yumoqing/harnessed_agent
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: grant full permissions to internal calls (empty context)

Browse Source
This commit is contained in:
yumoqing 2026-05-08 15:58:33 +08:00
parent 63a89d6db2
commit 93edc7cde3
1 changed files with 17 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
harnessed_agent/core.py
View File

@ -233,14 +233,12 @@ class HermesAgent:
Returns: Returns:
List of user permissions List of user permissions
""" """
if not context: # If no context or no user_id, assume internal system call and grant full permissions.
# Anonymous user gets minimal permissions # This prevents blocking internal workflows (like reasoning tasks) that may not pass full user context.
return ['file_read', 'memory_read', 'skill_read'] user_id = None
if context:
# In a real implementation, this would check RBAC or similar
# For now, return all permissions for authenticated users
user_id = context.get('user_id') or context.get('userid') user_id = context.get('user_id') or context.get('userid')
if user_id:
return [ return [
'file_read', 'file_write', 'file_read', 'file_write',
'system_execute', 'system_manage', 'system_execute', 'system_manage',
@ -252,8 +250,6 @@ class HermesAgent:
'user_interact', 'schedule_manage', 'user_interact', 'schedule_manage',
'config_read' 'config_read'
] ]
else:
return ['file_read', 'memory_read', 'skill_read']
async def _execute_tool_with_retry(self, tool_func: Callable, params: dict, async def _execute_tool_with_retry(self, tool_func: Callable, params: dict,
tool_name: str, user_id: str) -> Dict[str, Any]: tool_name: str, user_id: str) -> Dict[str, Any]: