Spaces:

ysharma
/

OPF-SmartRedact-Paste

Running on Zero

App Files Files Community

ysharma HF Staff commited on 18 days ago

Commit

f78f0c3

verified ·

1 Parent(s): f949461

Update app.py

Browse files

Files changed (1) hide show

app.py +75 -77

app.py CHANGED Viewed

@@ -1,7 +1,30 @@
 """
 ================================================
-SmartRedact Paste — "Pastebin with a conscience"
-================================================
 """
 from __future__ import annotations
@@ -16,7 +39,6 @@ from dataclasses import dataclass
 from typing import Optional
 import gradio as gr
-from fastapi import Request
 from fastapi.responses import HTMLResponse, JSONResponse
 # spaces is only available on Hugging Face Spaces; degrade gracefully
@@ -161,37 +183,37 @@ async def home():
     return HTMLResponse(_COMPOSE_HTML)
-@server.post("/api/paste")
-async def create_paste(req: Request):
-    try:
-        body = await req.json()
-    except Exception:
-        return JSONResponse({"error": "Expected JSON body"}, status_code=400)
-    text = (body.get("text") or "").strip()
-    ttl_key = body.get("ttl", "never")
     if not text:
-        return JSONResponse({"error": "Paste is empty"}, status_code=400)
     if len(text) > MAX_PASTE_CHARS:
-        return JSONResponse(
-            {"error": f"Paste exceeds {MAX_PASTE_CHARS:,} characters"},
-            status_code=413,
-        )
-    if ttl_key not in TTL_CHOICES:
-        return JSONResponse({"error": f"Unknown ttl {ttl_key!r}"}, status_code=400)
     try:
         source_text, spans = analyze(text)
-    except Exception as exc:  # model failure is the only realistic path here
-        return JSONResponse({"error": f"OPF inference failed: {exc}"},
-                            status_code=500)
     redacted = redact(source_text, spans)
     stats = compute_stats(source_text, spans)
     pid = secrets.token_urlsafe(6)
     reveal_token = secrets.token_urlsafe(22)
-    ttl_sec = TTL_CHOICES[ttl_key]
     now = time.time()
     expires_at = (now + ttl_sec) if ttl_sec is not None else None
@@ -202,15 +224,16 @@ async def create_paste(req: Request):
         created_at=now, expires_at=expires_at,
     ))
-    return JSONResponse({
         "id": pid,
         "reveal_token": reveal_token,
         "view_path": f"/view/{pid}",
         "reveal_path": f"/view/{pid}?token={reveal_token}",
         "expires_at": expires_at,
         "stats": stats,
         "categories_meta": CATEGORIES_META,
-    })
 @server.get("/view/{pid}", response_class=HTMLResponse)
@@ -232,6 +255,7 @@ async def view_paste(pid: str, token: Optional[str] = None):
 @server.get("/api/paste/{pid}")
 async def api_get_paste(pid: str, token: Optional[str] = None):
     p = _store_get(pid)
     if p is None:
         return JSONResponse({"error": "not found or expired"}, status_code=404)
@@ -251,39 +275,6 @@ async def api_get_paste(pid: str, token: Optional[str] = None):
     return JSONResponse(payload)
-@server.api(name="analyze_paste")
-def analyze_paste_api(text: str, ttl: str = "never") -> str:
-    """Programmatic endpoint for gradio-client SDK.
-    Creates a paste and returns the paste id, reveal token, and stats as
-    a JSON string. Callers must combine the paths with the Space's base
-    URL to form shareable links."""
-    if ttl not in TTL_CHOICES:
-        return json.dumps({"error": f"Unknown ttl {ttl!r}"})
-    source_text, spans = analyze(text)
-    redacted = redact(source_text, spans)
-    stats = compute_stats(source_text, spans)
-    pid = secrets.token_urlsafe(6)
-    reveal_token = secrets.token_urlsafe(22)
-    ttl_sec = TTL_CHOICES[ttl]
-    now = time.time()
-    expires_at = (now + ttl_sec) if ttl_sec is not None else None
-    _store_put(Paste(
-        id=pid, reveal_token=reveal_token,
-        original=source_text, redacted=redacted,
-        spans=spans, stats=stats,
-        created_at=now, expires_at=expires_at,
-    ))
-    return json.dumps({
-        "id": pid,
-        "reveal_token": reveal_token,
-        "view_path": f"/view/{pid}",
-        "reveal_path": f"/view/{pid}?token={reveal_token}",
-        "expires_at": expires_at,
-        "stats": stats,
-    })
 # ── HTML rendering ────────────────────────────────────────────────
 def _escape(text: str) -> str:
@@ -505,7 +496,7 @@ _COMPOSE_HTML = r"""<!DOCTYPE html>
 <head>
 <meta charset="UTF-8">
 <meta name="viewport" content="width=device-width,initial-scale=1">
-<title>SmartRedact Paste — Pastebin with a conscience</title>
 <link rel="preconnect" href="https://fonts.googleapis.com">
 <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
 <link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=JetBrains+Mono:wght@400;500&family=Instrument+Serif:ital@0;1&display=swap" rel="stylesheet">
@@ -612,7 +603,7 @@ _COMPOSE_HTML = r"""<!DOCTYPE html>
 .pp-footer{
   margin-top:28px;padding-top:22px;border-top:0.5px solid var(--line);
-  display:flex;justify-content:space-between;gap:16px;color:var(--ink-faint);font-size:14px;flex-wrap:wrap;
 }
 .pp-footer a{color:var(--ink-dim)}
@@ -642,7 +633,7 @@ _COMPOSE_HTML = r"""<!DOCTYPE html>
   <div class="pp-brand">
     <div class="pp-brand-mark">P</div>
-    <div class="pp-brand-name">SmartRedact Paste<span class="sub">pastebin with a conscience</span></div>
   </div>
   <div class="pp-hero">
@@ -727,11 +718,21 @@ _COMPOSE_HTML = r"""<!DOCTYPE html>
   </section>
   <footer class="pp-footer">
-    <div>Powered by <b>gr.Server</b> · <a href="https://huggingface.co/openai/privacy-filter" target="_blank" rel="noopener"><b>OpenAI Privacy Filter</b></a> · 1.5B params, 50M active, 128k context</div>
   </footer>
 </div>
-<script>
 const CATS = """ + _CATEGORIES_JSON + r""";
 const MAX = """ + str(MAX_PASTE_CHARS) + r""";
@@ -795,21 +796,18 @@ async function createPaste(){
   $btn.disabled = true; $load.classList.add('on'); $ok.classList.remove('on');
   try{
-    const r = await fetch('/api/paste', {
-      method: 'POST',
-      headers: {'Content-Type': 'application/json'},
-      body: JSON.stringify({text, ttl}),
-    });
-    const data = await r.json();
-    if (!r.ok) throw new Error(data.error || ('HTTP ' + r.status));
     const origin = window.location.origin;
     document.getElementById('pp-view-url').value   = origin + data.view_path;
     document.getElementById('pp-reveal-url').value = origin + data.reveal_path;
-    // Fetch public redacted version to preview
-    const pv = await fetch('/api/paste/' + data.id).then(x => x.json());
-    document.getElementById('pp-preview-redacted').innerHTML = renderRedacted(pv.redacted);
     const s = data.stats;
     const cats = Object.entries(s.categories).sort((a,b) => b[1].count - a[1].count);
@@ -860,7 +858,7 @@ _VIEW_HTML = r"""<!DOCTYPE html>
 <head>
 <meta charset="UTF-8">
 <meta name="viewport" content="width=device-width,initial-scale=1">
-<title>Paste __PID__ — SmartRedact Paste</title>
 <link rel="preconnect" href="https://fonts.googleapis.com">
 <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
 <link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=JetBrains+Mono:wght@400;500&family=Instrument+Serif:ital@0;1&display=swap" rel="stylesheet">
@@ -934,7 +932,7 @@ _VIEW_HTML = r"""<!DOCTYPE html>
   <div class="pp-brand">
     <a href="/" style="text-decoration:none;display:flex;align-items:center;gap:10px">
       <div class="pp-brand-mark">P</div>
-      <div class="pp-brand-name">SmartRedact Paste<span class="sub">pastebin with a conscience</span></div>
     </a>
   </div>
@@ -977,7 +975,7 @@ _NOT_FOUND_HTML = r"""<!DOCTYPE html>
 <head>
 <meta charset="UTF-8">
 <meta name="viewport" content="width=device-width,initial-scale=1">
-<title>Paste not found — SmartRedact Paste</title>
 <link rel="preconnect" href="https://fonts.googleapis.com">
 <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
 <link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=JetBrains+Mono:wght@400;500&family=Instrument+Serif:ital@0;1&display=swap" rel="stylesheet">
@@ -998,7 +996,7 @@ _NOT_FOUND_HTML = r"""<!DOCTYPE html>
   <div class="pp-brand">
     <a href="/" style="text-decoration:none;display:flex;align-items:center;gap:10px">
       <div class="pp-brand-mark">P</div>
-      <div class="pp-brand-name">SmartRedact Paste<span class="sub">pastebin with a conscience</span></div>
     </a>
   </div>
   <div class="pp-404">
@@ -1015,4 +1013,4 @@ _NOT_FOUND_HTML = r"""<!DOCTYPE html>
 # ── launch ────────────────────────────────────────────────────────
 if __name__ == "__main__":
-    server.launch(server_name="0.0.0.0", server_port=7860, show_error=True)

 """
+DLP Paste-Proxy — "Pastebin with a conscience"
 ================================================
+A sleek paste-to-share service. The author pastes PII-rich text and gets
+a shareable URL. Recipients at that URL see the OPF-redacted version by
+default; a separate "reveal" link guarded by an unguessable token shows
+the original.
+Why gr.Server?  We need four HTTP surfaces that don't map cleanly onto
+gr.Blocks event wiring:
+  * @server.api create_paste     - accept paste, run OPF, mint IDs
+                                   (queued compute → @gradio/client)
+  * GET  /view/{id}              - public redacted view page
+  * GET  /view/{id}?token=...    - author's reveal page
+  * GET  /api/paste/{pid}        - JSON lookup of an existing paste
+plus a background sweeper for auto-expiry.
+The create_paste endpoint is the only one that runs the OPF model,
+so it is the only one that needs Gradio's queue + ZeroGPU wiring —
+the other three are pure lookup/rendering and are served as plain
+FastAPI routes, which the gradio.Server blog recommends for static
+content.
+Storage is an in-process dict. That is fine for a public demo — the
+point is to illustrate the request-composition model; it is NOT a
+durable pastebin. Restarting the Space clears all pastes.
 """
 from __future__ import annotations
 from typing import Optional
 import gradio as gr
 from fastapi.responses import HTMLResponse, JSONResponse
 # spaces is only available on Hugging Face Spaces; degrade gracefully
     return HTMLResponse(_COMPOSE_HTML)
+@server.api(name="create_paste")
+def create_paste_api(text: str, ttl: str = "never") -> dict:
+    """Scan text with the OPF model, mint a paste id + reveal token,
+    and return all the metadata the caller needs to build share URLs.
+    This is a @server.api route (not a plain FastAPI POST) because it
+    runs the @spaces.GPU-decorated `analyze` — we want the request to
+    go through Gradio's queue so concurrent callers don't stomp on
+    each other's ZeroGPU allocations. Both the browser (via
+    @gradio/client) and Python clients (via gradio_client) hit the
+    same endpoint.
+    """
+    text = (text or "").strip()
     if not text:
+        return {"error": "Paste is empty"}
     if len(text) > MAX_PASTE_CHARS:
+        return {"error": f"Paste exceeds {MAX_PASTE_CHARS:,} characters"}
+    if ttl not in TTL_CHOICES:
+        return {"error": f"Unknown ttl {ttl!r}"}
     try:
         source_text, spans = analyze(text)
+    except Exception as exc:
+        return {"error": f"OPF inference failed: {exc}"}
     redacted = redact(source_text, spans)
     stats = compute_stats(source_text, spans)
     pid = secrets.token_urlsafe(6)
     reveal_token = secrets.token_urlsafe(22)
+    ttl_sec = TTL_CHOICES[ttl]
     now = time.time()
     expires_at = (now + ttl_sec) if ttl_sec is not None else None
         created_at=now, expires_at=expires_at,
     ))
+    return {
         "id": pid,
         "reveal_token": reveal_token,
         "view_path": f"/view/{pid}",
         "reveal_path": f"/view/{pid}?token={reveal_token}",
         "expires_at": expires_at,
         "stats": stats,
+        "redacted": redacted,  # let the frontend render a preview without a second round-trip
         "categories_meta": CATEGORIES_META,
+    }
 @server.get("/view/{pid}", response_class=HTMLResponse)
 @server.get("/api/paste/{pid}")
 async def api_get_paste(pid: str, token: Optional[str] = None):
+    """Plain FastAPI read-only lookup — no compute, no queue needed."""
     p = _store_get(pid)
     if p is None:
         return JSONResponse({"error": "not found or expired"}, status_code=404)
     return JSONResponse(payload)
 # ── HTML rendering ────────────────────────────────────────────────
 def _escape(text: str) -> str:
 <head>
 <meta charset="UTF-8">
 <meta name="viewport" content="width=device-width,initial-scale=1">
+<title>DLP Paste-Proxy — Pastebin with a conscience</title>
 <link rel="preconnect" href="https://fonts.googleapis.com">
 <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
 <link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=JetBrains+Mono:wght@400;500&family=Instrument+Serif:ital@0;1&display=swap" rel="stylesheet">
 .pp-footer{
   margin-top:28px;padding-top:22px;border-top:0.5px solid var(--line);
+  display:flex;justify-content:space-between;gap:16px;color:var(--ink-faint);font-size:12px;flex-wrap:wrap;
 }
 .pp-footer a{color:var(--ink-dim)}
   <div class="pp-brand">
     <div class="pp-brand-mark">P</div>
+    <div class="pp-brand-name">DLP Paste-Proxy<span class="sub">pastebin with a conscience</span></div>
   </div>
   <div class="pp-hero">
   </section>
   <footer class="pp-footer">
+    <div>Powered by <a href="https://huggingface.co/openai/privacy-filter" target="_blank" rel="noopener">OpenAI Privacy Filter</a> · 1.5B params, 50M active, 128k context</div>
+    <div><a href="#" id="pp-about">How this works →</a></div>
   </footer>
 </div>
+<script type="module">
+// ══════════════════════════════════════════════════════════════════
+// Gradio JS client — hits the queued @server.api create_paste route
+// so the OPF model call is serialized through Gradio's queue and
+// plays nicely with @spaces.GPU on ZeroGPU.
+// ══════════════════════════════════════════════════════════════════
+import { Client } from "https://cdn.jsdelivr.net/npm/@gradio/client/dist/index.min.js";
+const clientPromise = Client.connect(window.location.origin);
 const CATS = """ + _CATEGORIES_JSON + r""";
 const MAX = """ + str(MAX_PASTE_CHARS) + r""";
   $btn.disabled = true; $load.classList.add('on'); $ok.classList.remove('on');
   try{
+    const client = await clientPromise;
+    const result = await client.predict("/create_paste", { text, ttl });
+    const data = result.data[0] || {};
+    if (data.error) throw new Error(data.error);
     const origin = window.location.origin;
     document.getElementById('pp-view-url').value   = origin + data.view_path;
     document.getElementById('pp-reveal-url').value = origin + data.reveal_path;
+    // create_paste already returns the redacted preview in-line, so
+    // no second round-trip to /api/paste/{id} is needed here.
+    document.getElementById('pp-preview-redacted').innerHTML = renderRedacted(data.redacted || '');
     const s = data.stats;
     const cats = Object.entries(s.categories).sort((a,b) => b[1].count - a[1].count);
 <head>
 <meta charset="UTF-8">
 <meta name="viewport" content="width=device-width,initial-scale=1">
+<title>Paste __PID__ — DLP Paste-Proxy</title>
 <link rel="preconnect" href="https://fonts.googleapis.com">
 <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
 <link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=JetBrains+Mono:wght@400;500&family=Instrument+Serif:ital@0;1&display=swap" rel="stylesheet">
   <div class="pp-brand">
     <a href="/" style="text-decoration:none;display:flex;align-items:center;gap:10px">
       <div class="pp-brand-mark">P</div>
+      <div class="pp-brand-name">DLP Paste-Proxy<span class="sub">pastebin with a conscience</span></div>
     </a>
   </div>
 <head>
 <meta charset="UTF-8">
 <meta name="viewport" content="width=device-width,initial-scale=1">
+<title>Paste not found — DLP Paste-Proxy</title>
 <link rel="preconnect" href="https://fonts.googleapis.com">
 <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
 <link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=JetBrains+Mono:wght@400;500&family=Instrument+Serif:ital@0;1&display=swap" rel="stylesheet">
   <div class="pp-brand">
     <a href="/" style="text-decoration:none;display:flex;align-items:center;gap:10px">
       <div class="pp-brand-mark">P</div>
+      <div class="pp-brand-name">DLP Paste-Proxy<span class="sub">pastebin with a conscience</span></div>
     </a>
   </div>
   <div class="pp-404">
 # ── launch ────────────────────────────────────────────────────────
 if __name__ == "__main__":
+    server.launch(server_name="0.0.0.0", server_port=7860)