github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-10 11:04:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: enforce strict allowlist across pairing stores (#23017)

Browse Source
This commit is contained in:
Peter Steinberger
2026-02-22 00:00:23 +01:00
committed by GitHub
parent 617e38cec0
commit 0bd9f0d4ac
31 changed files with 162 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/telegram/bot-handlers.ts
View File

@@ -794,6 +794,7 @@ export const registerTelegramHandlers = ({
const groupAllowContext = await resolveTelegramGroupAllowFromContext({
chatId,
accountId,
dmPolicy: telegramCfg.dmPolicy ?? "pairing",
isForum,
messageThreadId,
groupAllowFrom,
@@ -807,11 +808,12 @@ export const registerTelegramHandlers = ({
effectiveGroupAllow,
hasGroupAllowOverride,
} = groupAllowContext;
const dmPolicy = telegramCfg.dmPolicy ?? "pairing";
const effectiveDmAllow = normalizeAllowFromWithStore({
allowFrom: telegramCfg.allowFrom,
storeAllowFrom,
dmPolicy,
});
const dmPolicy = telegramCfg.dmPolicy ?? "pairing";
const senderId = callback.from?.id ? String(callback.from.id) : "";
const senderUsername = callback.from?.username ?? "";
if (
@@ -1089,6 +1091,7 @@ export const registerTelegramHandlers = ({
const groupAllowContext = await resolveTelegramGroupAllowFromContext({
chatId: event.chatId,
accountId,
dmPolicy: telegramCfg.dmPolicy ?? "pairing",
isForum: event.isForum,
messageThreadId: event.messageThreadId,
groupAllowFrom,