aljaz/enclava
1
0
Fork 0
mirror of https://github.com/aljazceru/enclava.git synced 2025-12-17 23:44:24 +01:00
Code Issues Packages Projects Releases Wiki Activity

fixing rag

Browse Source
This commit is contained in:
Aljaz Ceru
2025-08-25 17:13:15 +02:00
parent d1c59265d7
commit ac5a8476bc
80 changed files with 11363 additions and 349 deletions
Download Patch File Download Diff File Expand all files Collapse all files

65
backend/app/services/llm/service.py
View File

@@ -150,11 +150,18 @@ class LLMService:
raise ValidationError("Messages cannot be empty", field="messages")
# Security validation
# Chatbot and RAG system requests should have relaxed security validation
is_system_request = (
request.user_id == "rag_system" or
request.user_id == "chatbot_user" or
str(request.user_id).startswith("chatbot_")
)
messages_dict = [{"role": msg.role, "content": msg.content} for msg in request.messages]
is_safe, risk_score, detected_patterns = security_manager.validate_prompt_security(messages_dict)
if not is_safe:
# Log security violation
if not is_safe and not is_system_request:
# Log security violation for regular user requests
security_manager.create_audit_log(
user_id=request.user_id,
api_key_id=request.api_key_id,
@@ -183,6 +190,12 @@ class LLMService:
risk_score=risk_score,
details={"detected_patterns": detected_patterns}
)
elif not is_safe and is_system_request:
# For system requests (chatbot/RAG), log but don't block
logger.info(f"System request contains security patterns (risk_score={risk_score:.2f}) but allowing due to system context")
if detected_patterns:
logger.info(f"Detected patterns: {[p.get('pattern', 'unknown') for p in detected_patterns]}")
# Allow system requests regardless of security patterns
# Get provider for model
provider_name = self._get_provider_for_model(request.model)
@@ -304,15 +317,25 @@ class LLMService:
await self.initialize()
# Security validation (same as non-streaming)
# Chatbot and RAG system requests should have relaxed security validation
is_system_request = (
request.user_id == "rag_system" or
request.user_id == "chatbot_user" or
str(request.user_id).startswith("chatbot_")
)
messages_dict = [{"role": msg.role, "content": msg.content} for msg in request.messages]
is_safe, risk_score, detected_patterns = security_manager.validate_prompt_security(messages_dict)
if not is_safe:
if not is_safe and not is_system_request:
raise SecurityError(
"Streaming request blocked due to security concerns",
risk_score=risk_score,
details={"detected_patterns": detected_patterns}
)
elif not is_safe and is_system_request:
# For system requests (chatbot/RAG), log but don't block
logger.info(f"System streaming request contains security patterns (risk_score={risk_score:.2f}) but allowing due to system context")
# Get provider
provider_name = self._get_provider_for_model(request.model)
@@ -355,17 +378,33 @@ class LLMService:
await self.initialize()
# Security validation for embedding input
input_text = request.input if isinstance(request.input, str) else " ".join(request.input)
is_safe, risk_score, detected_patterns = security_manager.validate_prompt_security([
{"role": "user", "content": input_text}
])
# RAG system requests (document embedding) should use relaxed security validation
is_rag_system = request.user_id == "rag_system"
if not is_safe:
raise SecurityError(
"Embedding request blocked due to security concerns",
risk_score=risk_score,
details={"detected_patterns": detected_patterns}
)
if not is_rag_system:
# Apply normal security validation for user-generated embedding requests
input_text = request.input if isinstance(request.input, str) else " ".join(request.input)
is_safe, risk_score, detected_patterns = security_manager.validate_prompt_security([
{"role": "user", "content": input_text}
])
if not is_safe:
raise SecurityError(
"Embedding request blocked due to security concerns",
risk_score=risk_score,
details={"detected_patterns": detected_patterns}
)
else:
# For RAG system requests, log but don't block (document content can contain legitimate text that triggers patterns)
input_text = request.input if isinstance(request.input, str) else " ".join(request.input)
is_safe, risk_score, detected_patterns = security_manager.validate_prompt_security([
{"role": "user", "content": input_text}
])
if detected_patterns:
logger.info(f"RAG document embedding contains security patterns (risk_score={risk_score:.2f}) but allowing due to document context")
# Allow RAG system requests regardless of security patterns
# Get provider
provider_name = self._get_provider_for_model(request.model)