diff --git a/dashboard/api.py b/dashboard/api.py index 19c750c..9bb27d8 100644 --- a/dashboard/api.py +++ b/dashboard/api.py @@ -21,19 +21,24 @@ from pathlib import Path sys.path.insert(0, str(Path(__file__).parent)) import habits_helpers -BASE_DIR = Path(__file__).parent.parent +BASE_DIR = Path(__file__).parent.parent # echo-core/ TOOLS_DIR = BASE_DIR / 'tools' -NOTES_DIR = BASE_DIR / 'kb' / 'youtube' +NOTES_DIR = BASE_DIR / 'memory' / 'kb' / 'youtube' KANBAN_DIR = BASE_DIR / 'dashboard' WORKSPACE_DIR = Path('/home/moltbot/workspace') HABITS_FILE = KANBAN_DIR / 'habits.json' # Eco (echo-core) constants ECO_SERVICES = ['echo-core', 'echo-whatsapp-bridge', 'echo-taskboard'] -ECHO_CORE_DIR = Path('/home/moltbot/echo-core') +ECHO_CORE_DIR = BASE_DIR # same as BASE_DIR now ECHO_LOG_FILE = ECHO_CORE_DIR / 'logs' / 'echo-core.log' ECHO_SESSIONS_FILE = ECHO_CORE_DIR / 'sessions' / 'active.json' +# Git + workspace sandbox +GIT_WORKSPACE = BASE_DIR # was '/home/moltbot/clawd' +ALLOWED_WORKSPACES = [BASE_DIR, WORKSPACE_DIR] # was [clawd, workspace] — clawd dropped +VENV_PYTHON = BASE_DIR / '.venv' / 'bin' / 'python3' + # Load .env file if present _env_file = Path(__file__).parent / '.env' if _env_file.exists(): @@ -178,12 +183,9 @@ class TaskBoardHandler(SimpleHTTPRequestHandler): path = data.get('path', '') content = data.get('content', '') - # Allow access to clawd and workspace - allowed_dirs = [ - Path('/home/moltbot/clawd'), - Path('/home/moltbot/workspace') - ] - + # Allow access to echo-core and workspace + allowed_dirs = ALLOWED_WORKSPACES + # Try to resolve against each allowed directory target = None workspace = None @@ -197,11 +199,11 @@ class TaskBoardHandler(SimpleHTTPRequestHandler): break except: continue - + if target is None: self.send_json({'error': 'Access denied'}, 403) return - + # Create parent dirs if needed target.parent.mkdir(parents=True, exist_ok=True) @@ -231,9 +233,9 @@ class TaskBoardHandler(SimpleHTTPRequestHandler): return # Call PDF generator script in venv - venv_python = BASE_DIR / 'venv' / 'bin' / 'python3' + venv_python = VENV_PYTHON pdf_script = TOOLS_DIR / 'generate_pdf.py' - + if not venv_python.exists(): self.send_json({'error': 'Venv Python not found'}, 500) return @@ -326,7 +328,7 @@ class TaskBoardHandler(SimpleHTTPRequestHandler): def handle_git_status(self): """Get git status for dashboard.""" try: - workspace = Path('/home/moltbot/clawd') + workspace = GIT_WORKSPACE # Get current branch branch = subprocess.run( @@ -405,8 +407,8 @@ class TaskBoardHandler(SimpleHTTPRequestHandler): return try: - workspace = Path('/home/moltbot/clawd') - + workspace = GIT_WORKSPACE + # Security check target = (workspace / filepath).resolve() if not str(target).startswith(str(workspace)): @@ -586,7 +588,7 @@ class TaskBoardHandler(SimpleHTTPRequestHandler): try: activities = [] bucharest = ZoneInfo('Europe/Bucharest') - workspace = Path('/home/moltbot/clawd') + workspace = GIT_WORKSPACE # 1. Cron jobs ran today try: @@ -747,11 +749,8 @@ class TaskBoardHandler(SimpleHTTPRequestHandler): action = params.get('action', ['list'])[0] # Security: only allow access within allowed directories - allowed_dirs = [ - Path('/home/moltbot/clawd'), - Path('/home/moltbot/workspace') - ] - + allowed_dirs = ALLOWED_WORKSPACES + # Try to resolve against each allowed directory target = None workspace = None