github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-09 13:07:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: enforce dm allowFrom inheritance across account channels (#27936) (thanks @widingmarcus-cyber)

Browse Source
This commit is contained in:
Peter Steinberger
2026-02-26 23:03:36 +01:00
parent 0fdac31383
commit 45d868685f
5 changed files with 369 additions and 121 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
src/commands/doctor-config-flow.ts
View File

@@ -1112,23 +1112,40 @@ function detectEmptyAllowlistPolicy(cfg: OpenClawConfig): string[] {
const hasEntries = (list?: Array<string | number>) =>
Array.isArray(list) && list.map((v) => String(v).trim()).filter(Boolean).length > 0;
const checkAccount = (account: Record<string, unknown>, prefix: string) => {
const checkAccount = (
account: Record<string, unknown>,
prefix: string,
parent?: Record<string, unknown>,
) => {
const dmEntry = account.dm;
const dm =
dmEntry && typeof dmEntry === "object" && !Array.isArray(dmEntry)
? (dmEntry as Record<string, unknown>)
: undefined;
const parentDmEntry = parent?.dm;
const parentDm =
parentDmEntry && typeof parentDmEntry === "object" && !Array.isArray(parentDmEntry)
? (parentDmEntry as Record<string, unknown>)
: undefined;
const dmPolicy =
(account.dmPolicy as string | undefined) ?? (dm?.policy as string | undefined) ?? undefined;
(account.dmPolicy as string | undefined) ??
(dm?.policy as string | undefined) ??
(parent?.dmPolicy as string | undefined) ??
(parentDm?.policy as string | undefined) ??
undefined;
if (dmPolicy !== "allowlist") {
return;
}
const topAllowFrom = account.allowFrom as Array<string | number> | undefined;
const topAllowFrom =
(account.allowFrom as Array<string | number> | undefined) ??
(parent?.allowFrom as Array<string | number> | undefined);
const nestedAllowFrom = dm?.allowFrom as Array<string | number> | undefined;
const parentNestedAllowFrom = parentDm?.allowFrom as Array<string | number> | undefined;
const effectiveAllowFrom = topAllowFrom ?? nestedAllowFrom ?? parentNestedAllowFrom;
if (hasEntries(topAllowFrom) || hasEntries(nestedAllowFrom)) {
if (hasEntries(effectiveAllowFrom)) {
return;
}
@@ -1153,7 +1170,7 @@ function detectEmptyAllowlistPolicy(cfg: OpenClawConfig): string[] {
if (!account || typeof account !== "object") {
continue;
}
checkAccount(account, `channels.${channelName}.accounts.${accountId}`);
checkAccount(account, `channels.${channelName}.accounts.${accountId}`, channelConfig);
}
}
}