refactor(line): share command authorization gate logic

2026-05-06 16:40:49 +00:00 · 2026-03-07 16:23:54 +00:00
parent f7fef07725
commit b3fd537740
1 changed files with 40 additions and 22 deletions
--- a/src/line/bot-handlers.ts
+++ b/src/line/bot-handlers.ts
@@ -28,6 +28,7 @@ import {
  isSenderAllowed,
  normalizeAllowFrom,
  normalizeDmAllowFromWithStore,
+  type NormalizedAllowFrom,
 } from "./bot-access.js";
 import {
  getLineSourceInfo,
@@ -350,17 +351,15 @@ async function shouldProcessLineEvent(
        return denied;
      }
    }
-    const allowForCommands = effectiveGroupAllow;
-    const senderAllowedForCommands = isSenderAllowed({ allow: allowForCommands, senderId });
-    const useAccessGroups = cfg.commands?.useAccessGroups !== false;
-    const rawText = resolveEventRawText(event);
-    const commandGate = resolveControlCommandGate({
-      useAccessGroups,
-      authorizers: [{ configured: allowForCommands.hasEntries, allowed: senderAllowedForCommands }],
-      allowTextCommands: true,
-      hasControlCommand: hasControlCommand(rawText, cfg),
-    });
-    return { allowed: true, commandAuthorized: commandGate.commandAuthorized };
+    return {
+      allowed: true,
+      commandAuthorized: resolveLineCommandAuthorized({
+        cfg,
+        event,
+        senderId,
+        allow: effectiveGroupAllow,
+      }),
+    };
  }

  if (dmPolicy === "disabled") {
@@ -386,17 +385,15 @@ async function shouldProcessLineEvent(
    return denied;
  }

-  const allowForCommands = effectiveDmAllow;
-  const senderAllowedForCommands = isSenderAllowed({ allow: allowForCommands, senderId });
-  const useAccessGroups = cfg.commands?.useAccessGroups !== false;
-  const rawText = resolveEventRawText(event);
-  const commandGate = resolveControlCommandGate({
-    useAccessGroups,
-    authorizers: [{ configured: allowForCommands.hasEntries, allowed: senderAllowedForCommands }],
-    allowTextCommands: true,
-    hasControlCommand: hasControlCommand(rawText, cfg),
-  });
-  return { allowed: true, commandAuthorized: commandGate.commandAuthorized };
+  return {
+    allowed: true,
+    commandAuthorized: resolveLineCommandAuthorized({
+      cfg,
+      event,
+      senderId,
+      allow: effectiveDmAllow,
+    }),
+  };
 }

 function resolveEventRawText(event: MessageEvent | PostbackEvent): string {
@@ -413,6 +410,27 @@ function resolveEventRawText(event: MessageEvent | PostbackEvent): string {
  return "";
 }

+function resolveLineCommandAuthorized(params: {
+  cfg: OpenClawConfig;
+  event: MessageEvent | PostbackEvent;
+  senderId?: string;
+  allow: NormalizedAllowFrom;
+}): boolean {
+  const senderAllowedForCommands = isSenderAllowed({
+    allow: params.allow,
+    senderId: params.senderId,
+  });
+  const useAccessGroups = params.cfg.commands?.useAccessGroups !== false;
+  const rawText = resolveEventRawText(params.event);
+  const commandGate = resolveControlCommandGate({
+    useAccessGroups,
+    authorizers: [{ configured: params.allow.hasEntries, allowed: senderAllowedForCommands }],
+    allowTextCommands: true,
+    hasControlCommand: hasControlCommand(rawText, params.cfg),
+  });
+  return commandGate.commandAuthorized;
+}
+
 async function handleMessageEvent(event: MessageEvent, context: LineHandlerContext): Promise<void> {
  const { cfg, account, runtime, mediaMaxBytes, processMessage } = context;
  const message = event.message;