fix: enforce ws3 roles + node allowlist

2026-01-20 09:23:56 +00:00
parent 32a668e4d9
commit 9dbc1435a6
27 changed files with 3096 additions and 40 deletions
--- a/src/config/schema.ts
+++ b/src/config/schema.ts
@@ -169,6 +169,8 @@ const FIELD_LABELS: Record<string, string> = {
  "gateway.http.endpoints.chatCompletions.enabled": "OpenAI Chat Completions Endpoint",
  "gateway.reload.mode": "Config Reload Mode",
  "gateway.reload.debounceMs": "Config Reload Debounce (ms)",
+  "gateway.nodes.allowCommands": "Gateway Node Allowlist (Extra Commands)",
+  "gateway.nodes.denyCommands": "Gateway Node Denylist",
  "skills.load.watch": "Watch Skills",
  "skills.load.watchDebounceMs": "Skills Watch Debounce (ms)",
  "agents.defaults.workspace": "Workspace",
@@ -318,6 +320,10 @@ const FIELD_HELP: Record<string, string> = {
    "Enable the OpenAI-compatible `POST /v1/chat/completions` endpoint (default: false).",
  "gateway.reload.mode": 'Hot reload strategy for config changes ("hybrid" recommended).',
  "gateway.reload.debounceMs": "Debounce window (ms) before applying config changes.",
+  "gateway.nodes.allowCommands":
+    "Extra node.invoke commands to allow beyond the gateway defaults (array of command strings).",
+  "gateway.nodes.denyCommands":
+    "Commands to block even if present in node claims or default allowlist.",
  "tools.exec.applyPatch.enabled":
    "Experimental. Enables apply_patch for OpenAI models when allowed by tool policy.",
  "tools.exec.applyPatch.allowModels":
--- a/src/config/types.gateway.ts
+++ b/src/config/types.gateway.ts
@@ -170,6 +170,13 @@ export type GatewayHttpConfig = {
  endpoints?: GatewayHttpEndpointsConfig;
 };

+export type GatewayNodesConfig = {
+  /** Additional node.invoke commands to allow on the gateway. */
+  allowCommands?: string[];
+  /** Commands to deny even if they appear in the defaults or node claims. */
+  denyCommands?: string[];
+};
+
 export type GatewayConfig = {
  /** Single multiplexed port for Gateway WS + HTTP (default: 18789). */
  port?: number;
@@ -196,4 +203,5 @@ export type GatewayConfig = {
  reload?: GatewayReloadConfig;
  tls?: GatewayTlsConfig;
  http?: GatewayHttpConfig;
+  nodes?: GatewayNodesConfig;
 };
--- a/src/config/zod-schema.ts
+++ b/src/config/zod-schema.ts
@@ -341,6 +341,13 @@ export const ClawdbotSchema = z
          })
          .strict()
          .optional(),
+        nodes: z
+          .object({
+            allowCommands: z.array(z.string()).optional(),
+            denyCommands: z.array(z.string()).optional(),
+          })
+          .strict()
+          .optional(),
      })
      .strict()
      .optional(),