securityclaw 0.0.1

package/src/infrastructure/adapters/notification_adapter.ts

@@ -0,0 +1,173 @@
+import type {
+  NotificationPort,
+  NotificationTarget,
+  NotificationOptions,
+  NotificationResult,
+  ApprovalChannel
+} from "../../domain/ports/notification_port.ts";
+import type { OpenClawAdapter } from "../../domain/ports/openclaw_adapter.ts";
+
+function normalizeThreadId(threadId: string | number | undefined): number | undefined {
+  if (typeof threadId === "number" && Number.isInteger(threadId)) {
+    return threadId;
+  }
+  if (typeof threadId === "string" && /^\d+$/.test(threadId.trim())) {
+    return Number(threadId.trim());
+  }
+  return undefined;
+}
+
+function nowIsoString(): string {
+  return new Date(Date.now()).toISOString();
+}
+
+abstract class BaseNotificationAdapter implements NotificationPort {
+  constructor(protected adapter: OpenClawAdapter) {}
+
+  abstract send(target: NotificationTarget, message: string, options?: NotificationOptions): Promise<NotificationResult>;
+
+  protected createBaseResult(target: NotificationTarget): NotificationResult {
+    const result: NotificationResult = {
+      channel: target.channel,
+      to: target.to,
+      sentAt: nowIsoString()
+    };
+    if (target.accountId) {
+      result.accountId = target.accountId;
+    }
+    const threadId = normalizeThreadId(target.threadId);
+    if (threadId !== undefined) {
+      result.threadId = threadId;
+    }
+    return result;
+  }
+}
+
+class TelegramNotificationAdapter extends BaseNotificationAdapter {
+  async send(target: NotificationTarget, message: string, options?: NotificationOptions): Promise<NotificationResult> {
+    const result = await this.adapter.sendTelegram(target.to, message, {
+      cfg: this.adapter.config,
+      ...(target.accountId ? { accountId: target.accountId } : {}),
+      ...(normalizeThreadId(target.threadId) !== undefined ? { messageThreadId: normalizeThreadId(target.threadId) } : {}),
+      ...(options?.buttons ? { buttons: options.buttons } : {})
+    });
+    
+    const notification = this.createBaseResult(target);
+    if (result?.messageId) {
+      notification.messageId = result.messageId;
+    }
+    return notification;
+  }
+}
+
+class DiscordNotificationAdapter extends BaseNotificationAdapter {
+  async send(target: NotificationTarget, message: string, _options?: NotificationOptions): Promise<NotificationResult> {
+    const result = await this.adapter.sendDiscord(target.to, message, {
+      cfg: this.adapter.config,
+      ...(target.accountId ? { accountId: target.accountId } : {})
+    });
+    
+    const notification = this.createBaseResult(target);
+    if (result?.messageId) {
+      notification.messageId = result.messageId;
+    }
+    return notification;
+  }
+}
+
+class SlackNotificationAdapter extends BaseNotificationAdapter {
+  async send(target: NotificationTarget, message: string, _options?: NotificationOptions): Promise<NotificationResult> {
+    const result = await this.adapter.sendSlack(target.to, message, {
+      cfg: this.adapter.config,
+      ...(target.accountId ? { accountId: target.accountId } : {})
+    });
+    
+    const notification = this.createBaseResult(target);
+    if (result?.messageId) {
+      notification.messageId = result.messageId;
+    }
+    return notification;
+  }
+}
+
+class SignalNotificationAdapter extends BaseNotificationAdapter {
+  async send(target: NotificationTarget, message: string, _options?: NotificationOptions): Promise<NotificationResult> {
+    const result = await this.adapter.sendSignal(target.to, message, {
+      cfg: this.adapter.config,
+      ...(target.accountId ? { accountId: target.accountId } : {})
+    });
+    
+    const notification = this.createBaseResult(target);
+    if (result?.messageId) {
+      notification.messageId = result.messageId;
+    }
+    return notification;
+  }
+}
+
+class IMessageNotificationAdapter extends BaseNotificationAdapter {
+  async send(target: NotificationTarget, message: string, _options?: NotificationOptions): Promise<NotificationResult> {
+    const result = await this.adapter.sendIMessage(target.to, message, {
+      cfg: this.adapter.config,
+      ...(target.accountId ? { accountId: target.accountId } : {})
+    });
+    
+    const notification = this.createBaseResult(target);
+    if (result?.messageId) {
+      notification.messageId = result.messageId;
+    }
+    return notification;
+  }
+}
+
+class WhatsAppNotificationAdapter extends BaseNotificationAdapter {
+  async send(target: NotificationTarget, message: string, _options?: NotificationOptions): Promise<NotificationResult> {
+    const result = await this.adapter.sendWhatsApp(target.to, message, {
+      cfg: this.adapter.config
+    });
+    
+    const notification = this.createBaseResult(target);
+    if (result?.messageId) {
+      notification.messageId = result.messageId;
+    }
+    return notification;
+  }
+}
+
+class LineNotificationAdapter extends BaseNotificationAdapter {
+  async send(target: NotificationTarget, message: string, _options?: NotificationOptions): Promise<NotificationResult> {
+    const result = await this.adapter.sendLine(target.to, message, {
+      cfg: this.adapter.config,
+      ...(target.accountId ? { accountId: target.accountId } : {})
+    });
+    
+    const notification = this.createBaseResult(target);
+    if (result?.messageId) {
+      notification.messageId = result.messageId;
+    }
+    return notification;
+  }
+}
+
+export class NotificationAdapterFactory {
+  static create(channel: ApprovalChannel, adapter: OpenClawAdapter): NotificationPort {
+    switch (channel) {
+      case "telegram":
+        return new TelegramNotificationAdapter(adapter);
+      case "discord":
+        return new DiscordNotificationAdapter(adapter);
+      case "slack":
+        return new SlackNotificationAdapter(adapter);
+      case "signal":
+        return new SignalNotificationAdapter(adapter);
+      case "imessage":
+        return new IMessageNotificationAdapter(adapter);
+      case "whatsapp":
+        return new WhatsAppNotificationAdapter(adapter);
+      case "line":
+        return new LineNotificationAdapter(adapter);
+      default:
+        throw new Error(`Unsupported notification channel: ${channel}`);
+    }
+  }
+}

package/src/infrastructure/adapters/openclaw_adapter_impl.ts

@@ -0,0 +1,59 @@
+import type { OpenClawAdapter, OpenClawLogger, OpenClawConfig } from "../../domain/ports/openclaw_adapter.ts";
+
+// This is a type from openclaw package that we need to reference
+type OpenClawPluginApi = {
+  logger: OpenClawLogger;
+  config: OpenClawConfig;
+  pluginConfig?: unknown;
+  runtime: {
+    channel: {
+      telegram: { sendMessageTelegram: (to: string, text: string, opts?: Record<string, unknown>) => Promise<{ messageId?: string }> };
+      discord: { sendMessageDiscord: (to: string, text: string, opts?: Record<string, unknown>) => Promise<{ messageId?: string }> };
+      slack: { sendMessageSlack: (to: string, text: string, opts?: Record<string, unknown>) => Promise<{ messageId?: string }> };
+      signal: { sendMessageSignal: (to: string, text: string, opts?: Record<string, unknown>) => Promise<{ messageId?: string }> };
+      imessage: { sendMessageIMessage: (to: string, text: string, opts?: Record<string, unknown>) => Promise<{ messageId?: string }> };
+      whatsapp: { sendMessageWhatsApp: (to: string, text: string, opts?: Record<string, unknown>) => Promise<{ messageId?: string }> };
+      line: { pushMessageLine: (to: string, text: string, opts?: Record<string, unknown>) => Promise<{ messageId?: string }> };
+    };
+  };
+};
+
+export class OpenClawAdapterImpl implements OpenClawAdapter {
+  readonly logger: OpenClawLogger;
+  readonly config: OpenClawConfig;
+  private api: OpenClawPluginApi;
+
+  constructor(api: OpenClawPluginApi) {
+    this.api = api;
+    this.logger = api.logger;
+    this.config = api.config;
+  }
+
+  async sendTelegram(to: string, text: string, opts?: Record<string, unknown>): Promise<{ messageId?: string }> {
+    return this.api.runtime.channel.telegram.sendMessageTelegram(to, text, opts);
+  }
+
+  async sendDiscord(to: string, text: string, opts?: Record<string, unknown>): Promise<{ messageId?: string }> {
+    return this.api.runtime.channel.discord.sendMessageDiscord(to, text, opts);
+  }
+
+  async sendSlack(to: string, text: string, opts?: Record<string, unknown>): Promise<{ messageId?: string }> {
+    return this.api.runtime.channel.slack.sendMessageSlack(to, text, opts);
+  }
+
+  async sendSignal(to: string, text: string, opts?: Record<string, unknown>): Promise<{ messageId?: string }> {
+    return this.api.runtime.channel.signal.sendMessageSignal(to, text, opts);
+  }
+
+  async sendIMessage(to: string, text: string, opts?: Record<string, unknown>): Promise<{ messageId?: string }> {
+    return this.api.runtime.channel.imessage.sendMessageIMessage(to, text, opts);
+  }
+
+  async sendWhatsApp(to: string, text: string, opts?: Record<string, unknown>): Promise<{ messageId?: string }> {
+    return this.api.runtime.channel.whatsapp.sendMessageWhatsApp(to, text, opts);
+  }
+
+  async sendLine(to: string, text: string, opts?: Record<string, unknown>): Promise<{ messageId?: string }> {
+    return this.api.runtime.channel.line.pushMessageLine(to, text, opts);
+  }
+}

package/src/infrastructure/config/plugin_config_parser.ts

@@ -0,0 +1,105 @@
+import os from "node:os";
+import path from "node:path";
+
+export interface SecurityClawPluginConfig {
+  configPath?: string;
+  overridePath?: string;
+  dbPath?: string;
+  webhookUrl?: string;
+  policyVersion?: string;
+  environment?: string;
+  approvalTtlSeconds?: number;
+  persistMode?: "strict" | "compat";
+  decisionLogMaxLength?: number;
+  statusPath?: string;
+  adminAutoStart?: boolean;
+  adminPort?: number;
+}
+
+export interface ResolvedPluginRuntime {
+  configPath: string;
+  dbPath: string;
+  legacyOverridePath: string;
+  statusPath: string;
+  protectedDataDir?: string;
+  protectedDbPaths: string[];
+}
+
+const SECURITYCLAW_EXTENSION_STATE_SEGMENTS = ["extensions", "securityclaw"] as const;
+const DEFAULT_DB_FILE_NAME = "securityclaw.db";
+const DEFAULT_STATUS_FILE_NAME = "securityclaw-status.json";
+const SQLITE_ARTIFACT_SUFFIXES = ["", "-shm", "-wal"] as const;
+
+function hasText(value: string | undefined): value is string {
+  return typeof value === "string" && value.trim().length > 0;
+}
+
+function resolveAbsoluteStoragePath(configuredPath: string | undefined): string | undefined {
+  return hasText(configuredPath) && path.isAbsolute(configuredPath) ? path.resolve(configuredPath) : undefined;
+}
+
+function sqliteArtifactPaths(dbPath: string): string[] {
+  return SQLITE_ARTIFACT_SUFFIXES.map((suffix) => `${dbPath}${suffix}`);
+}
+
+export function resolveDefaultOpenClawStateDir(env: NodeJS.ProcessEnv = process.env): string {
+  return hasText(env.OPENCLAW_HOME) ? path.resolve(env.OPENCLAW_HOME) : path.join(os.homedir(), ".openclaw");
+}
+
+export function resolveSecurityClawStateDir(stateDir: string): string {
+  const normalizedStateDir = path.resolve(stateDir);
+  const pluginSuffix = path.join(...SECURITYCLAW_EXTENSION_STATE_SEGMENTS);
+  if (
+    normalizedStateDir === pluginSuffix ||
+    normalizedStateDir.endsWith(`${path.sep}${pluginSuffix}`)
+  ) {
+    return normalizedStateDir;
+  }
+  return path.join(normalizedStateDir, ...SECURITYCLAW_EXTENSION_STATE_SEGMENTS);
+}
+
+export function resolveDefaultSecurityClawDbPath(stateDir: string): string {
+  return path.join(resolveSecurityClawStateDir(stateDir), "data", DEFAULT_DB_FILE_NAME);
+}
+
+export function resolveDefaultSecurityClawStatusPath(stateDir: string): string {
+  return path.join(resolveSecurityClawStateDir(stateDir), "runtime", DEFAULT_STATUS_FILE_NAME);
+}
+
+export class PluginConfigParser {
+  static resolve(
+    pluginRoot: string,
+    pluginConfig: SecurityClawPluginConfig,
+    stateDir = resolveDefaultOpenClawStateDir(),
+  ): ResolvedPluginRuntime {
+    const defaultDbPath = resolveDefaultSecurityClawDbPath(stateDir);
+    const defaultStatusPath = resolveDefaultSecurityClawStatusPath(stateDir);
+    const configuredDbPath = resolveAbsoluteStoragePath(pluginConfig.dbPath);
+    const configuredStatusPath = resolveAbsoluteStoragePath(pluginConfig.statusPath);
+    const usingDefaultDbPath = configuredDbPath === undefined;
+    const configPath = pluginConfig.configPath
+      ? path.isAbsolute(pluginConfig.configPath)
+        ? pluginConfig.configPath
+        : path.resolve(pluginRoot, pluginConfig.configPath)
+      : path.resolve(pluginRoot, "./config/policy.default.yaml");
+
+    const dbPath = configuredDbPath ?? defaultDbPath;
+
+    const legacyOverridePath = pluginConfig.overridePath
+      ? path.isAbsolute(pluginConfig.overridePath)
+        ? pluginConfig.overridePath
+        : path.resolve(pluginRoot, pluginConfig.overridePath)
+      : path.resolve(pluginRoot, "./config/policy.overrides.json");
+
+    const statusPath = configuredStatusPath ?? defaultStatusPath;
+
+    return {
+      configPath,
+      dbPath,
+      legacyOverridePath,
+      statusPath,
+      ...(usingDefaultDbPath ? { protectedDataDir: path.dirname(dbPath) } : {}),
+      protectedDbPaths: sqliteArtifactPaths(dbPath),
+    };
+  }
+}