admin/Moltbot
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

security(feishu): bind doc create grants to trusted requester context (#31184)

Browse Source 
Co-authored-by: Tak Hoffman <781889+Takhoffman@users.noreply.github.com>
This commit is contained in:
Tak Hoffman
2026-03-01 20:51:45 -06:00
committed by GitHub
parent e482da6682
commit bbab94c1fe
9 changed files with 142 additions and 91 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
extensions/feishu/src/doc-schema.ts
View File

@@ -29,12 +29,10 @@ export const FeishuDocSchema = Type.Union([
action: Type.Literal("create"),
title: Type.String({ description: "Document title" }),
folder_token: Type.Optional(Type.String({ description: "Target folder token (optional)" })),
owner_open_id: Type.Optional(
Type.String({ description: "Open ID of the user to grant ownership permission" }),
),
owner_perm_type: Type.Optional(
Type.Union([Type.Literal("view"), Type.Literal("edit"), Type.Literal("full_access")], {
description: "Permission type (default: full_access)",
grant_to_requester: Type.Optional(
Type.Boolean({
description:
"Grant edit permission to the trusted requesting Feishu user from runtime context (default: true).",
}),
),
}),

108
extensions/feishu/src/docx.test.ts
View File

@@ -340,7 +340,7 @@ describe("feishu_doc image fetch hardening", () => {
consoleErrorSpy.mockRestore();
});
it("reports owner permission details when grant succeeds", async () => {
it("create grants permission only to trusted Feishu requester", async () => {
const registerTool = vi.fn();
registerFeishuDocTools({
config: {
@@ -357,27 +357,35 @@ describe("feishu_doc image fetch hardening", () => {
const feishuDocTool = registerTool.mock.calls
.map((call) => call[0])
.map((tool) => (typeof tool === "function" ? tool({}) : tool))
.map((tool) =>
typeof tool === "function"
? tool({ messageChannel: "feishu", requesterSenderId: "ou_123" })
: tool,
)
.find((tool) => tool.name === "feishu_doc");
expect(feishuDocTool).toBeDefined();
const result = await feishuDocTool.execute("tool-call", {
action: "create",
title: "Demo",
owner_open_id: "ou_123",
owner_perm_type: "edit",
});
expect(permissionMemberCreateMock).toHaveBeenCalled();
expect(result.details.owner_permission_added).toBe(true);
expect(result.details.owner_open_id).toBe("ou_123");
expect(result.details.owner_perm_type).toBe("edit");
expect(result.details.document_id).toBe("doc_created");
expect(result.details.requester_permission_added).toBe(true);
expect(result.details.requester_open_id).toBe("ou_123");
expect(result.details.requester_perm_type).toBe("edit");
expect(permissionMemberCreateMock).toHaveBeenCalledWith(
expect.objectContaining({
data: expect.objectContaining({
member_type: "openid",
member_id: "ou_123",
perm: "edit",
}),
}),
);
});
it("does not report owner permission details when grant fails", async () => {
const consoleWarnSpy = vi.spyOn(console, "warn").mockImplementation(() => {});
permissionMemberCreateMock.mockRejectedValueOnce(new Error("permission denied"));
it("create skips requester grant when trusted requester identity is unavailable", async () => {
const registerTool = vi.fn();
registerFeishuDocTools({
config: {
@@ -394,43 +402,7 @@ describe("feishu_doc image fetch hardening", () => {
const feishuDocTool = registerTool.mock.calls
.map((call) => call[0])
.map((tool) => (typeof tool === "function" ? tool({}) : tool))
.find((tool) => tool.name === "feishu_doc");
expect(feishuDocTool).toBeDefined();
const result = await feishuDocTool.execute("tool-call", {
action: "create",
title: "Demo",
owner_open_id: "ou_123",
owner_perm_type: "edit",
});
expect(permissionMemberCreateMock).toHaveBeenCalled();
expect(result.details.owner_permission_added).toBeUndefined();
expect(result.details.owner_open_id).toBeUndefined();
expect(result.details.owner_perm_type).toBeUndefined();
expect(consoleWarnSpy).toHaveBeenCalled();
consoleWarnSpy.mockRestore();
});
it("skips permission grant when owner_open_id is omitted", async () => {
const registerTool = vi.fn();
registerFeishuDocTools({
config: {
channels: {
feishu: {
appId: "app_id",
appSecret: "app_secret",
},
},
} as any,
logger: { debug: vi.fn(), info: vi.fn() } as any,
registerTool,
} as any);
const feishuDocTool = registerTool.mock.calls
.map((call) => call[0])
.map((tool) => (typeof tool === "function" ? tool({}) : tool))
.map((tool) => (typeof tool === "function" ? tool({ messageChannel: "feishu" }) : tool))
.find((tool) => tool.name === "feishu_doc");
expect(feishuDocTool).toBeDefined();
@@ -440,7 +412,43 @@ describe("feishu_doc image fetch hardening", () => {
});
expect(permissionMemberCreateMock).not.toHaveBeenCalled();
expect(result.details.owner_permission_added).toBeUndefined();
expect(result.details.requester_permission_added).toBe(false);
expect(result.details.requester_permission_skipped_reason).toContain("trusted requester");
});
it("create never grants permissions when grant_to_requester is false", async () => {
const registerTool = vi.fn();
registerFeishuDocTools({
config: {
channels: {
feishu: {
appId: "app_id",
appSecret: "app_secret",
},
},
} as any,
logger: { debug: vi.fn(), info: vi.fn() } as any,
registerTool,
} as any);
const feishuDocTool = registerTool.mock.calls
.map((call) => call[0])
.map((tool) =>
typeof tool === "function"
? tool({ messageChannel: "feishu", requesterSenderId: "ou_123" })
: tool,
)
.find((tool) => tool.name === "feishu_doc");
expect(feishuDocTool).toBeDefined();
const result = await feishuDocTool.execute("tool-call", {
action: "create",
title: "Demo",
grant_to_requester: false,
});
expect(permissionMemberCreateMock).not.toHaveBeenCalled();
expect(result.details.requester_permission_added).toBeUndefined();
});
it("returns an error when create response omits document_id", async () => {

70
extensions/feishu/src/docx.ts
View File

@@ -751,8 +751,7 @@ async function createDoc(
client: Lark.Client,
title: string,
folderToken?: string,
ownerOpenId?: string,
ownerPermType: "view" | "edit" | "full_access" = "full_access",
options?: { grantToRequester?: boolean; requesterOpenId?: string },
) {
const res = await client.docx.document.create({
data: { title, folder_token: folderToken },
@@ -765,23 +764,32 @@ async function createDoc(
if (!docToken) {
throw new Error("Document creation succeeded but no document_id was returned");
}
let ownerPermissionAdded = false;
const shouldGrantToRequester = options?.grantToRequester !== false;
const requesterOpenId = options?.requesterOpenId?.trim();
const requesterPermType: "edit" = "edit";
// Auto add owner permission if ownerOpenId is provided
if (docToken && ownerOpenId) {
try {
await client.drive.permissionMember.create({
path: { token: docToken },
params: { type: "docx", need_notification: false },
data: {
member_type: "openid",
member_id: ownerOpenId,
perm: ownerPermType,
},
});
ownerPermissionAdded = true;
} catch (err) {
console.warn("Failed to add owner permission (non-critical):", err);
let requesterPermissionAdded = false;
let requesterPermissionSkippedReason: string | undefined;
let requesterPermissionError: string | undefined;
if (shouldGrantToRequester) {
if (!requesterOpenId) {
requesterPermissionSkippedReason = "trusted requester identity unavailable";
} else {
try {
await client.drive.permissionMember.create({
path: { token: docToken },
params: { type: "docx", need_notification: false },
data: {
member_type: "openid",
member_id: requesterOpenId,
perm: requesterPermType,
},
});
requesterPermissionAdded = true;
} catch (err) {
requesterPermissionError = err instanceof Error ? err.message : String(err);
}
}
}
@@ -789,12 +797,15 @@ async function createDoc(
document_id: docToken,
title: doc?.title,
url: `https://feishu.cn/docx/${docToken}`,
...(ownerOpenId &&
ownerPermissionAdded && {
owner_permission_added: true,
owner_open_id: ownerOpenId,
owner_perm_type: ownerPermType,
...(shouldGrantToRequester && {
requester_permission_added: requesterPermissionAdded,
...(requesterOpenId && { requester_open_id: requesterOpenId }),
requester_perm_type: requesterPermType,
...(requesterPermissionSkippedReason && {
requester_permission_skipped_reason: requesterPermissionSkippedReason,
}),
...(requesterPermissionError && { requester_permission_error: requesterPermissionError }),
}),
};
}
@@ -1251,6 +1262,8 @@ export function registerFeishuDocTools(api: OpenClawPluginApi) {
api.registerTool(
(ctx) => {
const defaultAccountId = ctx.agentAccountId;
const trustedRequesterOpenId =
ctx.messageChannel === "feishu" ? ctx.requesterSenderId?.trim() || undefined : undefined;
return {
name: "feishu_doc",
label: "Feishu Doc",
@@ -1297,13 +1310,10 @@ export function registerFeishuDocTools(api: OpenClawPluginApi) {
);
case "create":
return json(
await createDoc(
client,
p.title,
p.folder_token,
p.owner_open_id,
p.owner_perm_type,
),
await createDoc(client, p.title, p.folder_token, {
grantToRequester: p.grant_to_requester,
requesterOpenId: trustedRequesterOpenId,
}),
);
case "list_blocks":
return json(await listBlocks(client, p.doc_token));