vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-18 08:34:46 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
3cf0dda22a8bdf094d32a638ac2d291db58d4051
openclaw/src/gateway/server/plugin-route-runtime-scopes.ts
Pavan Kumar Gondhi 6517c700de fix(nostr): require operator.admin scope for profile mutation routes [AI] (#63553) 
* fix: address issue

* fix: address review feedback

* fix: address review feedback

* fix: finalize issue changes

* fix: address PR review feedback

* fix: address review-pr skill feedback

* fix: address PR review feedback

* fix: address review-pr skill feedback

* fix: address PR review feedback

* fix: address PR review feedback

* fix: address PR review feedback

* fix: address PR review feedback

* docs: add changelog entry for PR merge
2026-04-10 16:38:41 +05:30

30 lines
984 B
TypeScript
Raw Blame History

import type { IncomingMessage } from "node:http";
import {
getHeader,
resolveTrustedHttpOperatorScopes,
type AuthorizedGatewayHttpRequest,
} from "../http-utils.js";
import { CLI_DEFAULT_OPERATOR_SCOPES, WRITE_SCOPE } from "../method-scopes.js";
export type PluginRouteRuntimeScopeSurface = "write-default" | "trusted-operator";
export function resolvePluginRouteRuntimeOperatorScopes(
req: IncomingMessage,
requestAuth: AuthorizedGatewayHttpRequest,
surface: PluginRouteRuntimeScopeSurface = "write-default",
): string[] {
if (surface === "trusted-operator") {
if (!requestAuth.trustDeclaredOperatorScopes) {
return [...CLI_DEFAULT_OPERATOR_SCOPES];
}
return resolveTrustedHttpOperatorScopes(req, requestAuth);
}
if (requestAuth.authMethod !== "trusted-proxy") {
return [WRITE_SCOPE];
}
if (getHeader(req, "x-openclaw-scopes") === undefined) {
return [WRITE_SCOPE];
}
return resolveTrustedHttpOperatorScopes(req, requestAuth);
}
Reference in New Issue View Git Blame Copy Permalink