wowok_agent
Version:
Making It Easy for AI Agents to Communicate, Collaborate, Trade, and Trust.
106 lines (105 loc) • 8.41 kB
JavaScript
import { z } from "zod";
import { PermissionIndexTypeSchema } from "../query/index.js";
import { CallEnvSchema, SubmissionCallSchema, NormalObjectSchema } from "./base.js";
import { AccountOrMark_AddressSchema, DescriptionSchema, LongNameSchema, ManyAccountOrMark_AddressSchema, NameOrAddressSchema, ReceivedObjectsOrRecentlySchema } from "../common/index.js";
export const RemarkSetSchema = z.object({
op: z.literal("set"),
index: PermissionIndexTypeSchema,
remark: LongNameSchema.describe("Permission remark.")
}).strict().describe("Set remark for a permission.");
export const RemarkRemoveSchema = z.object({
op: z.literal("remove"),
index: PermissionIndexTypeSchema
}).strict().describe("Remove remark for a permission.");
export const RemarkClearSchema = z.object({
op: z.literal("clear")
}).strict().describe("Clear remarks for all permissions.");
export const RemarkSchema = z.discriminatedUnion("op", [
RemarkSetSchema,
RemarkRemoveSchema,
RemarkClearSchema
]).describe("Set remarks for permissions.");
export const TablePermByIndexSchema = z.discriminatedUnion("op", [
z.object({
op: z.literal("add perm by index"),
index: PermissionIndexTypeSchema,
entity: ManyAccountOrMark_AddressSchema
}).strict().describe("Grant a specific permission to multiple entities at once. USE WHEN: You need to assign the SAME permission to MULTIPLE users/Guards. Example: Give 'create service' permission to Alice, Bob, and Carol simultaneously."),
z.object({
op: z.literal("set perm by index"),
index: PermissionIndexTypeSchema,
entity: ManyAccountOrMark_AddressSchema
}).strict().describe("Replace the entity list for a specific permission with a new set of entities. USE WHEN: You want to completely redefine WHO has this permission. WARNING: This overwrites the existing entity list for this permission."),
z.object({
op: z.literal("remove perm by index"),
index: PermissionIndexTypeSchema,
entity: ManyAccountOrMark_AddressSchema
}).strict().describe("Revoke a specific permission from multiple entities at once. USE WHEN: You need to remove the SAME permission from MULTIPLE users/Guards. Example: Remove 'create service' permission from Alice, Bob, and Carol simultaneously."),
]).describe("Permission-centric operations: Manage WHO has a specific permission. Best for batch-assigning one permission to many users. Structure: {op: 'add|set|remove perm by index', index: permission_id, entity: [user1, user2, ...]}");
export const TablePermByEntitySchema = z.discriminatedUnion("op", [
z.object({
op: z.literal("add perm by entity"),
entity: AccountOrMark_AddressSchema,
index: z.array(PermissionIndexTypeSchema)
}).strict().describe("Grant multiple permissions to a single entity. USE WHEN: You need to give ONE user/Guard MANY permissions at once. Example: Give Alice all Machine-related permissions (create, edit, publish, pause, etc.) in one call."),
z.object({
op: z.literal("set perm by entity"),
entity: AccountOrMark_AddressSchema,
index: z.array(PermissionIndexTypeSchema)
}).strict().describe("Replace all permissions of a single entity with a new permission set. USE WHEN: You want to completely redefine WHAT permissions a user/Guard has. WARNING: This overwrites all existing permissions for this entity."),
z.object({
op: z.literal("remove perm by entity"),
entity: AccountOrMark_AddressSchema,
index: z.array(PermissionIndexTypeSchema)
}).strict().describe("Revoke multiple permissions from a single entity. USE WHEN: You need to remove MANY permissions from ONE user/Guard at once. Example: Remove all Machine-related permissions from Alice."),
]).describe("Entity-centric operations: Manage WHAT permissions a specific user/Guard has. Best for assigning many permissions to one user. Structure: {op: 'add|set|remove perm by entity', entity: user_id, index: [perm1, perm2, ...]}");
export const TableSchema = z.discriminatedUnion("op", [
...TablePermByIndexSchema.options,
...TablePermByEntitySchema.options
]).describe("Manage permission assignments using two complementary approaches. CHOOSE THE RIGHT APPROACH: (1) 'perm by index' - Use when granting ONE permission to MANY users (permission-centric). Example: Give 'create service' permission to Alice, Bob, and Carol. (2) 'perm by entity' - Use when granting MANY permissions to ONE user (entity-centric). Example: Give Alice all Machine-related permissions. Both approaches support add/set/remove operations. Requires admin permission.");
export const EntitySwapReplaceCopySchema = z.discriminatedUnion("op", [
z.object({
op: z.literal("swap"),
entity1: AccountOrMark_AddressSchema,
entity2: AccountOrMark_AddressSchema
}).strict().describe("Swap all permission indexes between two entities."),
z.object({
op: z.literal("replace"),
entity1: AccountOrMark_AddressSchema,
entity2: AccountOrMark_AddressSchema
}).strict().describe("Remove all permission indexes from entity1 and add them to entity2's permission indexes."),
z.object({
op: z.literal("copy"),
entity1: AccountOrMark_AddressSchema,
entity2: AccountOrMark_AddressSchema
}).strict().describe("Add all permission indexes from entity1 to entity2's permission indexes."),
]);
export const EntityDelSchema = z.object({
op: z.literal("del"),
entity: AccountOrMark_AddressSchema
}).strict().describe("Delete all permission indexes from an entity.");
export const EntitySchema = z.discriminatedUnion("op", [
...EntitySwapReplaceCopySchema.options,
EntityDelSchema
]);
export const AdminSchema = z.object({
op: z.enum(["add", "remove", "set"]).describe("Admin operations: add, remove, set."),
addresses: ManyAccountOrMark_AddressSchema.describe("List of admin addresses.")
}).strict();
export const CallPermission_DataSchema = z.object({
object: NormalObjectSchema.optional(),
description: DescriptionSchema.optional(),
remark: RemarkSchema.optional(),
table: TableSchema.optional().describe("Manage permission assignments using two approaches: (1) By Permission Index - add/set/remove entity IDs for a specific permission; (2) By Entity - add/set/remove permission indexes for a specific entity. Requires admin permission."),
entity: EntitySchema.optional().describe("Advanced entity permission operations: swap permissions between two entities, replace one entity's permissions with another's, copy permissions from one entity to another, or delete all permissions of an entity. Entity can be a user ID or Guard object ID. Requires admin permission."),
admin: AdminSchema.optional().describe("Manage Permission object admins: add new admins, remove existing admins, or set the complete admin list. Only the Permission object owner (builder) can perform this operation. The creator automatically becomes an admin with full permissions."),
apply: z.array(NameOrAddressSchema).optional().describe("Array of object IDs or names to operate on, apply the Permission object to these objects' permission control. Note: The signer must be the owner of the existing Permission objects for these objects"),
builder: AccountOrMark_AddressSchema.optional().describe("Set or transfer ownership of the Permission object to the specified user ID. The creator automatically becomes the builder; only the builder can transfer ownership to other users."),
owner_receive: ReceivedObjectsOrRecentlySchema.optional().describe('Unwrap CoinWrapper objects and other objects received by this object and send them to the builder(owner).'),
um: z.union([NameOrAddressSchema, z.null()]).optional().describe("Contact object."),
}).strict().describe("On-chain Permission operations. USAGE: (1) CREATE NEW: Set 'object' field with OBJECT format {name, tags?, ...} to create a Permission. NOTE: 'name' goes INSIDE 'object', NOT at the data root level. (2) OPERATE EXISTING: Set 'object' field with STRING format (object ID or name). The 'object' field is CRITICAL and REQUIRED in both cases. STRING for existing, OBJECT for new creation.");
export const CallPermission_InputSchema = z.object({
data: CallPermission_DataSchema,
env: CallEnvSchema.optional(),
submission: SubmissionCallSchema.optional(),
}).strict();