fix(security): fail closed parsed chat allowlist

2026-04-19 03:47:26 +00:00 · 2026-02-21 19:51:07 +01:00
parent 09d5f508b1
commit 9632b9bcf0
5 changed files with 199 additions and 5 deletions
--- a/src/plugin-sdk/allow-from.test.ts
+++ b/src/plugin-sdk/allow-from.test.ts
@@ -0,0 +1,73 @@
+import { describe, expect, it } from "vitest";
+import { isAllowedParsedChatSender } from "./allow-from.js";
+
+function parseAllowTarget(
+  entry: string,
+):
+  | { kind: "chat_id"; chatId: number }
+  | { kind: "chat_guid"; chatGuid: string }
+  | { kind: "chat_identifier"; chatIdentifier: string }
+  | { kind: "handle"; handle: string } {
+  const trimmed = entry.trim();
+  const lower = trimmed.toLowerCase();
+  if (lower.startsWith("chat_id:")) {
+    return { kind: "chat_id", chatId: Number.parseInt(trimmed.slice("chat_id:".length), 10) };
+  }
+  if (lower.startsWith("chat_guid:")) {
+    return { kind: "chat_guid", chatGuid: trimmed.slice("chat_guid:".length) };
+  }
+  if (lower.startsWith("chat_identifier:")) {
+    return {
+      kind: "chat_identifier",
+      chatIdentifier: trimmed.slice("chat_identifier:".length),
+    };
+  }
+  return { kind: "handle", handle: lower };
+}
+
+describe("isAllowedParsedChatSender", () => {
+  it("denies when allowFrom is empty", () => {
+    const allowed = isAllowedParsedChatSender({
+      allowFrom: [],
+      sender: "+15551234567",
+      normalizeSender: (sender) => sender,
+      parseAllowTarget,
+    });
+
+    expect(allowed).toBe(false);
+  });
+
+  it("allows wildcard entries", () => {
+    const allowed = isAllowedParsedChatSender({
+      allowFrom: ["*"],
+      sender: "user@example.com",
+      normalizeSender: (sender) => sender.toLowerCase(),
+      parseAllowTarget,
+    });
+
+    expect(allowed).toBe(true);
+  });
+
+  it("matches normalized handles", () => {
+    const allowed = isAllowedParsedChatSender({
+      allowFrom: ["User@Example.com"],
+      sender: "user@example.com",
+      normalizeSender: (sender) => sender.toLowerCase(),
+      parseAllowTarget,
+    });
+
+    expect(allowed).toBe(true);
+  });
+
+  it("matches chat IDs when provided", () => {
+    const allowed = isAllowedParsedChatSender({
+      allowFrom: ["chat_id:42"],
+      sender: "+15551234567",
+      chatId: 42,
+      normalizeSender: (sender) => sender,
+      parseAllowTarget,
+    });
+
+    expect(allowed).toBe(true);
+  });
+});
--- a/src/plugin-sdk/allow-from.ts
+++ b/src/plugin-sdk/allow-from.ts
@@ -26,7 +26,7 @@ export function isAllowedParsedChatSender<TParsed extends ParsedChatAllowTarget>
 }): boolean {
  const allowFrom = params.allowFrom.map((entry) => String(entry).trim());
  if (allowFrom.length === 0) {
-    return true;
+    return false;
  }
  if (allowFrom.includes("*")) {
    return true;