github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-10 05:12:43 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(media): enforce agent media roots in plugin send actions

Browse Source 
Co-authored-by: Oliver Drobnik <333270+odrobnik@users.noreply.github.com>
Co-authored-by: thisischappy <257418353+thisischappy@users.noreply.github.com>
This commit is contained in:
Peter Steinberger
2026-02-22 21:17:09 +01:00
parent 33a43a151d
commit 7bbd597383
13 changed files with 193 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
src/channels/plugins/actions/actions.test.ts
View File

@@ -401,10 +401,9 @@ describe("handleDiscordMessageAction", () => {
cfg: {} as OpenClawConfig,
});
expect(handleDiscordAction).toHaveBeenCalledWith(
expect.objectContaining(testCase.expected),
expect.any(Object),
);
const call = handleDiscordAction.mock.calls.at(-1);
expect(call?.[0]).toEqual(expect.objectContaining(testCase.expected));
expect(call?.[1]).toEqual(expect.any(Object));
});
}
@@ -422,7 +421,8 @@ describe("handleDiscordMessageAction", () => {
toolContext: { currentChannelProvider: "discord" },
});
expect(handleDiscordAction).toHaveBeenCalledWith(
const call = handleDiscordAction.mock.calls.at(-1);
expect(call?.[0]).toEqual(
expect.objectContaining({
action: "timeout",
guildId: "guild-1",
@@ -430,7 +430,25 @@ describe("handleDiscordMessageAction", () => {
durationMinutes: 5,
senderUserId: "trusted-sender-id",
}),
);
expect(call?.[1]).toEqual(expect.any(Object));
});
it("forwards trusted mediaLocalRoots for send actions", async () => {
await handleDiscordMessageAction({
action: "send",
params: { to: "channel:123", message: "hi", media: "/tmp/file.png" },
cfg: {} as OpenClawConfig,
mediaLocalRoots: ["/tmp/agent-root"],
});
expect(handleDiscordAction).toHaveBeenCalledWith(
expect.objectContaining({
action: "sendMessage",
mediaUrl: "/tmp/file.png",
}),
expect.any(Object),
expect.objectContaining({ mediaLocalRoots: ["/tmp/agent-root"] }),
);
});
});
@@ -559,10 +577,34 @@ describe("telegramMessageActions", () => {
expect(handleTelegramAction, testCase.name).toHaveBeenCalledWith(
testCase.expectedPayload,
cfg,
expect.objectContaining({ mediaLocalRoots: undefined }),
);
}
});
it("forwards trusted mediaLocalRoots for send", async () => {
const cfg = telegramCfg();
await telegramMessageActions.handleAction?.({
channel: "telegram",
action: "send",
params: {
to: "123",
media: "/tmp/voice.ogg",
},
cfg,
mediaLocalRoots: ["/tmp/agent-root"],
});
expect(handleTelegramAction).toHaveBeenCalledWith(
expect.objectContaining({
action: "sendMessage",
mediaUrl: "/tmp/voice.ogg",
}),
cfg,
expect.objectContaining({ mediaLocalRoots: ["/tmp/agent-root"] }),
);
});
it("rejects non-integer messageId for edit before reaching telegram-actions", async () => {
const cfg = telegramCfg();
const handleAction = telegramMessageActions.handleAction;

20
src/channels/plugins/actions/discord.ts
View File

@@ -112,7 +112,23 @@ export const discordMessageActions: ChannelMessageActionAdapter = {
}
return null;
},
handleAction: async ({ action, params, cfg, accountId }) => {
return await handleDiscordMessageAction({ action, params, cfg, accountId });
handleAction: async ({
action,
params,
cfg,
accountId,
requesterSenderId,
toolContext,
mediaLocalRoots,
}) => {
return await handleDiscordMessageAction({
action,
params,
cfg,
accountId,
requesterSenderId,
toolContext,
mediaLocalRoots,
});
},
};

23
src/channels/plugins/actions/discord/handle-action.ts
View File

@@ -24,11 +24,20 @@ function readParentIdParam(params: Record<string, unknown>): string | null | und
export async function handleDiscordMessageAction(
ctx: Pick<
ChannelMessageActionContext,
"action" | "params" | "cfg" | "accountId" | "requesterSenderId" | "toolContext"
| "action"
| "params"
| "cfg"
| "accountId"
| "requesterSenderId"
| "toolContext"
| "mediaLocalRoots"
>,
): Promise<AgentToolResult<unknown>> {
const { action, params, cfg } = ctx;
const accountId = ctx.accountId ?? readStringParam(params, "accountId");
const actionOptions = {
mediaLocalRoots: ctx.mediaLocalRoots,
} as const;
const resolveChannelId = () =>
resolveDiscordChannelId(
@@ -76,6 +85,7 @@ export async function handleDiscordMessageAction(
__agentId: agentId ?? undefined,
},
cfg,
actionOptions,
);
}
@@ -101,6 +111,7 @@ export async function handleDiscordMessageAction(
content: readStringParam(params, "message"),
},
cfg,
actionOptions,
);
}
@@ -118,6 +129,7 @@ export async function handleDiscordMessageAction(
remove,
},
cfg,
actionOptions,
);
}
@@ -133,6 +145,7 @@ export async function handleDiscordMessageAction(
limit,
},
cfg,
actionOptions,
);
}
@@ -149,6 +162,7 @@ export async function handleDiscordMessageAction(
around: readStringParam(params, "around"),
},
cfg,
actionOptions,
);
}
@@ -164,6 +178,7 @@ export async function handleDiscordMessageAction(
content,
},
cfg,
actionOptions,
);
}
@@ -177,6 +192,7 @@ export async function handleDiscordMessageAction(
messageId,
},
cfg,
actionOptions,
);
}
@@ -191,6 +207,7 @@ export async function handleDiscordMessageAction(
messageId,
},
cfg,
actionOptions,
);
}
@@ -202,6 +219,7 @@ export async function handleDiscordMessageAction(
channelId: resolveChannelId(),
},
cfg,
actionOptions,
);
}
@@ -223,6 +241,7 @@ export async function handleDiscordMessageAction(
autoArchiveMinutes,
},
cfg,
actionOptions,
);
}
@@ -241,6 +260,7 @@ export async function handleDiscordMessageAction(
content: readStringParam(params, "message"),
},
cfg,
actionOptions,
);
}
@@ -256,6 +276,7 @@ export async function handleDiscordMessageAction(
activityState: readStringParam(params, "activityState"),
},
cfg,
actionOptions,
);
}

9
src/channels/plugins/actions/telegram.ts
View File

@@ -107,7 +107,7 @@ export const telegramMessageActions: ChannelMessageActionAdapter = {
extractToolSend: ({ args }) => {
return extractToolSend(args, "sendMessage");
},
handleAction: async ({ action, params, cfg, accountId }) => {
handleAction: async ({ action, params, cfg, accountId, mediaLocalRoots }) => {
if (action === "send") {
const sendParams = readTelegramSendParams(params);
return await handleTelegramAction(
@@ -117,6 +117,7 @@ export const telegramMessageActions: ChannelMessageActionAdapter = {
accountId: accountId ?? undefined,
},
cfg,
{ mediaLocalRoots },
);
}
@@ -136,6 +137,7 @@ export const telegramMessageActions: ChannelMessageActionAdapter = {
accountId: accountId ?? undefined,
},
cfg,
{ mediaLocalRoots },
);
}
@@ -150,6 +152,7 @@ export const telegramMessageActions: ChannelMessageActionAdapter = {
accountId: accountId ?? undefined,
},
cfg,
{ mediaLocalRoots },
);
}
@@ -168,6 +171,7 @@ export const telegramMessageActions: ChannelMessageActionAdapter = {
accountId: accountId ?? undefined,
},
cfg,
{ mediaLocalRoots },
);
}
@@ -189,6 +193,7 @@ export const telegramMessageActions: ChannelMessageActionAdapter = {
accountId: accountId ?? undefined,
},
cfg,
{ mediaLocalRoots },
);
}
@@ -203,6 +208,7 @@ export const telegramMessageActions: ChannelMessageActionAdapter = {
accountId: accountId ?? undefined,
},
cfg,
{ mediaLocalRoots },
);
}
@@ -221,6 +227,7 @@ export const telegramMessageActions: ChannelMessageActionAdapter = {
accountId: accountId ?? undefined,
},
cfg,
{ mediaLocalRoots },
);
}

1
src/channels/plugins/types.core.ts
View File

@@ -305,6 +305,7 @@ export type ChannelMessageActionContext = {
action: ChannelMessageActionName;
cfg: OpenClawConfig;
params: Record<string, unknown>;
mediaLocalRoots?: readonly string[];
accountId?: string | null;
/**
* Trusted sender id from inbound context. This is server-injected and must