fix: enforce strict allowlist across pairing stores (#23017)

2026-05-09 18:44:31 +00:00 · 2026-02-22 00:00:23 +01:00
parent 617e38cec0
commit 0bd9f0d4ac
31 changed files with 162 additions and 45 deletions
--- a/src/channels/allow-from.test.ts
+++ b/src/channels/allow-from.test.ts
@@ -10,6 +10,26 @@ describe("mergeAllowFromSources", () => {
      }),
    ).toEqual(["line:user:abc", "123", "telegram:456"]);
  });
+
+  it("excludes pairing-store entries when dmPolicy is allowlist", () => {
+    expect(
+      mergeAllowFromSources({
+        allowFrom: ["+1111"],
+        storeAllowFrom: ["+2222", "+3333"],
+        dmPolicy: "allowlist",
+      }),
+    ).toEqual(["+1111"]);
+  });
+
+  it("keeps pairing-store entries for non-allowlist policies", () => {
+    expect(
+      mergeAllowFromSources({
+        allowFrom: ["+1111"],
+        storeAllowFrom: ["+2222"],
+        dmPolicy: "pairing",
+      }),
+    ).toEqual(["+1111", "+2222"]);
+  });
 });

 describe("firstDefined", () => {
--- a/src/channels/allow-from.ts
+++ b/src/channels/allow-from.ts
@@ -1,8 +1,10 @@
 export function mergeAllowFromSources(params: {
  allowFrom?: Array<string | number>;
  storeAllowFrom?: string[];
+  dmPolicy?: string;
 }): string[] {
-  return [...(params.allowFrom ?? []), ...(params.storeAllowFrom ?? [])]
+  const storeEntries = params.dmPolicy === "allowlist" ? [] : (params.storeAllowFrom ?? []);
+  return [...(params.allowFrom ?? []), ...storeEntries]
    .map((value) => String(value).trim())
    .filter(Boolean);
 }