| Quellcodebibliothek Statistik Leitseite products/Sources/formale Sprachen/Java/Openclaw/src/plugin-sdk/ (KI Agentensystem Version 22©) Datei vom 26.3.2026 mit Größe 15 kB |
|
Quelle allowlist-config-edit.tsSprache: JAVA |
|||||||||||||||
|
import type { ConfigWriteTarget } from "../channels/plugins/config-writes.js"; import type { ChannelAllowlistAdapter } from "../channels/plugins/types.adapters.js"; import type { ChannelId } from "../channels/plugins/types.public.js"; import type { OpenClawConfig } from "../config/types.openclaw.js"; import { isBlockedObjectKey } from "../infra/prototype-keys.js"; import { DEFAULT_ACCOUNT_ID, normalizeAccountId } from "../routing/session-key.js"; type AllowlistConfigPaths = { readPaths: string[][]; writePath: string[]; cleanupPaths?: string[][]; }; export type AllowlistGroupOverride = { label: string; entries: string[] }; export type AllowlistNameResolution = Array<{ input: string; resolved: boolean; name?: string | null; }>; type AllowlistNormalizer = (params: { cfg: OpenClawConfig; accountId?: string | null; values: Array<string | number>; }) => string[]; type AllowlistAccountResolver<ResolvedAccount> = (params: { cfg: OpenClawConfig; accountId?: string | null; }) => ResolvedAccount; const DM_ALLOWLIST_CONFIG_PATHS: AllowlistConfigPaths = { readPaths: [["allowFrom"]], writePath: ["allowFrom"], }; const GROUP_ALLOWLIST_CONFIG_PATHS: AllowlistConfigPaths = { readPaths: [["groupAllowFrom"]], writePath: ["groupAllowFrom"], }; const LEGACY_DM_ALLOWLIST_CONFIG_PATHS: AllowlistConfigPaths = { readPaths: [["allowFrom"], ["dm", "allowFrom"]], writePath: ["allowFrom"], cleanupPaths: [["dm", "allowFrom"]], }; export function resolveDmGroupAllowlistConfigPaths(scope: "dm" | "group") { return scope === "dm" ? DM_ALLOWLIST_CONFIG_PATHS : GROUP_ALLOWLIST_CONFIG_PATHS; } export function resolveLegacyDmAllowlistConfigPaths(scope: "dm" | "group") { return scope === "dm" ? LEGACY_DM_ALLOWLIST_CONFIG_PATHS : null; } /** Coerce stored allowlist entries into presentable non-empty strings. */ export function readConfiguredAllowlistEntries( entries: Array<string | number> | null | undefined, ): string[] { return (entries ?? []).map(String).filter(Boolean); } /** Collect labeled allowlist overrides from a flat keyed record. */ export function collectAllowlistOverridesFromRecord<T>(params: { record: Record<string, T | undefined> | null | undefined; label: (key: string, value: T) => string; resolveEntries: (value: T) => Array<string | number> | null | undefined; }): AllowlistGroupOverride[] { const overrides: AllowlistGroupOverride[] = []; for (const [key, value] of Object.entries(params.record ?? {})) { if (!value) { continue; } const entries = readConfiguredAllowlistEntries(params.resolveEntries(value)); if (entries.length === 0) { continue; } overrides.push({ label: params.label(key, value), entries }); } return overrides; } /** Collect labeled allowlist overrides from an outer record with nested child records. */ export function collectNestedAllowlistOverridesFromRecord<Outer, Inner>(params: { record: Record<string, Outer | undefined> | null | undefined; outerLabel: (key: string, value: Outer) => string; resolveOuterEntries: (value: Outer) => Array<string | number> | null | undefined; resolveChildren: (value: Outer) => Record<string, Inner | undefined> | null | undefined; innerLabel: (outerKey: string, innerKey: string, inner: Inner) => string; resolveInnerEntries: (value: Inner) => Array<string | number> | null | undefined; }): AllowlistGroupOverride[] { const overrides: AllowlistGroupOverride[] = []; for (const [outerKey, outerValue] of Object.entries(params.record ?? {})) { if (!outerValue) { continue; } const outerEntries = readConfiguredAllowlistEntries(params.resolveOuterEntries(oute if (outerEntries.length > 0) { overrides.push({ label: params.outerLabel(outerKey, outerValue), entries: outerEntrie } overrides.push( ...collectAllowlistOverridesFromRecord({ record: params.resolveChildren(outerValue), label: (innerKey, innerValue) => params.innerLabel(outerKey, innerKey, innerValue), resolveEntries: params.resolveInnerEntries, }), ); } return overrides; } /** Build an account-scoped flat override resolver from a keyed allowlist record. */ export function createFlatAllowlistOverrideResolver<ResolvedAccount, Entry>(params: { resolveRecord: (account: ResolvedAccount) => Record<string, Entry | undefined> | null | undefi label: (key: string, value: Entry) => string; resolveEntries: (value: Entry) => Array<string | number> | null | undefined; }): (account: ResolvedAccount) => AllowlistGroupOverride[] { return (account) => collectAllowlistOverridesFromRecord({ record: params.resolveRecord(account), label: params.label, resolveEntries: params.resolveEntries, }); } /** Build an account-scoped nested override resolver from hierarchical allowlist records. * export function createNestedAllowlistOverrideResolver<ResolvedAccount, Outer, Inner>(p resolveRecord: (account: ResolvedAccount) => Record<string, Outer | undefined> | null | undefi outerLabel: (key: string, value: Outer) => string; resolveOuterEntries: (value: Outer) => Array<string | number> | null | undefined; resolveChildren: (value: Outer) => Record<string, Inner | undefined> | null | undefined; innerLabel: (outerKey: string, innerKey: string, inner: Inner) => string; resolveInnerEntries: (value: Inner) => Array<string | number> | null | undefined; }): (account: ResolvedAccount) => AllowlistGroupOverride[] { return (account) => collectNestedAllowlistOverridesFromRecord({ record: params.resolveRecord(account), outerLabel: params.outerLabel, resolveOuterEntries: params.resolveOuterEntries, resolveChildren: params.resolveChildren, innerLabel: params.innerLabel, resolveInnerEntries: params.resolveInnerEntries, }); } /** Build the common account-scoped token-gated allowlist name resolver. */ export function createAccountScopedAllowlistNameResolver<ResolvedAccount>(params: { resolveAccount: (params: { cfg: OpenClawConfig; accountId?: string | null }) => ResolvedAcco resolveToken: (account: ResolvedAccount) => string | null | undefined; resolveNames: (params: { token: string; entries: string[] }) => Promise<AllowlistNameResolu }): NonNullable<ChannelAllowlistAdapter["resolveNames"]> { return async ({ cfg, accountId, entries }) => { const account = params.resolveAccount({ cfg, accountId }); const token = params.resolveToken(account)?.trim(); if (!token) { return []; } return await params.resolveNames({ token, entries }); }; } function resolveAccountScopedWriteTarget( parsed: Record<string, unknown>, channelId: ChannelId, accountId?: string | null, ) { const channels = (parsed.channels ??= {}) as Record<string, unknown>; const channel = (channels[channelId] ??= {}) as Record<string, unknown>; const normalizedAccountId = normalizeAccountId(accountId); if (isBlockedObjectKey(normalizedAccountId)) { return { target: channel, pathPrefix: `channels.${channelId}`, writeTarget: { kind: "channel", scope: { channelId } } as const satisfies ConfigWriteTarget, }; } const hasAccounts = Boolean(channel.accounts && typeof channel.accounts === "object"); const useAccount = normalizedAccountId !== DEFAULT_ACCOUNT_ID || hasAccounts; if (!useAccount) { return { target: channel, pathPrefix: `channels.${channelId}`, writeTarget: { kind: "channel", scope: { channelId } } as const satisfies ConfigWriteTarget, }; } const accounts = (channel.accounts ??= {}) as Record<string, unknown>; const existingAccount = Object.hasOwn(accounts, normalizedAccountId) ? accounts[normalizedAccountId] : undefined; if (!existingAccount || typeof existingAccount !== "object") { accounts[normalizedAccountId] = {}; } const account = accounts[normalizedAccountId] as Record<string, unknown>; return { target: account, pathPrefix: `channels.${channelId}.accounts.${normalizedAccountId}`, writeTarget: { kind: "account", scope: { channelId, accountId: normalizedAccountId }, } as const satisfies ConfigWriteTarget, }; } function getNestedValue(root: Record<string, unknown>, path: string[]): unknown { let current: unknown = root; for (const key of path) { if (!current || typeof current !== "object") { return undefined; } current = (current as Record<string, unknown>)[key]; } return current; } function ensureNestedObject( root: Record<string, unknown>, path: string[], ): Record<string, unknown> { let current = root; for (const key of path) { const existing = current[key]; if (!existing || typeof existing !== "object") { current[key] = {}; } current = current[key] as Record<string, unknown>; } return current; } function setNestedValue(root: Record<string, unknown>, path: string[], value: unknown) { if (path.length === 0) { return; } if (path.length === 1) { root[path[0]] = value; return; } const parent = ensureNestedObject(root, path.slice(0, -1)); parent[path[path.length - 1]] = value; } function deleteNestedValue(root: Record<string, unknown>, path: string[]) { if (path.length === 0) { return; } if (path.length === 1) { delete root[path[0]]; return; } const parent = getNestedValue(root, path.slice(0, -1)); if (!parent || typeof parent !== "object") { return; } delete (parent as Record<string, unknown>)[path[path.length - 1]]; } function applyAccountScopedAllowlistConfigEdit(params: { parsedConfig: Record<string, unknown>; channelId: ChannelId; accountId?: string | null; action: "add" | "remove"; entry: string; normalize: (values: Array<string | number>) => string[]; paths: AllowlistConfigPaths; }): NonNullable<Awaited<ReturnType<NonNullable<ChannelAllowlistAdapter["applyConfigEd const resolvedTarget = resolveAccountScopedWriteTarget( params.parsedConfig, params.channelId, params.accountId, ); const existing: string[] = []; for (const path of params.paths.readPaths) { const existingRaw = getNestedValue(resolvedTarget.target, path); if (!Array.isArray(existingRaw)) { continue; } for (const entry of existingRaw) { const value = String(entry).trim(); if (!value || existing.includes(value)) { continue; } existing.push(value); } } const normalizedEntry = params.normalize([params.entry]); if (normalizedEntry.length === 0) { return { kind: "invalid-entry" }; } const existingNormalized = params.normalize(existing); const shouldMatch = (value: string) => normalizedEntry.includes(value); let changed = false; let next = existing; const configHasEntry = existingNormalized.some((value) => shouldMatch(value)); if (params.action === "add") { if (!configHasEntry) { next = [...existing, params.entry.trim()]; changed = true; } } else { const keep: string[] = []; for (const entry of existing) { const normalized = params.normalize([entry]); if (normalized.some((value) => shouldMatch(value))) { changed = true; continue; } keep.push(entry); } next = keep; } if (changed) { if (next.length === 0) { deleteNestedValue(resolvedTarget.target, params.paths.writePath); } else { setNestedValue(resolvedTarget.target, params.paths.writePath, next); } for (const path of params.paths.cleanupPaths ?? []) { deleteNestedValue(resolvedTarget.target, path); } } return { kind: "ok", changed, pathLabel: `${resolvedTarget.pathPrefix}.${params.paths.writePath.join(".")}`, writeTarget: resolvedTarget.writeTarget, }; } /** Build the default account-scoped allowlist editor used by channel plugins with config-ba export function buildAccountScopedAllowlistConfigEditor(params: { channelId: ChannelId; normalize: AllowlistNormalizer; resolvePaths: (scope: "dm" | "group") => AllowlistConfigPaths | null; }): NonNullable<ChannelAllowlistAdapter["applyConfigEdit"]> { return ({ cfg, parsedConfig, accountId, scope, action, entry }) => { const paths = params.resolvePaths(scope); if (!paths) { return null; } return applyAccountScopedAllowlistConfigEdit({ parsedConfig, channelId: params.channelId, accountId, action, entry, normalize: (values) => params.normalize({ cfg, accountId, values }), paths, }); }; } function buildAccountAllowlistAdapter<ResolvedAccount>(params: { channelId: ChannelId; resolveAccount: AllowlistAccountResolver<ResolvedAccount>; normalize: AllowlistNormalizer; supportsScope: NonNullable<ChannelAllowlistAdapter["supportsScope"]>; resolvePaths: (scope: "dm" | "group") => AllowlistConfigPaths | null; readConfig: ( account: ResolvedAccount, ) => Awaited<ReturnType<NonNullable<ChannelAllowlistAdapter["readConfig"]>>>; }): Pick<ChannelAllowlistAdapter, "supportsScope" | "readConfig" | "applyConfigEdit"> { return { supportsScope: params.supportsScope, readConfig: ({ cfg, accountId }) => params.readConfig(params.resolveAccount({ cfg, accountId })), applyConfigEdit: buildAccountScopedAllowlistConfigEditor({ channelId: params.channelId, normalize: params.normalize, resolvePaths: params.resolvePaths, }), }; } /** Build the common DM/group allowlist adapter used by channels that store both lists in confi export function buildDmGroupAccountAllowlistAdapter<ResolvedAccount>(params: { channelId: ChannelId; resolveAccount: AllowlistAccountResolver<ResolvedAccount>; normalize: AllowlistNormalizer; resolveDmAllowFrom: (account: ResolvedAccount) => Array<string | number> | null | undefined; resolveGroupAllowFrom: (account: ResolvedAccount) => Array<string | number> | null | undefine resolveDmPolicy?: (account: ResolvedAccount) => string | null | undefined; resolveGroupPolicy?: (account: ResolvedAccount) => string | null | undefined; resolveGroupOverrides?: (account: ResolvedAccount) => AllowlistGroupOverride[] | undefi }): Pick<ChannelAllowlistAdapter, "supportsScope" | "readConfig" | "applyConfigEdit"> { return buildAccountAllowlistAdapter({ channelId: params.channelId, resolveAccount: params.resolveAccount, normalize: params.normalize, supportsScope: ({ scope }) => scope === "dm" || scope === "group" || scope === "all", resolvePaths: resolveDmGroupAllowlistConfigPaths, readConfig: (account) => ({ dmAllowFrom: readConfiguredAllowlistEntries(params.resolveDmAllowFrom(account)), groupAllowFrom: readConfiguredAllowlistEntries(params.resolveGroupAllowFrom(accou dmPolicy: params.resolveDmPolicy?.(account) ?? undefined, groupPolicy: params.resolveGroupPolicy?.(account) ?? undefined, groupOverrides: params.resolveGroupOverrides?.(account), }), }); } /** Build the common DM-only allowlist adapter for channels with legacy dm.allowFrom fallbac export function buildLegacyDmAccountAllowlistAdapter<ResolvedAccount>(params: { channelId: ChannelId; resolveAccount: AllowlistAccountResolver<ResolvedAccount>; normalize: AllowlistNormalizer; resolveDmAllowFrom: (account: ResolvedAccount) => Array<string | number> | null | undefined; resolveGroupPolicy?: (account: ResolvedAccount) => string | null | undefined; resolveGroupOverrides?: (account: ResolvedAccount) => AllowlistGroupOverride[] | undefi }): Pick<ChannelAllowlistAdapter, "supportsScope" | "readConfig" | "applyConfigEdit"> { return buildAccountAllowlistAdapter({ channelId: params.channelId, resolveAccount: params.resolveAccount, normalize: params.normalize, supportsScope: ({ scope }) => scope === "dm", resolvePaths: resolveLegacyDmAllowlistConfigPaths, readConfig: (account) => ({ dmAllowFrom: readConfiguredAllowlistEntries(params.resolveDmAllowFrom(account)), groupPolicy: params.resolveGroupPolicy?.(account) ?? undefined, groupOverrides: params.resolveGroupOverrides?.(account), }), }); }
¤ Dauer der Verarbeitung: 0.12 Sekunden (vorverarbeitet am 2026-06-10) ¤*© Formatika GbR, Deutschland |
|
||||||||||||||
2026-06-09