github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-09 20:44:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: enforce strict allowlist across pairing stores (#23017)

Browse Source
This commit is contained in:
Peter Steinberger
2026-02-22 00:00:23 +01:00
committed by GitHub
parent 617e38cec0
commit 0bd9f0d4ac
31 changed files with 162 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/signal/monitor/event-handler.ts
View File

@@ -441,7 +441,10 @@ export function createSignalEventHandler(deps: SignalEventHandlerDeps) {
const groupId = dataMessage.groupInfo?.groupId ?? undefined;
const groupName = dataMessage.groupInfo?.groupName ?? undefined;
const isGroup = Boolean(groupId);
const storeAllowFrom = await readChannelAllowFromStore("signal").catch(() => []);
const storeAllowFrom =
deps.dmPolicy === "allowlist"
? []
: await readChannelAllowFromStore("signal").catch(() => []);
const effectiveDmAllow = [...deps.allowFrom, ...storeAllowFrom];
const effectiveGroupAllow = [...deps.groupAllowFrom, ...storeAllowFrom];
const dmAllowed =