github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-10 16:34:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(media): enforce agent media roots in plugin send actions

Browse Source 
Co-authored-by: Oliver Drobnik <333270+odrobnik@users.noreply.github.com>
Co-authored-by: thisischappy <257418353+thisischappy@users.noreply.github.com>
This commit is contained in:
Peter Steinberger
2026-02-22 21:17:09 +01:00
parent 33a43a151d
commit 7bbd597383
13 changed files with 193 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@@ -32,6 +32,7 @@ Docs: https://docs.openclaw.ai
### Fixes ### Fixes
- Plugins/Media sandbox: propagate trusted `mediaLocalRoots` through plugin action dispatch (including Discord/Telegram action adapters) so plugin send paths enforce the same agent-scoped local-media sandbox roots as core outbound sends. (#20258, #22718)
- Slack/Threading: sessions: keep parent-session forking and thread-history context active beyond first turn by removing first-turn-only gates in session init, thread-history fetch, and reply prompt context injection. (#23843, #23090) Thanks @vincentkoc and @Taskle. - Slack/Threading: sessions: keep parent-session forking and thread-history context active beyond first turn by removing first-turn-only gates in session init, thread-history fetch, and reply prompt context injection. (#23843, #23090) Thanks @vincentkoc and @Taskle.
- Slack/Threading: respect `replyToMode` when Slack auto-populates top-level `thread_ts`, and ignore inline `replyToId` directive tags when `replyToMode` is `off` so thread forcing stays disabled unless explicitly configured. (#23839, #23320, #23513) Thanks @vincentkoc and @dorukardahan. - Slack/Threading: respect `replyToMode` when Slack auto-populates top-level `thread_ts`, and ignore inline `replyToId` directive tags when `replyToMode` is `off` so thread forcing stays disabled unless explicitly configured. (#23839, #23320, #23513) Thanks @vincentkoc and @dorukardahan.
- Slack/Extension: forward `message read` `threadId` to `readMessages` and use delivery-context `threadId` as outbound `thread_ts` fallback so extension replies/reads stay in the correct Slack thread. (#22216, #22485, #23836) Thanks @vincentkoc, @lan17 and @dorukardahan. - Slack/Extension: forward `message read` `threadId` to `readMessages` and use delivery-context `threadId` as outbound `thread_ts` fallback so extension replies/reads stay in the correct Slack thread. (#22216, #22485, #23836) Thanks @vincentkoc, @lan17 and @dorukardahan.

5
src/agents/tools/discord-actions-messaging.ts
View File

@@ -56,6 +56,9 @@ export async function handleDiscordMessagingAction(
action: string, action: string,
params: Record<string, unknown>, params: Record<string, unknown>,
isActionEnabled: ActionGate<DiscordActionConfig>, isActionEnabled: ActionGate<DiscordActionConfig>,
options?: {
mediaLocalRoots?: readonly string[];
},
): Promise<AgentToolResult<unknown>> { ): Promise<AgentToolResult<unknown>> {
const resolveChannelId = () => const resolveChannelId = () =>
resolveDiscordChannelId( resolveDiscordChannelId(
@@ -308,6 +311,7 @@ export async function handleDiscordMessagingAction(
const result = await sendMessageDiscord(to, content ?? "", { const result = await sendMessageDiscord(to, content ?? "", {
...(accountId ? { accountId } : {}), ...(accountId ? { accountId } : {}),
mediaUrl, mediaUrl,
mediaLocalRoots: options?.mediaLocalRoots,
replyTo, replyTo,
components, components,
embeds, embeds,
@@ -416,6 +420,7 @@ export async function handleDiscordMessagingAction(
const result = await sendMessageDiscord(`channel:${channelId}`, content, { const result = await sendMessageDiscord(`channel:${channelId}`, content, {
...(accountId ? { accountId } : {}), ...(accountId ? { accountId } : {}),
mediaUrl, mediaUrl,
mediaLocalRoots: options?.mediaLocalRoots,
replyTo, replyTo,
}); });
return jsonResult({ ok: true, result }); return jsonResult({ ok: true, result });

22
src/agents/tools/discord-actions.test.ts
View File

@@ -264,6 +264,28 @@ describe("handleDiscordMessagingAction", () => {
expect(sendMessageDiscord).not.toHaveBeenCalled(); expect(sendMessageDiscord).not.toHaveBeenCalled();
}); });
it("forwards trusted mediaLocalRoots into sendMessageDiscord", async () => {
sendMessageDiscord.mockClear();
await handleDiscordMessagingAction(
"sendMessage",
{
to: "channel:123",
content: "hello",
mediaUrl: "/tmp/image.png",
},
enableAllActions,
{ mediaLocalRoots: ["/tmp/agent-root"] },
);
expect(sendMessageDiscord).toHaveBeenCalledWith(
"channel:123",
"hello",
expect.objectContaining({
mediaUrl: "/tmp/image.png",
mediaLocalRoots: ["/tmp/agent-root"],
}),
);
});
it("rejects voice messages that include content", async () => { it("rejects voice messages that include content", async () => {
await expect( await expect(
handleDiscordMessagingAction( handleDiscordMessagingAction(

5
src/agents/tools/discord-actions.ts
View File

@@ -58,13 +58,16 @@ const presenceActions = new Set(["setPresence"]);
export async function handleDiscordAction( export async function handleDiscordAction(
params: Record<string, unknown>, params: Record<string, unknown>,
cfg: OpenClawConfig, cfg: OpenClawConfig,
options?: {
mediaLocalRoots?: readonly string[];
},
): Promise<AgentToolResult<unknown>> { ): Promise<AgentToolResult<unknown>> {
const action = readStringParam(params, "action", { required: true }); const action = readStringParam(params, "action", { required: true });
const accountId = readStringParam(params, "accountId"); const accountId = readStringParam(params, "accountId");
const isActionEnabled = createDiscordActionGate({ cfg, accountId }); const isActionEnabled = createDiscordActionGate({ cfg, accountId });
if (messagingActions.has(action)) { if (messagingActions.has(action)) {
return await handleDiscordMessagingAction(action, params, isActionEnabled); return await handleDiscordMessagingAction(action, params, isActionEnabled, options);
} }
if (guildActions.has(action)) { if (guildActions.has(action)) {
return await handleDiscordGuildAction(action, params, isActionEnabled); return await handleDiscordGuildAction(action, params, isActionEnabled);

17
src/agents/tools/telegram-actions.test.ts
View File

@@ -243,6 +243,23 @@ describe("handleTelegramAction", () => {
}); });
}); });
it("forwards trusted mediaLocalRoots into sendMessageTelegram", async () => {
await handleTelegramAction(
{
action: "sendMessage",
to: "@testchannel",
content: "Hello with local media",
},
telegramConfig(),
{ mediaLocalRoots: ["/tmp/agent-root"] },
);
expect(sendMessageTelegram).toHaveBeenCalledWith(
"@testchannel",
"Hello with local media",
expect.objectContaining({ mediaLocalRoots: ["/tmp/agent-root"] }),
);
});
it.each([ it.each([
{ {
name: "media", name: "media",

4
src/agents/tools/telegram-actions.ts
View File

@@ -85,6 +85,9 @@ export function readTelegramButtons(
export async function handleTelegramAction( export async function handleTelegramAction(
params: Record<string, unknown>, params: Record<string, unknown>,
cfg: OpenClawConfig, cfg: OpenClawConfig,
options?: {
mediaLocalRoots?: readonly string[];
},
): Promise<AgentToolResult<unknown>> { ): Promise<AgentToolResult<unknown>> {
const action = readStringParam(params, "action", { required: true }); const action = readStringParam(params, "action", { required: true });
const accountId = readStringParam(params, "accountId"); const accountId = readStringParam(params, "accountId");
@@ -198,6 +201,7 @@ export async function handleTelegramAction(
token, token,
accountId: accountId ?? undefined, accountId: accountId ?? undefined,
mediaUrl: mediaUrl || undefined, mediaUrl: mediaUrl || undefined,
mediaLocalRoots: options?.mediaLocalRoots,
buttons, buttons,
replyToMessageId: replyToMessageId ?? undefined, replyToMessageId: replyToMessageId ?? undefined,
messageThreadId: messageThreadId ?? undefined, messageThreadId: messageThreadId ?? undefined,

52
src/channels/plugins/actions/actions.test.ts
View File

@@ -401,10 +401,9 @@ describe("handleDiscordMessageAction", () => {
cfg: {} as OpenClawConfig, cfg: {} as OpenClawConfig,
}); });
expect(handleDiscordAction).toHaveBeenCalledWith( const call = handleDiscordAction.mock.calls.at(-1);
expect.objectContaining(testCase.expected), expect(call?.[0]).toEqual(expect.objectContaining(testCase.expected));
expect.any(Object), expect(call?.[1]).toEqual(expect.any(Object));
);
}); });
} }
@@ -422,7 +421,8 @@ describe("handleDiscordMessageAction", () => {
toolContext: { currentChannelProvider: "discord" }, toolContext: { currentChannelProvider: "discord" },
}); });
expect(handleDiscordAction).toHaveBeenCalledWith( const call = handleDiscordAction.mock.calls.at(-1);
expect(call?.[0]).toEqual(
expect.objectContaining({ expect.objectContaining({
action: "timeout", action: "timeout",
guildId: "guild-1", guildId: "guild-1",
@@ -430,7 +430,25 @@ describe("handleDiscordMessageAction", () => {
durationMinutes: 5, durationMinutes: 5,
senderUserId: "trusted-sender-id", senderUserId: "trusted-sender-id",
}), }),
);
expect(call?.[1]).toEqual(expect.any(Object));
});
it("forwards trusted mediaLocalRoots for send actions", async () => {
await handleDiscordMessageAction({
action: "send",
params: { to: "channel:123", message: "hi", media: "/tmp/file.png" },
cfg: {} as OpenClawConfig,
mediaLocalRoots: ["/tmp/agent-root"],
});
expect(handleDiscordAction).toHaveBeenCalledWith(
expect.objectContaining({
action: "sendMessage",
mediaUrl: "/tmp/file.png",
}),
expect.any(Object), expect.any(Object),
expect.objectContaining({ mediaLocalRoots: ["/tmp/agent-root"] }),
); );
}); });
}); });
@@ -559,10 +577,34 @@ describe("telegramMessageActions", () => {
expect(handleTelegramAction, testCase.name).toHaveBeenCalledWith( expect(handleTelegramAction, testCase.name).toHaveBeenCalledWith(
testCase.expectedPayload, testCase.expectedPayload,
cfg, cfg,
expect.objectContaining({ mediaLocalRoots: undefined }),
); );
} }
}); });
it("forwards trusted mediaLocalRoots for send", async () => {
const cfg = telegramCfg();
await telegramMessageActions.handleAction?.({
channel: "telegram",
action: "send",
params: {
to: "123",
media: "/tmp/voice.ogg",
},
cfg,
mediaLocalRoots: ["/tmp/agent-root"],
});
expect(handleTelegramAction).toHaveBeenCalledWith(
expect.objectContaining({
action: "sendMessage",
mediaUrl: "/tmp/voice.ogg",
}),
cfg,
expect.objectContaining({ mediaLocalRoots: ["/tmp/agent-root"] }),
);
});
it("rejects non-integer messageId for edit before reaching telegram-actions", async () => { it("rejects non-integer messageId for edit before reaching telegram-actions", async () => {
const cfg = telegramCfg(); const cfg = telegramCfg();
const handleAction = telegramMessageActions.handleAction; const handleAction = telegramMessageActions.handleAction;

20
src/channels/plugins/actions/discord.ts
View File

@@ -112,7 +112,23 @@ export const discordMessageActions: ChannelMessageActionAdapter = {
} }
return null; return null;
}, },
handleAction: async ({ action, params, cfg, accountId }) => { handleAction: async ({
return await handleDiscordMessageAction({ action, params, cfg, accountId }); action,
params,
cfg,
accountId,
requesterSenderId,
toolContext,
mediaLocalRoots,
}) => {
return await handleDiscordMessageAction({
action,
params,
cfg,
accountId,
requesterSenderId,
toolContext,
mediaLocalRoots,
});
}, },
}; };

23
src/channels/plugins/actions/discord/handle-action.ts
View File

@@ -24,11 +24,20 @@ function readParentIdParam(params: Record<string, unknown>): string | null | und
export async function handleDiscordMessageAction( export async function handleDiscordMessageAction(
ctx: Pick< ctx: Pick<
ChannelMessageActionContext, ChannelMessageActionContext,
"action" | "params" | "cfg" | "accountId" | "requesterSenderId" | "toolContext" | "action"
| "params"
| "cfg"
| "accountId"
| "requesterSenderId"
| "toolContext"
| "mediaLocalRoots"
>, >,
): Promise<AgentToolResult<unknown>> { ): Promise<AgentToolResult<unknown>> {
const { action, params, cfg } = ctx; const { action, params, cfg } = ctx;
const accountId = ctx.accountId ?? readStringParam(params, "accountId"); const accountId = ctx.accountId ?? readStringParam(params, "accountId");
const actionOptions = {
mediaLocalRoots: ctx.mediaLocalRoots,
} as const;
const resolveChannelId = () => const resolveChannelId = () =>
resolveDiscordChannelId( resolveDiscordChannelId(
@@ -76,6 +85,7 @@ export async function handleDiscordMessageAction(
__agentId: agentId ?? undefined, __agentId: agentId ?? undefined,
}, },
cfg, cfg,
actionOptions,
); );
} }
@@ -101,6 +111,7 @@ export async function handleDiscordMessageAction(
content: readStringParam(params, "message"), content: readStringParam(params, "message"),
}, },
cfg, cfg,
actionOptions,
); );
} }
@@ -118,6 +129,7 @@ export async function handleDiscordMessageAction(
remove, remove,
}, },
cfg, cfg,
actionOptions,
); );
} }
@@ -133,6 +145,7 @@ export async function handleDiscordMessageAction(
limit, limit,
}, },
cfg, cfg,
actionOptions,
); );
} }
@@ -149,6 +162,7 @@ export async function handleDiscordMessageAction(
around: readStringParam(params, "around"), around: readStringParam(params, "around"),
}, },
cfg, cfg,
actionOptions,
); );
} }
@@ -164,6 +178,7 @@ export async function handleDiscordMessageAction(
content, content,
}, },
cfg, cfg,
actionOptions,
); );
} }
@@ -177,6 +192,7 @@ export async function handleDiscordMessageAction(
messageId, messageId,
}, },
cfg, cfg,
actionOptions,
); );
} }
@@ -191,6 +207,7 @@ export async function handleDiscordMessageAction(
messageId, messageId,
}, },
cfg, cfg,
actionOptions,
); );
} }
@@ -202,6 +219,7 @@ export async function handleDiscordMessageAction(
channelId: resolveChannelId(), channelId: resolveChannelId(),
}, },
cfg, cfg,
actionOptions,
); );
} }
@@ -223,6 +241,7 @@ export async function handleDiscordMessageAction(
autoArchiveMinutes, autoArchiveMinutes,
}, },
cfg, cfg,
actionOptions,
); );
} }
@@ -241,6 +260,7 @@ export async function handleDiscordMessageAction(
content: readStringParam(params, "message"), content: readStringParam(params, "message"),
}, },
cfg, cfg,
actionOptions,
); );
} }
@@ -256,6 +276,7 @@ export async function handleDiscordMessageAction(
activityState: readStringParam(params, "activityState"), activityState: readStringParam(params, "activityState"),
}, },
cfg, cfg,
actionOptions,
); );
} }

9
src/channels/plugins/actions/telegram.ts
View File

@@ -107,7 +107,7 @@ export const telegramMessageActions: ChannelMessageActionAdapter = {
extractToolSend: ({ args }) => { extractToolSend: ({ args }) => {
return extractToolSend(args, "sendMessage"); return extractToolSend(args, "sendMessage");
}, },
handleAction: async ({ action, params, cfg, accountId }) => { handleAction: async ({ action, params, cfg, accountId, mediaLocalRoots }) => {
if (action === "send") { if (action === "send") {
const sendParams = readTelegramSendParams(params); const sendParams = readTelegramSendParams(params);
return await handleTelegramAction( return await handleTelegramAction(
@@ -117,6 +117,7 @@ export const telegramMessageActions: ChannelMessageActionAdapter = {
accountId: accountId ?? undefined, accountId: accountId ?? undefined,
}, },
cfg, cfg,
{ mediaLocalRoots },
); );
} }
@@ -136,6 +137,7 @@ export const telegramMessageActions: ChannelMessageActionAdapter = {
accountId: accountId ?? undefined, accountId: accountId ?? undefined,
}, },
cfg, cfg,
{ mediaLocalRoots },
); );
} }
@@ -150,6 +152,7 @@ export const telegramMessageActions: ChannelMessageActionAdapter = {
accountId: accountId ?? undefined, accountId: accountId ?? undefined,
}, },
cfg, cfg,
{ mediaLocalRoots },
); );
} }
@@ -168,6 +171,7 @@ export const telegramMessageActions: ChannelMessageActionAdapter = {
accountId: accountId ?? undefined, accountId: accountId ?? undefined,
}, },
cfg, cfg,
{ mediaLocalRoots },
); );
} }
@@ -189,6 +193,7 @@ export const telegramMessageActions: ChannelMessageActionAdapter = {
accountId: accountId ?? undefined, accountId: accountId ?? undefined,
}, },
cfg, cfg,
{ mediaLocalRoots },
); );
} }
@@ -203,6 +208,7 @@ export const telegramMessageActions: ChannelMessageActionAdapter = {
accountId: accountId ?? undefined, accountId: accountId ?? undefined,
}, },
cfg, cfg,
{ mediaLocalRoots },
); );
} }
@@ -221,6 +227,7 @@ export const telegramMessageActions: ChannelMessageActionAdapter = {
accountId: accountId ?? undefined, accountId: accountId ?? undefined,
}, },
cfg, cfg,
{ mediaLocalRoots },
); );
} }

1
src/channels/plugins/types.core.ts
View File

@@ -305,6 +305,7 @@ export type ChannelMessageActionContext = {
action: ChannelMessageActionName; action: ChannelMessageActionName;
cfg: OpenClawConfig; cfg: OpenClawConfig;
params: Record<string, unknown>; params: Record<string, unknown>;
mediaLocalRoots?: readonly string[];
accountId?: string | null; accountId?: string | null;
/** /**
* Trusted sender id from inbound context. This is server-injected and must * Trusted sender id from inbound context. This is server-injected and must

38
src/infra/outbound/outbound-send-service.test.ts
View File

@@ -4,6 +4,7 @@ const mocks = vi.hoisted(() => ({
dispatchChannelMessageAction: vi.fn(), dispatchChannelMessageAction: vi.fn(),
sendMessage: vi.fn(), sendMessage: vi.fn(),
sendPoll: vi.fn(), sendPoll: vi.fn(),
getAgentScopedMediaLocalRoots: vi.fn(() => ["/tmp/agent-roots"]),
})); }));
vi.mock("../../channels/plugins/message-actions.js", () => ({ vi.mock("../../channels/plugins/message-actions.js", () => ({
@@ -15,6 +16,11 @@ vi.mock("./message.js", () => ({
sendPoll: (...args: unknown[]) => mocks.sendPoll(...args), sendPoll: (...args: unknown[]) => mocks.sendPoll(...args),
})); }));
vi.mock("../../media/local-roots.js", () => ({
getAgentScopedMediaLocalRoots: (...args: unknown[]) =>
mocks.getAgentScopedMediaLocalRoots(...args),
}));
import { executePollAction, executeSendAction } from "./outbound-send-service.js"; import { executePollAction, executeSendAction } from "./outbound-send-service.js";
describe("executeSendAction", () => { describe("executeSendAction", () => {
@@ -22,6 +28,7 @@ describe("executeSendAction", () => {
mocks.dispatchChannelMessageAction.mockClear(); mocks.dispatchChannelMessageAction.mockClear();
mocks.sendMessage.mockClear(); mocks.sendMessage.mockClear();
mocks.sendPoll.mockClear(); mocks.sendPoll.mockClear();
mocks.getAgentScopedMediaLocalRoots.mockClear();
}); });
it("forwards ctx.agentId to sendMessage on core outbound path", async () => { it("forwards ctx.agentId to sendMessage on core outbound path", async () => {
@@ -83,6 +90,37 @@ describe("executeSendAction", () => {
expect(mocks.sendPoll).not.toHaveBeenCalled(); expect(mocks.sendPoll).not.toHaveBeenCalled();
}); });
it("passes agent-scoped media local roots to plugin dispatch", async () => {
mocks.dispatchChannelMessageAction.mockResolvedValue({
ok: true,
value: { messageId: "msg-plugin" },
continuePrompt: "",
output: "",
sessionId: "s1",
model: "gpt-5.2",
usage: {},
});
await executeSendAction({
ctx: {
cfg: {},
channel: "discord",
params: { to: "channel:123", message: "hello" },
agentId: "agent-1",
dryRun: false,
},
to: "channel:123",
message: "hello",
});
expect(mocks.getAgentScopedMediaLocalRoots).toHaveBeenCalledWith({}, "agent-1");
expect(mocks.dispatchChannelMessageAction).toHaveBeenCalledWith(
expect.objectContaining({
mediaLocalRoots: ["/tmp/agent-roots"],
}),
);
});
it("forwards poll args to sendPoll on core outbound path", async () => { it("forwards poll args to sendPoll on core outbound path", async () => {
mocks.dispatchChannelMessageAction.mockResolvedValue(null); mocks.dispatchChannelMessageAction.mockResolvedValue(null);
mocks.sendPoll.mockResolvedValue({ mocks.sendPoll.mockResolvedValue({

6
src/infra/outbound/outbound-send-service.ts
View File

@@ -3,6 +3,7 @@ import { dispatchChannelMessageAction } from "../../channels/plugins/message-act
import type { ChannelId, ChannelThreadingToolContext } from "../../channels/plugins/types.js"; import type { ChannelId, ChannelThreadingToolContext } from "../../channels/plugins/types.js";
import type { OpenClawConfig } from "../../config/config.js"; import type { OpenClawConfig } from "../../config/config.js";
import { appendAssistantMessageToSessionTranscript } from "../../config/sessions.js"; import { appendAssistantMessageToSessionTranscript } from "../../config/sessions.js";
import { getAgentScopedMediaLocalRoots } from "../../media/local-roots.js";
import type { GatewayClientMode, GatewayClientName } from "../../utils/message-channel.js"; import type { GatewayClientMode, GatewayClientName } from "../../utils/message-channel.js";
import { throwIfAborted } from "./abort.js"; import { throwIfAborted } from "./abort.js";
import type { OutboundSendDeps } from "./deliver.js"; import type { OutboundSendDeps } from "./deliver.js";
@@ -54,11 +55,16 @@ async function tryHandleWithPluginAction(params: {
if (params.ctx.dryRun) { if (params.ctx.dryRun) {
return null; return null;
} }
const mediaLocalRoots = getAgentScopedMediaLocalRoots(
params.ctx.cfg,
params.ctx.agentId ?? params.ctx.mirror?.agentId,
);
const handled = await dispatchChannelMessageAction({ const handled = await dispatchChannelMessageAction({
channel: params.ctx.channel, channel: params.ctx.channel,
action: params.action, action: params.action,
cfg: params.ctx.cfg, cfg: params.ctx.cfg,
params: params.ctx.params, params: params.ctx.params,
mediaLocalRoots,
accountId: params.ctx.accountId ?? undefined, accountId: params.ctx.accountId ?? undefined,
gateway: params.ctx.gateway, gateway: params.ctx.gateway,
toolContext: params.ctx.toolContext, toolContext: params.ctx.toolContext,