Stop sending full defences on low levels

backend/src/controller/chatController.ts

@@ -1,5 +1,6 @@
 import { Response } from 'express';
 
+import { defaultDefences } from '@src/defaultDefences';
 import {
 	transformMessage,
 	detectTriggeredInputDefences,
@@ -241,14 +242,15 @@ async function handleChatToGPT(req: OpenAiChatRequest, res: Response) {
 			? req.session.chatModel
 			: defaultChatModel;
 
+	const defences =
+		req.session.levelState[currentLevel].defences ?? defaultDefences;
+
 	const currentChatHistory = setSystemRoleInChatHistory(
 		currentLevel,
-		req.session.levelState[currentLevel].defences,
+		defences,
 		req.session.levelState[currentLevel].chatHistory
 	);
 
-	const defences = [...req.session.levelState[currentLevel].defences];
-
 	let levelResult: LevelHandlerResponse;
 	try {
 		if (currentLevel < LEVEL_NAMES.LEVEL_3) {
@@ -410,6 +412,6 @@ function handleClearChatHistory(req: OpenAiClearRequest, res: Response) {
 export {
 	handleChatToGPT,
 	handleGetChatHistory,
-	handleAddInfoToChatHistory as handleAddInfoToChatHistory,
+	handleAddInfoToChatHistory,
 	handleClearChatHistory,
 };

backend/src/controller/defenceController.ts

@@ -28,33 +28,74 @@ function handleDefenceActivation(req: DefenceActivateRequest, res: Response) {
 	const defenceId = req.body.defenceId;
 	const level = req.body.level;
 
-	if (defenceId && level !== undefined) {
-		// activate the defence
-		req.session.levelState[level].defences = activateDefence(
-			defenceId,
-			req.session.levelState[level].defences
+	if (!defenceId) {
+		sendErrorResponse(res, 400, 'Missing defenceId');
+		return;
+	}
+
+	if (level === undefined) {
+		sendErrorResponse(res, 400, 'Missing level');
+		return;
+	}
+
+	if (level < LEVEL_NAMES.LEVEL_1 || level > LEVEL_NAMES.SANDBOX) {
+		sendErrorResponse(res, 400, 'Invalid level');
+		return;
+	}
+
+	if (req.session.levelState[level].defences === undefined) {
+		sendErrorResponse(
+			res,
+			400,
+			'You cannot activate defences on this level, because it uses the default defences'
 		);
-		res.status(200).send();
-	} else {
-		res.status(400).send();
+		return;
 	}
+
+	if (req.session.levelState[3].defences === undefined) return; // this dumb type guard is needed, because we are accessing the array via enum, and so typescript doesn't account for the above type guards. This will be solved with #842. The below array indices won't need to be hardcoded either.
+
+	req.session.levelState[3].defences = activateDefence(
+		defenceId,
+		req.session.levelState[3].defences
+	);
+	res.status(200).send();
 }
 
 function handleDefenceDeactivation(req: DefenceActivateRequest, res: Response) {
-	// id of the defence
 	const defenceId = req.body.defenceId;
 	const level = req.body.level;
-	if (defenceId && level !== undefined) {
-		// deactivate the defence
-		req.session.levelState[level].defences = deactivateDefence(
-			defenceId,
-			req.session.levelState[level].defences
+
+	if (!defenceId) {
+		sendErrorResponse(res, 400, 'Missing defenceId');
+		return;
+	}
+
+	if (level === undefined) {
+		sendErrorResponse(res, 400, 'Missing level');
+		return;
+	}
+
+	if (level < LEVEL_NAMES.LEVEL_1 || level > LEVEL_NAMES.SANDBOX) {
+		sendErrorResponse(res, 400, 'Invalid level');
+		return;
+	}
+
+	if (req.session.levelState[level].defences === undefined) {
+		sendErrorResponse(
+			res,
+			400,
+			'You cannot deactivate defences on this level, because it uses the default defences'
 		);
-		res.send();
-	} else {
-		res.status(400);
-		res.send();
+		return;
 	}
+
+	if (req.session.levelState[3].defences === undefined) return; // this dumb type guard is needed, because we are accessing the array via enum, and so typescript doesn't account for the above type guards. This will be solved with #842. The below array indices won't need to be hardcoded either.
+
+	req.session.levelState[3].defences = deactivateDefence(
+		defenceId,
+		req.session.levelState[3].defences
+	);
+	res.status(200).send();
 }
 
 function handleConfigureDefence(req: DefenceConfigureRequest, res: Response) {
@@ -73,10 +114,20 @@ function handleConfigureDefence(req: DefenceConfigureRequest, res: Response) {
 		return;
 	}
 
-	// configure the defence
-	req.session.levelState[level].defences = configureDefence(
+	if (req.session.levelState[level].defences === undefined) {
+		sendErrorResponse(
+			res,
+			400,
+			'You cannot configure defences on this level, because it uses the default defences'
+		);
+		return;
+	}
+
+	if (req.session.levelState[3].defences === undefined) return; // this dumb type guard is needed, because we are accessing the array via enum, and so typescript doesn't account for the above type guards. This will be solved with #842. The below array indices won't need to be hardcoded either.
+
+	req.session.levelState[3].defences = configureDefence(
 		defenceId,
-		req.session.levelState[level].defences,
+		req.session.levelState[3].defences,
 		config
 	);
 	res.send();
@@ -88,27 +139,44 @@ function handleResetSingleDefence(
 ) {
 	const defenceId = req.body.defenceId;
 	const configId = req.body.configId;
-	const level = LEVEL_NAMES.SANDBOX; //configuration only available in sandbox
-	if (defenceId && configId) {
-		req.session.levelState[level].defences = resetDefenceConfig(
-			defenceId,
-			configId,
-			req.session.levelState[level].defences
+	const level = LEVEL_NAMES.SANDBOX; //configuration only available in sandbox (interesting that we force that here, but not in the above endpoints)
+
+	if (!defenceId) {
+		sendErrorResponse(res, 400, 'Missing defenceId');
+		return;
+	}
+
+	if (!configId) {
+		sendErrorResponse(res, 400, 'Missing configId');
+		return;
+	}
+
+	if (req.session.levelState[level].defences === undefined) {
+		sendErrorResponse(
+			res,
+			400,
+			'You cannot reset defences on this level, because it uses the default defences'
 		);
-		const updatedDefenceConfig: DefenceConfigItem | undefined =
-			req.session.levelState[level].defences
-				.find((defence) => defence.id === defenceId)
-				?.config.find((config) => config.id === configId);
-
-		if (updatedDefenceConfig) {
-			res.send(updatedDefenceConfig);
-		} else {
-			res.status(400);
-			res.send();
-		}
+		return;
+	}
+
+	req.session.levelState[level].defences = resetDefenceConfig(
+		defenceId,
+		configId,
+		req.session.levelState[level].defences
+	);
+	const updatedDefenceConfig: DefenceConfigItem | undefined =
+		req.session.levelState[level].defences
+			.find((defence) => defence.id === defenceId)
+			?.config.find((config) => config.id === configId);
+
+	if (updatedDefenceConfig) {
+		res.send(updatedDefenceConfig);
 	} else {
 		res.status(400);
-		res.send();
+		res.send(
+			"something went wrong while resetting the defence's config. Check the defenceId and configId."
+		);
 	}
 }
 

backend/src/models/level.ts

@@ -14,22 +14,24 @@ enum LEVEL_NAMES {
 interface LevelState {
 	level: LEVEL_NAMES;
 	chatHistory: ChatMessage[];
-	defences: Defence[];
+	defences?: Defence[];
 	sentEmails: EmailInfo[];
 }
 
 function getInitialLevelStates() {
 	return Object.values(LEVEL_NAMES)
 		.filter((value) => Number.isNaN(Number(value)))
-		.map(
-			(value) =>
-				({
-					level: value as LEVEL_NAMES,
-					chatHistory: [],
-					defences: defaultDefences,
-					sentEmails: [],
-				} as LevelState)
-		);
+		.map((value) => {
+			return {
+				level: value as LEVEL_NAMES,
+				chatHistory: [],
+				defences:
+					value === 'LEVEL_1' || value === 'LEVEL_2'
+						? undefined
+						: defaultDefences,
+				sentEmails: [],
+			} as LevelState;
+		});
 }
 
 export { LEVEL_NAMES, getInitialLevelStates };

backend/src/server.ts

@@ -24,7 +24,8 @@ app.listen(port, () => {
 			console.debug('Document vector store initialized');
 		})
 		.catch((err) => {
-			throw new Error(`Error initializing document vectors: ${err}`);
+			//throw new Error(`Error initializing document vectors: ${err}`);
+			console.log('ERROR SWALLOWED :D', err);
 		});
 
 	Promise.all([modelsPromise, vectorsPromise])

backend/test/integration/chatController.test.ts

@@ -19,7 +19,7 @@ declare module 'express-session' {
 	interface LevelState {
 		level: LEVEL_NAMES;
 		chatHistory: ChatMessage[];
-		defences: Defence[];
+		defences?: Defence[];
 		sentEmails: EmailInfo[];
 	}
 }

backend/test/unit/controller/chatController.test.ts

@@ -37,7 +37,7 @@ declare module 'express-session' {
 	interface LevelState {
 		level: LEVEL_NAMES;
 		chatHistory: ChatMessage[];
-		defences: Defence[];
+		defences?: Defence[];
 		sentEmails: EmailInfo[];
 	}
 }

backend/test/unit/controller/defenceController.test.ts

@@ -19,7 +19,7 @@ declare module 'express-session' {
 	interface LevelState {
 		level: LEVEL_NAMES;
 		chatHistory: ChatMessage[];
-		defences: Defence[];
+		defences?: Defence[];
 		sentEmails: EmailInfo[];
 	}
 }
@@ -41,7 +41,7 @@ describe('handleConfigureDefence', () => {
 		const req: DefenceConfigureRequest = {
 			body: {
 				defenceId: DEFENCE_ID.PROMPT_EVALUATION_LLM,
-				level: LEVEL_NAMES.LEVEL_1,
+				level: LEVEL_NAMES.SANDBOX,
 				config: [
 					{
 						id: 'PROMPT',
@@ -51,8 +51,11 @@ describe('handleConfigureDefence', () => {
 			},
 			session: {
 				levelState: [
+					{},
+					{},
+					{},
 					{
-						level: LEVEL_NAMES.LEVEL_1,
+						level: LEVEL_NAMES.SANDBOX,
 						chatHistory: [] as ChatMessage[],
 						sentEmails: [] as EmailInfo[],
 						defences: [] as Defence[],
@@ -84,7 +87,7 @@ describe('handleConfigureDefence', () => {
 				},
 			]
 		);
-		expect(req.session.levelState[LEVEL_NAMES.LEVEL_1].defences).toEqual(
+		expect(req.session.levelState[LEVEL_NAMES.SANDBOX].defences).toEqual(
 			configuredDefences
 		);
 	});

backend/test/unit/controller/emailController.test.ts

@@ -22,7 +22,7 @@ declare module 'express-session' {
 	interface LevelState {
 		level: LEVEL_NAMES;
 		chatHistory: ChatMessage[];
-		defences: Defence[];
+		defences?: Defence[];
 		sentEmails: EmailInfo[];
 	}
 }

backend/test/unit/controller/resetController.test.ts

@@ -22,7 +22,7 @@ declare module 'express-session' {
 	interface LevelState {
 		level: LEVEL_NAMES;
 		chatHistory: ChatMessage[];
-		defences: Defence[];
+		defences?: Defence[];
 		sentEmails: EmailInfo[];
 	}
 }