npm - switchroom - Versions diffs - 0.12.13 → 0.12.15 - Mend

switchroom 0.12.13 → 0.12.15

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (15) hide show

package/README.md +107 -371
package/dist/cli/switchroom.js +627 -386
package/dist/vault/approvals/kernel-server.js +88 -1
package/dist/vault/broker/server.js +132 -2
package/package.json +1 -1
package/telegram-plugin/dist/gateway/gateway.js +289 -81
package/telegram-plugin/gateway/approval-callback.test.ts +49 -1
package/telegram-plugin/gateway/approval-callback.ts +85 -56
package/telegram-plugin/gateway/gateway.ts +168 -19
package/telegram-plugin/gateway/pending-inbound-buffer.ts +39 -0
package/telegram-plugin/gateway/pending-permission-decisions.ts +112 -0
package/telegram-plugin/gateway/vault-grant-inbound-builders.ts +117 -0
package/telegram-plugin/tests/pending-inbound-buffer.test.ts +71 -1
package/telegram-plugin/tests/pending-permission-decisions.test.ts +73 -0
package/telegram-plugin/tests/vault-save-inbound-builders.test.ts +96 -0

package/dist/vault/approvals/kernel-server.js CHANGED Viewed

@@ -11719,6 +11719,24 @@ var LockRequestSchema = exports_external.object({
   v: exports_external.literal(1),
   op: exports_external.literal("lock")
 });
+var PreflightAccessRequestSchema = exports_external.object({
+  v: exports_external.literal(1),
+  op: exports_external.literal("preflight_access"),
+  agent: exports_external.string().min(1),
+  keys: exports_external.array(exports_external.string().min(1)).min(1).max(128)
+});
+var OkPreflightAccessResponseSchema = exports_external.object({
+  ok: exports_external.literal(true),
+  op: exports_external.literal("preflight_access"),
+  results: exports_external.array(exports_external.object({
+    key: exports_external.string(),
+    exists: exports_external.boolean(),
+    acl_ok: exports_external.boolean(),
+    acl_reason: exports_external.string().optional(),
+    scope_ok: exports_external.boolean(),
+    scope_reason: exports_external.string().optional()
+  }))
+});
 var ApprovalRequestRequestSchema = exports_external.object({
   v: exports_external.literal(1),
   op: exports_external.literal("approval_request"),
@@ -11770,12 +11788,22 @@ var ApprovalRecordRequestSchema = exports_external.object({
   granted_by_user_id: exports_external.number().int(),
   ttl_ms: exports_external.number().int().positive().nullable().optional()
 });
+var ApprovalConsumeRecordRequestSchema = exports_external.object({
+  v: exports_external.literal(1),
+  op: exports_external.literal("approval_consume_record"),
+  request_id: exports_external.string().regex(/^[0-9a-f]{32}$/),
+  decision: ApprovalDecisionModeSchema,
+  approver_set: exports_external.array(exports_external.string()),
+  granted_by_user_id: exports_external.number().int(),
+  ttl_ms: exports_external.number().int().positive().nullable().optional()
+});
 var RequestSchema = exports_external.discriminatedUnion("op", [
   GetRequestSchema,
   PutRequestSchema,
   ListRequestSchema,
   StatusRequestSchema,
   LockRequestSchema,
+  PreflightAccessRequestSchema,
   MintGrantRequestSchema,
   ListGrantsRequestSchema,
   RevokeGrantRequestSchema,
@@ -11784,7 +11812,8 @@ var RequestSchema = exports_external.discriminatedUnion("op", [
   ApprovalConsumeRequestSchema,
   ApprovalRevokeRequestSchema,
   ApprovalListRequestSchema,
-  ApprovalRecordRequestSchema
+  ApprovalRecordRequestSchema,
+  ApprovalConsumeRecordRequestSchema
 ]);
 var VaultEntrySchema = exports_external.union([
   exports_external.object({ kind: exports_external.literal("string"), value: exports_external.string() }),
@@ -11906,6 +11935,15 @@ var OkApprovalRecordResponseSchema = exports_external.object({
   ok: exports_external.literal(true),
   decision_id: exports_external.string()
 });
+var OkApprovalConsumeRecordResponseSchema = exports_external.object({
+  ok: exports_external.literal(true),
+  consumed: exports_external.boolean(),
+  decision_id: exports_external.string().optional(),
+  agent_unit: exports_external.string().optional(),
+  scope: exports_external.string().optional(),
+  action: exports_external.string().optional(),
+  why: exports_external.string().nullable().optional()
+});
 var ErrorResponseSchema = exports_external.object({
   ok: exports_external.literal(false),
   code: ErrorCode,
@@ -11916,6 +11954,7 @@ var ResponseSchema = exports_external.union([
   OkKeysResponseSchema,
   OkStatusResponseSchema,
   OkLockResponseSchema,
+  OkPreflightAccessResponseSchema,
   OkPutResponseSchema,
   OkMintGrantResponseSchema,
   OkListGrantsResponseSchema,
@@ -11926,6 +11965,7 @@ var ResponseSchema = exports_external.union([
   OkApprovalRevokeResponseSchema,
   OkApprovalListResponseSchema,
   OkApprovalRecordResponseSchema,
+  OkApprovalConsumeRecordResponseSchema,
   ErrorResponseSchema
 ]);
 function decodeRequest(line) {
@@ -12244,6 +12284,22 @@ function recordDecision(db, input, now = Date.now()) {
   });
   return id;
 }
+function consumeAndRecord(db, input, now = Date.now()) {
+  const run = db.transaction(() => {
+    const nonce = consumeNonce(db, input.request_id, now);
+    if (nonce === null)
+      return { consumed: false };
+    const decision_id = recordDecision(db, {
+      nonce,
+      decision: input.decision,
+      approver_set: input.approver_set,
+      granted_by_user_id: input.granted_by_user_id,
+      ttl_ms: input.ttl_ms
+    }, now);
+    return { consumed: true, decision_id, nonce };
+  });
+  return run();
+}
 function revokeDecision(db, decision_id, actor, reason, now = Date.now()) {
   const row = db.query(`SELECT * FROM approval_decisions WHERE id = ?`).get(decision_id);
   if (!row)
@@ -12953,6 +13009,37 @@ function handleRequest(socket, req, agent, db, peerUid, isOperator = false) {
     socket.write(encodeResponse({ ok: true, decision_id }));
     return;
   }
+  if (req.op === "approval_consume_record") {
+    const peek = getNonce(db, req.request_id);
+    if (peek !== null) {
+      const acl = checkApprovalAclByAgent(agent, peek.agent_unit);
+      if (!acl.allow) {
+        socket.write(encodeResponse(errorResponse("DENIED", "approval_consume_record denied: nonce does not belong to the calling agent")));
+        return;
+      }
+    }
+    const res = consumeAndRecord(db, {
+      request_id: req.request_id,
+      decision: req.decision,
+      approver_set: req.approver_set,
+      granted_by_user_id: req.granted_by_user_id,
+      ttl_ms: req.ttl_ms ?? undefined
+    });
+    if (!res.consumed) {
+      socket.write(encodeResponse({ ok: true, consumed: false }));
+      return;
+    }
+    socket.write(encodeResponse({
+      ok: true,
+      consumed: true,
+      decision_id: res.decision_id,
+      agent_unit: res.nonce.agent_unit,
+      scope: res.nonce.scope,
+      action: res.nonce.action,
+      why: res.nonce.why
+    }));
+    return;
+  }
   if (req.op === "approval_list") {
     const decisions = listDecisions(db, { agent_unit: req.agent_unit });
     const meta = decisions.map((d) => ({

package/dist/vault/broker/server.js CHANGED Viewed

@@ -12899,6 +12899,48 @@ function readAutoUnlockFile(filePath) {
 }
 var DEFAULT_AUTO_UNLOCK_PATH = "~/.switchroom/vault-auto-unlock";
+// src/config/google-workspace-acl.ts
+function shouldEmitGdriveMcp(agentName, agentGoogleAccount, googleAccounts) {
+  if (!agentGoogleAccount)
+    return false;
+  const account = agentGoogleAccount.trim().toLowerCase();
+  if (account.length === 0)
+    return false;
+  const acctEntry = googleAccounts?.[account];
+  if (!acctEntry)
+    return false;
+  const enabledFor = acctEntry.enabled_for ?? [];
+  return enabledFor.includes(agentName);
+}
+function vaultRefKey(value) {
+  if (typeof value !== "string" || !value.startsWith("vault:"))
+    return null;
+  const key = value.slice("vault:".length).split("#")[0];
+  return key.length > 0 ? key : null;
+}
+function isGoogleClientCredentialKeyForAgent(config, agentName, key) {
+  if (!agentName || !key)
+    return false;
+  const agentConfig = config.agents?.[agentName];
+  if (!agentConfig)
+    return false;
+  if (agentConfig.mcp_servers?.["gdrive"] === false) {
+    return false;
+  }
+  const account = agentConfig.google_workspace?.account;
+  if (!shouldEmitGdriveMcp(agentName, account, config.google_accounts)) {
+    return false;
+  }
+  const gw = config.google_workspace;
+  if (!gw)
+    return false;
+  for (const ref of [gw.google_client_id, gw.google_client_secret]) {
+    if (vaultRefKey(ref) === key)
+      return true;
+  }
+  return false;
+}
 // src/vault/broker/acl.ts
 function parseCronUnit(unitName) {
   const m = unitName.match(/^switchroom-([a-zA-Z0-9_-]+)-cron-(\d+)\.service$/);
@@ -12986,6 +13028,9 @@ function checkAclByAgent(config, agentName, key) {
   if (googleSlot !== null) {
     return checkGoogleAccountAcl(config, agentName, googleSlot.account, key);
   }
+  if (isGoogleClientCredentialKeyForAgent(config, agentName, key)) {
+    return { allow: true };
+  }
   const agentBot = agentConfig.bot_token;
   const botRef = agentBot && agentBot.length > 0 ? agentBot : config.telegram?.bot_token;
   if (typeof botRef === "string" && botRef.startsWith("vault:")) {
@@ -13102,6 +13147,24 @@ var LockRequestSchema = exports_external.object({
   v: exports_external.literal(1),
   op: exports_external.literal("lock")
 });
+var PreflightAccessRequestSchema = exports_external.object({
+  v: exports_external.literal(1),
+  op: exports_external.literal("preflight_access"),
+  agent: exports_external.string().min(1),
+  keys: exports_external.array(exports_external.string().min(1)).min(1).max(128)
+});
+var OkPreflightAccessResponseSchema = exports_external.object({
+  ok: exports_external.literal(true),
+  op: exports_external.literal("preflight_access"),
+  results: exports_external.array(exports_external.object({
+    key: exports_external.string(),
+    exists: exports_external.boolean(),
+    acl_ok: exports_external.boolean(),
+    acl_reason: exports_external.string().optional(),
+    scope_ok: exports_external.boolean(),
+    scope_reason: exports_external.string().optional()
+  }))
+});
 var ApprovalRequestRequestSchema = exports_external.object({
   v: exports_external.literal(1),
   op: exports_external.literal("approval_request"),
@@ -13153,12 +13216,22 @@ var ApprovalRecordRequestSchema = exports_external.object({
   granted_by_user_id: exports_external.number().int(),
   ttl_ms: exports_external.number().int().positive().nullable().optional()
 });
+var ApprovalConsumeRecordRequestSchema = exports_external.object({
+  v: exports_external.literal(1),
+  op: exports_external.literal("approval_consume_record"),
+  request_id: exports_external.string().regex(/^[0-9a-f]{32}$/),
+  decision: ApprovalDecisionModeSchema,
+  approver_set: exports_external.array(exports_external.string()),
+  granted_by_user_id: exports_external.number().int(),
+  ttl_ms: exports_external.number().int().positive().nullable().optional()
+});
 var RequestSchema = exports_external.discriminatedUnion("op", [
   GetRequestSchema,
   PutRequestSchema,
   ListRequestSchema,
   StatusRequestSchema,
   LockRequestSchema,
+  PreflightAccessRequestSchema,
   MintGrantRequestSchema,
   ListGrantsRequestSchema,
   RevokeGrantRequestSchema,
@@ -13167,7 +13240,8 @@ var RequestSchema = exports_external.discriminatedUnion("op", [
   ApprovalConsumeRequestSchema,
   ApprovalRevokeRequestSchema,
   ApprovalListRequestSchema,
-  ApprovalRecordRequestSchema
+  ApprovalRecordRequestSchema,
+  ApprovalConsumeRecordRequestSchema
 ]);
 var VaultEntrySchema = exports_external.union([
   exports_external.object({ kind: exports_external.literal("string"), value: exports_external.string() }),
@@ -13289,6 +13363,15 @@ var OkApprovalRecordResponseSchema = exports_external.object({
   ok: exports_external.literal(true),
   decision_id: exports_external.string()
 });
+var OkApprovalConsumeRecordResponseSchema = exports_external.object({
+  ok: exports_external.literal(true),
+  consumed: exports_external.boolean(),
+  decision_id: exports_external.string().optional(),
+  agent_unit: exports_external.string().optional(),
+  scope: exports_external.string().optional(),
+  action: exports_external.string().optional(),
+  why: exports_external.string().nullable().optional()
+});
 var ErrorResponseSchema = exports_external.object({
   ok: exports_external.literal(false),
   code: ErrorCode,
@@ -13299,6 +13382,7 @@ var ResponseSchema = exports_external.union([
   OkKeysResponseSchema,
   OkStatusResponseSchema,
   OkLockResponseSchema,
+  OkPreflightAccessResponseSchema,
   OkPutResponseSchema,
   OkMintGrantResponseSchema,
   OkListGrantsResponseSchema,
@@ -13309,6 +13393,7 @@ var ResponseSchema = exports_external.union([
   OkApprovalRevokeResponseSchema,
   OkApprovalListResponseSchema,
   OkApprovalRecordResponseSchema,
+  OkApprovalConsumeRecordResponseSchema,
   ErrorResponseSchema
 ]);
 function decodeRequest(line) {
@@ -15741,7 +15826,9 @@ class VaultBroker {
     this._writePidFile();
     this._sdNotify(`READY=1
 `);
-    this._tryAutoUnlock();
+    if (this.testOpts._testSecrets === undefined) {
+      this._tryAutoUnlock();
+    }
     if (process.platform !== "linux") {
       process.stderr.write(`[vault-broker] WARNING: running on ${process.platform} with ` + `SWITCHROOM_BROKER_ALLOW_NON_LINUX=1 — peercred ACL is disabled. ` + `Access control is socket file mode 0600 ONLY. Do not use this configuration for production secrets.
 `);
@@ -16052,6 +16139,49 @@ class VaultBroker {
       socket.write(encodeResponse({ ok: true, locked: true }));
       return;
     }
+    if (req.op === "preflight_access") {
+      if (!isOperator) {
+        writeAudit({
+          ts: new Date().toISOString(),
+          op: "preflight_access",
+          caller: auditCaller,
+          pid: auditPid,
+          cgroup: auditCgroup,
+          result: "denied:operator-only"
+        });
+        socket.write(encodeResponse(errorResponse("DENIED", "preflight_access is operator-only")));
+        return;
+      }
+      if (this.secrets === null) {
+        socket.write(encodeResponse(errorResponse("LOCKED", "Vault is locked")));
+        return;
+      }
+      const pfSecrets = this.secrets;
+      const pfConfig = this.config;
+      const results = req.keys.map((key) => {
+        const exists = Object.prototype.hasOwnProperty.call(pfSecrets, key);
+        const acl = pfConfig !== null ? checkAclByAgent(pfConfig, req.agent, key) : { allow: false, reason: "broker has no config loaded" };
+        const scope = checkEntryScope(pfSecrets[key]?.scope, req.agent);
+        return {
+          key,
+          exists,
+          acl_ok: acl.allow,
+          ...acl.allow ? {} : { acl_reason: acl.reason },
+          scope_ok: scope.allow,
+          ...scope.allow ? {} : { scope_reason: scope.reason }
+        };
+      });
+      writeAudit({
+        ts: new Date().toISOString(),
+        op: "preflight_access",
+        caller: auditCaller,
+        pid: auditPid,
+        cgroup: auditCgroup,
+        result: `allowed:agent=${req.agent},keys=${req.keys.length}`
+      });
+      socket.write(encodeResponse({ ok: true, op: "preflight_access", results }));
+      return;
+    }
     if (req.op === "list") {
       if (this.secrets === null) {
         socket.write(encodeResponse(errorResponse("LOCKED", "Vault is locked")));

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "switchroom",
-  "version": "0.12.13",
+  "version": "0.12.15",
   "description": "Run Claude Code 24/7 on your Claude Pro/Max subscription over Telegram. Open-source alternative to OpenClaw and NanoClaw — no API keys.",
   "type": "module",
   "bin": {