
bedrockSecretKey,
|
||||
bedrockRegion,
|
||||
},
|
||||
workflowId,
|
||||
resolvedWorkspaceId,
|
||||
piiEntityTypes,
|
||||
piiMode,
|
||||
piiLanguage,
|
||||
authHeaders,
|
||||
requestId
|
||||
)
|
||||
|
||||
// Bill the guardrail's LLM scoring cost (hallucination only; BYOK/non-hosted
|
||||
// already resolve to 0). Attributed to the caller + the workflow's workspace
|
||||
// so it lands in the per-member meter. Best-effort — never fail validation on
|
||||
// a billing error.
|
||||
if (
|
||||
resolvedWorkspaceId &&
|
||||
typeof validationResult.cost === 'number' &&
|
||||
validationResult.cost > 0
|
||||
) {
|
||||
const { recordUsage } = await import('@/lib/billing/core/usage-log')
|
||||
await recordUsage({
|
||||
userId: auth.userId,
|
||||
workspaceId: resolvedWorkspaceId,
|
||||
entries: [
|
||||
{
|
||||
category: 'model',
|
||||
source: 'workflow',
|
||||
description: `guardrail-hallucination:${model ?? 'unknown'}`,
|
||||
cost: validationResult.cost,
|
||||
sourceReference: `guardrail:${workflowId ?? 'unknown'}:${requestId}`,
|
||||
},
|
||||
],
|
||||
}).catch((billingError) => {
|
||||
logger.error(`[${requestId}] Failed to record guardrail usage`, { error: billingError })
|
||||
})
|
||||
}
|
||||
|
||||
logger.info(`[${requestId}] Validation completed`, {
|
||||
passed: validationResult.passed,
|
||||
hasError: !!validationResult.error,
|
||||
score: validationResult.score,
|
||||
})
|
||||
|
||||
return NextResponse.json({
|
||||
success: true,
|
||||
output: {
|
||||
passed: validationResult.passed,
|
||||
validationType,
|
||||
input,
|
||||
error: validationResult.error,
|
||||
score: validationResult.score,
|
||||
reasoning: validationResult.reasoning,
|
||||
detectedEntities: validationResult.detectedEntities,
|
||||
maskedText: validationResult.maskedText,
|
||||
},
|
||||
})
|
||||
} catch (error: any) {
|
||||
logger.error(`[${requestId}] Guardrails validation failed`, { error })
|
||||
return NextResponse.json({
|
||||
success: true,
|
||||
output: {
|
||||
passed: false,
|
||||
validationType: 'unknown',
|
||||
input: '',
|
||||
error: error.message || 'Validation failed due to unexpected error',
|
||||
},
|
||||
})
|
||||
}
|
||||
})
|
||||
|
||||
/**
|
||||
* Convert input to string for validation
|
||||
*/
|
||||
function convertInputToString(input: any): string {
|
||||
if (typeof input === 'string') {
|
||||
return input
|
||||
}
|
||||
if (input === null || input === undefined) {
|
||||
return ''
|
||||
}
|
||||
if (typeof input === 'object') {
|
||||
return JSON.stringify(input)
|
||||
}
|
||||
return String(input)
|
||||
}
|
||||
|
||||
/**
|
||||
* Execute validation using TypeScript validators
|
||||
*/
|
||||
async function executeValidation(
|
||||
validationType: string,
|
||||
inputStr: string,
|
||||
regex: string | undefined,
|
||||
knowledgeBaseId: string | undefined,
|
||||
threshold: string | undefined,
|
||||
topK: string | undefined,
|
||||
model: string | undefined,
|
||||
apiKey: string | undefined,
|
||||
providerCredentials: {
|
||||
azureEndpoint?: string
|
||||
azureApiVersion?: string
|
||||
vertexProject?: string
|
||||
vertexLocation?: string
|
||||
vertexCredential?: string
|
||||
bedrockAccessKeyId?: string
|
||||
bedrockSecretKey?: string
|
||||
bedrockRegion?: string
|
||||
},
|
||||
workflowId: string | undefined,
|
||||
workspaceId: string | undefined,
|
||||
piiEntityTypes: string[] | undefined,
|
||||
piiMode: string | undefined,
|
||||
piiLanguage: string | undefined,
|
||||
authHeaders: { cookie?: string; authorization?: string } | undefined,
|
||||
requestId: string
|
||||
): Promise<{
|
||||
passed: boolean
|
||||
error?: string
|
||||
score?: number
|
||||
reasoning?: string
|
||||
detectedEntities?: any[]
|
||||
maskedText?: string
|
||||
cost?: number
|
||||
}> {
|
||||
// Use TypeScript validators for all validation types
|
||||
if (validationType === 'json') {
|
||||
return validateJson(inputStr)
|
||||
}
|
||||
if (validationType === 'regex') {
|
||||
if (!regex) {
|
||||
return {
|
||||
passed: false,
|
||||
error: 'Regex pattern is required',
|
||||
}
|
||||
}
|
||||
return validateRegex(inputStr, regex)
|
||||
}
|
||||
if (validationType === 'hallucination') {
|
||||
if (!knowledgeBaseId) {
|
||||
return {
|
||||
passed: false,
|
||||
error: 'Knowledge base ID is required for hallucination check',
|
||||
}
|
||||
}
|
||||
if (!model) {
|
||||
return {
|
||||
passed: false,
|
||||
error: 'Model is required for hallucination validation',
|
||||
}
|
||||
}
|
||||
|
||||
return await validateHallucination({
|
||||
userInput: inputStr,
|
||||
knowledgeBaseId,
|
||||
threshold: threshold != null ? Number.parseFloat(threshold) : 3, // Default threshold is 3 (confidence score, scores < 3 fail)
|
||||
topK: topK ? Number.parseInt(topK) : 10, // Default topK is 10
|
||||
model: model,
|
||||
apiKey,
|
||||
providerCredentials,
|
||||
workflowId,
|
||||
workspaceId,
|
||||
authHeaders,
|
||||
requestId,
|
||||
})
|
||||
}
|
||||
if (validationType === 'pii') {
|
||||
return await validatePII({
|
||||
text: inputStr,
|
||||
entityTypes: piiEntityTypes || [], // Empty array = detect all PII types
|
||||
mode: (piiMode as 'block' | 'mask') || 'block', // Default to block mode
|
||||
language: piiLanguage || 'en',
|
||||
requestId,
|
||||
})
|
||||
}
|
||||
return {
|
||||
passed: false,
|
||||
error: 'Unknown validation type',
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user