fix(security): enforce trusted sender auth for discord moderation

2026-05-08 11:11:23 +00:00 · 2026-02-19 15:18:00 +01:00
parent baa335f258
commit 775816035e
15 changed files with 498 additions and 22 deletions
--- a/src/infra/outbound/message-action-runner.ts
+++ b/src/infra/outbound/message-action-runner.ts
@@ -1,4 +1,12 @@
 import type { AgentToolResult } from "@mariozechner/pi-agent-core";
+import type {
+  ChannelId,
+  ChannelMessageActionName,
+  ChannelThreadingToolContext,
+} from "../../channels/plugins/types.js";
+import type { OpenClawConfig } from "../../config/config.js";
+import type { OutboundSendDeps } from "./deliver.js";
+import type { MessagePollResult, MessageSendResult } from "./message.js";
 import { resolveSessionAgentId } from "../../agents/agent-scope.js";
 import {
  readNumberParam,
@@ -7,12 +15,6 @@ import {
 } from "../../agents/tools/common.js";
 import { parseReplyDirectives } from "../../auto-reply/reply/reply-directives.js";
 import { dispatchChannelMessageAction } from "../../channels/plugins/message-actions.js";
-import type {
-  ChannelId,
-  ChannelMessageActionName,
-  ChannelThreadingToolContext,
-} from "../../channels/plugins/types.js";
-import type { OpenClawConfig } from "../../config/config.js";
 import {
  isDeliverableMessageChannel,
  normalizeMessageChannel,
@@ -25,7 +27,6 @@ import {
  resolveMessageChannelSelection,
 } from "./channel-selection.js";
 import { applyTargetToParams } from "./channel-target.js";
-import type { OutboundSendDeps } from "./deliver.js";
 import {
  hydrateSendAttachmentParams,
  hydrateSetGroupIconParams,
@@ -39,7 +40,6 @@ import {
  resolveTelegramAutoThreadId,
 } from "./message-action-params.js";
 import { actionHasTarget, actionRequiresTarget } from "./message-action-spec.js";
-import type { MessagePollResult, MessageSendResult } from "./message.js";
 import {
  applyCrossContextDecoration,
  buildCrossContextDecoration,
@@ -93,6 +93,7 @@ export type RunMessageActionParams = {
  action: ChannelMessageActionName;
  params: Record<string, unknown>;
  defaultAccountId?: string;
+  requesterSenderId?: string | null;
  toolContext?: ChannelThreadingToolContext;
  gateway?: MessageActionRunnerGateway;
  deps?: OutboundSendDeps;
@@ -668,6 +669,7 @@ async function handlePluginAction(ctx: ResolvedActionContext): Promise<MessageAc
    cfg,
    params,
    accountId: accountId ?? undefined,
+    requesterSenderId: input.requesterSenderId ?? undefined,
    gateway,
    toolContext: input.toolContext,
    dryRun,