Files
openclaw/src/gateway/method-scopes.test.ts
Peter Steinberger 0b8aabe864 docs: document auth profile failure policy contract (#89613)
* docs: document markdown marker renderer

* docs: document rendered markdown chunking

* docs: document markdown text chunking

* docs: document shared text chunking

* docs: document plugin text chunking exports

* docs: document avatar policy constants

* docs: document node match candidates

* docs: document scoped expiring id cache

* docs: document runtime import normalization

* docs: document string sample summaries

* docs: document session usage timeseries types

* docs: document session usage response types

* docs: document manifest frontmatter shapes

* docs: document channel route input metadata

* docs: document pair loop guard settings

* docs: document migration config patch helpers

* docs: document api provider registry

* docs: document tool call repair payloads

* docs: document plugin tool payload helpers

* docs: document lazy promise loader

* docs: document store writer queue state

* docs: document thread binding lifecycle

* docs: document concurrency helper contract

* docs: document gateway client info contract

* docs: document delivery context contracts

* docs: document secret ref defaults contract

* docs: document command gating contract

* docs: document avatar policy contract

* docs: document node match policy

* docs: document message channel normalization

* docs: document boolean parsing contract

* docs: document zod parse helpers

* docs: document direct dm guard policy

* docs: document fixed window limiter contract

* docs: document node presence event contract

* docs: document secret normalization contract

* docs: document progress draft line removal

* docs: document usage formatting contracts

* docs: document agent run status contract

* docs: document runtime import helpers

* docs: document provider utility ownership

* docs: document invalid config helpers

* docs: document json compat parser

* docs: document channel config metadata ownership

* docs: document channel logging helpers

* docs: document sender identity validation ownership

* docs: document string sampling helper

* docs: document global singleton helpers

* docs: document transcript tool helpers

* docs: document exec safe-bin normalization

* docs: document reaction level resolver

* docs: document account snapshot redaction boundary

* docs: document messaging target helpers

* docs: document thread binding messages

* docs: document conversation binding context

* docs: document conversation resolution helper

* docs: document owner display secret retention

* docs: document provider request config types

* docs: document skills config types

* docs: document memory config types

* docs: document imessage config types

* docs: document crestodian config types

* docs: document tools config policies

* docs: document shared config base types

* docs: document channel config contracts

* docs: document openclaw config state types

* docs: document model config contracts

* docs: document shared agent config types

* docs: document agent defaults config types

* docs: document secret input contracts

* docs: document auth config contracts

* docs: document gateway config contracts

* docs: document tool call stream repair contracts

* docs: document memory host facades

* docs: document llm core contracts

* docs: document markdown core contracts

* docs: document gateway connect error contracts

* docs: document gateway protocol primitives

* docs: document gateway frame schemas

* docs: document gateway device schemas

* docs: document gateway environment schemas

* docs: document gateway push schemas

* docs: document gateway plugin schemas

* docs: document gateway artifact schemas

* docs: document gateway command schemas

* docs: document gateway task schemas

* docs: document gateway exec approval schemas

* docs: document gateway secret schemas

* docs: document gateway config schemas

* docs: document gateway snapshot schemas

* docs: document gateway chat schemas

* docs: document gateway wizard schemas

* docs: document gateway node schemas

* docs: document gateway plugin approval schemas

* docs: document gateway talk schemas

* docs: document gateway agent schemas

* docs: document gateway session schemas

* docs: document gateway cron schemas

* docs: document gateway agent model skill schemas

* docs: document gateway skill proposal tool schemas

* docs: document gateway protocol registry

* docs: document gateway channel status schemas

* docs: document gateway schema regression tests

* docs: document gateway schema barrel

* docs: document gateway validator tests

* docs: document gateway primitive push tests

* docs: document gateway contract tests

* docs: document native protocol guard

* docs: document channel schema tests

* docs: document gateway protocol smoke tests

* docs: document gateway protocol entrypoint

* docs: document gateway protocol type exports

* docs: document gateway error codes

* docs: document protocol schema registry

* docs: document talk audio codec

* docs: document talk activation names

* docs: document talk consult questions

* docs: document talk consult tool

* docs: document talk run control contracts

* docs: document talk run control adapter

* docs: document talkback consult queue

* docs: document talk consult transcript guard

* docs: document talk fast context runtime

* docs: document forced talk consult coordinator

* docs: document talk output activity tracker

* docs: document talk event metrics

* docs: document talk diagnostics

* docs: document talk observability hook

* docs: document talk provider resolver

* docs: document talk provider registry

* docs: document talk runtime primitives

* docs: document talk consult controller logs

* docs: document channel identity helpers

* docs: document channel account allowlist helpers

* docs: document channel metadata draft controls

* docs: document channel ingress policy

* docs: document channel sender access gates

* docs: document channel catalog message contracts

* docs: document channel account plugin helpers

* docs: document configured binding helpers

* docs: document channel acp approval config helpers

* docs: document channel bundled config write helpers

* docs: document channel plugin utility contracts

* docs: document channel config access helpers

* docs: document channel message action helpers

* docs: document channel outbound runtime helpers

* docs: document channel pairing promotion helpers

* docs: document channel registry helpers

* docs: document channel setup wizard helpers

* docs: document channel lifecycle status helpers

* docs: document channel target thread helpers

* docs: document channel session binding helpers

* docs: document channel package module probes

* docs: document channel setup wizard contracts

* docs: document channel plugin API barrels

* docs: document channel contract test helpers

* docs: document channel core helpers

* docs: document small core facades

* docs: document provider runtime helpers

* docs: document persistence and realtime helpers

* docs: document mcp and state helpers

* docs: document tool planner contracts

* docs: document music generation runtime

* docs: document crestodian command flow

* docs: document utility helpers

* docs: document node host helpers

* docs: document transcript contracts

* docs: document trajectory export contracts

* docs: document image generation contracts

* docs: document routing helper contracts

* docs: document session helper contracts

* docs: document video generation contracts

* docs: document model catalog contracts

* docs: document proxy capture contracts

* docs: document status rendering contracts

* docs: document test helper contracts

* docs: document wizard setup contracts

* docs: document process contracts

* docs: document memory host sdk contracts

* docs: document tts contracts

* docs: document secrets runtime contracts

* docs: document shared helper contracts

* docs: document hook runtime contracts

* docs: document security audit contracts

* docs: document flow contracts

* docs: document media understanding contracts

* docs: document tui contracts

* docs: document logging contracts

* docs: document llm contracts

* docs: document cron contracts

* docs: document daemon contracts

* docs: document task contracts

* docs: document acp contracts

* docs: document test utility contracts

* docs: document skill contracts

* docs: document config contracts

* docs: document outbound infra contracts

* docs: document command analysis contracts

* docs: document provider usage infra contracts

* docs: document file safety infra contracts

* docs: document exec approval infra contracts

* docs: document gateway runtime infra contracts

* docs: document infra utility contracts

* docs: document infra queue storage contracts

* docs: document heartbeat infra contracts

* docs: document remaining infra contracts

* docs: document gateway auth contracts

* docs: document gateway display helpers

* docs: document gateway http helpers

* docs: document gateway node helpers

* docs: document gateway mcp helpers

* docs: document gateway support helpers

* docs: document gateway server runtime helpers

* docs: document gateway runtime bootstrap helpers

* docs: document gateway session events

* docs: document gateway utility helpers

* docs: document gateway talk helpers

* docs: document gateway helper contracts

* docs: document gateway server method helpers

* docs: document gateway server auth helpers

* docs: document gateway server tests

* docs: document gateway test helpers

* docs: document gateway node tests

* docs: document gateway channel tests

* docs: document gateway session tests

* docs: document gateway server startup tests

* docs: document gateway tool test helpers

* docs: document gateway server test helpers

* docs: document gateway server method tests

* docs: document remaining gateway tests

* docs: document plugin sdk public subpaths

* docs: document plugin sdk runtime helpers

* docs: document plugin sdk memory provider helpers

* docs: document plugin sdk runtime facades

* docs: document plugin sdk command approval helpers

* docs: document plugin sdk runtime types

* docs: document plugin sdk browser account helpers

* docs: document plugin sdk media memory helpers

* docs: document plugin sdk core tests

* docs: document plugin sdk contract helpers

* docs: document plugin sdk test helpers

* docs: document remaining plugin sdk tests

* docs: document cli utility helpers

* docs: document cli runtime helpers

* docs: document cli command registration helpers

* docs: document node cli helpers

* docs: document cli program registration

* docs: document message cli registration

* docs: document daemon cli helpers

* docs: document cli route parsers
2026-06-03 15:20:39 -07:00

434 lines
15 KiB
TypeScript

/**
* Gateway method-scope policy tests.
*/
import { afterEach, describe, expect, it } from "vitest";
import { createEmptyPluginRegistry } from "../plugins/registry-empty.js";
import { setActivePluginRegistry } from "../plugins/runtime.js";
import {
authorizeOperatorScopesForMethod,
isGatewayMethodClassified,
resolveLeastPrivilegeOperatorScopesForMethod,
} from "./method-scopes.js";
import { createPluginGatewayMethodDescriptor } from "./methods/registry.js";
import { listGatewayMethods } from "./server-methods-list.js";
import { coreGatewayHandlers } from "./server-methods.js";
import type { GatewayRequestHandler } from "./server-methods/types.js";
const RESERVED_ADMIN_PLUGIN_METHOD = "config.plugin.inspect";
const pluginHandler: GatewayRequestHandler = ({ respond }) => respond(true, {});
function setPluginGatewayMethodScope(
method: string,
scope: "operator.read" | "operator.write" | "operator.admin",
) {
const registry = createEmptyPluginRegistry();
registry.gatewayHandlers[method] = pluginHandler;
registry.gatewayMethodDescriptors.push(
createPluginGatewayMethodDescriptor({
pluginId: "test",
name: method,
handler: pluginHandler,
scope,
}),
);
setActivePluginRegistry(registry);
}
afterEach(() => {
setActivePluginRegistry(createEmptyPluginRegistry());
});
describe("method scope resolution", () => {
it.each([
["sessions.resolve", ["operator.read"]],
["tasks.list", ["operator.read"]],
["tasks.get", ["operator.read"]],
["config.schema.lookup", ["operator.read"]],
["sessions.create", ["operator.write"]],
["sessions.send", ["operator.write"]],
["sessions.abort", ["operator.write"]],
["tasks.cancel", ["operator.write"]],
["tools.invoke", ["operator.write"]],
["sessions.messages.subscribe", ["operator.read"]],
["sessions.messages.unsubscribe", ["operator.read"]],
["environments.list", ["operator.read"]],
["environments.status", ["operator.read"]],
["diagnostics.stability", ["operator.read"]],
["node.pair.approve", ["operator.pairing"]],
["poll", ["operator.write"]],
["talk.client.create", ["operator.write"]],
["talk.client.toolCall", ["operator.write"]],
["talk.client.steer", ["operator.write"]],
["talk.session.create", ["operator.write"]],
["talk.session.join", ["operator.write"]],
["talk.session.appendAudio", ["operator.write"]],
["talk.session.startTurn", ["operator.write"]],
["talk.session.endTurn", ["operator.write"]],
["talk.session.cancelTurn", ["operator.write"]],
["talk.session.cancelOutput", ["operator.write"]],
["talk.session.submitToolResult", ["operator.write"]],
["talk.session.steer", ["operator.write"]],
["talk.session.close", ["operator.write"]],
["update.status", ["operator.admin"]],
["config.schema", ["operator.admin"]],
["config.patch", ["operator.admin"]],
["nativeHook.invoke", ["operator.admin"]],
["wizard.start", ["operator.admin"]],
["update.run", ["operator.admin"]],
["exec.approvals.get", ["operator.admin"]],
["exec.approvals.set", ["operator.admin"]],
["exec.approvals.node.get", ["operator.admin"]],
["exec.approvals.node.set", ["operator.admin"]],
])("resolves least-privilege scopes for %s", (method, expected) => {
expect(resolveLeastPrivilegeOperatorScopesForMethod(method)).toEqual(expected);
});
it("leaves node-only pending drain outside operator scopes", () => {
expect(resolveLeastPrivilegeOperatorScopesForMethod("node.pending.drain")).toStrictEqual([]);
});
it("classifies plugin session actions with a CLI-safe default operator scope", () => {
expect(resolveLeastPrivilegeOperatorScopesForMethod("plugins.sessionAction")).toEqual([
"operator.write",
]);
expect(isGatewayMethodClassified("plugins.sessionAction")).toBe(true);
expect(authorizeOperatorScopesForMethod("plugins.sessionAction", ["operator.read"])).toEqual({
allowed: false,
missingScope: "operator.write",
});
});
it("derives least-privilege scopes from registered plugin session action params", () => {
const registry = createEmptyPluginRegistry();
registry.sessionActions = [
{
pluginId: "scope-plugin",
pluginName: "Scope Plugin",
source: "test",
action: {
id: "approve",
requiredScopes: ["operator.approvals"],
handler: () => ({ result: { ok: true } }),
},
},
{
pluginId: "scope-plugin",
pluginName: "Scope Plugin",
source: "test",
action: {
id: "view",
requiredScopes: ["operator.read"],
handler: () => ({ result: { ok: true } }),
},
},
{
pluginId: "scope-plugin",
pluginName: "Scope Plugin",
source: "test",
action: {
id: "default-write",
handler: () => ({ result: { ok: true } }),
},
},
];
setActivePluginRegistry(registry);
expect(
resolveLeastPrivilegeOperatorScopesForMethod("plugins.sessionAction", {
pluginId: "scope-plugin",
actionId: "approve",
}),
).toEqual(["operator.approvals"]);
expect(
resolveLeastPrivilegeOperatorScopesForMethod("plugins.sessionAction", {
pluginId: " scope-plugin ",
actionId: " view ",
}),
).toEqual(["operator.read"]);
expect(
resolveLeastPrivilegeOperatorScopesForMethod("plugins.sessionAction", {
pluginId: "scope-plugin",
actionId: "default-write",
}),
).toEqual(["operator.write"]);
expect(
resolveLeastPrivilegeOperatorScopesForMethod("plugins.sessionAction", {
pluginId: "scope-plugin",
actionId: "missing",
}),
).toEqual([
"operator.admin",
"operator.read",
"operator.write",
"operator.approvals",
"operator.pairing",
"operator.talk.secrets",
]);
expect(
authorizeOperatorScopesForMethod("plugins.sessionAction", ["operator.approvals"], {
pluginId: "scope-plugin",
actionId: "approve",
}),
).toEqual({ allowed: true });
expect(
authorizeOperatorScopesForMethod("plugins.sessionAction", ["operator.write"], {
pluginId: "scope-plugin",
actionId: "approve",
}),
).toEqual({ allowed: false, missingScope: "operator.approvals" });
});
it("falls back to broad operator scopes when a dynamic session action is not locally registered", () => {
expect(
resolveLeastPrivilegeOperatorScopesForMethod("plugins.sessionAction", {
pluginId: "remote-plugin",
actionId: "approve",
}),
).toEqual([
"operator.admin",
"operator.read",
"operator.write",
"operator.approvals",
"operator.pairing",
"operator.talk.secrets",
]);
});
it("returns empty scopes for unknown methods", () => {
expect(resolveLeastPrivilegeOperatorScopesForMethod("totally.unknown.method")).toStrictEqual(
[],
);
});
it("reads plugin-registered gateway method scopes from the active plugin registry", () => {
const registry = createEmptyPluginRegistry();
registry.gatewayHandlers["browser.request"] = pluginHandler;
registry.gatewayMethodDescriptors.push(
createPluginGatewayMethodDescriptor({
pluginId: "browser",
name: "browser.request",
handler: pluginHandler,
scope: "operator.admin",
}),
);
setActivePluginRegistry(registry);
expect(resolveLeastPrivilegeOperatorScopesForMethod("browser.request")).toEqual([
"operator.admin",
]);
});
it("keeps reserved admin namespaces admin-only even if a plugin scope is narrower", () => {
setPluginGatewayMethodScope(RESERVED_ADMIN_PLUGIN_METHOD, "operator.read");
expect(resolveLeastPrivilegeOperatorScopesForMethod(RESERVED_ADMIN_PLUGIN_METHOD)).toEqual([
"operator.admin",
]);
});
});
describe("operator scope authorization", () => {
it.each([
["health", ["operator.read"], { allowed: true }],
["health", ["operator.write"], { allowed: true }],
["config.schema.lookup", ["operator.read"], { allowed: true }],
["config.schema", ["operator.read"], { allowed: false, missingScope: "operator.admin" }],
["config.patch", ["operator.admin"], { allowed: true }],
])("authorizes %s for scopes %j", (method, scopes, expected) => {
expect(authorizeOperatorScopesForMethod(method, scopes)).toEqual(expected);
});
it("requires operator.write for write methods", () => {
expect(authorizeOperatorScopesForMethod("send", ["operator.read"])).toEqual({
allowed: false,
missingScope: "operator.write",
});
});
it("allows operator.write clients to use unified Talk sessions", () => {
for (const method of [
"talk.client.create",
"talk.client.toolCall",
"talk.client.steer",
"talk.session.create",
"talk.session.join",
"talk.session.appendAudio",
"talk.session.startTurn",
"talk.session.endTurn",
"talk.session.cancelTurn",
"talk.session.cancelOutput",
"talk.session.submitToolResult",
"talk.session.steer",
"talk.session.close",
]) {
expect(authorizeOperatorScopesForMethod(method, ["operator.write"])).toEqual({
allowed: true,
});
expect(authorizeOperatorScopesForMethod(method, ["operator.read"])).toEqual({
allowed: false,
missingScope: "operator.write",
});
}
});
it("requires admin for browser.request", () => {
setPluginGatewayMethodScope("browser.request", "operator.admin");
expect(authorizeOperatorScopesForMethod("browser.request", ["operator.write"])).toEqual({
allowed: false,
missingScope: "operator.admin",
});
expect(authorizeOperatorScopesForMethod("browser.request", ["operator.admin"])).toEqual({
allowed: true,
});
});
it("requires pairing scope for node pairing approvals", () => {
expect(authorizeOperatorScopesForMethod("node.pair.approve", ["operator.pairing"])).toEqual({
allowed: true,
});
expect(authorizeOperatorScopesForMethod("node.pair.approve", ["operator.write"])).toEqual({
allowed: false,
missingScope: "operator.pairing",
});
});
it.each(["exec.approval.get", "exec.approval.list", "exec.approval.resolve"])(
"requires approvals scope for %s",
(method) => {
expect(authorizeOperatorScopesForMethod(method, ["operator.write"])).toEqual({
allowed: false,
missingScope: "operator.approvals",
});
expect(authorizeOperatorScopesForMethod(method, ["operator.approvals"])).toEqual({
allowed: true,
});
},
);
it.each([
"exec.approvals.get",
"exec.approvals.set",
"exec.approvals.node.get",
"exec.approvals.node.set",
])("requires admin scope for exec approval policy method %s", (method) => {
expect(authorizeOperatorScopesForMethod(method, ["operator.approvals"])).toEqual({
allowed: false,
missingScope: "operator.admin",
});
expect(authorizeOperatorScopesForMethod(method, ["operator.admin"])).toEqual({
allowed: true,
});
});
it.each([
"plugin.approval.list",
"plugin.approval.request",
"plugin.approval.waitDecision",
"plugin.approval.resolve",
])("requires approvals scope for %s", (method) => {
expect(authorizeOperatorScopesForMethod(method, ["operator.write"])).toEqual({
allowed: false,
missingScope: "operator.approvals",
});
expect(authorizeOperatorScopesForMethod(method, ["operator.approvals"])).toEqual({
allowed: true,
});
});
it("requires admin for unknown methods", () => {
expect(authorizeOperatorScopesForMethod("unknown.method", ["operator.read"])).toEqual({
allowed: false,
missingScope: "operator.admin",
});
});
it("requires admin for reserved admin namespaces even if a plugin registered a narrower scope", () => {
setPluginGatewayMethodScope(RESERVED_ADMIN_PLUGIN_METHOD, "operator.read");
expect(
authorizeOperatorScopesForMethod(RESERVED_ADMIN_PLUGIN_METHOD, ["operator.read"]),
).toEqual({
allowed: false,
missingScope: "operator.admin",
});
});
});
describe("plugin approval method registration", () => {
it("lists all plugin approval methods", () => {
const methods = listGatewayMethods();
expect(methods).toContain("plugin.approval.list");
expect(methods).toContain("plugin.approval.request");
expect(methods).toContain("plugin.approval.waitDecision");
expect(methods).toContain("plugin.approval.resolve");
});
it("classifies plugin approval methods", () => {
expect(isGatewayMethodClassified("plugin.approval.list")).toBe(true);
expect(isGatewayMethodClassified("plugin.approval.request")).toBe(true);
expect(isGatewayMethodClassified("plugin.approval.waitDecision")).toBe(true);
expect(isGatewayMethodClassified("plugin.approval.resolve")).toBe(true);
});
});
describe("core gateway method classification", () => {
it("treats node-role methods as classified even without operator scopes", () => {
expect(isGatewayMethodClassified("node.pending.drain")).toBe(true);
expect(isGatewayMethodClassified("node.pending.pull")).toBe(true);
expect(isGatewayMethodClassified("node.pluginSurface.refresh")).toBe(true);
});
it("classifies every exposed core gateway handler method", () => {
const unclassified = Object.keys(coreGatewayHandlers).filter(
(method) => !isGatewayMethodClassified(method),
);
expect(unclassified).toStrictEqual([]);
});
it("classifies every listed gateway method name", () => {
const unclassified = listGatewayMethods().filter(
(method) => !isGatewayMethodClassified(method),
);
expect(unclassified).toStrictEqual([]);
});
it("exposes skill proposal methods through the core gateway registry", () => {
for (const method of ["skills.proposals.list", "skills.proposals.inspect"]) {
expect(listGatewayMethods()).toContain(method);
expect(coreGatewayHandlers).toHaveProperty(method);
expect(resolveLeastPrivilegeOperatorScopesForMethod(method)).toEqual(["operator.read"]);
expect(authorizeOperatorScopesForMethod(method, ["operator.read"])).toEqual({
allowed: true,
});
}
for (const method of [
"skills.proposals.create",
"skills.proposals.update",
"skills.proposals.revise",
"skills.proposals.apply",
"skills.proposals.reject",
"skills.proposals.quarantine",
]) {
expect(listGatewayMethods()).toContain(method);
expect(coreGatewayHandlers).toHaveProperty(method);
expect(resolveLeastPrivilegeOperatorScopesForMethod(method)).toEqual(["operator.admin"]);
expect(authorizeOperatorScopesForMethod(method, ["operator.write"])).toEqual({
allowed: false,
missingScope: "operator.admin",
});
expect(authorizeOperatorScopesForMethod(method, ["operator.admin"])).toEqual({
allowed: true,
});
}
});
});
describe("CLI default operator scopes", () => {
it("includes operator.talk.secrets for node-role device pairing approvals", async () => {
const { CLI_DEFAULT_OPERATOR_SCOPES } = await import("./method-scopes.js");
expect(CLI_DEFAULT_OPERATOR_SCOPES).toContain("operator.talk.secrets");
});
});