npm - clawclamp - Versions diffs - 0.1.7 → 0.1.8 - Mend

clawclamp 0.1.7 → 0.1.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/README.md CHANGED Viewed

@@ -20,7 +20,7 @@ plugins:
     clawclamp:
       enabled: true
       config:
-        mode: enforce
+        mode: gray
         principalId: openclaw
         policyStoreUri: file:///path/to/policy-store.json
         policyFailOpen: false
@@ -55,3 +55,4 @@ Policy management:
 - The UI includes a Cedar policy panel for CRUD.
 - If `policyStoreUri` is set, policies are read-only.
+- Default policy set is empty, so all tool calls are denied unless you add permit policies.

package/assets/app.js CHANGED Viewed

@@ -120,8 +120,17 @@ function renderAudit(entries) {
     row.className = "table-row";
     const badgeClass = decisionBadge(entry.decision);
     const canAllow = entry.decision === "deny" || entry.decision === "allow_grayed";
-    const isDenied = deniedTools.has(entry.toolName) || deniedTools.has("*");
-    const canDeny = entry.decision === "allow" && !isDenied;
+    const canDeny = entry.decision === "allow";
+    const paramsText =
+      entry.params && typeof entry.params === "object"
+        ? JSON.stringify(entry.params, null, 2)
+        : entry.params || "";
+    const meta = [
+      entry.toolCallId ? `toolCallId: ${entry.toolCallId}` : null,
+      entry.runId ? `runId: ${entry.runId}` : null,
+      entry.sessionKey ? `sessionKey: ${entry.sessionKey}` : null,
+      entry.agentId ? `agentId: ${entry.agentId}` : null,
+    ].filter(Boolean);
     row.innerHTML = `
       <div>${formatTime(entry.timestamp)}</div>
       <div class="mono">${entry.toolName}</div>
@@ -132,24 +141,22 @@ function renderAudit(entries) {
         ${canAllow ? "<button class=\"btn mini\" data-action=\"allow\">一键允许</button>" : ""}
         ${canDeny ? "<button class=\"btn mini warn\" data-action=\"deny\">一键拒绝</button>" : ""}
       </div>
+      <div class="audit-detail">
+        <div class="audit-meta">${meta.join(" · ")}</div>
+        ${paramsText ? `<pre>${paramsText}</pre>` : ""}
+      </div>
     `;
     const allowBtn = row.querySelector("button[data-action=\"allow\"]");
     if (allowBtn) {
       allowBtn.addEventListener("click", async () => {
-        await fetchJson(`${API_BASE}/grants`, {
-          method: "POST",
-          body: JSON.stringify({ toolName: entry.toolName }),
-        });
+        await applyPolicyChange("permit", entry.toolName);
         await refreshAll();
       });
     }
     const denyBtn = row.querySelector("button[data-action=\"deny\"]");
     if (denyBtn) {
       denyBtn.addEventListener("click", async () => {
-        await fetchJson(`${API_BASE}/denies`, {
-          method: "POST",
-          body: JSON.stringify({ toolName: entry.toolName }),
-        });
+        await applyPolicyChange("forbid", entry.toolName);
         await refreshAll();
       });
     }
@@ -195,8 +202,6 @@ async function refreshAll() {
   renderMode(state);
   const grants = await fetchJson(`${API_BASE}/grants`);
   renderGrants(grants.grants || []);
-  const denies = await fetchJson(`${API_BASE}/denies`);
-  deniedTools = new Set(denies.tools || []);
   const logs = await fetchJson(`${API_BASE}/logs`);
   renderAudit(logs.entries || []);
   await refreshPolicies();
@@ -240,6 +245,39 @@ grantForm.addEventListener("submit", async (event) => {
 refreshAll();
 setInterval(refreshAll, 10_000);
+function sanitizeIdPart(value) {
+  return value.toLowerCase().replace(/[^a-z0-9_-]+/g, "_").slice(0, 64);
+}
+function policyIdPrefix(effect, toolName) {
+  return `ui-${effect}:${sanitizeIdPart(toolName)}:`;
+}
+function policyBody(effect, toolName) {
+  const keyword = effect === "forbid" ? "forbid" : "permit";
+  return `${keyword}(principal, action, resource)\nwhen {\n  action == Action::\"Invoke\" && resource.name == \"${toolName}\"\n};`;
+}
+async function removePoliciesByPrefix(prefix) {
+  const targets = policies.filter((policy) => policy.id.startsWith(prefix));
+  for (const policy of targets) {
+    await fetchJson(`${API_BASE}/policies/${encodeURIComponent(policy.id)}`, {
+      method: "DELETE",
+    });
+  }
+}
+async function applyPolicyChange(effect, toolName) {
+  const opposite = effect === "permit" ? "forbid" : "permit";
+  await removePoliciesByPrefix(policyIdPrefix(opposite, toolName));
+  const id = `${policyIdPrefix(effect, toolName)}${Date.now()}`;
+  const content = policyBody(effect, toolName);
+  await fetchJson(`${API_BASE}/policies`, {
+    method: "POST",
+    body: JSON.stringify({ id, content }),
+  });
+}
 policyCreateBtn.addEventListener("click", async () => {
   const id = policyIdInput.value.trim();
   const content = policyContentInput.value.trim();

package/assets/styles.css CHANGED Viewed

@@ -232,6 +232,26 @@ input {
   flex-wrap: wrap;
 }
+.audit-detail {
+  grid-column: 1 / -1;
+  border-top: 1px dashed var(--border);
+  margin-top: 6px;
+  padding-top: 6px;
+  font-size: 0.72rem;
+  color: var(--muted);
+}
+.audit-detail pre {
+  margin: 6px 0 0;
+  padding: 8px;
+  border-radius: 6px;
+  border: 1px solid var(--border);
+  background: #f3f5f9;
+  font-size: 0.72rem;
+  line-height: 1.35;
+  overflow: auto;
+}
 .policy-grid {
   display: grid;
   grid-template-columns: 220px 1fr;

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "clawclamp",
-  "version": "0.1.7",
+  "version": "0.1.8",
   "description": "OpenClaw Cedar authorization guard with audit UI",
   "type": "module",
   "dependencies": {

package/src/config.ts CHANGED Viewed

@@ -31,7 +31,7 @@ const DEFAULT_RISK_OVERRIDES: Record<string, RiskLevel> = {
 export const DEFAULT_CLAWCLAMP_CONFIG: ClawClampConfig = {
   enabled: true,
-  mode: "enforce",
+  mode: "gray",
   principalId: "openclaw",
   policyFailOpen: false,
   risk: {

package/src/guard.ts CHANGED Viewed

@@ -9,7 +9,6 @@ import { getCedarling } from "./cedarling.js";
 import { appendAuditEntry, createAuditEntryId } from "./audit.js";
 import { listGrants, findActiveGrant } from "./grants.js";
 import { getModeOverride } from "./mode.js";
-import { isToolDenied, listDeniedTools } from "./denies.js";
 import { buildDefaultPolicyStore } from "./policy.js";
 import { ensurePolicyStore } from "./policy-store.js";
 import type { AuditEntry, ClawClampConfig, ClawClampMode, RiskLevel } from "./types.js";
@@ -173,13 +172,9 @@ export class ClawClampService {
     const auditId = createAuditEntryId();
     const mode = await this.getEffectiveMode();
     const grant = await this.resolveGrant(toolName);
-    const deniedTools = await listDeniedTools(this.stateDir);
-    const explicitlyDenied = isToolDenied(deniedTools, toolName);
     let cedarDecision: CedarEvaluation;
-    if (explicitlyDenied) {
-      cedarDecision = { decision: "deny", reason: "Denied by operator" };
-    } else if (this.config.enabled) {
+    if (this.config.enabled) {
       const cedarling = await this.getCedarlingInstance();
       cedarDecision = await evaluateCedar({
         cedarling,

package/src/http.ts CHANGED Viewed

@@ -4,7 +4,6 @@ import type { IncomingMessage, ServerResponse } from "node:http";
 import { listGrants, createGrant, revokeGrant } from "./grants.js";
 import { readAuditEntries } from "./audit.js";
 import { getModeOverride, setModeOverride } from "./mode.js";
-import { addDeniedTool, listDeniedTools, removeDeniedTool } from "./denies.js";
 import { createPolicy, deletePolicy, listPolicies, updatePolicy } from "./policy-store.js";
 import type { ClawClampConfig, ClawClampMode } from "./types.js";
@@ -290,40 +289,6 @@ export function createClawClampHttpHandler(params: {
       return true;
     }
-    if (apiPath === "denies" && req.method === "GET") {
-      const tools = await listDeniedTools(params.stateDir);
-      sendJson(res, 200, { tools });
-      return true;
-    }
-    if (apiPath === "denies" && req.method === "POST") {
-      try {
-        const body = (await readJsonBody(req)) as Record<string, unknown>;
-        const toolName = typeof body?.toolName === "string" ? body.toolName.trim() : "";
-        if (!toolName) {
-          sendJson(res, 400, { error: "toolName is required" });
-          return true;
-        }
-        const tools = await addDeniedTool(params.stateDir, toolName);
-        sendJson(res, 200, { tools });
-        return true;
-      } catch (error) {
-        sendJson(res, 400, { error: error instanceof Error ? error.message : String(error) });
-        return true;
-      }
-    }
-    if (apiPath.startsWith("denies/") && req.method === "DELETE") {
-      const toolName = apiPath.slice("denies/".length);
-      if (!toolName) {
-        sendJson(res, 400, { error: "toolName is required" });
-        return true;
-      }
-      const tools = await removeDeniedTool(params.stateDir, toolName);
-      sendJson(res, 200, { tools });
-      return true;
-    }
     if (apiPath === "policies" && req.method === "GET") {
       if (params.config.policyStoreUri) {
         sendJson(res, 200, { readOnly: true, policies: [], schema: "" });

package/src/policy.ts CHANGED Viewed

@@ -24,11 +24,7 @@ action "Invoke" appliesTo {
 };
 `;
-const DEFAULT_POLICIES = [
-  `permit(principal, action, resource)
-when {
-  action == Action::"Invoke" && resource.risk == "low"
-};`,
+const DEFAULT_POLICIES: string[] = [
   `permit(principal, action, resource)
 when {
   action == Action::"Invoke" && context.grant_active == true

package/src/denies.ts DELETED Viewed

@@ -1,75 +0,0 @@
-import fs from "node:fs/promises";
-import path from "node:path";
-import { readJsonFileWithFallback, writeJsonFileAtomically } from "openclaw/plugin-sdk";
-import { withStateFileLock } from "./storage.js";
-const DENIES_FILE = "denies.json";
-type DenyState = {
-  tools: string[];
-};
-const EMPTY_STATE: DenyState = { tools: [] };
-function resolveDenyPath(stateDir: string): string {
-  return path.join(stateDir, "clawclamp", DENIES_FILE);
-}
-async function readDenyState(stateDir: string): Promise<DenyState> {
-  const filePath = resolveDenyPath(stateDir);
-  const { value } = await readJsonFileWithFallback(filePath, EMPTY_STATE);
-  if (!value || typeof value !== "object" || Array.isArray(value)) {
-    return { tools: [] };
-  }
-  const tools = Array.isArray((value as DenyState).tools) ? (value as DenyState).tools : [];
-  return { tools };
-}
-async function writeDenyState(stateDir: string, state: DenyState): Promise<void> {
-  const filePath = resolveDenyPath(stateDir);
-  await fs.mkdir(path.dirname(filePath), { recursive: true });
-  await writeJsonFileAtomically(filePath, state);
-}
-function normalizeToolName(toolName: string): string {
-  return toolName.trim();
-}
-export async function listDeniedTools(stateDir: string): Promise<string[]> {
-  return withStateFileLock(stateDir, "denies", async () => {
-    const state = await readDenyState(stateDir);
-    return state.tools;
-  });
-}
-export async function addDeniedTool(stateDir: string, toolName: string): Promise<string[]> {
-  return withStateFileLock(stateDir, "denies", async () => {
-    const state = await readDenyState(stateDir);
-    const normalized = normalizeToolName(toolName);
-    if (!normalized) {
-      return state.tools;
-    }
-    if (!state.tools.includes(normalized)) {
-      state.tools.push(normalized);
-      await writeDenyState(stateDir, state);
-    }
-    return state.tools;
-  });
-}
-export async function removeDeniedTool(stateDir: string, toolName: string): Promise<string[]> {
-  return withStateFileLock(stateDir, "denies", async () => {
-    const state = await readDenyState(stateDir);
-    const normalized = normalizeToolName(toolName);
-    const next = state.tools.filter((tool) => tool !== normalized);
-    if (next.length !== state.tools.length) {
-      await writeDenyState(stateDir, { tools: next });
-      return next;
-    }
-    return state.tools;
-  });
-}
-export function isToolDenied(deniedTools: string[], toolName: string): boolean {
-  return deniedTools.includes(toolName) || deniedTools.includes("*");
-}