refactor(gateway): dedupe default operator connect scopes

2026-05-27 01:23:33 +00:00 · 2026-02-22 16:27:41 +05:30
parent 3f00f0cbe8
commit 8569fc88c9
6 changed files with 27 additions and 10 deletions
--- a/apps/macos/Sources/OpenClawMacCLI/ConnectCommand.swift
+++ b/apps/macos/Sources/OpenClawMacCLI/ConnectCommand.swift
@@ -15,7 +15,7 @@ struct ConnectOptions {
    var clientMode: String = "ui"
    var displayName: String?
    var role: String = "operator"
-    var scopes: [String] = ["operator.admin", "operator.read", "operator.write", "operator.approvals", "operator.pairing"]
+    var scopes: [String] = defaultOperatorConnectScopes
    var help: Bool = false

    static func parse(_ args: [String]) -> ConnectOptions {
--- a/apps/macos/Sources/OpenClawMacCLI/GatewayScopes.swift
+++ b/apps/macos/Sources/OpenClawMacCLI/GatewayScopes.swift
@@ -0,0 +1,7 @@
+let defaultOperatorConnectScopes: [String] = [
+    "operator.admin",
+    "operator.read",
+    "operator.write",
+    "operator.approvals",
+    "operator.pairing",
+]
--- a/apps/macos/Sources/OpenClawMacCLI/WizardCommand.swift
+++ b/apps/macos/Sources/OpenClawMacCLI/WizardCommand.swift
@@ -251,7 +251,7 @@ actor GatewayWizardClient {
        let clientMode = "ui"
        let role = "operator"
        // Explicit scopes; gateway no longer defaults empty scopes to admin.
-        let scopes: [String] = ["operator.admin", "operator.read", "operator.write", "operator.approvals", "operator.pairing"]
+        let scopes = defaultOperatorConnectScopes
        let client: [String: ProtoAnyCodable] = [
            "id": ProtoAnyCodable(clientId),
            "displayName": ProtoAnyCodable(Host.current().localizedName ?? "OpenClaw macOS Wizard CLI"),
--- a/apps/shared/OpenClawKit/Sources/OpenClawKit/GatewayChannel.swift
+++ b/apps/shared/OpenClawKit/Sources/OpenClawKit/GatewayChannel.swift
@@ -127,6 +127,14 @@ private enum ConnectChallengeError: Error {
    case timeout
 }

+private let defaultOperatorConnectScopes: [String] = [
+    "operator.admin",
+    "operator.read",
+    "operator.write",
+    "operator.approvals",
+    "operator.pairing",
+]
+
 public actor GatewayChannelActor {
    private let logger = Logger(subsystem: "ai.openclaw", category: "gateway")
    private var task: WebSocketTaskBox?
@@ -318,7 +326,7 @@ public actor GatewayChannelActor {
        let primaryLocale = Locale.preferredLanguages.first ?? Locale.current.identifier
        let options = self.connectOptions ?? GatewayConnectOptions(
            role: "operator",
-            scopes: ["operator.admin", "operator.read", "operator.write", "operator.approvals", "operator.pairing"],
+            scopes: defaultOperatorConnectScopes,
            caps: [],
            commands: [],
            permissions: [:],