fix(msteams): enforce sender allowlists with route allowlists

extensions/msteams/src/monitor-handler/message-handler.authz.test.ts

@@ -5,7 +5,7 @@ import { setMSTeamsRuntime } from "../runtime.js";
 import { createMSTeamsMessageHandler } from "./message-handler.js";
 
 describe("msteams monitor handler authz", () => {
-  it("does not treat DM pairing-store entries as group allowlist entries", async () => {
+  function createDeps(cfg: OpenClawConfig) {
     const readAllowFromStore = vi.fn(async () => ["attacker-aad"]);
     setMSTeamsRuntime({
       logging: { shouldLogVerbose: () => false },
@@ -35,16 +35,7 @@ describe("msteams monitor handler authz", () => {
     };
 
     const deps: MSTeamsMessageHandlerDeps = {
-      cfg: {
-        channels: {
-          msteams: {
-            dmPolicy: "pairing",
-            allowFrom: [],
-            groupPolicy: "allowlist",
-            groupAllowFrom: [],
-          },
-        },
-      } as OpenClawConfig,
+      cfg,
       runtime: { error: vi.fn() } as unknown as RuntimeEnv,
       appId: "test-app",
       adapter: {} as MSTeamsMessageHandlerDeps["adapter"],
@@ -65,6 +56,21 @@ describe("msteams monitor handler authz", () => {
       } as unknown as MSTeamsMessageHandlerDeps["log"],
     };
 
+    return { conversationStore, deps, readAllowFromStore };
+  }
+
+  it("does not treat DM pairing-store entries as group allowlist entries", async () => {
+    const { conversationStore, deps, readAllowFromStore } = createDeps({
+      channels: {
+        msteams: {
+          dmPolicy: "pairing",
+          allowFrom: [],
+          groupPolicy: "allowlist",
+          groupAllowFrom: [],
+        },
+      },
+    } as OpenClawConfig);
+
     const handler = createMSTeamsMessageHandler(deps);
     await handler({
       activity: {
@@ -96,4 +102,54 @@ describe("msteams monitor handler authz", () => {
     });
     expect(conversationStore.upsert).not.toHaveBeenCalled();
   });
+
+  it("does not widen sender auth when only a teams route allowlist is configured", async () => {
+    const { conversationStore, deps } = createDeps({
+      channels: {
+        msteams: {
+          dmPolicy: "pairing",
+          allowFrom: [],
+          groupPolicy: "allowlist",
+          groupAllowFrom: [],
+          teams: {
+            team123: {
+              channels: {
+                "19:group@thread.tacv2": { requireMention: false },
+              },
+            },
+          },
+        },
+      },
+    } as OpenClawConfig);
+
+    const handler = createMSTeamsMessageHandler(deps);
+    await handler({
+      activity: {
+        id: "msg-1",
+        type: "message",
+        text: "hello",
+        from: {
+          id: "attacker-id",
+          aadObjectId: "attacker-aad",
+          name: "Attacker",
+        },
+        recipient: {
+          id: "bot-id",
+          name: "Bot",
+        },
+        conversation: {
+          id: "19:group@thread.tacv2",
+          conversationType: "groupChat",
+        },
+        channelData: {
+          team: { id: "team123", name: "Team 123" },
+          channel: { name: "General" },
+        },
+        attachments: [],
+      },
+      sendActivity: vi.fn(async () => undefined),
+    } as unknown as Parameters<typeof handler>[0]);
+
+    expect(conversationStore.upsert).not.toHaveBeenCalled();
+  });
 });

extensions/msteams/src/monitor-handler/message-handler.ts

@@ -242,10 +242,7 @@ export function createMSTeamsMessageHandler(deps: MSTeamsMessageHandlerDeps) {
       }
       const senderGroupAccess = evaluateSenderGroupAccessForPolicy({
         groupPolicy,
-        groupAllowFrom:
-          effectiveGroupAllowFrom.length > 0 || !channelGate.allowlistConfigured
-            ? effectiveGroupAllowFrom
-            : ["*"],
+        groupAllowFrom: effectiveGroupAllowFrom,
         senderId,
         isSenderAllowed: (_senderId, allowFrom) =>
           resolveMSTeamsAllowlistMatch({