Readonly connections allow you to restrict certain WebSocket connections from modifying the agent state while still allowing them to receive state updates and call RPC methods.
When a connection is marked as readonly:
- It can receive state updates from the server
- It can call RPC methods (callable methods on the agent)
- It cannot send state updates using
setState()
This is useful for scenarios like:
- View-only modes: Users who should only observe but not modify
- Role-based access: Restricting state modifications based on user roles
- Multi-tenant scenarios: Some tenants have read-only access
- Audit and monitoring connections: Observers that should not affect the system
shouldConnectionBeReadonly
An overridable hook that determines if a connection should be marked as readonly when it connects.
Explicitly mark or unmark a connection as readonly. Can be called at any time.
Check if a connection is currently marked as readonly.
onStateUpdateError callback
Handle errors when a readonly connection attempts to update state.
Query parameter based access
Role-based access control
Dynamic permission changes
Client-side React component:
What happens when a readonly connection tries to update state
- The connection sends a state update message
- The server checks if the connection is readonly
- If readonly, the server sends back an error response:
- The client
onStateUpdateError callback is invoked
- The state is not updated on the server
- Other connections are not notified
- Readonly connections still receive state updates from the server
- When state is updated (by server or other connections), readonly connections get the new state
- They cannot initiate state changes themselves
- Readonly connections can call RPC methods (functions marked with
@callable())
- It is up to you to implement additional authorization checks within RPC methods if needed
- When a connection closes, it is automatically removed from the readonly tracking set
- No memory leaks from disconnected connections
Combine with authentication
Provide clear user feedback
Check permissions before UI actions
If you have existing agents and want to add readonly connection support:
- Server-side: No breaking changes. The feature is opt-in.
- Client-side: Add
onStateUpdateError handlers where needed.
Persistence across hibernation
Readonly connection status is automatically persisted to the agent SQL storage, which means:
- Survives hibernation - When an agent hibernates and wakes up, readonly connections maintain their status
- No memory leaks - Connections are automatically cleaned up when they close
- Performance optimized - Uses in-memory cache with SQL fallback
The implementation uses a two-tier approach:
- In-memory Set for fast lookups during active operation
- SQL table (
cf_agents_readonly_connections) for persistence across hibernation
When checking if a connection is readonly:
- First checks the in-memory cache (fast)
- If not found, queries SQL storage (handles post-hibernation case)
- Populates cache if found in storage
The readonly status is stored in a dedicated table:
All CRUD operations automatically sync both in-memory and persistent storage.
- Readonly status only applies to state updates using
setState()
- RPC methods can still be called (implement your own checks if needed)