@clawos-dev/clawd 0.2.71-beta.127.52e9b3f → 0.2.71-beta.128.2805736
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli.cjs +86 -3
- package/package.json +1 -1
package/dist/cli.cjs
CHANGED
|
@@ -133,6 +133,11 @@ var init_methods = __esm({
|
|
|
133
133
|
"remote-persona:add",
|
|
134
134
|
"remote-persona:list",
|
|
135
135
|
"remote-persona:remove",
|
|
136
|
+
// ---- whoami (v2 capability platform) ----
|
|
137
|
+
// 任何 authed connection 都能调;返回 owner 显示名 + 当前 capability wire 形态 +
|
|
138
|
+
// grants 对应的 persona 元数据 (id + displayName)。UI 端 AddRemotePersonaDialog
|
|
139
|
+
// 的 preview 一次性临时 client 用它判定身份和可用 persona。
|
|
140
|
+
"whoami",
|
|
136
141
|
"info",
|
|
137
142
|
"ping"
|
|
138
143
|
];
|
|
@@ -5086,7 +5091,7 @@ function stripSecretHash(cap) {
|
|
|
5086
5091
|
const { secretHash: _hash, ...wire } = cap;
|
|
5087
5092
|
return wire;
|
|
5088
5093
|
}
|
|
5089
|
-
var ResourceSchema, ActionSchema, GrantSchema, CapabilitySchema, CapabilityWireSchema, CapabilityErrorCodeSchema;
|
|
5094
|
+
var ResourceSchema, ActionSchema, GrantSchema, CapabilitySchema, CapabilityWireSchema, CapabilityErrorCodeSchema, WhoamiResponseSchema;
|
|
5090
5095
|
var init_capability = __esm({
|
|
5091
5096
|
"../protocol/src/capability.ts"() {
|
|
5092
5097
|
"use strict";
|
|
@@ -5121,6 +5126,21 @@ var init_capability = __esm({
|
|
|
5121
5126
|
"TOKEN_EXPIRED",
|
|
5122
5127
|
"TOKEN_EXHAUSTED"
|
|
5123
5128
|
]);
|
|
5129
|
+
WhoamiResponseSchema = external_exports.object({
|
|
5130
|
+
type: external_exports.literal("whoami:ok"),
|
|
5131
|
+
owner: external_exports.object({
|
|
5132
|
+
id: external_exports.string(),
|
|
5133
|
+
kind: external_exports.enum(["owner", "guest"]),
|
|
5134
|
+
displayName: external_exports.string()
|
|
5135
|
+
}).strict(),
|
|
5136
|
+
capability: CapabilityWireSchema,
|
|
5137
|
+
grantedPersonas: external_exports.array(
|
|
5138
|
+
external_exports.object({
|
|
5139
|
+
id: external_exports.string().min(1),
|
|
5140
|
+
displayName: external_exports.string()
|
|
5141
|
+
}).strict()
|
|
5142
|
+
)
|
|
5143
|
+
}).strict();
|
|
5124
5144
|
}
|
|
5125
5145
|
});
|
|
5126
5146
|
|
|
@@ -26156,6 +26176,11 @@ var CapabilityManager = class {
|
|
|
26156
26176
|
list() {
|
|
26157
26177
|
return this.registry.list();
|
|
26158
26178
|
}
|
|
26179
|
+
// whoami handler 用:根据 capabilityId 反查 caller 的 capability 实体。
|
|
26180
|
+
// 返回 Capability 持久化形态;handler 调 stripSecretHash 后再上 wire。
|
|
26181
|
+
findById(id) {
|
|
26182
|
+
return this.registry.findById(id);
|
|
26183
|
+
}
|
|
26159
26184
|
issue(args) {
|
|
26160
26185
|
if (!args.displayName.trim()) {
|
|
26161
26186
|
throw new Error("CapabilityManager.issue: displayName must be non-empty");
|
|
@@ -28502,12 +28527,13 @@ function buildRemotePersonaHandlers(deps) {
|
|
|
28502
28527
|
response: { type: "remote-persona:add:ok", remotePersona: stripRemotePersonaSecret(rp) }
|
|
28503
28528
|
};
|
|
28504
28529
|
};
|
|
28505
|
-
const list = async () => {
|
|
28530
|
+
const list = async (_frame, _client, ctx) => {
|
|
28506
28531
|
const all = store.list();
|
|
28532
|
+
const projected = ctx?.principal.kind === "owner" ? all : all.map(stripRemotePersonaSecret);
|
|
28507
28533
|
return {
|
|
28508
28534
|
response: {
|
|
28509
28535
|
type: "remote-persona:list",
|
|
28510
|
-
remotePersonas:
|
|
28536
|
+
remotePersonas: projected
|
|
28511
28537
|
}
|
|
28512
28538
|
};
|
|
28513
28539
|
};
|
|
@@ -28526,6 +28552,51 @@ function buildRemotePersonaHandlers(deps) {
|
|
|
28526
28552
|
};
|
|
28527
28553
|
}
|
|
28528
28554
|
|
|
28555
|
+
// src/handlers/whoami.ts
|
|
28556
|
+
init_protocol();
|
|
28557
|
+
function buildWhoamiHandler(deps) {
|
|
28558
|
+
return async (_frame, _client, ctx) => {
|
|
28559
|
+
if (!ctx) {
|
|
28560
|
+
throw new ClawdError(ERROR_CODES.INTERNAL, "whoami: missing ConnectionContext");
|
|
28561
|
+
}
|
|
28562
|
+
const owner = { ...OWNER_PRINCIPAL, displayName: deps.ownerDisplayName };
|
|
28563
|
+
let capability;
|
|
28564
|
+
if (ctx.principal.kind === "owner") {
|
|
28565
|
+
capability = {
|
|
28566
|
+
id: "owner",
|
|
28567
|
+
displayName: deps.ownerDisplayName,
|
|
28568
|
+
grants: ctx.grants,
|
|
28569
|
+
issuedAt: 0,
|
|
28570
|
+
usedCount: 0
|
|
28571
|
+
};
|
|
28572
|
+
} else {
|
|
28573
|
+
if (!ctx.capabilityId) {
|
|
28574
|
+
throw new ClawdError(ERROR_CODES.UNAUTHORIZED, "whoami: guest ctx without capabilityId");
|
|
28575
|
+
}
|
|
28576
|
+
const cap = deps.capabilityManager.findById(ctx.capabilityId);
|
|
28577
|
+
if (!cap) {
|
|
28578
|
+
throw new ClawdError(ERROR_CODES.UNAUTHORIZED, `whoami: capability not found: ${ctx.capabilityId}`);
|
|
28579
|
+
}
|
|
28580
|
+
capability = stripSecretHash(cap);
|
|
28581
|
+
}
|
|
28582
|
+
const grantedPersonas = [];
|
|
28583
|
+
for (const g2 of capability.grants) {
|
|
28584
|
+
if (g2.resource.type !== "persona") continue;
|
|
28585
|
+
const file = deps.personaStore.read(g2.resource.id);
|
|
28586
|
+
if (!file) continue;
|
|
28587
|
+
grantedPersonas.push({ id: file.personaId, displayName: file.label });
|
|
28588
|
+
}
|
|
28589
|
+
return {
|
|
28590
|
+
response: {
|
|
28591
|
+
type: "whoami:ok",
|
|
28592
|
+
owner,
|
|
28593
|
+
capability,
|
|
28594
|
+
grantedPersonas
|
|
28595
|
+
}
|
|
28596
|
+
};
|
|
28597
|
+
};
|
|
28598
|
+
}
|
|
28599
|
+
|
|
28529
28600
|
// src/handlers/meta.ts
|
|
28530
28601
|
var import_node_os13 = __toESM(require("os"), 1);
|
|
28531
28602
|
init_protocol();
|
|
@@ -28786,6 +28857,11 @@ function buildMethodHandlers(deps) {
|
|
|
28786
28857
|
capabilityRegistry: deps.capabilityRegistry
|
|
28787
28858
|
}),
|
|
28788
28859
|
...buildRemotePersonaHandlers({ store: deps.remotePersonaStore }),
|
|
28860
|
+
whoami: buildWhoamiHandler({
|
|
28861
|
+
ownerDisplayName: deps.ownerDisplayName,
|
|
28862
|
+
personaStore: deps.personaStore,
|
|
28863
|
+
capabilityManager: deps.capabilityManager
|
|
28864
|
+
}),
|
|
28789
28865
|
...deps.attachment ? buildAttachmentHandlers(deps.attachment) : {}
|
|
28790
28866
|
};
|
|
28791
28867
|
}
|
|
@@ -28800,6 +28876,10 @@ var METHOD_GRANT_MAP = {
|
|
|
28800
28876
|
// ---- public(meta-only,guest 也能调) ----
|
|
28801
28877
|
"info": { kind: "public" },
|
|
28802
28878
|
"ping": { kind: "public" },
|
|
28879
|
+
// v2 Phase 6: whoami 是身份反查,任何 authed connection (owner / guest) 都能调;
|
|
28880
|
+
// handler 内部按 ctx.principal.kind 决定返回 "合成 owner self capability" 还是
|
|
28881
|
+
// "查 capabilityManager 拿 caller 的 guest capability"。
|
|
28882
|
+
"whoami": { kind: "public" },
|
|
28803
28883
|
// ---- capability platform(admin-only,本 PR 新增) ----
|
|
28804
28884
|
"capability:issue": ADMIN_ANY,
|
|
28805
28885
|
"capability:list": ADMIN_ANY,
|
|
@@ -29149,6 +29229,9 @@ async function startDaemon(config) {
|
|
|
29149
29229
|
// v2 Phase 5: capability:issue 返回的 shareUrl 用此 base URL 拼接。
|
|
29150
29230
|
// tunnel 拉起后切到反代 wss://... 地址;否则本机 ws://host:port。
|
|
29151
29231
|
getShareBaseUrl: () => currentTunnelUrl ?? `ws://${config.host}:${config.port}`,
|
|
29232
|
+
// v2 Phase 6: whoami handler 装在 owner principal.displayName + persona 解析
|
|
29233
|
+
ownerDisplayName,
|
|
29234
|
+
personaStore,
|
|
29152
29235
|
// Phase 4 Task 4.2: inbox:postMessage 要查 capabilityRegistry 解析 peer Principal
|
|
29153
29236
|
capabilityRegistry,
|
|
29154
29237
|
// Phase 3 Task 3.4: inbox:list/markRead handler 依赖
|
package/package.json
CHANGED