Ayuriel/openclaw
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix (gateway): redact sensitive status details for non-admin scopes

Browse Source
This commit is contained in:
Vignesh Natarajan 2026-02-14 21:14:55 -08:00
parent 0dec234505
commit fac040cb10
4 changed files with 133 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

69
src/commands/status.summary.redaction.test.ts Normal file
View File

@ -0,0 +1,69 @@
import { describe, expect, it } from "vitest";
import type { StatusSummary } from "./status.types.js";
import { redactSensitiveStatusSummary } from "./status.summary.js";
describe("redactSensitiveStatusSummary", () => {
it("removes sensitive session and path details while preserving summary structure", () => {
const input: StatusSummary = {
heartbeat: {
defaultAgentId: "main",
agents: [{ agentId: "main", enabled: true, every: "5m", everyMs: 300_000 }],
},
channelSummary: ["ok"],
queuedSystemEvents: ["none"],
sessions: {
paths: ["/tmp/openclaw/sessions.json"],
count: 1,
defaults: { model: "gpt-5", contextTokens: 200_000 },
recent: [
{
key: "main",
kind: "direct",
sessionId: "sess-1",
updatedAt: 1,
age: 2,
totalTokens: 3,
totalTokensFresh: true,
remainingTokens: 4,
percentUsed: 5,
model: "gpt-5",
contextTokens: 200_000,
flags: ["id:sess-1"],
},
],
byAgent: [
{
agentId: "main",
path: "/tmp/openclaw/main-sessions.json",
count: 1,
recent: [
{
key: "main",
kind: "direct",
sessionId: "sess-1",
updatedAt: 1,
age: 2,
totalTokens: 3,
totalTokensFresh: true,
remainingTokens: 4,
percentUsed: 5,
model: "gpt-5",
contextTokens: 200_000,
flags: ["id:sess-1"],
},
],
},
],
},
};
const redacted = redactSensitiveStatusSummary(input);
expect(redacted.sessions.paths).toEqual([]);
expect(redacted.sessions.defaults).toEqual({ model: null, contextTokens: null });
expect(redacted.sessions.recent).toEqual([]);
expect(redacted.sessions.byAgent[0]?.path).toBe("[redacted]");
expect(redacted.sessions.byAgent[0]?.recent).toEqual([]);
expect(redacted.heartbeat).toEqual(input.heartbeat);
expect(redacted.channelSummary).toEqual(input.channelSummary);
});
});

28
src/commands/status.summary.ts
View File

@ -67,7 +67,30 @@ const buildFlags = (entry?: SessionEntry): string[] => {
return flags;
};
export async function getStatusSummary(): Promise<StatusSummary> {
export function redactSensitiveStatusSummary(summary: StatusSummary): StatusSummary {
return {
...summary,
sessions: {
...summary.sessions,
paths: [],
defaults: {
model: null,
contextTokens: null,
},
recent: [],
byAgent: summary.sessions.byAgent.map((entry) => ({
...entry,
path: "[redacted]",
recent: [],
})),
},
};
}
export async function getStatusSummary(
options: { includeSensitive?: boolean } = {},
): Promise<StatusSummary> {
const { includeSensitive = true } = options;
const cfg = loadConfig();
const linkContext = await resolveLinkChannelContext(cfg);
const agentList = listAgentsForGateway(cfg);
@ -179,7 +202,7 @@ export async function getStatusSummary(): Promise<StatusSummary> {
const recent = allSessions.slice(0, 10);
const totalSessions = allSessions.length;
return {
const summary: StatusSummary = {
linkChannel: linkContext
? {
id: linkContext.plugin.id,
@ -205,4 +228,5 @@ export async function getStatusSummary(): Promise<StatusSummary> {
byAgent,
},
};
return includeSensitive ? summary : redactSensitiveStatusSummary(summary);
}

31
src/gateway/server-methods/health.status-scope.test.ts Normal file
View File

@ -0,0 +1,31 @@
import { describe, expect, it, vi } from "vitest";
import { getStatusSummary } from "../../commands/status.js";
import { healthHandlers } from "./health.js";
vi.mock("../../commands/status.js", () => ({
getStatusSummary: vi.fn().mockResolvedValue({ ok: true }),
}));
describe("gateway healthHandlers.status scope handling", () => {
it("requests redacted status for non-admin clients", async () => {
const respond = vi.fn();
await healthHandlers.status({
respond,
client: { connect: { role: "operator", scopes: ["operator.read"] } },
} as Parameters<(typeof healthHandlers)["status"]>[0]);
expect(vi.mocked(getStatusSummary)).toHaveBeenCalledWith({ includeSensitive: false });
expect(respond).toHaveBeenCalledWith(true, { ok: true }, undefined);
});
it("requests full status for admin clients", async () => {
const respond = vi.fn();
await healthHandlers.status({
respond,
client: { connect: { role: "operator", scopes: ["operator.admin"] } },
} as Parameters<(typeof healthHandlers)["status"]>[0]);
expect(vi.mocked(getStatusSummary)).toHaveBeenCalledWith({ includeSensitive: true });
expect(respond).toHaveBeenCalledWith(true, { ok: true }, undefined);
});
});

9
src/gateway/server-methods/health.ts
View File

@ -5,6 +5,8 @@ import { HEALTH_REFRESH_INTERVAL_MS } from "../server-constants.js";
import { formatError } from "../server-utils.js";
import { formatForLog } from "../ws-log.js";
const ADMIN_SCOPE = "operator.admin";
export const healthHandlers: GatewayRequestHandlers = {
health: async ({ respond, context, params }) => {
const { getHealthCache, refreshHealthSnapshot, logHealth } = context;
@ -25,8 +27,11 @@ export const healthHandlers: GatewayRequestHandlers = {
respond(false, undefined, errorShape(ErrorCodes.UNAVAILABLE, formatForLog(err)));
}
},
status: async ({ respond }) => {
const status = await getStatusSummary();
status: async ({ respond, client }) => {
const scopes = Array.isArray(client?.connect?.scopes) ? client.connect.scopes : [];
const status = await getStatusSummary({
includeSensitive: scopes.includes(ADMIN_SCOPE),
});
respond(true, status, undefined);
},
};