@ihazz/bitrix24 0.1.4 → 0.1.6

package/README.md

@@ -47,15 +47,25 @@ Add to your `openclaw.json`:
       "webhookUrl": "https://your-portal.bitrix24.com/rest/1/abc123xyz456/",
       "botName": "OpenClaw",
       "botCode": "openclaw",
-      "callbackPath": "/hooks/bitrix24",
       "callbackUrl": "https://your-server.com/hooks/bitrix24",
       "dmPolicy": "open",
+      "allowFrom": ["*"],
       "showTyping": true
     }
   }
 }
 ```
 
+Set allow in plugin section:
+```json
+{
+  "plugins": {
+    "allow": [
+      "bitrix24"
+    ],
+  }
+}
+```
 Only `webhookUrl` is required. The gateway will not start without it.
 
 ### Configuration Options
@@ -65,8 +75,7 @@ Only `webhookUrl` is required. The gateway will not start without it.
 | `webhookUrl` | — | Bitrix24 REST webhook URL (**required**) |
 | `botName` | `"OpenClaw"` | Bot display name (shown in welcome message) |
 | `botCode` | `"openclaw"` | Unique bot code for `imbot.register` |
-| `callbackPath` | `"/hooks/bitrix24"` | Webhook endpoint path for incoming B24 events |
-| `callbackUrl` | — | Full public URL for bot registration (e.g. `https://your-server.com/hooks/bitrix24`).|
+| `callbackUrl` | — | Full public URL for bot EVENT_HANDLER (e.g. `https://your-server.com/hooks/bitrix24`). Path is auto-extracted for route registration. |
 | `dmPolicy` | `"open"` | Access policy: `"open"` / `"allowlist"` / `"pairing"` |
 | `allowFrom` | — | Allowed B24 user IDs (when `dmPolicy: "allowlist"`) |
 | `showTyping` | `true` | Send typing indicator before responding |

package/index.ts

@@ -28,9 +28,10 @@ export default {
 
     api.registerChannel({ plugin: bitrix24Plugin });
 
-    // Register HTTP webhook route on the OpenClaw gateway
+    // Register HTTP webhook route — derive path from callbackUrl
     const channels = api.config?.channels as Record<string, Record<string, unknown>> | undefined;
-    const callbackPath = (channels?.bitrix24?.callbackPath as string) ?? '/hooks/bitrix24';
+    const callbackUrl = channels?.bitrix24?.callbackUrl as string | undefined;
+    const callbackPath = callbackUrl ? new URL(callbackUrl).pathname : '/hooks/bitrix24';
 
     api.registerHttpRoute({
       path: callbackPath,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@ihazz/bitrix24",
-  "version": "0.1.4",
+  "version": "0.1.6",
   "description": "Bitrix24 Messenger channel for OpenClaw",
   "type": "module",
   "main": "./dist/index.js",

package/src/access-control.ts

@@ -1,11 +1,12 @@
 import type { Bitrix24AccountConfig } from './types.js';
+import type { PluginRuntime, ChannelPairingAdapter } from './runtime.js';
 
 /**
  * Normalize an allowFrom entry — strip platform prefixes.
  * "bitrix24:42" → "42", "b24:42" → "42", "bx24:42" → "42", "42" → "42"
  */
 export function normalizeAllowEntry(entry: string): string {
-  return entry.trim().replace(/^(bitrix24|b24|bx24):/, '');
+  return entry.trim().replace(/^(bitrix24|b24|bx24):/i, '');
 }
 
 /**
@@ -17,7 +18,7 @@ export function checkAccess(
   senderId: string,
   config: Bitrix24AccountConfig,
 ): boolean {
-  const policy = config.dmPolicy ?? 'open';
+  const policy = config.dmPolicy ?? 'pairing';
 
   switch (policy) {
     case 'open':
@@ -31,10 +32,66 @@ export function checkAccess(
     }
 
     case 'pairing':
-      // Pairing mode is post-MVP — for now, treat as open
-      return true;
+      // Pairing requires runtime — use checkAccessWithPairing() instead
+      return false;
 
     default:
       return false;
   }
 }
+
+export type AccessResult = 'allow' | 'deny' | 'pairing';
+
+/**
+ * Pairing-aware access check.
+ * Merges config allowFrom with file-based allowFrom store.
+ * For pairing mode, upserts a pairing request and sends the reply.
+ */
+export async function checkAccessWithPairing(params: {
+  senderId: string;
+  config: Bitrix24AccountConfig;
+  runtime: PluginRuntime;
+  accountId: string;
+  pairingAdapter: ChannelPairingAdapter;
+  sendReply: (text: string) => Promise<void>;
+  logger?: { debug: (...args: unknown[]) => void };
+}): Promise<AccessResult> {
+  const { senderId, config, runtime, accountId, pairingAdapter, sendReply, logger } = params;
+  const policy = config.dmPolicy ?? 'pairing';
+
+  if (policy === 'open') return 'allow';
+
+  // Read file-based allowFrom store and merge with config
+  const storeAllowFrom = await runtime.channel.pairing.readAllowFromStore('bitrix24', '', accountId);
+  const configAllowFrom = (config.allowFrom ?? []).map(normalizeAllowEntry);
+  const merged = [...new Set([...configAllowFrom, ...storeAllowFrom])];
+  const normalizedSender = normalizeAllowEntry(String(senderId));
+
+  if (merged.includes(normalizedSender)) return 'allow';
+
+  if (policy === 'allowlist') {
+    logger?.debug('Access denied (allowlist)', { senderId });
+    return 'deny';
+  }
+
+  // policy === 'pairing'
+  const { code, created } = await runtime.channel.pairing.upsertPairingRequest({
+    channel: 'bitrix24',
+    id: senderId,
+    accountId,
+    meta: {},
+    pairingAdapter,
+  });
+
+  if (created) {
+    const reply = runtime.channel.pairing.buildPairingReply({
+      code,
+      channel: 'bitrix24',
+      accountId,
+    });
+    await sendReply(reply.text);
+  }
+
+  logger?.debug('Pairing request handled', { senderId, code, created });
+  return 'pairing';
+}

package/src/api.ts

@@ -253,6 +253,33 @@ export class Bitrix24Api {
     return result.result;
   }
 
+  async registerCommand(
+    webhookUrl: string,
+    params: {
+      BOT_ID: number;
+      COMMAND: string;
+      COMMON?: 'Y' | 'N';
+      HIDDEN?: 'Y' | 'N';
+      EXTRANET_SUPPORT?: 'Y' | 'N';
+      LANG: Array<{ LANGUAGE_ID: string; TITLE: string; PARAMS?: string }>;
+      EVENT_COMMAND_ADD: string;
+    },
+  ): Promise<number> {
+    const result = await this.callWebhook<number>(
+      webhookUrl,
+      'imbot.command.register',
+      params,
+    );
+    return result.result;
+  }
+
+  async unregisterCommand(webhookUrl: string, commandId: number): Promise<boolean> {
+    const result = await this.callWebhook<boolean>(webhookUrl, 'imbot.command.unregister', {
+      COMMAND_ID: commandId,
+    });
+    return result.result;
+  }
+
   async unregisterBot(webhookUrl: string, botId: number): Promise<boolean> {
     const result = await this.callWebhook<boolean>(webhookUrl, 'imbot.unregister', {
       BOT_ID: botId,
@@ -260,6 +287,86 @@ export class Bitrix24Api {
     return result.result;
   }
 
+  // ─── File / Disk methods ─────────────────────────────────────────────
+
+  /**
+   * Get file info including DOWNLOAD_URL.
+   * Uses the user's access token (file belongs to the user's disk).
+   */
+  async getFileInfo(
+    clientEndpoint: string,
+    accessToken: string,
+    fileId: number,
+  ): Promise<{ DOWNLOAD_URL: string; [key: string]: unknown }> {
+    const result = await this.callWithToken<{ DOWNLOAD_URL: string; [key: string]: unknown }>(
+      clientEndpoint,
+      'disk.file.get',
+      accessToken,
+      { id: fileId },
+    );
+    return result.result;
+  }
+
+  /**
+   * Get the disk folder ID for a chat (needed for file uploads).
+   */
+  async getChatFolder(
+    clientEndpoint: string,
+    accessToken: string,
+    chatId: number,
+  ): Promise<number> {
+    const result = await this.callWithToken<{ ID: number; [key: string]: unknown }>(
+      clientEndpoint,
+      'im.disk.folder.get',
+      accessToken,
+      { CHAT_ID: chatId },
+    );
+    return result.result.ID;
+  }
+
+  /**
+   * Upload a file to a disk folder (base64 encoded).
+   * Returns the disk file ID.
+   */
+  async uploadFile(
+    clientEndpoint: string,
+    accessToken: string,
+    folderId: number,
+    fileName: string,
+    content: Buffer,
+  ): Promise<number> {
+    const result = await this.callWithToken<{ ID: number; [key: string]: unknown }>(
+      clientEndpoint,
+      'disk.folder.uploadfile',
+      accessToken,
+      {
+        id: folderId,
+        data: { NAME: fileName },
+        fileContent: [fileName, content.toString('base64')],
+        generateUniqueName: true,
+      },
+    );
+    return result.result.ID;
+  }
+
+  /**
+   * Publish an uploaded file to a chat.
+   */
+  async commitFileToChat(
+    clientEndpoint: string,
+    accessToken: string,
+    chatId: number,
+    diskId: number,
+  ): Promise<boolean> {
+    const result = await this.callWithToken<boolean>(
+      clientEndpoint,
+      'im.disk.file.commit',
+      accessToken,
+      { CHAT_ID: chatId, DISK_ID: diskId },
+    );
+    return result.result;
+  }
+
   destroy(): void {
     this.rateLimiter.destroy();
   }