admin/Moltbot
1
0
Fork 0
Code Issues Pull Requests Actions 6 Packages Projects Releases Wiki Activity

fix(config): fail closed allowlist-only group policy

Browse Source 
Co-authored-by: etereo <etereo@users.noreply.github.com>
This commit is contained in:
Peter Steinberger
2026-02-22 20:30:04 +01:00
parent 371a7da9c8
commit 0932adf361
3 changed files with 125 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@@ -33,6 +33,7 @@ Docs: https://docs.openclaw.ai
- Slack/Threading: respect `replyToMode` when Slack auto-populates top-level `thread_ts`, and ignore inline `replyToId` directive tags when `replyToMode` is `off` so thread forcing stays disabled unless explicitly configured. (#23839, #23320, #23513) Thanks @vincentkoc and @dorukardahan.
- Slack/Extension: forward `message read` `threadId` to `readMessages` and use delivery-context `threadId` as outbound `thread_ts` fallback so extension replies/reads stay in the correct Slack thread. (#22216, #22485, #23836) Thanks @vincentkoc, @lan17 and @dorukardahan.
- Channels/Group policy: fail closed when `groupPolicy: "allowlist"` is set without explicit `groups`, honor account-level `groupPolicy` overrides, and enforce `groupPolicy: "disabled"` as a hard group block. (#22215) Thanks @etereo.
- Config/Memory: allow `"mistral"` in `agents.defaults.memorySearch.provider` and `agents.defaults.memorySearch.fallback` schema validation. (#14934) Thanks @ThomsenDrake.
- Security/Feishu: enforce ID-only allowlist matching for DM/group sender authorization, normalize Feishu ID prefixes during checks, and ignore mutable display names so display-name collisions cannot satisfy allowlist entries. This ships in the next npm release. Thanks @jiseoung for reporting.
- Feishu/Commands: in group chats, command authorization now falls back to top-level `channels.feishu.allowFrom` when per-group `allowFrom` is not set, so `/command` no longer gets blocked by an unintended empty allowlist. (#23756)

92
src/config/group-policy.test.ts Normal file
View File

@@ -0,0 +1,92 @@
import { describe, expect, it } from "vitest";
import type { OpenClawConfig } from "./config.js";
import { resolveChannelGroupPolicy } from "./group-policy.js";
describe("resolveChannelGroupPolicy", () => {
it("fails closed when groupPolicy=allowlist and groups are missing", () => {
const cfg = {
channels: {
whatsapp: {
groupPolicy: "allowlist",
},
},
} as OpenClawConfig;
const policy = resolveChannelGroupPolicy({
cfg,
channel: "whatsapp",
groupId: "123@g.us",
});
expect(policy.allowlistEnabled).toBe(true);
expect(policy.allowed).toBe(false);
});
it("allows configured groups when groupPolicy=allowlist", () => {
const cfg = {
channels: {
whatsapp: {
groupPolicy: "allowlist",
groups: {
"123@g.us": { requireMention: true },
},
},
},
} as OpenClawConfig;
const policy = resolveChannelGroupPolicy({
cfg,
channel: "whatsapp",
groupId: "123@g.us",
});
expect(policy.allowlistEnabled).toBe(true);
expect(policy.allowed).toBe(true);
});
it("blocks all groups when groupPolicy=disabled", () => {
const cfg = {
channels: {
whatsapp: {
groupPolicy: "disabled",
groups: {
"*": { requireMention: false },
},
},
},
} as OpenClawConfig;
const policy = resolveChannelGroupPolicy({
cfg,
channel: "whatsapp",
groupId: "123@g.us",
});
expect(policy.allowed).toBe(false);
});
it("respects account-scoped groupPolicy overrides", () => {
const cfg = {
channels: {
whatsapp: {
groupPolicy: "open",
accounts: {
work: {
groupPolicy: "allowlist",
},
},
},
},
} as OpenClawConfig;
const policy = resolveChannelGroupPolicy({
cfg,
channel: "whatsapp",
accountId: "work",
groupId: "123@g.us",
});
expect(policy.allowlistEnabled).toBe(true);
expect(policy.allowed).toBe(false);
});
});

34
src/config/group-policy.ts
View File

@@ -143,6 +143,33 @@ function resolveChannelGroups(
return accountGroups ?? channelConfig.groups;
}
type ChannelGroupPolicyMode = "open" | "allowlist" | "disabled";
function resolveChannelGroupPolicyMode(
cfg: OpenClawConfig,
channel: GroupPolicyChannel,
accountId?: string | null,
): ChannelGroupPolicyMode | undefined {
const normalizedAccountId = normalizeAccountId(accountId);
const channelConfig = cfg.channels?.[channel] as
| {
groupPolicy?: ChannelGroupPolicyMode;
accounts?: Record<string, { groupPolicy?: ChannelGroupPolicyMode }>;
}
| undefined;
if (!channelConfig) {
return undefined;
}
const accountPolicy =
channelConfig.accounts?.[normalizedAccountId]?.groupPolicy ??
channelConfig.accounts?.[
Object.keys(channelConfig.accounts ?? {}).find(
(key) => key.toLowerCase() === normalizedAccountId.toLowerCase(),
) ?? ""
]?.groupPolicy;
return accountPolicy ?? channelConfig.groupPolicy;
}
export function resolveChannelGroupPolicy(params: {
cfg: OpenClawConfig;
channel: GroupPolicyChannel;
@@ -152,14 +179,17 @@ export function resolveChannelGroupPolicy(params: {
}): ChannelGroupPolicy {
const { cfg, channel } = params;
const groups = resolveChannelGroups(cfg, channel, params.accountId);
const allowlistEnabled = Boolean(groups && Object.keys(groups).length > 0);
const groupPolicy = resolveChannelGroupPolicyMode(cfg, channel, params.accountId);
const hasGroups = Boolean(groups && Object.keys(groups).length > 0);
const allowlistEnabled = groupPolicy === "allowlist" || hasGroups;
const normalizedId = params.groupId?.trim();
const groupConfig = normalizedId
? resolveChannelGroupConfig(groups, normalizedId, params.groupIdCaseInsensitive)
: undefined;
const defaultConfig = groups?.["*"];
const allowAll = allowlistEnabled && Boolean(groups && Object.hasOwn(groups, "*"));
const allowed = !allowlistEnabled || allowAll || Boolean(groupConfig);
const allowed =
groupPolicy === "disabled" ? false : !allowlistEnabled || allowAll || Boolean(groupConfig);
return {
allowlistEnabled,
allowed,