vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-03-24 08:21:39 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
1822db9227aa71214aed76ae84f6da969e84444e
openclaw/src/channels/command-gating.ts
Peter Steinberger b61bc4948e refactor: share dual text command gating
2026-03-14 01:41:17 +00:00

67 lines
2.3 KiB
TypeScript
Raw Blame History

export type CommandAuthorizer = {
configured: boolean;
allowed: boolean;
};
export type CommandGatingModeWhenAccessGroupsOff = "allow" | "deny" | "configured";
export function resolveCommandAuthorizedFromAuthorizers(params: {
useAccessGroups: boolean;
authorizers: CommandAuthorizer[];
modeWhenAccessGroupsOff?: CommandGatingModeWhenAccessGroupsOff;
}): boolean {
const { useAccessGroups, authorizers } = params;
const mode = params.modeWhenAccessGroupsOff ?? "allow";
if (!useAccessGroups) {
if (mode === "allow") {
return true;
}
if (mode === "deny") {
return false;
}
const anyConfigured = authorizers.some((entry) => entry.configured);
if (!anyConfigured) {
return true;
}
return authorizers.some((entry) => entry.configured && entry.allowed);
}
return authorizers.some((entry) => entry.configured && entry.allowed);
}
export function resolveControlCommandGate(params: {
useAccessGroups: boolean;
authorizers: CommandAuthorizer[];
allowTextCommands: boolean;
hasControlCommand: boolean;
modeWhenAccessGroupsOff?: CommandGatingModeWhenAccessGroupsOff;
}): { commandAuthorized: boolean; shouldBlock: boolean } {
const commandAuthorized = resolveCommandAuthorizedFromAuthorizers({
useAccessGroups: params.useAccessGroups,
authorizers: params.authorizers,
modeWhenAccessGroupsOff: params.modeWhenAccessGroupsOff,
});
const shouldBlock = params.allowTextCommands && params.hasControlCommand && !commandAuthorized;
return { commandAuthorized, shouldBlock };
}
export function resolveDualTextControlCommandGate(params: {
useAccessGroups: boolean;
primaryConfigured: boolean;
primaryAllowed: boolean;
secondaryConfigured: boolean;
secondaryAllowed: boolean;
hasControlCommand: boolean;
modeWhenAccessGroupsOff?: CommandGatingModeWhenAccessGroupsOff;
}): { commandAuthorized: boolean; shouldBlock: boolean } {
return resolveControlCommandGate({
useAccessGroups: params.useAccessGroups,
authorizers: [
{ configured: params.primaryConfigured, allowed: params.primaryAllowed },
{ configured: params.secondaryConfigured, allowed: params.secondaryAllowed },
],
allowTextCommands: true,
hasControlCommand: params.hasControlCommand,
modeWhenAccessGroupsOff: params.modeWhenAccessGroupsOff,
});
}
Reference in New Issue View Git Blame Copy Permalink