vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-03-14 11:30:41 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
620bae4ec7de7e96c0c0c9c3e7ed01293a6406ea
openclaw/src/agents/bash-tools.exec-host-shared.ts
Peter Steinberger 173132165d fix(exec): honor exec-approvals ask=off for gateway/node runs 
Landed from contributor PR #26789 by @pandego.

Co-authored-by: Miguel Miranda Dias <7780875+pandego@users.noreply.github.com>
2026-03-08 00:29:34 +00:00

161 lines
4.9 KiB
TypeScript
Raw Blame History

import crypto from "node:crypto";
import {
maxAsk,
minSecurity,
resolveExecApprovals,
type ExecAsk,
type ExecSecurity,
} from "../infra/exec-approvals.js";
import { resolveRegisteredExecApprovalDecision } from "./bash-tools.exec-approval-request.js";
import { DEFAULT_APPROVAL_TIMEOUT_MS } from "./bash-tools.exec-runtime.js";
type ResolvedExecApprovals = ReturnType<typeof resolveExecApprovals>;
export type ExecHostApprovalContext = {
approvals: ResolvedExecApprovals;
hostSecurity: ExecSecurity;
hostAsk: ExecAsk;
askFallback: ResolvedExecApprovals["agent"]["askFallback"];
};
export type ExecApprovalPendingState = {
warningText: string;
expiresAtMs: number;
preResolvedDecision: string | null | undefined;
};
export type ExecApprovalRequestState = ExecApprovalPendingState & {
noticeSeconds: number;
};
export function createExecApprovalPendingState(params: {
warnings: string[];
timeoutMs: number;
}): ExecApprovalPendingState {
return {
warningText: params.warnings.length ? `${params.warnings.join("\n")}\n\n` : "",
expiresAtMs: Date.now() + params.timeoutMs,
preResolvedDecision: undefined,
};
}
export function createExecApprovalRequestState(params: {
warnings: string[];
timeoutMs: number;
approvalRunningNoticeMs: number;
}): ExecApprovalRequestState {
const pendingState = createExecApprovalPendingState({
warnings: params.warnings,
timeoutMs: params.timeoutMs,
});
return {
...pendingState,
noticeSeconds: Math.max(1, Math.round(params.approvalRunningNoticeMs / 1000)),
};
}
export function createExecApprovalRequestContext(params: {
warnings: string[];
timeoutMs: number;
approvalRunningNoticeMs: number;
createApprovalSlug: (approvalId: string) => string;
}): ExecApprovalRequestState & {
approvalId: string;
approvalSlug: string;
contextKey: string;
} {
const approvalId = crypto.randomUUID();
const pendingState = createExecApprovalRequestState({
warnings: params.warnings,
timeoutMs: params.timeoutMs,
approvalRunningNoticeMs: params.approvalRunningNoticeMs,
});
return {
...pendingState,
approvalId,
approvalSlug: params.createApprovalSlug(approvalId),
contextKey: `exec:${approvalId}`,
};
}
export function createDefaultExecApprovalRequestContext(params: {
warnings: string[];
approvalRunningNoticeMs: number;
createApprovalSlug: (approvalId: string) => string;
}) {
return createExecApprovalRequestContext({
warnings: params.warnings,
timeoutMs: DEFAULT_APPROVAL_TIMEOUT_MS,
approvalRunningNoticeMs: params.approvalRunningNoticeMs,
createApprovalSlug: params.createApprovalSlug,
});
}
export function resolveBaseExecApprovalDecision(params: {
decision: string | null;
askFallback: ResolvedExecApprovals["agent"]["askFallback"];
obfuscationDetected: boolean;
}): {
approvedByAsk: boolean;
deniedReason: string | null;
timedOut: boolean;
} {
if (params.decision === "deny") {
return { approvedByAsk: false, deniedReason: "user-denied", timedOut: false };
}
if (!params.decision) {
if (params.obfuscationDetected) {
return {
approvedByAsk: false,
deniedReason: "approval-timeout (obfuscation-detected)",
timedOut: true,
};
}
if (params.askFallback === "full") {
return { approvedByAsk: true, deniedReason: null, timedOut: true };
}
if (params.askFallback === "deny") {
return { approvedByAsk: false, deniedReason: "approval-timeout", timedOut: true };
}
return { approvedByAsk: false, deniedReason: null, timedOut: true };
}
return { approvedByAsk: false, deniedReason: null, timedOut: false };
}
export function resolveExecHostApprovalContext(params: {
agentId?: string;
security: ExecSecurity;
ask: ExecAsk;
host: "gateway" | "node";
}): ExecHostApprovalContext {
const approvals = resolveExecApprovals(params.agentId, {
security: params.security,
ask: params.ask,
});
const hostSecurity = minSecurity(params.security, approvals.agent.security);
// An explicit ask=off policy in exec-approvals.json must be able to suppress
// prompts even when tool/runtime defaults are stricter (for example on-miss).
const hostAsk = approvals.agent.ask === "off" ? "off" : maxAsk(params.ask, approvals.agent.ask);
const askFallback = approvals.agent.askFallback;
if (hostSecurity === "deny") {
throw new Error(`exec denied: host=${params.host} security=deny`);
}
return { approvals, hostSecurity, hostAsk, askFallback };
}
export async function resolveApprovalDecisionOrUndefined(params: {
approvalId: string;
preResolvedDecision: string | null | undefined;
onFailure: () => void;
}): Promise<string | null | undefined> {
try {
return await resolveRegisteredExecApprovalDecision({
approvalId: params.approvalId,
preResolvedDecision: params.preResolvedDecision,
});
} catch {
params.onFailure();
return undefined;
}
}
Reference in New Issue View Git Blame Copy Permalink