Merge branch 'master' into copilot/feature-allow-self-signed-tls

# Conflicts: # backend/app/api/gateways.py # backend/app/schemas/gateways.py # backend/app/services/openclaw/admin_service.py # backend/app/services/openclaw/gateway_resolver.py # backend/app/services/openclaw/gateway_rpc.py # backend/app/services/openclaw/provisioning.py # backend/app/services/openclaw/provisioning_db.py # frontend/src/api/generated/model/gatewayCreate.ts # frontend/src/api/generated/model/gatewayRead.ts # frontend/src/api/generated/model/gatewayUpdate.ts
2026-02-22 19:51:27 +05:30
parent c072749b35 cdced8e07c
commit 374d5a0c37
39 changed files with 1357 additions and 196 deletions
--- a/backend/app/api/gateways.py
+++ b/backend/app/api/gateways.py
@@ -95,7 +95,10 @@ async def create_gateway(
    """Create a gateway and provision or refresh its main agent."""
    service = GatewayAdminLifecycleService(session)
    await service.assert_gateway_runtime_compatible(
-        url=payload.url, token=payload.token, allow_insecure_tls=payload.allow_insecure_tls
+        url=payload.url,
+        token=payload.token,
+        allow_insecure_tls=payload.allow_insecure_tls,
+        disable_device_pairing=payload.disable_device_pairing,
    )
    data = payload.model_dump()
    gateway_id = uuid4()
@@ -136,14 +139,27 @@ async def update_gateway(
        organization_id=ctx.organization.id,
    )
    updates = payload.model_dump(exclude_unset=True)
-    if "url" in updates or "token" in updates or "allow_insecure_tls" in updates:
+    if (
+        "url" in updates
+        or "token" in updates
+        or "allow_insecure_tls" in updates
+        or "disable_device_pairing" in updates
+    ):
        raw_next_url = updates.get("url", gateway.url)
        next_url = raw_next_url.strip() if isinstance(raw_next_url, str) else ""
        next_token = updates.get("token", gateway.token)
-        next_allow_insecure_tls = updates.get("allow_insecure_tls", gateway.allow_insecure_tls)
+        next_allow_insecure_tls = bool(
+            updates.get("allow_insecure_tls", gateway.allow_insecure_tls),
+        )
+        next_disable_device_pairing = bool(
+            updates.get("disable_device_pairing", gateway.disable_device_pairing),
+        )
        if next_url:
            await service.assert_gateway_runtime_compatible(
-                url=next_url, token=next_token, allow_insecure_tls=next_allow_insecure_tls
+                url=next_url,
+                token=next_token,
+                allow_insecure_tls=next_allow_insecure_tls,
+                disable_device_pairing=next_disable_device_pairing,
            )
    await crud.patch(session, gateway, updates)
    await service.ensure_main_agent(gateway, auth, action="update")