Back to Details

iii-worker-rbac

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

Worker RBAC

Worker RBAC

RBAC belongs on 
iii-worker-manager
listeners. Use it to expose a constrained function surface to a worker or browser client while keeping the private engine worker port internal.
RBAC 配置在
iii-worker-manager
监听器上。通过它可以向Worker或浏览器客户端暴露受限的函数接口,同时将私有引擎Worker端口保留在内部。

Core Concepts

核心概念

  • Public or untrusted clients connect to an RBAC-enabled worker-manager listener, not the private worker port.
  • auth_function_id
    receives request connection data and returns an 
    AuthResult
    .
  • Discovery is filtered: callers only see functions and trigger types they are allowed to use.
  • forbidden_functions
    override allowed lists and exposure filters.
  • Denied invocation returns 
    FORBIDDEN
    .
  • A missing function and a forbidden function are different: missing means the engine has no callable registration; forbidden means policy denied access.
  • 公共或不可信客户端连接到启用RBAC的worker-manager监听器,而非私有Worker端口。
  • auth_function_id
    接收请求连接数据并返回
    AuthResult
  • 发现功能会被过滤:调用者只能看到被允许使用的函数和触发器类型。
  • forbidden_functions
    会覆盖允许列表和暴露过滤器。
  • 被拒绝的调用会返回
    FORBIDDEN
  • 函数不存在与函数被禁止是两种不同情况:不存在表示引擎没有可调用的注册;被禁止表示策略拒绝了访问。

AuthInput

AuthInput

Auth functions receive:
  • headers
  • query_params
  • ip_address
Browsers cannot reliably send custom WebSocket headers, so browser auth usually comes from query params, cookies, or upstream session context.
认证函数会接收以下参数:
  • headers
  • query_params
  • ip_address
浏览器无法可靠地发送自定义WebSocket头,因此浏览器认证通常来自查询参数、Cookie或上游会话上下文。

AuthResult

AuthResult

Return:
  • allowed_functions: string[]
  • forbidden_functions: string[]
  • allowed_trigger_types?: string[]
  • allow_trigger_type_registration: boolean
  • allow_function_registration?: boolean
  • function_registration_prefix?: string
  • context: Record<string, unknown>
返回内容包括:
  • allowed_functions: string[]
  • forbidden_functions: string[]
  • allowed_trigger_types?: string[]
  • allow_trigger_type_registration: boolean
  • allow_function_registration?: boolean
  • function_registration_prefix?: string
  • context: Record<string, unknown>

Access Resolution

访问决议流程

  1. If a function matches 
    forbidden_functions
    , deny.
  2. If it matches 
    allowed_functions
    , allow.
  3. Allow 
    engine::channels::create
    so channels can be created on RBAC listeners.
  4. If it matches configured 
    expose_functions
    , allow.
  5. Otherwise deny.
  1. 如果函数匹配
    forbidden_functions
    ,则拒绝访问。
  2. 如果函数匹配
    allowed_functions
    ,则允许访问。
  3. 允许
    engine::channels::create
    ,以便在RBAC监听器上创建通道。
  4. 如果函数匹配已配置的
    expose_functions
    ,则允许访问。
  5. 否则拒绝访问。

Registration Hooks

注册钩子

RBAC can affect registration as well as invocation:
  • on_trigger_registration_function_id
  • on_trigger_type_registration_function_id
  • on_function_registration_function_id
Use hooks to approve, deny, rewrite metadata, or enforce naming/prefix policy for registrations made through the listener.
function_registration_prefix
transparently prefixes registered functions from that session. Agents should call the discovered/prefixed function IDs returned by discovery, not guessed unprefixed IDs.
RBAC不仅会影响调用,还会影响注册:
  • on_trigger_registration_function_id
  • on_trigger_type_registration_function_id
  • on_function_registration_function_id
使用钩子来批准、拒绝、重写元数据,或对通过监听器进行的注册实施命名/前缀策略。
function_registration_prefix
会自动为该会话中注册的函数添加前缀。Agent应调用发现功能返回的带前缀的函数ID,而非猜测的无前缀ID。

Common Config Shape

常见配置格式

yaml
workers:
  - name: iii-worker-manager
    config:
      listeners:
        - host: 127.0.0.1
          port: 49135
          rbac:
            auth_function_id: auth::browser-session
            expose_functions:
              - match("public::*")
            on_function_registration_function_id: policy::function-registration
yaml
workers:
  - name: iii-worker-manager
    config:
      listeners:
        - host: 127.0.0.1
          port: 49135
          rbac:
            auth_function_id: auth::browser-session
            expose_functions:
              - match("public::*")
            on_function_registration_function_id: policy::function-registration

Agent Behavior

Agent行为规范

  • Call discovery functions through the same listener the target client uses.
  • Treat 
    FORBIDDEN
    as policy denial, not a retryable missing-worker problem.
  • Do not suggest installing a worker when the function exists but is forbidden.
  • When registration is denied, inspect registration hook results and policy config.
  • Use exposed metadata and allowed lists to choose callable functions.
  • 通过目标客户端使用的同一监听器调用发现函数。
  • FORBIDDEN
    视为策略拒绝,而非可重试的Worker缺失问题。
  • 当函数存在但被禁止时,不要建议安装Worker。
  • 当注册被拒绝时,检查注册钩子结果和策略配置。
  • 使用暴露的元数据和允许列表来选择可调用的函数。

Pattern Boundaries

模式边界

  • For SDK error types, prefer 
    iii-error-handling
    .
  • For browser connection behavior, prefer 
    iii-browser-sdk
    .
  • For engine config layout, prefer 
    iii-engine-config
    .
  • 对于SDK错误类型,优先使用
    iii-error-handling
  • 对于浏览器连接行为,优先使用
    iii-browser-sdk
  • 对于引擎配置布局,优先使用
    iii-engine-config

When to Use

使用场景

  • Use this skill when the task mentions RBAC, permissions, auth functions, filtered discovery, 
    FORBIDDEN
    , exposed functions, registration hooks, browser-safe worker access, or tenant-isolated function surfaces.
  • 当任务涉及RBAC、权限、认证函数、过滤发现、
    FORBIDDEN
    、暴露函数、注册钩子、浏览器安全的Worker访问或租户隔离的函数接口时,使用此技能。

Boundaries

边界限制

  • Do not expose the private worker WebSocket port to untrusted clients.
  • Do not hide policy denial by treating every failure as 
    function_not_found
    .
  • Do not generate removed service APIs or adapter-extension APIs.
  • 不要向不可信客户端暴露私有Worker WebSocket端口。
  • 不要将所有失败都视为
    function_not_found
    ,从而隐藏策略拒绝的情况。
  • 不要生成已移除的服务API或适配器扩展API。