github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-11 08:31:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(slack): guard allow-from store resolution in monitor auth (#21967)

Browse Source
This commit is contained in:
graysurf
2026-03-02 01:42:58 +08:00
committed by GitHub
parent 2a409bbba0
commit eddaf19478
2 changed files with 50 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
src/slack/monitor/auth.test.ts Normal file
View File

@@ -0,0 +1,40 @@
import { beforeEach, describe, expect, it, vi } from "vitest";
import type { SlackMonitorContext } from "./context.js";
const readChannelAllowFromStoreMock = vi.hoisted(() => vi.fn());
vi.mock("../../pairing/pairing-store.js", () => ({
readChannelAllowFromStore: (...args: unknown[]) => readChannelAllowFromStoreMock(...args),
}));
import { resolveSlackEffectiveAllowFrom } from "./auth.js";
function makeSlackCtx(allowFrom: string[]): SlackMonitorContext {
return {
allowFrom,
} as unknown as SlackMonitorContext;
}
describe("resolveSlackEffectiveAllowFrom", () => {
beforeEach(() => {
readChannelAllowFromStoreMock.mockReset();
});
it("falls back to channel config allowFrom when pairing store throws", async () => {
readChannelAllowFromStoreMock.mockRejectedValueOnce(new Error("boom"));
const effective = await resolveSlackEffectiveAllowFrom(makeSlackCtx(["u1"]));
expect(effective.allowFrom).toEqual(["u1"]);
expect(effective.allowFromLower).toEqual(["u1"]);
});
it("treats malformed non-array pairing-store responses as empty", async () => {
readChannelAllowFromStoreMock.mockReturnValueOnce(undefined);
const effective = await resolveSlackEffectiveAllowFrom(makeSlackCtx(["u1"]));
expect(effective.allowFrom).toEqual(["u1"]);
expect(effective.allowFromLower).toEqual(["u1"]);
});
});

14
src/slack/monitor/auth.ts
View File

@@ -13,13 +13,19 @@ export async function resolveSlackEffectiveAllowFrom(
options?: { includePairingStore?: boolean }, options?: { includePairingStore?: boolean },
) { ) {
const includePairingStore = options?.includePairingStore === true; const includePairingStore = options?.includePairingStore === true;
const storeAllowFrom = includePairingStore let storeAllowFrom: string[] = [];
? await readStoreAllowFromForDmPolicy({ if (includePairingStore) {
try {
const resolved = await readStoreAllowFromForDmPolicy({
provider: "slack", provider: "slack",
accountId: ctx.accountId, accountId: ctx.accountId,
dmPolicy: ctx.dmPolicy, dmPolicy: ctx.dmPolicy,
}) });
: []; storeAllowFrom = Array.isArray(resolved) ? resolved : [];
} catch {
storeAllowFrom = [];
}
}
const allowFrom = normalizeAllowList([...ctx.allowFrom, ...storeAllowFrom]); const allowFrom = normalizeAllowList([...ctx.allowFrom, ...storeAllowFrom]);
const allowFromLower = normalizeAllowListLower(allowFrom); const allowFromLower = normalizeAllowListLower(allowFrom);
return { allowFrom, allowFromLower }; return { allowFrom, allowFromLower };