mirror of
https://github.com/openclaw/openclaw.git
synced 2026-07-09 19:24:02 +00:00
* fix(codex): require admin for native controls Gate Codex native session controls and bound turns on current owner or operator.admin authority. Preserve gateway scope precedence and read-only status behavior. * fix(codex): align native authorization * fix(codex): preserve silent bound handling * fix(codex): narrow bound auth contract * fix(docs): refresh generated docs map
14 lines
498 B
TypeScript
14 lines
498 B
TypeScript
import type { PluginCommandContext } from "openclaw/plugin-sdk/plugin-entry";
|
|
|
|
type CodexHostMutationAuthContext = Pick<
|
|
PluginCommandContext,
|
|
"gatewayClientScopes" | "senderIsOwner"
|
|
>;
|
|
|
|
export const CODEX_NATIVE_EXECUTION_AUTH_ERROR =
|
|
"Only an owner or operator.admin can control Codex native execution.";
|
|
|
|
export function canMutateCodexHost(ctx: CodexHostMutationAuthContext): boolean {
|
|
return ctx.senderIsOwner === true || ctx.gatewayClientScopes?.includes("operator.admin") === true;
|
|
}
|