mirror of
https://github.com/openclaw/openclaw.git
synced 2026-05-26 07:03:34 +00:00
Gateway: make dangerous node commands opt-in
This commit is contained in:
Mariano Belinky
@@ -1,5 +1,8 @@
|
||||
import { describe, expect, it } from "vitest";
|
||||
import { resolveNodeCommandAllowlist } from "./node-command-policy.js";
|
||||
import {
|
||||
DEFAULT_DANGEROUS_NODE_COMMANDS,
|
||||
resolveNodeCommandAllowlist,
|
||||
} from "./node-command-policy.js";
|
||||
|
||||
describe("resolveNodeCommandAllowlist", () => {
|
||||
it("includes iOS service commands by default", () => {
|
||||
@@ -19,21 +22,25 @@ describe("resolveNodeCommandAllowlist", () => {
|
||||
expect(allow.has("reminders.list")).toBe(true);
|
||||
expect(allow.has("photos.latest")).toBe(true);
|
||||
expect(allow.has("motion.activity")).toBe(true);
|
||||
|
||||
for (const cmd of DEFAULT_DANGEROUS_NODE_COMMANDS) {
|
||||
expect(allow.has(cmd)).toBe(false);
|
||||
}
|
||||
});
|
||||
|
||||
it("applies denyCommands as exact removals", () => {
|
||||
it("can explicitly allow dangerous commands via allowCommands", () => {
|
||||
const allow = resolveNodeCommandAllowlist(
|
||||
{
|
||||
gateway: {
|
||||
nodes: {
|
||||
denyCommands: ["camera.snap", "screen.record"],
|
||||
allowCommands: ["camera.snap", "screen.record"],
|
||||
},
|
||||
},
|
||||
},
|
||||
{ platform: "ios", deviceFamily: "iPhone" },
|
||||
);
|
||||
expect(allow.has("camera.snap")).toBe(false);
|
||||
expect(allow.has("screen.record")).toBe(false);
|
||||
expect(allow.has("camera.clip")).toBe(true);
|
||||
expect(allow.has("camera.snap")).toBe(true);
|
||||
expect(allow.has("screen.record")).toBe(true);
|
||||
expect(allow.has("camera.clip")).toBe(false);
|
||||
});
|
||||
});
|
||||
|
||||
@@ -12,25 +12,29 @@ const CANVAS_COMMANDS = [
|
||||
"canvas.a2ui.reset",
|
||||
];
|
||||
|
||||
const CAMERA_COMMANDS = ["camera.list", "camera.snap", "camera.clip"];
|
||||
const CAMERA_COMMANDS = ["camera.list"];
|
||||
const CAMERA_DANGEROUS_COMMANDS = ["camera.snap", "camera.clip"];
|
||||
|
||||
const SCREEN_COMMANDS = ["screen.record"];
|
||||
const SCREEN_DANGEROUS_COMMANDS = ["screen.record"];
|
||||
|
||||
const LOCATION_COMMANDS = ["location.get"];
|
||||
|
||||
const DEVICE_COMMANDS = ["device.info", "device.status"];
|
||||
|
||||
const CONTACTS_COMMANDS = ["contacts.search", "contacts.add"];
|
||||
const CONTACTS_COMMANDS = ["contacts.search"];
|
||||
const CONTACTS_DANGEROUS_COMMANDS = ["contacts.add"];
|
||||
|
||||
const CALENDAR_COMMANDS = ["calendar.events", "calendar.add"];
|
||||
const CALENDAR_COMMANDS = ["calendar.events"];
|
||||
const CALENDAR_DANGEROUS_COMMANDS = ["calendar.add"];
|
||||
|
||||
const REMINDERS_COMMANDS = ["reminders.list", "reminders.add"];
|
||||
const REMINDERS_COMMANDS = ["reminders.list"];
|
||||
const REMINDERS_DANGEROUS_COMMANDS = ["reminders.add"];
|
||||
|
||||
const PHOTOS_COMMANDS = ["photos.latest"];
|
||||
|
||||
const MOTION_COMMANDS = ["motion.activity", "motion.pedometer"];
|
||||
|
||||
const SMS_COMMANDS = ["sms.send"];
|
||||
const SMS_DANGEROUS_COMMANDS = ["sms.send"];
|
||||
|
||||
// iOS nodes don't implement system.run/which, but they do support notifications.
|
||||
const IOS_SYSTEM_COMMANDS = ["system.notify"];
|
||||
@@ -44,11 +48,21 @@ const SYSTEM_COMMANDS = [
|
||||
"browser.proxy",
|
||||
];
|
||||
|
||||
// "High risk" node commands. These can be enabled by explicitly adding them to
|
||||
// `gateway.nodes.allowCommands` (and ensuring they're not blocked by denyCommands).
|
||||
export const DEFAULT_DANGEROUS_NODE_COMMANDS = [
|
||||
...CAMERA_DANGEROUS_COMMANDS,
|
||||
...SCREEN_DANGEROUS_COMMANDS,
|
||||
...CONTACTS_DANGEROUS_COMMANDS,
|
||||
...CALENDAR_DANGEROUS_COMMANDS,
|
||||
...REMINDERS_DANGEROUS_COMMANDS,
|
||||
...SMS_DANGEROUS_COMMANDS,
|
||||
];
|
||||
|
||||
const PLATFORM_DEFAULTS: Record<string, string[]> = {
|
||||
ios: [
|
||||
...CANVAS_COMMANDS,
|
||||
...CAMERA_COMMANDS,
|
||||
...SCREEN_COMMANDS,
|
||||
...LOCATION_COMMANDS,
|
||||
...DEVICE_COMMANDS,
|
||||
...CONTACTS_COMMANDS,
|
||||
@@ -61,7 +75,6 @@ const PLATFORM_DEFAULTS: Record<string, string[]> = {
|
||||
android: [
|
||||
...CANVAS_COMMANDS,
|
||||
...CAMERA_COMMANDS,
|
||||
...SCREEN_COMMANDS,
|
||||
...LOCATION_COMMANDS,
|
||||
...DEVICE_COMMANDS,
|
||||
...CONTACTS_COMMANDS,
|
||||
@@ -69,12 +82,10 @@ const PLATFORM_DEFAULTS: Record<string, string[]> = {
|
||||
...REMINDERS_COMMANDS,
|
||||
...PHOTOS_COMMANDS,
|
||||
...MOTION_COMMANDS,
|
||||
...SMS_COMMANDS,
|
||||
],
|
||||
macos: [
|
||||
...CANVAS_COMMANDS,
|
||||
...CAMERA_COMMANDS,
|
||||
...SCREEN_COMMANDS,
|
||||
...LOCATION_COMMANDS,
|
||||
...DEVICE_COMMANDS,
|
||||
...CONTACTS_COMMANDS,
|
||||
@@ -86,14 +97,7 @@ const PLATFORM_DEFAULTS: Record<string, string[]> = {
|
||||
],
|
||||
linux: [...SYSTEM_COMMANDS],
|
||||
windows: [...SYSTEM_COMMANDS],
|
||||
unknown: [
|
||||
...CANVAS_COMMANDS,
|
||||
...CAMERA_COMMANDS,
|
||||
...SCREEN_COMMANDS,
|
||||
...LOCATION_COMMANDS,
|
||||
...SMS_COMMANDS,
|
||||
...SYSTEM_COMMANDS,
|
||||
],
|
||||
unknown: [...CANVAS_COMMANDS, ...CAMERA_COMMANDS, ...LOCATION_COMMANDS, ...SYSTEM_COMMANDS],
|
||||
};
|
||||
|
||||
function normalizePlatformId(platform?: string, deviceFamily?: string): string {
|
||||
|
||||
Reference in New Issue
Block a user