nyrn
/
openclaw
mirror of https://github.com/openclaw/openclaw.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix(gateway): treat OpenAI HTTP ingress as non-owner (#57769) 

Co-authored-by: Brian Mendonca <208517100+bmendonca3@users.noreply.github.com>
This commit is contained in:
Jacob Tomlinson 2026-03-30 08:26:53 -07:00 committed by GitHub
parent c6f2db1506
commit f011d0be28
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/gateway/openai-http.test.ts
View File

@ -146,6 +146,7 @@ describe("OpenAI-compatible HTTP API (e2e)", () => {
message?: string;
extraSystemPrompt?: string;
images?: Array<{ type: string; data: string; mimeType: string }>;
senderIsOwner?: boolean;
}
| undefined;
const getFirstAgentMessage = () => getFirstAgentCall()?.message ?? "";
@ -169,6 +170,7 @@ describe("OpenAI-compatible HTTP API (e2e)", () => {
messages: [{ role: "user", content: message }],
});
expect(res.status).toBe(200);
expect(getFirstAgentCall()?.senderIsOwner).toBe(false);
return (await res.json()) as Record<string, unknown>;
};

4
src/gateway/openai-http.ts
View File

@ -117,8 +117,8 @@ function buildAgentCommandInput(params: {
deliver: false as const,
messageChannel: params.messageChannel,
bestEffortDeliver: false as const,
// HTTP API callers are authenticated operator clients for this gateway context.
senderIsOwner: true as const,
// OpenAI-compatible HTTP ingress is external input and must not inherit owner-only tools.
senderIsOwner: false as const,
allowModelOverride: true as const,
};
}