@excitedjs/dreamux 0.7.0 → 0.8.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -5,13 +5,11 @@ import { dispatcherAccessPath } from '../runtime/paths.js';
|
|
|
5
5
|
export const TRUST_DOMAIN_WARNING = 'dispatcher shares one Codex context across multiple Feishu chats';
|
|
6
6
|
export function defaultDispatcherAccessState() {
|
|
7
7
|
return {
|
|
8
|
-
version:
|
|
9
|
-
|
|
10
|
-
allow_users: [],
|
|
11
|
-
},
|
|
8
|
+
version: 2,
|
|
9
|
+
allow_users: [],
|
|
12
10
|
group: {
|
|
11
|
+
policy: 'follow-user',
|
|
13
12
|
allow_chats: [],
|
|
14
|
-
follow_users: [],
|
|
15
13
|
require_mention: true,
|
|
16
14
|
},
|
|
17
15
|
observed_chats: [],
|
|
@@ -57,7 +55,7 @@ export function dreamuxFeishuGate(input, access) {
|
|
|
57
55
|
if (input.chatType === 'p2p') {
|
|
58
56
|
if (senderIsBot)
|
|
59
57
|
return drop(`bot sender type: ${input.senderType}`);
|
|
60
|
-
if (!access.
|
|
58
|
+
if (!access.allow_users.includes(input.senderId)) {
|
|
61
59
|
return drop('direct sender not allowed');
|
|
62
60
|
}
|
|
63
61
|
return deliver(access, input, now);
|
|
@@ -65,23 +63,44 @@ export function dreamuxFeishuGate(input, access) {
|
|
|
65
63
|
if (input.chatType !== 'group') {
|
|
66
64
|
return drop(`unsupported chat type: ${input.chatType}`);
|
|
67
65
|
}
|
|
68
|
-
|
|
69
|
-
|
|
66
|
+
const policy = access.group.policy;
|
|
67
|
+
if (policy === 'block') {
|
|
68
|
+
return drop('group messages are blocked (group policy: block)');
|
|
69
|
+
}
|
|
70
|
+
// Under `allowlist` the group is the unit of trust: the chat must be named.
|
|
71
|
+
// Under `follow-user` the chat allowlist is intentionally ignored — the group
|
|
72
|
+
// needs no authorization, only the sender does.
|
|
73
|
+
if (policy === 'allowlist' && !access.group.allow_chats.includes(input.chatId)) {
|
|
70
74
|
return drop('group chat not allowed');
|
|
71
75
|
}
|
|
72
76
|
if (senderIsBot) {
|
|
73
77
|
// A peer bot speaks only if it was introduced (trusted) for this chat by an
|
|
74
78
|
// allowlisted `/introduce`. Trusted bots bypass the mention gate because a
|
|
75
|
-
// bot cannot @-mention us; untrusted bots are dropped as before.
|
|
79
|
+
// bot cannot @-mention us; untrusted bots are dropped as before. This is
|
|
80
|
+
// per-chat trust (`trustedBotIds` is scoped to this chat by the caller) and
|
|
81
|
+
// is never reached through the human `allow_users` list.
|
|
76
82
|
if (input.trustedBotIds?.has(input.senderId) ?? false) {
|
|
77
83
|
return deliver(access, input, now);
|
|
78
84
|
}
|
|
79
85
|
return drop(`bot sender type: ${input.senderType}`);
|
|
80
86
|
}
|
|
81
|
-
if (
|
|
82
|
-
|
|
83
|
-
|
|
87
|
+
if (policy === 'follow-user') {
|
|
88
|
+
// A deliberate @-mention is always required — without it the bot would
|
|
89
|
+
// react to every message in the group. The flag `group.require_mention`
|
|
90
|
+
// governs only the `allowlist` policy.
|
|
91
|
+
if (input.botOpenId === undefined) {
|
|
92
|
+
return drop('group message requires a bot mention but bot open_id is unknown');
|
|
93
|
+
}
|
|
94
|
+
if (!isBotMentioned(input.mentions, input.botOpenId)) {
|
|
95
|
+
return drop('bot not mentioned');
|
|
96
|
+
}
|
|
97
|
+
if (!access.allow_users.includes(input.senderId)) {
|
|
98
|
+
return drop('sender not on allowlist');
|
|
99
|
+
}
|
|
100
|
+
return deliver(access, input, now);
|
|
84
101
|
}
|
|
102
|
+
// policy === 'allowlist': the chat is already authorized above; any member
|
|
103
|
+
// may speak, subject to the configurable mention gate.
|
|
85
104
|
if (access.group.require_mention) {
|
|
86
105
|
if (input.botOpenId === undefined) {
|
|
87
106
|
return drop('group message requires a bot mention but bot open_id is unknown');
|
|
@@ -133,14 +152,37 @@ function readDispatcherAccess(raw, path) {
|
|
|
133
152
|
const dm = isRecord(raw['dm']) ? raw['dm'] : {};
|
|
134
153
|
const group = isRecord(raw['group']) ? raw['group'] : {};
|
|
135
154
|
const lastGate = raw['last_gate'];
|
|
155
|
+
// v2 unifies three possible sources of allowed senders into one list:
|
|
156
|
+
// - top-level `allow_users` (v2),
|
|
157
|
+
// - legacy `dm.allow_users` (v1 direct allowlist),
|
|
158
|
+
// - legacy `group.follow_users` (v1 group sender allowlist).
|
|
159
|
+
// They are merged and de-duplicated; the legacy fields are read but never
|
|
160
|
+
// written back, so the first save collapses the file to the v2 shape. The
|
|
161
|
+
// union means DM access becomes `dm.allow_users ∪ group.follow_users` — for
|
|
162
|
+
// the common case (the two were equal, or dm ⊇ follow) DM is unchanged.
|
|
163
|
+
const topAllow = readStringArray(raw, 'allow_users', [], path);
|
|
164
|
+
const legacyDmAllow = readStringArray(dm, 'allow_users', [], path);
|
|
165
|
+
const legacyFollow = readStringArray(group, 'follow_users', [], path);
|
|
166
|
+
const allowUsers = [...new Set([...topAllow, ...legacyDmAllow, ...legacyFollow])];
|
|
167
|
+
const allowChats = readStringArray(group, 'allow_chats', defaults.group.allow_chats, path);
|
|
168
|
+
// Group policy: an explicit value always wins. Otherwise infer from the
|
|
169
|
+
// legacy shape — a non-empty `follow_users` is the strongest signal the
|
|
170
|
+
// operator wanted sender-scoped gating, so preserve it as `follow-user`
|
|
171
|
+
// (never silently relax it to chat-only `allowlist`); then a non-empty
|
|
172
|
+
// `allow_chats` means chat-scoped gating; else the secure default.
|
|
173
|
+
const explicitPolicy = readGroupPolicy(group['policy'], path);
|
|
174
|
+
const policy = explicitPolicy ??
|
|
175
|
+
(legacyFollow.length > 0
|
|
176
|
+
? 'follow-user'
|
|
177
|
+
: allowChats.length > 0
|
|
178
|
+
? 'allowlist'
|
|
179
|
+
: defaults.group.policy);
|
|
136
180
|
return {
|
|
137
|
-
version:
|
|
138
|
-
|
|
139
|
-
allow_users: readStringArray(dm, 'allow_users', defaults.dm.allow_users, path),
|
|
140
|
-
},
|
|
181
|
+
version: 2,
|
|
182
|
+
allow_users: allowUsers,
|
|
141
183
|
group: {
|
|
142
|
-
|
|
143
|
-
|
|
184
|
+
policy,
|
|
185
|
+
allow_chats: allowChats,
|
|
144
186
|
require_mention: readBoolean(group, 'require_mention', defaults.group.require_mention, path),
|
|
145
187
|
},
|
|
146
188
|
observed_chats: readStringArray(raw, 'observed_chats', defaults.observed_chats, path),
|
|
@@ -150,6 +192,14 @@ function readDispatcherAccess(raw, path) {
|
|
|
150
192
|
: readGateDiagnostic(lastGate, path),
|
|
151
193
|
};
|
|
152
194
|
}
|
|
195
|
+
function readGroupPolicy(value, path) {
|
|
196
|
+
if (value === undefined)
|
|
197
|
+
return undefined;
|
|
198
|
+
if (value !== 'block' && value !== 'allowlist' && value !== 'follow-user') {
|
|
199
|
+
throw new Error(`dispatcher access error in ${path}: group.policy must be block, allowlist, or follow-user`);
|
|
200
|
+
}
|
|
201
|
+
return value;
|
|
202
|
+
}
|
|
153
203
|
function readGateDiagnostic(raw, path) {
|
|
154
204
|
if (!isRecord(raw)) {
|
|
155
205
|
throw new Error(`dispatcher access error in ${path}: last_gate must be an object`);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"feishu-gate.js","sourceRoot":"","sources":["../../src/channel/feishu-gate.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,cAAc,EACd,eAAe,GAEhB,MAAM,6BAA6B,CAAC;AACrC,OAAO,EACL,SAAS,EACT,UAAU,EACV,SAAS,EACT,YAAY,EACZ,aAAa,GACd,MAAM,SAAS,CAAC;AACjB,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAEpC,OAAO,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAC;AAE3D,MAAM,CAAC,MAAM,oBAAoB,GAC/B,kEAAkE,CAAC;
|
|
1
|
+
{"version":3,"file":"feishu-gate.js","sourceRoot":"","sources":["../../src/channel/feishu-gate.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,cAAc,EACd,eAAe,GAEhB,MAAM,6BAA6B,CAAC;AACrC,OAAO,EACL,SAAS,EACT,UAAU,EACV,SAAS,EACT,YAAY,EACZ,aAAa,GACd,MAAM,SAAS,CAAC;AACjB,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAEpC,OAAO,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAC;AAE3D,MAAM,CAAC,MAAM,oBAAoB,GAC/B,kEAAkE,CAAC;AAmFrE,MAAM,UAAU,4BAA4B;IAC1C,OAAO;QACL,OAAO,EAAE,CAAC;QACV,WAAW,EAAE,EAAE;QACf,KAAK,EAAE;YACL,MAAM,EAAE,aAAa;YACrB,WAAW,EAAE,EAAE;YACf,eAAe,EAAE,IAAI;SACtB;QACD,cAAc,EAAE,EAAE;QAClB,QAAQ,EAAE,EAAE;QACZ,SAAS,EAAE,IAAI;KAChB,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,oBAAoB,CAAC,YAAoB;IACvD,MAAM,IAAI,GAAG,oBAAoB,CAAC,YAAY,CAAC,CAAC;IAChD,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC;QAAE,OAAO,4BAA4B,EAAE,CAAC;IAC7D,MAAM,GAAG,GAAG,YAAY,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;IACvC,IAAI,MAAe,CAAC;IACpB,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC3B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAC7D,MAAM,IAAI,KAAK,CAAC,oCAAoC,IAAI,KAAK,GAAG,EAAE,CAAC,CAAC;IACtE,CAAC;IACD,OAAO,oBAAoB,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;AAC5C,CAAC;AAED,MAAM,UAAU,oBAAoB,CAClC,YAAoB,EACpB,MAA6B;IAE7B,MAAM,IAAI,GAAG,oBAAoB,CAAC,YAAY,CAAC,CAAC;IAChD,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAC9C,aAAa,CAAC,IAAI,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;IAC7E,SAAS,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;AACzB,CAAC;AAED,MAAM,UAAU,iBAAiB,CAC/B,KAA6B,EAC7B,MAA6B;IAE7B,MAAM,GAAG,GAAG,KAAK,CAAC,GAAG,IAAI,IAAI,CAAC,GAAG,EAAE,CAAC;IACpC,MAAM,IAAI,GAAG,CAAC,MAAc,EAA2B,EAAE,CAAC,CAAC;QACzD,MAAM,EAAE,MAAM;QACd,MAAM;QACN,OAAO,EAAE,IAAI;QACb,MAAM,EAAE,cAAc,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM,CAAC;KAC3D,CAAC,CAAC;IAEH,IAAI,KAAK,CAAC,QAAQ,KAAK,EAAE;QAAE,OAAO,IAAI,CAAC,mBAAmB,CAAC,CAAC;IAC5D,IAAI,KAAK,CAAC,SAAS,KAAK,SAAS,IAAI,KAAK,CAAC,QAAQ,KAAK,KAAK,CAAC,SAAS,EAAE,CAAC;QACxE,OAAO,IAAI,CAAC,0BAA0B,CAAC,CAAC;IAC1C,CAAC;IACD,MAAM,WAAW,GAAG,eAAe,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;IAEtD,IAAI,KAAK,CAAC,QAAQ,KAAK,KAAK,EAAE,CAAC;QAC7B,IAAI,WAAW;YAAE,OAAO,IAAI,CAAC,oBAAoB,KAAK,CAAC,UAAU,EAAE,CAAC,CAAC;QACrE,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC;YACjD,OAAO,IAAI,CAAC,2BAA2B,CAAC,CAAC;QAC3C,CAAC;QACD,OAAO,OAAO,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,CAAC,CAAC;IACrC,CAAC;IAED,IAAI,KAAK,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;QAC/B,OAAO,IAAI,CAAC,0BAA0B,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC;IAC1D,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC;IACnC,IAAI,MAAM,KAAK,OAAO,EAAE,CAAC;QACvB,OAAO,IAAI,CAAC,kDAAkD,CAAC,CAAC;IAClE,CAAC;IAED,4EAA4E;IAC5E,8EAA8E;IAC9E,gDAAgD;IAChD,IAAI,MAAM,KAAK,WAAW,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,WAAW,CAAC,QAAQ,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC;QAC/E,OAAO,IAAI,CAAC,wBAAwB,CAAC,CAAC;IACxC,CAAC;IAED,IAAI,WAAW,EAAE,CAAC;QAChB,4EAA4E;QAC5E,2EAA2E;QAC3E,yEAAyE;QACzE,4EAA4E;QAC5E,yDAAyD;QACzD,IAAI,KAAK,CAAC,aAAa,EAAE,GAAG,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,KAAK,EAAE,CAAC;YACtD,OAAO,OAAO,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,CAAC,CAAC;QACrC,CAAC;QACD,OAAO,IAAI,CAAC,oBAAoB,KAAK,CAAC,UAAU,EAAE,CAAC,CAAC;IACtD,CAAC;IAED,IAAI,MAAM,KAAK,aAAa,EAAE,CAAC;QAC7B,uEAAuE;QACvE,wEAAwE;QACxE,uCAAuC;QACvC,IAAI,KAAK,CAAC,SAAS,KAAK,SAAS,EAAE,CAAC;YAClC,OAAO,IAAI,CAAC,iEAAiE,CAAC,CAAC;QACjF,CAAC;QACD,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,QAAQ,EAAE,KAAK,CAAC,SAAS,CAAC,EAAE,CAAC;YACrD,OAAO,IAAI,CAAC,mBAAmB,CAAC,CAAC;QACnC,CAAC;QACD,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC;YACjD,OAAO,IAAI,CAAC,yBAAyB,CAAC,CAAC;QACzC,CAAC;QACD,OAAO,OAAO,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,CAAC,CAAC;IACrC,CAAC;IAED,2EAA2E;IAC3E,uDAAuD;IACvD,IAAI,MAAM,CAAC,KAAK,CAAC,eAAe,EAAE,CAAC;QACjC,IAAI,KAAK,CAAC,SAAS,KAAK,SAAS,EAAE,CAAC;YAClC,OAAO,IAAI,CAAC,iEAAiE,CAAC,CAAC;QACjF,CAAC;QACD,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,QAAQ,EAAE,KAAK,CAAC,SAAS,CAAC,EAAE,CAAC;YACrD,OAAO,IAAI,CAAC,mBAAmB,CAAC,CAAC;QACnC,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,CAAC,CAAC;AACrC,CAAC;AAED,SAAS,OAAO,CACd,MAA6B,EAC7B,KAA6B,EAC7B,GAAW;IAEX,IAAI,IAAI,GAAG,cAAc,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,EAAE,SAAS,CAAC,CAAC;IACzD,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC;QAChD,IAAI,GAAG;YACL,GAAG,IAAI;YACP,cAAc,EAAE,CAAC,GAAG,IAAI,CAAC,cAAc,EAAE,KAAK,CAAC,MAAM,CAAC;SACvD,CAAC;IACJ,CAAC;IAED,MAAM,YAAY,GAChB,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,IAAI,IAAI,CAAC,cAAc,CAAC,MAAM,GAAG,CAAC,CAAC;IACtE,MAAM,OAAO,GACX,YAAY,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,oBAAoB,CAAC;QAC3D,CAAC,CAAC,oBAAoB;QACtB,CAAC,CAAC,IAAI,CAAC;IACX,IAAI,OAAO,KAAK,IAAI,EAAE,CAAC;QACrB,IAAI,GAAG;YACL,GAAG,IAAI;YACP,QAAQ,EAAE,CAAC,GAAG,IAAI,CAAC,QAAQ,EAAE,OAAO,CAAC;SACtC,CAAC;IACJ,CAAC;IAED,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;AACtD,CAAC;AAED,SAAS,cAAc,CACrB,MAA6B,EAC7B,KAA6B,EAC7B,GAAW,EACX,MAA0B,EAC1B,MAAe;IAEf,OAAO;QACL,GAAG,MAAM;QACT,SAAS,EAAE;YACT,EAAE,EAAE,GAAG;YACP,MAAM;YACN,OAAO,EAAE,KAAK,CAAC,MAAM;YACrB,SAAS,EAAE,KAAK,CAAC,QAAQ;YACzB,SAAS,EAAE,KAAK,CAAC,QAAQ;YACzB,GAAG,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SAC5C;KACF,CAAC;AACJ,CAAC;AAED,SAAS,oBAAoB,CAC3B,GAAY,EACZ,IAAY;IAEZ,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QACnB,MAAM,IAAI,KAAK,CAAC,8BAA8B,IAAI,+BAA+B,CAAC,CAAC;IACrF,CAAC;IACD,MAAM,QAAQ,GAAG,4BAA4B,EAAE,CAAC;IAChD,MAAM,EAAE,GAAG,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAChD,MAAM,KAAK,GAAG,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IACzD,MAAM,QAAQ,GAAG,GAAG,CAAC,WAAW,CAAC,CAAC;IAElC,sEAAsE;IACtE,oCAAoC;IACpC,qDAAqD;IACrD,+DAA+D;IAC/D,0EAA0E;IAC1E,0EAA0E;IAC1E,4EAA4E;IAC5E,wEAAwE;IACxE,MAAM,QAAQ,GAAG,eAAe,CAAC,GAAG,EAAE,aAAa,EAAE,EAAE,EAAE,IAAI,CAAC,CAAC;IAC/D,MAAM,aAAa,GAAG,eAAe,CAAC,EAAE,EAAE,aAAa,EAAE,EAAE,EAAE,IAAI,CAAC,CAAC;IACnE,MAAM,YAAY,GAAG,eAAe,CAAC,KAAK,EAAE,cAAc,EAAE,EAAE,EAAE,IAAI,CAAC,CAAC;IACtE,MAAM,UAAU,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,QAAQ,EAAE,GAAG,aAAa,EAAE,GAAG,YAAY,CAAC,CAAC,CAAC,CAAC;IAClF,MAAM,UAAU,GAAG,eAAe,CAChC,KAAK,EACL,aAAa,EACb,QAAQ,CAAC,KAAK,CAAC,WAAW,EAC1B,IAAI,CACL,CAAC;IAEF,wEAAwE;IACxE,wEAAwE;IACxE,wEAAwE;IACxE,uEAAuE;IACvE,mEAAmE;IACnE,MAAM,cAAc,GAAG,eAAe,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE,IAAI,CAAC,CAAC;IAC9D,MAAM,MAAM,GACV,cAAc;QACd,CAAC,YAAY,CAAC,MAAM,GAAG,CAAC;YACtB,CAAC,CAAC,aAAa;YACf,CAAC,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC;gBACrB,CAAC,CAAC,WAAW;gBACb,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IAE/B,OAAO;QACL,OAAO,EAAE,CAAC;QACV,WAAW,EAAE,UAAU;QACvB,KAAK,EAAE;YACL,MAAM;YACN,WAAW,EAAE,UAAU;YACvB,eAAe,EAAE,WAAW,CAC1B,KAAK,EACL,iBAAiB,EACjB,QAAQ,CAAC,KAAK,CAAC,eAAe,EAC9B,IAAI,CACL;SACF;QACD,cAAc,EAAE,eAAe,CAC7B,GAAG,EACH,gBAAgB,EAChB,QAAQ,CAAC,cAAc,EACvB,IAAI,CACL;QACD,QAAQ,EAAE,eAAe,CAAC,GAAG,EAAE,UAAU,EAAE,QAAQ,CAAC,QAAQ,EAAE,IAAI,CAAC;QACnE,SAAS,EAAE,QAAQ,KAAK,IAAI,IAAI,QAAQ,KAAK,SAAS;YACpD,CAAC,CAAC,IAAI;YACN,CAAC,CAAC,kBAAkB,CAAC,QAAQ,EAAE,IAAI,CAAC;KACvC,CAAC;AACJ,CAAC;AAED,SAAS,eAAe,CACtB,KAAc,EACd,IAAY;IAEZ,IAAI,KAAK,KAAK,SAAS;QAAE,OAAO,SAAS,CAAC;IAC1C,IAAI,KAAK,KAAK,OAAO,IAAI,KAAK,KAAK,WAAW,IAAI,KAAK,KAAK,aAAa,EAAE,CAAC;QAC1E,MAAM,IAAI,KAAK,CACb,8BAA8B,IAAI,yDAAyD,CAC5F,CAAC;IACJ,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,kBAAkB,CAAC,GAAY,EAAE,IAAY;IACpD,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QACnB,MAAM,IAAI,KAAK,CAAC,8BAA8B,IAAI,+BAA+B,CAAC,CAAC;IACrF,CAAC;IACD,MAAM,MAAM,GAAG,GAAG,CAAC,QAAQ,CAAC,CAAC;IAC7B,IAAI,MAAM,KAAK,SAAS,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QAC9C,MAAM,IAAI,KAAK,CACb,8BAA8B,IAAI,4CAA4C,CAC/E,CAAC;IACJ,CAAC;IACD,OAAO;QACL,EAAE,EAAE,UAAU,CAAC,GAAG,EAAE,IAAI,EAAE,IAAI,CAAC;QAC/B,MAAM;QACN,OAAO,EAAE,UAAU,CAAC,GAAG,EAAE,SAAS,EAAE,IAAI,CAAC;QACzC,SAAS,EAAE,UAAU,CAAC,GAAG,EAAE,WAAW,EAAE,IAAI,CAAC;QAC7C,SAAS,EAAE,UAAU,CAAC,GAAG,EAAE,WAAW,EAAE,IAAI,CAAC;QAC7C,GAAG,CAAC,OAAO,GAAG,CAAC,QAAQ,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KACxE,CAAC;AACJ,CAAC;AAED,SAAS,eAAe,CACtB,GAA4B,EAC5B,GAAW,EACX,QAAkB,EAClB,IAAY;IAEZ,MAAM,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACvB,IAAI,KAAK,KAAK,SAAS;QAAE,OAAO,CAAC,GAAG,QAAQ,CAAC,CAAC;IAC9C,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,OAAO,IAAI,KAAK,QAAQ,CAAC,EAAE,CAAC;QAC9E,MAAM,IAAI,KAAK,CACb,8BAA8B,IAAI,KAAK,GAAG,8BAA8B,CACzE,CAAC;IACJ,CAAC;IACD,OAAO,CAAC,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC;AAC7B,CAAC;AAED,SAAS,WAAW,CAClB,GAA4B,EAC5B,GAAW,EACX,QAAiB,EACjB,IAAY;IAEZ,MAAM,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACvB,IAAI,KAAK,KAAK,SAAS;QAAE,OAAO,QAAQ,CAAC;IACzC,IAAI,OAAO,KAAK,KAAK,SAAS,EAAE,CAAC;QAC/B,MAAM,IAAI,KAAK,CAAC,8BAA8B,IAAI,KAAK,GAAG,oBAAoB,CAAC,CAAC;IAClF,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,UAAU,CACjB,GAA4B,EAC5B,GAAW,EACX,IAAY;IAEZ,MAAM,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC9B,MAAM,IAAI,KAAK,CAAC,8BAA8B,IAAI,KAAK,GAAG,mBAAmB,CAAC,CAAC;IACjF,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,UAAU,CACjB,GAA4B,EAC5B,GAAW,EACX,IAAY;IAEZ,MAAM,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACvB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC9B,MAAM,IAAI,KAAK,CAAC,8BAA8B,IAAI,KAAK,GAAG,mBAAmB,CAAC,CAAC;IACjF,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,QAAQ,CAAC,KAAc;IAC9B,OAAO,KAAK,KAAK,IAAI,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;AAC9E,CAAC"}
|
|
@@ -26,7 +26,8 @@ const INTRODUCE_RE = /^\/introduce(?:\s|$)/i;
|
|
|
26
26
|
* contract; `canRunIntroduce` is the boolean projection of it.
|
|
27
27
|
*
|
|
28
28
|
* Sender-scoped, not group-scoped: the chat must be explicitly allowlisted AND
|
|
29
|
-
* the sender must be on the
|
|
29
|
+
* the sender must be on the global `allow_users` list (the same list that gates
|
|
30
|
+
* direct messages and `follow-user` group delivery). Empty allowlists do not
|
|
30
31
|
* authorize anyone — there is no "any member of an allowlisted group" path.
|
|
31
32
|
*/
|
|
32
33
|
export function introduceDenyReason(access, input) {
|
|
@@ -34,15 +35,19 @@ export function introduceDenyReason(access, input) {
|
|
|
34
35
|
return 'non_group';
|
|
35
36
|
if (input.senderId === '')
|
|
36
37
|
return 'empty_sender_id';
|
|
37
|
-
// The chat must be explicitly allowlisted.
|
|
38
|
-
// chat" for normal delivery, but
|
|
39
|
-
// chat to be named, so introduce
|
|
38
|
+
// The chat must be explicitly allowlisted. Under the `follow-user` policy an
|
|
39
|
+
// empty `allow_chats` means "every chat" for normal delivery, but a
|
|
40
|
+
// trust-changing command always requires the chat to be named, so introduce
|
|
41
|
+
// never fires in an incidental group regardless of the group policy.
|
|
40
42
|
if (!access.group.allow_chats.includes(input.chatId))
|
|
41
43
|
return 'chat_not_allowlisted';
|
|
42
|
-
// The sender must be
|
|
43
|
-
//
|
|
44
|
-
// rather than "any member of an
|
|
45
|
-
|
|
44
|
+
// The sender must be on the global allow-user list — the same list that gates
|
|
45
|
+
// direct messages and `follow-user` group delivery. An empty list authorizes
|
|
46
|
+
// nobody, keeping the rule sender-scoped rather than "any member of an
|
|
47
|
+
// allowlisted group". The `sender_not_followed` code name predates the
|
|
48
|
+
// single-list unification (issue #79) but still reads correctly: the sender
|
|
49
|
+
// is not a followed/allow-listed user.
|
|
50
|
+
if (!access.allow_users.includes(input.senderId))
|
|
46
51
|
return 'sender_not_followed';
|
|
47
52
|
return null;
|
|
48
53
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"introduce.js","sourceRoot":"","sources":["../../src/channel/introduce.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AAOH,MAAM,YAAY,GAAG,uBAAuB,CAAC;AAoB7C
|
|
1
|
+
{"version":3,"file":"introduce.js","sourceRoot":"","sources":["../../src/channel/introduce.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AAOH,MAAM,YAAY,GAAG,uBAAuB,CAAC;AAoB7C;;;;;;;;;GASG;AACH,MAAM,UAAU,mBAAmB,CACjC,MAA6B,EAC7B,KAAyB;IAEzB,IAAI,KAAK,CAAC,QAAQ,KAAK,OAAO;QAAE,OAAO,WAAW,CAAC;IACnD,IAAI,KAAK,CAAC,QAAQ,KAAK,EAAE;QAAE,OAAO,iBAAiB,CAAC;IACpD,6EAA6E;IAC7E,oEAAoE;IACpE,4EAA4E;IAC5E,qEAAqE;IACrE,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,WAAW,CAAC,QAAQ,CAAC,KAAK,CAAC,MAAM,CAAC;QAAE,OAAO,sBAAsB,CAAC;IACpF,8EAA8E;IAC9E,6EAA6E;IAC7E,uEAAuE;IACvE,uEAAuE;IACvE,4EAA4E;IAC5E,uCAAuC;IACvC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,CAAC,KAAK,CAAC,QAAQ,CAAC;QAAE,OAAO,qBAAqB,CAAC;IAC/E,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,eAAe,CAC7B,MAA6B,EAC7B,KAAyB;IAEzB,OAAO,mBAAmB,CAAC,MAAM,EAAE,KAAK,CAAC,KAAK,IAAI,CAAC;AACrD,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,eAAe,CAC7B,WAAmB,EACnB,UAAkB,EAClB,QAAmB;IAEnB,IAAI,WAAW,KAAK,MAAM;QAAE,OAAO,KAAK,CAAC;IACzC,IAAI,IAAY,CAAC;IACjB,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAY,CAAC;QACjD,IAAI;YACF,MAAM,KAAK,IAAI,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC;gBACrE,CAAC,CAAC,OAAQ,MAAkC,CAAC,MAAM,CAAC,KAAK,QAAQ;oBAC/D,CAAC,CAAG,MAAkC,CAAC,MAAM,CAAY;oBACzD,CAAC,CAAC,EAAE;gBACN,CAAC,CAAC,EAAE,CAAC;IACX,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;IACD,2EAA2E;IAC3E,6EAA6E;IAC7E,4EAA4E;IAC5E,+EAA+E;IAC/E,MAAM,IAAI,GAAG,QAAQ;SAClB,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC;SACjB,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,KAAK,EAAE,CAAC;SAC3B,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC;IACvC,IAAI,SAAS,GAAG,IAAI,CAAC,SAAS,EAAE,CAAC;IACjC,IAAI,QAAQ,GAAG,IAAI,CAAC;IACpB,OAAO,QAAQ,EAAE,CAAC;QAChB,QAAQ,GAAG,KAAK,CAAC;QACjB,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;YACvB,IAAI,SAAS,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC9B,SAAS,GAAG,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,SAAS,EAAE,CAAC;gBACpD,QAAQ,GAAG,IAAI,CAAC;gBAChB,MAAM;YACR,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,YAAY,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;AACtC,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,eAAe,CAC7B,QAAmB,EACnB,UAA8B;IAE9B,MAAM,KAAK,GAAc,EAAE,CAAC;IAC5B,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,MAAM,MAAM,GAAG,CAAC,CAAC,EAAE,EAAE,OAAO,IAAI,CAAC,CAAC,EAAE,EAAE,QAAQ,IAAI,EAAE,CAAC;QACrD,IAAI,MAAM,KAAK,EAAE,IAAI,MAAM,KAAK,UAAU,IAAI,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC;YAAE,SAAS;QACzE,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QACjB,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC;IAC3E,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC"}
|
package/package.json
CHANGED