2cbe4e2808
Implement Postgres-backed claw approval flow and integrate gateway methods for create/list/get/approve/reject/execute/audit. Add a minimal systemd-run privileged broker with bearer auth, strict scope and exact-command validation, dangerous-shell blocking, atomic once-grant consumption, and execution audit updates.
44 lines
687 B
Markdown
44 lines
687 B
Markdown
# Claw Broker (MVP)
|
|
|
|
Minimal privileged broker for claw.approvals.execute.
|
|
|
|
## API
|
|
|
|
- POST /v1/execute
|
|
- Bearer token via CLAW_BROKER_TOKEN
|
|
|
|
Request fields:
|
|
|
|
- executionId
|
|
- approvalRequestId
|
|
- approvalGrantId
|
|
- exactCommand
|
|
- targetHost
|
|
- targetUser
|
|
- requestedBy
|
|
- channel
|
|
- chatId
|
|
- humanUserId
|
|
- sessionId
|
|
|
|
Response fields:
|
|
|
|
- executionId
|
|
- status
|
|
- exitCode
|
|
- stdoutSummary
|
|
- stderrSummary
|
|
- startedAt
|
|
- finishedAt
|
|
|
|
## Validation
|
|
|
|
Broker re-checks in Postgres before execution:
|
|
|
|
- request/grant exist
|
|
- status allows execution
|
|
- once grant atomic consume
|
|
- command exact match
|
|
- scope match (targetHost, targetUser, channel, chatId, humanUserId, sessionId)
|
|
- dangerous shell policy
|