vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-04-11 01:01:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

exec: align approval UX with host policy

Browse Source
This commit is contained in:
Gustavo Madeira Santana
2026-04-01 19:02:10 -04:00
parent dc66c36b9e
commit 3512a4e138
31 changed files with 992 additions and 95 deletions
Download Patch File Download Diff File Expand all files Collapse all files

132
src/cli/exec-approvals-cli.test.ts
View File

@@ -1,11 +1,13 @@
import { Command } from "commander";
import { beforeEach, describe, expect, it, vi } from "vitest";
import * as execApprovals from "../infra/exec-approvals.js";
import type { ExecApprovalsFile } from "../infra/exec-approvals.js";
import { registerExecApprovalsCli } from "./exec-approvals-cli.js";
const mocks = vi.hoisted(() => {
const runtimeErrors: string[] = [];
const stringifyArgs = (args: unknown[]) => args.map((value) => String(value)).join(" ");
const readBestEffortConfig = vi.fn(async () => ({}));
const defaultRuntime = {
log: vi.fn(),
error: vi.fn((...args: unknown[]) => {
@@ -24,6 +26,18 @@ const mocks = vi.hoisted(() => {
return {
callGatewayFromCli: vi.fn(async (method: string, _opts: unknown, params?: unknown) => {
if (method.endsWith(".get")) {
if (method === "config.get") {
return {
config: {
tools: {
exec: {
security: "full",
ask: "off",
},
},
},
};
}
return {
path: "/tmp/exec-approvals.json",
exists: true,
@@ -34,18 +48,19 @@ const mocks = vi.hoisted(() => {
return { method, params };
}),
defaultRuntime,
readBestEffortConfig,
runtimeErrors,
};
});
const { callGatewayFromCli, defaultRuntime, runtimeErrors } = mocks;
const { callGatewayFromCli, defaultRuntime, readBestEffortConfig, runtimeErrors } = mocks;
const localSnapshot = {
path: "/tmp/local-exec-approvals.json",
exists: true,
raw: "{}",
hash: "hash-local",
file: { version: 1, agents: {} },
file: { version: 1, agents: {} } as ExecApprovalsFile,
};
function resetLocalSnapshot() {
@@ -69,6 +84,14 @@ vi.mock("../runtime.js", () => ({
defaultRuntime: mocks.defaultRuntime,
}));
vi.mock("../config/config.js", async () => {
const actual = await vi.importActual<typeof import("../config/config.js")>("../config/config.js");
return {
...actual,
readBestEffortConfig: mocks.readBestEffortConfig,
};
});
vi.mock("../infra/exec-approvals.js", async () => {
const actual = await vi.importActual<typeof import("../infra/exec-approvals.js")>(
"../infra/exec-approvals.js",
@@ -97,6 +120,7 @@ describe("exec approvals CLI", () => {
resetLocalSnapshot();
runtimeErrors.length = 0;
callGatewayFromCli.mockClear();
readBestEffortConfig.mockClear();
defaultRuntime.log.mockClear();
defaultRuntime.error.mockClear();
defaultRuntime.writeStdout.mockClear();
@@ -108,12 +132,19 @@ describe("exec approvals CLI", () => {
await runApprovalsCommand(["approvals", "get"]);
expect(callGatewayFromCli).not.toHaveBeenCalled();
expect(readBestEffortConfig).toHaveBeenCalledTimes(1);
expect(runtimeErrors).toHaveLength(0);
callGatewayFromCli.mockClear();
await runApprovalsCommand(["approvals", "get", "--gateway"]);
expect(callGatewayFromCli).toHaveBeenCalledWith("exec.approvals.get", expect.anything(), {});
expect(callGatewayFromCli).toHaveBeenNthCalledWith(
1,
"exec.approvals.get",
expect.anything(),
{},
);
expect(callGatewayFromCli).toHaveBeenNthCalledWith(2, "config.get", expect.anything(), {});
expect(runtimeErrors).toHaveLength(0);
callGatewayFromCli.mockClear();
@@ -125,6 +156,101 @@ describe("exec approvals CLI", () => {
expect(runtimeErrors).toHaveLength(0);
});
it("adds effective policy to json output", async () => {
localSnapshot.file = {
version: 1,
defaults: { security: "allowlist", ask: "always", askFallback: "deny" },
agents: {},
};
readBestEffortConfig.mockResolvedValue({
tools: {
exec: {
security: "full",
ask: "off",
},
},
});
await runApprovalsCommand(["approvals", "get", "--json"]);
expect(defaultRuntime.writeJson).toHaveBeenCalledWith(
expect.objectContaining({
effectivePolicy: {
note: "Effective exec policy is the host approvals file intersected with requested tools.exec policy.",
scopes: [
expect.objectContaining({
scopeLabel: "tools.exec",
security: expect.objectContaining({
requested: "full",
host: "allowlist",
effective: "allowlist",
}),
ask: expect.objectContaining({
requested: "off",
host: "always",
effective: "always",
}),
}),
],
},
}),
0,
);
});
it("reports wildcard host policy sources in effective policy output", async () => {
localSnapshot.file = {
version: 1,
defaults: { security: "full", ask: "off", askFallback: "full" },
agents: {
"*": {
security: "allowlist",
ask: "always",
askFallback: "deny",
},
},
};
readBestEffortConfig.mockResolvedValue({
agents: {
list: [
{
id: "runner",
tools: {
exec: {
security: "full",
ask: "off",
},
},
},
],
},
});
await runApprovalsCommand(["approvals", "get", "--json"]);
expect(defaultRuntime.writeJson).toHaveBeenCalledWith(
expect.objectContaining({
effectivePolicy: expect.objectContaining({
scopes: expect.arrayContaining([
expect.objectContaining({
scopeLabel: "agent:runner",
security: expect.objectContaining({
hostSource: "~/.openclaw/exec-approvals.json agents.*.security",
}),
ask: expect.objectContaining({
hostSource: "~/.openclaw/exec-approvals.json agents.*.ask",
}),
askFallback: expect.objectContaining({
source: "~/.openclaw/exec-approvals.json agents.*.askFallback",
}),
}),
]),
}),
}),
0,
);
});
it("defaults allowlist add to wildcard agent", async () => {
const saveExecApprovals = vi.mocked(execApprovals.saveExecApprovals);
saveExecApprovals.mockClear();

132
src/cli/exec-approvals-cli.ts
View File

@@ -1,6 +1,8 @@
import fs from "node:fs/promises";
import type { Command } from "commander";
import JSON5 from "json5";
import { readBestEffortConfig, type OpenClawConfig } from "../config/config.js";
import { resolveExecPolicyScopeSummary } from "../infra/exec-approvals-effective.js";
import {
readExecApprovalsSnapshot,
saveExecApprovals,
@@ -24,6 +26,15 @@ type ExecApprovalsSnapshot = {
file: ExecApprovalsFile;
};
type ConfigSnapshotLike = {
config?: OpenClawConfig;
};
type ApprovalsTargetSource = "gateway" | "node" | "local";
type EffectivePolicyReport = {
scopes: ReturnType<typeof collectExecPolicySummaries>;
note?: string;
};
type ExecApprovalsCliOpts = NodesRpcOpts & {
node?: string;
gateway?: boolean;
@@ -79,7 +90,7 @@ function saveSnapshotLocal(file: ExecApprovalsFile): ExecApprovalsSnapshot {
async function loadSnapshotTarget(opts: ExecApprovalsCliOpts): Promise<{
snapshot: ExecApprovalsSnapshot;
nodeId: string | null;
source: "gateway" | "node" | "local";
source: ApprovalsTargetSource;
}> {
if (!opts.gateway && !opts.node) {
return { snapshot: loadSnapshotLocal(), nodeId: null, source: "local" };
@@ -106,7 +117,7 @@ function requireTrimmedNonEmpty(value: string, message: string): string {
async function loadWritableSnapshotTarget(opts: ExecApprovalsCliOpts): Promise<{
snapshot: ExecApprovalsSnapshot;
nodeId: string | null;
source: "gateway" | "node" | "local";
source: ApprovalsTargetSource;
targetLabel: string;
baseHash: string;
}> {
@@ -124,7 +135,7 @@ async function loadWritableSnapshotTarget(opts: ExecApprovalsCliOpts): Promise<{
async function saveSnapshotTargeted(params: {
opts: ExecApprovalsCliOpts;
source: "gateway" | "node" | "local";
source: ApprovalsTargetSource;
nodeId: string | null;
file: ExecApprovalsFile;
baseHash: string;
@@ -147,6 +158,112 @@ function formatCliError(err: unknown): string {
return msg.includes("\n") ? msg.split("\n")[0] : msg;
}
async function loadConfigForApprovalsTarget(params: {
opts: ExecApprovalsCliOpts;
source: ApprovalsTargetSource;
}): Promise<OpenClawConfig | null> {
if (params.source === "node") {
return null;
}
if (params.source === "local") {
return await readBestEffortConfig();
}
const snapshot = (await callGatewayFromCli("config.get", params.opts, {})) as ConfigSnapshotLike;
return snapshot.config && typeof snapshot.config === "object" ? snapshot.config : null;
}
function collectExecPolicySummaries(params: { cfg: OpenClawConfig; approvals: ExecApprovalsFile }) {
const summaries = [
resolveExecPolicyScopeSummary({
approvals: params.approvals,
execConfig: params.cfg.tools?.exec,
configPath: "tools.exec",
scopeLabel: "tools.exec",
}),
];
const configAgentIds = new Set((params.cfg.agents?.list ?? []).map((agent) => agent.id));
const approvalAgentIds = Object.keys(params.approvals.agents ?? {}).filter(
(agentId) => agentId !== "*" && agentId !== "default",
);
const agentIds = Array.from(new Set([...configAgentIds, ...approvalAgentIds])).toSorted();
for (const agentId of agentIds) {
const agentConfig = params.cfg.agents?.list?.find((agent) => agent.id === agentId);
summaries.push(
resolveExecPolicyScopeSummary({
approvals: params.approvals,
execConfig: agentConfig?.tools?.exec,
configPath: `agents.list.${agentId}.tools.exec`,
scopeLabel: `agent:${agentId}`,
agentId,
}),
);
}
return summaries;
}
function buildEffectivePolicyReport(params: {
cfg: OpenClawConfig | null;
source: ApprovalsTargetSource;
approvals: ExecApprovalsFile;
}): EffectivePolicyReport {
if (params.source === "node") {
return {
scopes: [],
note: "Node output shows host approvals state only. Gateway tools.exec policy still intersects at runtime.",
};
}
if (!params.cfg) {
return {
scopes: [],
note: "Config unavailable.",
};
}
return {
scopes: collectExecPolicySummaries({
cfg: params.cfg,
approvals: params.approvals,
}),
note: "Effective exec policy is the host approvals file intersected with requested tools.exec policy.",
};
}
function renderEffectivePolicy(params: { report: EffectivePolicyReport }) {
const rich = isRich();
const heading = (text: string) => (rich ? theme.heading(text) : text);
const muted = (text: string) => (rich ? theme.muted(text) : text);
if (params.report.scopes.length === 0 && !params.report.note) {
return;
}
defaultRuntime.log("");
defaultRuntime.log(heading("Effective Policy"));
if (params.report.scopes.length === 0) {
defaultRuntime.log(muted(params.report.note ?? "No effective policy details available."));
return;
}
const rows = params.report.scopes.map((summary) => ({
Scope: summary.scopeLabel,
Requested: `security=${summary.security.requested} (${summary.security.requestedSource})\nask=${summary.ask.requested} (${summary.ask.requestedSource})`,
Host: `security=${summary.security.host} (${summary.security.hostSource})\nask=${summary.ask.host} (${summary.ask.hostSource})\naskFallback=${summary.askFallback.effective} (${summary.askFallback.source})`,
Effective: `security=${summary.security.effective}\nask=${summary.ask.effective}`,
Notes: `${summary.security.note}; ${summary.ask.note}`,
}));
defaultRuntime.log(
renderTable({
width: getTerminalTableWidth(),
columns: [
{ key: "Scope", header: "Scope", minWidth: 12 },
{ key: "Requested", header: "Requested", minWidth: 24, flex: true },
{ key: "Host", header: "Host", minWidth: 24, flex: true },
{ key: "Effective", header: "Effective", minWidth: 16 },
{ key: "Notes", header: "Notes", minWidth: 20, flex: true },
],
rows,
}).trimEnd(),
);
defaultRuntime.log("");
defaultRuntime.log(muted(`Precedence: ${params.report.note}`));
}
function renderApprovalsSnapshot(snapshot: ExecApprovalsSnapshot, targetLabel: string) {
const rich = isRich();
const heading = (text: string) => (rich ? theme.heading(text) : text);
@@ -364,8 +481,14 @@ export function registerExecApprovalsCli(program: Command) {
.action(async (opts: ExecApprovalsCliOpts) => {
try {
const { snapshot, nodeId, source } = await loadSnapshotTarget(opts);
const cfg = await loadConfigForApprovalsTarget({ opts, source });
const effectivePolicy = buildEffectivePolicyReport({
cfg,
source,
approvals: snapshot.file,
});
if (opts.json) {
defaultRuntime.writeJson(snapshot, 0);
defaultRuntime.writeJson({ ...snapshot, effectivePolicy }, 0);
return;
}
@@ -376,6 +499,7 @@ export function registerExecApprovalsCli(program: Command) {
}
const targetLabel = source === "local" ? "local" : nodeId ? `node:${nodeId}` : "gateway";
renderApprovalsSnapshot(snapshot, targetLabel);
renderEffectivePolicy({ report: effectivePolicy });
} catch (err) {
defaultRuntime.error(formatCliError(err));
defaultRuntime.exit(1);