refactor(security): share DM allowlist state resolver

2026-05-08 15:48:28 +00:00 · 2026-02-18 23:58:11 +00:00
parent 2709c0ba51
commit 5c5c032f42
4 changed files with 83 additions and 33 deletions
--- a/src/security/dm-policy-shared.ts
+++ b/src/security/dm-policy-shared.ts
@@ -0,0 +1,40 @@
+import type { ChannelId } from "../channels/plugins/types.js";
+import { readChannelAllowFromStore } from "../pairing/pairing-store.js";
+import { normalizeStringEntries } from "../shared/string-normalization.js";
+
+export async function resolveDmAllowState(params: {
+  provider: ChannelId;
+  allowFrom?: Array<string | number> | null;
+  normalizeEntry?: (raw: string) => string;
+  readStore?: (provider: ChannelId) => Promise<string[]>;
+}): Promise<{
+  configAllowFrom: string[];
+  hasWildcard: boolean;
+  allowCount: number;
+  isMultiUserDm: boolean;
+}> {
+  const configAllowFrom = normalizeStringEntries(
+    Array.isArray(params.allowFrom) ? params.allowFrom : undefined,
+  );
+  const hasWildcard = configAllowFrom.includes("*");
+  const storeAllowFrom = await (params.readStore ?? readChannelAllowFromStore)(
+    params.provider,
+  ).catch(() => []);
+  const normalizeEntry = params.normalizeEntry ?? ((value: string) => value);
+  const normalizedCfg = configAllowFrom
+    .filter((value) => value !== "*")
+    .map((value) => normalizeEntry(value))
+    .map((value) => value.trim())
+    .filter(Boolean);
+  const normalizedStore = storeAllowFrom
+    .map((value) => normalizeEntry(value))
+    .map((value) => value.trim())
+    .filter(Boolean);
+  const allowCount = Array.from(new Set([...normalizedCfg, ...normalizedStore])).length;
+  return {
+    configAllowFrom,
+    hasWildcard,
+    allowCount,
+    isMultiUserDm: hasWildcard || allowCount > 1,
+  };
+}