fix(gateway): consume allow-once approvals to prevent replay

(cherry picked from commit 6adacd447c)
2026-05-08 13:01:25 +00:00 · 2026-02-23 14:43:38 -07:00
parent ffc22778f3
commit 3f5e7f8156
3 changed files with 91 additions and 3 deletions
--- a/src/gateway/exec-approval-manager.ts
+++ b/src/gateway/exec-approval-manager.ts
@@ -154,6 +154,21 @@ export class ExecApprovalManager {
    return entry?.record ?? null;
  }

+  consumeAllowOnce(recordId: string): boolean {
+    const entry = this.pending.get(recordId);
+    if (!entry) {
+      return false;
+    }
+    const record = entry.record;
+    if (record.decision !== "allow-once") {
+      return false;
+    }
+    // One-time approvals must be consumed atomically so the same runId
+    // cannot be replayed during the resolved-entry grace window.
+    record.decision = undefined;
+    return true;
+  }
+
  /**
   * Wait for decision on an already-registered approval.
   * Returns the decision promise if the ID is pending, null otherwise.