@clawos-dev/clawd 0.2.85-beta.157.a054210 → 0.2.85-beta.158.934b6ca
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli.cjs +15 -6
- package/package.json +1 -1
package/dist/cli.cjs
CHANGED
|
@@ -28541,12 +28541,13 @@ function buildSessionHandlers(deps) {
|
|
|
28541
28541
|
const { response, broadcast } = await manager.cancelQuestion(args);
|
|
28542
28542
|
return { response: { type: "session:cancelQuestion", ...response }, broadcast };
|
|
28543
28543
|
};
|
|
28544
|
-
const ptyInput = async (frame) => {
|
|
28544
|
+
const ptyInput = async (frame, _client, ctx) => {
|
|
28545
28545
|
const sid = frame.sessionId;
|
|
28546
28546
|
const dataB64 = frame.data;
|
|
28547
28547
|
if (!sid || typeof dataB64 !== "string") {
|
|
28548
28548
|
return { response: { type: "session:pty:input", ok: false } };
|
|
28549
28549
|
}
|
|
28550
|
+
ensureSessionAccess(ctx, sid, "send");
|
|
28550
28551
|
const pty = manager.getPtyBySessionId(sid);
|
|
28551
28552
|
if (!pty) return { response: { type: "session:pty:input", ok: false } };
|
|
28552
28553
|
try {
|
|
@@ -28556,13 +28557,14 @@ function buildSessionHandlers(deps) {
|
|
|
28556
28557
|
}
|
|
28557
28558
|
return { response: { type: "session:pty:input", ok: true } };
|
|
28558
28559
|
};
|
|
28559
|
-
const ptyResize = async (frame) => {
|
|
28560
|
+
const ptyResize = async (frame, _client, ctx) => {
|
|
28560
28561
|
const sid = frame.sessionId;
|
|
28561
28562
|
const cols = frame.cols;
|
|
28562
28563
|
const rows = frame.rows;
|
|
28563
28564
|
if (!sid || typeof cols !== "number" || typeof rows !== "number") {
|
|
28564
28565
|
return { response: { type: "session:pty:resize", ok: false } };
|
|
28565
28566
|
}
|
|
28567
|
+
ensureSessionAccess(ctx, sid, "send");
|
|
28566
28568
|
const pty = manager.getPtyBySessionId(sid);
|
|
28567
28569
|
if (!pty) return { response: { type: "session:pty:resize", ok: false } };
|
|
28568
28570
|
try {
|
|
@@ -28572,11 +28574,12 @@ function buildSessionHandlers(deps) {
|
|
|
28572
28574
|
}
|
|
28573
28575
|
return { response: { type: "session:pty:resize", ok: true } };
|
|
28574
28576
|
};
|
|
28575
|
-
const ptySnapshot = async (frame) => {
|
|
28577
|
+
const ptySnapshot = async (frame, _client, ctx) => {
|
|
28576
28578
|
const sid = frame.sessionId;
|
|
28577
28579
|
if (!sid) {
|
|
28578
28580
|
return { response: { type: "session:pty:snapshot", ok: false } };
|
|
28579
28581
|
}
|
|
28582
|
+
ensureSessionAccess(ctx, sid, "read");
|
|
28580
28583
|
const snap = manager.getPtyReplay(sid);
|
|
28581
28584
|
if (!snap) {
|
|
28582
28585
|
return {
|
|
@@ -29764,9 +29767,15 @@ var METHOD_GRANT_MAP = {
|
|
|
29764
29767
|
"persona:get": CAPABILITY_SCOPED,
|
|
29765
29768
|
"persona:update": ADMIN_ANY,
|
|
29766
29769
|
"persona:delete": ADMIN_ANY,
|
|
29767
|
-
|
|
29768
|
-
|
|
29769
|
-
|
|
29770
|
+
// 2026-05-26 修 clawd people TUI 渲染 mix 串扰回归(参考 f1133ff0 原 owner 路径
|
|
29771
|
+
// snapshot/buffer/flush 修复):之前三件套 ADMIN_ANY 把 guest 拦在 dispatcher 401,
|
|
29772
|
+
// 导致 XtermPanel 重挂载拉 snapshot 在 guest 路径不生效,老的字节流断裂串扰回来。
|
|
29773
|
+
// 同一个 session 永远只有一个操作者(owner 不进 guest 创建的 session),并发字节流
|
|
29774
|
+
// 冲突不存在;guest 在 chat 模式下已能 session:send/interrupt,PTY 域不开放纯属
|
|
29775
|
+
// 历史遗留的不对称。handler 端通过 ensureSessionAccess 验权对齐其他 session:* RPC。
|
|
29776
|
+
"session:pty:input": CAPABILITY_SCOPED,
|
|
29777
|
+
"session:pty:resize": CAPABILITY_SCOPED,
|
|
29778
|
+
"session:pty:snapshot": CAPABILITY_SCOPED,
|
|
29770
29779
|
// file-sharing attachment.* RPC:dispatcher 放行;handler 内按 sessionId 反查
|
|
29771
29780
|
// session.ownerPersonaId + ctx.grants 跑 assertGrant,限制 guest 只能签 / 操作
|
|
29772
29781
|
// 自己被授权 persona 下的 session 文件。HTTP Bearer 仍然只识别 owner,所以 guest
|
package/package.json
CHANGED