MCPcopy
hub / github.com/cft0808/edict / _check_permission

Function _check_permission

scripts/kanban_update.py:176–187  ·  view source on GitHub ↗

检查 Agent 是否有权执行该命令。未知 Agent 不拦截(向前兼容)。

(agent_id, cmd)

Source from the content-addressed store, hash-verified

174}
175
176def _check_permission(agent_id, cmd):
177 """检查 Agent 是否有权执行该命令。未知 Agent 不拦截(向前兼容)。"""
178 if not agent_id:
179 return # 无法推断 Agent 身份时不拦截
180 policy = AGENT_POLICY.get(agent_id)
181 if policy is None:
182 return # 未注册的 Agent 不拦截
183 if cmd not in policy["commands"]:
184 _append_audit(None, agent_id, "permission_denied", cmd, None, f"{agent_id} 越权执行 {cmd}")
185 log.warning(f"⛔ {agent_id} 无权执行 {cmd}(允许: {policy['commands']})")
186 print(f"[看板] 越权拒绝: {agent_id} 不可执行 {cmd}", flush=True)
187 sys.exit(1)
188
189
190def find_task(tasks, task_id):

Callers 1

kanban_update.pyFile · 0.85

Calls 1

_append_auditFunction · 0.85

Tested by

no test coverage detected