fix: fail closed missing provider group policy across message channels (#23367) (thanks @bmendonca3)

2026-02-22 12:17:44 +01:00
parent 78c3c2a542
commit 777817392d
45 changed files with 420 additions and 75 deletions
--- a/extensions/feishu/src/bot.ts
+++ b/extensions/feishu/src/bot.ts
@@ -2,10 +2,11 @@ import type { ClawdbotConfig, RuntimeEnv } from "openclaw/plugin-sdk";
 import {
  buildAgentMediaPayload,
  buildPendingHistoryContextFromMap,
-  recordPendingHistoryEntryIfEnabled,
  clearHistoryEntriesIfEnabled,
  DEFAULT_GROUP_HISTORY_LIMIT,
  type HistoryEntry,
+  recordPendingHistoryEntryIfEnabled,
+  resolveRuntimeGroupPolicy,
 } from "openclaw/plugin-sdk";
 import { resolveFeishuAccount } from "./accounts.js";
 import { createFeishuClient } from "./client.js";
@@ -77,6 +78,7 @@ const senderNameCache = new Map<string, { name: string; expireAt: number }>();
 // Key: appId or "default", Value: timestamp of last notification
 const permissionErrorNotifiedAt = new Map<string, number>();
 const PERMISSION_ERROR_COOLDOWN_MS = 5 * 60 * 1000; // 5 minutes
+const groupPolicyFallbackWarningShown = new Set<string>();

 type SenderNameResult = {
  name?: string;
@@ -563,7 +565,20 @@ export async function handleFeishuMessage(params: {
  const useAccessGroups = cfg.commands?.useAccessGroups !== false;

  if (isGroup) {
-    const groupPolicy = feishuCfg?.groupPolicy ?? "open";
+    const defaultGroupPolicy = cfg.channels?.defaults?.groupPolicy;
+    const { groupPolicy, providerMissingFallbackApplied } = resolveRuntimeGroupPolicy({
+      providerConfigPresent: cfg.channels?.feishu !== undefined,
+      groupPolicy: feishuCfg?.groupPolicy,
+      defaultGroupPolicy,
+      configuredFallbackPolicy: "open",
+      missingProviderFallbackPolicy: "allowlist",
+    });
+    if (providerMissingFallbackApplied && !groupPolicyFallbackWarningShown.has(account.accountId)) {
+      groupPolicyFallbackWarningShown.add(account.accountId);
+      log(
+        'feishu: channels.feishu is missing; defaulting groupPolicy to "allowlist" (group messages blocked until explicitly configured).',
+      );
+    }
    const groupAllowFrom = feishuCfg?.groupAllowFrom ?? [];
    // DEBUG: log(`feishu[${account.accountId}]: groupPolicy=${groupPolicy}`);

--- a/extensions/feishu/src/channel.ts
+++ b/extensions/feishu/src/channel.ts
@@ -4,6 +4,7 @@ import {
  createDefaultChannelRuntimeState,
  DEFAULT_ACCOUNT_ID,
  PAIRING_APPROVED_MESSAGE,
+  resolveRuntimeGroupPolicy,
 } from "openclaw/plugin-sdk";
 import {
  resolveFeishuAccount,
@@ -227,7 +228,13 @@ export const feishuPlugin: ChannelPlugin<ResolvedFeishuAccount> = {
      const defaultGroupPolicy = (
        cfg.channels as Record<string, { groupPolicy?: string }> | undefined
      )?.defaults?.groupPolicy;
-      const groupPolicy = feishuCfg?.groupPolicy ?? defaultGroupPolicy ?? "allowlist";
+      const { groupPolicy } = resolveRuntimeGroupPolicy({
+        providerConfigPresent: cfg.channels?.feishu !== undefined,
+        groupPolicy: feishuCfg?.groupPolicy,
+        defaultGroupPolicy,
+        configuredFallbackPolicy: "allowlist",
+        missingProviderFallbackPolicy: "allowlist",
+      });
      if (groupPolicy !== "open") return [];
      return [
        `- Feishu[${account.accountId}] groups: groupPolicy="open" allows any member to trigger (mention-gated). Set channels.feishu.groupPolicy="allowlist" + channels.feishu.groupAllowFrom to restrict senders.`,