github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-08 04:21:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

refactor(security): unify dangerous name matching handling

Browse Source
This commit is contained in:
Peter Steinberger
2026-02-24 01:32:23 +00:00
parent 6a7c303dcc
commit 161d9841dc
17 changed files with 671 additions and 471 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/discord/monitor/message-handler.preflight.ts
View File

@@ -14,6 +14,7 @@ import { resolveControlCommandGate } from "../../channels/command-gating.js";
import { logInboundDrop } from "../../channels/logging.js";
import { resolveMentionGatingWithBypass } from "../../channels/mention-gating.js";
import { loadConfig } from "../../config/config.js";
import { isDangerousNameMatchingEnabled } from "../../config/dangerous-name-matching.js";
import { logVerbose, shouldLogVerbose } from "../../globals.js";
import { recordChannelActivity } from "../../infra/channel-activity.js";
import { enqueueSystemEvent } from "../../infra/system-events.js";
@@ -190,7 +191,7 @@ export async function preflightDiscordMessage(
name: sender.name,
tag: sender.tag,
},
allowNameMatching: params.discordConfig?.dangerouslyAllowNameMatching === true,
allowNameMatching: isDangerousNameMatchingEnabled(params.discordConfig),
})
: { allowed: false };
const allowMatchMeta = formatAllowlistMatchMeta(allowMatch);
@@ -564,7 +565,7 @@ export async function preflightDiscordMessage(
guildInfo,
memberRoleIds,
sender,
allowNameMatching: params.discordConfig?.dangerouslyAllowNameMatching === true,
allowNameMatching: isDangerousNameMatchingEnabled(params.discordConfig),
});
if (!isDirectMessage) {
@@ -581,7 +582,7 @@ export async function preflightDiscordMessage(
name: sender.name,
tag: sender.tag,
},
{ allowNameMatching: params.discordConfig?.dangerouslyAllowNameMatching === true },
{ allowNameMatching: isDangerousNameMatchingEnabled(params.discordConfig) },
)
: false;
const useAccessGroups = params.cfg.commands?.useAccessGroups !== false;