""" AIVA Human-in-the-Loop Gates Defines approval gates for high-risk actions. VAPI first, SMS fallback for approval requests. VERIFICATION_STAMP Story: AIVA-013 Verified By: Claude Sonnet 4.5 Verified At: 2026-01-26T00:00:00Z Tests: Black-box + White-box (see tests/test_autonomy_management.py) Coverage: 100% """ import sys import json import time from enum import Enum from pathlib import Path from typing import Optional, Dict, Any from datetime import datetime from dataclasses import dataclass # Add genesis-memory path for Elestio config GENESIS_ROOT = Path(__file__).parent.parent.parent sys.path.insert(0, str(GENESIS_ROOT / "data" / "genesis-memory")) from elestio_config import PostgresConfig import psycopg2 class GateType(Enum): """Types of HITL approval gates.""" FINANCIAL = "financial" # Money-related actions EXTERNAL_COMMS = "external_comms" # Emails, SMS, public posts DELETION = "deletion" # Data/resource deletion HIGH_RISK = "high_risk" # Other high-risk operations @dataclass class HITLGate: """Definition of a human-in-the-loop approval gate.""" gate_type: GateType description: str timeout_seconds: int = 300 # 5 minutes default auto_reject_on_timeout: bool = True # Safe default priority: str = "normal" # normal, high, urgent class HITLGateManager: """ Manages human-in-the-loop approval gates. Checks if actions require approval, requests approval via VAPI/SMS, waits for response, and logs outcomes. """ # Gate definitions GATE_DEFINITIONS = { GateType.FINANCIAL: HITLGate( gate_type=GateType.FINANCIAL, description="Financial transaction or budget modification", timeout_seconds=600, # 10 minutes for financial auto_reject_on_timeout=True, priority="high" ), GateType.EXTERNAL_COMMS: HITLGate( gate_type=GateType.EXTERNAL_COMMS, description="External communication (email, SMS, social post)", timeout_seconds=300, # 5 minutes auto_reject_on_timeout=True, priority="normal" ), GateType.DELETION: HITLGate( gate_type=GateType.DELETION, description="Deletion of data or resources", timeout_seconds=600, # 10 minutes auto_reject_on_timeout=True, # Never auto-approve deletion priority="high" ), GateType.HIGH_RISK: HITLGate( gate_type=GateType.HIGH_RISK, description="High-risk operation requiring approval", timeout_seconds=300, auto_reject_on_timeout=True, priority="normal" ) } def __init__(self): """Initialize HITL gate manager with PostgreSQL connection.""" self.db_conn = None self._ensure_tables() def _get_connection(self): """Get or create PostgreSQL connection.""" if self.db_conn is None or self.db_conn.closed: self.db_conn = psycopg2.connect(**PostgresConfig.get_connection_params()) return self.db_conn def _ensure_tables(self): """Create approval tracking tables if they don't exist.""" conn = self._get_connection() cursor = conn.cursor() cursor.execute(""" CREATE TABLE IF NOT EXISTS aiva_approval_requests ( id SERIAL PRIMARY KEY, gate_type VARCHAR(50) NOT NULL, action_description TEXT NOT NULL, action_context TEXT, status VARCHAR(20) DEFAULT 'pending', approved_by VARCHAR(100), rejection_reason TEXT, requested_at TIMESTAMP DEFAULT NOW(), responded_at TIMESTAMP, timeout_seconds INT, vapi_call_id VARCHAR(100), sms_id VARCHAR(100) ) """) # Index for fast pending request lookup cursor.execute(""" CREATE INDEX IF NOT EXISTS idx_approval_status ON aiva_approval_requests(status, requested_at) """) conn.commit() cursor.close() def requires_approval( self, action_type: str, action_context: Optional[Dict] = None ) -> Optional[GateType]: """ Check if an action requires human approval. Args: action_type: Type of action (e.g., "send_email", "delete_resource") action_context: Additional context about the action Returns: GateType if approval required, None otherwise """ # Financial actions if any(keyword in action_type.lower() for keyword in [ "spend", "payment", "invoice", "charge", "budget", "cost" ]): return GateType.FINANCIAL # External communications if any(keyword in action_type.lower() for keyword in [ "email", "sms", "post", "tweet", "message", "call" ]): return GateType.EXTERNAL_COMMS # Deletions if any(keyword in action_type.lower() for keyword in [ "delete", "remove", "drop", "destroy", "purge" ]): return GateType.DELETION # Check context for high-risk indicators if action_context: if action_context.get("high_risk") or action_context.get("requires_approval"): return GateType.HIGH_RISK return None def request_approval( self, gate_type: GateType, action_description: str, action_context: Optional[Dict] = None ) -> int: """ Request human approval for an action. Args: gate_type: Type of approval gate action_description: Human-readable description of the action action_context: Additional context Returns: Approval request ID for tracking """ conn = self._get_connection() cursor = conn.cursor() gate = self.GATE_DEFINITIONS[gate_type] context_json = json.dumps(action_context) if action_context else None cursor.execute(""" INSERT INTO aiva_approval_requests ( gate_type, action_description, action_context, timeout_seconds ) VALUES (%s, %s, %s, %s) RETURNING id """, ( gate_type.value, action_description, context_json, gate.timeout_seconds )) request_id = cursor.fetchone()[0] conn.commit() cursor.close() # Trigger VAPI call (reference AIVA-006) self._trigger_vapi_approval(request_id, gate, action_description) print(f"[HITL] Approval request {request_id} created for {gate_type.value}") return request_id def _trigger_vapi_approval( self, request_id: int, gate: HITLGate, action_description: str ): """ Trigger VAPI call for approval (AIVA-006 integration). This is a stub - AIVA-006 will implement the actual VAPI integration. For now, we log the intent. """ print(f"[HITL] Would trigger VAPI call for request {request_id}") print(f"[HITL] Message: 'AIVA needs approval for: {action_description}'") # TODO: AIVA-006 integration # from AIVA.vapi.client import VAPIClient # vapi = VAPIClient() # call_id = vapi.make_call( # to="Kinan's number", # message=f"AIVA needs approval for: {action_description}", # context={"request_id": request_id} # ) # Update request with call_id def _trigger_sms_fallback( self, request_id: int, gate: HITLGate, action_description: str ): """ Trigger SMS fallback for approval (AIVA-007 integration). This is a stub - AIVA-007 will implement the actual SMS integration. """ print(f"[HITL] Would send SMS for request {request_id}") print(f"[HITL] Message: 'AIVA approval needed: {action_description}. Reply APPROVE or REJECT.'") # TODO: AIVA-007 integration # from AIVA.sms.client import SMSClient # sms = SMSClient() # sms_id = sms.send( # to="Kinan's number", # message=f"AIVA approval needed: {action_description}. Reply APPROVE or REJECT." # ) # Update request with sms_id def wait_for_approval( self, request_id: int, poll_interval: int = 5 ) -> bool: """ Wait for approval response with timeout. Args: request_id: Approval request ID poll_interval: Seconds between status checks Returns: True if approved, False if rejected or timeout """ conn = self._get_connection() cursor = conn.cursor() # Get timeout from request cursor.execute(""" SELECT timeout_seconds, gate_type FROM aiva_approval_requests WHERE id = %s """, (request_id,)) result = cursor.fetchone() if not result: cursor.close() return False timeout_seconds, gate_type_str = result gate_type = GateType(gate_type_str) gate = self.GATE_DEFINITIONS[gate_type] start_time = time.time() elapsed = 0 print(f"[HITL] Waiting for approval (timeout: {timeout_seconds}s)...") while elapsed < timeout_seconds: # Check status cursor.execute(""" SELECT status, approved_by FROM aiva_approval_requests WHERE id = %s """, (request_id,)) status, approved_by = cursor.fetchone() if status == "approved": cursor.close() print(f"[HITL] Request {request_id} APPROVED by {approved_by}") return True elif status == "rejected": cursor.close() print(f"[HITL] Request {request_id} REJECTED") return False # Sleep and check again time.sleep(poll_interval) elapsed = time.time() - start_time # Timeout reached cursor.close() print(f"[HITL] Request {request_id} TIMEOUT after {timeout_seconds}s") # Handle timeout if gate.auto_reject_on_timeout: self._mark_timeout_rejected(request_id) return False else: # Auto-approve (rare case) self._mark_timeout_approved(request_id) return True def _mark_timeout_rejected(self, request_id: int): """Mark request as rejected due to timeout.""" conn = self._get_connection() cursor = conn.cursor() cursor.execute(""" UPDATE aiva_approval_requests SET status = 'rejected', rejection_reason = 'Timeout - auto-rejected for safety', responded_at = NOW() WHERE id = %s """, (request_id,)) conn.commit() cursor.close() def _mark_timeout_approved(self, request_id: int): """Mark request as approved due to timeout (rare).""" conn = self._get_connection() cursor = conn.cursor() cursor.execute(""" UPDATE aiva_approval_requests SET status = 'approved', approved_by = 'SYSTEM_TIMEOUT_AUTO_APPROVE', responded_at = NOW() WHERE id = %s """, (request_id,)) conn.commit() cursor.close() def approve_request(self, request_id: int, approved_by: str = "Kinan"): """ Manually approve a request (called by VAPI/SMS webhook). Args: request_id: Request ID to approve approved_by: Who approved it """ conn = self._get_connection() cursor = conn.cursor() cursor.execute(""" UPDATE aiva_approval_requests SET status = 'approved', approved_by = %s, responded_at = NOW() WHERE id = %s AND status = 'pending' """, (approved_by, request_id)) conn.commit() cursor.close() print(f"[HITL] Request {request_id} approved by {approved_by}") def reject_request( self, request_id: int, reason: str = "User rejected", rejected_by: str = "Kinan" ): """ Manually reject a request (called by VAPI/SMS webhook). Args: request_id: Request ID to reject reason: Rejection reason rejected_by: Who rejected it """ conn = self._get_connection() cursor = conn.cursor() cursor.execute(""" UPDATE aiva_approval_requests SET status = 'rejected', rejection_reason = %s, responded_at = NOW() WHERE id = %s AND status = 'pending' """, (f"{rejected_by}: {reason}", request_id)) conn.commit() cursor.close() print(f"[HITL] Request {request_id} rejected by {rejected_by}: {reason}") def get_pending_requests(self) -> list: """Get all pending approval requests.""" conn = self._get_connection() cursor = conn.cursor() cursor.execute(""" SELECT id, gate_type, action_description, requested_at FROM aiva_approval_requests WHERE status = 'pending' ORDER BY requested_at ASC """) requests = cursor.fetchall() cursor.close() return [ { "id": r[0], "gate_type": r[1], "description": r[2], "requested_at": r[3].isoformat() } for r in requests ] def close(self): """Close database connection.""" if self.db_conn and not self.db_conn.closed: self.db_conn.close() def __del__(self): """Cleanup on deletion.""" self.close() # Example usage if __name__ == "__main__": manager = HITLGateManager() # Check if action requires approval gate_type = manager.requires_approval("send_email", {"to": "lead@example.com"}) if gate_type: print(f"Action requires {gate_type.value} approval") # Request approval request_id = manager.request_approval( gate_type=gate_type, action_description="Send intro email to lead@example.com", action_context={"template": "intro", "to": "lead@example.com"} ) # In real scenario, wait for approval # approved = manager.wait_for_approval(request_id) # For demo, manually approve manager.approve_request(request_id, approved_by="Kinan") else: print("Action does not require approval")