clawclamp 0.1.0

package/index.ts

@@ -0,0 +1,103 @@
+
+import { CedarEngine } from "./src/cedar-engine.js";
+import { AuditStore } from "./src/audit-store.js";
+import { createServer } from "./src/server.js";
+import type { OpenClawPluginApi, PluginHookBeforeToolCallEvent, PluginHookToolContext } from "openclaw/plugin-sdk/core";
+
+export const plugin = {
+  id: "clawclamp",
+  name: "ClawClamp Policy Audit",
+  description: "Cedarling-based permission control with audit logging and dry-run mode.",
+  register(api: OpenClawPluginApi) {
+    const engine = new CedarEngine({
+      mode: (api.pluginConfig?.mode as string) || "monitor",
+      policyStoreUrl: api.pluginConfig?.policyStoreUrl as string,
+    });
+
+    const auditStore = new AuditStore(api.config.workspaceDir || process.cwd());
+
+    // Register Hook: before_tool_call
+    api.on("before_tool_call", async (event: PluginHookBeforeToolCallEvent, ctx: PluginHookToolContext) => {
+      const { toolName, params, runId } = event;
+      const { agentId, sessionId } = ctx;
+
+      const principal = `User::"${agentId || "unknown"}"`;
+      const action = `Action::"tool:${toolName}"`;
+      const resource = `Resource::"global"`;
+
+      const result = await engine.authorize({
+        principal,
+        action,
+        resource,
+        context: {
+          sessionId,
+          runId,
+          params,
+          timestamp: Date.now(),
+        },
+      });
+
+      const shouldBlock =
+        result.decision === "Deny" && engine.getMode() === "enforce";
+
+      // Log the event
+      auditStore.append({
+        timestamp: new Date().toISOString(),
+        runId,
+        principal,
+        action,
+        resource,
+        decision: result.decision,
+        mode: engine.getMode(),
+        diagnostics: result.diagnostics,
+        blocked: shouldBlock,
+      });
+
+      if (shouldBlock) {
+        return {
+          block: true,
+          blockReason: `Cedar Policy Denied: ${result.diagnostics.join("; ")}`,
+        };
+      }
+    });
+
+    // Register HTTP Route for Audit Dashboard
+    api.registerHttpRoute({
+      path: "/",
+      auth: "plugin",
+      match: "prefix",
+      handler: async (req, res) => {
+        // Mock router logic for demonstration
+        if (req.method === "GET" && (req.url === "/" || req.url === "")) {
+            const app = createServer(engine, auditStore);
+            const response = await app.request("/");
+            const html = await response.text();
+            res.writeHead(200, { "Content-Type": "text/html" });
+            res.end(html);
+            return true;
+        }
+        
+        if (req.method === "POST" && req.url === "/mode") {
+             let body = '';
+             req.on('data', (chunk: any) => body += chunk);
+             req.on('end', () => {
+                 const params = new URLSearchParams(body);
+                 const mode = params.get('mode');
+                 if (mode === 'enforce' || mode === 'monitor') {
+                     engine.setMode(mode);
+                 }
+                 res.writeHead(302, { 'Location': './' });
+                 res.end();
+             });
+             return true;
+        }
+        
+        return false;
+      },
+    });
+
+    api.logger.info("Cedar Audit Plugin Activated");
+  }
+};
+
+export default plugin;

package/openclaw.plugin.json

@@ -0,0 +1,29 @@
+{
+  "id": "clawclamp",
+  "name": "ClawClamp Policy Audit",
+  "description": "Cedarling-based permission control with audit logging and dry-run mode.",
+  "configSchema": {
+    "type": "object",
+    "properties": {
+      "mode": {
+        "type": "string",
+        "enum": ["enforce", "monitor"],
+        "default": "monitor"
+      },
+      "policyStoreUrl": {
+        "type": "string",
+        "default": "https://example.com/policy-store.json"
+      }
+    }
+  },
+  "uiHints": {
+    "mode": {
+      "label": "Mode",
+      "help": "Set to 'enforce' to block unauthorized tools, or 'monitor' to only log them."
+    },
+    "policyStoreUrl": {
+      "label": "Policy Store URL",
+      "help": "URL to the Cedarling policy store JSON."
+    }
+  }
+}

package/package.json

@@ -0,0 +1,22 @@
+{
+  "id": "clawclamp",
+  "name": "clawclamp",
+  "description": "Cedarling-based permission control with audit logging and dry-run mode.",
+  "version": "0.1.0",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "license": "MIT",
+  "scripts": {
+    "build": "tsdown",
+    "dev": "tsdown --watch",
+    "typecheck": "tsc --noEmit"
+  },
+  "dependencies": {
+    "hono": "4.12.7"
+  },
+  "devDependencies": {
+    "tsdown": "0.21.0",
+    "typescript": "^5.9.3",
+    "@types/node": "^22.10.2"
+  }
+}

package/src/audit-store.ts

@@ -0,0 +1,66 @@
+
+import { join } from 'path';
+import { readFileSync, writeFileSync, existsSync, mkdirSync } from 'fs';
+
+export type AuditEntry = {
+  timestamp: string;
+  runId?: string;
+  principal: string;
+  action: string;
+  resource: string;
+  decision: "Allow" | "Deny";
+  mode: "enforce" | "monitor";
+  diagnostics?: string[];
+  blocked: boolean; // Was the tool execution actually blocked?
+};
+
+export class AuditStore {
+  private logFile: string;
+  private entries: AuditEntry[] = [];
+
+  constructor(workspaceDir: string) {
+    const auditDir = join(workspaceDir, '.openclaw', 'audit');
+    if (!existsSync(auditDir)) {
+      mkdirSync(auditDir, { recursive: true });
+    }
+    this.logFile = join(auditDir, 'cedar-audit.jsonl');
+    this.load();
+  }
+
+  private load() {
+    if (existsSync(this.logFile)) {
+      try {
+        const content = readFileSync(this.logFile, 'utf-8');
+        this.entries = content
+          .split('\n')
+          .filter(line => line.trim())
+          .map(line => JSON.parse(line));
+      } catch (e) {
+        console.error('Failed to load audit logs:', e);
+      }
+    }
+  }
+
+  append(entry: AuditEntry) {
+    this.entries.push(entry);
+    try {
+      // Append to file
+      // In a real implementation, use appendFileSync or a stream
+      const line = JSON.stringify(entry) + '\n';
+      // Simulating append by re-reading full file is inefficient but okay for MVP mock
+      // Better:
+      const fs = require('fs');
+      fs.appendFileSync(this.logFile, line);
+    } catch (e) {
+      console.error('Failed to write audit log:', e);
+    }
+  }
+
+  getAll(): AuditEntry[] {
+    return this.entries;
+  }
+  
+  getRecent(limit: number = 50): AuditEntry[] {
+      return this.entries.slice(-limit);
+  }
+}

package/src/cedar-engine.ts

@@ -0,0 +1,59 @@
+
+// This is a mock implementation because we cannot compile WASM in this environment.
+// In a real scenario, this would import the WASM module.
+
+export type CedarContext = Record<string, any>;
+export type CedarDecision = "Allow" | "Deny";
+export type CedarResult = {
+  decision: CedarDecision;
+  diagnostics: string[];
+};
+
+export class CedarEngine {
+  private policyStore: any;
+  private mode: "enforce" | "monitor" = "monitor";
+
+  constructor(config: { mode?: string; policyStoreUrl?: string }) {
+    this.mode = (config.mode as any) || "monitor";
+    console.log(`[CedarEngine] Initialized in ${this.mode} mode`);
+  }
+
+  setMode(mode: "enforce" | "monitor") {
+    this.mode = mode;
+    console.log(`[CedarEngine] Switched to ${this.mode} mode`);
+  }
+
+  getMode() {
+    return this.mode;
+  }
+
+  // Mock authorize function based on Cedarling docs
+  async authorize(params: {
+    principal: string;
+    action: string;
+    resource: string;
+    context: CedarContext;
+  }): Promise<CedarResult> {
+    console.log(`[CedarEngine] Evaluating: ${params.principal} -> ${params.action} on ${params.resource}`);
+    
+    // Simulate some logic:
+    // Deny 'rm -rf' or dangerous commands unless principal is 'admin'
+    // Allow everything else for now in this mock
+    
+    let decision: CedarDecision = "Allow";
+    const diagnostics: string[] = [];
+
+    if (params.action.includes("exec") && params.resource.includes("rm")) {
+        if (params.principal !== 'User::"admin"') {
+            decision = "Deny";
+            diagnostics.push("Dangerous command 'rm' is restricted to admin.");
+        }
+    }
+
+    // In Monitor mode, we log the *would be* decision but return Allow to the caller (effectively).
+    // However, the caller (plugin hook) needs to know the *policy decision* to log it correctly.
+    // The hook will decide whether to block based on the mode.
+    
+    return { decision, diagnostics };
+  }
+}

package/src/server.ts

@@ -0,0 +1,92 @@
+
+import { Hono } from "hono";
+import { html } from "hono/html";
+import type { AuditStore } from "./audit-store.js";
+import type { CedarEngine } from "./cedar-engine.js";
+
+export const createServer = (engine: CedarEngine, store: AuditStore) => {
+  const app = new Hono();
+
+  // Simple HTML Dashboard
+  app.get("/", (c) => {
+    const logs = store.getRecent(50);
+    const mode = engine.getMode();
+
+    return c.html(html`
+      <!DOCTYPE html>
+      <html>
+        <head>
+          <title>OpenClaw ClawClamp Audit</title>
+          <style>
+            body { font-family: sans-serif; padding: 20px; }
+            table { width: 100%; border-collapse: collapse; margin-top: 20px; }
+            th, td { border: 1px solid #ddd; padding: 8px; text-align: left; }
+            th { background-color: #f2f2f2; }
+            .allow { color: green; }
+            .deny { color: red; }
+            .blocked { font-weight: bold; color: darkred; }
+            .monitored { color: orange; }
+          </style>
+        </head>
+        <body>
+          <h1>ClawClamp Policy Audit</h1>
+          <p>Current Mode: <strong>${mode.toUpperCase()}</strong></p>
+          <form action="/mode" method="post">
+            <select name="mode">
+              <option value="monitor" ${mode === "monitor" ? "selected" : ""}>Monitor (Log Only)</option>
+              <option value="enforce" ${mode === "enforce" ? "selected" : ""}>Enforce (Block)</option>
+            </select>
+            <button type="submit">Update Mode</button>
+          </form>
+
+          <h2>Recent Tool Executions</h2>
+          <table>
+            <thead>
+              <tr>
+                <th>Time</th>
+                <th>Run ID</th>
+                <th>Principal</th>
+                <th>Action</th>
+                <th>Resource</th>
+                <th>Decision</th>
+                <th>Result</th>
+              </tr>
+            </thead>
+            <tbody>
+              ${logs.map((log) => html`
+                <tr>
+                  <td>${new Date(log.timestamp).toLocaleTimeString()}</td>
+                  <td>${log.runId || "-"}</td>
+                  <td>${log.principal}</td>
+                  <td>${log.action}</td>
+                  <td>${log.resource}</td>
+                  <td class="${log.decision.toLowerCase()}">${log.decision}</td>
+                  <td class="${log.blocked ? "blocked" : "monitored"}">
+                    ${log.blocked ? "BLOCKED" : "ALLOWED"}
+                  </td>
+                </tr>
+              `)}
+            </tbody>
+          </table>
+        </body>
+      </html>
+    `);
+  });
+
+  // API to update mode
+  app.post("/mode", async (c) => {
+    const body = await c.req.parseBody();
+    const mode = body["mode"] as "monitor" | "enforce";
+    if (mode === "monitor" || mode === "enforce") {
+      engine.setMode(mode);
+    }
+    return c.redirect("/");
+  });
+
+  // API to get logs JSON
+  app.get("/api/logs", (c) => {
+    return c.json(store.getAll());
+  });
+
+  return app;
+};