farcasclaudiu/openclaw
1
0
Fork 0
mirror of https://github.com/farcasclaudiu/openclaw.git synced 2026-06-29 15:01:48 +03:00
Code Issues Packages Projects Releases Wiki Activity

fix: enforce feishu dm policy + pairing flow (#14876) (thanks @coygeek)

Browse Source
This commit is contained in:
Peter Steinberger
2026-02-13 05:43:30 +01:00
parent f05553413d
commit daf13dbb06
4 changed files with 214 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files
CHANGELOG.md
+1
View File
@@ -140,6 +140,7 @@ Docs: https://docs.openclaw.ai
- Sessions: prune stale entries, cap session store size, rotate large stores, accept duration/size thresholds, default to warn-only maintenance, and prune cron run sessions after retention windows. (#13083) Thanks @skyfallsin, @Glucksberg, @gumadeiras. - Sessions: prune stale entries, cap session store size, rotate large stores, accept duration/size thresholds, default to warn-only maintenance, and prune cron run sessions after retention windows. (#13083) Thanks @skyfallsin, @Glucksberg, @gumadeiras.
- CI: Implement pipeline and workflow order. Thanks @quotentiroler. - CI: Implement pipeline and workflow order. Thanks @quotentiroler.
- WhatsApp: preserve original filenames for inbound documents. (#12691) Thanks @akramcodez. - WhatsApp: preserve original filenames for inbound documents. (#12691) Thanks @akramcodez.
- Feishu: enforce DM `dmPolicy`/pairing gating and sender allow checks for inbound DMs. (#14876) Thanks @coygeek.
- Telegram: harden quote parsing; preserve quote context; avoid QUOTE_TEXT_INVALID; avoid nested reply quote misclassification. (#12156) Thanks @rybnikov. - Telegram: harden quote parsing; preserve quote context; avoid QUOTE_TEXT_INVALID; avoid nested reply quote misclassification. (#12156) Thanks @rybnikov.
- Telegram: recover proactive sends when stale topic thread IDs are used by retrying without `message_thread_id`. (#11620) - Telegram: recover proactive sends when stale topic thread IDs are used by retrying without `message_thread_id`. (#11620)
- Discord: auto-create forum/media thread posts on send, with chunked follow-up replies and media handling for forum sends. (#12380) Thanks @magendary, @thewilloftheshadow. - Discord: auto-create forum/media thread posts on send, with chunked follow-up replies and media handling for forum sends. (#12380) Thanks @magendary, @thewilloftheshadow.
docs/channels/pairing.md
+1 -1
View File
@@ -36,7 +36,7 @@ openclaw pairing list telegram
openclaw pairing approve telegram <CODE> openclaw pairing approve telegram <CODE>
``` ```
Supported channels: `telegram`, `whatsapp`, `signal`, `imessage`, `discord`, `slack`. Supported channels: `telegram`, `whatsapp`, `signal`, `imessage`, `discord`, `slack`, `feishu`.
### Where the state lives ### Where the state lives
extensions/feishu/src/bot.test.ts
+163 -3
View File
@@ -4,18 +4,27 @@ import type { FeishuMessageEvent } from "./bot.js";
import { handleFeishuMessage } from "./bot.js"; import { handleFeishuMessage } from "./bot.js";
import { setFeishuRuntime } from "./runtime.js"; import { setFeishuRuntime } from "./runtime.js";
const { mockCreateFeishuReplyDispatcher } = vi.hoisted(() => ({ const { mockCreateFeishuReplyDispatcher, mockSendMessageFeishu, mockGetMessageFeishu } = vi.hoisted(
() => ({
mockCreateFeishuReplyDispatcher: vi.fn(() => ({ mockCreateFeishuReplyDispatcher: vi.fn(() => ({
dispatcher: vi.fn(), dispatcher: vi.fn(),
replyOptions: {}, replyOptions: {},
markDispatchIdle: vi.fn(), markDispatchIdle: vi.fn(),
})), })),
})); mockSendMessageFeishu: vi.fn().mockResolvedValue({ messageId: "pairing-msg", chatId: "oc-dm" }),
mockGetMessageFeishu: vi.fn().mockResolvedValue(null),
}),
);
vi.mock("./reply-dispatcher.js", () => ({ vi.mock("./reply-dispatcher.js", () => ({
createFeishuReplyDispatcher: mockCreateFeishuReplyDispatcher, createFeishuReplyDispatcher: mockCreateFeishuReplyDispatcher,
})); }));
vi.mock("./send.js", () => ({
sendMessageFeishu: mockSendMessageFeishu,
getMessageFeishu: mockGetMessageFeishu,
}));
describe("handleFeishuMessage command authorization", () => { describe("handleFeishuMessage command authorization", () => {
const mockFinalizeInboundContext = vi.fn((ctx: unknown) => ctx); const mockFinalizeInboundContext = vi.fn((ctx: unknown) => ctx);
const mockDispatchReplyFromConfig = vi const mockDispatchReplyFromConfig = vi
@@ -24,6 +33,8 @@ describe("handleFeishuMessage command authorization", () => {
const mockResolveCommandAuthorizedFromAuthorizers = vi.fn(() => false); const mockResolveCommandAuthorizedFromAuthorizers = vi.fn(() => false);
const mockShouldComputeCommandAuthorized = vi.fn(() => true); const mockShouldComputeCommandAuthorized = vi.fn(() => true);
const mockReadAllowFromStore = vi.fn().mockResolvedValue([]); const mockReadAllowFromStore = vi.fn().mockResolvedValue([]);
const mockUpsertPairingRequest = vi.fn().mockResolvedValue({ code: "ABCDEFGH", created: false });
const mockBuildPairingReply = vi.fn(() => "Pairing response");
beforeEach(() => { beforeEach(() => {
vi.clearAllMocks(); vi.clearAllMocks();
@@ -52,6 +63,8 @@ describe("handleFeishuMessage command authorization", () => {
}, },
pairing: { pairing: {
readAllowFromStore: mockReadAllowFromStore, readAllowFromStore: mockReadAllowFromStore,
upsertPairingRequest: mockUpsertPairingRequest,
buildPairingReply: mockBuildPairingReply,
}, },
}, },
} as unknown as PluginRuntime); } as unknown as PluginRuntime);
@@ -62,7 +75,7 @@ describe("handleFeishuMessage command authorization", () => {
commands: { useAccessGroups: true }, commands: { useAccessGroups: true },
channels: { channels: {
feishu: { feishu: {
dmPolicy: "pairing", dmPolicy: "open",
allowFrom: ["ou-admin"], allowFrom: ["ou-admin"],
}, },
}, },
@@ -102,4 +115,151 @@ describe("handleFeishuMessage command authorization", () => {
}), }),
); );
}); });
it("reads pairing allow store for non-command DMs when dmPolicy is pairing", async () => {
mockShouldComputeCommandAuthorized.mockReturnValue(false);
mockReadAllowFromStore.mockResolvedValue(["ou-attacker"]);
const cfg: ClawdbotConfig = {
commands: { useAccessGroups: true },
channels: {
feishu: {
dmPolicy: "pairing",
allowFrom: [],
},
},
} as ClawdbotConfig;
const event: FeishuMessageEvent = {
sender: {
sender_id: {
open_id: "ou-attacker",
},
},
message: {
message_id: "msg-read-store-non-command",
chat_id: "oc-dm",
chat_type: "p2p",
message_type: "text",
content: JSON.stringify({ text: "hello there" }),
},
};
await handleFeishuMessage({
cfg,
event,
runtime: { log: vi.fn(), error: vi.fn() } as RuntimeEnv,
});
expect(mockReadAllowFromStore).toHaveBeenCalledWith("feishu");
expect(mockResolveCommandAuthorizedFromAuthorizers).not.toHaveBeenCalled();
expect(mockFinalizeInboundContext).toHaveBeenCalledTimes(1);
expect(mockDispatchReplyFromConfig).toHaveBeenCalledTimes(1);
});
it("creates pairing request and drops unauthorized DMs in pairing mode", async () => {
mockShouldComputeCommandAuthorized.mockReturnValue(false);
mockReadAllowFromStore.mockResolvedValue([]);
mockUpsertPairingRequest.mockResolvedValue({ code: "ABCDEFGH", created: true });
const cfg: ClawdbotConfig = {
channels: {
feishu: {
dmPolicy: "pairing",
allowFrom: [],
},
},
} as ClawdbotConfig;
const event: FeishuMessageEvent = {
sender: {
sender_id: {
open_id: "ou-unapproved",
},
},
message: {
message_id: "msg-pairing-flow",
chat_id: "oc-dm",
chat_type: "p2p",
message_type: "text",
content: JSON.stringify({ text: "hello" }),
},
};
await handleFeishuMessage({
cfg,
event,
runtime: { log: vi.fn(), error: vi.fn() } as RuntimeEnv,
});
expect(mockUpsertPairingRequest).toHaveBeenCalledWith({
channel: "feishu",
id: "ou-unapproved",
meta: { name: undefined },
});
expect(mockBuildPairingReply).toHaveBeenCalledWith({
channel: "feishu",
idLine: "Your Feishu user id: ou-unapproved",
code: "ABCDEFGH",
});
expect(mockSendMessageFeishu).toHaveBeenCalledWith(
expect.objectContaining({
to: "user:ou-unapproved",
accountId: "default",
}),
);
expect(mockFinalizeInboundContext).not.toHaveBeenCalled();
expect(mockDispatchReplyFromConfig).not.toHaveBeenCalled();
});
it("computes group command authorization from group allowFrom", async () => {
mockShouldComputeCommandAuthorized.mockReturnValue(true);
mockResolveCommandAuthorizedFromAuthorizers.mockReturnValue(false);
const cfg: ClawdbotConfig = {
commands: { useAccessGroups: true },
channels: {
feishu: {
groups: {
"oc-group": {
requireMention: false,
},
},
},
},
} as ClawdbotConfig;
const event: FeishuMessageEvent = {
sender: {
sender_id: {
open_id: "ou-attacker",
},
},
message: {
message_id: "msg-group-command-auth",
chat_id: "oc-group",
chat_type: "group",
message_type: "text",
content: JSON.stringify({ text: "/status" }),
},
};
await handleFeishuMessage({
cfg,
event,
runtime: { log: vi.fn(), error: vi.fn() } as RuntimeEnv,
});
expect(mockResolveCommandAuthorizedFromAuthorizers).toHaveBeenCalledWith({
useAccessGroups: true,
authorizers: [{ configured: false, allowed: false }],
});
expect(mockFinalizeInboundContext).toHaveBeenCalledWith(
expect.objectContaining({
ChatType: "group",
CommandAuthorized: false,
SenderId: "ou-attacker",
}),
);
});
}); });
extensions/feishu/src/bot.ts
+44 -15
View File
@@ -21,7 +21,7 @@ import {
} from "./policy.js"; } from "./policy.js";
import { createFeishuReplyDispatcher } from "./reply-dispatcher.js"; import { createFeishuReplyDispatcher } from "./reply-dispatcher.js";
import { getFeishuRuntime } from "./runtime.js"; import { getFeishuRuntime } from "./runtime.js";
import { getMessageFeishu } from "./send.js"; import { getMessageFeishu, sendMessageFeishu } from "./send.js";
// --- Message deduplication --- // --- Message deduplication ---
// Prevent duplicate processing when WebSocket reconnects or Feishu redelivers messages. // Prevent duplicate processing when WebSocket reconnects or Feishu redelivers messages.
@@ -647,16 +647,6 @@ export async function handleFeishuMessage(params: {
return; return;
} }
} else { } else {
if (dmPolicy === "allowlist") {
const match = resolveFeishuAllowlistMatch({
allowFrom: configAllowFrom,
senderId: ctx.senderOpenId,
});
if (!match.allowed) {
log(`feishu[${account.accountId}]: sender ${ctx.senderOpenId} not in DM allowlist`);
return;
}
}
} }
try { try {
@@ -666,12 +656,51 @@ export async function handleFeishuMessage(params: {
cfg, cfg,
); );
const storeAllowFrom = const storeAllowFrom =
!isGroup && shouldComputeCommandAuthorized !isGroup && (dmPolicy !== "open" || shouldComputeCommandAuthorized)
? await core.channel.pairing.readAllowFromStore("feishu").catch(() => []) ? await core.channel.pairing.readAllowFromStore("feishu").catch(() => [])
: []; : [];
const commandAllowFrom = isGroup const effectiveDmAllowFrom = [...configAllowFrom, ...storeAllowFrom];
? (groupConfig?.allowFrom ?? []) const dmAllowed = resolveFeishuAllowlistMatch({
: [...configAllowFrom, ...storeAllowFrom]; allowFrom: effectiveDmAllowFrom,
senderId: ctx.senderOpenId,
senderName: ctx.senderName,
}).allowed;
if (!isGroup && dmPolicy !== "open" && !dmAllowed) {
if (dmPolicy === "pairing") {
const { code, created } = await core.channel.pairing.upsertPairingRequest({
channel: "feishu",
id: ctx.senderOpenId,
meta: { name: ctx.senderName },
});
if (created) {
log(`feishu[${account.accountId}]: pairing request sender=${ctx.senderOpenId}`);
try {
await sendMessageFeishu({
cfg,
to: `user:${ctx.senderOpenId}`,
text: core.channel.pairing.buildPairingReply({
channel: "feishu",
idLine: `Your Feishu user id: ${ctx.senderOpenId}`,
code,
}),
accountId: account.accountId,
});
} catch (err) {
log(
`feishu[${account.accountId}]: pairing reply failed for ${ctx.senderOpenId}: ${String(err)}`,
);
}
}
} else {
log(
`feishu[${account.accountId}]: blocked unauthorized sender ${ctx.senderOpenId} (dmPolicy=${dmPolicy})`,
);
}
return;
}
const commandAllowFrom = isGroup ? (groupConfig?.allowFrom ?? []) : effectiveDmAllowFrom;
const senderAllowedForCommands = resolveFeishuAllowlistMatch({ const senderAllowedForCommands = resolveFeishuAllowlistMatch({
allowFrom: commandAllowFrom, allowFrom: commandAllowFrom,
senderId: ctx.senderOpenId, senderId: ctx.senderOpenId,