Add node location access RPCs and operator visibility

src/config/schema.test.ts

@@ -143,6 +143,7 @@ describe('configSchema — server', () => {
     expect(result.server.nodes.enabled).toBe(false);
     expect(result.server.nodes.allowed_roles).toEqual(['companion']);
     expect(result.server.nodes.feature_gates).toEqual({});
+    expect(result.server.nodes.location.enabled).toBe(false);
   });
 
   it('accepts custom node policy settings', () => {
@@ -156,6 +157,9 @@ describe('configSchema — server', () => {
             'ui.canvas': true,
             'fs.sync': false,
           },
+          location: {
+            enabled: true,
+          },
         },
       },
     });
@@ -163,6 +167,7 @@ describe('configSchema — server', () => {
     expect(result.server.nodes.allowed_roles).toEqual(['companion', 'observer']);
     expect(result.server.nodes.feature_gates['ui.canvas']).toBe(true);
     expect(result.server.nodes.feature_gates['fs.sync']).toBe(false);
+    expect(result.server.nodes.location.enabled).toBe(true);
   });
 
   it('accepts custom discovery settings', () => {

src/config/schema.ts

@@ -86,6 +86,11 @@ const serverNodePolicySchema = z.object({
   allowed_roles: z.array(z.string().min(1)).default(['companion']),
   /** Optional feature gates exposed via system/node capability APIs. */
   feature_gates: z.record(z.string(), z.boolean()).default({}),
+  /** Node location access controls. */
+  location: z.object({
+    /** Enable node.location.set/get and system.location visibility. */
+    enabled: z.boolean().default(false),
+  }).default({}),
 }).default({});
 
 const serverSchema = z.object({