Merge default agent permissions with global config (#1879)
This commit is contained in:
Mariano Uvalle
@@ -44,6 +44,8 @@ export namespace Agent {
|
|||||||
},
|
},
|
||||||
webfetch: "allow",
|
webfetch: "allow",
|
||||||
}
|
}
|
||||||
|
const agentPermission = mergeAgentPermissions(defaultPermission, cfg.permission ?? {})
|
||||||
|
|
||||||
const result: Record<string, Info> = {
|
const result: Record<string, Info> = {
|
||||||
general: {
|
general: {
|
||||||
name: "general",
|
name: "general",
|
||||||
@@ -54,20 +56,20 @@ export namespace Agent {
|
|||||||
todowrite: false,
|
todowrite: false,
|
||||||
},
|
},
|
||||||
options: {},
|
options: {},
|
||||||
permission: defaultPermission,
|
permission: agentPermission,
|
||||||
mode: "subagent",
|
mode: "subagent",
|
||||||
},
|
},
|
||||||
build: {
|
build: {
|
||||||
name: "build",
|
name: "build",
|
||||||
tools: {},
|
tools: {},
|
||||||
options: {},
|
options: {},
|
||||||
permission: defaultPermission,
|
permission: agentPermission,
|
||||||
mode: "primary",
|
mode: "primary",
|
||||||
},
|
},
|
||||||
plan: {
|
plan: {
|
||||||
name: "plan",
|
name: "plan",
|
||||||
options: {},
|
options: {},
|
||||||
permission: defaultPermission,
|
permission: agentPermission,
|
||||||
tools: {
|
tools: {
|
||||||
write: false,
|
write: false,
|
||||||
edit: false,
|
edit: false,
|
||||||
@@ -86,7 +88,7 @@ export namespace Agent {
|
|||||||
item = result[key] = {
|
item = result[key] = {
|
||||||
name: key,
|
name: key,
|
||||||
mode: "all",
|
mode: "all",
|
||||||
permission: defaultPermission,
|
permission: agentPermission,
|
||||||
options: {},
|
options: {},
|
||||||
tools: {},
|
tools: {},
|
||||||
}
|
}
|
||||||
@@ -108,25 +110,7 @@ export namespace Agent {
|
|||||||
if (mode) item.mode = mode
|
if (mode) item.mode = mode
|
||||||
|
|
||||||
if (permission ?? cfg.permission) {
|
if (permission ?? cfg.permission) {
|
||||||
const merged = mergeDeep(cfg.permission ?? {}, permission ?? {})
|
item.permission = mergeAgentPermissions(cfg.permission ?? {}, permission ?? {})
|
||||||
if (merged.edit) item.permission.edit = merged.edit
|
|
||||||
if (merged.webfetch) item.permission.webfetch = merged.webfetch
|
|
||||||
if (merged.bash) {
|
|
||||||
if (typeof merged.bash === "string") {
|
|
||||||
item.permission.bash = {
|
|
||||||
"*": merged.bash,
|
|
||||||
}
|
|
||||||
}
|
|
||||||
// if granular permissions are provided, default to "ask"
|
|
||||||
if (typeof merged.bash === "object") {
|
|
||||||
item.permission.bash = mergeDeep(
|
|
||||||
{
|
|
||||||
"*": "ask",
|
|
||||||
},
|
|
||||||
merged.bash,
|
|
||||||
)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return result
|
return result
|
||||||
@@ -170,3 +154,32 @@ export namespace Agent {
|
|||||||
return result.object
|
return result.object
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function mergeAgentPermissions(basePermission: any, overridePermission: any): Agent.Info["permission"] {
|
||||||
|
const merged = mergeDeep(basePermission ?? {}, overridePermission ?? {}) as any
|
||||||
|
let mergedBash
|
||||||
|
if (merged.bash) {
|
||||||
|
if (typeof merged.bash === "string") {
|
||||||
|
mergedBash = {
|
||||||
|
"*": merged.bash,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
// if granular permissions are provided, default to "ask"
|
||||||
|
if (typeof merged.bash === "object") {
|
||||||
|
mergedBash = mergeDeep(
|
||||||
|
{
|
||||||
|
"*": "ask",
|
||||||
|
},
|
||||||
|
merged.bash,
|
||||||
|
)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
const result: Agent.Info["permission"] = {
|
||||||
|
edit: merged.edit ?? "allow",
|
||||||
|
webfetch: merged.webfetch ?? "allow",
|
||||||
|
bash: mergedBash ?? { "*": "allow" },
|
||||||
|
}
|
||||||
|
|
||||||
|
return result
|
||||||
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user