fix(security): enforce trusted sender auth for discord moderation

2026-05-09 10:37:41 +00:00 · 2026-02-19 15:18:00 +01:00
parent baa335f258
commit 775816035e
15 changed files with 498 additions and 22 deletions
--- a/src/channels/plugins/actions/actions.test.ts
+++ b/src/channels/plugins/actions/actions.test.ts
@@ -353,6 +353,47 @@ describe("handleDiscordMessageAction", () => {
      expect.any(Object),
    );
  });
+
+  it("uses trusted requesterSenderId for moderation and ignores params senderUserId", async () => {
+    await handleDiscordMessageAction({
+      action: "timeout",
+      params: {
+        guildId: "guild-1",
+        userId: "user-2",
+        durationMin: 5,
+        senderUserId: "spoofed-admin-id",
+      },
+      cfg: {} as OpenClawConfig,
+      requesterSenderId: "trusted-sender-id",
+      toolContext: { currentChannelProvider: "discord" },
+    });
+
+    expect(handleDiscordAction).toHaveBeenCalledWith(
+      expect.objectContaining({
+        action: "timeout",
+        guildId: "guild-1",
+        userId: "user-2",
+        durationMinutes: 5,
+        senderUserId: "trusted-sender-id",
+      }),
+      expect.any(Object),
+    );
+  });
+
+  it("rejects moderation when trusted sender id is missing in Discord tool context", async () => {
+    await expect(
+      handleDiscordMessageAction({
+        action: "kick",
+        params: {
+          guildId: "guild-1",
+          userId: "user-2",
+        },
+        cfg: {} as OpenClawConfig,
+        toolContext: { currentChannelProvider: "discord" },
+      }),
+    ).rejects.toThrow("Sender user ID required for Discord moderation actions.");
+    expect(handleDiscordAction).not.toHaveBeenCalled();
+  });
 });

 describe("telegramMessageActions", () => {