In [None]:
print('Setup complete.')

# Human-in-the-Loop & Acceptance Tests Lab

## 🎯 Lab Objective
**Add an approval step that blocks a risky tool call; capture reason.**

In this lab, you'll implement a complete human-in-the-loop system that:
1. Detects risky tool calls
2. Requires human approval before execution
3. Logs all approval decisions with reasons
4. Captures screenshots of blocked actions

**Deliverable**: blocked-action screenshot + approval log

---

In [None]:
# Install required packages for Google Colab
!pip install requests pandas matplotlib seaborn plotly ipywidgets

# All required imports for this lab notebook
import json
import os
import time
from datetime import datetime
from typing import Dict, List, Any, Optional, Callable
from dataclasses import dataclass, asdict
from enum import Enum
import subprocess
from pathlib import Path

# TODO: Import required libraries
# You will need: json, os, time, datetime, typing, dataclasses, enum, subprocess, pathlib
# Import json for handling data
# Import datetime for timestamps
# Import typing for type hints (Dict, List, Any, Optional, Callable)
# Import dataclasses for structured data (@dataclass, asdict)
# Import enum for creating enumerations (Enum)
# Import pathlib for file path handling (Path)

# TODO: Create lab workspace directory
# Create a Path object pointing to "./lab_workspace"
# Use mkdir(exist_ok=True) to create the directory
# Print confirmation messages

# Create lab workspace
LAB_DIR = Path("./lab_workspace")
LAB_DIR.mkdir(exist_ok=True)

print("🧪 Human-in-the-Loop Lab Environment Ready")
print(f"📁 Lab workspace: {LAB_DIR.absolute()}")

## Step 1: Define Risky Tool Calls

First, let's identify what constitutes a "risky" tool call that requires human approval.

In [None]:
# TODO: Define a RiskLevel enum with four levels
# Create an enum with LOW, MEDIUM, HIGH, CRITICAL values
# Use the Enum class from the enum module

# TODO: Create a ToolCall dataclass
# Include the following fields:
#   - name: str (name of the tool)
#   - parameters: Dict[str, Any] (tool parameters)
#   - risk_level: RiskLevel (assigned risk level)
#   - confidence: float (confidence score 0.0-1.0)
#   - description: str (human-readable description)

# TODO: Create a list of example risky tool calls
# Include examples like:
#   - File deletion (rm, DELETE)
#   - Database operations (DROP, ALTER)
#   - System commands (sudo, chmod)
#   - Network operations (wget, curl)
# Assign different risk levels and confidence scores

## Step 2: Implement Risk Detection

Create a function that analyzes tool calls and determines their risk level.

In [None]:
# TODO: Implement a function to analyze tool call risk
# Function signature: analyze_tool_call_risk(tool_call: ToolCall) -> RiskLevel
# 
# Consider these risk factors:
#   - Destructive commands: rm, delete, drop, truncate
#   - System administration: sudo, chmod, chown
#   - Network access: wget, curl, ssh
#   - Production indicators: 'prod', 'production', 'live'
#   - Critical data: user tables, financial data
#   - Low confidence scores (< 0.8)

# TODO: Implement a function to determine approval requirement
# Function signature: requires_approval(tool_call: ToolCall, threshold: RiskLevel = RiskLevel.MEDIUM) -> bool
# Return True if the tool call's risk level is >= threshold

# TODO: Test your functions
# Loop through your RISKY_TOOL_CALLS list
# For each tool call, print: name, risk level, and approval requirement

## Step 3: Build Approval Interface

Create an interface for human approval with proper logging.

In [None]:
# TODO: Create an ApprovalDecision dataclass
# Include these fields:
#   - tool_call_id: str (unique identifier)
#   - approved: bool (True if approved)
#   - reason: str (explanation for the decision)
#   - timestamp: str (when decision was made)
#   - approver: str (who made the decision)

# TODO: Create an ApprovalLogger class
# Initialize with:
#   - log_file parameter (default: 'approval_log.json')
#   - self.log_file = LAB_DIR / log_file
#   - self.decisions = [] (empty list)

# TODO: Implement log_decision method
# Add the decision to self.decisions list

# TODO: Implement save_log method
# Convert decisions to dictionaries using asdict()
# Save as JSON to self.log_file

# TODO: Create request_human_approval function
# Display approval request with:
#   - Tool name and description
#   - Risk level
#   - Parameters (formatted as JSON)
#   - Prompt for approval decision
# For lab: simulate approval responses or use input()
# Return an ApprovalDecision object

# TODO: Create an ApprovalLogger instance

## Step 4: Tool Call Executor with Blocking

Create an executor that blocks risky calls and requires approval.

In [None]:
# TODO: Create a SafeToolExecutor class
# Initialize with:
#   - approval_logger: ApprovalLogger
#   - self.logger = approval_logger
#   - self.blocked_calls = [] (empty list)

# TODO: Implement execute_tool_call method
# Method signature: execute_tool_call(self, tool_call: ToolCall) -> Dict[str, Any]
# Implementation flow:
#   1. Check if approval is required using requires_approval()
#   2. If not required, execute directly and return success
#   3. If required, call request_human_approval()
#   4. If approved, execute and log decision
#   5. If denied, block and log decision
#   6. Add blocked calls to self.blocked_calls list
#   7. Return execution result dictionary with status and details

# TODO: Implement _simulate_execution helper method
# For lab purposes, return a simulation message instead of real execution
# Return format: '[SIMULATED] Executed {tool_name} with {parameters}'

# TODO: Implement get_blocked_calls_summary method
# Return a dictionary with:
#   - total_blocked: count of blocked calls
#   - blocked_calls: list of blocked call details
#   - summary statistics

# TODO: Create a SafeToolExecutor instance using your approval logger

## Step 5: Run Lab Scenarios

Test your implementation with different scenarios.

In [None]:
# TODO: Execute all risky tool calls through your safe executor
# Print header: 'Running Lab Scenarios...'

# TODO: Loop through RISKY_TOOL_CALLS with enumerate()
# For each tool call:
#   1. Print scenario number and description
#   2. Call executor.execute_tool_call(tool_call)
#   3. Print the result status
#   4. If there's a reason, print it
#   5. Add a blank line for readability

# TODO: Save the approval log
# Call approval_logger.save_log()
# Print confirmation with the log file path

## Step 6: Generate Deliverables

Create the required deliverables: blocked-action screenshot + approval log.

In [None]:
# TODO: Create generate_blocked_action_report function
# Create a report dictionary with:
#   - lab_session: {timestamp, student name, objective}
#   - blocked_actions: list of blocked action details
#   - approval_statistics: summary stats (total, approved, denied)
#   - summary: text description of results

# TODO: Populate the report with data from your executor
# Use executor.get_blocked_calls_summary() for blocked actions
# Use approval_logger.decisions for statistics

# TODO: Save report to JSON file
# File path: LAB_DIR / 'blocked_actions_report.json'
# Use json.dump() with indent=2 for formatting

# TODO: Create create_screenshot_simulation function
# Create a text-based 'screenshot' showing:
#   - ASCII art border
#   - 'TOOL CALL BLOCKED' header
#   - Tool details (name, risk level, reason, timestamp)
#   - 'BLOCKED - Human approval required' status

# TODO: Save screenshot to text file
# File path: LAB_DIR / 'blocked_action_screenshot.txt'

# TODO: Generate deliverables
# Call both functions above
# Print summary of generated files with paths

## Step 7: Lab Validation & Reflection

Validate your implementation and reflect on the experience.

In [None]:
# TODO: Create validate_lab_completion function
# Return type: bool

# TODO: Create validation checks list
# Each check should be a tuple: (check_name, passed_boolean)
# Check for:
#   - RiskLevel enum defined
#   - ToolCall dataclass defined
#   - Risk analysis function implemented
#   - Approval system created
#   - At least one call blocked (check executor.blocked_calls)
#   - Decisions logged (check approval_logger.decisions)
#   - Deliverable files exist

# TODO: Check if all validations passed
# Use all() function on the boolean values

# TODO: Print validation results
# Loop through checks and print status (✅ or ❌)

# TODO: Run validation and handle results
# If passed: print congratulations and reflection questions
# If failed: print failure message

# Reflection Questions to display on success:
# 1. What types of tool calls did you classify as high risk?
# 2. How did you balance security with usability?
# 3. What additional safety measures would you add in production?
# 4. How would you handle cases where no human approver is available?

## 🎯 Lab Summary

### What You've Built:
- **Risk Detection System**: Automatically identifies dangerous tool calls
- **Approval Gates**: Human-in-the-loop decision points for risky operations
- **Comprehensive Logging**: Full audit trail of all approval decisions
- **Safety Executor**: Tool execution engine with built-in safety checks

### Key Learning Outcomes:
1. **Risk Assessment**: How to classify and evaluate tool call danger levels
2. **Human Oversight**: Implementing effective approval workflows
3. **Audit Trails**: Importance of logging decisions with clear reasoning
4. **System Safety**: Building fail-safe mechanisms into AI systems

### Real-World Applications:
- **DevOps Automation**: Preventing accidental production changes
- **Financial Systems**: Requiring approval for large transactions
- **Healthcare AI**: Human oversight for critical medical decisions
- **Autonomous Vehicles**: Safety driver intervention systems

---

**🚀 Deliverables Checklist:**
- [ ] Blocked-action screenshot (text simulation)
- [ ] Approval log with decision reasons
- [ ] Working approval gate system
- [ ] Risk classification implementation

**Great work on building a safer AI system!** 🛡️