lywsvip/openclaw-zero-token
1
0
Fork 0
mirror of http://192.168.0.88:13333/lywsvip/openclaw-zero-token.git synced 2026-06-19 19:57:31 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
dependabot/github_actions/actions/github-script-9.0.0
openclaw-zero-token/gateway/role-policy.test.ts
sjhu 571e14a236 feat: upgrade to upstream v2026.3.28 
Major upgrade from e26988a38 to upstream v2026.3.28 (f9b107928).
Key changes:
- Upstream src/, ui/, extensions/ (89 bundled extensions)
- Zero-token web providers preserved in src/zero-token/
- AskOnce plugin restored and registered as CLI command
- Added missing packages: @anthropic-ai/vertex-sdk, @modelcontextprotocol/sdk
- Fixed tsconfig rootDir, skipLibCheck for plugin-sdk DTS build
- Added askonce to bundled plugin metadata and package.json exports
- Fixed AskOnce CLI command registration (missing commands metadata)
- Restored AskOnce adapter imports (correct 5-level relative paths)
- Removed stale migration artifacts from root directory
2026-03-30 17:58:12 +08:00

31 lines
1.3 KiB
TypeScript
Raw Permalink Blame History

import { describe, expect, test } from "vitest";
import {
isRoleAuthorizedForMethod,
parseGatewayRole,
roleCanSkipDeviceIdentity,
} from "./role-policy.js";
describe("gateway role policy", () => {
test("parses supported roles", () => {
expect(parseGatewayRole("operator")).toBe("operator");
expect(parseGatewayRole("node")).toBe("node");
expect(parseGatewayRole("admin")).toBeNull();
expect(parseGatewayRole(undefined)).toBeNull();
});
test("allows device-less bypass only for operator + shared auth", () => {
expect(roleCanSkipDeviceIdentity("operator", true)).toBe(true);
expect(roleCanSkipDeviceIdentity("operator", false)).toBe(false);
expect(roleCanSkipDeviceIdentity("node", true)).toBe(false);
});
test("authorizes roles against node vs operator methods", () => {
expect(isRoleAuthorizedForMethod("node", "node.event")).toBe(true);
expect(isRoleAuthorizedForMethod("node", "node.pending.drain")).toBe(true);
expect(isRoleAuthorizedForMethod("node", "status")).toBe(false);
expect(isRoleAuthorizedForMethod("operator", "status")).toBe(true);
expect(isRoleAuthorizedForMethod("operator", "node.pending.drain")).toBe(false);
expect(isRoleAuthorizedForMethod("operator", "node.event")).toBe(false);
});
});
Reference in New Issue View Git Blame Copy Permalink