mirror of
https://github.com/openclaw/openclaw.git
synced 2026-03-14 19:40:40 +00:00
65 lines
1.7 KiB
TypeScript
65 lines
1.7 KiB
TypeScript
import { resolveOpenProviderRuntimeGroupPolicy } from "../config/runtime-group-policy.js";
|
|
import type { GroupPolicy } from "../config/types.base.js";
|
|
|
|
export type SenderGroupAccessReason =
|
|
| "allowed"
|
|
| "disabled"
|
|
| "empty_allowlist"
|
|
| "sender_not_allowlisted";
|
|
|
|
export type SenderGroupAccessDecision = {
|
|
allowed: boolean;
|
|
groupPolicy: GroupPolicy;
|
|
providerMissingFallbackApplied: boolean;
|
|
reason: SenderGroupAccessReason;
|
|
};
|
|
|
|
export function evaluateSenderGroupAccess(params: {
|
|
providerConfigPresent: boolean;
|
|
configuredGroupPolicy?: GroupPolicy;
|
|
defaultGroupPolicy?: GroupPolicy;
|
|
groupAllowFrom: string[];
|
|
senderId: string;
|
|
isSenderAllowed: (senderId: string, allowFrom: string[]) => boolean;
|
|
}): SenderGroupAccessDecision {
|
|
const { groupPolicy, providerMissingFallbackApplied } = resolveOpenProviderRuntimeGroupPolicy({
|
|
providerConfigPresent: params.providerConfigPresent,
|
|
groupPolicy: params.configuredGroupPolicy,
|
|
defaultGroupPolicy: params.defaultGroupPolicy,
|
|
});
|
|
|
|
if (groupPolicy === "disabled") {
|
|
return {
|
|
allowed: false,
|
|
groupPolicy,
|
|
providerMissingFallbackApplied,
|
|
reason: "disabled",
|
|
};
|
|
}
|
|
if (groupPolicy === "allowlist") {
|
|
if (params.groupAllowFrom.length === 0) {
|
|
return {
|
|
allowed: false,
|
|
groupPolicy,
|
|
providerMissingFallbackApplied,
|
|
reason: "empty_allowlist",
|
|
};
|
|
}
|
|
if (!params.isSenderAllowed(params.senderId, params.groupAllowFrom)) {
|
|
return {
|
|
allowed: false,
|
|
groupPolicy,
|
|
providerMissingFallbackApplied,
|
|
reason: "sender_not_allowlisted",
|
|
};
|
|
}
|
|
}
|
|
|
|
return {
|
|
allowed: true,
|
|
groupPolicy,
|
|
providerMissingFallbackApplied,
|
|
reason: "allowed",
|
|
};
|
|
}
|