@yushaw/sanqian-sdk 0.3.20 → 0.3.21

package/dist/index.browser.d.mts

@@ -420,6 +420,17 @@ interface AgentConfig {
      * Set to false if you want the agent to be usable but not discoverable by other agents
      */
     searchable?: boolean;
+    /**
+     * Agent-level permission mode for tool execution.
+     * - undefined: backend default (SDK private agents inherit app security level)
+     * - null: clear explicit mode and use backend default
+     */
+    permission_mode?: "standard" | "elevated" | "unrestricted" | null;
+    /**
+     * Skip all permission checks (YOLO mode, mainly for ACP-style agents).
+     * Most agents should keep this false.
+     */
+    skip_permissions?: boolean;
     /**
      * Context providers to attach by default.
      * Uses provider ID without app prefix (auto-prefixed with your app).
@@ -456,6 +467,10 @@ interface AgentInfo {
     single_conversation_mode?: boolean;
     /** Whether this agent can be discovered via search_capability */
     searchable?: boolean;
+    /** Agent-level permission mode (null/undefined means backend default) */
+    permission_mode?: "standard" | "elevated" | "unrestricted" | null;
+    /** Whether all permission checks are skipped (YOLO mode) */
+    skip_permissions?: boolean;
     created_at?: string;
 }
 /** Conversation info */
@@ -540,6 +555,18 @@ interface AgentUpdateConfig {
      * - true/false: Set explicitly
      */
     searchable?: boolean;
+    /**
+     * Agent-level permission mode.
+     * - undefined: Keep existing value
+     * - null: Clear explicit mode (fallback to backend default)
+     */
+    permission_mode?: "standard" | "elevated" | "unrestricted" | null;
+    /**
+     * Skip all permission checks.
+     * - undefined: Keep existing value
+     * - true/false: Set explicitly
+     */
+    skip_permissions?: boolean;
 }
 /** Embedding configuration returned from Sanqian */
 interface EmbeddingConfigResult {
@@ -939,6 +966,7 @@ declare class SanqianSDK {
         total: number;
     }>;
     private getHttpBaseUrl;
+    private getHttpAuthHeaders;
     /**
      * Get the port number for the Sanqian backend
      * @throws Error if not connected

package/dist/index.browser.d.ts

@@ -420,6 +420,17 @@ interface AgentConfig {
      * Set to false if you want the agent to be usable but not discoverable by other agents
      */
     searchable?: boolean;
+    /**
+     * Agent-level permission mode for tool execution.
+     * - undefined: backend default (SDK private agents inherit app security level)
+     * - null: clear explicit mode and use backend default
+     */
+    permission_mode?: "standard" | "elevated" | "unrestricted" | null;
+    /**
+     * Skip all permission checks (YOLO mode, mainly for ACP-style agents).
+     * Most agents should keep this false.
+     */
+    skip_permissions?: boolean;
     /**
      * Context providers to attach by default.
      * Uses provider ID without app prefix (auto-prefixed with your app).
@@ -456,6 +467,10 @@ interface AgentInfo {
     single_conversation_mode?: boolean;
     /** Whether this agent can be discovered via search_capability */
     searchable?: boolean;
+    /** Agent-level permission mode (null/undefined means backend default) */
+    permission_mode?: "standard" | "elevated" | "unrestricted" | null;
+    /** Whether all permission checks are skipped (YOLO mode) */
+    skip_permissions?: boolean;
     created_at?: string;
 }
 /** Conversation info */
@@ -540,6 +555,18 @@ interface AgentUpdateConfig {
      * - true/false: Set explicitly
      */
     searchable?: boolean;
+    /**
+     * Agent-level permission mode.
+     * - undefined: Keep existing value
+     * - null: Clear explicit mode (fallback to backend default)
+     */
+    permission_mode?: "standard" | "elevated" | "unrestricted" | null;
+    /**
+     * Skip all permission checks.
+     * - undefined: Keep existing value
+     * - true/false: Set explicitly
+     */
+    skip_permissions?: boolean;
 }
 /** Embedding configuration returned from Sanqian */
 interface EmbeddingConfigResult {
@@ -939,6 +966,7 @@ declare class SanqianSDK {
         total: number;
     }>;
     private getHttpBaseUrl;
+    private getHttpAuthHeaders;
     /**
      * Get the port number for the Sanqian backend
      * @throws Error if not connected

package/dist/index.browser.js

@@ -1140,6 +1140,11 @@ var SanqianSDK = class _SanqianSDK {
     const host = info.ws_host || "127.0.0.1";
     return `${protocol}://${host}:${info.port}`;
   }
+  getHttpAuthHeaders() {
+    const info = this.connectionInfo || this.config.connectionInfo;
+    const token = info?.token;
+    return token ? { "X-App-Token": token } : {};
+  }
   /**
    * Get the port number for the Sanqian backend
    * @throws Error if not connected
@@ -1704,7 +1709,7 @@ var SanqianSDK = class _SanqianSDK {
   async listChannelPlugins() {
     await this.ensureReady();
     const url = `${this.getHttpBaseUrl()}/api/channels/plugins`;
-    const response = await fetch(url);
+    const response = await fetch(url, { headers: this.getHttpAuthHeaders() });
     if (!response.ok) {
       throw createSDKError("REQUEST_FAILED" /* REQUEST_FAILED */, `Failed to list channel plugins: ${response.statusText}`);
     }
@@ -1713,7 +1718,7 @@ var SanqianSDK = class _SanqianSDK {
   async listChannelAccounts() {
     await this.ensureReady();
     const url = `${this.getHttpBaseUrl()}/api/channels/accounts`;
-    const response = await fetch(url);
+    const response = await fetch(url, { headers: this.getHttpAuthHeaders() });
     if (!response.ok) {
       throw createSDKError("REQUEST_FAILED" /* REQUEST_FAILED */, `Failed to list channel accounts: ${response.statusText}`);
     }
@@ -1724,7 +1729,7 @@ var SanqianSDK = class _SanqianSDK {
     const url = `${this.getHttpBaseUrl()}/api/channels/accounts`;
     const response = await fetch(url, {
       method: "POST",
-      headers: { "Content-Type": "application/json" },
+      headers: { ...this.getHttpAuthHeaders(), "Content-Type": "application/json" },
       body: JSON.stringify(req)
     });
     if (!response.ok) {
@@ -1736,7 +1741,7 @@ var SanqianSDK = class _SanqianSDK {
   async getChannelAccount(id) {
     await this.ensureReady();
     const url = `${this.getHttpBaseUrl()}/api/channels/accounts/${encodeURIComponent(id)}`;
-    const response = await fetch(url);
+    const response = await fetch(url, { headers: this.getHttpAuthHeaders() });
     if (!response.ok) {
       throw createSDKError("REQUEST_FAILED" /* REQUEST_FAILED */, `Failed to get channel account: ${response.statusText}`);
     }
@@ -1747,7 +1752,7 @@ var SanqianSDK = class _SanqianSDK {
     const url = `${this.getHttpBaseUrl()}/api/channels/accounts/${encodeURIComponent(id)}`;
     const response = await fetch(url, {
       method: "PUT",
-      headers: { "Content-Type": "application/json" },
+      headers: { ...this.getHttpAuthHeaders(), "Content-Type": "application/json" },
       body: JSON.stringify(req)
     });
     if (!response.ok) {
@@ -1759,7 +1764,7 @@ var SanqianSDK = class _SanqianSDK {
   async deleteChannelAccount(id) {
     await this.ensureReady();
     const url = `${this.getHttpBaseUrl()}/api/channels/accounts/${encodeURIComponent(id)}`;
-    const response = await fetch(url, { method: "DELETE" });
+    const response = await fetch(url, { method: "DELETE", headers: this.getHttpAuthHeaders() });
     if (!response.ok) {
       throw createSDKError("REQUEST_FAILED" /* REQUEST_FAILED */, `Failed to delete channel account: ${response.statusText}`);
     }
@@ -1767,7 +1772,7 @@ var SanqianSDK = class _SanqianSDK {
   async startChannelAccount(id) {
     await this.ensureReady();
     const url = `${this.getHttpBaseUrl()}/api/channels/accounts/${encodeURIComponent(id)}/start`;
-    const response = await fetch(url, { method: "POST" });
+    const response = await fetch(url, { method: "POST", headers: this.getHttpAuthHeaders() });
     if (!response.ok) {
       const detail = await response.text();
       throw createSDKError("REQUEST_FAILED" /* REQUEST_FAILED */, `Failed to start channel account: ${detail}`);
@@ -1777,7 +1782,7 @@ var SanqianSDK = class _SanqianSDK {
   async stopChannelAccount(id) {
     await this.ensureReady();
     const url = `${this.getHttpBaseUrl()}/api/channels/accounts/${encodeURIComponent(id)}/stop`;
-    const response = await fetch(url, { method: "POST" });
+    const response = await fetch(url, { method: "POST", headers: this.getHttpAuthHeaders() });
     if (!response.ok) {
       throw createSDKError("REQUEST_FAILED" /* REQUEST_FAILED */, `Failed to stop channel account: ${response.statusText}`);
     }
@@ -1786,7 +1791,7 @@ var SanqianSDK = class _SanqianSDK {
   async getChannelStatus(id) {
     await this.ensureReady();
     const url = `${this.getHttpBaseUrl()}/api/channels/accounts/${encodeURIComponent(id)}/status`;
-    const response = await fetch(url);
+    const response = await fetch(url, { headers: this.getHttpAuthHeaders() });
     if (!response.ok) {
       throw createSDKError("REQUEST_FAILED" /* REQUEST_FAILED */, `Failed to get channel status: ${response.statusText}`);
     }
@@ -1795,7 +1800,7 @@ var SanqianSDK = class _SanqianSDK {
   async probeChannelAccount(id) {
     await this.ensureReady();
     const url = `${this.getHttpBaseUrl()}/api/channels/accounts/${encodeURIComponent(id)}/probe`;
-    const response = await fetch(url, { method: "POST" });
+    const response = await fetch(url, { method: "POST", headers: this.getHttpAuthHeaders() });
     if (!response.ok) {
       const detail = await response.text();
       throw createSDKError("REQUEST_FAILED" /* REQUEST_FAILED */, `Failed to probe channel account: ${detail}`);
@@ -1806,7 +1811,7 @@ var SanqianSDK = class _SanqianSDK {
     await this.ensureReady();
     const params = accountId ? `?account_id=${encodeURIComponent(accountId)}` : "";
     const url = `${this.getHttpBaseUrl()}/api/channels/bindings${params}`;
-    const response = await fetch(url);
+    const response = await fetch(url, { headers: this.getHttpAuthHeaders() });
     if (!response.ok) {
       throw createSDKError("REQUEST_FAILED" /* REQUEST_FAILED */, `Failed to list channel bindings: ${response.statusText}`);
     }
@@ -1817,7 +1822,7 @@ var SanqianSDK = class _SanqianSDK {
     const url = `${this.getHttpBaseUrl()}/api/channels/bindings`;
     const response = await fetch(url, {
       method: "POST",
-      headers: { "Content-Type": "application/json" },
+      headers: { ...this.getHttpAuthHeaders(), "Content-Type": "application/json" },
       body: JSON.stringify(req)
     });
     if (!response.ok) {
@@ -1831,7 +1836,7 @@ var SanqianSDK = class _SanqianSDK {
     const url = `${this.getHttpBaseUrl()}/api/channels/bindings/${encodeURIComponent(id)}`;
     const response = await fetch(url, {
       method: "PUT",
-      headers: { "Content-Type": "application/json" },
+      headers: { ...this.getHttpAuthHeaders(), "Content-Type": "application/json" },
       body: JSON.stringify(req)
     });
     if (!response.ok) {
@@ -1843,7 +1848,7 @@ var SanqianSDK = class _SanqianSDK {
   async deleteChannelBinding(id) {
     await this.ensureReady();
     const url = `${this.getHttpBaseUrl()}/api/channels/bindings/${encodeURIComponent(id)}`;
-    const response = await fetch(url, { method: "DELETE" });
+    const response = await fetch(url, { method: "DELETE", headers: this.getHttpAuthHeaders() });
     if (!response.ok) {
       throw createSDKError("REQUEST_FAILED" /* REQUEST_FAILED */, `Failed to delete channel binding: ${response.statusText}`);
     }
@@ -1853,7 +1858,7 @@ var SanqianSDK = class _SanqianSDK {
     const url = `${this.getHttpBaseUrl()}/api/channels/send`;
     const response = await fetch(url, {
       method: "POST",
-      headers: { "Content-Type": "application/json" },
+      headers: { ...this.getHttpAuthHeaders(), "Content-Type": "application/json" },
       body: JSON.stringify(req)
     });
     if (!response.ok) {