@yanhaidao/wecom 2.2.4 → 2.2.7

package/src/outbound.ts

@@ -38,6 +38,35 @@ export const wecomOutbound: ChannelOutboundAdapter = {
       throw new Error("WeCom outbound requires a target (userid, partyid, tagid or chatid).");
     }
 
+    // 体验优化：/new /reset 的“New session started”回执在 OpenClaw 核心里是英文固定文案，
+    // 且通过 routeReply 走 wecom outbound（Agent 主动发送）。
+    // 在 WeCom“双模式”场景下，这会造成：
+    // - 用户在 Bot 会话发 /new，但却收到一条 Agent 私信回执（双重回复/错会话）。
+    // 因此：
+    // - Bot 会话目标：抑制该回执（Bot 会话里由 wecom 插件补中文回执）。
+    // - Agent 会话目标（wecom-agent:）：允许发送，但改写成中文。
+    let outgoingText = text;
+    const trimmed = String(outgoingText ?? "").trim();
+    const rawTo = typeof to === "string" ? to.trim().toLowerCase() : "";
+    const isAgentSessionTarget = rawTo.startsWith("wecom-agent:");
+    const looksLikeNewSessionAck =
+      /new session started/i.test(trimmed) && /model:/i.test(trimmed);
+
+    if (looksLikeNewSessionAck) {
+      if (!isAgentSessionTarget) {
+        console.log(`[wecom-outbound] Suppressed command ack to avoid Bot/Agent double-reply (len=${trimmed.length})`);
+        return { channel: "wecom", messageId: `suppressed-${Date.now()}`, timestamp: Date.now() };
+      }
+
+      const modelLabel = (() => {
+        const m = trimmed.match(/model:\s*([^\n()]+)\s*/i);
+        return m?.[1]?.trim();
+      })();
+      const rewritten = modelLabel ? `✅ 已开启新会话（模型：${modelLabel}）` : "✅ 已开启新会话。";
+      console.log(`[wecom-outbound] Rewrote command ack for agent session (len=${rewritten.length})`);
+      outgoingText = rewritten;
+    }
+
     const { touser, toparty, totag, chatid } = target;
     if (chatid) {
       throw new Error(
@@ -46,7 +75,7 @@ export const wecomOutbound: ChannelOutboundAdapter = {
           `请改为发送给用户（userid / user:xxx），或由 Bot 模式在群内交付。`,
       );
     }
-    console.log(`[wecom-outbound] Sending text to target=${JSON.stringify(target)} (len=${text.length})`);
+    console.log(`[wecom-outbound] Sending text to target=${JSON.stringify(target)} (len=${outgoingText.length})`);
 
     try {
       await sendAgentText({
@@ -55,7 +84,7 @@ export const wecomOutbound: ChannelOutboundAdapter = {
         toParty: toparty,
         toTag: totag,
         chatId: chatid,
-        text,
+        text: outgoingText,
       });
       console.log(`[wecom-outbound] Successfully sent text to ${JSON.stringify(target)}`);
     } catch (err) {

package/src/shared/command-auth.ts

@@ -0,0 +1,101 @@
+import type { OpenClawConfig, PluginRuntime } from "openclaw/plugin-sdk";
+
+import type { WecomAccountConfig } from "../types.js";
+
+function normalizeWecomAllowFromEntry(raw: string): string {
+  return raw
+    .trim()
+    .toLowerCase()
+    .replace(/^wecom:/, "")
+    .replace(/^user:/, "")
+    .replace(/^userid:/, "");
+}
+
+function isWecomSenderAllowed(senderUserId: string, allowFrom: string[]): boolean {
+  const list = allowFrom.map((entry) => normalizeWecomAllowFromEntry(entry)).filter(Boolean);
+  if (list.includes("*")) return true;
+  const normalizedSender = normalizeWecomAllowFromEntry(senderUserId);
+  if (!normalizedSender) return false;
+  return list.includes(normalizedSender);
+}
+
+export async function resolveWecomCommandAuthorization(params: {
+  core: PluginRuntime;
+  cfg: OpenClawConfig;
+  accountConfig: WecomAccountConfig;
+  rawBody: string;
+  senderUserId: string;
+}): Promise<{
+  shouldComputeAuth: boolean;
+  dmPolicy: "pairing" | "allowlist" | "open" | "disabled";
+  senderAllowed: boolean;
+  authorizerConfigured: boolean;
+  commandAuthorized: boolean | undefined;
+  effectiveAllowFrom: string[];
+}> {
+  const { core, cfg, accountConfig, rawBody, senderUserId } = params;
+
+  const dmPolicy = (accountConfig.dm?.policy ?? "pairing") as "pairing" | "allowlist" | "open" | "disabled";
+  const configAllowFrom = (accountConfig.dm?.allowFrom ?? []).map((v) => String(v));
+
+  const shouldComputeAuth = core.channel.commands.shouldComputeCommandAuthorized(rawBody, cfg);
+  // WeCom channel currently does NOT support the `openclaw pairing` CLI workflow
+  // ("Channel wecom does not support pairing"). So we must not rely on pairing
+  // store approvals for command authorization here.
+  //
+  // Policy semantics:
+  // - open: commands are allowed for everyone by default (unless higher-level access-groups deny).
+  // - allowlist: commands require allowFrom entries.
+  // - pairing: treated the same as allowlist for WeCom (since pairing CLI is unsupported).
+  const effectiveAllowFrom = dmPolicy === "open" ? ["*"] : configAllowFrom;
+
+  const senderAllowed = isWecomSenderAllowed(senderUserId, effectiveAllowFrom);
+  const allowAllConfigured = effectiveAllowFrom.some((entry) => normalizeWecomAllowFromEntry(entry) === "*");
+  const authorizerConfigured = allowAllConfigured || effectiveAllowFrom.length > 0;
+  const useAccessGroups = cfg.commands?.useAccessGroups !== false;
+
+  const commandAuthorized = shouldComputeAuth
+    ? core.channel.commands.resolveCommandAuthorizedFromAuthorizers({
+      useAccessGroups,
+      authorizers: [{ configured: authorizerConfigured, allowed: senderAllowed }],
+    })
+    : undefined;
+
+  return {
+    shouldComputeAuth,
+    dmPolicy,
+    senderAllowed,
+    authorizerConfigured,
+    commandAuthorized,
+    effectiveAllowFrom,
+  };
+}
+
+export function buildWecomUnauthorizedCommandPrompt(params: {
+  senderUserId: string;
+  dmPolicy: "pairing" | "allowlist" | "open" | "disabled";
+  scope: "bot" | "agent";
+}): string {
+  const user = params.senderUserId || "unknown";
+  const policy = params.dmPolicy;
+  const scopeLabel = params.scope === "bot" ? "Bot（智能机器人）" : "Agent（自建应用）";
+  const dmPrefix = params.scope === "bot" ? "channels.wecom.bot.dm" : "channels.wecom.agent.dm";
+  const allowCmd = (value: string) => `openclaw config set ${dmPrefix}.allowFrom '${value}'`;
+  const policyCmd = (value: string) => `openclaw config set ${dmPrefix}.policy "${value}"`;
+
+  if (policy === "disabled") {
+    return [
+      `无权限执行命令（${scopeLabel} 已禁用：dm.policy=disabled）`,
+      `触发者：${user}`,
+      `管理员：${policyCmd("open")}（全放开）或 ${policyCmd("allowlist")}（白名单）`,
+    ].join("\n");
+  }
+  // WeCom 不支持 pairing CLI，因此这里统一给出“open / allowlist”两种明确的配置指令
+  return [
+    `无权限执行命令（入口：${scopeLabel}，userid：${user}）`,
+    `管理员全放开：${policyCmd("open")}`,
+    `管理员放行该用户：${policyCmd("allowlist")}`,
+    `然后设置白名单：${allowCmd(JSON.stringify([user]))}`,
+    `如果仍被拦截：检查 commands.useAccessGroups/访问组`,
+  ].join("\n");
+}

package/src/shared/xml-parser.test.ts

@@ -0,0 +1,30 @@
+import { describe, expect, test } from "vitest";
+
+import { extractContent, extractMediaId, extractMsgId } from "./xml-parser.js";
+
+describe("wecom xml-parser", () => {
+  test("extractContent is robust to non-string Content", () => {
+    const msg: any = { MsgType: "text", Content: { "#text": "hello", "@_foo": "bar" } };
+    expect(extractContent(msg)).toBe("hello");
+  });
+
+  test("extractContent handles array content", () => {
+    const msg: any = { MsgType: "text", Content: ["a", "b"] };
+    expect(extractContent(msg)).toBe("a\nb");
+  });
+
+  test("extractContent handles file messages", () => {
+    const msg: any = { MsgType: "file", MediaId: "MEDIA123" };
+    expect(extractContent(msg)).toBe("[文件消息]");
+  });
+
+  test("extractMediaId handles object MediaId", () => {
+    const msg: any = { MediaId: { "#text": "MEDIA123", "@_foo": "bar" } };
+    expect(extractMediaId(msg)).toBe("MEDIA123");
+  });
+
+  test("extractMsgId handles number MsgId", () => {
+    const msg: any = { MsgId: 123456789 };
+    expect(extractMsgId(msg)).toBe("123456789");
+  });
+});

package/src/shared/xml-parser.ts

@@ -35,6 +35,29 @@ export function extractFromUser(msg: WecomAgentInboundMessage): string {
     return String(msg.FromUserName ?? "");
 }
 
+/**
+ * 从 XML 中提取文件名（主要用于 file 消息）
+ */
+export function extractFileName(msg: WecomAgentInboundMessage): string | undefined {
+    const raw = (msg as any).FileName ?? (msg as any).Filename ?? (msg as any).fileName ?? (msg as any).filename;
+    if (raw == null) return undefined;
+    if (typeof raw === "string") return raw.trim() || undefined;
+    if (typeof raw === "number" || typeof raw === "boolean" || typeof raw === "bigint") return String(raw);
+    if (Array.isArray(raw)) {
+        const merged = raw.map((v) => (v == null ? "" : String(v))).join("\n").trim();
+        return merged || undefined;
+    }
+    if (typeof raw === "object") {
+        const obj = raw as Record<string, unknown>;
+        const text = (typeof obj["#text"] === "string" ? obj["#text"] :
+            typeof obj["_text"] === "string" ? obj["_text"] :
+                typeof obj["text"] === "string" ? obj["text"] : undefined);
+        if (text && text.trim()) return text.trim();
+    }
+    const s = String(raw);
+    return s.trim() || undefined;
+}
+
 /**
  * 从 XML 中提取接收者 ID (CorpID)
  */
@@ -55,22 +78,44 @@ export function extractChatId(msg: WecomAgentInboundMessage): string | undefined
 export function extractContent(msg: WecomAgentInboundMessage): string {
     const msgType = extractMsgType(msg);
 
+    const asText = (value: unknown): string => {
+        if (value == null) return "";
+        if (typeof value === "string") return value;
+        if (typeof value === "number" || typeof value === "boolean" || typeof value === "bigint") return String(value);
+        if (Array.isArray(value)) return value.map(asText).filter(Boolean).join("\n");
+        if (typeof value === "object") {
+            const obj = value as Record<string, unknown>;
+            // fast-xml-parser 在某些情况下（例如带属性）会把文本放在 "#text"
+            if (typeof obj["#text"] === "string") return obj["#text"];
+            if (typeof obj["_text"] === "string") return obj["_text"];
+            if (typeof obj["text"] === "string") return obj["text"];
+            try {
+                return JSON.stringify(obj);
+            } catch {
+                return String(value);
+            }
+        }
+        return String(value);
+    };
+
     switch (msgType) {
         case "text":
-            return msg.Content ?? "";
+            return asText(msg.Content);
         case "voice":
             // 语音识别结果
-            return msg.Recognition ?? "[语音消息]";
+            return asText(msg.Recognition) || "[语音消息]";
         case "image":
-            return `[图片] ${msg.PicUrl ?? ""}`;
+            return `[图片] ${asText(msg.PicUrl)}`;
+        case "file":
+            return "[文件消息]";
         case "video":
             return "[视频消息]";
         case "location":
-            return `[位置] ${msg.Label ?? ""} (${msg.Location_X}, ${msg.Location_Y})`;
+            return `[位置] ${asText(msg.Label)} (${asText(msg.Location_X)}, ${asText(msg.Location_Y)})`;
         case "link":
-            return `[链接] ${msg.Title ?? ""}\n${msg.Description ?? ""}\n${msg.Url ?? ""}`;
+            return `[链接] ${asText(msg.Title)}\n${asText(msg.Description)}\n${asText(msg.Url)}`;
         case "event":
-            return `[事件] ${msg.Event ?? ""} - ${msg.EventKey ?? ""}`;
+            return `[事件] ${asText(msg.Event)} - ${asText(msg.EventKey)}`;
         default:
             return `[${msgType || "未知消息类型"}]`;
     }
@@ -81,5 +126,58 @@ export function extractContent(msg: WecomAgentInboundMessage): string {
  * 根据官方文档，MediaId 在 Agent 回调中直接位于根节点
  */
 export function extractMediaId(msg: WecomAgentInboundMessage): string | undefined {
-    return msg.MediaId ? String(msg.MediaId) : undefined;
+    const raw = (msg as any).MediaId ?? (msg as any).MediaID ?? (msg as any).mediaid ?? (msg as any).mediaId;
+    if (raw == null) return undefined;
+    if (typeof raw === "string") return raw.trim() || undefined;
+    if (typeof raw === "number" || typeof raw === "boolean" || typeof raw === "bigint") return String(raw);
+    if (Array.isArray(raw)) {
+        const merged = raw.map((v) => (v == null ? "" : String(v))).join("\n").trim();
+        return merged || undefined;
+    }
+    if (typeof raw === "object") {
+        const obj = raw as Record<string, unknown>;
+        const text = (typeof obj["#text"] === "string" ? obj["#text"] :
+            typeof obj["_text"] === "string" ? obj["_text"] :
+                typeof obj["text"] === "string" ? obj["text"] : undefined);
+        if (text && text.trim()) return text.trim();
+        try {
+            const s = JSON.stringify(obj);
+            return s.trim() || undefined;
+        } catch {
+            const s = String(raw);
+            return s.trim() || undefined;
+        }
+    }
+    const s = String(raw);
+    return s.trim() || undefined;
+}
+
+/**
+ * 从 XML 中提取 MsgId（用于去重）
+ */
+export function extractMsgId(msg: WecomAgentInboundMessage): string | undefined {
+    const raw = (msg as any).MsgId ?? (msg as any).MsgID ?? (msg as any).msgid ?? (msg as any).msgId;
+    if (raw == null) return undefined;
+    if (typeof raw === "string") return raw.trim() || undefined;
+    if (typeof raw === "number" || typeof raw === "boolean" || typeof raw === "bigint") return String(raw);
+    if (Array.isArray(raw)) {
+        const merged = raw.map((v) => (v == null ? "" : String(v))).join("\n").trim();
+        return merged || undefined;
+    }
+    if (typeof raw === "object") {
+        const obj = raw as Record<string, unknown>;
+        const text = (typeof obj["#text"] === "string" ? obj["#text"] :
+            typeof obj["_text"] === "string" ? obj["_text"] :
+                typeof obj["text"] === "string" ? obj["text"] : undefined);
+        if (text && text.trim()) return text.trim();
+        try {
+            const s = JSON.stringify(obj);
+            return s.trim() || undefined;
+        } catch {
+            const s = String(raw);
+            return s.trim() || undefined;
+        }
+    }
+    const s = String(raw);
+    return s.trim() || undefined;
 }

package/src/target.ts

@@ -38,7 +38,7 @@ export function resolveWecomTarget(raw: string | undefined): WecomTarget | undef
     if (!raw?.trim()) return undefined;
 
     // 1. Remove standard namespace prefixes (移除标准命名空间前缀)
-    let clean = raw.trim().replace(/^(wecom|wechatwork|wework|qywx):/i, "");
+    let clean = raw.trim().replace(/^(wecom-agent|wecom|wechatwork|wework|qywx):/i, "");
 
     // 2. Explicit Type Prefixes (显式类型前缀)
     if (/^party:/i.test(clean)) {

package/src/types/config.ts

@@ -70,6 +70,18 @@ export type WecomAgentConfig = {
     dm?: WecomDmConfig;
 };
 
+/** 动态 Agent 配置 */
+export type WecomDynamicAgentsConfig = {
+    /** 是否启用动态 Agent */
+    enabled?: boolean;
+    /** 私聊：是否为每个用户创建独立 Agent */
+    dmCreateAgent?: boolean;
+    /** 群聊：是否启用动态 Agent */
+    groupEnabled?: boolean;
+    /** 管理员列表（绕过动态路由，使用主 Agent） */
+    adminUsers?: string[];
+};
+
 /**
  * 顶层 WeCom 配置
  * 通过 bot / agent 字段隐式指定模式
@@ -85,4 +97,6 @@ export type WecomConfig = {
     media?: WecomMediaConfig;
     /** 网络配置 */
     network?: WecomNetworkConfig;
+    /** 动态 Agent 配置 */
+    dynamicAgents?: WecomDynamicAgentsConfig;
 };

package/src/types/message.ts

@@ -109,6 +109,8 @@ export type WecomAgentInboundMessage = {
     // 图片消息
     PicUrl?: string;
     MediaId?: string;
+    // 文件消息
+    FileName?: string;
     // 语音消息
     Format?: string;
     Recognition?: string;