refactor(security): share DM allowlist state resolver

2026-05-08 03:01:25 +00:00 · 2026-02-18 23:58:11 +00:00
parent 2709c0ba51
commit 5c5c032f42
4 changed files with 83 additions and 33 deletions
--- a/src/security/audit-channel.ts
+++ b/src/security/audit-channel.ts
@@ -11,6 +11,7 @@ import type { OpenClawConfig } from "../config/config.js";
 import { readChannelAllowFromStore } from "../pairing/pairing-store.js";
 import { normalizeStringEntries } from "../shared/string-normalization.js";
 import type { SecurityAuditFinding, SecurityAuditSeverity } from "./audit.js";
+import { resolveDmAllowState } from "./dm-policy-shared.js";

 function normalizeAllowFromList(list: Array<string | number> | undefined | null): string[] {
  return normalizeStringEntries(Array.isArray(list) ? list : undefined);
@@ -63,22 +64,12 @@ export async function collectChannelSecurityFindings(params: {
    normalizeEntry?: (raw: string) => string;
  }) => {
    const policyPath = input.policyPath ?? `${input.allowFromPath}policy`;
-    const configAllowFrom = normalizeAllowFromList(input.allowFrom);
-    const hasWildcard = configAllowFrom.includes("*");
+    const { hasWildcard, isMultiUserDm } = await resolveDmAllowState({
+      provider: input.provider,
+      allowFrom: input.allowFrom,
+      normalizeEntry: input.normalizeEntry,
+    });
    const dmScope = params.cfg.session?.dmScope ?? "main";
-    const storeAllowFrom = await readChannelAllowFromStore(input.provider).catch(() => []);
-    const normalizeEntry = input.normalizeEntry ?? ((value: string) => value);
-    const normalizedCfg = configAllowFrom
-      .filter((value) => value !== "*")
-      .map((value) => normalizeEntry(value))
-      .map((value) => value.trim())
-      .filter(Boolean);
-    const normalizedStore = storeAllowFrom
-      .map((value) => normalizeEntry(value))
-      .map((value) => value.trim())
-      .filter(Boolean);
-    const allowCount = Array.from(new Set([...normalizedCfg, ...normalizedStore])).length;
-    const isMultiUserDm = hasWildcard || allowCount > 1;

    if (input.dmPolicy === "open") {
      const allowFromKey = `${input.allowFromPath}allowFrom`;
--- a/src/security/dm-policy-shared.test.ts
+++ b/src/security/dm-policy-shared.test.ts
@@ -0,0 +1,31 @@
+import { describe, expect, it } from "vitest";
+import { resolveDmAllowState } from "./dm-policy-shared.js";
+
+describe("security/dm-policy-shared", () => {
+  it("normalizes config + store allow entries and counts distinct senders", async () => {
+    const state = await resolveDmAllowState({
+      provider: "telegram",
+      allowFrom: [" * ", " alice ", "ALICE", "bob"],
+      normalizeEntry: (value) => value.toLowerCase(),
+      readStore: async () => [" Bob ", "carol", ""],
+    });
+    expect(state.configAllowFrom).toEqual(["*", "alice", "ALICE", "bob"]);
+    expect(state.hasWildcard).toBe(true);
+    expect(state.allowCount).toBe(3);
+    expect(state.isMultiUserDm).toBe(true);
+  });
+
+  it("handles empty allowlists and store failures", async () => {
+    const state = await resolveDmAllowState({
+      provider: "slack",
+      allowFrom: undefined,
+      readStore: async () => {
+        throw new Error("offline");
+      },
+    });
+    expect(state.configAllowFrom).toEqual([]);
+    expect(state.hasWildcard).toBe(false);
+    expect(state.allowCount).toBe(0);
+    expect(state.isMultiUserDm).toBe(false);
+  });
+});
--- a/src/security/dm-policy-shared.ts
+++ b/src/security/dm-policy-shared.ts
@@ -0,0 +1,40 @@
+import type { ChannelId } from "../channels/plugins/types.js";
+import { readChannelAllowFromStore } from "../pairing/pairing-store.js";
+import { normalizeStringEntries } from "../shared/string-normalization.js";
+
+export async function resolveDmAllowState(params: {
+  provider: ChannelId;
+  allowFrom?: Array<string | number> | null;
+  normalizeEntry?: (raw: string) => string;
+  readStore?: (provider: ChannelId) => Promise<string[]>;
+}): Promise<{
+  configAllowFrom: string[];
+  hasWildcard: boolean;
+  allowCount: number;
+  isMultiUserDm: boolean;
+}> {
+  const configAllowFrom = normalizeStringEntries(
+    Array.isArray(params.allowFrom) ? params.allowFrom : undefined,
+  );
+  const hasWildcard = configAllowFrom.includes("*");
+  const storeAllowFrom = await (params.readStore ?? readChannelAllowFromStore)(
+    params.provider,
+  ).catch(() => []);
+  const normalizeEntry = params.normalizeEntry ?? ((value: string) => value);
+  const normalizedCfg = configAllowFrom
+    .filter((value) => value !== "*")
+    .map((value) => normalizeEntry(value))
+    .map((value) => value.trim())
+    .filter(Boolean);
+  const normalizedStore = storeAllowFrom
+    .map((value) => normalizeEntry(value))
+    .map((value) => value.trim())
+    .filter(Boolean);
+  const allowCount = Array.from(new Set([...normalizedCfg, ...normalizedStore])).length;
+  return {
+    configAllowFrom,
+    hasWildcard,
+    allowCount,
+    isMultiUserDm: hasWildcard || allowCount > 1,
+  };
+}