From 3b593bc56171c463c46f5d3ddaab16d417d07971 Mon Sep 17 00:00:00 2001 From: Peter Steinberger Date: Tue, 28 Apr 2026 20:55:38 +0100 Subject: [PATCH] fix(cli): authorize gateway model probe overrides --- CHANGELOG.md | 1 + docs/cli/infer.md | 1 + src/cli/capability-cli.test.ts | 32 ++++++++++++++++++++++++++++++++ src/cli/capability-cli.ts | 9 +++++++-- 4 files changed, 41 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1958ca327e3..2f288ca45ea 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -46,6 +46,7 @@ Docs: https://docs.openclaw.ai - Chat commands: include configured model-catalog reasoning metadata when building `/think` argument menus so Ollama Cloud and other provider-owned reasoning models show supported levels instead of only `off`. Fixes #73515; supersedes #73568. Thanks @danielzinhu99 and @neeravmakwana. - Channels/Telegram: suppress generic tool-progress chatter when preview streaming is off, so non-streaming Telegram turns only deliver final replies while approvals, media, and errors still route normally. Refs #72363 and #72482. Thanks @neeravmakwana and @SweetSophia. - CLI/model probes: add repeatable image `--file` inputs to `infer model run` for local and gateway multimodal model smokes, so vision models such as Ollama Qwen VL and Gemini can be tested through the raw model-probe surface. Fixes #63700. Thanks @cedricjanssens. +- CLI/model probes: request trusted operator scope for `infer model run --gateway --model ` so Gateway raw model smokes can use one-off provider/model overrides instead of being rejected before provider auth resolution. Fixes #73759. Thanks @chrislro. - CLI/image describe: pass `--prompt` and `--timeout-ms` through `infer image describe` and `describe-many`, so custom vision instructions and slow local model budgets reach media-understanding providers such as Ollama, OpenAI, Google, and OpenRouter. Refs #63700. Thanks @cedricjanssens. - WhatsApp/Web: pass explicit Baileys socket timings into every WhatsApp Web socket and expose `web.whatsapp.*` keepalive, connect, and query timeout settings so unstable networks can avoid repeated 408 disconnect and opening-handshake timeout loops. Fixes #56365. (#73580) Thanks @velvet-shark. - Channels/Telegram: persist native command metadata on target sessions so topic, helper, and ACP-bound slash commands keep their session metadata attached to the routed conversation. (#57548) Thanks @GaosCode. diff --git a/docs/cli/infer.md b/docs/cli/infer.md index 4143a80b24b..46686551510 100644 --- a/docs/cli/infer.md +++ b/docs/cli/infer.md @@ -135,6 +135,7 @@ This table maps common inference tasks to the corresponding infer command. - `model run --file` accepts image files, detects their MIME type, and sends them with the supplied prompt to the selected model. Repeat `--file` for multiple images. - `model run --file` rejects non-image inputs. Use `infer audio transcribe` for audio files and `infer video describe` for video files. - `model run --gateway` exercises Gateway routing, saved auth, provider selection, and the embedded runtime, but still runs as a raw model probe: it sends the supplied prompt and any image attachments without prior session transcript, bootstrap/AGENTS context, context-engine assembly, tools, or bundled MCP servers. +- `model run --gateway --model ` requires a trusted operator gateway credential because the request asks the Gateway to run a one-off provider/model override. ## Model diff --git a/src/cli/capability-cli.test.ts b/src/cli/capability-cli.test.ts index 9daac605ed8..08cc6813e29 100644 --- a/src/cli/capability-cli.test.ts +++ b/src/cli/capability-cli.test.ts @@ -589,6 +589,38 @@ describe("capability cli", () => { ); }); + it("requests admin scope for gateway model probes with provider/model overrides", async () => { + await runRegisteredCli({ + register: registerCapabilityCli as (program: Command) => void, + argv: [ + "capability", + "model", + "run", + "--prompt", + "hello", + "--gateway", + "--model", + "anthropic/claude-haiku-4-5", + "--json", + ], + }); + + expect(mocks.callGateway).toHaveBeenCalledWith( + expect.objectContaining({ + clientName: "gateway-client", + method: "agent", + mode: "backend", + scopes: ["operator.admin"], + params: expect.objectContaining({ + provider: "anthropic", + model: "claude-haiku-4-5", + modelRun: true, + promptMode: "none", + }), + }), + ); + }); + it("rejects empty model run prompts before gateway dispatch", async () => { await expect( runRegisteredCli({ diff --git a/src/cli/capability-cli.ts b/src/cli/capability-cli.ts index 29d352b6077..64f1d2abee7 100644 --- a/src/cli/capability-cli.ts +++ b/src/cli/capability-cli.ts @@ -22,6 +22,7 @@ import type { OpenClawConfig } from "../config/types.openclaw.js"; import { callGateway, randomIdempotencyKey } from "../gateway/call.js"; import { buildGatewayConnectionDetailsWithResolvers } from "../gateway/connection-details.js"; import { isLoopbackHost } from "../gateway/net.js"; +import { ADMIN_SCOPE } from "../gateway/operator-scopes.js"; import { GATEWAY_CLIENT_MODES, GATEWAY_CLIENT_NAMES } from "../gateway/protocol/client-info.js"; import { generateImage, listRuntimeImageGenerationProviders } from "../image-generation/runtime.js"; import type { @@ -702,6 +703,9 @@ async function runModelRun(params: { } const { provider, model } = resolveModelRefOverride(params.model); + // Provider/model overrides require trusted-operator scope. Use the backend + // shared-secret lane so local gateway smokes do not depend on paired CLI device scopes. + const hasModelOverride = Boolean(provider || model); const response: { result?: { payloads?: Array<{ text?: string; mediaUrl?: string | null; mediaUrls?: string[] }>; @@ -730,8 +734,9 @@ async function runModelRun(params: { }, expectFinal: true, timeoutMs: 120_000, - clientName: GATEWAY_CLIENT_NAMES.CLI, - mode: GATEWAY_CLIENT_MODES.CLI, + clientName: hasModelOverride ? GATEWAY_CLIENT_NAMES.GATEWAY_CLIENT : GATEWAY_CLIENT_NAMES.CLI, + mode: hasModelOverride ? GATEWAY_CLIENT_MODES.BACKEND : GATEWAY_CLIENT_MODES.CLI, + ...(hasModelOverride ? { scopes: [ADMIN_SCOPE] } : {}), }); return { ok: true,