npm - agent-relay-server - Versions diffs - 0.32.1 → 0.32.3 - Mend

agent-relay-server 0.32.1 → 0.32.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (97) hide show

package/src/runtime-tokens.ts CHANGED Viewed

@@ -1,5 +1,6 @@
 import { createToken, getTokenProfile, revokeToken } from "./token-db";
 import { verifyComponentTokenAllowExpired } from "./security";
+import { spawnGrantForProfile } from "./config-store";
 import type { TokenRecord } from "./types";
 // Scopes that turn an agent's runtime token into a spawn-capable one (#221). Appended to the
@@ -89,13 +90,19 @@ export function issueRunnerRuntimeToken(input: {
   policyName?: string;
   spawnRequestId?: string;
   createdBy?: string;
-  /** Grant the spawn/shutdown scopes (resolved from the agent's profile maxSpawnedAgents>0). */
-  canSpawn?: boolean;
-  /** Live-children quota baked into the token for the runtime spawn check. */
-  maxSpawnedAgents?: number;
+  /**
+   * Agent profile name. The spawn grant (the `command:spawn`/`command:shutdown` scope + the
+   * live-children quota) is resolved from this profile's `maxSpawnedAgents` HERE, in the single
+   * mint, so capability⇒tool holds for EVERY spawn path. Callers pass the profile they already
+   * have; they cannot forget to thread the grant (the recurring bug this centralization kills).
+   */
+  profile?: string;
+  /** Agent-requested spawn → forces a non-spawn-capable child regardless of profile (no grandchildren). */
+  agentInitiated?: boolean;
   /** Parent agent id — stamped so the child registers with an authoritative `spawnedBy`. */
   spawnedBy?: string;
 }): RuntimeTokenResult {
+  const grant = spawnGrantForProfile(input.profile, input.agentInitiated);
   const subject = input.policyName
     ? `runner:policy:${input.policyName}`
     : input.spawnRequestId
@@ -105,13 +112,13 @@ export function issueRunnerRuntimeToken(input: {
     profileId: "provider-agent",
     sub: subject,
     role: "provider",
-    scope: runnerScopeWithSpawn(input.canSpawn ?? false),
+    scope: runnerScopeWithSpawn(grant.canSpawn),
     constraints: {
       orchestrators: [input.orchestratorId],
       cwdPrefixes: [input.cwd],
       ...(input.policyName ? { policies: [input.policyName] } : {}),
       ...(input.spawnRequestId ? { spawnRequestIds: [input.spawnRequestId] } : {}),
-      ...(input.canSpawn && input.maxSpawnedAgents ? { maxSpawnedAgents: input.maxSpawnedAgents } : {}),
+      ...(grant.canSpawn && grant.maxSpawnedAgents ? { maxSpawnedAgents: grant.maxSpawnedAgents } : {}),
       ...(input.spawnedBy ? { spawnedBy: input.spawnedBy } : {}),
     },
     createdBy: input.createdBy ?? "runtime",
@@ -226,8 +233,10 @@ export function runnerRuntimeTokenEnv(input: {
   policyName?: string;
   spawnRequestId?: string;
   createdBy?: string;
-  canSpawn?: boolean;
-  maxSpawnedAgents?: number;
+  /** Agent profile name — spawn grant is resolved from it in the mint (see issueRunnerRuntimeToken). */
+  profile?: string;
+  /** Agent-requested spawn → forces a non-spawn-capable child (no grandchildren). */
+  agentInitiated?: boolean;
   spawnedBy?: string;
 }): Record<string, string> {
   const issued = issueRunnerRuntimeToken(input);

package/src/security.ts CHANGED Viewed

@@ -170,7 +170,6 @@ export function requiredScopeFor(method: string, pathname: string): string | nul
   if (pathname === "/api/orchestrators/bootstrap") return "token:write";
   if (pathname.match(/^\/api\/orchestrators\/[^/]+\/logs\//)) return "logs:read";
   if (pathname.match(/^\/api\/orchestrators\/[^/]+\/terminal\//)) return "terminal:attach";
-  if (pathname.match(/^\/api\/orchestrators\/[^/]+\/spawn$/)) return "agent:write";
   if (pathname.startsWith("/api/artifacts")) {
     if (method === "GET" || method === "HEAD") return "artifact:read";
     if (method === "DELETE") return "artifact:admin";
@@ -242,7 +241,6 @@ export function requiredComponentScopeFor(method: string, pathname: string): str
   if (pathname === "/api/mcp") return "mcp:use";
   if (pathname.match(/^\/api\/orchestrators\/[^/]+\/logs\//)) return "logs:read";
   if (pathname.match(/^\/api\/orchestrators\/[^/]+\/terminal\//)) return "terminal:attach";
-  if (pathname.match(/^\/api\/orchestrators\/[^/]+\/spawn$/)) return "agent:write";
   if (pathname.startsWith("/api/commands")) {
     if (method === "GET") return "command:read";
     return "command:write";

package/src/validation.ts CHANGED Viewed

@@ -1,4 +1,6 @@
 import { ValidationError } from "./db";
+import { type TokenConstraints, type WorkspaceMetadata, type WorkspaceMode, type WorkspaceProbe, type WorkspaceStatus } from "./types";
+import { VALID_WORKSPACE_MODES, isRecord } from "agent-relay-sdk";
 /**
  * Trim + validate an optional string input. Throws `ValidationError` when the
@@ -78,3 +80,135 @@ export function cleanStringArray(
   }
   return [...new Set(cleaned)];
 }
+// ---- generic validators relocated from routes.ts (#299) ----
+export const VALID_WORKSPACE_STATUSES = ["active", "ready", "conflict", "review_requested", "merge_planned", "merged", "abandoned", "cleanup_requested", "cleaned"] as const;
+export function cleanNullableString(value: unknown, field: string, max: number): string | null | undefined {
+  if (value === undefined) return undefined;
+  if (value === null) return null;
+  return cleanString(value, field, { max }) ?? null;
+}
+function cleanConstraintStringArray(value: unknown, field: string): string[] | undefined {
+  if (value === undefined || value === null) return undefined;
+  if (!Array.isArray(value)) throw new ValidationError(`${field} must be an array of strings`);
+  const cleaned = value.map((item) => cleanString(item, `${field} item`, { max: 500 })).filter(Boolean) as string[];
+  if (cleaned.length > 100) throw new ValidationError(`${field} can contain at most 100 values`);
+  return [...new Set(cleaned)];
+}
+export function cleanTokenConstraints(value: unknown): TokenConstraints | undefined {
+  if (value === undefined || value === null) return undefined;
+  if (!isRecord(value)) throw new ValidationError("constraints must be an object");
+  const constraints: TokenConstraints = {};
+  const arrayKeys = [
+    "agents",
+    "policies",
+    "parentAgents",
+    "targets",
+    "channels",
+    "orchestrators",
+    "hosts",
+    "cwdPrefixes",
+    "taskIds",
+    "memoryScopes",
+    "integrationNames",
+    "spawnRequestIds",
+  ] as const;
+  for (const key of arrayKeys) {
+    const cleaned = cleanConstraintStringArray(value[key], `constraints.${key}`);
+    if (cleaned?.length) constraints[key] = cleaned;
+  }
+  const cwd = cleanString(value.cwd, "constraints.cwd", { max: 500 });
+  if (cwd) constraints.cwd = cwd;
+  for (const key of ["terminalAttach", "logsRead", "canDelegate"] as const) {
+    if (value[key] !== undefined) {
+      if (typeof value[key] !== "boolean") throw new ValidationError(`constraints.${key} must be a boolean`);
+      constraints[key] = value[key];
+    }
+  }
+  return constraints;
+}
+export function cleanMeta(value: unknown): Record<string, unknown> | undefined {
+  if (value === undefined || value === null) return undefined;
+  if (!isRecord(value)) throw new ValidationError("meta must be an object");
+  if (JSON.stringify(value).length > 8192) throw new ValidationError("meta is too large");
+  return value;
+}
+export function cleanParams(value: unknown, field = "params"): Record<string, unknown> | undefined {
+  if (value === undefined || value === null) return undefined;
+  if (!isRecord(value)) throw new ValidationError(`${field} must be an object`);
+  if (JSON.stringify(value).length > 65_536) throw new ValidationError(`${field} is too large`);
+  return value;
+}
+export function cleanWorkspaceMetadata(value: unknown, field: string): WorkspaceMetadata | undefined {
+  if (value === undefined || value === null) return undefined;
+  if (!isRecord(value)) throw new ValidationError(`${field} must be an object`);
+  return {
+    id: cleanString(value.id, `${field}.id`, { max: 160 }),
+    mode: optionalEnum(value.mode, `${field}.mode`, VALID_WORKSPACE_MODES, "shared") as WorkspaceMode,
+    requestedMode: optionalEnum(value.requestedMode, `${field}.requestedMode`, VALID_WORKSPACE_MODES) as WorkspaceMode | undefined,
+    repoRoot: cleanString(value.repoRoot, `${field}.repoRoot`, { max: 1000 }),
+    sourceCwd: cleanString(value.sourceCwd, `${field}.sourceCwd`, { max: 1000 }),
+    worktreePath: cleanString(value.worktreePath, `${field}.worktreePath`, { max: 1000 }),
+    branch: cleanString(value.branch, `${field}.branch`, { max: 240 }),
+    baseRef: cleanString(value.baseRef, `${field}.baseRef`, { max: 240 }),
+    baseSha: cleanString(value.baseSha, `${field}.baseSha`, { max: 80 }),
+    status: optionalEnum(value.status, `${field}.status`, VALID_WORKSPACE_STATUSES) as WorkspaceStatus | undefined,
+    stewardAgentId: cleanString(value.stewardAgentId, `${field}.stewardAgentId`, { max: 240 }),
+    probe: isRecord(value.probe) ? value.probe as unknown as WorkspaceProbe : undefined,
+  };
+}
+export function cleanPositiveId(value: unknown, field: string): number | undefined {
+  if (value === undefined || value === null) return undefined;
+  if (typeof value !== "number" || !Number.isSafeInteger(value) || value <= 0) {
+    throw new ValidationError(`${field} must be a positive integer`);
+  }
+  return value;
+}
+export function cleanNullablePositiveId(value: unknown, field: string): number | null | undefined {
+  if (value === undefined) return undefined;
+  if (value === null) return null;
+  if (typeof value !== "number" || !Number.isSafeInteger(value) || value <= 0) {
+    throw new ValidationError(`${field} must be a positive integer or null`);
+  }
+  return value;
+}
+export function cleanEpoch(value: unknown, field: string): number | undefined {
+  if (value === undefined || value === null) return undefined;
+  if (typeof value !== "number" || !Number.isSafeInteger(value) || value < 0) {
+    throw new ValidationError(`${field} must be a non-negative integer`);
+  }
+  return value;
+}
+export function cleanTtlMs(value: unknown): number | undefined {
+  if (value === undefined || value === null) return undefined;
+  if (typeof value !== "number" || !Number.isSafeInteger(value) || value <= 0) {
+    throw new ValidationError("ttlMs must be a positive integer");
+  }
+  return value;
+}
+export function cleanOperatorId(value: unknown): string {
+  return cleanString(value, "operatorId", { max: 200 }) || "user";
+}
+export function cleanPositiveIdArray(value: unknown, field: string, max = 500): number[] {
+  if (!Array.isArray(value)) throw new ValidationError(`${field} must be an array`);
+  if (value.length === 0) throw new ValidationError(`${field} required`);
+  if (value.length > max) throw new ValidationError(`${field} max ${max}`);
+  return value.map((item, index) => {
+    if (typeof item !== "number" || !Number.isSafeInteger(item) || item <= 0) {
+      throw new ValidationError(`${field}[${index}] must be a positive integer`);
+    }
+    return item;
+  });
+}