vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-06 13:30:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(telegram): use owners for exec approvals (#73852)

Browse Source
This commit is contained in:
pashpashpash
2026-04-28 16:34:46 -07:00
committed by GitHub
parent a235a487d0
commit 43fa40a35d
10 changed files with 27 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
extensions/telegram/src/approval-native.test.ts
View File

@@ -40,8 +40,8 @@ describe("telegram native approval adapter", () => {
expect(text).toContain("`channels.telegram.execApprovals.approvers`");
expect(text).toContain("`commands.ownerAllowFrom`");
expect(text).toContain("`channels.telegram.allowFrom`");
expect(text).toContain("`channels.telegram.defaultTo`");
expect(text).not.toContain("`channels.telegram.allowFrom`");
expect(text).not.toContain("`channels.telegram.defaultTo`");
expect(text).not.toContain("`channels.telegram.dm.allowFrom`");
});
@@ -54,8 +54,8 @@ describe("telegram native approval adapter", () => {
expect(text).toContain("`channels.telegram.accounts.work.execApprovals.approvers`");
expect(text).toContain("`commands.ownerAllowFrom`");
expect(text).toContain("`channels.telegram.accounts.work.allowFrom`");
expect(text).toContain("`channels.telegram.accounts.work.defaultTo`");
expect(text).not.toContain("`channels.telegram.accounts.work.allowFrom`");
expect(text).not.toContain("`channels.telegram.accounts.work.defaultTo`");
expect(text).not.toContain("`channels.telegram.allowFrom`");
});

2
extensions/telegram/src/approval-native.ts
View File

@@ -92,7 +92,7 @@ const telegramNativeApprovalCapability = createApproverRestrictedNativeApprovalC
accountId && accountId !== "default"
? `channels.telegram.accounts.${accountId}`
: "channels.telegram";
return `Approve it from the Web UI or terminal UI for now. Telegram supports native exec approvals for this account. Configure \`${prefix}.execApprovals.approvers\`; if you leave it unset, OpenClaw can infer numeric owner IDs from \`commands.ownerAllowFrom\`, \`${prefix}.allowFrom\`, or direct-message \`${prefix}.defaultTo\` when possible. Leave \`${prefix}.execApprovals.enabled\` unset/\`auto\` or set it to \`true\`.`;
return `Approve it from the Web UI or terminal UI for now. Telegram supports native exec approvals for this account. Configure \`${prefix}.execApprovals.approvers\` or \`commands.ownerAllowFrom\`; leave \`${prefix}.execApprovals.enabled\` unset/\`auto\` or set it to \`true\`.`;
},
listAccountIds: listTelegramAccountIds,
hasApprovers: ({ cfg, accountId }) =>

2
extensions/telegram/src/config-ui-hints.ts
View File

@@ -135,7 +135,7 @@ export const telegramChannelConfigUiHints = {
},
"execApprovals.approvers": {
label: "Telegram Exec Approval Approvers",
help: "Telegram user IDs allowed to approve exec requests for this bot account. Use numeric Telegram user IDs. If you leave this unset, OpenClaw falls back to numeric owner IDs inferred from commands.ownerAllowFrom, channels.telegram.allowFrom, and direct-message defaultTo when possible.",
help: "Telegram user IDs allowed to approve exec requests for this bot account. Use numeric Telegram user IDs. If you leave this unset, OpenClaw falls back to numeric owner IDs inferred from commands.ownerAllowFrom when possible.",
},
"execApprovals.agentFilter": {
label: "Telegram Exec Approval Agent Filter",

16
extensions/telegram/src/exec-approvals.test.ts
View File

@@ -121,7 +121,12 @@ describe("telegram exec approvals", () => {
isTelegramExecApprovalClientEnabled({
cfg: buildConfig(undefined, { allowFrom: ["123"] }),
}),
).toBe(true);
).toBe(false);
expect(
isTelegramExecApprovalClientEnabled({
cfg: buildConfig(undefined, { defaultTo: 123 }),
}),
).toBe(false);
expect(
isTelegramExecApprovalClientEnabled({
cfg: buildConfig({ approvers: ["123"] }),
@@ -160,7 +165,7 @@ describe("telegram exec approvals", () => {
expect(isTelegramExecApprovalApprover({ cfg, senderId: "67890" })).toBe(true);
});
it("infers approvers from allowFrom and direct defaultTo", () => {
it("does not infer approvers from Telegram chat allowlists", () => {
const cfg = buildConfig(
{ enabled: true },
{
@@ -169,9 +174,10 @@ describe("telegram exec approvals", () => {
},
);
expect(getTelegramExecApprovalApprovers({ cfg })).toEqual(["12345", "67890"]);
expect(isTelegramExecApprovalApprover({ cfg, senderId: "12345" })).toBe(true);
expect(isTelegramExecApprovalApprover({ cfg, senderId: "67890" })).toBe(true);
expect(getTelegramExecApprovalApprovers({ cfg })).toEqual([]);
expect(isTelegramExecApprovalClientEnabled({ cfg })).toBe(false);
expect(isTelegramExecApprovalApprover({ cfg, senderId: "12345" })).toBe(false);
expect(isTelegramExecApprovalApprover({ cfg, senderId: "67890" })).toBe(false);
});
it("defaults target to dm", () => {

5
extensions/telegram/src/exec-approvals.ts
View File

@@ -58,12 +58,9 @@ export function getTelegramExecApprovalApprovers(params: {
cfg: OpenClawConfig;
accountId?: string | null;
}): string[] {
const account = resolveTelegramAccount(params).config;
return resolveApprovalApprovers({
explicit: resolveTelegramExecApprovalConfig(params)?.approvers,
allowFrom: account.allowFrom,
extraAllowFrom: resolveTelegramOwnerApprovers(params.cfg),
defaultTo: account.defaultTo ? String(account.defaultTo) : null,
allowFrom: resolveTelegramOwnerApprovers(params.cfg),
normalizeApprover: normalizeTelegramDirectApproverId,
});
}