npm - @modelzen/feishu-codex-bridge - Versions diffs - 0.3.1 → 0.3.3 - Mend

@modelzen/feishu-codex-bridge 0.3.1 → 0.3.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/README.md CHANGED Viewed

@@ -33,7 +33,7 @@
 - **私聊控制台**：私聊机器人弹交互菜单 —— 新建项目、项目列表、设置、诊断、重连。
 - **稳定隔离**：每会话独立 app-server 进程；卡死有 watchdog（默认 120s）→ 终止 → 回收，异常不波及其他群。
 - **本地加密密钥库**：飞书应用密钥用 AES-256-GCM 存在 `~/.feishu-codex-bridge/`，不入仓库、不进环境变量。
-- **跨平台常驻**：macOS / Windows / Linux·WSL 均可注册成后台服务、开机或登录自启（分别走 launchd / 登录自启免管理员 / systemd）。
+- **跨平台常驻**：macOS / Windows / Linux·WSL 均可注册成后台服务、开机或登录自启（分别走 launchd / 登录自启免管理员 / systemd）。注：跨平台指进程运行与后台自启；「项目内只读/读写」隐私沙箱仅 macOS / 原生 Windows 可强制（见[安全须知](#-安全须知)）。
 ---
@@ -41,7 +41,7 @@
 | 依赖 | 说明 | 获取方式 |
 |------|------|----------|
-| **操作系统** | **macOS / Windows** 均支持；Linux·WSL 为 best-effort（已实现 systemd，未广泛实测） | — |
+| **操作系统** | 运行/后台常驻：**macOS / Windows** 均支持，Linux·WSL 为 best-effort（已实现 systemd，未广泛实测）。注意：「项目内只读 / 读写」隐私档的沙箱强制仅 **macOS / 原生 Windows**，Linux·WSL 上这两档会 fail-closed 拒绝启动（见下方[安全须知](#-安全须知)） | — |
 | **Node.js ≥ 20** | 运行时 | <https://nodejs.org> 或 `nvm install 20` |
 | **Codex CLI** | 后端，bridge 会 spawn `codex app-server` | `npm i -g @openai/codex`，或装 Codex.app，或用 `CODEX_BIN` 指向已有二进制 |
 | **Codex 已登录** | app-server 需要 `~/.codex/auth.json` | `codex login` |
@@ -241,17 +241,24 @@ src/
 ## ⚠️ 安全须知
-本机器人调用 Codex 时固定使用 **`approvalPolicy: "never"` + `sandbox: "danger-full-access"`** —— 即 **无任何人工审批、对磁盘完全访问**。这意味着：
+机器人调用 Codex 始终是 **`approvalPolicy: "never"`**（无人工逐条审批），**沙箱就是唯一的安全闸门**。每个项目有一档**权限**，在私聊控制台「📁 项目列表 → ⚙️ 设置 → 🔐 权限」里用下拉框选择后提交：
-> **任何能在项目群里给机器人发消息的人，都能在你这台机器上、以你的身份、在该项目目录里执行任意命令（读写文件、联网、运行脚本）。**
+| 档位 | 能读 | 能写 | 适用 |
+|------|------|------|------|
+| 🔒 **项目内只读** | 仅项目文件夹 | ✗ | 外部群 / 不可信场景的问答机器人 |
+| ✏️ **项目内读写** | 仅项目文件夹 | 仅项目文件夹 | 自己的编码项目，但禁止它碰机器其余部分 |
+| ⚠️ **完全访问** | 整台电脑 | 整台电脑 | 完全信任、你自己掌控的机器 |
-因此：
-- 只把**你信任的人**拉进项目群；
-- 在**你自己掌控的机器/账号**上运行，最好是隔离的开发机或容器；
-- 绑定的项目目录里不要放你不愿被读写的敏感数据；
+- **管理员 / 普通用户可分设**：🔐 权限里有「管理员档」和「普通用户档」两个下拉。两档**不同**时，管理员与群里其他人**各用独立的 Codex 线程**（互不串沙箱、也互不串对话历史）——典型：外部群里管理员 `完全访问`、其他人 `项目内只读`。两档**相同** = 所有人一致（默认）。
+- **默认值**：你自己新建的项目群 = `完全访问`（与历史行为一致）；**别人把机器人拉进的存量/外部群** = `项目内只读`；普通用户档默认**同管理员档**（不分档）。**升级前没有 `mode` 字段的老项目按 `完全访问` 处理**，行为不变。
+- 🔒/✏️ 靠 Codex 的自定义 permissions 档把读写都**锁死在项目文件夹内**（读不到 `~/.ssh`、`/etc` 等），由操作系统沙箱强制：**macOS（Seatbelt）与原生 Windows（restricted token）可强制**，其中 Windows 需 Codex 以 elevated 沙箱运行、否则它会**拒绝执行**（仍不泄漏）。**Linux / WSL 无法强制读限定**（沙箱只挡写、不限读，Landlock 读限制尚未实现，WSL 等同 Linux）——在这些平台选 🔒/✏️ 会被**直接拒绝启动（fail-closed），绝不静默降级为完全访问**；要在 Linux/WSL 用，请把 Codex 跑在容器/隔离环境里。
+  > Windows 上的强制是 Codex 自己做的，请先在真机自测一次（让机器人读项目文件夹外的文件，应被拒）再用于真实外部群。
+- ⚠️ `完全访问` 档意味着：**任何能给机器人发消息的人，都能在你这台机器上、以你的身份执行任意命令（读写文件、联网、跑脚本）**。这一档只把**你信任的人**拉进群，在**你自己掌控的隔离机器**上跑，目录里别放不愿被读写的敏感数据。
+- 「联网」是档位之外的独立开关，只影响它执行的 shell 命令能否上网，不影响模型本身和 Codex 自带的联网搜索。
 - 它不是多租户托管服务，是给你（和你信任的小团队）自用的桥。
+> 把机器人拉进**外部群**做只读问答前，先在飞书开发者后台开启应用的「可被添加到外部群 / 外部可用范围」，再由群里的真人手动把机器人加进群（机器人无法自行加入）。
 ---
 ## ❓ 故障排查

package/dist/cli.js CHANGED Viewed

@@ -78,6 +78,7 @@ import { dirname as dirname3, join as join2 } from "path";
 // src/config/store.ts
 import { chmod, mkdir, readFile, rename, writeFile } from "fs/promises";
+import { randomUUID } from "crypto";
 import { dirname as dirname2 } from "path";
 // src/config/schema.ts
@@ -114,18 +115,23 @@ function getRunIdleTimeoutMs(cfg) {
   const clamped = Math.min(Math.max(Math.floor(raw), 10), 1800);
   return clamped * 1e3;
 }
-function isUserAllowed(cfg, senderId) {
-  const list = cfg.preferences?.access?.allowedUsers;
-  if (!list || list.length === 0) return true;
-  return list.includes(senderId);
-}
 function isChatAllowed(cfg, chatId) {
   const list = cfg.preferences?.access?.allowedChats;
   if (!list || list.length === 0) return true;
   return list.includes(chatId);
 }
+function resolveOwner(cfg) {
+  const access = cfg.preferences?.access;
+  return access?.ownerOpenId ?? access?.admins?.[0];
+}
 function isAdmin(cfg, senderId) {
-  const list = cfg.preferences?.access?.admins;
+  if (!senderId) return false;
+  if (senderId === resolveOwner(cfg)) return true;
+  return Boolean(cfg.preferences?.access?.admins?.includes(senderId));
+}
+function isUserAllowedInProject(cfg, project, senderId) {
+  if (isAdmin(cfg, senderId)) return true;
+  const list = project?.allowedUsers;
   if (!list || list.length === 0) return true;
   return list.includes(senderId);
 }
@@ -174,13 +180,21 @@ exec ${sq(node)} ${sq(bridgeEntry)} secrets get "$@"
   await rename(tmp, wrapperPath);
   return wrapperPath;
 }
-async function saveConfig(cfg, path = paths.configFile) {
-  await mkdir(dirname2(path), { recursive: true });
-  const tmp = `${path}.tmp-${process.pid}`;
-  await writeFile(tmp, `${JSON.stringify(cfg, null, 2)}
+var saveChain = Promise.resolve();
+function saveConfig(cfg, path = paths.configFile) {
+  const run = saveChain.then(async () => {
+    await mkdir(dirname2(path), { recursive: true });
+    const tmp = `${path}.tmp-${process.pid}-${randomUUID()}`;
+    await writeFile(tmp, `${JSON.stringify(cfg, null, 2)}
 `, "utf8");
-  await chmod(tmp, 384);
-  await rename(tmp, path);
+    await chmod(tmp, 384);
+    await rename(tmp, path);
+  });
+  saveChain = run.then(
+    () => void 0,
+    () => void 0
+  );
+  return run;
 }
 // src/config/bots.ts
@@ -670,7 +684,7 @@ async function runRegistrationWizard() {
     accounts: { app: { id: result.client_id, secret: result.client_secret, tenant } }
   };
   if (operatorOpenId) {
-    cfg.preferences = { access: { admins: [operatorOpenId] } };
+    cfg.preferences = { access: { ownerOpenId: operatorOpenId, admins: [operatorOpenId] } };
     console.log(`  Admin:   ${operatorOpenId} (\u4F60\u81EA\u5DF1\uFF0C\u5DF2\u81EA\u52A8\u52A0\u5165\u7BA1\u7406\u5458\u540D\u5355)`);
   } else {
     console.log(
@@ -727,7 +741,13 @@ var JOIN_GROUP_SCOPES = [
   "im:chat:readonly",
   "im:chat.members:write_only"
 ];
-var GRANT_SCOPES = [...REQUIRED_SCOPES, ...COMMENT_SCOPES, ...JOIN_GROUP_SCOPES];
+var CONTACT_SCOPES = ["contact:user.base:readonly"];
+var GRANT_SCOPES = [
+  ...REQUIRED_SCOPES,
+  ...COMMENT_SCOPES,
+  ...JOIN_GROUP_SCOPES,
+  ...CONTACT_SCOPES
+];
 var SCOPE_LABELS = {
   "im:message.group_at_msg:readonly": "\u63A5\u6536\u7FA4\u91CC @\u673A\u5668\u4EBA \u7684\u6D88\u606F",
   "im:message.group_msg": "\u63A5\u6536\u7FA4\u5185\u6240\u6709\u6D88\u606F\uFF08\u514D@\uFF09",
@@ -748,7 +768,8 @@ var SCOPE_LABELS = {
   "cardkit:card:write": "\u4EA4\u4E92\u6309\u94AE\u5361\u7247",
   "docs:document.comment:read": "\u8BFB\u53D6\u6587\u6863\u8BC4\u8BBA",
   "docs:document.comment:create": "\u53D1\u8868\u6587\u6863\u8BC4\u8BBA\u56DE\u590D",
-  "wiki:wiki:readonly": "\u8BFB\u53D6\u77E5\u8BC6\u5E93\u8282\u70B9"
+  "wiki:wiki:readonly": "\u8BFB\u53D6\u77E5\u8BC6\u5E93\u8282\u70B9",
+  "contact:user.base:readonly": "\u8BFB\u53D6\u6210\u5458\u59D3\u540D\uFF08\u7BA1\u7406\u5458 / \u767D\u540D\u5355\u5C55\u793A\uFF09"
 };
 function labelScope(scope) {
   const label = SCOPE_LABELS[scope];
@@ -1421,7 +1442,28 @@ function mapItemComplete(item) {
 // src/agent/codex-appserver/backend.ts
 var APPROVAL_POLICY = "never";
-var SANDBOX = "danger-full-access";
+function sandboxParams(mode, network) {
+  if ((mode ?? "full") === "full") return { sandbox: "danger-full-access" };
+  if (process.platform !== "darwin" && process.platform !== "win32") {
+    throw new Error(
+      "\u300C\u9879\u76EE\u5185\u53EA\u8BFB / \u9879\u76EE\u5185\u8BFB\u5199\u300D\u9760\u64CD\u4F5C\u7CFB\u7EDF\u6C99\u7BB1\u628A\u8BFB\u5199\u9501\u8FDB\u9879\u76EE\u6587\u4EF6\u5939\uFF0C\u76EE\u524D\u53EA\u6709 macOS \u4E0E\u539F\u751F Windows \u80FD\u5F3A\u5236\u6267\u884C\u3002\u5F53\u524D\u5E73\u53F0\uFF08Linux / WSL \u53EA\u6321\u5199\u3001\u4E0D\u9650\u5236\u8BFB\u53D6\uFF0C\u65E0\u6CD5\u4FDD\u8BC1\u4E0D\u6CC4\u9732\u9690\u79C1\uFF09\u5DF2\u62D2\u7EDD\u542F\u52A8\uFF08\u7EDD\u4E0D\u964D\u7EA7\u4E3A\u5B8C\u5168\u8BBF\u95EE\uFF09\u3002\u8BF7\u6539\u7528\u300C\u5B8C\u5168\u8BBF\u95EE\u300D\u3001\u628A Codex \u8DD1\u8FDB\u5BB9\u5668/\u9694\u79BB\u73AF\u5883\uFF0C\u6216\u5728 macOS / Windows \u4E0A\u8FD0\u884C\u3002"
+    );
+  }
+  return {
+    config: {
+      default_permissions: "feishu",
+      permissions: {
+        feishu: {
+          filesystem: {
+            ":minimal": "read",
+            ":workspace_roots": { ".": mode === "write" ? "write" : "read" }
+          },
+          network: { enabled: Boolean(network) }
+        }
+      }
+    }
+  };
+}
 var BRIDGE_DEVELOPER_INSTRUCTIONS = [
   "\u4F60\u73B0\u5728\u901A\u8FC7\u300C\u98DE\u4E66\u6865\u300D\u4E0E\u7528\u6237\u5BF9\u8BDD\uFF1A\u4F60\u7684\u56DE\u590D\u4F1A\u88AB\u6E32\u67D3\u6210\u98DE\u4E66\u6D88\u606F\u3002\u8BF7\u9075\u5B88\u4E24\u6761\u8F93\u51FA\u7EA6\u5B9A\u3002",
   "",
@@ -1606,23 +1648,25 @@ var CodexAppServerBackend = class {
     }
   }
   async startThread(opts) {
+    const sandbox = sandboxParams(opts.mode, opts.network);
     const client = await this.spawn(opts.cwd);
     const res = await client.request("thread/start", {
       cwd: opts.cwd,
       approvalPolicy: APPROVAL_POLICY,
-      sandbox: SANDBOX,
+      ...sandbox,
       developerInstructions: BRIDGE_DEVELOPER_INSTRUCTIONS,
       ...opts.model ? { model: opts.model } : {}
     });
     return new CodexThread(client, res.thread.id, opts.model, opts.effort);
   }
   async resumeThread(opts) {
+    const sandbox = sandboxParams(opts.mode, opts.network);
     const client = await this.spawn(opts.cwd);
     const res = await client.request("thread/resume", {
       threadId: opts.codexThreadId,
       cwd: opts.cwd,
       approvalPolicy: APPROVAL_POLICY,
-      sandbox: SANDBOX,
+      ...sandbox,
       developerInstructions: BRIDGE_DEVELOPER_INSTRUCTIONS,
       ...opts.model ? { model: opts.model } : {}
     });
@@ -2168,6 +2212,15 @@ function selectStatic(opts) {
     behaviors: [{ type: "callback", value: { a: opts.actionId } }]
   };
 }
+function selectMenu(opts) {
+  return {
+    tag: "select_static",
+    name: opts.name,
+    placeholder: { tag: "plain_text", content: opts.placeholder },
+    ...opts.initial ? { initial_option: opts.initial } : {},
+    options: opts.options.map((o) => ({ text: { tag: "plain_text", content: o.label }, value: o.value }))
+  };
+}
 // src/card/command-cards.ts
 var MC = {
@@ -2275,19 +2328,13 @@ function pickerTime(unixSeconds) {
 function talkLine(noMention, tail) {
   return noMention ? `\xB7 \u76F4\u63A5\u53D1\u6D88\u606F\uFF08\u514D@\uFF09\u2192 ${tail}` : `\xB7 **@\u6211 + \u5185\u5BB9** \u2192 ${tail}\uFF08\u672C\u7FA4\u9ED8\u8BA4\u9700 @\uFF1B\`/settings\` \u53EF\u5F00\u542F\u514D@\uFF09`;
 }
-function buildHelpCard(scope, noMention = true) {
+function buildHelpCard(scope, noMention = true, isAdmin2 = false) {
   const elements = [];
   if (scope === "single") {
-    elements.push(
-      md("\u{1F4AC} **\u5355\u4F1A\u8BDD\u7FA4** \u2014 \u6574\u7FA4\u5C31\u662F\u4E00\u4E2A\u4F1A\u8BDD\uFF0C\u4E0A\u4E0B\u6587\u8FDE\u7EED\u3002"),
-      hr(),
-      md(
-        `${talkLine(noMention, "\u4EA4\u7ED9\u6211\u5904\u7406")}
-\xB7 \`/model\` \u2192 \u5207\u6362\u6A21\u578B / \u63A8\u7406\u5F3A\u5EA6
-\xB7 \`/settings\` \u2192 \u7FA4\u8BBE\u7F6E\uFF08\u514D@ \u5F00\u5173\uFF09
-\xB7 \`/help\` \u2192 \u8FD9\u5F20\u901F\u67E5\u5361`
-      )
-    );
+    const lines = [talkLine(noMention, "\u4EA4\u7ED9\u6211\u5904\u7406"), "\xB7 `/model` \u2192 \u5207\u6362\u6A21\u578B / \u63A8\u7406\u5F3A\u5EA6"];
+    if (isAdmin2) lines.push("\xB7 `/settings` \u2192 \u7FA4\u8BBE\u7F6E\uFF08\u514D@ \u5F00\u5173\uFF09");
+    lines.push("\xB7 `/help` \u2192 \u8FD9\u5F20\u901F\u67E5\u5361");
+    elements.push(md("\u{1F4AC} **\u5355\u4F1A\u8BDD\u7FA4** \u2014 \u6574\u7FA4\u5C31\u662F\u4E00\u4E2A\u4F1A\u8BDD\uFF0C\u4E0A\u4E0B\u6587\u8FDE\u7EED\u3002"), hr(), md(lines.join("\n")));
   } else if (scope === "topic") {
     elements.push(
       md("\u{1F9F5} **\u8BDD\u9898\u5185** \u2014 \u6BCF\u4E2A\u8BDD\u9898\u662F\u4E00\u4E2A\u72EC\u7ACB\u4F1A\u8BDD\u3002"),
@@ -2300,13 +2347,10 @@ function buildHelpCard(scope, noMention = true) {
       note("\u5F00\u65B0\u8BDD\u9898\uFF1A\u56DE\u5230\u4E3B\u7FA4\u533A @\u6211 + \u5185\u5BB9\u3002")
     );
   } else {
-    elements.push(
-      md("\u{1F465} **\u4E3B\u7FA4\u533A** \u2014 @\u6211\u5F00\u8BDD\u9898\uFF0C\u6BCF\u4E2A\u8BDD\u9898\u662F\u72EC\u7ACB\u4F1A\u8BDD\u3002"),
-      hr(),
-      md(
-        "\xB7 **@\u6211 + \u5185\u5BB9** \u2192 \u5F00\u4E00\u4E2A\u65B0\u8BDD\u9898\u5E76\u5F00\u59CB\n\xB7 `/resume` \u2192 \u6062\u590D\u5386\u53F2\u4F1A\u8BDD\n\xB7 `/settings` \u2192 \u7FA4\u8BBE\u7F6E\uFF08\u514D@ \u5F00\u5173\uFF09\n\xB7 `/model` \u2192 \u9700\u8981\u5728\u8BDD\u9898\u91CC\u7528\n\xB7 `/help` \u2192 \u8FD9\u5F20\u901F\u67E5\u5361"
-      )
-    );
+    const lines = ["\xB7 **@\u6211 + \u5185\u5BB9** \u2192 \u5F00\u4E00\u4E2A\u65B0\u8BDD\u9898\u5E76\u5F00\u59CB"];
+    if (isAdmin2) lines.push("\xB7 `/resume` \u2192 \u6062\u590D\u5386\u53F2\u4F1A\u8BDD", "\xB7 `/settings` \u2192 \u7FA4\u8BBE\u7F6E\uFF08\u514D@ \u5F00\u5173\uFF09");
+    lines.push("\xB7 `/model` \u2192 \u9700\u8981\u5728\u8BDD\u9898\u91CC\u7528", "\xB7 `/help` \u2192 \u8FD9\u5F20\u901F\u67E5\u5361");
+    elements.push(md("\u{1F465} **\u4E3B\u7FA4\u533A** \u2014 @\u6211\u5F00\u8BDD\u9898\uFF0C\u6BCF\u4E2A\u8BDD\u9898\u662F\u72EC\u7ACB\u4F1A\u8BDD\u3002"), hr(), md(lines.join("\n")));
   }
   return card(elements, { header: { title: "\u{1F916} \u53EF\u7528\u547D\u4EE4", template: "blue" }, summary: "\u53EF\u7528\u547D\u4EE4" });
 }
@@ -3113,10 +3157,26 @@ async function uploadBuffer(channel, buffer) {
 // src/project/registry.ts
 import { mkdir as mkdir4, readFile as readFile6, rename as rename4, writeFile as writeFile4 } from "fs/promises";
+import { randomUUID as randomUUID2 } from "crypto";
 import { dirname as dirname5 } from "path";
 function defaultNoMention(p) {
   return !((p.origin ?? "created") === "joined" && (p.kind ?? "multi") === "single");
 }
+function effectiveMode(p) {
+  return p.mode ?? "full";
+}
+function effectiveGuestMode(p) {
+  return p.guestMode ?? effectiveMode(p);
+}
+function turnTier(p, isAdminSender) {
+  const adminTier = effectiveMode(p);
+  const guestTier = effectiveGuestMode(p);
+  return {
+    mode: isAdminSender ? adminTier : guestTier,
+    role: isAdminSender ? "admin" : "guest",
+    split: guestTier !== adminTier
+  };
+}
 var FILE_VERSION2 = 1;
 async function read() {
   try {
@@ -3128,9 +3188,18 @@ async function read() {
     throw err;
   }
 }
+var opChain = Promise.resolve();
+function withLock(fn) {
+  const run = opChain.then(fn, fn);
+  opChain = run.then(
+    () => void 0,
+    () => void 0
+  );
+  return run;
+}
 async function write(projects) {
   await mkdir4(dirname5(paths.projectsFile), { recursive: true });
-  const tmp = `${paths.projectsFile}.tmp-${process.pid}`;
+  const tmp = `${paths.projectsFile}.tmp-${process.pid}-${randomUUID2()}`;
   const body = { version: FILE_VERSION2, projects };
   await writeFile4(tmp, `${JSON.stringify(body, null, 2)}
 `, "utf8");
@@ -3146,34 +3215,41 @@ async function getProjectByName(name) {
   return (await read()).find((p) => p.name === name);
 }
 async function addProject(p) {
-  const projects = await read();
-  if (projects.some((x) => x.name === p.name)) {
-    throw new Error(`\u9879\u76EE\u540D\u300C${p.name}\u300D\u5DF2\u5B58\u5728`);
-  }
-  if (p.chatId) {
-    const bound = projects.find((x) => x.chatId === p.chatId);
-    if (bound) throw new Error(`\u8BE5\u7FA4\u5DF2\u7ED1\u5B9A\u4E3A\u9879\u76EE\u300C${bound.name}\u300D`);
-  }
-  projects.push(p);
-  await write(projects);
+  return withLock(async () => {
+    const projects = await read();
+    if (projects.some((x) => x.name === p.name)) {
+      throw new Error(`\u9879\u76EE\u540D\u300C${p.name}\u300D\u5DF2\u5B58\u5728`);
+    }
+    if (p.chatId) {
+      const bound = projects.find((x) => x.chatId === p.chatId);
+      if (bound) throw new Error(`\u8BE5\u7FA4\u5DF2\u7ED1\u5B9A\u4E3A\u9879\u76EE\u300C${bound.name}\u300D`);
+    }
+    projects.push(p);
+    await write(projects);
+  });
 }
 async function updateProject(name, patch) {
-  const projects = await read();
-  const p = projects.find((x) => x.name === name);
-  if (!p) return;
-  const target = p;
-  for (const [k, v] of Object.entries(patch)) {
-    if (v !== void 0) target[k] = v;
-  }
-  await write(projects);
+  return withLock(async () => {
+    const projects = await read();
+    const p = projects.find((x) => x.name === name);
+    if (!p) return;
+    const actual = typeof patch === "function" ? patch(p) : patch;
+    const target = p;
+    for (const [k, v] of Object.entries(actual)) {
+      if (v !== void 0) target[k] = v;
+    }
+    await write(projects);
+  });
 }
 async function removeProject(name) {
-  const projects = await read();
-  const idx = projects.findIndex((p) => p.name === name);
-  if (idx === -1) return void 0;
-  const [removed] = projects.splice(idx, 1);
-  await write(projects);
-  return removed;
+  return withLock(async () => {
+    const projects = await read();
+    const idx = projects.findIndex((p) => p.name === name);
+    if (idx === -1) return void 0;
+    const [removed] = projects.splice(idx, 1);
+    await write(projects);
+    return removed;
+  });
 }
 // src/card/dm-cards.ts
@@ -3198,7 +3274,22 @@ var DM = {
   setTools: "dm.set.tools",
   setWatchdog: "dm.set.watchdog",
   setPending: "dm.set.pending",
-  setConcurrency: "dm.set.concurrency"
+  setConcurrency: "dm.set.concurrency",
+  // 权限管理：全局 admins（settings 卡进入）+ 项目响应白名单（项目列表 / 建项目完成卡进入）
+  admins: "dm.admins",
+  addAdminForm: "dm.admin.addForm",
+  addAdminSubmit: "dm.admin.addSubmit",
+  rmAdmin: "dm.admin.rm",
+  allowlist: "dm.allowlist",
+  addAllowedForm: "dm.allow.addForm",
+  addAllowedSubmit: "dm.allow.addSubmit",
+  rmAllowed: "dm.allow.rm",
+  // 项目设置容器（项目列表 / 建项目完成卡 进入），以后的项目级设置项往这里加
+  projectSettings: "dm.projectSettings",
+  setNoMentionDm: "dm.proj.noMention",
+  // 🔐 权限：codex 沙箱档位（管理员档 + 普通用户档）+ 联网，做成下拉表单（选+提交）
+  permission: "dm.proj.perm",
+  permissionSubmit: "dm.proj.perm.submit"
 };
 var GS = {
   setNoMention: "gs.noMention"
@@ -3464,7 +3555,13 @@ function buildNewProjectDoneCard(p) {
     note(`\u{1F4C2} \`${p.cwd}\`   \xB7   ${kindLabel(p.kind)}`),
     md(p.chatId ? "\u{1F449} \u53BB\u7FA4\u91CC **@\u6211** \u5E72\u6D3B\u3002" : "\u53D1\u6211\u4EFB\u610F\u6D88\u606F\u53EF\u518D\u6B21\u6253\u5F00\u7BA1\u7406\u53F0\u3002")
   ];
-  if (p.chatId) elements.push(actions([linkButton("\u{1F4AC} \u6253\u5F00\u7FA4\u804A", openChatUrl(p.chatId), "primary")]));
+  if (p.chatId)
+    elements.push(
+      actions([
+        linkButton("\u{1F4AC} \u6253\u5F00\u7FA4\u804A", openChatUrl(p.chatId), "primary"),
+        button("\u2699\uFE0F \u9879\u76EE\u8BBE\u7F6E", { a: DM.projectSettings, n: p.name })
+      ])
+    );
   return card(elements, { header: { title, template: "green" } });
 }
 function buildProjectListCard(projects, sessionsByChat = /* @__PURE__ */ new Map()) {
@@ -3495,6 +3592,7 @@ function buildProjectListCard(projects, sessionsByChat = /* @__PURE__ */ new Map
     }
     const row = [];
     if (p.chatId) row.push(linkButton("\u{1F4AC} \u6253\u5F00\u7FA4\u804A", openChatUrl(p.chatId)));
+    row.push(button("\u2699\uFE0F \u8BBE\u7F6E", { a: DM.projectSettings, n: p.name }));
     row.push(button("\u{1F5D1} \u5220\u9664", { a: DM.rmConfirm, n: p.name }, "danger"));
     elements.push(actions(row));
     elements.push(hr());
@@ -3549,7 +3647,8 @@ function buildSettingsCard(cfg) {
         { label: "20", value: "20" }
       ]),
       note("\u26A0\uFE0F \u5047\u6B7B\u8D85\u65F6 / \u5E76\u53D1\u4E0A\u9650 \u6539\u540E\u9700**\u91CD\u542F**\u751F\u6548\uFF1B\u5DE5\u5177\u663E\u793A / \u8FD0\u884C\u4E2D\u65B0\u6D88\u606F \u5373\u65F6\u751F\u6548\u3002"),
-      actions([button("\u2B05\uFE0F \u83DC\u5355", { a: DM.menu })])
+      hr(),
+      actions([button("\u{1F46E} \u7BA1\u7406\u5458", { a: DM.admins }), button("\u2B05\uFE0F \u83DC\u5355", { a: DM.menu })])
     ],
     { header: { title: "\u2699\uFE0F \u8BBE\u7F6E", template: "blue" } }
   );
@@ -3572,6 +3671,199 @@ function buildGroupSettingsCard(project) {
     { header: { title: "\u2699\uFE0F \u7FA4\u8BBE\u7F6E", template: "blue" } }
   );
 }
+function memberName(names, id) {
+  return names.get(id) ?? `\u2026${id.slice(-6)}`;
+}
+function buildAdminsCard(cfg, names) {
+  const owner = resolveOwner(cfg);
+  const admins = cfg.preferences?.access?.admins ?? [];
+  const elements = [md("**\u7BA1\u7406\u5458\u540D\u5355** \xB7 \u672C bot \u5168\u5C40\uFF08\u53EF\u79C1\u804A\u7BA1\u7406 / \u5EFA\u9879\u76EE / \u9500\u6BC1\u64CD\u4F5C\uFF09"), hr()];
+  const seen = /* @__PURE__ */ new Set();
+  if (owner) {
+    seen.add(owner);
+    elements.push(actions([md(`\u{1F451} **${memberName(names, owner)}** \xB7 Bot \u62E5\u6709\u8005\uFF08\u6CE8\u518C\u8005\uFF09`)]));
+  }
+  let extra = 0;
+  for (const id of admins) {
+    if (seen.has(id)) continue;
+    seen.add(id);
+    extra++;
+    elements.push(actions([md(memberName(names, id)), button("\u{1F5D1} \u79FB\u9664", { a: DM.rmAdmin, u: id }, "danger")]));
+  }
+  if (extra === 0) elements.push(note("\u6682\u65E0\u989D\u5916\u7BA1\u7406\u5458\u3002"));
+  elements.push(
+    hr(),
+    actions([button("\u2795 \u6DFB\u52A0\u7BA1\u7406\u5458", { a: DM.addAdminForm }, "primary"), button("\u2B05\uFE0F \u8BBE\u7F6E", { a: DM.settings })]),
+    note("\u{1F451} Bot \u62E5\u6709\u8005\uFF08\u6CE8\u518C\u6B64 bot \u7684\u4EBA\uFF09\u6052\u4E3A\u7BA1\u7406\u5458\uFF0C\u4E0D\u53EF\u79FB\u9664\uFF1B\u540D\u5355\u4E3A\u7A7A\u65F6\u4EC5\u62E5\u6709\u8005\u53EF\u7BA1\u7406\u3002")
+  );
+  return card(elements, { header: { title: "\u{1F46E} \u7BA1\u7406\u5458", template: "blue" } });
+}
+function buildAddAdminCard(members) {
+  const MAX = 50;
+  const shown = members.slice(0, MAX);
+  const formEls = [];
+  if (shown.length > 0) {
+    formEls.push(
+      selectMenu({
+        name: "pick",
+        placeholder: "\u4ECE\u9879\u76EE\u7FA4\u6210\u5458\u9009\u62E9",
+        options: shown.map((m) => ({ label: m.name, value: m.openId }))
+      })
+    );
+  }
+  formEls.push(
+    input({
+      name: "open_id",
+      label: shown.length ? "\u6216\u76F4\u63A5\u8F93\u5165 open_id" : "\u8F93\u5165 open_id\uFF08\u672A\u8BFB\u53D6\u5230\u9879\u76EE\u7FA4\u6210\u5458\uFF09",
+      placeholder: "ou_xxx"
+    }),
+    actions([submitButton("\u2705 \u786E\u8BA4\u6DFB\u52A0", { a: DM.addAdminSubmit }, "primary", "submit_admin")])
+  );
+  const tail = [];
+  if (members.length > MAX) tail.push(note(`\u5019\u9009\u8F83\u591A\uFF0C\u4EC5\u5217\u524D ${MAX} \u4E2A\uFF1B\u5176\u4F59\u8BF7\u76F4\u63A5\u8F93\u5165 open_id\u3002`));
+  return card(
+    [
+      md("**\u6DFB\u52A0\u7BA1\u7406\u5458** \xB7 \u4ECE\u9879\u76EE\u7FA4\u6210\u5458\u9009\uFF0C\u6216\u8F93\u5165 open_id"),
+      form("add_admin", formEls),
+      ...tail,
+      actions([button("\u2B05\uFE0F \u53D6\u6D88", { a: DM.admins })])
+    ],
+    { header: { title: "\u2795 \u6DFB\u52A0\u7BA1\u7406\u5458", template: "blue" } }
+  );
+}
+var MODE_OPTS = [
+  { value: "qa", label: "\u{1F512} \u9879\u76EE\u5185\u53EA\u8BFB", desc: "\u53EA\u80FD\u67E5\u770B\u9879\u76EE\u6587\u4EF6\u5939\u91CC\u7684\u5185\u5BB9\uFF0C\u4E0D\u4F1A\u6539\u4EFB\u4F55\u6587\u4EF6" },
+  { value: "write", label: "\u270F\uFE0F \u9879\u76EE\u5185\u8BFB\u5199", desc: "\u80FD\u67E5\u770B\u5E76\u4FEE\u6539\u9879\u76EE\u6587\u4EF6\u5939\u91CC\u7684\u6587\u4EF6\uFF0C\u4F46\u78B0\u4E0D\u5230\u6587\u4EF6\u5939\u5916" },
+  { value: "full", label: "\u26A0\uFE0F \u5B8C\u5168\u8BBF\u95EE", desc: "\u80FD\u8BFB\u5199\u6574\u53F0\u7535\u8111\u4E0A\u7684\u4EFB\u4F55\u6587\u4EF6" }
+];
+function tierLabel(m) {
+  return MODE_OPTS.find((o) => o.value === m)?.label ?? m;
+}
+var TIER_SELECT_OPTS = MODE_OPTS.map((o) => ({ label: `${o.label} \u2014 ${o.desc}`, value: o.value }));
+function permissionSummary(p) {
+  const admin = effectiveMode(p);
+  const guest = effectiveGuestMode(p);
+  return admin === guest ? `\u6240\u6709\u4EBA\uFF1A${tierLabel(admin)}` : `\u7BA1\u7406\u5458\uFF1A${tierLabel(admin)}\u3000\xB7\u3000\u5176\u4ED6\u4EBA\uFF1A${tierLabel(guest)}`;
+}
+function buildPermissionCard(p) {
+  const network = p.network ?? false;
+  return card(
+    [
+      md(`**\u{1F510} \u6743\u9650** \xB7 ${p.name}`),
+      note(
+        "codex \u6C99\u7BB1\u7684\u8BBF\u95EE\u8303\u56F4\u3002\u300C\u7BA1\u7406\u5458\u6863\u300D\u7ED9 owner / \u7BA1\u7406\u5458\uFF0C\u300C\u666E\u901A\u7528\u6237\u6863\u300D\u7ED9\u7FA4\u91CC\u5176\u4ED6\u4EBA\u3002\u4E24\u6863**\u4E0D\u540C**\u65F6\uFF0C\u4E24\u7C7B\u4EBA\u5404\u7528\u72EC\u7ACB\u7EBF\u7A0B\uFF08\u4E92\u4E0D\u4E32\u6C99\u7BB1\u4E0E\u5BF9\u8BDD\u5386\u53F2\uFF09\uFF1B**\u76F8\u540C**\u5219\u6240\u6709\u4EBA\u4E00\u81F4\u3002"
+      ),
+      form("perm", [
+        md("\u{1F451} **\u7BA1\u7406\u5458\u6863**"),
+        selectMenu({ name: "mode", placeholder: "\u9009\u62E9\u7BA1\u7406\u5458\u6743\u9650\u6863", options: TIER_SELECT_OPTS, initial: effectiveMode(p) }),
+        md("\u{1F465} **\u666E\u901A\u7528\u6237\u6863**"),
+        selectMenu({
+          name: "guestMode",
+          placeholder: "\u9009\u62E9\u666E\u901A\u7528\u6237\u6743\u9650\u6863",
+          options: TIER_SELECT_OPTS,
+          initial: effectiveGuestMode(p)
+        }),
+        md("\u{1F310} **\u8054\u7F51**\uFF08\u53EA\u5BF9\u53EA\u8BFB / \u8BFB\u5199\u6863\u6709\u610F\u4E49\uFF1B\u5B8C\u5168\u8BBF\u95EE\u6052\u8054\u7F51\uFF09"),
+        selectMenu({
+          name: "network",
+          placeholder: "\u8054\u7F51\u5F00\u5173",
+          options: [
+            { label: "\u5173\uFF08\u9ED8\u8BA4\uFF0C\u66F4\u5B89\u5168\uFF09", value: "off" },
+            { label: "\u5F00", value: "on" }
+          ],
+          initial: network ? "on" : "off"
+        }),
+        actions([submitButton("\u2705 \u4FDD\u5B58\u6743\u9650", { a: DM.permissionSubmit, n: p.name }, "primary", "submit_perm")])
+      ]),
+      note("\u4FDD\u5B58\u4F1A\u65AD\u5F00\u672C\u9879\u76EE\u6B63\u5728\u8FDB\u884C\u7684\u4F1A\u8BDD\uFF0C\u8BA9\u65B0\u6863\u4F4D\u7ACB\u5373\u751F\u6548\u3002"),
+      actions([button("\u2B05\uFE0F \u8FD4\u56DE\u8BBE\u7F6E", { a: DM.projectSettings, n: p.name })])
+    ],
+    { header: { title: "\u{1F510} \u6743\u9650", template: "blue" } }
+  );
+}
+function buildProjectSettingsCard(project) {
+  const kind = project.kind ?? "multi";
+  const noMention = project.noMention ?? defaultNoMention(project);
+  return card(
+    [
+      md(`**\u9879\u76EE\u8BBE\u7F6E** \xB7 ${project.name}`),
+      note(`${kindLabel(kind)}${project.cwd ? `   \xB7   \u{1F4C2} \`${project.cwd}\`` : ""}`),
+      hr(),
+      actions([button("\u{1F510} \u6743\u9650", { a: DM.permission, n: project.name }, "primary")]),
+      note(`\u5F53\u524D ${permissionSummary(project)}\u3000\xB7\u3000codex \u6C99\u7BB1\u53EF\u8BBF\u95EE\u7684\u8303\u56F4\uFF08\u7BA1\u7406\u5458 / \u666E\u901A\u7528\u6237\u53EF\u5206\u8BBE\uFF09\u3002`),
+      hr(),
+      md("\u270B \u514D@\uFF08\u4E0D\u7528 @ \u4E5F\u56DE\u590D\uFF09"),
+      actions([
+        button("\u5F00", { a: DM.setNoMentionDm, v: "on", n: project.name }, noMention ? "primary" : "default"),
+        button("\u5173", { a: DM.setNoMentionDm, v: "off", n: project.name }, noMention ? "default" : "primary")
+      ]),
+      note(
+        kind === "single" ? "\u5F00\u542F\u540E\uFF1A\u672C\u7FA4\u6240\u6709\u6D88\u606F(\u4E0D\u7528 @)\u90FD\u4EA4\u7ED9\u6211\u5904\u7406\u3002" : "\u5F00\u542F\u540E\uFF1A\u8BDD\u9898\u5185\u6D88\u606F(\u4E0D\u7528 @)\u90FD\u5904\u7406\uFF1B**\u5F00\u65B0\u8BDD\u9898\u4ECD\u9700 @\u6211**\u3002"
+      ),
+      hr(),
+      actions([button("\u{1F6E1} \u54CD\u5E94\u767D\u540D\u5355", { a: DM.allowlist, n: project.name }, "primary")]),
+      note("\u8BBE\u7F6E\u8C01\u80FD\u8BA9\u6211\u5728\u672C\u7FA4\u54CD\u5E94 / \u8DD1 codex\uFF08\u7A7A = \u6240\u6709\u4EBA\uFF09\u3002"),
+      hr(),
+      actions([button("\u2B05\uFE0F \u9879\u76EE\u5217\u8868", { a: DM.projects })])
+    ],
+    { header: { title: "\u2699\uFE0F \u9879\u76EE\u8BBE\u7F6E", template: "blue" } }
+  );
+}
+function buildAllowlistCard(project, names) {
+  const list = project.allowedUsers ?? [];
+  const elements = [md(`**\u54CD\u5E94\u767D\u540D\u5355** \xB7 ${project.name}`), note("\u8C01\u80FD\u8BA9\u6211\u5728\u672C\u7FA4\u54CD\u5E94 / \u8DD1 codex"), hr()];
+  if (list.length === 0) {
+    elements.push(note("\u5F53\u524D**\u6240\u6709\u4EBA**\u53EF\u7528\uFF08\u7BA1\u7406\u5458\u59CB\u7EC8\u53EF\u7528\uFF09\u3002"));
+  } else {
+    for (const id of list) {
+      elements.push(
+        actions([md(memberName(names, id)), button("\u{1F5D1} \u79FB\u9664", { a: DM.rmAllowed, u: id, n: project.name }, "danger")])
+      );
+    }
+  }
+  elements.push(
+    hr(),
+    actions([
+      button("\u2795 \u6DFB\u52A0", { a: DM.addAllowedForm, n: project.name }, "primary"),
+      button("\u2B05\uFE0F \u8BBE\u7F6E", { a: DM.projectSettings, n: project.name })
+    ]),
+    note("\u7BA1\u7406\u5458\u59CB\u7EC8\u53EF\u7528\uFF0C\u4E0D\u53D7\u6B64\u540D\u5355\u9650\u5236\uFF1B\u540D\u5355\u4E3A\u7A7A = \u6240\u6709\u4EBA\u53EF\u7528\u3002")
+  );
+  return card(elements, { header: { title: "\u{1F6E1} \u54CD\u5E94\u767D\u540D\u5355", template: "blue" } });
+}
+function buildAddAllowedCard(projectName, members) {
+  const MAX = 50;
+  const shown = members.slice(0, MAX);
+  const formEls = [];
+  if (shown.length > 0) {
+    formEls.push(
+      selectMenu({
+        name: "pick",
+        placeholder: "\u4ECE\u7FA4\u6210\u5458\u9009\u62E9",
+        options: shown.map((m) => ({ label: m.name, value: m.openId }))
+      })
+    );
+  }
+  formEls.push(
+    input({
+      name: "open_id",
+      label: shown.length ? "\u6216\u76F4\u63A5\u8F93\u5165 open_id" : "\u8F93\u5165 open_id\uFF08\u672A\u8BFB\u53D6\u5230\u7FA4\u6210\u5458\uFF09",
+      placeholder: "ou_xxx"
+    }),
+    actions([submitButton("\u2705 \u786E\u8BA4\u6DFB\u52A0", { a: DM.addAllowedSubmit, n: projectName }, "primary", "submit_allowed")])
+  );
+  const tail = [];
+  if (members.length > MAX) tail.push(note(`\u7FA4\u6210\u5458\u8F83\u591A\uFF0C\u4EC5\u5217\u524D ${MAX} \u4E2A\uFF1B\u5176\u4F59\u8BF7\u76F4\u63A5\u8F93\u5165 open_id\u3002`));
+  return card(
+    [
+      md(`**\u6DFB\u52A0\u53EF\u4F7F\u7528\u300C${projectName}\u300D\u7684\u4EBA**`),
+      form("add_allowed", formEls),
+      ...tail,
+      actions([button("\u2B05\uFE0F \u53D6\u6D88", { a: DM.allowlist, n: projectName })])
+    ],
+    { header: { title: "\u2795 \u6DFB\u52A0\u767D\u540D\u5355\u6210\u5458", template: "blue" } }
+  );
+}
 // src/service/update.ts
 import { existsSync as existsSync6, readFileSync as readFileSync3 } from "fs";
@@ -4350,9 +4642,19 @@ async function createProject(channel, input2) {
     params: { member_id_type: "open_id" },
     data: { manager_ids: [input2.ownerOpenId] }
   }).catch((err) => log.fail("project", err, { phase: "add-manager" }));
-  const project = { name, chatId, cwd, blank, createdAt: Date.now(), kind: input2.kind ?? "multi", origin: "created" };
+  const project = {
+    name,
+    chatId,
+    cwd,
+    blank,
+    createdAt: Date.now(),
+    kind: input2.kind ?? "multi",
+    origin: "created",
+    mode: input2.mode ?? "full",
+    network: input2.network ?? false
+  };
   await addProject(project);
-  log.info("project", "create", { name, chatId, cwd, blank });
+  log.info("project", "create", { name, chatId, cwd, blank, mode: project.mode });
   await setAnnouncement(channel, project).catch((err) => log.fail("project", err, { phase: "announcement" }));
   await onboardGroup(channel, project).catch((err) => log.fail("project", err, { phase: "onboard" }));
   return project;
@@ -4372,10 +4674,12 @@ async function joinExistingGroup(channel, input2) {
     createdAt: Date.now(),
     kind: input2.kind ?? "multi",
     origin: "joined",
-    addedBy: input2.addedBy
+    addedBy: input2.addedBy,
+    mode: input2.mode ?? "qa",
+    network: input2.network ?? false
   };
   await addProject(project);
-  log.info("project", "join", { name, chatId: input2.chatId, cwd, blank, kind: project.kind });
+  log.info("project", "join", { name, chatId: input2.chatId, cwd, blank, kind: project.kind, mode: project.mode });
   await onboardGroup(channel, project).catch((err) => log.fail("project", err, { phase: "onboard-join" }));
   return project;
 }
@@ -4845,6 +5149,74 @@ var Semaphore = class {
 };
 // src/bot/handle-message.ts
+async function resolveNames(channel, ids) {
+  const uniq = [...new Set(ids.filter((x) => Boolean(x)))];
+  const out = /* @__PURE__ */ new Map();
+  if (uniq.length === 0) return out;
+  try {
+    const r = await channel.rawClient.contact.v3.user.batch({
+      params: { user_ids: uniq, user_id_type: "open_id" }
+    });
+    for (const it of r.data?.items ?? []) {
+      if (it.open_id && it.name) out.set(it.open_id, it.name);
+    }
+  } catch (err) {
+    log.info("console", "resolve-names-fail", { n: uniq.length, err: String(err) });
+  }
+  return out;
+}
+async function fetchChatMembers(channel, chatId) {
+  try {
+    const r = await channel.rawClient.im.v1.chatMembers.get({
+      path: { chat_id: chatId },
+      params: { member_id_type: "open_id", page_size: 100 }
+    });
+    const out = [];
+    for (const it of r.data?.items ?? []) {
+      if (it.member_id) out.push({ openId: it.member_id, name: it.name || `\u2026${it.member_id.slice(-6)}` });
+    }
+    return out;
+  } catch (err) {
+    log.info("console", "fetch-members-fail", { chatId: chatId.slice(-6), err: String(err) });
+    return [];
+  }
+}
+async function fetchAllProjectMembers(channel) {
+  const projects = await listProjects();
+  const lists = await Promise.all(projects.filter((p) => p.chatId).map((p) => fetchChatMembers(channel, p.chatId)));
+  const seen = /* @__PURE__ */ new Map();
+  for (const members of lists) {
+    for (const m of members) if (!seen.has(m.openId)) seen.set(m.openId, m.name);
+  }
+  return [...seen].map(([openId, name]) => ({ openId, name }));
+}
+function pickOpenId(formValue) {
+  const raw = formValue?.pick;
+  const cands = Array.isArray(raw) ? raw : [raw];
+  for (const c of cands) {
+    if (typeof c === "string" && c.startsWith("ou_")) return c;
+    if (c && typeof c === "object") {
+      const o = c;
+      for (const v of [o.open_id, o.id, o.value]) if (typeof v === "string" && v.startsWith("ou_")) return v;
+    }
+  }
+  return void 0;
+}
+function selectValue(formValue, name) {
+  const c = (() => {
+    const raw = formValue?.[name];
+    return Array.isArray(raw) ? raw[0] : raw;
+  })();
+  if (typeof c === "string") return c;
+  if (c && typeof c === "object") {
+    const o = c;
+    for (const v of [o.value, o.id]) if (typeof v === "string") return v;
+  }
+  return void 0;
+}
+function asTier(v) {
+  return v === "qa" || v === "write" || v === "full" ? v : void 0;
+}
 function createOrchestrator(channel, cfg, fallbackCwd) {
   const backend = createBackend();
   const sessions = /* @__PURE__ */ new Map();
@@ -4922,7 +5294,7 @@ function createOrchestrator(channel, cfg, fallbackCwd) {
     }
     const project = await getProjectByChatId(msg.chatId);
     if (!msg.mentionedBot && !(project && shouldRespondWithoutMention(project, msg))) return;
-    if (!isChatAllowed(cfg, msg.chatId) || !isUserAllowed(cfg, msg.senderId)) {
+    if (!isChatAllowed(cfg, msg.chatId) || !isUserAllowedInProject(cfg, project, msg.senderId)) {
       log.info("intake", "reject", { reason: "not_allowed", chatId: msg.chatId.slice(-6) });
       return;
     }
@@ -4948,11 +5320,12 @@ function createOrchestrator(channel, cfg, fallbackCwd) {
         await postGroupSettings(msg, project);
         return;
       }
+      const ts = turnSession(msg.chatId, project, msg.senderId);
       if (cmd === "model") {
-        await postModelCard(msg, msg.chatId);
+        await postModelCard(msg, ts.sessionKey);
         return;
       }
-      handleTurn(msg, text, msg.chatId, true, project);
+      handleTurn(msg, text, ts.sessionKey, true, project, ts);
       return;
     }
     if (msg.threadId) {
@@ -4960,11 +5333,12 @@ function createOrchestrator(channel, cfg, fallbackCwd) {
         await postHelpCard(msg, "topic", true, project);
         return;
       }
+      const ts = turnSession(msg.threadId, project, msg.senderId);
       if (cmd === "model") {
-        await postModelCard(msg, msg.threadId);
+        await postModelCard(msg, ts.sessionKey);
         return;
       }
-      handleTurn(msg, text, msg.threadId, false, project);
+      handleTurn(msg, text, ts.sessionKey, false, project, ts);
       return;
     }
     if (cmd === "help") {
@@ -4996,9 +5370,13 @@ function createOrchestrator(channel, cfg, fallbackCwd) {
     if ((project.kind ?? "multi") === "single") return true;
     return Boolean(msg.threadId) || parseCommand(msg.content.trim()) !== null;
   }
+  async function denyAdminCommand(msg, cmd) {
+    await channel.send(msg.chatId, { markdown: `\u26A0\uFE0F \`/${cmd}\` \u4EC5 bot \u7BA1\u7406\u5458\u53EF\u7528\u3002` }, { replyTo: msg.messageId }).catch(() => void 0);
+    log.info("intake", "cmd-denied", { cmd });
+  }
   async function postGroupSettings(msg, project) {
     if (!isAdmin(cfg, msg.senderId)) {
-      await channel.send(msg.chatId, { markdown: "\u4EC5\u7BA1\u7406\u5458\u53EF\u6539\u7FA4\u8BBE\u7F6E\u3002" }, { replyTo: msg.messageId }).catch(() => void 0);
+      await denyAdminCommand(msg, "settings");
       return;
     }
     if (!project) {
@@ -5010,13 +5388,22 @@ function createOrchestrator(channel, cfg, fallbackCwd) {
       log.info("card", "group-settings", { project: project.name });
     });
   }
-  async function handleTurn(msg, text, sessionKey, flat, project) {
+  function turnPerm(project, senderId) {
+    if (!project) return {};
+    const t = turnTier(project, isAdmin(cfg, senderId));
+    return { mode: t.mode, network: project.network, roleSuffix: t.split ? t.role : void 0 };
+  }
+  function turnSession(baseKey, project, senderId) {
+    const perm = turnPerm(project, senderId);
+    return { sessionKey: perm.roleSuffix ? `${baseKey}#${perm.roleSuffix}` : baseKey, ...perm };
+  }
+  async function handleTurn(msg, text, sessionKey, flat, project, perm) {
     const existing = active.get(sessionKey);
     if (existing) {
       const images = messageHasImages(msg) ? await collectInboundImages(channel, msg) : void 0;
       const cur = active.get(sessionKey);
       if (!cur) {
-        startReservedRun(msg, text, sessionKey, flat, project, images);
+        startReservedRun(msg, text, sessionKey, flat, project, perm, images);
         return;
       }
       if (getPendingPolicy(cfg) === "steer" && cur.run && cur.thread) {
@@ -5035,9 +5422,9 @@ function createOrchestrator(channel, cfg, fallbackCwd) {
       log.info("intake", "queued", { depth: cur.queue.length });
       return;
     }
-    startReservedRun(msg, text, sessionKey, flat, project);
+    startReservedRun(msg, text, sessionKey, flat, project, perm);
   }
-  function startReservedRun(msg, text, sessionKey, flat, project, preloadedImages) {
+  function startReservedRun(msg, text, sessionKey, flat, project, perm, preloadedImages) {
     const existing = active.get(sessionKey);
     if (existing) {
       existing.queue.push({ text, images: preloadedImages });
@@ -5050,10 +5437,10 @@ function createOrchestrator(channel, cfg, fallbackCwd) {
       const reaction = runReaction(msg.messageId, !sema.hasFree());
       try {
         const images = preloadedImages ?? (messageHasImages(msg) ? await collectInboundImages(channel, msg) : void 0);
-        let thread = await resolveThread(sessionKey, msg.chatId);
+        let thread = await resolveThread(sessionKey, msg.chatId, { mode: perm.mode, network: perm.network });
         if (!thread) {
           const cwd = project?.cwd ?? fallbackCwd;
-          thread = await backend.startThread({ cwd });
+          thread = await backend.startThread({ cwd, mode: perm.mode, network: perm.network });
           sessions.set(sessionKey, thread);
           await upsertSession({
             threadId: sessionKey,
@@ -5088,7 +5475,7 @@ function createOrchestrator(channel, cfg, fallbackCwd) {
       }
     });
   }
-  async function resolveThread(threadId, chatId) {
+  async function resolveThread(threadId, chatId, perm) {
     const live = sessions.get(threadId);
     if (live) return live;
     const rec = await getSession(threadId);
@@ -5098,7 +5485,9 @@ function createOrchestrator(channel, cfg, fallbackCwd) {
         cwd: rec.cwd,
         codexThreadId: rec.codexThreadId,
         model: rec.model,
-        effort: rec.effort
+        effort: rec.effort,
+        mode: perm?.mode,
+        network: perm?.network
       });
       sessions.set(threadId, resumed);
       return resumed;
@@ -5106,20 +5495,39 @@ function createOrchestrator(channel, cfg, fallbackCwd) {
       log.fail("agent", err, { phase: "resume-on-turn", threadId });
       const project = await getProjectByChatId(chatId);
       const cwd = project?.cwd ?? rec.cwd ?? fallbackCwd;
-      const fresh = await backend.startThread({ cwd, model: rec.model, effort: rec.effort });
+      const fresh = await backend.startThread({
+        cwd,
+        model: rec.model,
+        effort: rec.effort,
+        mode: perm?.mode ?? project?.mode,
+        network: perm?.network ?? project?.network
+      });
       sessions.set(threadId, fresh);
       return fresh;
     }
   }
+  async function evictLiveSessionsForChat(chatId) {
+    let closed = 0;
+    for (const rec of await listSessions()) {
+      if (rec.chatId !== chatId) continue;
+      const live = sessions.get(rec.threadId);
+      if (!live) continue;
+      sessions.delete(rec.threadId);
+      void live.close().catch(() => void 0);
+      closed++;
+    }
+    if (closed) log.info("console", "tier-evict", { chatId, closed });
+  }
   function startTopicDirectly(msg, text, project) {
     void withTrace({ chatId: msg.chatId, msgId: msg.messageId }, async () => {
       const reaction = runReaction(msg.messageId, !sema.hasFree());
       const cwd = project?.cwd ?? fallbackCwd;
+      const perm = turnPerm(project, msg.senderId);
       if (project) void refreshBranch(channel, project).catch(() => void 0);
       const { model, effort } = pickDefault(await listModels());
       let thread;
       try {
-        thread = await backend.startThread({ cwd, model, effort });
+        thread = await backend.startThread({ cwd, model, effort, mode: perm.mode, network: perm.network });
       } catch (err) {
         reaction.done();
         log.fail("card", err, { phase: "start-topic" });
@@ -5141,7 +5549,8 @@ function createOrchestrator(channel, cfg, fallbackCwd) {
           effort,
           cwd,
           summary: text.slice(0, 80) || "(\u7A7A)",
-          requesterOpenId: msg.senderId
+          requesterOpenId: msg.senderId,
+          roleSuffix: perm.roleSuffix
         },
         reaction,
         () => reaction.done()
@@ -5150,6 +5559,10 @@ function createOrchestrator(channel, cfg, fallbackCwd) {
     }).catch((err) => log.fail("intake", err));
   }
   async function postResumeCard(msg) {
+    if (!isAdmin(cfg, msg.senderId)) {
+      await denyAdminCommand(msg, "resume");
+      return;
+    }
     await withTrace({ chatId: msg.chatId, msgId: msg.messageId }, async () => {
       const project = await getProjectByChatId(msg.chatId);
       const cwd = project?.cwd ?? fallbackCwd;
@@ -5191,7 +5604,7 @@ function createOrchestrator(channel, cfg, fallbackCwd) {
   async function postHelpCard(msg, scope, inThread = false, project) {
     const noMention = project ? project.noMention ?? defaultNoMention(project) : true;
     await withTrace({ chatId: msg.chatId, msgId: msg.messageId }, async () => {
-      await sendManagedCard(channel, msg.chatId, buildHelpCard(scope, noMention), msg.messageId, inThread).catch(
+      await sendManagedCard(channel, msg.chatId, buildHelpCard(scope, noMention, isAdmin(cfg, msg.senderId)), msg.messageId, inThread).catch(
         (err) => log.fail("card", err, { cmd: "help", scope })
       );
       log.info("card", "help", { scope });
@@ -5230,7 +5643,7 @@ function createOrchestrator(channel, cfg, fallbackCwd) {
       return void 0;
     }
     const op = evt.operator?.openId ?? "";
-    if (op !== state.requesterOpenId || !isChatAllowed(cfg, state.chatId) || !isUserAllowed(cfg, op)) {
+    if (op !== state.requesterOpenId || !isChatAllowed(cfg, state.chatId)) {
       log.info("card", "action-denied", { reason: "not-allowed" });
       return void 0;
     }
@@ -5266,7 +5679,7 @@ function createOrchestrator(channel, cfg, fallbackCwd) {
     settleUpdate(evt.messageId, buildResumeLaunchingCard(state));
     void resumeFromCard(evt, state, codexThreadId);
   });
-  const runAllowed = (evt) => isChatAllowed(cfg, evt.chatId) && isUserAllowed(cfg, evt.operator?.openId ?? "");
+  const runAllowed = (evt) => isChatAllowed(cfg, evt.chatId);
   const runOwnerOrAdmin = (evt, ownerOpenId) => {
     if (!runAllowed(evt)) return false;
     const op = evt.operator?.openId ?? "";
@@ -5281,6 +5694,15 @@ function createOrchestrator(channel, cfg, fallbackCwd) {
   });
   const dmAdmin = (openId) => isAdmin(cfg, openId ?? "");
   const patch = (evt, c) => settleUpdate(evt.messageId, c, evt.chatId);
+  const namesWithOperator = async (evt, ids) => {
+    const m = await resolveNames(channel, ids);
+    if (ids.some((id) => id && !m.has(id))) {
+      for (const mem of await fetchAllProjectMembers(channel)) if (!m.has(mem.openId)) m.set(mem.openId, mem.name);
+    }
+    const op = evt.operator;
+    if (op?.openId && op.name && !m.has(op.openId)) m.set(op.openId, op.name);
+    return m;
+  };
   function applyPref(evt, mut) {
     if (!dmAdmin(evt.operator?.openId)) return;
     const prefs = { ...cfg.preferences ?? {} };
@@ -5504,6 +5926,132 @@ ${tail}` }, { replyTo: evt.messageId }).catch(() => void 0);
       }
       return buildGroupSettingsCard({ name: "\u672C\u7FA4", kind: "multi", noMention: on });
     });
+  }).on(DM.admins, ({ evt }) => {
+    if (!dmAdmin(evt.operator?.openId)) return;
+    patch(
+      evt,
+      async () => buildAdminsCard(cfg, await namesWithOperator(evt, [resolveOwner(cfg), ...cfg.preferences?.access?.admins ?? []]))
+    );
+  }).on(DM.addAdminForm, ({ evt }) => {
+    if (!dmAdmin(evt.operator?.openId)) return;
+    patch(evt, async () => {
+      const all = await fetchAllProjectMembers(channel);
+      const members = all.filter((m) => !isAdmin(cfg, m.openId));
+      return buildAddAdminCard(members);
+    });
+  }).on(DM.addAdminSubmit, ({ evt, formValue }) => {
+    if (!dmAdmin(evt.operator?.openId)) return;
+    const manual = String(formValue?.open_id ?? "").trim();
+    const id = manual.startsWith("ou_") ? manual : pickOpenId(formValue);
+    log.info("console", "admin-add", { picked: id?.slice(-6) ?? null });
+    void (async () => {
+      if (id) {
+        const access = { ...cfg.preferences?.access ?? {} };
+        access.ownerOpenId ??= resolveOwner(cfg);
+        access.admins = Array.from(/* @__PURE__ */ new Set([...access.admins ?? [], id]));
+        cfg.preferences = { ...cfg.preferences ?? {}, access };
+        await saveConfig(cfg).catch((e) => log.fail("console", e, { phase: "save-config" }));
+      }
+      const ids = [resolveOwner(cfg), ...cfg.preferences?.access?.admins ?? []];
+      const next = buildAdminsCard(cfg, await namesWithOperator(evt, ids));
+      await sendManagedCard(channel, evt.chatId, next).catch((e) => log.fail("console", e, { phase: "admin-add-result" }));
+    })();
+  }).on(DM.rmAdmin, ({ evt, value }) => {
+    if (!dmAdmin(evt.operator?.openId)) return;
+    const id = typeof value.u === "string" ? value.u : "";
+    patch(evt, async () => {
+      if (id && id !== resolveOwner(cfg)) {
+        const access = { ...cfg.preferences?.access ?? {} };
+        access.ownerOpenId ??= resolveOwner(cfg);
+        access.admins = (access.admins ?? []).filter((x) => x !== id);
+        cfg.preferences = { ...cfg.preferences ?? {}, access };
+        await saveConfig(cfg).catch((e) => log.fail("console", e, { phase: "save-config" }));
+      }
+      const ids = [resolveOwner(cfg), ...cfg.preferences?.access?.admins ?? []];
+      return buildAdminsCard(cfg, await namesWithOperator(evt, ids));
+    });
+  }).on(DM.allowlist, ({ evt, value }) => {
+    if (!dmAdmin(evt.operator?.openId)) return;
+    const name = typeof value.n === "string" ? value.n : "";
+    patch(evt, async () => {
+      const p = await getProjectByName(name);
+      if (!p) return buildDmMenuCard();
+      return buildAllowlistCard(p, await namesWithOperator(evt, p.allowedUsers ?? []));
+    });
+  }).on(DM.addAllowedForm, ({ evt, value }) => {
+    if (!dmAdmin(evt.operator?.openId)) return;
+    const name = typeof value.n === "string" ? value.n : "";
+    if (!name) return;
+    patch(evt, async () => {
+      const p = await getProjectByName(name);
+      const members = p?.chatId ? await fetchChatMembers(channel, p.chatId) : [];
+      return buildAddAllowedCard(name, members);
+    });
+  }).on(DM.addAllowedSubmit, ({ evt, value, formValue }) => {
+    if (!dmAdmin(evt.operator?.openId)) return;
+    const name = typeof value.n === "string" ? value.n : "";
+    const manual = String(formValue?.open_id ?? "").trim();
+    const id = manual.startsWith("ou_") ? manual : pickOpenId(formValue);
+    log.info("console", "allow-add", { project: name, picked: id?.slice(-6) ?? null });
+    void (async () => {
+      if (id) await updateProject(name, (p) => ({ allowedUsers: Array.from(/* @__PURE__ */ new Set([...p.allowedUsers ?? [], id])) }));
+      const fresh = await getProjectByName(name);
+      if (!fresh) return;
+      const card2 = buildAllowlistCard(fresh, await namesWithOperator(evt, fresh.allowedUsers ?? []));
+      await sendManagedCard(channel, evt.chatId, card2).catch((e) => log.fail("console", e, { phase: "allow-add-result" }));
+    })();
+  }).on(DM.rmAllowed, ({ evt, value }) => {
+    if (!dmAdmin(evt.operator?.openId)) return;
+    const id = typeof value.u === "string" ? value.u : "";
+    const name = typeof value.n === "string" ? value.n : "";
+    patch(evt, async () => {
+      await updateProject(name, (p) => ({ allowedUsers: (p.allowedUsers ?? []).filter((x) => x !== id) }));
+      const fresh = await getProjectByName(name);
+      if (!fresh) return buildDmMenuCard();
+      return buildAllowlistCard(fresh, await namesWithOperator(evt, fresh.allowedUsers ?? []));
+    });
+  }).on(DM.projectSettings, ({ evt, value }) => {
+    if (!dmAdmin(evt.operator?.openId)) return;
+    const name = typeof value.n === "string" ? value.n : "";
+    patch(evt, async () => {
+      const p = await getProjectByName(name);
+      return p ? buildProjectSettingsCard(p) : buildDmMenuCard();
+    });
+  }).on(DM.setNoMentionDm, ({ evt, value }) => {
+    if (!dmAdmin(evt.operator?.openId)) return;
+    const name = typeof value.n === "string" ? value.n : "";
+    const on = value.v === "on";
+    patch(evt, async () => {
+      const p = await getProjectByName(name);
+      if (!p) return buildDmMenuCard();
+      await updateProject(name, { noMention: on });
+      return buildProjectSettingsCard({ ...p, noMention: on });
+    });
+  }).on(DM.permission, ({ evt, value }) => {
+    if (!dmAdmin(evt.operator?.openId)) return;
+    const name = typeof value.n === "string" ? value.n : "";
+    patch(evt, async () => {
+      const p = await getProjectByName(name);
+      return p ? buildPermissionCard(p) : buildDmMenuCard();
+    });
+  }).on(DM.permissionSubmit, ({ evt, value, formValue }) => {
+    if (!dmAdmin(evt.operator?.openId)) return;
+    const name = typeof value.n === "string" ? value.n : "";
+    const mode = asTier(selectValue(formValue, "mode"));
+    const guestMode = asTier(selectValue(formValue, "guestMode"));
+    const network = selectValue(formValue, "network") === "on";
+    void (async () => {
+      const p = await getProjectByName(name);
+      if (!p) return;
+      await updateProject(name, { ...mode ? { mode } : {}, ...guestMode ? { guestMode } : {}, network });
+      await evictLiveSessionsForChat(p.chatId);
+      log.info("console", "permission", { project: name, mode, guestMode, network });
+      const fresh = await getProjectByName(name);
+      if (!fresh) return;
+      await sendManagedCard(channel, evt.chatId, buildProjectSettingsCard(fresh)).catch(
+        (e) => log.fail("console", e, { phase: "permission-result" })
+      );
+    })();
   });
   async function resumeFromCard(evt, state, codexThreadId) {
     try {
@@ -5605,13 +6153,14 @@ ${tail}` }, { replyTo: evt.messageId }).catch(() => void 0);
           if (activeKey.startsWith("pending:")) {
             const tid = await getThreadId(channel, messageId);
             if (tid) {
+              const key = opts.roleSuffix ? `${tid}#${opts.roleSuffix}` : tid;
               active.delete(activeKey);
-              active.set(tid, state);
-              sessions.set(tid, opts.thread);
-              activeKey = tid;
-              topicThreadId = tid;
-              rc.threadId = tid;
-              await persist(tid);
+              active.set(key, state);
+              sessions.set(key, opts.thread);
+              activeKey = key;
+              topicThreadId = key;
+              rc.threadId = key;
+              await persist(key);
             }
           } else {
             topicThreadId = activeKey;
@@ -5753,8 +6302,6 @@ ${tail}` }, { replyTo: evt.messageId }).catch(() => void 0);
       if (!evt.mentionedBot) return log.info("comment", "skip", { reason: "not-mentioned" });
       if (!SUPPORTED_FILE_TYPES.has(evt.fileType))
         return log.info("comment", "skip", { reason: "unsupported-fileType", fileType: evt.fileType });
-      if (!isUserAllowed(cfg, evt.operator.openId))
-        return log.info("comment", "skip", { reason: "not-allowed" });
       const resolved = await resolveComment(channel, evt);
       if (!resolved) return log.info("comment", "skip", { reason: "no-target-or-empty" });
       const { target, ctx } = resolved;

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@modelzen/feishu-codex-bridge",
-  "version": "0.3.1",
+  "version": "0.3.3",
   "description": "Bridge Feishu/Lark messenger with local Codex via app-server (project=group, thread=session)",
   "type": "module",
   "bin": {