github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-04-19 07:37:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(feishu): fix group policy enforcement gaps (#25439)

Browse Source 
- Respect groupConfig.enabled flag (was parsed but never enforced)
- Fix misleading log: group allowlist rejection now logs group ID and
  policy instead of sender open_id
This commit is contained in:
Jealous
2026-02-28 13:39:21 +08:00
committed by GitHub
parent 8818464f5f
commit b0a8909a73
2 changed files with 39 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
extensions/feishu/src/bot.test.ts
View File

@@ -554,6 +554,38 @@ describe("handleFeishuMessage command authorization", () => {
expect(mockDispatchReplyFromConfig).not.toHaveBeenCalled(); expect(mockDispatchReplyFromConfig).not.toHaveBeenCalled();
}); });
it("drops message when groupConfig.enabled is false", async () => {
const cfg: ClawdbotConfig = {
channels: {
feishu: {
groups: {
"oc-disabled-group": {
enabled: false,
},
},
},
},
} as ClawdbotConfig;
const event: FeishuMessageEvent = {
sender: {
sender_id: { open_id: "ou-sender" },
},
message: {
message_id: "msg-disabled-group",
chat_id: "oc-disabled-group",
chat_type: "group",
message_type: "text",
content: JSON.stringify({ text: "hello" }),
},
};
await dispatchMessage({ cfg, event });
expect(mockFinalizeInboundContext).not.toHaveBeenCalled();
expect(mockDispatchReplyFromConfig).not.toHaveBeenCalled();
});
it("uses video file_key (not thumbnail image_key) for inbound video download", async () => { it("uses video file_key (not thumbnail image_key) for inbound video download", async () => {
mockShouldComputeCommandAuthorized.mockReturnValue(false); mockShouldComputeCommandAuthorized.mockReturnValue(false);

8
extensions/feishu/src/bot.ts
View File

@@ -742,6 +742,10 @@ export async function handleFeishuMessage(params: {
const useAccessGroups = cfg.commands?.useAccessGroups !== false; const useAccessGroups = cfg.commands?.useAccessGroups !== false;
if (isGroup) { if (isGroup) {
if (groupConfig?.enabled === false) {
log(`feishu[${account.accountId}]: group ${ctx.chatId} is disabled`);
return;
}
const defaultGroupPolicy = resolveDefaultGroupPolicy(cfg); const defaultGroupPolicy = resolveDefaultGroupPolicy(cfg);
const { groupPolicy, providerMissingFallbackApplied } = resolveOpenProviderRuntimeGroupPolicy({ const { groupPolicy, providerMissingFallbackApplied } = resolveOpenProviderRuntimeGroupPolicy({
providerConfigPresent: cfg.channels?.feishu !== undefined, providerConfigPresent: cfg.channels?.feishu !== undefined,
@@ -766,7 +770,9 @@ export async function handleFeishuMessage(params: {
}); });
if (!groupAllowed) { if (!groupAllowed) {
log(`feishu[${account.accountId}]: sender ${ctx.senderOpenId} not in group allowlist`); log(
`feishu[${account.accountId}]: group ${ctx.chatId} not in groupAllowFrom (groupPolicy=${groupPolicy})`,
);
return; return;
} }