LLM/moltbot
1
0
Fork 0
mirror of https://github.com/moltbot/moltbot.git synced 2026-04-23 14:45:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

docs: refresh node pairing scope references

Browse Source
This commit is contained in:
Peter Steinberger
2026-04-04 11:22:00 +01:00
parent 28021a0325
commit 848e7abb57
4 changed files with 28 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
docs/cli/nodes.md
View File

@@ -39,6 +39,15 @@ openclaw nodes status --last-connected 24h
Use `--connected` to only show currently-connected nodes. Use `--last-connected <duration>` to
filter to nodes that connected within a duration (e.g. `24h`, `7d`).
Approval note:
- `openclaw nodes pending` only needs pairing scope.
- `openclaw nodes approve <requestId>` inherits extra scope requirements from the
pending request:
- commandless request: pairing only
- non-exec node commands: pairing + write
- `system.run` / `system.run.prepare` / `system.which`: pairing + admin
## Invoke
```bash

8
docs/gateway/pairing.md
View File

@@ -56,7 +56,7 @@ Events:
Methods:
- `node.pair.request` — create or reuse a pending request.
- `node.pair.list` — list pending + paired nodes.
- `node.pair.list` — list pending + paired nodes (`operator.pairing`).
- `node.pair.approve` — approve a pending request (issues token).
- `node.pair.reject` — reject a pending request.
- `node.pair.verify` — verify `{ nodeId, token }`.
@@ -70,6 +70,12 @@ Notes:
- Approval **always** generates a fresh token; no token is ever returned from
`node.pair.request`.
- Requests may include `silent: true` as a hint for auto-approval flows.
- `node.pair.approve` uses the pending request's declared commands to enforce
extra approval scopes:
- commandless request: `operator.pairing`
- non-exec command request: `operator.pairing` + `operator.write`
- `system.run` / `system.run.prepare` / `system.which` request:
`operator.pairing` + `operator.admin`
Important:

8
docs/gateway/protocol.md
View File

@@ -173,6 +173,14 @@ Method scope is only the first gate. Some slash commands reached through
`chat.send` apply stricter command-level checks on top. For example, persistent
`/config set` and `/config unset` writes require `operator.admin`.
`node.pair.approve` also has an extra approval-time scope check on top of the
base method scope:
- commandless requests: `operator.pairing`
- requests with non-exec node commands: `operator.pairing` + `operator.write`
- requests that include `system.run`, `system.run.prepare`, or `system.which`:
`operator.pairing` + `operator.admin`
### Caps/commands/permissions (node)
Nodes declare capability claims at connect time:

4
docs/nodes/index.md
View File

@@ -45,6 +45,10 @@ Notes:
- `nodes status` marks a node as **paired** when its device pairing role includes `node`.
- `node.pair.*` (CLI: `openclaw nodes pending/approve/reject/rename`) is a separate gateway-owned
node pairing store; it does **not** gate the WS `connect` handshake.
- Approval scope follows the pending request's declared commands:
- commandless request: `operator.pairing`
- non-exec node commands: `operator.pairing` + `operator.write`
- `system.run` / `system.run.prepare` / `system.which`: `operator.pairing` + `operator.admin`
## Remote node host (system.run)