feat: generalize message access groups (#75813)

2026-05-06 18:20:44 +00:00 · 2026-05-01 23:17:14 +01:00
parent b217cd0972
commit 20945b84b4
30 changed files with 886 additions and 93 deletions
--- a/docs/.generated/config-baseline.sha256
+++ b/docs/.generated/config-baseline.sha256
@@ -1,4 +1,4 @@
-e14ddc6b9859128d4c5561cf80f322b7b24e0f87dac5bff170afbf2d6a9c3711  config-baseline.json
-2b1eac57f1b08b461e4cb9931a766f472c668e18aedd78e2af89541d8b476933  config-baseline.core.json
+74530fefef9ed55cab302802bc0be413ec56929e73c12d4bf4f1e4d290813adc  config-baseline.json
+21db87c2ebec8844e20bf66ea474c08f3adab842234ff334870fe3e8d87995b4  config-baseline.core.json
 c401cd3450f1737bc92418cfea301d20b54b7fbef9e6049834acc01af338e538  config-baseline.channel.json
 7731a0b93cb335b56fac4c807447ba659fea51ea7a6cd844dc0ef5616669ee75  config-baseline.plugin.json
--- a/docs/.generated/plugin-sdk-api-baseline.sha256
+++ b/docs/.generated/plugin-sdk-api-baseline.sha256
@@ -1,2 +1,2 @@
-edf54c8ce4c65d44ade9953509b1c3264f4ed12c8bf8eb0a13703a76d185f744  plugin-sdk-api-baseline.json
-2418f2484d2d5b40ec8c9b3b92562c76abae43845bb18af0d59706848422555c  plugin-sdk-api-baseline.jsonl
+0f9284c6349bf03d3d89c1d25031031840dae4ade032622ca212240ed19829f6  plugin-sdk-api-baseline.json
+33706cf425386717973cc87357ae5e0df432dd5a519b4faea8b38e21d7daae78  plugin-sdk-api-baseline.jsonl
--- a/docs/channels/discord.md
+++ b/docs/channels/discord.md
@@ -452,6 +452,29 @@ Example:
  <Tab title="DM access groups">
    Discord DMs can use dynamic `accessGroup:<name>` entries in `channels.discord.allowFrom`.

+    Access group names are shared across message channels. Use `type: "message.senders"` for a static group whose members are expressed in each channel's normal `allowFrom` syntax, or `type: "discord.channelAudience"` when a Discord channel's current `ViewChannel` audience should define membership dynamically.
+
+```json5
+{
+  accessGroups: {
+    operators: {
+      type: "message.senders",
+      members: {
+        "*": ["global-owner-id"],
+        discord: ["discord:123456789012345678"],
+        telegram: ["987654321"],
+      },
+    },
+  },
+  channels: {
+    discord: {
+      dmPolicy: "allowlist",
+      allowFrom: ["accessGroup:operators"],
+    },
+  },
+}
+```
+
    A Discord text channel has no separate member list. `type: "discord.channelAudience"` models membership as: the DM sender is a member of the configured guild and currently has effective `ViewChannel` permission on the configured channel after role and channel overwrites are applied.

    Example: allow anyone who can see `#maintainers` to DM the bot, while keeping DMs closed to everyone else.
--- a/docs/channels/pairing.md
+++ b/docs/channels/pairing.md
@@ -47,6 +47,32 @@ access; they do not add more owners.

 Supported channels: `bluebubbles`, `discord`, `feishu`, `googlechat`, `imessage`, `irc`, `line`, `matrix`, `mattermost`, `msteams`, `nextcloud-talk`, `nostr`, `openclaw-weixin`, `signal`, `slack`, `synology-chat`, `telegram`, `twitch`, `whatsapp`, `zalo`, `zalouser`.

+### Reusable sender groups
+
+Use top-level `accessGroups` when the same trusted sender set should apply to multiple message channels or to both DM and group allowlists. Static sender groups use `type: "message.senders"` and list members in each channel's normal `allowFrom` syntax.
+
+```json5
+{
+  accessGroups: {
+    operators: {
+      type: "message.senders",
+      members: {
+        "*": ["global-owner-id"],
+        discord: ["discord:123456789012345678"],
+        telegram: ["987654321"],
+        whatsapp: ["+15551234567"],
+      },
+    },
+  },
+  channels: {
+    telegram: { dmPolicy: "allowlist", allowFrom: ["accessGroup:operators"] },
+    whatsapp: { groupPolicy: "allowlist", groupAllowFrom: ["accessGroup:operators"] },
+  },
+}
+```
+
+The `"*"` member list is shared by all message channels. Channel-specific lists are checked with that channel's own sender matching rules.
+
 ### Where the state lives

 Stored under `~/.openclaw/credentials/`: