github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-09 15:24:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

refactor(telegram): dedupe group auth checks

Browse Source
This commit is contained in:
Peter Steinberger
2026-02-15 16:12:36 +00:00
parent 234d69f83f
commit 933a9945ae
1 changed files with 20 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
src/telegram/bot-native-commands.ts
View File

@@ -171,6 +171,22 @@ async function resolveTelegramCommandAuth(params: {
const senderId = senderIdRaw ? String(senderIdRaw) : ""; const senderId = senderIdRaw ? String(senderIdRaw) : "";
const senderUsername = msg.from?.username ?? ""; const senderUsername = msg.from?.username ?? "";
const isGroupSenderAllowed = () =>
senderIdRaw != null &&
isSenderAllowed({
allow: effectiveGroupAllow,
senderId: String(senderIdRaw),
senderUsername,
});
const rejectNotAuthorized = async () => {
await withTelegramApiErrorLogging({
operation: "sendMessage",
fn: () => bot.api.sendMessage(chatId, "You are not authorized to use this command."),
});
return null;
};
if (isGroup && groupConfig?.enabled === false) { if (isGroup && groupConfig?.enabled === false) {
await withTelegramApiErrorLogging({ await withTelegramApiErrorLogging({
operation: "sendMessage", operation: "sendMessage",
@@ -186,19 +202,8 @@ async function resolveTelegramCommandAuth(params: {
return null; return null;
} }
if (requireAuth && isGroup && hasGroupAllowOverride) { if (requireAuth && isGroup && hasGroupAllowOverride) {
if ( if (!isGroupSenderAllowed()) {
senderIdRaw == null || return await rejectNotAuthorized();
!isSenderAllowed({
allow: effectiveGroupAllow,
senderId: String(senderIdRaw),
senderUsername,
})
) {
await withTelegramApiErrorLogging({
operation: "sendMessage",
fn: () => bot.api.sendMessage(chatId, "You are not authorized to use this command."),
});
return null;
} }
} }
@@ -213,19 +218,8 @@ async function resolveTelegramCommandAuth(params: {
return null; return null;
} }
if (groupPolicy === "allowlist" && requireAuth) { if (groupPolicy === "allowlist" && requireAuth) {
if ( if (!isGroupSenderAllowed()) {
senderIdRaw == null || return await rejectNotAuthorized();
!isSenderAllowed({
allow: effectiveGroupAllow,
senderId: String(senderIdRaw),
senderUsername,
})
) {
await withTelegramApiErrorLogging({
operation: "sendMessage",
fn: () => bot.api.sendMessage(chatId, "You are not authorized to use this command."),
});
return null;
} }
} }
const groupAllowlist = resolveGroupPolicy(chatId); const groupAllowlist = resolveGroupPolicy(chatId);