github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-08 17:28:28 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(security): gate slash commands by sender

Browse Source
This commit is contained in:
Peter Steinberger
2026-01-17 05:25:37 +00:00
parent c8b826ea8c
commit a624878973
14 changed files with 525 additions and 85 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
src/telegram/bot-message-context.ts
View File

@@ -198,11 +198,15 @@ export const buildTelegramMessageContext = async ({
return null;
}
}
const commandAuthorized = isSenderAllowed({
allow: isGroup ? effectiveGroupAllow : effectiveDmAllow,
const allowForCommands = isGroup ? effectiveGroupAllow : effectiveDmAllow;
const senderAllowedForCommands = isSenderAllowed({
allow: allowForCommands,
senderId,
senderUsername,
});
const useAccessGroups = cfg.commands?.useAccessGroups !== false;
const commandAuthorized =
useAccessGroups && !allowForCommands.hasEntries ? false : senderAllowedForCommands;
const historyKey = isGroup ? buildTelegramGroupPeerId(chatId, resolvedThreadId) : undefined;
let placeholder = "";
@@ -229,6 +233,14 @@ export const buildTelegramMessageContext = async ({
const hasAnyMention = (msg.entities ?? msg.caption_entities ?? []).some(
(ent) => ent.type === "mention",
);
if (
isGroup &&
hasControlCommand(msg.text ?? msg.caption ?? "", cfg, { botUsername }) &&
!commandAuthorized
) {
logVerbose(`telegram: drop control command from unauthorized sender ${senderId ?? "unknown"}`);
return null;
}
const activationOverride = resolveGroupActivation({
chatId,
messageThreadId: resolvedThreadId,