feat: add internal ZCLAW kernel crates to git tracking

2026-03-22 09:26:36 +08:00
parent d72c0f7161
commit 58cd24f85b
36 changed files with 10298 additions and 0 deletions
--- a/crates/zclaw-kernel/src/capabilities.rs
+++ b/crates/zclaw-kernel/src/capabilities.rs
@@ -0,0 +1,71 @@
+//! Capability manager
+
+use dashmap::DashMap;
+use zclaw_types::{AgentId, Capability, CapabilitySet, Result, ZclawError};
+
+/// Manages capabilities for all agents
+pub struct CapabilityManager {
+    capabilities: DashMap<AgentId, CapabilitySet>,
+}
+
+impl CapabilityManager {
+    pub fn new() -> Self {
+        Self {
+            capabilities: DashMap::new(),
+        }
+    }
+
+    /// Grant capabilities to an agent
+    pub fn grant(&self, agent_id: AgentId, capabilities: Vec<Capability>) {
+        let set = CapabilitySet {
+            capabilities,
+        };
+        self.capabilities.insert(agent_id, set);
+    }
+
+    /// Revoke all capabilities from an agent
+    pub fn revoke(&self, agent_id: &AgentId) {
+        self.capabilities.remove(agent_id);
+    }
+
+    /// Check if an agent can invoke a tool
+    pub fn can_invoke_tool(&self, agent_id: &AgentId, tool_name: &str) -> bool {
+        self.capabilities
+            .get(agent_id)
+            .map(|set| set.can_invoke_tool(tool_name))
+            .unwrap_or(false)
+    }
+
+    /// Check if an agent can read memory
+    pub fn can_read_memory(&self, agent_id: &AgentId, scope: &str) -> bool {
+        self.capabilities
+            .get(agent_id)
+            .map(|set| set.can_read_memory(scope))
+            .unwrap_or(false)
+    }
+
+    /// Check if an agent can write memory
+    pub fn can_write_memory(&self, agent_id: &AgentId, scope: &str) -> bool {
+        self.capabilities
+            .get(agent_id)
+            .map(|set| set.can_write_memory(scope))
+            .unwrap_or(false)
+    }
+
+    /// Validate capabilities don't exceed parent's
+    pub fn validate(&self, capabilities: &[Capability]) -> Result<()> {
+        // TODO: Implement capability validation
+        Ok(())
+    }
+
+    /// Get capabilities for an agent
+    pub fn get(&self, agent_id: &AgentId) -> Option<CapabilitySet> {
+        self.capabilities.get(agent_id).map(|c| c.clone())
+    }
+}
+
+impl Default for CapabilityManager {
+    fn default() -> Self {
+        Self::new()
+    }
+}