@clawos-dev/clawd 0.2.83-beta.155.84907e5 → 0.2.84-beta.156.919c226
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli.cjs +15 -6
- package/package.json +1 -1
package/dist/cli.cjs
CHANGED
|
@@ -28477,12 +28477,13 @@ function buildSessionHandlers(deps) {
|
|
|
28477
28477
|
const { response, broadcast } = await manager.cancelQuestion(args);
|
|
28478
28478
|
return { response: { type: "session:cancelQuestion", ...response }, broadcast };
|
|
28479
28479
|
};
|
|
28480
|
-
const ptyInput = async (frame) => {
|
|
28480
|
+
const ptyInput = async (frame, _client, ctx) => {
|
|
28481
28481
|
const sid = frame.sessionId;
|
|
28482
28482
|
const dataB64 = frame.data;
|
|
28483
28483
|
if (!sid || typeof dataB64 !== "string") {
|
|
28484
28484
|
return { response: { type: "session:pty:input", ok: false } };
|
|
28485
28485
|
}
|
|
28486
|
+
ensureSessionAccess(ctx, sid, "send");
|
|
28486
28487
|
const pty = manager.getPtyBySessionId(sid);
|
|
28487
28488
|
if (!pty) return { response: { type: "session:pty:input", ok: false } };
|
|
28488
28489
|
try {
|
|
@@ -28492,13 +28493,14 @@ function buildSessionHandlers(deps) {
|
|
|
28492
28493
|
}
|
|
28493
28494
|
return { response: { type: "session:pty:input", ok: true } };
|
|
28494
28495
|
};
|
|
28495
|
-
const ptyResize = async (frame) => {
|
|
28496
|
+
const ptyResize = async (frame, _client, ctx) => {
|
|
28496
28497
|
const sid = frame.sessionId;
|
|
28497
28498
|
const cols = frame.cols;
|
|
28498
28499
|
const rows = frame.rows;
|
|
28499
28500
|
if (!sid || typeof cols !== "number" || typeof rows !== "number") {
|
|
28500
28501
|
return { response: { type: "session:pty:resize", ok: false } };
|
|
28501
28502
|
}
|
|
28503
|
+
ensureSessionAccess(ctx, sid, "send");
|
|
28502
28504
|
const pty = manager.getPtyBySessionId(sid);
|
|
28503
28505
|
if (!pty) return { response: { type: "session:pty:resize", ok: false } };
|
|
28504
28506
|
try {
|
|
@@ -28508,11 +28510,12 @@ function buildSessionHandlers(deps) {
|
|
|
28508
28510
|
}
|
|
28509
28511
|
return { response: { type: "session:pty:resize", ok: true } };
|
|
28510
28512
|
};
|
|
28511
|
-
const ptySnapshot = async (frame) => {
|
|
28513
|
+
const ptySnapshot = async (frame, _client, ctx) => {
|
|
28512
28514
|
const sid = frame.sessionId;
|
|
28513
28515
|
if (!sid) {
|
|
28514
28516
|
return { response: { type: "session:pty:snapshot", ok: false } };
|
|
28515
28517
|
}
|
|
28518
|
+
ensureSessionAccess(ctx, sid, "read");
|
|
28516
28519
|
const snap = manager.getPtyReplay(sid);
|
|
28517
28520
|
if (!snap) {
|
|
28518
28521
|
return {
|
|
@@ -29671,9 +29674,15 @@ var METHOD_GRANT_MAP = {
|
|
|
29671
29674
|
"persona:get": CAPABILITY_SCOPED,
|
|
29672
29675
|
"persona:update": ADMIN_ANY,
|
|
29673
29676
|
"persona:delete": ADMIN_ANY,
|
|
29674
|
-
|
|
29675
|
-
|
|
29676
|
-
|
|
29677
|
+
// 2026-05-26 修 clawd people TUI 渲染 mix 串扰回归(参考 f1133ff0 原 owner 路径
|
|
29678
|
+
// snapshot/buffer/flush 修复):之前三件套 ADMIN_ANY 把 guest 拦在 dispatcher 401,
|
|
29679
|
+
// 导致 XtermPanel 重挂载拉 snapshot 在 guest 路径不生效,老的字节流断裂串扰回来。
|
|
29680
|
+
// 同一个 session 永远只有一个操作者(owner 不进 guest 创建的 session),并发字节流
|
|
29681
|
+
// 冲突不存在;guest 在 chat 模式下已能 session:send/interrupt,PTY 域不开放纯属
|
|
29682
|
+
// 历史遗留的不对称。handler 端通过 ensureSessionAccess 验权对齐其他 session:* RPC。
|
|
29683
|
+
"session:pty:input": CAPABILITY_SCOPED,
|
|
29684
|
+
"session:pty:resize": CAPABILITY_SCOPED,
|
|
29685
|
+
"session:pty:snapshot": CAPABILITY_SCOPED,
|
|
29677
29686
|
// file-sharing attachment.* RPC:dispatcher 放行;handler 内按 sessionId 反查
|
|
29678
29687
|
// session.ownerPersonaId + ctx.grants 跑 assertGrant,限制 guest 只能签 / 操作
|
|
29679
29688
|
// 自己被授权 persona 下的 session 文件。HTTP Bearer 仍然只识别 owner,所以 guest
|
package/package.json
CHANGED