npm - clawclamp - Versions diffs - 0.1.6 → 0.1.8 - Mend

clawclamp 0.1.6 → 0.1.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

package/README.md CHANGED Viewed

@@ -20,10 +20,12 @@ plugins:
     clawclamp:
       enabled: true
       config:
-        mode: enforce
+        mode: gray
         principalId: openclaw
         policyStoreUri: file:///path/to/policy-store.json
         policyFailOpen: false
+        # 可选：UI 访问令牌（非 loopback 时可通过 ?token= 或 X-OpenClaw-Token 访问）
+        # uiToken: "your-ui-token"
         risk:
           default: high
           overrides:
@@ -43,3 +45,14 @@ plugins:
 ## UI
 Open the gateway path `/plugins/clawclamp` to view audit logs, toggle gray mode, and create short-term grants.
+UI access rules:
+- Loopback (127.0.0.1 / ::1) is allowed without a token.
+- Non-loopback requires a token via `?token=` or `X-OpenClaw-Token` / `Authorization: Bearer`.
+Policy management:
+- The UI includes a Cedar policy panel for CRUD.
+- If `policyStoreUri` is set, policies are read-only.
+- Default policy set is empty, so all tool calls are denied unless you add permit policies.

package/assets/app.js CHANGED Viewed

@@ -14,6 +14,17 @@ const grantNoteInput = qs("grant-note");
 const grantHint = qs("grant-hint");
 const grantsEl = qs("grants");
 const auditEl = qs("audit");
+const policyListEl = qs("policy-list");
+const policyIdInput = qs("policy-id");
+const policyContentInput = qs("policy-content");
+const policyCreateBtn = qs("policy-create");
+const policyUpdateBtn = qs("policy-update");
+const policyDeleteBtn = qs("policy-delete");
+const policyStatusEl = qs("policy-status");
+const policySchemaEl = qs("policy-schema");
+let policyReadOnly = false;
+let policies = [];
+let deniedTools = new Set();
 async function fetchJson(path, opts = {}) {
   const res = await fetch(path, {
@@ -98,7 +109,8 @@ function renderAudit(entries) {
   const header = document.createElement("div");
   header.className = "table-row header";
-  header.innerHTML = "<div>时间</div><div>工具</div><div>决策</div><div>风险</div><div>说明</div>";
+  header.innerHTML =
+    "<div>时间</div><div>工具</div><div>决策</div><div>风险</div><div>说明</div><div>操作</div>";
   auditEl.innerHTML = "";
   auditEl.appendChild(header);
@@ -107,17 +119,84 @@ function renderAudit(entries) {
     const row = document.createElement("div");
     row.className = "table-row";
     const badgeClass = decisionBadge(entry.decision);
+    const canAllow = entry.decision === "deny" || entry.decision === "allow_grayed";
+    const canDeny = entry.decision === "allow";
+    const paramsText =
+      entry.params && typeof entry.params === "object"
+        ? JSON.stringify(entry.params, null, 2)
+        : entry.params || "";
+    const meta = [
+      entry.toolCallId ? `toolCallId: ${entry.toolCallId}` : null,
+      entry.runId ? `runId: ${entry.runId}` : null,
+      entry.sessionKey ? `sessionKey: ${entry.sessionKey}` : null,
+      entry.agentId ? `agentId: ${entry.agentId}` : null,
+    ].filter(Boolean);
     row.innerHTML = `
       <div>${formatTime(entry.timestamp)}</div>
       <div class="mono">${entry.toolName}</div>
       <div class="badge ${badgeClass}">${decisionLabel(entry.decision)}</div>
       <div>${riskLabel(entry.risk)}</div>
       <div>${entry.reason || entry.error || ""}</div>
+      <div class="actions">
+        ${canAllow ? "<button class=\"btn mini\" data-action=\"allow\">一键允许</button>" : ""}
+        ${canDeny ? "<button class=\"btn mini warn\" data-action=\"deny\">一键拒绝</button>" : ""}
+      </div>
+      <div class="audit-detail">
+        <div class="audit-meta">${meta.join(" · ")}</div>
+        ${paramsText ? `<pre>${paramsText}</pre>` : ""}
+      </div>
     `;
+    const allowBtn = row.querySelector("button[data-action=\"allow\"]");
+    if (allowBtn) {
+      allowBtn.addEventListener("click", async () => {
+        await applyPolicyChange("permit", entry.toolName);
+        await refreshAll();
+      });
+    }
+    const denyBtn = row.querySelector("button[data-action=\"deny\"]");
+    if (denyBtn) {
+      denyBtn.addEventListener("click", async () => {
+        await applyPolicyChange("forbid", entry.toolName);
+        await refreshAll();
+      });
+    }
     auditEl.appendChild(row);
   });
 }
+function renderPolicyList(list) {
+  policies = list;
+  if (!list.length) {
+    policyListEl.innerHTML = "<div class=\"note\">暂无策略。</div>";
+    return;
+  }
+  policyListEl.innerHTML = "";
+  list.forEach((policy) => {
+    const item = document.createElement("button");
+    item.className = "policy-item";
+    item.textContent = policy.id;
+    item.addEventListener("click", () => {
+      policyIdInput.value = policy.id;
+      policyContentInput.value = policy.content || "";
+      policyStatusEl.textContent = "";
+    });
+    policyListEl.appendChild(item);
+  });
+}
+async function refreshPolicies() {
+  const result = await fetchJson(`${API_BASE}/policies`);
+  policyReadOnly = result.readOnly === true;
+  renderPolicyList(result.policies || []);
+  policySchemaEl.textContent = result.schema || "";
+  policyCreateBtn.disabled = policyReadOnly;
+  policyUpdateBtn.disabled = policyReadOnly;
+  policyDeleteBtn.disabled = policyReadOnly;
+  if (policyReadOnly) {
+    policyStatusEl.textContent = "policyStoreUri 模式下为只读。";
+  }
+}
 async function refreshAll() {
   const state = await fetchJson(`${API_BASE}/state`);
   renderMode(state);
@@ -125,6 +204,7 @@ async function refreshAll() {
   renderGrants(grants.grants || []);
   const logs = await fetchJson(`${API_BASE}/logs`);
   renderAudit(logs.entries || []);
+  await refreshPolicies();
 }
 refreshBtn.addEventListener("click", () => {
@@ -164,3 +244,86 @@ grantForm.addEventListener("submit", async (event) => {
 refreshAll();
 setInterval(refreshAll, 10_000);
+function sanitizeIdPart(value) {
+  return value.toLowerCase().replace(/[^a-z0-9_-]+/g, "_").slice(0, 64);
+}
+function policyIdPrefix(effect, toolName) {
+  return `ui-${effect}:${sanitizeIdPart(toolName)}:`;
+}
+function policyBody(effect, toolName) {
+  const keyword = effect === "forbid" ? "forbid" : "permit";
+  return `${keyword}(principal, action, resource)\nwhen {\n  action == Action::\"Invoke\" && resource.name == \"${toolName}\"\n};`;
+}
+async function removePoliciesByPrefix(prefix) {
+  const targets = policies.filter((policy) => policy.id.startsWith(prefix));
+  for (const policy of targets) {
+    await fetchJson(`${API_BASE}/policies/${encodeURIComponent(policy.id)}`, {
+      method: "DELETE",
+    });
+  }
+}
+async function applyPolicyChange(effect, toolName) {
+  const opposite = effect === "permit" ? "forbid" : "permit";
+  await removePoliciesByPrefix(policyIdPrefix(opposite, toolName));
+  const id = `${policyIdPrefix(effect, toolName)}${Date.now()}`;
+  const content = policyBody(effect, toolName);
+  await fetchJson(`${API_BASE}/policies`, {
+    method: "POST",
+    body: JSON.stringify({ id, content }),
+  });
+}
+policyCreateBtn.addEventListener("click", async () => {
+  const id = policyIdInput.value.trim();
+  const content = policyContentInput.value.trim();
+  if (!content) {
+    policyStatusEl.textContent = "请输入 Policy 内容。";
+    return;
+  }
+  const body = { content, ...(id ? { id } : {}) };
+  await fetchJson(`${API_BASE}/policies`, {
+    method: "POST",
+    body: JSON.stringify(body),
+  });
+  policyStatusEl.textContent = "已新增策略。";
+  await refreshPolicies();
+});
+policyUpdateBtn.addEventListener("click", async () => {
+  const id = policyIdInput.value.trim();
+  const content = policyContentInput.value.trim();
+  if (!id) {
+    policyStatusEl.textContent = "请选择或填写 Policy ID。";
+    return;
+  }
+  if (!content) {
+    policyStatusEl.textContent = "请输入 Policy 内容。";
+    return;
+  }
+  await fetchJson(`${API_BASE}/policies/${encodeURIComponent(id)}`, {
+    method: "PUT",
+    body: JSON.stringify({ content }),
+  });
+  policyStatusEl.textContent = "已保存策略。";
+  await refreshPolicies();
+});
+policyDeleteBtn.addEventListener("click", async () => {
+  const id = policyIdInput.value.trim();
+  if (!id) {
+    policyStatusEl.textContent = "请选择或填写 Policy ID。";
+    return;
+  }
+  await fetchJson(`${API_BASE}/policies/${encodeURIComponent(id)}`, {
+    method: "DELETE",
+  });
+  policyStatusEl.textContent = "已删除策略。";
+  policyIdInput.value = "";
+  policyContentInput.value = "";
+  await refreshPolicies();
+});

package/assets/index.html CHANGED Viewed

@@ -68,6 +68,36 @@
         <div class="note">最近的工具调用记录（允许、拒绝、灰度放行）。</div>
         <div class="table" id="audit"></div>
       </section>
+      <section class="card">
+        <h2>Cedar 策略</h2>
+        <div class="note">查看与维护当前策略集（policyStoreUri 配置时为只读）。</div>
+        <div class="policy-grid">
+          <div class="policy-list" id="policy-list"></div>
+          <div class="policy-editor">
+            <div class="policy-form">
+              <label>
+                Policy ID
+                <input id="policy-id" placeholder="policy-id" />
+              </label>
+              <label>
+                Policy 内容
+                <textarea id="policy-content" rows="8" placeholder="permit(principal, action, resource) when { ... }"></textarea>
+              </label>
+              <div class="policy-actions">
+                <button id="policy-create" class="btn primary">新增</button>
+                <button id="policy-update" class="btn">保存</button>
+                <button id="policy-delete" class="btn warn">删除</button>
+              </div>
+              <div id="policy-status" class="note"></div>
+            </div>
+            <div class="policy-schema">
+              <div class="label">Schema</div>
+              <pre id="policy-schema"></pre>
+            </div>
+          </div>
+        </div>
+      </section>
     </div>
     <script type="module" src="/plugins/clawclamp/assets/app.js"></script>

package/assets/styles.css CHANGED Viewed

@@ -1,17 +1,17 @@
 :root {
   color-scheme: light;
-  --bg: #f5f1ea;
+  --bg: #f2f3f5;
   --panel: #ffffff;
-  --ink: #1b1b1b;
-  --muted: #5b5b5b;
-  --accent: #1a4dff;
-  --accent-2: #ff8b2c;
-  --warn: #d64b31;
-  --border: #e5ddd0;
-  --shadow: 0 12px 40px rgba(0, 0, 0, 0.08);
-  --radius: 16px;
-  --mono: "IBM Plex Mono", "SFMono-Regular", "Menlo", "Consolas", monospace;
-  --sans: "Space Grotesk", "Avenir Next", "Segoe UI", sans-serif;
+  --ink: #0f1115;
+  --muted: #5f6774;
+  --accent: #00a3ff;
+  --accent-2: #7c8cff;
+  --warn: #ff5b4d;
+  --border: #d7dbe2;
+  --shadow: 0 10px 30px rgba(4, 8, 16, 0.08);
+  --radius: 10px;
+  --mono: "JetBrains Mono", "IBM Plex Mono", "SFMono-Regular", "Menlo", "Consolas", monospace;
+  --sans: "Space Grotesk", "IBM Plex Sans", "Segoe UI", sans-serif;
 }
 * {
@@ -20,28 +20,28 @@
 body {
   margin: 0;
-  font-family: var(--sans);
-  background: radial-gradient(circle at top, #fdfbf7 0%, var(--bg) 50%, #efe7db 100%);
+  font-family: var(--mono);
+  background: radial-gradient(circle at top, #ffffff 0%, var(--bg) 45%, #e7eaef 100%);
   color: var(--ink);
 }
 .page {
-  max-width: 1180px;
+  max-width: 1120px;
   margin: 0 auto;
-  padding: 32px 24px 48px;
+  padding: 20px 18px 32px;
 }
 .header {
   display: flex;
   align-items: flex-start;
   justify-content: space-between;
-  gap: 24px;
-  padding: 24px;
+  gap: 16px;
+  padding: 16px 18px;
   background: var(--panel);
   border-radius: var(--radius);
   box-shadow: var(--shadow);
   border: 1px solid var(--border);
-  margin-bottom: 24px;
+  margin-bottom: 16px;
 }
 .eyebrow {
@@ -53,8 +53,9 @@ body {
 }
 h1 {
-  margin: 0 0 6px;
-  font-size: 2.2rem;
+  margin: 0 0 4px;
+  font-size: 1.6rem;
+  letter-spacing: 0.02em;
 }
 .subhead {
@@ -70,35 +71,36 @@ h1 {
 .grid {
   display: grid;
-  grid-template-columns: repeat(auto-fit, minmax(280px, 1fr));
-  gap: 20px;
-  margin-bottom: 24px;
+  grid-template-columns: repeat(auto-fit, minmax(240px, 1fr));
+  gap: 12px;
+  margin-bottom: 16px;
 }
 .card {
   background: var(--panel);
   border-radius: var(--radius);
-  padding: 20px;
+  padding: 14px;
   border: 1px solid var(--border);
   box-shadow: var(--shadow);
 }
 h2 {
-  margin: 0 0 12px;
-  font-size: 1.2rem;
+  margin: 0 0 8px;
+  font-size: 1rem;
+  letter-spacing: 0.02em;
 }
 .mode-row {
   display: flex;
   align-items: center;
   justify-content: space-between;
-  gap: 16px;
+  gap: 12px;
 }
 .mode-actions {
   display: flex;
   flex-direction: column;
-  gap: 8px;
+  gap: 6px;
 }
 .label {
@@ -107,7 +109,7 @@ h2 {
 }
 .value {
-  font-size: 1.4rem;
+  font-size: 1.1rem;
   font-weight: 600;
 }
@@ -118,12 +120,14 @@ h2 {
 }
 .btn {
-  padding: 10px 16px;
-  border-radius: 999px;
+  padding: 8px 12px;
+  border-radius: 8px;
   border: 1px solid var(--border);
   background: #fff;
   cursor: pointer;
   font-weight: 600;
+  font-family: var(--mono);
+  font-size: 0.82rem;
 }
 .btn.primary {
@@ -138,6 +142,12 @@ h2 {
   border-color: var(--warn);
 }
+.btn.mini {
+  padding: 6px 8px;
+  border-radius: 6px;
+  font-size: 0.75rem;
+}
 .btn.ghost {
   background: transparent;
 }
@@ -163,10 +173,10 @@ h2 {
 input {
   border: 1px solid var(--border);
-  border-radius: 12px;
-  padding: 10px 12px;
-  font-size: 0.95rem;
-  font-family: var(--sans);
+  border-radius: 8px;
+  padding: 8px 10px;
+  font-size: 0.85rem;
+  font-family: var(--mono);
 }
 .list {
@@ -178,11 +188,11 @@ input {
   display: flex;
   justify-content: space-between;
   align-items: center;
-  padding: 12px;
-  border-radius: 12px;
+  padding: 10px;
+  border-radius: 8px;
   border: 1px solid var(--border);
-  background: #faf7f1;
-  font-size: 0.9rem;
+  background: #f6f7f9;
+  font-size: 0.8rem;
 }
 .list-item strong {
@@ -191,24 +201,24 @@ input {
 .table {
   display: grid;
-  gap: 8px;
-  margin-top: 12px;
+  gap: 6px;
+  margin-top: 10px;
 }
 .table-row {
   display: grid;
-  grid-template-columns: 140px 120px 1fr 100px 120px;
-  gap: 12px;
+  grid-template-columns: 110px 110px 90px 70px 1fr 120px;
+  gap: 10px;
   align-items: center;
-  padding: 10px 12px;
-  border-radius: 12px;
+  padding: 8px 10px;
+  border-radius: 8px;
   border: 1px solid var(--border);
-  background: #fcfbf8;
-  font-size: 0.85rem;
+  background: #fdfdfd;
+  font-size: 0.78rem;
 }
 .table-row.header {
-  background: #f0e8db;
+  background: #eef2f7;
   font-weight: 700;
 }
@@ -216,37 +226,147 @@ input {
   font-family: var(--mono);
 }
+.actions {
+  display: flex;
+  gap: 6px;
+  flex-wrap: wrap;
+}
+.audit-detail {
+  grid-column: 1 / -1;
+  border-top: 1px dashed var(--border);
+  margin-top: 6px;
+  padding-top: 6px;
+  font-size: 0.72rem;
+  color: var(--muted);
+}
+.audit-detail pre {
+  margin: 6px 0 0;
+  padding: 8px;
+  border-radius: 6px;
+  border: 1px solid var(--border);
+  background: #f3f5f9;
+  font-size: 0.72rem;
+  line-height: 1.35;
+  overflow: auto;
+}
+.policy-grid {
+  display: grid;
+  grid-template-columns: 220px 1fr;
+  gap: 12px;
+  margin-top: 10px;
+}
+.policy-list {
+  display: grid;
+  gap: 6px;
+  align-content: start;
+  max-height: 360px;
+  overflow: auto;
+  padding-right: 4px;
+}
+.policy-item {
+  padding: 6px 8px;
+  border-radius: 6px;
+  border: 1px solid var(--border);
+  background: #f7f8fb;
+  font-family: var(--mono);
+  font-size: 0.75rem;
+  text-align: left;
+  cursor: pointer;
+}
+.policy-editor {
+  display: grid;
+  grid-template-columns: 1fr 1fr;
+  gap: 12px;
+}
+.policy-form {
+  display: grid;
+  gap: 8px;
+}
+.policy-form label {
+  display: grid;
+  gap: 6px;
+  font-size: 0.8rem;
+  color: var(--muted);
+}
+.policy-form textarea {
+  border: 1px solid var(--border);
+  border-radius: 8px;
+  padding: 8px 10px;
+  font-size: 0.8rem;
+  font-family: var(--mono);
+  min-height: 160px;
+  resize: vertical;
+}
+.policy-actions {
+  display: flex;
+  gap: 6px;
+  flex-wrap: wrap;
+}
+.policy-schema pre {
+  margin: 0;
+  padding: 10px;
+  border: 1px solid var(--border);
+  border-radius: 8px;
+  background: #f3f5f9;
+  font-size: 0.75rem;
+  line-height: 1.4;
+  max-height: 260px;
+  overflow: auto;
+}
+@media (max-width: 900px) {
+  .policy-grid {
+    grid-template-columns: 1fr;
+  }
+  .policy-editor {
+    grid-template-columns: 1fr;
+  }
+}
 .badge {
-  padding: 4px 8px;
+  padding: 3px 6px;
   border-radius: 999px;
-  font-size: 0.75rem;
+  font-size: 0.68rem;
   text-transform: uppercase;
   font-weight: 700;
   justify-self: start;
 }
 .badge.allow {
-  background: rgba(26, 77, 255, 0.15);
-  color: #1a4dff;
+  background: rgba(0, 163, 255, 0.15);
+  color: #0086cc;
 }
 .badge.deny {
-  background: rgba(214, 75, 49, 0.15);
-  color: #d64b31;
+  background: rgba(255, 91, 77, 0.15);
+  color: #d9392c;
 }
 .badge.gray {
-  background: rgba(255, 139, 44, 0.2);
-  color: #c15c00;
+  background: rgba(124, 140, 255, 0.2);
+  color: #4f5bff;
 }
 @media (max-width: 900px) {
   .table-row {
-    grid-template-columns: 120px 100px 1fr;
-    grid-template-rows: auto auto;
+    grid-template-columns: 100px 1fr;
+    grid-template-rows: auto auto auto;
   }
+  .table-row > :nth-child(3),
   .table-row > :nth-child(4),
-  .table-row > :nth-child(5) {
+  .table-row > :nth-child(5),
+  .table-row > :nth-child(6) {
     grid-column: 1 / -1;
   }
 }

package/index.ts CHANGED Viewed

@@ -23,14 +23,20 @@ const plugin = {
     api.on("after_tool_call", async (event, ctx) => service.handleAfterToolCall(event, ctx));
     const assetsDir = path.join(path.dirname(fileURLToPath(import.meta.url)), "assets");
+    const gatewayToken =
+      typeof api.config.gateway?.auth?.token === "string" ? api.config.gateway.auth.token : undefined;
     api.registerHttpRoute({
       path: "/plugins/clawclamp",
-      auth: "gateway",
+      auth: "plugin",
       match: "prefix",
       handler: createClawClampHttpHandler({
         stateDir,
         config,
         assetsDir,
+        gatewayToken,
+        onPolicyUpdate: async () => {
+          await service.resetCedarling();
+        },
       }),
     });
   },

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "clawclamp",
-  "version": "0.1.6",
+  "version": "0.1.8",
   "description": "OpenClaw Cedar authorization guard with audit UI",
   "type": "module",
   "dependencies": {

package/src/config.ts CHANGED Viewed

@@ -31,7 +31,7 @@ const DEFAULT_RISK_OVERRIDES: Record<string, RiskLevel> = {
 export const DEFAULT_CLAWCLAMP_CONFIG: ClawClampConfig = {
   enabled: true,
-  mode: "enforce",
+  mode: "gray",
   principalId: "openclaw",
   policyFailOpen: false,
   risk: {
@@ -64,6 +64,7 @@ const CEDAR_GUARD_CONFIG_JSON_SCHEMA = {
     principalId: { type: "string", default: DEFAULT_CLAWCLAMP_CONFIG.principalId },
     policyStoreUri: { type: "string" },
     policyStoreLocal: { type: "string" },
+    uiToken: { type: "string" },
     policyFailOpen: { type: "boolean", default: DEFAULT_CLAWCLAMP_CONFIG.policyFailOpen },
     risk: {
       type: "object",
@@ -188,6 +189,10 @@ export function resolveClawClampConfig(input: unknown): ClawClampConfig {
       typeof raw.policyStoreLocal === "string" && raw.policyStoreLocal.trim()
         ? raw.policyStoreLocal.trim()
         : undefined,
+    uiToken:
+      typeof raw.uiToken === "string" && raw.uiToken.trim()
+        ? raw.uiToken.trim()
+        : undefined,
     policyFailOpen:
       typeof raw.policyFailOpen === "boolean"
         ? raw.policyFailOpen

package/src/guard.ts CHANGED Viewed

@@ -10,6 +10,7 @@ import { appendAuditEntry, createAuditEntryId } from "./audit.js";
 import { listGrants, findActiveGrant } from "./grants.js";
 import { getModeOverride } from "./mode.js";
 import { buildDefaultPolicyStore } from "./policy.js";
+import { ensurePolicyStore } from "./policy-store.js";
 import type { AuditEntry, ClawClampConfig, ClawClampMode, RiskLevel } from "./types.js";
 type CedarDecision = "allow" | "deny" | "error";
@@ -58,9 +59,12 @@ function summarizeParams(
   return summary;
 }
-function buildCedarlingConfig(config: ClawClampConfig): CedarlingConfig {
+function buildCedarlingConfig(params: {
+  config: ClawClampConfig;
+  policyStoreLocal?: string;
+}): CedarlingConfig {
   const policyStoreLocal =
-    config.policyStoreLocal ?? JSON.stringify(buildDefaultPolicyStore());
+    params.policyStoreLocal ?? params.config.policyStoreLocal ?? JSON.stringify(buildDefaultPolicyStore());
   const cedarConfig: CedarlingConfig = {
     CEDARLING_APPLICATION_NAME: "openclaw-clawclamp",
@@ -72,8 +76,8 @@ function buildCedarlingConfig(config: ClawClampConfig): CedarlingConfig {
     CEDARLING_LOG_LEVEL: "WARN",
   };
-  if (config.policyStoreUri) {
-    cedarConfig.CEDARLING_POLICY_STORE_URI = config.policyStoreUri;
+  if (params.config.policyStoreUri) {
+    cedarConfig.CEDARLING_POLICY_STORE_URI = params.config.policyStoreUri;
   } else {
     cedarConfig.CEDARLING_POLICY_STORE_LOCAL = policyStoreLocal;
   }
@@ -268,7 +272,11 @@ export class ClawClampService {
   private async getCedarlingInstance(): Promise<CedarlingInstance> {
     if (!this.cedarlingPromise) {
-      const cedarConfig = buildCedarlingConfig(this.config);
+      const policyStore = await ensurePolicyStore({ stateDir: this.stateDir, config: this.config });
+      const cedarConfig = buildCedarlingConfig({
+        config: this.config,
+        policyStoreLocal: policyStore.readOnly ? undefined : policyStore.json,
+      });
       this.cedarlingPromise = getCedarling(cedarConfig);
     }
     try {

package/src/http.ts CHANGED Viewed

@@ -4,6 +4,7 @@ import type { IncomingMessage, ServerResponse } from "node:http";
 import { listGrants, createGrant, revokeGrant } from "./grants.js";
 import { readAuditEntries } from "./audit.js";
 import { getModeOverride, setModeOverride } from "./mode.js";
+import { createPolicy, deletePolicy, listPolicies, updatePolicy } from "./policy-store.js";
 import type { ClawClampConfig, ClawClampMode } from "./types.js";
 const API_PREFIX = "/plugins/clawclamp/api";
@@ -47,6 +48,91 @@ function parseUrl(rawUrl?: string): URL | null {
   }
 }
+function getHeader(req: IncomingMessage, name: string): string | undefined {
+  const raw = req.headers[name.toLowerCase()];
+  if (typeof raw === "string") {
+    return raw;
+  }
+  if (Array.isArray(raw)) {
+    return raw[0];
+  }
+  return undefined;
+}
+function getBearerToken(req: IncomingMessage): string | undefined {
+  const raw = getHeader(req, "authorization")?.trim() ?? "";
+  if (!raw.toLowerCase().startsWith("bearer ")) {
+    return undefined;
+  }
+  const token = raw.slice(7).trim();
+  return token || undefined;
+}
+function hasProxyForwardingHints(req: IncomingMessage): boolean {
+  const headers = req.headers ?? {};
+  return Boolean(
+    headers["x-forwarded-for"] ||
+      headers["x-real-ip"] ||
+      headers.forwarded ||
+      headers["x-forwarded-host"] ||
+      headers["x-forwarded-proto"],
+  );
+}
+function normalizeRemoteClientKey(remoteAddress: string | undefined): string {
+  const normalized = remoteAddress?.trim().toLowerCase();
+  if (!normalized) {
+    return "unknown";
+  }
+  return normalized.startsWith("::ffff:") ? normalized.slice("::ffff:".length) : normalized;
+}
+function isLoopbackClientIp(clientIp: string): boolean {
+  return clientIp === "127.0.0.1" || clientIp === "::1";
+}
+function isLoopbackRequest(req: IncomingMessage): boolean {
+  const remoteKey = normalizeRemoteClientKey(req.socket?.remoteAddress);
+  return isLoopbackClientIp(remoteKey) && !hasProxyForwardingHints(req);
+}
+function resolveAuthToken(params: {
+  req: IncomingMessage;
+  parsed: URL;
+}): string | undefined {
+  const queryToken = params.parsed.searchParams.get("token")?.trim();
+  if (queryToken) {
+    return queryToken;
+  }
+  const headerToken = getHeader(params.req, "x-openclaw-token")?.trim();
+  if (headerToken) {
+    return headerToken;
+  }
+  return getBearerToken(params.req);
+}
+function isAuthorizedRequest(params: {
+  req: IncomingMessage;
+  parsed: URL;
+  config: ClawClampConfig;
+  gatewayToken?: string;
+}): boolean {
+  if (isLoopbackRequest(params.req)) {
+    return true;
+  }
+  const token = resolveAuthToken({ req: params.req, parsed: params.parsed });
+  if (!token) {
+    return false;
+  }
+  if (params.config.uiToken && token === params.config.uiToken) {
+    return true;
+  }
+  if (params.gatewayToken && token === params.gatewayToken) {
+    return true;
+  }
+  return false;
+}
 async function readJsonBody(req: IncomingMessage, limit = 64_000): Promise<unknown> {
   const chunks: Buffer[] = [];
   let size = 0;
@@ -109,6 +195,8 @@ export function createClawClampHttpHandler(params: {
   stateDir: string;
   config: ClawClampConfig;
   assetsDir: string;
+  gatewayToken?: string;
+  onPolicyUpdate?: () => Promise<void>;
 }) {
   const assetsDir = path.resolve(params.assetsDir);
@@ -118,6 +206,15 @@ export function createClawClampHttpHandler(params: {
       return false;
     }
+    if (!isAuthorizedRequest({ req, parsed, config: params.config, gatewayToken: params.gatewayToken })) {
+      if (parsed.pathname.startsWith(API_PREFIX)) {
+        sendJson(res, 401, { error: "unauthorized" });
+      } else {
+        sendText(res, 401, "Unauthorized");
+      }
+      return true;
+    }
     if (await serveAsset(req, res, assetsDir, parsed.pathname)) {
       return true;
     }
@@ -192,6 +289,88 @@ export function createClawClampHttpHandler(params: {
       return true;
     }
+    if (apiPath === "policies" && req.method === "GET") {
+      if (params.config.policyStoreUri) {
+        sendJson(res, 200, { readOnly: true, policies: [], schema: "" });
+        return true;
+      }
+      const { policies, schema } = await listPolicies({ stateDir: params.stateDir });
+      sendJson(res, 200, { readOnly: false, policies, schema });
+      return true;
+    }
+    if (apiPath === "policies" && req.method === "POST") {
+      if (params.config.policyStoreUri) {
+        sendJson(res, 400, { error: "policyStoreUri is read-only" });
+        return true;
+      }
+      try {
+        const body = (await readJsonBody(req)) as Record<string, unknown>;
+        const content = typeof body?.content === "string" ? body.content : "";
+        const id = typeof body?.id === "string" ? body.id : undefined;
+        if (!content.trim()) {
+          sendJson(res, 400, { error: "content is required" });
+          return true;
+        }
+        const policy = await createPolicy({ stateDir: params.stateDir, id, content });
+        if (params.onPolicyUpdate) {
+          await params.onPolicyUpdate();
+        }
+        sendJson(res, 200, { policy });
+        return true;
+      } catch (error) {
+        sendJson(res, 400, { error: error instanceof Error ? error.message : String(error) });
+        return true;
+      }
+    }
+    if (apiPath.startsWith("policies/") && req.method === "PUT") {
+      if (params.config.policyStoreUri) {
+        sendJson(res, 400, { error: "policyStoreUri is read-only" });
+        return true;
+      }
+      try {
+        const id = apiPath.slice("policies/".length);
+        if (!id) {
+          sendJson(res, 400, { error: "policy id required" });
+          return true;
+        }
+        const body = (await readJsonBody(req)) as Record<string, unknown>;
+        const content = typeof body?.content === "string" ? body.content : "";
+        if (!content.trim()) {
+          sendJson(res, 400, { error: "content is required" });
+          return true;
+        }
+        const policy = await updatePolicy({ stateDir: params.stateDir, id, content });
+        if (params.onPolicyUpdate) {
+          await params.onPolicyUpdate();
+        }
+        sendJson(res, 200, { policy });
+        return true;
+      } catch (error) {
+        sendJson(res, 400, { error: error instanceof Error ? error.message : String(error) });
+        return true;
+      }
+    }
+    if (apiPath.startsWith("policies/") && req.method === "DELETE") {
+      if (params.config.policyStoreUri) {
+        sendJson(res, 400, { error: "policyStoreUri is read-only" });
+        return true;
+      }
+      const id = apiPath.slice("policies/".length);
+      if (!id) {
+        sendJson(res, 400, { error: "policy id required" });
+        return true;
+      }
+      const ok = await deletePolicy({ stateDir: params.stateDir, id });
+      if (params.onPolicyUpdate) {
+        await params.onPolicyUpdate();
+      }
+      sendJson(res, 200, { ok });
+      return true;
+    }
     if (apiPath === "grants" && req.method === "GET") {
       const grants = await listGrants(params.stateDir);
       sendJson(res, 200, { grants });

package/src/policy-store.ts ADDED Viewed

@@ -0,0 +1,133 @@
+import fs from "node:fs/promises";
+import path from "node:path";
+import { randomUUID } from "node:crypto";
+import { readJsonFileWithFallback, writeJsonFileAtomically } from "openclaw/plugin-sdk";
+import type { ClawClampConfig } from "./types.js";
+import { withStateFileLock } from "./storage.js";
+import { buildDefaultPolicyStore } from "./policy.js";
+const POLICY_FILE = "policy-store.json";
+export type PolicyEntry = { id: string; content: string };
+export type PolicyStoreSnapshot = {
+  cedar_version: string;
+  schema: Record<string, string>;
+  policies: Record<string, { policy_content: string }>;
+};
+function resolvePolicyPath(stateDir: string): string {
+  return path.join(stateDir, "clawclamp", POLICY_FILE);
+}
+function decodeBase64(value: string): string {
+  return Buffer.from(value, "base64").toString("utf8");
+}
+function encodeBase64(value: string): string {
+  return Buffer.from(value, "utf8").toString("base64");
+}
+async function readPolicyStore(stateDir: string): Promise<PolicyStoreSnapshot> {
+  const filePath = resolvePolicyPath(stateDir);
+  const { value } = await readJsonFileWithFallback<PolicyStoreSnapshot>(
+    filePath,
+    buildDefaultPolicyStore() as PolicyStoreSnapshot,
+  );
+  return value;
+}
+async function writePolicyStore(stateDir: string, store: PolicyStoreSnapshot): Promise<void> {
+  const filePath = resolvePolicyPath(stateDir);
+  await fs.mkdir(path.dirname(filePath), { recursive: true });
+  await writeJsonFileAtomically(filePath, store);
+}
+export async function ensurePolicyStore(params: {
+  stateDir: string;
+  config: ClawClampConfig;
+}): Promise<{ json: string; readOnly: boolean } | { json?: undefined; readOnly: true }> {
+  if (params.config.policyStoreUri) {
+    return { readOnly: true };
+  }
+  return withStateFileLock(params.stateDir, "policy-store", async () => {
+    const filePath = resolvePolicyPath(params.stateDir);
+    try {
+      const raw = await fs.readFile(filePath, "utf8");
+      return { json: raw, readOnly: false };
+    } catch (error) {
+      const code = (error as { code?: string }).code;
+      if (code !== "ENOENT") {
+        throw error;
+      }
+    }
+    const initial = params.config.policyStoreLocal
+      ? (JSON.parse(params.config.policyStoreLocal) as PolicyStoreSnapshot)
+      : (buildDefaultPolicyStore() as PolicyStoreSnapshot);
+    await writePolicyStore(params.stateDir, initial);
+    return { json: JSON.stringify(initial), readOnly: false };
+  });
+}
+export async function listPolicies(params: {
+  stateDir: string;
+}): Promise<{ policies: PolicyEntry[]; schema: string }> {
+  return withStateFileLock(params.stateDir, "policy-store", async () => {
+    const store = await readPolicyStore(params.stateDir);
+    const policies: PolicyEntry[] = Object.entries(store.policies ?? {}).map(([id, payload]) => ({
+      id,
+      content: decodeBase64(payload.policy_content ?? ""),
+    }));
+    const schemaEncoded = store.schema?.["schema.json"] ?? "";
+    return { policies, schema: schemaEncoded ? decodeBase64(schemaEncoded) : "" };
+  });
+}
+export async function createPolicy(params: {
+  stateDir: string;
+  id?: string;
+  content: string;
+}): Promise<PolicyEntry> {
+  return withStateFileLock(params.stateDir, "policy-store", async () => {
+    const store = await readPolicyStore(params.stateDir);
+    const id = params.id?.trim() || `clawclamp-${randomUUID()}`;
+    if (!store.policies) {
+      store.policies = {};
+    }
+    if (store.policies[id]) {
+      throw new Error("policy id already exists");
+    }
+    store.policies[id] = { policy_content: encodeBase64(params.content) };
+    await writePolicyStore(params.stateDir, store);
+    return { id, content: params.content };
+  });
+}
+export async function updatePolicy(params: {
+  stateDir: string;
+  id: string;
+  content: string;
+}): Promise<PolicyEntry> {
+  return withStateFileLock(params.stateDir, "policy-store", async () => {
+    const store = await readPolicyStore(params.stateDir);
+    if (!store.policies?.[params.id]) {
+      throw new Error("policy id not found");
+    }
+    store.policies[params.id] = { policy_content: encodeBase64(params.content) };
+    await writePolicyStore(params.stateDir, store);
+    return { id: params.id, content: params.content };
+  });
+}
+export async function deletePolicy(params: { stateDir: string; id: string }): Promise<boolean> {
+  return withStateFileLock(params.stateDir, "policy-store", async () => {
+    const store = await readPolicyStore(params.stateDir);
+    if (!store.policies?.[params.id]) {
+      return false;
+    }
+    delete store.policies[params.id];
+    await writePolicyStore(params.stateDir, store);
+    return true;
+  });
+}

package/src/policy.ts CHANGED Viewed

@@ -24,11 +24,7 @@ action "Invoke" appliesTo {
 };
 `;
-const DEFAULT_POLICIES = [
-  `permit(principal, action, resource)
-when {
-  action == Action::"Invoke" && resource.risk == "low"
-};`,
+const DEFAULT_POLICIES: string[] = [
   `permit(principal, action, resource)
 when {
   action == Action::"Invoke" && context.grant_active == true

package/src/types.ts CHANGED Viewed

@@ -8,6 +8,7 @@ export type ClawClampConfig = {
   principalId: string;
   policyStoreUri?: string;
   policyStoreLocal?: string;
+  uiToken?: string;
   policyFailOpen: boolean;
   risk: {
     default: RiskLevel;