enhance: openapi: better confirmation prompts

g-linville · g-linville · commit c01de74851fb · 2024-08-19T16:28:55.000-04:00
Signed-off-by: Grant Linville &lt;grant@acorn.io&gt;
diff --git a/components/script/messages.tsx b/components/script/messages.tsx
@@ -39,6 +39,10 @@ const Message = ({
   noAvatar?: boolean;
   restart?: () => void;
 }) => {
+  if (message === undefined) {
+    return null;
+  }
+
   switch (message.type) {
     case MessageType.User:
       return (
diff --git a/components/script/useChatSocket.tsx b/components/script/useChatSocket.tsx
@@ -31,6 +31,8 @@ const useChatSocket = (isEmpty?: boolean) => {
     'github.com/gptscript-ai/gateway-provider',
     'github.com/gptscript-ai/gateway-creds',
   ]);
+  // trustedOpenAPIRef contains a mapping of OpenAPI run tools to OpenAPI operation names that have been trusted.
+  const trustedOpenAPIRef = useRef<Record<string, Record<string, boolean>>>({});
 
   // update the refs as the state changes
   useEffect(() => {
@@ -190,11 +192,16 @@ const useChatSocket = (isEmpty?: boolean) => {
       }
 
       let confirmMessage = `Proceed with calling the ${frame.tool.name} tool?`;
-      if (frame.displayText) {
+      if (
+        !frame.tool.instructions?.startsWith('#!sys.openapi') &&
+        frame.displayText
+      ) {
         const tool = frame.tool?.name?.replace('sys.', '');
         confirmMessage = frame.tool?.source?.repo
           ? `Proceed with running the following (or allow all calls from the **${trimRepo(frame.tool?.source.repo!.Root)}** repo)?`
           : `Proceed with running the following (or allow all **${tool}** calls)?`;
+      } else if (frame.tool.instructions?.startsWith('#!sys.openapi')) {
+        confirmMessage = `Proceed with running the following API operation (or allow all runs of this operation)?`;
       }
 
       const form = (
@@ -267,6 +274,28 @@ const useChatSocket = (isEmpty?: boolean) => {
   const alreadyAllowed = (frame: CallFrame): boolean => {
     if (!frame.tool) return false;
 
+    if (frame.tool.instructions?.startsWith('#!sys.openapi')) {
+      // If the tool is an OpenAPI tool to list operations or get the schema for an operation, allow it.
+      if (
+        frame.tool.instructions?.split(' ').length > 2 &&
+        (frame.tool.instructions?.split(' ')[1] == 'list' ||
+          frame.tool.instructions?.split(' ')[1] == 'get-schema')
+      ) {
+        return true;
+      }
+
+      // If the tool is an OpenAPI tool to run an operation, check if it has been trusted.
+      if (!frame.tool.name) {
+        return false;
+      }
+
+      const operation = JSON.parse(frame.input as string)['operation'];
+      return (
+        trustedOpenAPIRef.current[frame.tool.name] &&
+        trustedOpenAPIRef.current[frame.tool.name][operation]
+      );
+    }
+
     // Check if the tool has already been allowed
     if (frame.tool.name && trustedRef.current[frame.tool.name]) return true;
 
@@ -293,6 +322,22 @@ const useChatSocket = (isEmpty?: boolean) => {
   const addTrustedFor = (frame: CallFrame) => {
     if (!frame.tool) return () => {};
 
+    if (
+      frame.tool.instructions &&
+      frame.tool.name &&
+      frame.tool.instructions.startsWith('#!sys.openapi')
+    ) {
+      return () => {
+        const toolName = frame.tool?.name ?? ''; // Not possible for this to be null, but I have to satisfy the type checker.
+        const operation = JSON.parse(frame.input as string)['operation'];
+
+        if (!trustedOpenAPIRef.current[toolName]) {
+          trustedOpenAPIRef.current[toolName] = {};
+        }
+        trustedOpenAPIRef.current[toolName][operation] = true;
+      };
+    }
+
     return frame.tool.source?.repo
       ? () => {
           const repo = frame.tool!.source?.repo!.Root;
