github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-09 17:44:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: enforce explicit group auth boundaries across channels

Browse Source
This commit is contained in:
Peter Steinberger
2026-02-26 18:15:57 +01:00
parent d0d83a2020
commit 64de4b6d6a
20 changed files with 614 additions and 331 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/telegram/bot-native-commands.ts
View File

@@ -253,7 +253,7 @@ async function resolveTelegramCommandAuth(params: {
const dmAllow = normalizeDmAllowFromWithStore({
allowFrom: allowFrom,
storeAllowFrom,
storeAllowFrom: isGroup ? [] : storeAllowFrom,
dmPolicy: telegramCfg.dmPolicy ?? "pairing",
});
const senderAllowed = isSenderAllowed({