diff --git a/src/auto-reply/command-auth.ts b/src/auto-reply/command-auth.ts index 4c7394bf8e5..2611be30436 100644 --- a/src/auto-reply/command-auth.ts +++ b/src/auto-reply/command-auth.ts @@ -458,9 +458,6 @@ function isConversationLikeIdentity(value: string): boolean { if (!normalized) { return false; } - if (normalized.includes("@g.us")) { - return true; - } if (normalized.startsWith("chat_id:")) { return true; } diff --git a/src/auto-reply/command-control.test.ts b/src/auto-reply/command-control.test.ts index 010e082f30a..3d274bcc4c4 100644 --- a/src/auto-reply/command-control.test.ts +++ b/src/auto-reply/command-control.test.ts @@ -48,18 +48,19 @@ describe("resolveCommandAuthorization", () => { setActivePluginRegistry(createTestRegistry(plugins)); } - function resolveWhatsAppAuthorization(params: { + function resolveTestChannelAuthorization(params: { from: string; senderId?: string; senderE164?: string; allowFrom: string[]; }) { + registerAllowFromPlugins(createAllowFromPlugin("mobilechat", () => params.allowFrom)); const cfg = { - channels: { whatsapp: { allowFrom: params.allowFrom } }, + channels: { mobilechat: { allowFrom: params.allowFrom } }, } as OpenClawConfig; const ctx = { - Provider: "whatsapp", - Surface: "whatsapp", + Provider: "mobilechat", + Surface: "mobilechat", From: params.from, SenderId: params.senderId, SenderE164: params.senderE164, @@ -74,7 +75,7 @@ describe("resolveCommandAuthorization", () => { it.each([ { name: "falls back from empty SenderId to SenderE164", - from: "whatsapp:+999", + from: "mobilechat:+999", senderId: "", senderE164: "+123", allowFrom: ["+123"], @@ -82,7 +83,7 @@ describe("resolveCommandAuthorization", () => { }, { name: "falls back from whitespace SenderId to SenderE164", - from: "whatsapp:+999", + from: "mobilechat:+999", senderId: " ", senderE164: "+123", allowFrom: ["+123"], @@ -90,7 +91,7 @@ describe("resolveCommandAuthorization", () => { }, { name: "falls back to From when SenderId and SenderE164 are whitespace", - from: "whatsapp:+999", + from: "+999", senderId: " ", senderE164: " ", allowFrom: ["+999"], @@ -98,7 +99,7 @@ describe("resolveCommandAuthorization", () => { }, { name: "falls back from un-normalizable SenderId to SenderE164", - from: "whatsapp:+999", + from: "mobilechat:+999", senderId: "wat", senderE164: "+123", allowFrom: ["+123"], @@ -106,14 +107,14 @@ describe("resolveCommandAuthorization", () => { }, { name: "prefers SenderE164 when SenderId does not match allowFrom", - from: "whatsapp:120363401234567890@g.us", - senderId: "123@lid", + from: "mobilechat:group:room-1", + senderId: "opaque-user", senderE164: "+41796666864", allowFrom: ["+41796666864"], expectedSenderId: "+41796666864", }, ])("$name", ({ from, senderId, senderE164, allowFrom, expectedSenderId }) => { - const auth = resolveWhatsAppAuthorization({ + const auth = resolveTestChannelAuthorization({ from, senderId, senderE164, @@ -559,7 +560,7 @@ describe("resolveCommandAuthorization", () => { const cfg = { commands: { allowFrom: { - "*": ["120363411111111111@g.us"], + "*": ["demo:group:room-1"], }, }, } as OpenClawConfig; @@ -568,7 +569,7 @@ describe("resolveCommandAuthorization", () => { ctx: { Provider: "whatsapp", Surface: "whatsapp", - From: "120363411111111111@g.us", + From: "demo:group:room-1", SenderId: " ", SenderE164: " ", } as MsgContext, diff --git a/src/secrets/channel-contract-surface-guardrails.test.ts b/src/secrets/channel-contract-surface-guardrails.test.ts index 8d36a305dcc..c73305463fc 100644 --- a/src/secrets/channel-contract-surface-guardrails.test.ts +++ b/src/secrets/channel-contract-surface-guardrails.test.ts @@ -66,6 +66,10 @@ const CORE_SECRET_SURFACE_GUARDS = [ path: "src/channels/conversation-label.ts", forbiddenPatterns: [/@g\.us/], }, + { + path: "src/auto-reply/command-auth.ts", + forbiddenPatterns: [/@g\.us/], + }, { path: "src/channels/plugins/setup-promotion-helpers.ts", forbiddenPatterns: [/\btelegram\b/],