@jait/gateway 0.1.249 → 0.1.250
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/bin/jait.mjs +63 -0
- package/dist/cli/doctor.d.ts +43 -0
- package/dist/cli/doctor.d.ts.map +1 -0
- package/dist/cli/doctor.js +218 -0
- package/dist/cli/doctor.js.map +1 -0
- package/dist/db/migrations.d.ts.map +1 -1
- package/dist/db/migrations.js +23 -0
- package/dist/db/migrations.js.map +1 -1
- package/dist/db/schema.d.ts +233 -0
- package/dist/db/schema.d.ts.map +1 -1
- package/dist/db/schema.js +17 -0
- package/dist/db/schema.js.map +1 -1
- package/dist/foundation.d.ts +4 -4
- package/dist/foundation.d.ts.map +1 -1
- package/dist/foundation.js +2 -2
- package/dist/foundation.js.map +1 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +9 -2
- package/dist/index.js.map +1 -1
- package/dist/plugins/contracts.d.ts +15 -5
- package/dist/plugins/contracts.d.ts.map +1 -1
- package/dist/plugins/contracts.js +14 -1
- package/dist/plugins/contracts.js.map +1 -1
- package/dist/routes/assistant-profiles.d.ts +5 -0
- package/dist/routes/assistant-profiles.d.ts.map +1 -0
- package/dist/routes/assistant-profiles.js +75 -0
- package/dist/routes/assistant-profiles.js.map +1 -0
- package/dist/routes/consent.d.ts +6 -1
- package/dist/routes/consent.d.ts.map +1 -1
- package/dist/routes/consent.js +10 -1
- package/dist/routes/consent.js.map +1 -1
- package/dist/routes/environment.d.ts +19 -0
- package/dist/routes/environment.d.ts.map +1 -0
- package/dist/routes/environment.js +78 -0
- package/dist/routes/environment.js.map +1 -0
- package/dist/security/consent-executor.d.ts +4 -0
- package/dist/security/consent-executor.d.ts.map +1 -1
- package/dist/security/consent-executor.js +20 -6
- package/dist/security/consent-executor.js.map +1 -1
- package/dist/security/consent-manager.d.ts +9 -0
- package/dist/security/consent-manager.d.ts.map +1 -1
- package/dist/security/consent-manager.js +1 -0
- package/dist/security/consent-manager.js.map +1 -1
- package/dist/security/index.d.ts +2 -2
- package/dist/security/index.d.ts.map +1 -1
- package/dist/security/index.js +2 -2
- package/dist/security/index.js.map +1 -1
- package/dist/security/tool-permissions.d.ts +10 -1
- package/dist/security/tool-permissions.d.ts.map +1 -1
- package/dist/security/tool-permissions.js +21 -0
- package/dist/security/tool-permissions.js.map +1 -1
- package/dist/security/tool-profiles.d.ts +4 -0
- package/dist/security/tool-profiles.d.ts.map +1 -1
- package/dist/security/tool-profiles.js +53 -47
- package/dist/security/tool-profiles.js.map +1 -1
- package/dist/server.d.ts +6 -0
- package/dist/server.d.ts.map +1 -1
- package/dist/server.js +17 -1
- package/dist/server.js.map +1 -1
- package/dist/services/assistant-profiles.d.ts +46 -0
- package/dist/services/assistant-profiles.d.ts.map +1 -0
- package/dist/services/assistant-profiles.js +118 -0
- package/dist/services/assistant-profiles.js.map +1 -0
- package/dist/services/threads.d.ts +1 -0
- package/dist/services/threads.d.ts.map +1 -1
- package/dist/services/threads.js +8 -0
- package/dist/services/threads.js.map +1 -1
- package/dist/services/workspaces.d.ts +1 -0
- package/dist/services/workspaces.d.ts.map +1 -1
- package/dist/services/workspaces.js +17 -0
- package/dist/services/workspaces.js.map +1 -1
- package/dist/tools/contracts.d.ts +16 -0
- package/dist/tools/contracts.d.ts.map +1 -1
- package/dist/tools/index.d.ts +1 -1
- package/dist/tools/index.d.ts.map +1 -1
- package/dist/tools/index.js.map +1 -1
- package/dist/tools/registry.d.ts +4 -1
- package/dist/tools/registry.d.ts.map +1 -1
- package/dist/tools/registry.js +28 -0
- package/dist/tools/registry.js.map +1 -1
- package/dist/tools/thread-tools.d.ts.map +1 -1
- package/dist/tools/thread-tools.js +16 -1
- package/dist/tools/thread-tools.js.map +1 -1
- package/package.json +2 -2
- package/web-dist/assets/{_basePickBy-BZXAEjtR.js → _basePickBy-DZlQJHdZ.js} +1 -1
- package/web-dist/assets/{_baseUniq-Bal_eCvN.js → _baseUniq-PKaeabhN.js} +1 -1
- package/web-dist/assets/{arc-C70h_w-C.js → arc-CHeuDxU6.js} +1 -1
- package/web-dist/assets/{architectureDiagram-2XIMDMQ5-B3Gm8tpz.js → architectureDiagram-2XIMDMQ5-DgvGhpb9.js} +1 -1
- package/web-dist/assets/{blockDiagram-WCTKOSBZ-BgQFIqvb.js → blockDiagram-WCTKOSBZ-B9QFvq1T.js} +1 -1
- package/web-dist/assets/{c4Diagram-IC4MRINW-COlSPH7q.js → c4Diagram-IC4MRINW-Cv7RtLdJ.js} +1 -1
- package/web-dist/assets/channel-BYGJ2Su4.js +1 -0
- package/web-dist/assets/{chunk-4BX2VUAB-CGFBM2wU.js → chunk-4BX2VUAB-CZa8RIWc.js} +1 -1
- package/web-dist/assets/{chunk-55IACEB6-DtZessAC.js → chunk-55IACEB6-BaKT8k_K.js} +1 -1
- package/web-dist/assets/{chunk-FMBD7UC4-BFvW3UDr.js → chunk-FMBD7UC4-Dg0XGskY.js} +1 -1
- package/web-dist/assets/{chunk-JSJVCQXG-BxS2QyCp.js → chunk-JSJVCQXG-BIQagOJF.js} +1 -1
- package/web-dist/assets/{chunk-KX2RTZJC-RF7flQid.js → chunk-KX2RTZJC-gv358j1I.js} +1 -1
- package/web-dist/assets/{chunk-NQ4KR5QH-CbUsJA5U.js → chunk-NQ4KR5QH-KTZkQ1F7.js} +1 -1
- package/web-dist/assets/{chunk-QZHKN3VN-B7K3gWQG.js → chunk-QZHKN3VN-DLnI7x4Z.js} +1 -1
- package/web-dist/assets/{chunk-WL4C6EOR-CwmUHzIF.js → chunk-WL4C6EOR-8109Ou2b.js} +1 -1
- package/web-dist/assets/classDiagram-VBA2DB6C-CpC97-ro.js +1 -0
- package/web-dist/assets/classDiagram-v2-RAHNMMFH-CpC97-ro.js +1 -0
- package/web-dist/assets/clone-BcwoeXwR.js +1 -0
- package/web-dist/assets/{cose-bilkent-S5V4N54A-sz0ER3yT.js → cose-bilkent-S5V4N54A-At9ZOajY.js} +1 -1
- package/web-dist/assets/{dagre-KLK3FWXG-CosbwquM.js → dagre-KLK3FWXG-DEx87s7-.js} +1 -1
- package/web-dist/assets/{diagram-E7M64L7V-Dl6nDMtE.js → diagram-E7M64L7V-Bj4y6U-n.js} +1 -1
- package/web-dist/assets/{diagram-IFDJBPK2-DtMomQmG.js → diagram-IFDJBPK2-BrO08PbC.js} +1 -1
- package/web-dist/assets/{diagram-P4PSJMXO-gCuDDR5r.js → diagram-P4PSJMXO-CMAd8cD3.js} +1 -1
- package/web-dist/assets/{erDiagram-INFDFZHY-D-mjYH_L.js → erDiagram-INFDFZHY-C0z3DO_E.js} +1 -1
- package/web-dist/assets/{flowDiagram-PKNHOUZH-B2c4zFvE.js → flowDiagram-PKNHOUZH-BilVBboL.js} +1 -1
- package/web-dist/assets/{ganttDiagram-A5KZAMGK-B4xO3gHm.js → ganttDiagram-A5KZAMGK-Bfs5HpAt.js} +1 -1
- package/web-dist/assets/{gitGraphDiagram-K3NZZRJ6-BJ3id5A_.js → gitGraphDiagram-K3NZZRJ6-CYI2ujpJ.js} +1 -1
- package/web-dist/assets/{graph-CPMhtGeG.js → graph-ABm22Gk2.js} +1 -1
- package/web-dist/assets/{index-BgZwraAX.css → index-CX10vibf.css} +1 -1
- package/web-dist/assets/{index-DyYrV_7c.js → index-Desx29PE.js} +234 -234
- package/web-dist/assets/{infoDiagram-LFFYTUFH-D4nudIFj.js → infoDiagram-LFFYTUFH-DwA-K72D.js} +1 -1
- package/web-dist/assets/{ishikawaDiagram-PHBUUO56-Bw59FyvU.js → ishikawaDiagram-PHBUUO56-BLUdXkXv.js} +1 -1
- package/web-dist/assets/{journeyDiagram-4ABVD52K-B-GIXjMc.js → journeyDiagram-4ABVD52K-C_24Eqg4.js} +1 -1
- package/web-dist/assets/{kanban-definition-K7BYSVSG-CKCdtOz1.js → kanban-definition-K7BYSVSG-wmhT6g0K.js} +1 -1
- package/web-dist/assets/{layout-ClOTQO_8.js → layout-DGm1r0mn.js} +1 -1
- package/web-dist/assets/{linear-ZphXPXoB.js → linear-D59mMVMI.js} +1 -1
- package/web-dist/assets/{mindmap-definition-YRQLILUH-DKEpOZTE.js → mindmap-definition-YRQLILUH-BIqlrUPf.js} +1 -1
- package/web-dist/assets/{pieDiagram-SKSYHLDU-89Cyo3gu.js → pieDiagram-SKSYHLDU-BcTVOybn.js} +1 -1
- package/web-dist/assets/{quadrantDiagram-337W2JSQ-n5ZUbVKF.js → quadrantDiagram-337W2JSQ-0uc_bcc1.js} +1 -1
- package/web-dist/assets/{requirementDiagram-Z7DCOOCP-e1w0prnx.js → requirementDiagram-Z7DCOOCP-DerXd9F8.js} +1 -1
- package/web-dist/assets/{sankeyDiagram-WA2Y5GQK-D6KOU33Z.js → sankeyDiagram-WA2Y5GQK-DIjN0Jgz.js} +1 -1
- package/web-dist/assets/{sequenceDiagram-2WXFIKYE-BwFMMAig.js → sequenceDiagram-2WXFIKYE-C5kmpRNR.js} +1 -1
- package/web-dist/assets/{stateDiagram-RAJIS63D-BXGKTd5_.js → stateDiagram-RAJIS63D-1_WrczQa.js} +1 -1
- package/web-dist/assets/stateDiagram-v2-FVOUBMTO-DzOpw3fh.js +1 -0
- package/web-dist/assets/{timeline-definition-YZTLITO2-DuFK82ph.js → timeline-definition-YZTLITO2-3IUZHglj.js} +1 -1
- package/web-dist/assets/{treemap-KZPCXAKY-CQv5gjDl.js → treemap-KZPCXAKY-Clt4X3ro.js} +1 -1
- package/web-dist/assets/{vennDiagram-LZ73GAT5-DkbNA0Hd.js → vennDiagram-LZ73GAT5-BPkpfc1Y.js} +1 -1
- package/web-dist/assets/{xychartDiagram-JWTSCODW-37LS_2mi.js → xychartDiagram-JWTSCODW-D5U94d56.js} +1 -1
- package/web-dist/index.html +2 -2
- package/web-dist/assets/channel-v8M8jufi.js +0 -1
- package/web-dist/assets/classDiagram-VBA2DB6C-D9abWN2d.js +0 -1
- package/web-dist/assets/classDiagram-v2-RAHNMMFH-D9abWN2d.js +0 -1
- package/web-dist/assets/clone-CZpJBOCh.js +0 -1
- package/web-dist/assets/stateDiagram-v2-FVOUBMTO-C1TnLZGn.js +0 -1
|
@@ -1,2 +1,15 @@
|
|
|
1
|
-
export {
|
|
1
|
+
export function buildPluginToolSourceMetadata(plugin) {
|
|
2
|
+
return {
|
|
3
|
+
kind: "plugin",
|
|
4
|
+
pluginId: plugin.id,
|
|
5
|
+
pluginDisplayName: plugin.displayName,
|
|
6
|
+
};
|
|
7
|
+
}
|
|
8
|
+
export function toPluginToolDefinition(plugin, tool) {
|
|
9
|
+
return {
|
|
10
|
+
...tool,
|
|
11
|
+
source: `plugin:${plugin.id}`,
|
|
12
|
+
sourceMetadata: buildPluginToolSourceMetadata(plugin),
|
|
13
|
+
};
|
|
14
|
+
}
|
|
2
15
|
//# sourceMappingURL=contracts.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"contracts.js","sourceRoot":"","sources":["../../src/plugins/contracts.ts"],"names":[],"mappings":""}
|
|
1
|
+
{"version":3,"file":"contracts.js","sourceRoot":"","sources":["../../src/plugins/contracts.ts"],"names":[],"mappings":"AA6BA,MAAM,UAAU,6BAA6B,CAAC,MAAwB;IACpE,OAAO;QACL,IAAI,EAAE,QAAQ;QACd,QAAQ,EAAE,MAAM,CAAC,EAAE;QACnB,iBAAiB,EAAE,MAAM,CAAC,WAAW;KACtC,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,sBAAsB,CACpC,MAAwB,EACxB,IAAmC;IAEnC,OAAO;QACL,GAAG,IAAI;QACP,MAAM,EAAE,UAAU,MAAM,CAAC,EAAE,EAAE;QAC7B,cAAc,EAAE,6BAA6B,CAAC,MAAM,CAAC;KACtD,CAAC;AACJ,CAAC"}
|
|
@@ -0,0 +1,5 @@
|
|
|
1
|
+
import type { FastifyInstance } from "fastify";
|
|
2
|
+
import type { AppConfig } from "../config.js";
|
|
3
|
+
import type { AssistantProfileService } from "../services/assistant-profiles.js";
|
|
4
|
+
export declare function registerAssistantProfileRoutes(app: FastifyInstance, config: AppConfig, assistantProfileService: AssistantProfileService): void;
|
|
5
|
+
//# sourceMappingURL=assistant-profiles.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"assistant-profiles.d.ts","sourceRoot":"","sources":["../../src/routes/assistant-profiles.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,SAAS,CAAC;AAC/C,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAC9C,OAAO,KAAK,EAAE,uBAAuB,EAAE,MAAM,mCAAmC,CAAC;AAGjF,wBAAgB,8BAA8B,CAC5C,GAAG,EAAE,eAAe,EACpB,MAAM,EAAE,SAAS,EACjB,uBAAuB,EAAE,uBAAuB,GAC/C,IAAI,CAwEN"}
|
|
@@ -0,0 +1,75 @@
|
|
|
1
|
+
import { requireAuth } from "../security/http-auth.js";
|
|
2
|
+
export function registerAssistantProfileRoutes(app, config, assistantProfileService) {
|
|
3
|
+
app.get("/api/assistants/profiles", async (request, reply) => {
|
|
4
|
+
const user = await requireAuth(request, reply, config.jwtSecret);
|
|
5
|
+
if (!user)
|
|
6
|
+
return;
|
|
7
|
+
return { profiles: assistantProfileService.list(user.id) };
|
|
8
|
+
});
|
|
9
|
+
app.post("/api/assistants/profiles", async (request, reply) => {
|
|
10
|
+
const user = await requireAuth(request, reply, config.jwtSecret);
|
|
11
|
+
if (!user)
|
|
12
|
+
return;
|
|
13
|
+
const body = request.body ?? {};
|
|
14
|
+
const name = typeof body["name"] === "string" ? body["name"].trim() : "";
|
|
15
|
+
if (!name) {
|
|
16
|
+
return reply.status(400).send({ error: "VALIDATION_ERROR", details: "name is required" });
|
|
17
|
+
}
|
|
18
|
+
const profile = assistantProfileService.create(user.id, {
|
|
19
|
+
name,
|
|
20
|
+
description: typeof body["description"] === "string" ? body["description"] : null,
|
|
21
|
+
systemPrompt: typeof body["systemPrompt"] === "string" ? body["systemPrompt"] : null,
|
|
22
|
+
runtimeMode: body["runtimeMode"] === "full-access" || body["runtimeMode"] === "supervised" ? body["runtimeMode"] : null,
|
|
23
|
+
toolProfile: typeof body["toolProfile"] === "string" ? body["toolProfile"] : null,
|
|
24
|
+
enabledSkills: Array.isArray(body["enabledSkills"]) ? body["enabledSkills"].filter((item) => typeof item === "string") : [],
|
|
25
|
+
enabledPlugins: Array.isArray(body["enabledPlugins"]) ? body["enabledPlugins"].filter((item) => typeof item === "string") : [],
|
|
26
|
+
isDefault: body["isDefault"] === true,
|
|
27
|
+
});
|
|
28
|
+
return reply.status(201).send({ profile });
|
|
29
|
+
});
|
|
30
|
+
app.get("/api/assistants/profiles/:id", async (request, reply) => {
|
|
31
|
+
const user = await requireAuth(request, reply, config.jwtSecret);
|
|
32
|
+
if (!user)
|
|
33
|
+
return;
|
|
34
|
+
const profile = assistantProfileService.getById(request.params.id, user.id);
|
|
35
|
+
if (!profile) {
|
|
36
|
+
return reply.status(404).send({ error: "NOT_FOUND", details: "Assistant profile not found" });
|
|
37
|
+
}
|
|
38
|
+
return { profile };
|
|
39
|
+
});
|
|
40
|
+
app.patch("/api/assistants/profiles/:id", async (request, reply) => {
|
|
41
|
+
const user = await requireAuth(request, reply, config.jwtSecret);
|
|
42
|
+
if (!user)
|
|
43
|
+
return;
|
|
44
|
+
const body = request.body ?? {};
|
|
45
|
+
const profile = assistantProfileService.update(request.params.id, user.id, {
|
|
46
|
+
name: typeof body["name"] === "string" ? body["name"] : undefined,
|
|
47
|
+
description: typeof body["description"] === "string" ? body["description"] : body["description"] === null ? null : undefined,
|
|
48
|
+
systemPrompt: typeof body["systemPrompt"] === "string" ? body["systemPrompt"] : body["systemPrompt"] === null ? null : undefined,
|
|
49
|
+
runtimeMode: body["runtimeMode"] === "full-access" || body["runtimeMode"] === "supervised"
|
|
50
|
+
? body["runtimeMode"]
|
|
51
|
+
: body["runtimeMode"] === null
|
|
52
|
+
? null
|
|
53
|
+
: undefined,
|
|
54
|
+
toolProfile: typeof body["toolProfile"] === "string" ? body["toolProfile"] : body["toolProfile"] === null ? null : undefined,
|
|
55
|
+
enabledSkills: Array.isArray(body["enabledSkills"]) ? body["enabledSkills"].filter((item) => typeof item === "string") : undefined,
|
|
56
|
+
enabledPlugins: Array.isArray(body["enabledPlugins"]) ? body["enabledPlugins"].filter((item) => typeof item === "string") : undefined,
|
|
57
|
+
isDefault: typeof body["isDefault"] === "boolean" ? body["isDefault"] : undefined,
|
|
58
|
+
});
|
|
59
|
+
if (!profile) {
|
|
60
|
+
return reply.status(404).send({ error: "NOT_FOUND", details: "Assistant profile not found" });
|
|
61
|
+
}
|
|
62
|
+
return { profile };
|
|
63
|
+
});
|
|
64
|
+
app.delete("/api/assistants/profiles/:id", async (request, reply) => {
|
|
65
|
+
const user = await requireAuth(request, reply, config.jwtSecret);
|
|
66
|
+
if (!user)
|
|
67
|
+
return;
|
|
68
|
+
const deleted = assistantProfileService.delete(request.params.id, user.id);
|
|
69
|
+
if (!deleted) {
|
|
70
|
+
return reply.status(404).send({ error: "NOT_FOUND", details: "Assistant profile not found" });
|
|
71
|
+
}
|
|
72
|
+
return reply.status(204).send();
|
|
73
|
+
});
|
|
74
|
+
}
|
|
75
|
+
//# sourceMappingURL=assistant-profiles.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"assistant-profiles.js","sourceRoot":"","sources":["../../src/routes/assistant-profiles.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AAEvD,MAAM,UAAU,8BAA8B,CAC5C,GAAoB,EACpB,MAAiB,EACjB,uBAAgD;IAEhD,GAAG,CAAC,GAAG,CAAC,0BAA0B,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE;QAC3D,MAAM,IAAI,GAAG,MAAM,WAAW,CAAC,OAAO,EAAE,KAAK,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC;QACjE,IAAI,CAAC,IAAI;YAAE,OAAO;QAClB,OAAO,EAAE,QAAQ,EAAE,uBAAuB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC;IAC7D,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,IAAI,CAAC,0BAA0B,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE;QAC5D,MAAM,IAAI,GAAG,MAAM,WAAW,CAAC,OAAO,EAAE,KAAK,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC;QACjE,IAAI,CAAC,IAAI;YAAE,OAAO;QAClB,MAAM,IAAI,GAAI,OAAO,CAAC,IAAgC,IAAI,EAAE,CAAC;QAC7D,MAAM,IAAI,GAAG,OAAO,IAAI,CAAC,MAAM,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACzE,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,OAAO,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,kBAAkB,EAAE,OAAO,EAAE,kBAAkB,EAAE,CAAC,CAAC;QAC5F,CAAC;QACD,MAAM,OAAO,GAAG,uBAAuB,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE;YACtD,IAAI;YACJ,WAAW,EAAE,OAAO,IAAI,CAAC,aAAa,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,IAAI;YACjF,YAAY,EAAE,OAAO,IAAI,CAAC,cAAc,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,IAAI;YACpF,WAAW,EAAE,IAAI,CAAC,aAAa,CAAC,KAAK,aAAa,IAAI,IAAI,CAAC,aAAa,CAAC,KAAK,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,IAAI;YACvH,WAAW,EAAE,OAAO,IAAI,CAAC,aAAa,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,IAAI;YACjF,aAAa,EAAE,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,EAAkB,EAAE,CAAC,OAAO,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE;YAC3I,cAAc,EAAE,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,EAAkB,EAAE,CAAC,OAAO,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE;YAC9I,SAAS,EAAE,IAAI,CAAC,WAAW,CAAC,KAAK,IAAI;SACtC,CAAC,CAAC;QACH,OAAO,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC;IAC7C,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,GAAG,CAA6B,8BAA8B,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE;QAC3F,MAAM,IAAI,GAAG,MAAM,WAAW,CAAC,OAAO,EAAE,KAAK,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC;QACjE,IAAI,CAAC,IAAI;YAAE,OAAO;QAClB,MAAM,OAAO,GAAG,uBAAuB,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;QAC5E,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,OAAO,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,OAAO,EAAE,6BAA6B,EAAE,CAAC,CAAC;QAChG,CAAC;QACD,OAAO,EAAE,OAAO,EAAE,CAAC;IACrB,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,KAAK,CAA6B,8BAA8B,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE;QAC7F,MAAM,IAAI,GAAG,MAAM,WAAW,CAAC,OAAO,EAAE,KAAK,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC;QACjE,IAAI,CAAC,IAAI;YAAE,OAAO;QAClB,MAAM,IAAI,GAAI,OAAO,CAAC,IAAgC,IAAI,EAAE,CAAC;QAC7D,MAAM,OAAO,GAAG,uBAAuB,CAAC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE;YACzE,IAAI,EAAE,OAAO,IAAI,CAAC,MAAM,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,SAAS;YACjE,WAAW,EAAE,OAAO,IAAI,CAAC,aAAa,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,KAAK,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS;YAC5H,YAAY,EAAE,OAAO,IAAI,CAAC,cAAc,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,KAAK,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS;YAChI,WAAW,EACT,IAAI,CAAC,aAAa,CAAC,KAAK,aAAa,IAAI,IAAI,CAAC,aAAa,CAAC,KAAK,YAAY;gBAC3E,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC;gBACrB,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,KAAK,IAAI;oBAC5B,CAAC,CAAC,IAAI;oBACN,CAAC,CAAC,SAAS;YACjB,WAAW,EAAE,OAAO,IAAI,CAAC,aAAa,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,KAAK,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS;YAC5H,aAAa,EAAE,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,EAAkB,EAAE,CAAC,OAAO,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS;YAClJ,cAAc,EAAE,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,EAAkB,EAAE,CAAC,OAAO,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS;YACrJ,SAAS,EAAE,OAAO,IAAI,CAAC,WAAW,CAAC,KAAK,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,SAAS;SAClF,CAAC,CAAC;QACH,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,OAAO,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,OAAO,EAAE,6BAA6B,EAAE,CAAC,CAAC;QAChG,CAAC;QACD,OAAO,EAAE,OAAO,EAAE,CAAC;IACrB,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,MAAM,CAA6B,8BAA8B,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE;QAC9F,MAAM,IAAI,GAAG,MAAM,WAAW,CAAC,OAAO,EAAE,KAAK,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC;QACjE,IAAI,CAAC,IAAI;YAAE,OAAO;QAClB,MAAM,OAAO,GAAG,uBAAuB,CAAC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;QAC3E,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,OAAO,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,OAAO,EAAE,6BAA6B,EAAE,CAAC,CAAC;QAChG,CAAC;QACD,OAAO,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;IAClC,CAAC,CAAC,CAAC;AACL,CAAC"}
|
package/dist/routes/consent.d.ts
CHANGED
|
@@ -5,6 +5,11 @@
|
|
|
5
5
|
*/
|
|
6
6
|
import type { FastifyInstance } from "fastify";
|
|
7
7
|
import type { ConsentManager } from "../security/consent-manager.js";
|
|
8
|
+
import type { ToolPermission } from "../security/tool-permissions.js";
|
|
9
|
+
import type { ProfileName } from "../security/tool-profiles.js";
|
|
8
10
|
import type { AuditWriter } from "../services/audit.js";
|
|
9
|
-
export declare function registerConsentRoutes(app: FastifyInstance, consentManager: ConsentManager, audit: AuditWriter
|
|
11
|
+
export declare function registerConsentRoutes(app: FastifyInstance, consentManager: ConsentManager, audit: AuditWriter, options?: {
|
|
12
|
+
activeProfileName?: ProfileName;
|
|
13
|
+
permissions?: Map<string, ToolPermission>;
|
|
14
|
+
}): void;
|
|
10
15
|
//# sourceMappingURL=consent.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"consent.d.ts","sourceRoot":"","sources":["../../src/routes/consent.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,SAAS,CAAC;AAC/C,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,gCAAgC,CAAC;AACrE,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAC;AAGxD,wBAAgB,qBAAqB,CACnC,GAAG,EAAE,eAAe,EACpB,cAAc,EAAE,cAAc,EAC9B,KAAK,EAAE,WAAW,
|
|
1
|
+
{"version":3,"file":"consent.d.ts","sourceRoot":"","sources":["../../src/routes/consent.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,SAAS,CAAC;AAC/C,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,gCAAgC,CAAC;AACrE,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,iCAAiC,CAAC;AACtE,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,8BAA8B,CAAC;AAChE,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAC;AAGxD,wBAAgB,qBAAqB,CACnC,GAAG,EAAE,eAAe,EACpB,cAAc,EAAE,cAAc,EAC9B,KAAK,EAAE,WAAW,EAClB,OAAO,GAAE;IACP,iBAAiB,CAAC,EAAE,WAAW,CAAC;IAChC,WAAW,CAAC,EAAE,GAAG,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;CACtC,QAqJP"}
|
package/dist/routes/consent.js
CHANGED
|
@@ -4,7 +4,16 @@
|
|
|
4
4
|
* REST API for consent management: list pending, approve, reject.
|
|
5
5
|
*/
|
|
6
6
|
import { uuidv7 } from "../db/uuidv7.js";
|
|
7
|
-
export function registerConsentRoutes(app, consentManager, audit) {
|
|
7
|
+
export function registerConsentRoutes(app, consentManager, audit, options = {}) {
|
|
8
|
+
app.get("/api/consent/policy", async () => {
|
|
9
|
+
const permissions = options.permissions ? [...options.permissions.values()] : [];
|
|
10
|
+
return {
|
|
11
|
+
activeProfileName: options.activeProfileName ?? null,
|
|
12
|
+
toolCount: permissions.length,
|
|
13
|
+
permissions,
|
|
14
|
+
unknownToolsRequireConsent: true,
|
|
15
|
+
};
|
|
16
|
+
});
|
|
8
17
|
// GET /api/consent/pending — list all pending consent requests
|
|
9
18
|
app.get("/api/consent/pending", async (_request, _reply) => {
|
|
10
19
|
const requests = consentManager.listPending();
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"consent.js","sourceRoot":"","sources":["../../src/routes/consent.ts"],"names":[],"mappings":"AAAA;;;;GAIG;
|
|
1
|
+
{"version":3,"file":"consent.js","sourceRoot":"","sources":["../../src/routes/consent.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAOH,OAAO,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAC;AAEzC,MAAM,UAAU,qBAAqB,CACnC,GAAoB,EACpB,cAA8B,EAC9B,KAAkB,EAClB,UAGI,EAAE;IAEN,GAAG,CAAC,GAAG,CAAC,qBAAqB,EAAE,KAAK,IAAI,EAAE;QACxC,MAAM,WAAW,GAAG,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,WAAW,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QACjF,OAAO;YACL,iBAAiB,EAAE,OAAO,CAAC,iBAAiB,IAAI,IAAI;YACpD,SAAS,EAAE,WAAW,CAAC,MAAM;YAC7B,WAAW;YACX,0BAA0B,EAAE,IAAI;SACjC,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,+DAA+D;IAC/D,GAAG,CAAC,GAAG,CAAC,sBAAsB,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,EAAE;QACzD,MAAM,QAAQ,GAAG,cAAc,CAAC,WAAW,EAAE,CAAC;QAC9C,OAAO,EAAE,QAAQ,EAAE,CAAC;IACtB,CAAC,CAAC,CAAC;IAEH,mEAAmE;IACnE,GAAG,CAAC,GAAG,CAAC,iCAAiC,EAAE,KAAK,EAAE,OAAO,EAAE,MAAM,EAAE,EAAE;QACnE,MAAM,EAAE,SAAS,EAAE,GAAG,OAAO,CAAC,MAA+B,CAAC;QAC9D,MAAM,QAAQ,GAAG,cAAc,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;QACvD,OAAO,EAAE,QAAQ,EAAE,CAAC;IACtB,CAAC,CAAC,CAAC;IAEH,wDAAwD;IACxD,GAAG,CAAC,GAAG,CAAC,kBAAkB,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE;QACnD,MAAM,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,MAAwB,CAAC;QAChD,MAAM,GAAG,GAAG,cAAc,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;QAC1C,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,OAAO,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,OAAO,EAAE,2BAA2B,EAAE,CAAC,CAAC;QAC9F,CAAC;QACD,OAAO,GAAG,CAAC;IACb,CAAC,CAAC,CAAC;IAEH,4DAA4D;IAC5D,GAAG,CAAC,IAAI,CAAC,0BAA0B,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE;QAC5D,MAAM,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,MAAwB,CAAC;QAChD,MAAM,IAAI,GAAI,OAAO,CAAC,IAAgC,IAAI,EAAE,CAAC;QAC7D,MAAM,MAAM,GAAG,OAAO,IAAI,CAAC,QAAQ,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QAE/E,MAAM,EAAE,GAAG,cAAc,CAAC,OAAO,CAAC,EAAE,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;QACvD,IAAI,CAAC,EAAE,EAAE,CAAC;YACR,OAAO,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,OAAO,EAAE,+CAA+C,EAAE,CAAC,CAAC;QAClH,CAAC;QAED,KAAK,CAAC,KAAK,CAAC;YACV,QAAQ,EAAE,MAAM,EAAE;YAClB,UAAU,EAAE,iBAAiB;YAC7B,MAAM,EAAE,UAAU;YAClB,MAAM,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE,MAAM,EAAE;SAClC,CAAC,CAAC;QAEH,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,UAAU,EAAE,CAAC;IAC5C,CAAC,CAAC,CAAC;IAEH,0DAA0D;IAC1D,GAAG,CAAC,IAAI,CAAC,yBAAyB,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE;QAC3D,MAAM,EAAE,EAAE,EAAE,GAAG,OAAO,CAAC,MAAwB,CAAC;QAChD,MAAM,IAAI,GAAI,OAAO,CAAC,IAAgC,IAAI,EAAE,CAAC;QAC7D,MAAM,MAAM,GAAG,OAAO,IAAI,CAAC,QAAQ,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC;QAErF,MAAM,EAAE,GAAG,cAAc,CAAC,MAAM,CAAC,EAAE,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;QACtD,IAAI,CAAC,EAAE,EAAE,CAAC;YACR,OAAO,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,OAAO,EAAE,+CAA+C,EAAE,CAAC,CAAC;QAClH,CAAC;QAED,KAAK,CAAC,KAAK,CAAC;YACV,QAAQ,EAAE,MAAM,EAAE;YAClB,UAAU,EAAE,gBAAgB;YAC5B,MAAM,EAAE,UAAU;YAClB,MAAM,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE,MAAM,EAAE;SAClC,CAAC,CAAC;QAEH,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,UAAU,EAAE,CAAC;IAC5C,CAAC,CAAC,CAAC;IAEH,uFAAuF;IACvF,GAAG,CAAC,IAAI,CAAC,6CAA6C,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE;QACxE,MAAM,EAAE,SAAS,EAAE,GAAG,OAAO,CAAC,MAA+B,CAAC;QAC9D,MAAM,IAAI,GAAI,OAAO,CAAC,IAAgC,IAAI,EAAE,CAAC;QAC7D,MAAM,MAAM,GAAG,OAAO,IAAI,CAAC,QAAQ,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QAE/E,kEAAkE;QAClE,cAAc,CAAC,0BAA0B,CAAC,SAAS,CAAC,CAAC;QAErD,MAAM,OAAO,GAAG,cAAc,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;QACtD,MAAM,kBAAkB,GAAa,EAAE,CAAC;QAExC,KAAK,MAAM,GAAG,IAAI,OAAO,EAAE,CAAC;YAC1B,MAAM,EAAE,GAAG,cAAc,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;YAC3D,IAAI,EAAE,EAAE,CAAC;gBACP,kBAAkB,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;gBAChC,KAAK,CAAC,KAAK,CAAC;oBACV,SAAS;oBACT,QAAQ,EAAE,MAAM,EAAE;oBAClB,UAAU,EAAE,iBAAiB;oBAC7B,MAAM,EAAE,UAAU;oBAClB,MAAM,EAAE,EAAE,SAAS,EAAE,GAAG,CAAC,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE;iBAClD,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,OAAO;YACL,EAAE,EAAE,IAAI;YACR,SAAS;YACT,iBAAiB,EAAE,IAAI;YACvB,aAAa,EAAE,kBAAkB,CAAC,MAAM;YACxC,UAAU,EAAE,kBAAkB;SAC/B,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,6EAA6E;IAC7E,GAAG,CAAC,GAAG,CAAC,6CAA6C,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE;QACvE,MAAM,EAAE,SAAS,EAAE,GAAG,OAAO,CAAC,MAA+B,CAAC;QAC9D,OAAO;YACL,SAAS;YACT,iBAAiB,EAAE,cAAc,CAAC,6BAA6B,CAAC,SAAS,CAAC;SAC3E,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,gFAAgF;IAChF,GAAG,CAAC,MAAM,CAAC,6CAA6C,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE;QAC1E,MAAM,EAAE,SAAS,EAAE,GAAG,OAAO,CAAC,MAA+B,CAAC;QAC9D,cAAc,CAAC,2BAA2B,CAAC,SAAS,CAAC,CAAC;QACtD,KAAK,CAAC,KAAK,CAAC;YACV,SAAS;YACT,QAAQ,EAAE,MAAM,EAAE;YAClB,UAAU,EAAE,2BAA2B;YACvC,MAAM,EAAE,UAAU;YAClB,MAAM,EAAE,EAAE,SAAS,EAAE;SACtB,CAAC,CAAC;QACH,OAAO;YACL,EAAE,EAAE,IAAI;YACR,SAAS;YACT,iBAAiB,EAAE,KAAK;SACzB,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,yCAAyC;IACzC,GAAG,CAAC,GAAG,CAAC,oBAAoB,EAAE,KAAK,IAAI,EAAE;QACvC,OAAO,EAAE,KAAK,EAAE,cAAc,CAAC,YAAY,EAAE,CAAC;IAChD,CAAC,CAAC,CAAC;IAEH,yCAAyC;IACzC,GAAG,CAAC,GAAG,CAAC,YAAY,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,EAAE;QAC/C,gFAAgF;QAChF,OAAO,EAAE,OAAO,EAAE,0CAA0C,EAAE,CAAC;IACjE,CAAC,CAAC,CAAC;AACL,CAAC"}
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
import type { FastifyInstance } from "fastify";
|
|
2
|
+
import type { AppConfig } from "../config.js";
|
|
3
|
+
import type { SqliteDatabase } from "../db/sqlite-shim.js";
|
|
4
|
+
import type { ProviderRegistry } from "../providers/registry.js";
|
|
5
|
+
import type { AssistantProfileService } from "../services/assistant-profiles.js";
|
|
6
|
+
import type { RepositoryService } from "../services/repositories.js";
|
|
7
|
+
import type { WorkspaceService } from "../services/workspaces.js";
|
|
8
|
+
import type { WsControlPlane } from "../ws.js";
|
|
9
|
+
interface EnvironmentRouteDeps {
|
|
10
|
+
assistantProfileService?: AssistantProfileService;
|
|
11
|
+
workspaceService?: WorkspaceService;
|
|
12
|
+
repoService?: RepositoryService;
|
|
13
|
+
providerRegistry?: ProviderRegistry;
|
|
14
|
+
ws?: WsControlPlane;
|
|
15
|
+
sqlite?: SqliteDatabase;
|
|
16
|
+
}
|
|
17
|
+
export declare function registerEnvironmentRoutes(app: FastifyInstance, config: AppConfig, deps: EnvironmentRouteDeps): void;
|
|
18
|
+
export {};
|
|
19
|
+
//# sourceMappingURL=environment.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"environment.d.ts","sourceRoot":"","sources":["../../src/routes/environment.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,SAAS,CAAC;AAC/C,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAC9C,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAE3D,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,0BAA0B,CAAC;AACjE,OAAO,KAAK,EAAE,uBAAuB,EAAE,MAAM,mCAAmC,CAAC;AACjF,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,6BAA6B,CAAC;AACrE,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,2BAA2B,CAAC;AAClE,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,UAAU,CAAC;AA2C/C,UAAU,oBAAoB;IAC5B,uBAAuB,CAAC,EAAE,uBAAuB,CAAC;IAClD,gBAAgB,CAAC,EAAE,gBAAgB,CAAC;IACpC,WAAW,CAAC,EAAE,iBAAiB,CAAC;IAChC,gBAAgB,CAAC,EAAE,gBAAgB,CAAC;IACpC,EAAE,CAAC,EAAE,cAAc,CAAC;IACpB,MAAM,CAAC,EAAE,cAAc,CAAC;CACzB;AAgCD,wBAAgB,yBAAyB,CACvC,GAAG,EAAE,eAAe,EACpB,MAAM,EAAE,SAAS,EACjB,IAAI,EAAE,oBAAoB,GACzB,IAAI,CA6DN"}
|
|
@@ -0,0 +1,78 @@
|
|
|
1
|
+
import { requireAuth } from "../security/http-auth.js";
|
|
2
|
+
function loadNetworkHosts(sqlite) {
|
|
3
|
+
if (!sqlite)
|
|
4
|
+
return [];
|
|
5
|
+
const rows = sqlite.prepare("SELECT * FROM network_hosts ORDER BY last_seen_at DESC").all();
|
|
6
|
+
return rows.map((row) => ({
|
|
7
|
+
ip: row.ip,
|
|
8
|
+
mac: row.mac,
|
|
9
|
+
hostname: row.hostname,
|
|
10
|
+
vendor: null,
|
|
11
|
+
alive: true,
|
|
12
|
+
openPorts: JSON.parse(row.open_ports),
|
|
13
|
+
sshReachable: row.ssh_reachable === 1,
|
|
14
|
+
agentStatus: row.agent_status,
|
|
15
|
+
osVersion: row.os_version,
|
|
16
|
+
providers: row.providers ? JSON.parse(row.providers) : undefined,
|
|
17
|
+
lastSeen: row.last_seen_at,
|
|
18
|
+
}));
|
|
19
|
+
}
|
|
20
|
+
export function registerEnvironmentRoutes(app, config, deps) {
|
|
21
|
+
app.get("/api/environment/snapshot", async (request, reply) => {
|
|
22
|
+
const user = await requireAuth(request, reply, config.jwtSecret);
|
|
23
|
+
if (!user)
|
|
24
|
+
return;
|
|
25
|
+
const assistants = deps.assistantProfileService?.list(user.id) ?? [];
|
|
26
|
+
const nodes = deps.ws?.getNodeRegistry().nodes ?? [];
|
|
27
|
+
const workspaces = deps.workspaceService?.list("active", user.id) ?? [];
|
|
28
|
+
const sessionCounts = deps.workspaceService?.getActiveSessionCounts(user.id) ?? new Map();
|
|
29
|
+
const environmentWorkspaces = workspaces.map((workspace) => ({
|
|
30
|
+
id: workspace.id,
|
|
31
|
+
title: workspace.title,
|
|
32
|
+
rootPath: workspace.rootPath,
|
|
33
|
+
nodeId: workspace.nodeId,
|
|
34
|
+
status: workspace.status,
|
|
35
|
+
sessionCount: sessionCounts.get(workspace.id) ?? 0,
|
|
36
|
+
lastActiveAt: workspace.lastActiveAt,
|
|
37
|
+
}));
|
|
38
|
+
const connectedNodes = new Map((deps.ws?.getFsNodes() ?? []).map((node) => [node.id, node.name]));
|
|
39
|
+
const repositories = (deps.repoService?.list(user.id) ?? []).map((repo) => ({
|
|
40
|
+
id: repo.id,
|
|
41
|
+
name: repo.name,
|
|
42
|
+
localPath: repo.localPath,
|
|
43
|
+
defaultBranch: repo.defaultBranch,
|
|
44
|
+
githubUrl: repo.githubUrl,
|
|
45
|
+
deviceId: repo.deviceId,
|
|
46
|
+
nodeName: repo.deviceId ? connectedNodes.get(repo.deviceId) ?? null : "Gateway",
|
|
47
|
+
connected: repo.deviceId ? connectedNodes.has(repo.deviceId) : true,
|
|
48
|
+
updatedAt: repo.updatedAt,
|
|
49
|
+
}));
|
|
50
|
+
const providerConnectors = deps.providerRegistry
|
|
51
|
+
? await deps.providerRegistry.checkAll().then((providers) => providers.map((provider) => ({
|
|
52
|
+
id: provider.id,
|
|
53
|
+
kind: "provider",
|
|
54
|
+
name: provider.name,
|
|
55
|
+
status: provider.available ? "ready" : "offline",
|
|
56
|
+
details: provider.unavailableReason ?? null,
|
|
57
|
+
})))
|
|
58
|
+
: [];
|
|
59
|
+
const nodeConnectors = nodes.map((node) => ({
|
|
60
|
+
id: node.id,
|
|
61
|
+
kind: "node",
|
|
62
|
+
name: node.name,
|
|
63
|
+
status: node.lifecycle === "ready" ? "ready" : "offline",
|
|
64
|
+
details: `${node.platform} · ${node.role}`,
|
|
65
|
+
}));
|
|
66
|
+
const snapshot = {
|
|
67
|
+
serverTime: new Date().toISOString(),
|
|
68
|
+
assistants,
|
|
69
|
+
nodes,
|
|
70
|
+
workspaces: environmentWorkspaces,
|
|
71
|
+
repositories,
|
|
72
|
+
networkHosts: loadNetworkHosts(deps.sqlite),
|
|
73
|
+
connectors: [...providerConnectors, ...nodeConnectors],
|
|
74
|
+
};
|
|
75
|
+
return { snapshot };
|
|
76
|
+
});
|
|
77
|
+
}
|
|
78
|
+
//# sourceMappingURL=environment.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"environment.js","sourceRoot":"","sources":["../../src/routes/environment.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AAqEvD,SAAS,gBAAgB,CAAC,MAAuB;IAC/C,IAAI,CAAC,MAAM;QAAE,OAAO,EAAE,CAAC;IACvB,MAAM,IAAI,GAAG,MAAM,CAAC,OAAO,CAAC,wDAAwD,CAAC,CAAC,GAAG,EAAiB,CAAC;IAC3G,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QACxB,EAAE,EAAE,GAAG,CAAC,EAAE;QACV,GAAG,EAAE,GAAG,CAAC,GAAG;QACZ,QAAQ,EAAE,GAAG,CAAC,QAAQ;QACtB,MAAM,EAAE,IAAI;QACZ,KAAK,EAAE,IAAI;QACX,SAAS,EAAE,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,CAAa;QACjD,YAAY,EAAE,GAAG,CAAC,aAAa,KAAK,CAAC;QACrC,WAAW,EAAE,GAAG,CAAC,YAA0C;QAC3D,SAAS,EAAE,GAAG,CAAC,UAAU;QACzB,SAAS,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC,CAAE,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,CAAc,CAAC,CAAC,CAAC,SAAS;QAC9E,QAAQ,EAAE,GAAG,CAAC,YAAY;KAC3B,CAAC,CAAC,CAAC;AACN,CAAC;AAED,MAAM,UAAU,yBAAyB,CACvC,GAAoB,EACpB,MAAiB,EACjB,IAA0B;IAE1B,GAAG,CAAC,GAAG,CAAC,2BAA2B,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE;QAC5D,MAAM,IAAI,GAAG,MAAM,WAAW,CAAC,OAAO,EAAE,KAAK,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC;QACjE,IAAI,CAAC,IAAI;YAAE,OAAO;QAElB,MAAM,UAAU,GAAG,IAAI,CAAC,uBAAuB,EAAE,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC;QACrE,MAAM,KAAK,GAAG,IAAI,CAAC,EAAE,EAAE,eAAe,EAAE,CAAC,KAAK,IAAI,EAAE,CAAC;QACrD,MAAM,UAAU,GAAG,IAAI,CAAC,gBAAgB,EAAE,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC;QACxE,MAAM,aAAa,GAAG,IAAI,CAAC,gBAAgB,EAAE,sBAAsB,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,IAAI,GAAG,EAAkB,CAAC;QAC1G,MAAM,qBAAqB,GAA2B,UAAU,CAAC,GAAG,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;YACnF,EAAE,EAAE,SAAS,CAAC,EAAE;YAChB,KAAK,EAAE,SAAS,CAAC,KAAK;YACtB,QAAQ,EAAE,SAAS,CAAC,QAAQ;YAC5B,MAAM,EAAE,SAAS,CAAC,MAAM;YACxB,MAAM,EAAE,SAAS,CAAC,MAAM;YACxB,YAAY,EAAE,aAAa,CAAC,GAAG,CAAC,SAAS,CAAC,EAAE,CAAC,IAAI,CAAC;YAClD,YAAY,EAAE,SAAS,CAAC,YAAY;SACrC,CAAC,CAAC,CAAC;QAEJ,MAAM,cAAc,GAAG,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClG,MAAM,YAAY,GAAG,CAAC,IAAI,CAAC,WAAW,EAAE,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC,CAAC,GAAG,CAAwB,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;YACjG,EAAE,EAAE,IAAI,CAAC,EAAE;YACX,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,aAAa,EAAE,IAAI,CAAC,aAAa;YACjC,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,cAAc,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC,SAAS;YAC/E,SAAS,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,cAAc,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,IAAI;YACnE,SAAS,EAAE,IAAI,CAAC,SAAS;SAC1B,CAAC,CAAC,CAAC;QAEJ,MAAM,kBAAkB,GAAG,IAAI,CAAC,gBAAgB;YAC9C,CAAC,CAAC,MAAM,IAAI,CAAC,gBAAgB,CAAC,QAAQ,EAAE,CAAC,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,SAAS,CAAC,GAAG,CAAuB,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;gBAC5G,EAAE,EAAE,QAAQ,CAAC,EAAE;gBACf,IAAI,EAAE,UAAU;gBAChB,IAAI,EAAE,QAAQ,CAAC,IAAI;gBACnB,MAAM,EAAE,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS;gBAChD,OAAO,EAAE,QAAQ,CAAC,iBAAiB,IAAI,IAAI;aAC5C,CAAC,CAAC,CAAC;YACN,CAAC,CAAC,EAAE,CAAC;QACP,MAAM,cAAc,GAAG,KAAK,CAAC,GAAG,CAAuB,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;YAChE,EAAE,EAAE,IAAI,CAAC,EAAE;YACX,IAAI,EAAE,MAAM;YACZ,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,MAAM,EAAE,IAAI,CAAC,SAAS,KAAK,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS;YACxD,OAAO,EAAE,GAAG,IAAI,CAAC,QAAQ,MAAM,IAAI,CAAC,IAAI,EAAE;SAC3C,CAAC,CAAC,CAAC;QAEJ,MAAM,QAAQ,GAAwB;YACpC,UAAU,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACpC,UAAU;YACV,KAAK;YACL,UAAU,EAAE,qBAAqB;YACjC,YAAY;YACZ,YAAY,EAAE,gBAAgB,CAAC,IAAI,CAAC,MAAM,CAAC;YAC3C,UAAU,EAAE,CAAC,GAAG,kBAAkB,EAAE,GAAG,cAAc,CAAC;SACvD,CAAC;QAEF,OAAO,EAAE,QAAQ,EAAE,CAAC;IACtB,CAAC,CAAC,CAAC;AACL,CAAC"}
|
|
@@ -13,6 +13,7 @@ import type { ToolRegistry } from "../tools/registry.js";
|
|
|
13
13
|
import type { AuditWriter } from "../services/audit.js";
|
|
14
14
|
import type { ConsentManager } from "./consent-manager.js";
|
|
15
15
|
import type { TrustEngine } from "./trust-engine.js";
|
|
16
|
+
import type { ProfileName } from "./tool-profiles.js";
|
|
16
17
|
import type { ToolPermission } from "./tool-permissions.js";
|
|
17
18
|
export interface ConsentAwareExecutorOptions {
|
|
18
19
|
toolRegistry: ToolRegistry;
|
|
@@ -23,6 +24,8 @@ export interface ConsentAwareExecutorOptions {
|
|
|
23
24
|
permissions: Map<string, ToolPermission>;
|
|
24
25
|
/** Session-scoped set of tools approved via "once" */
|
|
25
26
|
sessionApprovals: Set<string>;
|
|
27
|
+
/** Human-readable active profile name */
|
|
28
|
+
profileName?: ProfileName;
|
|
26
29
|
}
|
|
27
30
|
export interface ExecuteOptions {
|
|
28
31
|
/** If true, return the plan without executing */
|
|
@@ -37,6 +40,7 @@ export declare class ConsentAwareExecutor {
|
|
|
37
40
|
private readonly audit?;
|
|
38
41
|
private readonly permissions;
|
|
39
42
|
private readonly sessionApprovals;
|
|
43
|
+
private readonly profileName?;
|
|
40
44
|
constructor(opts: ConsentAwareExecutorOptions);
|
|
41
45
|
/**
|
|
42
46
|
* Execute a tool with consent checking and trust-level awareness.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"consent-executor.d.ts","sourceRoot":"","sources":["../../src/security/consent-executor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,KAAK,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AACrE,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACzD,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAC;AACxD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAC3D,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AACrD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AAG5D,MAAM,WAAW,2BAA2B;IAC1C,YAAY,EAAE,YAAY,CAAC;IAC3B,cAAc,EAAE,cAAc,CAAC;IAC/B,WAAW,EAAE,WAAW,CAAC;IACzB,KAAK,CAAC,EAAE,WAAW,CAAC;IACpB,iDAAiD;IACjD,WAAW,EAAE,GAAG,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;IACzC,sDAAsD;IACtD,gBAAgB,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"consent-executor.d.ts","sourceRoot":"","sources":["../../src/security/consent-executor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,KAAK,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AACrE,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACzD,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAC;AACxD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAC3D,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AACrD,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACtD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AAG5D,MAAM,WAAW,2BAA2B;IAC1C,YAAY,EAAE,YAAY,CAAC;IAC3B,cAAc,EAAE,cAAc,CAAC;IAC/B,WAAW,EAAE,WAAW,CAAC;IACzB,KAAK,CAAC,EAAE,WAAW,CAAC;IACpB,iDAAiD;IACjD,WAAW,EAAE,GAAG,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;IACzC,sDAAsD;IACtD,gBAAgB,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;IAC9B,yCAAyC;IACzC,WAAW,CAAC,EAAE,WAAW,CAAC;CAC3B;AAED,MAAM,WAAW,cAAc;IAC7B,iDAAiD;IACjD,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,oCAAoC;IACpC,gBAAgB,CAAC,EAAE,MAAM,CAAC;CAC3B;AAED,qBAAa,oBAAoB;IAC/B,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAe;IAC5C,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAiB;IAChD,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAc;IAC1C,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAc;IACrC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAA8B;IAC1D,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAc;IAC/C,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAc;gBAE/B,IAAI,EAAE,2BAA2B;IAU7C;;OAEG;IACG,OAAO,CACX,QAAQ,EAAE,MAAM,EAChB,KAAK,EAAE,OAAO,EACd,OAAO,EAAE,WAAW,EACpB,OAAO,GAAE,cAAmB,GAC3B,OAAO,CAAC,UAAU,CAAC;IA4GtB,OAAO,CAAC,YAAY;IA2BpB,OAAO,CAAC,YAAY;CAqBrB"}
|
|
@@ -8,7 +8,7 @@
|
|
|
8
8
|
* In dry-run mode, the executor returns the plan (what would happen)
|
|
9
9
|
* without executing anything, regardless of consent level.
|
|
10
10
|
*/
|
|
11
|
-
import { requiresConsent, isCommandAllowed } from "./tool-permissions.js";
|
|
11
|
+
import { requiresConsent, isCommandAllowed, resolveToolPermission } from "./tool-permissions.js";
|
|
12
12
|
export class ConsentAwareExecutor {
|
|
13
13
|
toolRegistry;
|
|
14
14
|
consentManager;
|
|
@@ -16,6 +16,7 @@ export class ConsentAwareExecutor {
|
|
|
16
16
|
audit;
|
|
17
17
|
permissions;
|
|
18
18
|
sessionApprovals;
|
|
19
|
+
profileName;
|
|
19
20
|
constructor(opts) {
|
|
20
21
|
this.toolRegistry = opts.toolRegistry;
|
|
21
22
|
this.consentManager = opts.consentManager;
|
|
@@ -23,12 +24,13 @@ export class ConsentAwareExecutor {
|
|
|
23
24
|
this.audit = opts.audit;
|
|
24
25
|
this.permissions = opts.permissions;
|
|
25
26
|
this.sessionApprovals = opts.sessionApprovals;
|
|
27
|
+
this.profileName = opts.profileName;
|
|
26
28
|
}
|
|
27
29
|
/**
|
|
28
30
|
* Execute a tool with consent checking and trust-level awareness.
|
|
29
31
|
*/
|
|
30
32
|
async execute(toolName, input, context, options = {}) {
|
|
31
|
-
const permission = this.permissions
|
|
33
|
+
const permission = resolveToolPermission(toolName, this.permissions);
|
|
32
34
|
const trustLevel = this.trustEngine.getLevel(toolName);
|
|
33
35
|
// Build a summary for the consent card
|
|
34
36
|
const summary = this.buildSummary(toolName, input);
|
|
@@ -47,8 +49,14 @@ export class ConsentAwareExecutor {
|
|
|
47
49
|
preview,
|
|
48
50
|
requiresConsent: needsConsent,
|
|
49
51
|
trustLevel,
|
|
50
|
-
|
|
51
|
-
|
|
52
|
+
risk: permission.risk,
|
|
53
|
+
policy: {
|
|
54
|
+
profileName: this.profileName ?? null,
|
|
55
|
+
consentLevel: permission.consentLevel,
|
|
56
|
+
description: permission.description,
|
|
57
|
+
knownTool: permission.knownTool,
|
|
58
|
+
source: permission.source,
|
|
59
|
+
},
|
|
52
60
|
},
|
|
53
61
|
};
|
|
54
62
|
}
|
|
@@ -83,7 +91,13 @@ export class ConsentAwareExecutor {
|
|
|
83
91
|
toolName,
|
|
84
92
|
summary,
|
|
85
93
|
preview,
|
|
86
|
-
risk: permission
|
|
94
|
+
risk: permission.risk,
|
|
95
|
+
policy: {
|
|
96
|
+
consentLevel: permission.consentLevel,
|
|
97
|
+
description: permission.description,
|
|
98
|
+
knownTool: permission.knownTool,
|
|
99
|
+
source: permission.source,
|
|
100
|
+
},
|
|
87
101
|
sessionId: context.sessionId,
|
|
88
102
|
timeoutMs: options.consentTimeoutMs,
|
|
89
103
|
});
|
|
@@ -102,7 +116,7 @@ export class ConsentAwareExecutor {
|
|
|
102
116
|
if (result.ok) {
|
|
103
117
|
this.trustEngine.recordApproval(toolName);
|
|
104
118
|
// Mark as session-approved for "once" consent level
|
|
105
|
-
if (permission
|
|
119
|
+
if (permission.consentLevel === "once") {
|
|
106
120
|
this.sessionApprovals.add(toolName);
|
|
107
121
|
}
|
|
108
122
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"consent-executor.js","sourceRoot":"","sources":["../../src/security/consent-executor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;
|
|
1
|
+
{"version":3,"file":"consent-executor.js","sourceRoot":"","sources":["../../src/security/consent-executor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AASH,OAAO,EAAE,eAAe,EAAE,gBAAgB,EAAE,qBAAqB,EAAE,MAAM,uBAAuB,CAAC;AAsBjG,MAAM,OAAO,oBAAoB;IACd,YAAY,CAAe;IAC3B,cAAc,CAAiB;IAC/B,WAAW,CAAc;IACzB,KAAK,CAAe;IACpB,WAAW,CAA8B;IACzC,gBAAgB,CAAc;IAC9B,WAAW,CAAe;IAE3C,YAAY,IAAiC;QAC3C,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC,YAAY,CAAC;QACtC,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC,cAAc,CAAC;QAC1C,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,WAAW,CAAC;QACpC,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;QACxB,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,WAAW,CAAC;QACpC,IAAI,CAAC,gBAAgB,GAAG,IAAI,CAAC,gBAAgB,CAAC;QAC9C,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,WAAW,CAAC;IACtC,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,OAAO,CACX,QAAgB,EAChB,KAAc,EACd,OAAoB,EACpB,UAA0B,EAAE;QAE5B,MAAM,UAAU,GAAG,qBAAqB,CAAC,QAAQ,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;QACrE,MAAM,UAAU,GAAG,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;QAEvD,uCAAuC;QACvC,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;QACnD,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;QAEnD,oDAAoD;QACpD,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;YACnB,MAAM,YAAY,GAAG,eAAe,CAAC,UAAU,EAAE,UAAU,EAAE,IAAI,CAAC,gBAAgB,CAAC,CAAC;YACpF,OAAO;gBACL,EAAE,EAAE,IAAI;gBACR,OAAO,EAAE,yCAAyC;gBAClD,IAAI,EAAE;oBACJ,MAAM,EAAE,IAAI;oBACZ,QAAQ;oBACR,KAAK;oBACL,OAAO;oBACP,OAAO;oBACP,eAAe,EAAE,YAAY;oBAC7B,UAAU;oBACV,IAAI,EAAE,UAAU,CAAC,IAAI;oBACrB,MAAM,EAAE;wBACN,WAAW,EAAE,IAAI,CAAC,WAAW,IAAI,IAAI;wBACrC,YAAY,EAAE,UAAU,CAAC,YAAY;wBACrC,WAAW,EAAE,UAAU,CAAC,WAAW;wBACnC,SAAS,EAAE,UAAU,CAAC,SAAS;wBAC/B,MAAM,EAAE,UAAU,CAAC,MAAM;qBAC1B;iBACF;aACF,CAAC;QACJ,CAAC;QAED,sDAAsD;QACtD,IAAI,QAAQ,KAAK,cAAc,IAAI,QAAQ,KAAK,iBAAiB,EAAE,CAAC;YAClE,MAAM,OAAO,GAAI,KAAiC,EAAE,OAAO,CAAC;YAC5D,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE,CAAC;gBAChC,MAAM,QAAQ,GAAG,gBAAgB,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;gBACvD,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC;oBACtB,OAAO;wBACL,EAAE,EAAE,KAAK;wBACT,OAAO,EAAE,oBAAoB,QAAQ,CAAC,MAAM,EAAE;qBAC/C,CAAC;gBACJ,CAAC;YACH,CAAC;QACH,CAAC;QAED,4CAA4C;QAC5C,MAAM,YAAY,GAAG,eAAe,CAAC,UAAU,EAAE,UAAU,EAAE,IAAI,CAAC,gBAAgB,CAAC,CAAC;QACpF,MAAM,iBAAiB,GAAG,IAAI,CAAC,cAAc,CAAC,6BAA6B,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;QAC/F,MAAM,WAAW,GAAG,OAAO,CAAC,WAAW,KAAK,WAAW,CAAC;QAExD,IAAI,CAAC,YAAY,IAAI,iBAAiB,IAAI,WAAW,EAAE,CAAC;YACtD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,QAAQ,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC;YAErF,mDAAmD;YACnD,IAAI,MAAM,CAAC,EAAE,EAAE,CAAC;gBACd,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;YAC5C,CAAC;YAED,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,kDAAkD;QAClD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,cAAc,CAAC;YACxD,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,QAAQ;YACR,OAAO;YACP,OAAO;YACP,IAAI,EAAE,UAAU,CAAC,IAAI;YACrB,MAAM,EAAE;gBACN,YAAY,EAAE,UAAU,CAAC,YAAY;gBACrC,WAAW,EAAE,UAAU,CAAC,WAAW;gBACnC,SAAS,EAAE,UAAU,CAAC,SAAS;gBAC/B,MAAM,EAAE,UAAU,CAAC,MAAM;aAC1B;YACD,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,SAAS,EAAE,OAAO,CAAC,gBAAgB;SACpC,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC;YACvB,OAAO;gBACL,EAAE,EAAE,KAAK;gBACT,OAAO,EAAE,QAAQ,CAAC,UAAU,KAAK,SAAS;oBACxC,CAAC,CAAC,yBAAyB,QAAQ,EAAE;oBACrC,CAAC,CAAC,iBAAiB,QAAQ,KAAK,QAAQ,CAAC,MAAM,IAAI,iBAAiB,EAAE;gBACxE,IAAI,EAAE,EAAE,eAAe,EAAE,IAAI,EAAE,UAAU,EAAE,QAAQ,CAAC,UAAU,EAAE;aACjE,CAAC;QACJ,CAAC;QAED,mCAAmC;QACnC,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,QAAQ,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC;QAErF,+BAA+B;QAC/B,IAAI,MAAM,CAAC,EAAE,EAAE,CAAC;YACd,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;YAC1C,oDAAoD;YACpD,IAAI,UAAU,CAAC,YAAY,KAAK,MAAM,EAAE,CAAC;gBACvC,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YACtC,CAAC;QACH,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,sEAAsE;IAE9D,YAAY,CAAC,QAAgB,EAAE,KAAc;QACnD,MAAM,GAAG,GAAG,KAA4C,CAAC;QAEzD,QAAQ,QAAQ,EAAE,CAAC;YACjB,KAAK,cAAc;gBACjB,OAAO,gBAAgB,GAAG,EAAE,OAAO,IAAI,WAAW,EAAE,CAAC;YACvD,KAAK,iBAAiB;gBACpB,OAAO,6BAA6B,CAAC;YACvC,KAAK,YAAY;gBACf,OAAO,kBAAkB,GAAG,EAAE,IAAI,IAAI,WAAW,EAAE,CAAC;YACtD,KAAK,YAAY;gBACf,OAAO,eAAe,GAAG,EAAE,IAAI,IAAI,WAAW,EAAE,CAAC;YACnD,KAAK,WAAW;gBACd,OAAO,cAAc,GAAG,EAAE,IAAI,IAAI,WAAW,EAAE,CAAC;YAClD,KAAK,YAAY;gBACf,OAAO,oBAAoB,GAAG,EAAE,OAAO,IAAI,WAAW,EAAE,CAAC;YAC3D,KAAK,UAAU;gBACb,OAAO,aAAa,GAAG,EAAE,IAAI,IAAI,WAAW,EAAE,CAAC;YACjD,KAAK,gBAAgB;gBACnB,OAAO,kBAAkB,GAAG,EAAE,IAAI,IAAI,WAAW,EAAE,CAAC;YACtD,KAAK,eAAe;gBAClB,OAAO,iBAAiB,GAAG,EAAE,EAAE,IAAI,WAAW,EAAE,CAAC;YACnD;gBACE,OAAO,iBAAiB,QAAQ,EAAE,CAAC;QACvC,CAAC;IACH,CAAC;IAEO,YAAY,CAAC,QAAgB,EAAE,KAAc;QACnD,MAAM,GAAG,GAAG,KAA4C,CAAC;QAEzD,QAAQ,QAAQ,EAAE,CAAC;YACjB,KAAK,cAAc;gBACjB,OAAO,EAAE,OAAO,EAAE,GAAG,EAAE,OAAO,EAAE,OAAO,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC;YAC1D,KAAK,YAAY;gBACf,OAAO;oBACL,IAAI,EAAE,GAAG,EAAE,IAAI;oBACf,OAAO,EAAE,OAAO,GAAG,EAAE,OAAO,KAAK,QAAQ;wBACvC,CAAC,CAAE,GAAG,CAAC,OAAkB,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;wBACvC,CAAC,CAAC,SAAS;iBACd,CAAC;YACJ,KAAK,YAAY;gBACf,OAAO,EAAE,IAAI,EAAE,GAAG,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC;YACzE,KAAK,YAAY;gBACf,OAAO,EAAE,OAAO,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC;YACnC;gBACE,OAAO,GAAG,IAAI,EAAE,CAAC;QACrB,CAAC;IACH,CAAC;CACF"}
|
|
@@ -6,7 +6,14 @@
|
|
|
6
6
|
* execution continues. Requests auto-timeout after a configurable period.
|
|
7
7
|
*/
|
|
8
8
|
import type { JaitDB } from "../db/connection.js";
|
|
9
|
+
import type { ConsentLevel, PolicySource } from "./tool-permissions.js";
|
|
9
10
|
export type ConsentStatus = "pending" | "approved" | "rejected" | "timeout";
|
|
11
|
+
export interface ConsentRequestPolicy {
|
|
12
|
+
consentLevel: ConsentLevel;
|
|
13
|
+
description: string;
|
|
14
|
+
knownTool: boolean;
|
|
15
|
+
source: PolicySource;
|
|
16
|
+
}
|
|
10
17
|
export interface ConsentRequest {
|
|
11
18
|
id: string;
|
|
12
19
|
actionId: string;
|
|
@@ -15,6 +22,7 @@ export interface ConsentRequest {
|
|
|
15
22
|
/** Preview of what will execute (command, file path, etc.) */
|
|
16
23
|
preview: Record<string, unknown>;
|
|
17
24
|
risk: "low" | "medium" | "high";
|
|
25
|
+
policy: ConsentRequestPolicy;
|
|
18
26
|
sessionId: string;
|
|
19
27
|
createdAt: string;
|
|
20
28
|
expiresAt: string;
|
|
@@ -56,6 +64,7 @@ export declare class ConsentManager {
|
|
|
56
64
|
summary: string;
|
|
57
65
|
preview: Record<string, unknown>;
|
|
58
66
|
risk: "low" | "medium" | "high";
|
|
67
|
+
policy: ConsentRequestPolicy;
|
|
59
68
|
sessionId: string;
|
|
60
69
|
timeoutMs?: number;
|
|
61
70
|
}): Promise<ConsentDecision>;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"consent-manager.d.ts","sourceRoot":"","sources":["../../src/security/consent-manager.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAC;
|
|
1
|
+
{"version":3,"file":"consent-manager.d.ts","sourceRoot":"","sources":["../../src/security/consent-manager.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAC;AAKlD,OAAO,KAAK,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AAIxE,MAAM,MAAM,aAAa,GAAG,SAAS,GAAG,UAAU,GAAG,UAAU,GAAG,SAAS,CAAC;AAE5E,MAAM,WAAW,oBAAoB;IACnC,YAAY,EAAE,YAAY,CAAC;IAC3B,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,OAAO,CAAC;IACnB,MAAM,EAAE,YAAY,CAAC;CACtB;AAED,MAAM,WAAW,cAAc;IAC7B,EAAE,EAAE,MAAM,CAAC;IACX,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;IAChB,8DAA8D;IAC9D,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACjC,IAAI,EAAE,KAAK,GAAG,QAAQ,GAAG,MAAM,CAAC;IAChC,MAAM,EAAE,oBAAoB,CAAC;IAC7B,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,aAAa,CAAC;CACvB;AAED,MAAM,WAAW,eAAe;IAC9B,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,OAAO,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,OAAO,GAAG,OAAO,GAAG,MAAM,GAAG,SAAS,CAAC;IACnD,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,qBAAqB;IACpC,uFAAuF;IACvF,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,mDAAmD;IACnD,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,uDAAuD;IACvD,SAAS,CAAC,EAAE,CAAC,OAAO,EAAE,cAAc,KAAK,IAAI,CAAC;IAC9C,iDAAiD;IACjD,UAAU,CAAC,EAAE,CAAC,QAAQ,EAAE,eAAe,KAAK,IAAI,CAAC;CAClD;AAYD,qBAAa,cAAc;IACzB,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAmC;IAC3D,OAAO,CAAC,QAAQ,CAAC,kBAAkB,CAAqB;IACxD,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAS;IAC1C,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAS;IAC7B,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAoC;IAC/D,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAsC;gBAEtD,IAAI,GAAE,qBAA0B;IAQ5C;;;OAGG;IACG,cAAc,CAAC,MAAM,EAAE;QAC3B,QAAQ,EAAE,MAAM,CAAC;QACjB,QAAQ,EAAE,MAAM,CAAC;QACjB,OAAO,EAAE,MAAM,CAAC;QAChB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QACjC,IAAI,EAAE,KAAK,GAAG,QAAQ,GAAG,MAAM,CAAC;QAChC,MAAM,EAAE,oBAAoB,CAAC;QAC7B,SAAS,EAAE,MAAM,CAAC;QAClB,SAAS,CAAC,EAAE,MAAM,CAAC;KACpB,GAAG,OAAO,CAAC,eAAe,CAAC;IA+B5B;;OAEG;IACH,OAAO,CAAC,SAAS,EAAE,MAAM,EAAE,GAAG,GAAE,eAAe,CAAC,YAAY,CAAW,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO;IAIlG;;OAEG;IACH,MAAM,CAAC,SAAS,EAAE,MAAM,EAAE,GAAG,GAAE,eAAe,CAAC,YAAY,CAAW,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO;IAIjG;;OAEG;IACH,UAAU,CAAC,SAAS,EAAE,MAAM,GAAG,cAAc,GAAG,SAAS;IAIzD;;OAEG;IACH,WAAW,CAAC,SAAS,CAAC,EAAE,MAAM,GAAG,cAAc,EAAE;IAMjD;;OAEG;IACH,IAAI,YAAY,IAAI,MAAM,CAEzB;IAED;;;OAGG;IACH,0BAA0B,CAAC,SAAS,EAAE,MAAM,GAAG,IAAI;IAKnD;;OAEG;IACH,2BAA2B,CAAC,SAAS,EAAE,MAAM,GAAG,IAAI;IAKpD;;OAEG;IACH,6BAA6B,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO;IAIzD;;OAEG;IACH,SAAS,CAAC,MAAM,SAAa,GAAG,IAAI;IAQpC,OAAO,CAAC,MAAM;IAqCd,OAAO,CAAC,aAAa;IAqBrB,OAAO,CAAC,eAAe;IAiBvB,OAAO,CAAC,wBAAwB;IAgBhC,OAAO,CAAC,wBAAwB;CA6BjC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"consent-manager.js","sourceRoot":"","sources":["../../src/security/consent-manager.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAGH,OAAO,EAAE,UAAU,EAAE,uBAAuB,EAAE,MAAM,iBAAiB,CAAC;AACtE,OAAO,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAC;AACzC,OAAO,EAAE,EAAE,EAAE,MAAM,aAAa,CAAC;
|
|
1
|
+
{"version":3,"file":"consent-manager.js","sourceRoot":"","sources":["../../src/security/consent-manager.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAGH,OAAO,EAAE,UAAU,EAAE,uBAAuB,EAAE,MAAM,iBAAiB,CAAC;AACtE,OAAO,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAC;AACzC,OAAO,EAAE,EAAE,EAAE,MAAM,aAAa,CAAC;AA0DjC,wEAAwE;AAExE,MAAM,OAAO,cAAc;IACR,OAAO,GAAG,IAAI,GAAG,EAAwB,CAAC;IAC1C,kBAAkB,GAAG,IAAI,GAAG,EAAU,CAAC;IACvC,gBAAgB,CAAS;IACzB,EAAE,CAAU;IACZ,SAAS,CAAqC;IAC9C,UAAU,CAAuC;IAElE,YAAY,OAA8B,EAAE;QAC1C,IAAI,CAAC,gBAAgB,GAAG,IAAI,CAAC,gBAAgB,IAAI,OAAO,CAAC;QACzD,IAAI,CAAC,EAAE,GAAG,IAAI,CAAC,EAAE,CAAC;QAClB,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QAChC,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC;QAClC,IAAI,CAAC,wBAAwB,EAAE,CAAC;IAClC,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,cAAc,CAAC,MASpB;QACC,MAAM,OAAO,GAAG,MAAM,CAAC,SAAS,IAAI,IAAI,CAAC,gBAAgB,CAAC;QAC1D,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,OAAO,CAAC,CAAC;QAEpD,MAAM,OAAO,GAAmB;YAC9B,EAAE,EAAE,MAAM,EAAE;YACZ,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,OAAO,EAAE,MAAM,CAAC,OAAO;YACvB,OAAO,EAAE,MAAM,CAAC,OAAO;YACvB,IAAI,EAAE,MAAM,CAAC,IAAI;YACjB,MAAM,EAAE,MAAM,CAAC,MAAM;YACrB,SAAS,EAAE,MAAM,CAAC,SAAS;YAC3B,SAAS,EAAE,GAAG,CAAC,WAAW,EAAE;YAC5B,SAAS,EAAE,SAAS,CAAC,WAAW,EAAE;YAClC,MAAM,EAAE,SAAS;SAClB,CAAC;QAEF,OAAO,IAAI,OAAO,CAAkB,CAAC,OAAO,EAAE,EAAE;YAC9C,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE;gBAC5B,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;YACjC,CAAC,EAAE,OAAO,CAAC,CAAC;YAEZ,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,EAAE,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,CAAC;YAE1D,uCAAuC;YACvC,IAAI,CAAC,SAAS,EAAE,CAAC,OAAO,CAAC,CAAC;QAC5B,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,OAAO,CAAC,SAAiB,EAAE,MAAqC,OAAO,EAAE,MAAe;QACtF,OAAO,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,EAAE,GAAG,EAAE,MAAM,CAAC,CAAC;IACnD,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,SAAiB,EAAE,MAAqC,OAAO,EAAE,MAAe;QACrF,OAAO,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,CAAC,CAAC;IACpD,CAAC;IAED;;OAEG;IACH,UAAU,CAAC,SAAiB;QAC1B,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,EAAE,OAAO,CAAC;IAC9C,CAAC;IAED;;OAEG;IACH,WAAW,CAAC,SAAkB;QAC5B,MAAM,GAAG,GAAG,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;QAC7D,IAAI,SAAS;YAAE,OAAO,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,KAAK,SAAS,CAAC,CAAC;QACnE,OAAO,GAAG,CAAC;IACb,CAAC;IAED;;OAEG;IACH,IAAI,YAAY;QACd,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC;IAC3B,CAAC;IAED;;;OAGG;IACH,0BAA0B,CAAC,SAAiB;QAC1C,IAAI,CAAC,kBAAkB,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QACvC,IAAI,CAAC,wBAAwB,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;IACjD,CAAC;IAED;;OAEG;IACH,2BAA2B,CAAC,SAAiB;QAC3C,IAAI,CAAC,kBAAkB,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAC1C,IAAI,CAAC,wBAAwB,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;IAClD,CAAC;IAED;;OAEG;IACH,6BAA6B,CAAC,SAAiB;QAC7C,OAAO,IAAI,CAAC,kBAAkB,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IAChD,CAAC;IAED;;OAEG;IACH,SAAS,CAAC,MAAM,GAAG,UAAU;QAC3B,KAAK,MAAM,EAAE,IAAI,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,EAAE,CAAC;YAC1C,IAAI,CAAC,MAAM,CAAC,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;QACzC,CAAC;IACH,CAAC;IAED,oEAAoE;IAE5D,MAAM,CACZ,SAAiB,EACjB,QAAiB,EACjB,GAAkC,EAClC,MAAe;QAEf,MAAM,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QAC1C,IAAI,CAAC,KAAK;YAAE,OAAO,KAAK,CAAC;QAEzB,YAAY,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;QAE1B,MAAM,QAAQ,GAAoB;YAChC,SAAS;YACT,QAAQ,EAAE,KAAK,CAAC,OAAO,CAAC,QAAQ;YAChC,QAAQ;YACR,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,UAAU,EAAE,GAAG;YACf,MAAM;SACP,CAAC;QAEF,KAAK,CAAC,OAAO,CAAC,MAAM,GAAG,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,UAAU,CAAC;QAE1D,yBAAyB;QACzB,IAAI,CAAC,eAAe,CAAC,KAAK,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;QAE9C,sBAAsB;QACtB,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAE/B,mBAAmB;QACnB,IAAI,CAAC,UAAU,EAAE,CAAC,QAAQ,CAAC,CAAC;QAE5B,8BAA8B;QAC9B,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QAExB,OAAO,IAAI,CAAC;IACd,CAAC;IAEO,aAAa,CAAC,SAAiB;QACrC,MAAM,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QAC1C,IAAI,CAAC,KAAK;YAAE,OAAO;QAEnB,MAAM,QAAQ,GAAoB;YAChC,SAAS;YACT,QAAQ,EAAE,KAAK,CAAC,OAAO,CAAC,QAAQ;YAChC,QAAQ,EAAE,KAAK;YACf,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,UAAU,EAAE,SAAS;YACrB,MAAM,EAAE,2BAA2B;SACpC,CAAC;QAEF,KAAK,CAAC,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC;QAEjC,IAAI,CAAC,eAAe,CAAC,KAAK,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;QAC9C,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAC/B,IAAI,CAAC,UAAU,EAAE,CAAC,QAAQ,CAAC,CAAC;QAC5B,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IAC1B,CAAC;IAEO,eAAe,CAAC,OAAuB,EAAE,QAAyB;QACxE,IAAI,CAAC,IAAI,CAAC,EAAE;YAAE,OAAO;QAErB,IAAI,CAAC;YACH,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,MAAM,CAAC;gBAChC,EAAE,EAAE,MAAM,EAAE;gBACZ,QAAQ,EAAE,OAAO,CAAC,QAAQ;gBAC1B,QAAQ,EAAE,OAAO,CAAC,QAAQ;gBAC1B,QAAQ,EAAE,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,QAAQ,CAAC,UAAU,KAAK,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,UAAU;gBACrG,SAAS,EAAE,QAAQ,CAAC,SAAS;gBAC7B,UAAU,EAAE,QAAQ,CAAC,UAAU;aAChC,CAAC,CAAC,GAAG,EAAE,CAAC;QACX,CAAC;QAAC,MAAM,CAAC;YACP,wDAAwD;QAC1D,CAAC;IACH,CAAC;IAEO,wBAAwB;QAC9B,IAAI,CAAC,IAAI,CAAC,EAAE;YAAE,OAAO;QACrB,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE;iBACjB,MAAM,EAAE;iBACR,IAAI,CAAC,uBAAuB,CAAC;iBAC7B,KAAK,CAAC,EAAE,CAAC,uBAAuB,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC;iBAChD,GAAG,EAAE,CAAC;YACT,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;gBACvB,IAAI,CAAC,kBAAkB,CAAC,GAAG,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;YAC7C,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,+CAA+C;QACjD,CAAC;IACH,CAAC;IAEO,wBAAwB,CAAC,SAAiB,EAAE,OAAgB;QAClE,IAAI,CAAC,IAAI,CAAC,EAAE;YAAE,OAAO;QACrB,IAAI,CAAC;YACH,IAAI,OAAO,EAAE,CAAC;gBACZ,IAAI,CAAC,EAAE;qBACJ,MAAM,CAAC,uBAAuB,CAAC;qBAC/B,MAAM,CAAC;oBACN,SAAS;oBACT,UAAU,EAAE,CAAC;oBACb,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;iBACpC,CAAC;qBACD,kBAAkB,CAAC;oBAClB,MAAM,EAAE,uBAAuB,CAAC,SAAS;oBACzC,GAAG,EAAE;wBACH,UAAU,EAAE,CAAC;wBACb,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;qBACpC;iBACF,CAAC;qBACD,GAAG,EAAE,CAAC;YACX,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,EAAE;qBACJ,MAAM,CAAC,uBAAuB,CAAC;qBAC/B,KAAK,CAAC,EAAE,CAAC,uBAAuB,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;qBACvD,GAAG,EAAE,CAAC;YACX,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,iEAAiE;QACnE,CAAC;IACH,CAAC;CACF"}
|
package/dist/security/index.d.ts
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
export { PathGuard, PathTraversalError, type PathGuardOptions } from "./path-guard.js";
|
|
2
2
|
export { ConsentManager, type ConsentRequest, type ConsentDecision, type ConsentStatus, type ConsentManagerOptions } from "./consent-manager.js";
|
|
3
|
-
export { type ToolPermission, type ConsentLevel, type ToolPermissionConfig, requiresConsent, isCommandAllowed, isPathAllowedByPermission, matchGlob } from "./tool-permissions.js";
|
|
4
|
-
export { type ProfileName, getProfile, listProfiles, extendProfile } from "./tool-profiles.js";
|
|
3
|
+
export { type ToolPermission, type ConsentLevel, type PolicySource, type ResolvedToolPermission, type ToolPermissionConfig, requiresConsent, isCommandAllowed, isPathAllowedByPermission, matchGlob, getUnknownToolPermission, resolveToolPermission, } from "./tool-permissions.js";
|
|
4
|
+
export { type ProfileName, getProfile, listProfiles, extendProfile, serializeProfile } from "./tool-profiles.js";
|
|
5
5
|
export { TrustEngine, type TrustState } from "./trust-engine.js";
|
|
6
6
|
export { ConsentAwareExecutor, type ConsentAwareExecutorOptions, type ExecuteOptions } from "./consent-executor.js";
|
|
7
7
|
export { SSRFGuard, type SSRFGuardOptions } from "./ssrf-guard.js";
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/security/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,kBAAkB,EAAE,KAAK,gBAAgB,EAAE,MAAM,iBAAiB,CAAC;AACvF,OAAO,EAAE,cAAc,EAAE,KAAK,cAAc,EAAE,KAAK,eAAe,EAAE,KAAK,aAAa,EAAE,KAAK,qBAAqB,EAAE,MAAM,sBAAsB,CAAC;AACjJ,OAAO,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/security/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,kBAAkB,EAAE,KAAK,gBAAgB,EAAE,MAAM,iBAAiB,CAAC;AACvF,OAAO,EAAE,cAAc,EAAE,KAAK,cAAc,EAAE,KAAK,eAAe,EAAE,KAAK,aAAa,EAAE,KAAK,qBAAqB,EAAE,MAAM,sBAAsB,CAAC;AACjJ,OAAO,EACL,KAAK,cAAc,EACnB,KAAK,YAAY,EACjB,KAAK,YAAY,EACjB,KAAK,sBAAsB,EAC3B,KAAK,oBAAoB,EACzB,eAAe,EACf,gBAAgB,EAChB,yBAAyB,EACzB,SAAS,EACT,wBAAwB,EACxB,qBAAqB,GACtB,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EAAE,KAAK,WAAW,EAAE,UAAU,EAAE,YAAY,EAAE,aAAa,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AACjH,OAAO,EAAE,WAAW,EAAE,KAAK,UAAU,EAAE,MAAM,mBAAmB,CAAC;AACjE,OAAO,EAAE,oBAAoB,EAAE,KAAK,2BAA2B,EAAE,KAAK,cAAc,EAAE,MAAM,uBAAuB,CAAC;AACpH,OAAO,EAAE,SAAS,EAAE,KAAK,gBAAgB,EAAE,MAAM,iBAAiB,CAAC;AACnE,YAAY,EAAE,UAAU,EAAE,eAAe,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAC/E,OAAO,EAAE,cAAc,EAAE,KAAK,gBAAgB,EAAE,KAAK,iBAAiB,EAAE,KAAK,gBAAgB,EAAE,KAAK,qBAAqB,EAAE,KAAK,oBAAoB,EAAE,MAAM,sBAAsB,CAAC"}
|
package/dist/security/index.js
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
export { PathGuard, PathTraversalError } from "./path-guard.js";
|
|
2
2
|
export { ConsentManager } from "./consent-manager.js";
|
|
3
|
-
export { requiresConsent, isCommandAllowed, isPathAllowedByPermission, matchGlob } from "./tool-permissions.js";
|
|
4
|
-
export { getProfile, listProfiles, extendProfile } from "./tool-profiles.js";
|
|
3
|
+
export { requiresConsent, isCommandAllowed, isPathAllowedByPermission, matchGlob, getUnknownToolPermission, resolveToolPermission, } from "./tool-permissions.js";
|
|
4
|
+
export { getProfile, listProfiles, extendProfile, serializeProfile } from "./tool-profiles.js";
|
|
5
5
|
export { TrustEngine } from "./trust-engine.js";
|
|
6
6
|
export { ConsentAwareExecutor } from "./consent-executor.js";
|
|
7
7
|
export { SSRFGuard } from "./ssrf-guard.js";
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/security/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,kBAAkB,EAAyB,MAAM,iBAAiB,CAAC;AACvF,OAAO,EAAE,cAAc,EAA6F,MAAM,sBAAsB,CAAC;AACjJ,OAAO,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/security/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,kBAAkB,EAAyB,MAAM,iBAAiB,CAAC;AACvF,OAAO,EAAE,cAAc,EAA6F,MAAM,sBAAsB,CAAC;AACjJ,OAAO,EAML,eAAe,EACf,gBAAgB,EAChB,yBAAyB,EACzB,SAAS,EACT,wBAAwB,EACxB,qBAAqB,GACtB,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EAAoB,UAAU,EAAE,YAAY,EAAE,aAAa,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AACjH,OAAO,EAAE,WAAW,EAAmB,MAAM,mBAAmB,CAAC;AACjE,OAAO,EAAE,oBAAoB,EAAyD,MAAM,uBAAuB,CAAC;AACpH,OAAO,EAAE,SAAS,EAAyB,MAAM,iBAAiB,CAAC;AAEnE,OAAO,EAAE,cAAc,EAA+H,MAAM,sBAAsB,CAAC"}
|
|
@@ -10,6 +10,7 @@
|
|
|
10
10
|
* "dangerous" — always ask + show risk warning
|
|
11
11
|
*/
|
|
12
12
|
export type ConsentLevel = "none" | "once" | "always" | "dangerous";
|
|
13
|
+
export type PolicySource = "profile" | "unknown-tool";
|
|
13
14
|
export interface ToolPermission {
|
|
14
15
|
/** Tool name (e.g. "terminal.run") */
|
|
15
16
|
toolName: string;
|
|
@@ -26,13 +27,21 @@ export interface ToolPermission {
|
|
|
26
27
|
/** Denied file paths (glob patterns). Takes precedence over allowed. */
|
|
27
28
|
deniedPaths?: string[];
|
|
28
29
|
/** Human-readable description of what this tool does */
|
|
29
|
-
description
|
|
30
|
+
description: string;
|
|
31
|
+
}
|
|
32
|
+
export interface ResolvedToolPermission extends ToolPermission {
|
|
33
|
+
/** Whether the tool has an explicit entry in the active profile */
|
|
34
|
+
knownTool: boolean;
|
|
35
|
+
/** Where this policy came from */
|
|
36
|
+
source: PolicySource;
|
|
30
37
|
}
|
|
31
38
|
export interface ToolPermissionConfig {
|
|
32
39
|
permissions: Map<string, ToolPermission>;
|
|
33
40
|
/** Session-scoped set of tool names that have been approved via "once" */
|
|
34
41
|
sessionApprovals: Set<string>;
|
|
35
42
|
}
|
|
43
|
+
export declare function getUnknownToolPermission(toolName: string): ResolvedToolPermission;
|
|
44
|
+
export declare function resolveToolPermission(toolName: string, permissions: Map<string, ToolPermission>): ResolvedToolPermission;
|
|
36
45
|
/**
|
|
37
46
|
* Check if a tool execution requires consent based on its permission config,
|
|
38
47
|
* the current trust level, and whether it's been session-approved.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"tool-permissions.d.ts","sourceRoot":"","sources":["../../src/security/tool-permissions.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,MAAM,MAAM,YAAY,GAAG,MAAM,GAAG,MAAM,GAAG,QAAQ,GAAG,WAAW,CAAC;
|
|
1
|
+
{"version":3,"file":"tool-permissions.d.ts","sourceRoot":"","sources":["../../src/security/tool-permissions.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,MAAM,MAAM,YAAY,GAAG,MAAM,GAAG,MAAM,GAAG,QAAQ,GAAG,WAAW,CAAC;AACpE,MAAM,MAAM,YAAY,GAAG,SAAS,GAAG,cAAc,CAAC;AAEtD,MAAM,WAAW,cAAc;IAC7B,sCAAsC;IACtC,QAAQ,EAAE,MAAM,CAAC;IACjB,kCAAkC;IAClC,YAAY,EAAE,YAAY,CAAC;IAC3B,0CAA0C;IAC1C,IAAI,EAAE,KAAK,GAAG,QAAQ,GAAG,MAAM,CAAC;IAChC,mEAAmE;IACnE,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;IAC3B,4EAA4E;IAC5E,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAC1B,wEAAwE;IACxE,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IACxB,wEAAwE;IACxE,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IACvB,wDAAwD;IACxD,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,sBAAuB,SAAQ,cAAc;IAC5D,mEAAmE;IACnE,SAAS,EAAE,OAAO,CAAC;IACnB,kCAAkC;IAClC,MAAM,EAAE,YAAY,CAAC;CACtB;AAED,MAAM,WAAW,oBAAoB;IACnC,WAAW,EAAE,GAAG,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;IACzC,0EAA0E;IAC1E,gBAAgB,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;CAC/B;AAKD,wBAAgB,wBAAwB,CAAC,QAAQ,EAAE,MAAM,GAAG,sBAAsB,CASjF;AAED,wBAAgB,qBAAqB,CACnC,QAAQ,EAAE,MAAM,EAChB,WAAW,EAAE,GAAG,CAAC,MAAM,EAAE,cAAc,CAAC,GACvC,sBAAsB,CAQxB;AAED;;;GAGG;AACH,wBAAgB,eAAe,CAC7B,UAAU,EAAE,cAAc,GAAG,SAAS,EACtC,UAAU,EAAE,MAAM,EAClB,gBAAgB,EAAE,GAAG,CAAC,MAAM,CAAC,GAC5B,OAAO,CA6BT;AAED;;;GAGG;AACH,wBAAgB,gBAAgB,CAC9B,OAAO,EAAE,MAAM,EACf,UAAU,EAAE,cAAc,GAAG,SAAS,GACrC;IAAE,OAAO,EAAE,OAAO,CAAC;IAAC,MAAM,CAAC,EAAE,MAAM,CAAA;CAAE,CAqBvC;AAED;;GAEG;AACH,wBAAgB,yBAAyB,CACvC,QAAQ,EAAE,MAAM,EAChB,UAAU,EAAE,cAAc,GAAG,SAAS,GACrC;IAAE,OAAO,EAAE,OAAO,CAAC;IAAC,MAAM,CAAC,EAAE,MAAM,CAAA;CAAE,CAmBvC;AAID;;;GAGG;AACH,wBAAgB,SAAS,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,OAAO,CAWjE"}
|