github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-09 10:17:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(gateway): block node role when device identity is missing

Browse Source
This commit is contained in:
Peter Steinberger
2026-02-21 19:34:00 +01:00
parent 764b1f2932
commit ddcb2d79b1
3 changed files with 24 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/gateway/server/ws-connection/message-handler.ts
View File

@@ -490,7 +490,7 @@ export function attachGatewayWsMessageHandler(params: {
return true;
}
clearUnboundScopes();
const canSkipDevice = sharedAuthOk;
const canSkipDevice = role === "operator" && sharedAuthOk;
if (isControlUi && !controlUiAuthPolicy.allowBypass) {
const errorMessage =