refactor(security): enforce account-scoped pairing APIs

2026-05-10 22:04:31 +00:00 · 2026-02-26 21:57:10 +01:00
parent a0c5e28f3b
commit bce643a0bd
27 changed files with 331 additions and 94 deletions
--- a/src/slack/monitor/auth.ts
+++ b/src/slack/monitor/auth.ts
@@ -1,4 +1,3 @@
-import { readChannelAllowFromStore } from "../../pairing/pairing-store.js";
 import { readStoreAllowFromForDmPolicy } from "../../security/dm-policy-shared.js";
 import {
  allowListMatches,
@@ -17,8 +16,8 @@ export async function resolveSlackEffectiveAllowFrom(
  const storeAllowFrom = includePairingStore
    ? await readStoreAllowFromForDmPolicy({
        provider: "slack",
+        accountId: ctx.accountId,
        dmPolicy: ctx.dmPolicy,
-        readStore: (provider) => readChannelAllowFromStore(provider),
      })
    : [];
  const allowFrom = normalizeAllowList([...ctx.allowFrom, ...storeAllowFrom]);
--- a/src/slack/monitor/message-handler/prepare.ts
+++ b/src/slack/monitor/message-handler/prepare.ts
@@ -155,6 +155,7 @@ export async function prepareSlackMessage(params: {
          const { code, created } = await upsertChannelPairingRequest({
            channel: "slack",
            id: directUserId,
+            accountId: account.accountId,
            meta: { name: senderName },
          });
          if (created) {
--- a/src/slack/monitor/slash.ts
+++ b/src/slack/monitor/slash.ts
@@ -6,10 +6,7 @@ import { resolveCommandAuthorizedFromAuthorizers } from "../../channels/command-
 import { resolveNativeCommandsEnabled, resolveNativeSkillsEnabled } from "../../config/commands.js";
 import { danger, logVerbose } from "../../globals.js";
 import { buildPairingReply } from "../../pairing/pairing-messages.js";
-import {
-  readChannelAllowFromStore,
-  upsertChannelPairingRequest,
-} from "../../pairing/pairing-store.js";
+import { upsertChannelPairingRequest } from "../../pairing/pairing-store.js";
 import { readStoreAllowFromForDmPolicy } from "../../security/dm-policy-shared.js";
 import { chunkItems } from "../../utils/chunk-items.js";
 import type { ResolvedSlackAccount } from "../accounts.js";
@@ -339,8 +336,8 @@ export async function registerSlackMonitorSlashCommands(params: {
      const storeAllowFrom = isDirectMessage
        ? await readStoreAllowFromForDmPolicy({
            provider: "slack",
+            accountId: ctx.accountId,
            dmPolicy: ctx.dmPolicy,
-            readStore: (provider) => readChannelAllowFromStore(provider),
          })
        : [];
      const effectiveAllowFrom = normalizeAllowList([...ctx.allowFrom, ...storeAllowFrom]);
@@ -373,6 +370,7 @@ export async function registerSlackMonitorSlashCommands(params: {
              const { code, created } = await upsertChannelPairingRequest({
                channel: "slack",
                id: command.user_id,
+                accountId: ctx.accountId,
                meta: { name: senderName },
              });
              if (created) {