@mondaydotcomorg/atp-server 0.24.3 → 0.25.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/create-server.d.ts.map +1 -1
- package/dist/create-server.js +2 -2
- package/dist/create-server.js.map +1 -1
- package/dist/explorer/index.d.ts.map +1 -1
- package/dist/explorer/index.js +4 -3
- package/dist/explorer/index.js.map +1 -1
- package/dist/handlers/execute.handler.d.ts +2 -2
- package/dist/handlers/execute.handler.d.ts.map +1 -1
- package/dist/handlers/execute.handler.js +12 -3
- package/dist/handlers/execute.handler.js.map +1 -1
- package/dist/handlers/explorer.handler.d.ts +2 -1
- package/dist/handlers/explorer.handler.d.ts.map +1 -1
- package/dist/handlers/explorer.handler.js +8 -4
- package/dist/handlers/explorer.handler.js.map +1 -1
- package/dist/index.cjs +18 -11
- package/dist/index.cjs.map +1 -1
- package/dist/index.js +18 -11
- package/dist/index.js.map +1 -1
- package/package.json +6 -6
- package/src/create-server.ts +3 -2
- package/src/explorer/index.ts +4 -2
- package/src/handlers/execute.handler.ts +14 -4
- package/src/handlers/explorer.handler.ts +12 -4
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@mondaydotcomorg/atp-server",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.25.0",
|
|
4
4
|
"description": "Server implementation for Agent Tool Protocol",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "./dist/index.cjs",
|
|
@@ -49,11 +49,11 @@
|
|
|
49
49
|
"@babel/parser": "^7.26.0",
|
|
50
50
|
"@babel/traverse": "^7.26.0",
|
|
51
51
|
"@babel/types": "^7.26.0",
|
|
52
|
-
"@mondaydotcomorg/atp-compiler": "0.
|
|
53
|
-
"@mondaydotcomorg/atp-protocol": "0.22.
|
|
54
|
-
"@mondaydotcomorg/atp-provenance": "0.22.
|
|
55
|
-
"@mondaydotcomorg/atp-providers": "0.22.
|
|
56
|
-
"@mondaydotcomorg/atp-runtime": "0.22.
|
|
52
|
+
"@mondaydotcomorg/atp-compiler": "0.23.0",
|
|
53
|
+
"@mondaydotcomorg/atp-protocol": "0.22.3",
|
|
54
|
+
"@mondaydotcomorg/atp-provenance": "0.22.3",
|
|
55
|
+
"@mondaydotcomorg/atp-providers": "0.22.3",
|
|
56
|
+
"@mondaydotcomorg/atp-runtime": "0.22.3",
|
|
57
57
|
"@opentelemetry/api": "^1.9.0",
|
|
58
58
|
"@opentelemetry/auto-instrumentations-node": "^0.66.0",
|
|
59
59
|
"@opentelemetry/core": "^2.2.0",
|
package/src/create-server.ts
CHANGED
|
@@ -580,7 +580,7 @@ export class AgentToolProtocolServer {
|
|
|
580
580
|
|
|
581
581
|
async handleExplore(ctx: RequestContext): Promise<unknown> {
|
|
582
582
|
if (!this.explorerService) ctx.throw(503, 'Explorer not initialized');
|
|
583
|
-
return await handleExplore(ctx, this.explorerService);
|
|
583
|
+
return await handleExplore(ctx, this.explorerService, this.toolRulesProvider);
|
|
584
584
|
}
|
|
585
585
|
|
|
586
586
|
async handleExecute(ctx: RequestContext): Promise<unknown> {
|
|
@@ -593,7 +593,8 @@ export class AgentToolProtocolServer {
|
|
|
593
593
|
this.stateManager,
|
|
594
594
|
this.config,
|
|
595
595
|
this.auditSink,
|
|
596
|
-
this.sessionManager
|
|
596
|
+
this.sessionManager,
|
|
597
|
+
this.toolRulesProvider
|
|
597
598
|
);
|
|
598
599
|
}
|
|
599
600
|
|
package/src/explorer/index.ts
CHANGED
|
@@ -81,8 +81,10 @@ export class ExplorerService {
|
|
|
81
81
|
context.allowedGroups.add(group.name);
|
|
82
82
|
}
|
|
83
83
|
|
|
84
|
-
|
|
85
|
-
|
|
84
|
+
// Iterate already-filtered `allowedGroups` so per-tool rules
|
|
85
|
+
// filter operations WITHIN an allowed group (matches the pattern
|
|
86
|
+
// in `SearchEngine.search`).
|
|
87
|
+
for (const group of allowedGroups) {
|
|
86
88
|
if (group.functions) {
|
|
87
89
|
for (const func of group.functions) {
|
|
88
90
|
context.allowedTools.add(`${group.name}:${func.name}`);
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import type { RequestContext, ResolvedServerConfig } from '../core/config.js';
|
|
1
|
+
import type { RequestContext, ResolvedServerConfig, ToolRulesProvider } from '../core/config.js';
|
|
2
2
|
import type { SandboxExecutor } from '../executor/index.js';
|
|
3
3
|
import type { ExecutionStateManager } from '../execution-state/index.js';
|
|
4
4
|
import type { ClientSessionManager } from '../client-sessions.js';
|
|
@@ -45,7 +45,8 @@ export async function handleExecute(
|
|
|
45
45
|
stateManager: ExecutionStateManager,
|
|
46
46
|
config: ResolvedServerConfig,
|
|
47
47
|
auditSink?: AuditSink,
|
|
48
|
-
sessionManager?: ClientSessionManager
|
|
48
|
+
sessionManager?: ClientSessionManager,
|
|
49
|
+
toolRulesProvider?: ToolRulesProvider
|
|
49
50
|
): Promise<unknown> {
|
|
50
51
|
const request = ctx.body as any;
|
|
51
52
|
const code = request.code || '';
|
|
@@ -122,13 +123,22 @@ export async function handleExecute(
|
|
|
122
123
|
provenanceHints: requestConfig.provenanceHints,
|
|
123
124
|
requestContext: {
|
|
124
125
|
...requestConfig.requestContext,
|
|
125
|
-
headers
|
|
126
|
+
// Merge caller-supplied headers with ctx.headers; ctx wins on
|
|
127
|
+
// conflicts so session auth takes precedence over app-layer keys.
|
|
128
|
+
headers: {
|
|
129
|
+
...(requestConfig.requestContext as { headers?: Record<string, string> } | undefined)
|
|
130
|
+
?.headers,
|
|
131
|
+
...ctx.headers,
|
|
132
|
+
},
|
|
126
133
|
path: ctx.path,
|
|
127
134
|
method: ctx.method,
|
|
128
135
|
},
|
|
129
136
|
onToolCall,
|
|
130
137
|
eventCallback: requestConfig.eventCallback,
|
|
131
|
-
|
|
138
|
+
// Rule source precedence: explicit requestConfig.toolRules first, then
|
|
139
|
+
// server-level provider (e.g. reads a header). Lets in-process callers
|
|
140
|
+
// and HTTP callers converge on the same provider mechanism.
|
|
141
|
+
toolRules: requestConfig.toolRules ?? toolRulesProvider?.(ctx),
|
|
132
142
|
};
|
|
133
143
|
|
|
134
144
|
// Verify provenance hints if provided
|
|
@@ -1,15 +1,23 @@
|
|
|
1
1
|
import type { RequestContext } from '../core/config.js';
|
|
2
|
+
import type { ToolRulesProvider } from '../core/config.js';
|
|
2
3
|
import type { ExplorerService } from '../explorer/index.js';
|
|
3
4
|
import type { ApiGroupRules } from '@mondaydotcomorg/atp-protocol';
|
|
4
5
|
import { runInRequestScope, getRequestScope } from '../core/request-scope.js';
|
|
5
6
|
|
|
6
7
|
export async function handleExplore(
|
|
7
8
|
ctx: RequestContext,
|
|
8
|
-
explorerService: ExplorerService
|
|
9
|
+
explorerService: ExplorerService,
|
|
10
|
+
toolRulesProvider?: ToolRulesProvider
|
|
9
11
|
): Promise<unknown> {
|
|
10
12
|
const body = ctx.body as { path?: string; toolRules?: ApiGroupRules };
|
|
11
13
|
const path = body.path || '/';
|
|
12
|
-
|
|
14
|
+
|
|
15
|
+
// Rule source precedence (highest to lowest):
|
|
16
|
+
// 1. body.toolRules — explicit per-call override
|
|
17
|
+
// 2. toolRulesProvider(ctx) — server-level policy (e.g. read a header)
|
|
18
|
+
// 3. existing request scope — already wrapped by caller
|
|
19
|
+
const effectiveToolRules: ApiGroupRules | undefined =
|
|
20
|
+
body.toolRules ?? (toolRulesProvider ? toolRulesProvider(ctx) : undefined);
|
|
13
21
|
|
|
14
22
|
const executeExplore = () => {
|
|
15
23
|
const result = explorerService.explore(path);
|
|
@@ -21,8 +29,8 @@ export async function handleExplore(
|
|
|
21
29
|
return result;
|
|
22
30
|
};
|
|
23
31
|
|
|
24
|
-
if (
|
|
25
|
-
return runInRequestScope({ toolRules }, executeExplore);
|
|
32
|
+
if (effectiveToolRules && !getRequestScope()?.toolRules) {
|
|
33
|
+
return runInRequestScope({ toolRules: effectiveToolRules }, executeExplore);
|
|
26
34
|
}
|
|
27
35
|
|
|
28
36
|
return executeExplore();
|