github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-11 14:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

WhatsApp: enforce allowFrom for explicit outbound sends (#20921)

Browse Source 
* whatsapp: enforce allowFrom in explicit outbound mode

* Update CHANGELOG.md

---------

Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
This commit is contained in:
Johann Zahlmann
2026-02-23 00:13:23 +01:00
committed by GitHub
parent d7747148d0
commit 22c9018303
3 changed files with 30 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
src/whatsapp/resolve-outbound-target.test.ts
View File

@@ -208,8 +208,8 @@ describe("resolveWhatsAppOutboundTarget", () => {
});
});
describe("other modes (allow all valid targets)", () => {
it("allows message in null mode", () => {
describe("explicit/custom modes", () => {
it("allows message in null mode when allowList is not set", () => {
vi.mocked(normalize.normalizeWhatsAppTarget).mockReturnValueOnce("+11234567890");
vi.mocked(normalize.isWhatsAppGroupJid).mockReturnValueOnce(false);
@@ -223,7 +223,7 @@ describe("resolveWhatsAppOutboundTarget", () => {
);
});
it("allows message in undefined mode", () => {
it("allows message in undefined mode when allowList is not set", () => {
vi.mocked(normalize.normalizeWhatsAppTarget).mockReturnValueOnce("+11234567890");
vi.mocked(normalize.isWhatsAppGroupJid).mockReturnValueOnce(false);
@@ -237,16 +237,29 @@ describe("resolveWhatsAppOutboundTarget", () => {
);
});
it("allows message in custom mode string", () => {
it("enforces allowList in custom mode string", () => {
vi.mocked(normalize.normalizeWhatsAppTarget)
.mockReturnValueOnce("+19876543210") // for allowFrom[0] (happens first!)
.mockReturnValueOnce("+11234567890"); // for 'to' param (happens second)
vi.mocked(normalize.isWhatsAppGroupJid).mockReturnValueOnce(false);
expectResolutionError({
to: "+11234567890",
allowFrom: ["+19876543210"],
mode: "broadcast",
});
});
it("allows message in custom mode string when target is in allowList", () => {
vi.mocked(normalize.normalizeWhatsAppTarget)
.mockReturnValueOnce("+11234567890") // for allowFrom[0]
.mockReturnValueOnce("+11234567890"); // for 'to' param
vi.mocked(normalize.isWhatsAppGroupJid).mockReturnValueOnce(false);
expectResolutionOk(
{
to: "+11234567890",
allowFrom: ["+19876543210"],
allowFrom: ["+11234567890"],
mode: "broadcast",
},
"+11234567890",