fix: harden discord and slack reaction ingress authorization

2026-05-10 00:33:31 +00:00 · 2026-02-26 01:26:37 +01:00
parent c736f11a16
commit aedf62ac7e
8 changed files with 483 additions and 5 deletions
--- a/src/discord/monitor.test.ts
+++ b/src/discord/monitor.test.ts
@@ -1,5 +1,5 @@
 import { ChannelType, type Guild } from "@buape/carbon";
-import { describe, expect, it, vi } from "vitest";
+import { beforeEach, describe, expect, it, vi } from "vitest";
 import { typedCases } from "../test-utils/typed-cases.js";
 import {
  allowListMatches,
@@ -20,6 +20,12 @@ import {
 } from "./monitor.js";
 import { DiscordMessageListener, DiscordReactionListener } from "./monitor/listeners.js";

+const readAllowFromStoreMock = vi.hoisted(() => vi.fn());
+
+vi.mock("../pairing/pairing-store.js", () => ({
+  readChannelAllowFromStore: (...args: unknown[]) => readAllowFromStoreMock(...args),
+}));
+
 const fakeGuild = (id: string, name: string) => ({ id, name }) as Guild;

 const makeEntries = (
@@ -899,6 +905,12 @@ function makeReactionClient(options?: {

 function makeReactionListenerParams(overrides?: {
  botUserId?: string;
+  dmEnabled?: boolean;
+  groupDmEnabled?: boolean;
+  groupDmChannels?: string[];
+  dmPolicy?: "open" | "pairing" | "allowlist" | "disabled";
+  allowFrom?: string[];
+  groupPolicy?: "open" | "allowlist" | "disabled";
  allowNameMatching?: boolean;
  guildEntries?: Record<string, DiscordGuildEntryResolved>;
 }) {
@@ -907,6 +919,12 @@ function makeReactionListenerParams(overrides?: {
    accountId: "acc-1",
    runtime: {} as import("../runtime.js").RuntimeEnv,
    botUserId: overrides?.botUserId ?? "bot-1",
+    dmEnabled: overrides?.dmEnabled ?? true,
+    groupDmEnabled: overrides?.groupDmEnabled ?? true,
+    groupDmChannels: overrides?.groupDmChannels ?? [],
+    dmPolicy: overrides?.dmPolicy ?? "open",
+    allowFrom: overrides?.allowFrom ?? [],
+    groupPolicy: overrides?.groupPolicy ?? "open",
    allowNameMatching: overrides?.allowNameMatching ?? false,
    guildEntries: overrides?.guildEntries,
    logger: {
@@ -919,6 +937,12 @@ function makeReactionListenerParams(overrides?: {
 }

 describe("discord DM reaction handling", () => {
+  beforeEach(() => {
+    enqueueSystemEventSpy.mockClear();
+    resolveAgentRouteMock.mockClear();
+    readAllowFromStoreMock.mockReset().mockResolvedValue([]);
+  });
+
  it("processes DM reactions with or without guild allowlists", async () => {
    const cases = [
      { name: "no guild allowlist", guildEntries: undefined },
@@ -952,9 +976,77 @@ describe("discord DM reaction handling", () => {
    }
  });

+  it("blocks DM reactions when dmPolicy is disabled", async () => {
+    const data = makeReactionEvent({ botAsAuthor: true });
+    const client = makeReactionClient({ channelType: ChannelType.DM });
+    const listener = new DiscordReactionListener(
+      makeReactionListenerParams({ dmPolicy: "disabled" }),
+    );
+
+    await listener.handle(data, client);
+
+    expect(enqueueSystemEventSpy).not.toHaveBeenCalled();
+  });
+
+  it("blocks DM reactions for unauthorized sender in allowlist mode", async () => {
+    const data = makeReactionEvent({ botAsAuthor: true, userId: "user-1" });
+    const client = makeReactionClient({ channelType: ChannelType.DM });
+    const listener = new DiscordReactionListener(
+      makeReactionListenerParams({
+        dmPolicy: "allowlist",
+        allowFrom: ["user:user-2"],
+      }),
+    );
+
+    await listener.handle(data, client);
+
+    expect(enqueueSystemEventSpy).not.toHaveBeenCalled();
+  });
+
+  it("allows DM reactions for authorized sender in allowlist mode", async () => {
+    const data = makeReactionEvent({ botAsAuthor: true, userId: "user-1" });
+    const client = makeReactionClient({ channelType: ChannelType.DM });
+    const listener = new DiscordReactionListener(
+      makeReactionListenerParams({
+        dmPolicy: "allowlist",
+        allowFrom: ["user:user-1"],
+      }),
+    );
+
+    await listener.handle(data, client);
+
+    expect(enqueueSystemEventSpy).toHaveBeenCalledOnce();
+  });
+
+  it("blocks group DM reactions when group DMs are disabled", async () => {
+    const data = makeReactionEvent({ botAsAuthor: true });
+    const client = makeReactionClient({ channelType: ChannelType.GroupDM });
+    const listener = new DiscordReactionListener(
+      makeReactionListenerParams({ groupDmEnabled: false }),
+    );
+
+    await listener.handle(data, client);
+
+    expect(enqueueSystemEventSpy).not.toHaveBeenCalled();
+  });
+
+  it("blocks guild reactions when groupPolicy is disabled", async () => {
+    const data = makeReactionEvent({
+      guildId: "guild-123",
+      botAsAuthor: true,
+      guild: { id: "guild-123", name: "Guild" },
+    });
+    const client = makeReactionClient({ channelType: ChannelType.GuildText });
+    const listener = new DiscordReactionListener(
+      makeReactionListenerParams({ groupPolicy: "disabled" }),
+    );
+
+    await listener.handle(data, client);
+
+    expect(enqueueSystemEventSpy).not.toHaveBeenCalled();
+  });
+
  it("still processes guild reactions (no regression)", async () => {
-    enqueueSystemEventSpy.mockClear();
-    resolveAgentRouteMock.mockClear();
    resolveAgentRouteMock.mockReturnValueOnce({
      agentId: "default",
      channel: "discord",