koishi-plugin-group-verification 1.0.24 → 1.0.25

package/lib/index.d.ts

@@ -80,6 +80,7 @@ export interface ParsedArgs {
  * 返回最终的 reminderEnabled 和 reminderMessage。
  * 对于 -nomsg 不会清除已保存的 message，便于后续再次启用时恢复。
  */
+export declare function usageString(): string;
 export declare function mergeReminder(existingConfig: any | null, cleanedOptions: {
     message?: string;
     enableMessage?: boolean;
@@ -88,12 +89,11 @@ export declare function mergeReminder(existingConfig: any | null, cleanedOptions
     reminderEnabled: boolean;
     reminderMessage: string;
 };
-/**
- * 解析 gvc 配置命令的原始参数。
- *
- * 返回关键词数组和各类 flag 的值，未出现的 flag 保持 undefined。
- * 若检测到格式错误（如纯空格分隔关键词），返回 error 字段。
- */
+export declare function syncTotalStats(ctx: Context): Promise<void>;
+export declare function updateStats(ctx: Context, groupId: string, action: 'autoApproved' | 'manuallyApproved' | 'rejected'): Promise<void>;
+export declare function checkPermission(session: any, targetGroupId?: string): Promise<[boolean, string?]>;
+export declare function handleGuildMemberRequestEvent(ctx: Context, session: any): Promise<void>;
+export declare function __getAutoQueue(): Map<string, Set<string>>;
 export declare function parseConfigArgs(raw: string): ParsedArgs;
 export declare function verifyApplication(config: GroupVerificationConfig, message: string, session: any): Promise<{
     isValid: boolean;

package/lib/index.js

@@ -21,13 +21,19 @@ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: tru
 var src_exports = {};
 __export(src_exports, {
   Config: () => Config,
+  __getAutoQueue: () => __getAutoQueue,
   apply: () => apply,
+  checkPermission: () => checkPermission,
   handleFailedVerification: () => handleFailedVerification,
+  handleGuildMemberRequestEvent: () => handleGuildMemberRequestEvent,
   inject: () => inject,
   mergeReminder: () => mergeReminder,
   name: () => name,
   parseConfigArgs: () => parseConfigArgs,
+  syncTotalStats: () => syncTotalStats,
   tokenize: () => tokenize,
+  updateStats: () => updateStats,
+  usageString: () => usageString,
   verifyApplication: () => verifyApplication
 });
 module.exports = __toCommonJS(src_exports);
@@ -35,7 +41,7 @@ var import_koishi = require("koishi");
 var name = "group-verification";
 var logger = console;
 var Config = import_koishi.Schema.object({
-  defaultReminderMessage: import_koishi.Schema.string().description("默认提醒消息模板").default("{user}({id}) 申请加入群 {gname}({group})\n申请理由：{question}\n匹配情况：{answer}/{threshold}"),
+  defaultReminderMessage: import_koishi.Schema.string().description("默认提醒消息模板（使用 \n 表示换行，可包含下方变量）").default("{user}({id}) 申请加入群 {gname}({group})\n申请理由：{question}\n匹配情况：{answer}/{threshold}\n使用 gva 同意或 gvr 拒绝申请"),
   enableStrictGroupCheck: import_koishi.Schema.boolean().description("是否启用严格的群号检查（检查群号长度）").default(false),
   logLevel: import_koishi.Schema.union(["debug", "info", "warn", "error"]).description("日志级别").default("info")
 }).description("群组验证插件配置");
@@ -143,6 +149,31 @@ function validateKeywordFormat(raw) {
   return true;
 }
 __name(validateKeywordFormat, "validateKeywordFormat");
+function usageString() {
+  return `用法：
+# 创建/修改配置
+  gvc 关键词1,关键词2 -m 1 -t 2    # 创建配置
+  gvc -m 1 -t 2                    # 修改审核参数
+
+# 提醒消息控制（可用变量详见下方）
+  gvc -msg "消息内容"              # 修改提醒消息
+  gvc -nomsg                       # 禁用提醒消息
+  # 查询/删除
+  gvc -?                          # 查询配置
+  gvc -r                          # 删除配置
+
+  审核方式说明（使用 -m 参数）：
+    0 全部同意（默认）
+    1 按数量同意，需要 -t 指定数量
+    2 按比例同意，需要 -t 指定百分比
+    3 全部拒绝（拒绝后系统会自动阻止任何通过）
+
+  提醒消息可用变量：{user} 用户名  {id} 用户ID
+    {group} 群号  {gname} 群名称
+    {question} 申请理由  {answer} 匹配情况  {threshold} 阈值
+    使用 \\n   换行`;
+}
+__name(usageString, "usageString");
 function mergeReminder(existingConfig, cleanedOptions, hasRealMessageParam, hasRealEnableMessageParam, hasRealDisableMessageParam, logger2) {
   let reminderEnabled = true;
   let reminderMessage = "{user}({id}) 申请加入群 {gname}({group})\n申请理由：{question}\n匹配情况：{answer}/{threshold}";
@@ -166,6 +197,151 @@ function mergeReminder(existingConfig, cleanedOptions, hasRealMessageParam, hasR
   return { reminderEnabled, reminderMessage };
 }
 __name(mergeReminder, "mergeReminder");
+var autoQueue = /* @__PURE__ */ new Map();
+async function syncTotalStats(ctx) {
+  try {
+    const allStats = await ctx.database.get("group_verification_stats", {
+      groupId: { $ne: "TOTAL" }
+    });
+    if (allStats.length > 0) {
+      const totalAutoApproved = allStats.reduce((sum, stat) => sum + (stat.autoApproved || 0), 0);
+      const totalManuallyApproved = allStats.reduce((sum, stat) => sum + (stat.manuallyApproved || 0), 0);
+      const totalRejected = allStats.reduce((sum, stat) => sum + (stat.rejected || 0), 0);
+      await ctx.database.set("group_verification_stats", { groupId: "TOTAL" }, {
+        autoApproved: totalAutoApproved,
+        manuallyApproved: totalManuallyApproved,
+        rejected: totalRejected,
+        lastUpdated: (/* @__PURE__ */ new Date()).toISOString()
+      });
+      logger.info(`总计统计已同步: 自动批准${totalAutoApproved}, 手动批准${totalManuallyApproved}, 拒绝${totalRejected}`);
+    }
+  } catch (error) {
+    logger.error("同步总计统计时出错:", error);
+  }
+}
+__name(syncTotalStats, "syncTotalStats");
+async function updateStats(ctx, groupId, action) {
+  const existingStats = await ctx.database.get("group_verification_stats", { groupId });
+  if (existingStats.length > 0) {
+    const stats = existingStats[0];
+    await ctx.database.set("group_verification_stats", { id: stats.id }, {
+      [action]: stats[action] + 1,
+      lastUpdated: (/* @__PURE__ */ new Date()).toISOString()
+    });
+  } else {
+    await ctx.database.create("group_verification_stats", {
+      groupId,
+      autoApproved: action === "autoApproved" ? 1 : 0,
+      manuallyApproved: action === "manuallyApproved" ? 1 : 0,
+      rejected: action === "rejected" ? 1 : 0,
+      lastUpdated: (/* @__PURE__ */ new Date()).toISOString()
+    });
+  }
+  await syncTotalStats(ctx);
+}
+__name(updateStats, "updateStats");
+async function checkPermission(session, targetGroupId) {
+  const groupId = targetGroupId || session.guildId;
+  if (!groupId) {
+    return [false, "请在群聊中使用此命令或使用 -i 参数指定群号"];
+  }
+  logger.info(`权限检查 - 用户ID: ${session.userId}, 群号: ${groupId}`);
+  const koishiAuthority = session.author?.authority || session.user?.authority;
+  logger.info(`权限检查 - Koishi权限等级: ${koishiAuthority || "未获取到"}`);
+  if (!session.author) {
+    logger.info(`权限检查 - session中可能的权限字段:`, {
+      authority: session.authority,
+      permission: session.permission,
+      role: session.role
+    });
+  } else {
+    logger.info(`权限检查 - author对象中的字段:`, {
+      authority: session.author.authority,
+      permission: session.author.permission,
+      role: session.author.role,
+      permissions: session.author.permissions
+    });
+  }
+  if (session.user) {
+    logger.info(`权限检查 - user对象中的权限信息:`, {
+      authority: session.user.authority,
+      permission: session.user.permission,
+      role: session.user.role
+    });
+  }
+  if (koishiAuthority && koishiAuthority >= 3) {
+    logger.info(`权限检查 - 通过koishi权限检查: ${koishiAuthority}`);
+    return [true];
+  }
+  try {
+    const member = await session.bot.getGuildMember(groupId, session.userId);
+    logger.info(`权限检查 - 获取到成员信息:`, {
+      roles: member?.roles,
+      permissions: member?.permissions
+    });
+    if (member) {
+      if (member.permissions?.includes("OWNER") || member.roles?.includes("owner")) {
+        logger.info(`权限检查 - 用户是群主`);
+        return [true];
+      }
+      if (member.roles?.includes("admin") || member.permissions?.includes("ADMINISTRATOR")) {
+        logger.info(`权限检查 - 用户是管理员`);
+        return [true];
+      }
+    }
+  } catch (e) {
+    logger.warn("权限检查获取成员信息失败", e);
+  }
+  return [false, "权限不足"];
+}
+__name(checkPermission, "checkPermission");
+async function handleGuildMemberRequestEvent(ctx, session) {
+  logger.debug("guild-member-request event", session);
+  let guildId = (session.guildId || session.channelId || "").toString().trim();
+  const userId = session.userId;
+  const message = session.content || "";
+  if (!guildId) {
+    logger.warn("guild-member-request 没有 guildId，跳过处理");
+    return;
+  }
+  const requestId = session.event?.requestId || session.messageId || "";
+  const groupConfig = await ctx.database.get("group_verification_config", { groupId: guildId });
+  if (!groupConfig || groupConfig.length === 0) return;
+  const config = groupConfig[0];
+  if (config.reviewMethod === 3) {
+    logger.info(`配置要求全部拒绝，自动拒绝用户 ${userId}`);
+    if (requestId) {
+      try {
+        await session.bot.handleGuildMemberRequest(requestId, false);
+      } catch (e) {
+        logger.warn("自动拒绝失败", e);
+      }
+    }
+    await updateStats(ctx, guildId, "rejected");
+    return;
+  }
+  const { isValid, matchedCount, requiredThreshold } = await verifyApplication(config, message, session);
+  logger.info(`验证结果 guild=${guildId} user=${userId} msg="${message}" matched=${matchedCount} threshold=${requiredThreshold} valid=${isValid}`);
+  if (isValid) {
+    if (requestId) {
+      try {
+        await session.bot.handleGuildMemberRequest(requestId, true);
+        logger.info(`自动同意 requestId=${requestId}`);
+        if (!autoQueue.has(guildId)) autoQueue.set(guildId, /* @__PURE__ */ new Set());
+        autoQueue.get(guildId).add(userId);
+      } catch (e) {
+        logger.warn("自动同意失败", e);
+      }
+    }
+  } else {
+    await handleFailedVerification(ctx, session, config, matchedCount, requiredThreshold);
+  }
+}
+__name(handleGuildMemberRequestEvent, "handleGuildMemberRequestEvent");
+function __getAutoQueue() {
+  return autoQueue;
+}
+__name(__getAutoQueue, "__getAutoQueue");
 function parseConfigArgs(raw) {
   const res = tokenize(raw);
   if (res.error) {
@@ -386,47 +562,12 @@ function apply(ctx, config) {
     primary: "id",
     autoInc: true
   });
-  const autoQueue = /* @__PURE__ */ new Map();
-  ctx.on("guild-member-request", async (session) => {
-    logger.debug("guild-member-request event", session);
-    let guildId = (session.guildId || session.channelId || "").toString().trim();
-    const userId = session.userId;
-    const message = session.content || "";
-    if (!guildId) {
-      logger.warn("guild-member-request 没有 guildId，跳过处理");
-      return;
-    }
-    const requestId = session.event?.requestId || session.messageId || "";
-    const groupConfig = await ctx.database.get("group_verification_config", {
-      groupId: guildId
-    });
-    if (!groupConfig || groupConfig.length === 0) {
-      return;
-    }
-    const config2 = groupConfig[0];
-    const { isValid, matchedCount, requiredThreshold } = await verifyApplication(config2, message, session);
-    logger.info(`验证结果 guild=${guildId} user=${userId} msg="${message}" matched=${matchedCount} threshold=${requiredThreshold} valid=${isValid}`);
-    if (isValid) {
-      if (requestId) {
-        try {
-          await session.bot.handleGuildMemberRequest(requestId, true);
-          logger.info(`自动同意 requestId=${requestId}`);
-          if (!autoQueue.has(guildId)) autoQueue.set(guildId, /* @__PURE__ */ new Set());
-          autoQueue.get(guildId).add(userId);
-        } catch (e) {
-          logger.warn("自动同意失败", e);
-        }
-      }
-    } else {
-      await handleFailedVerification(ctx, session, config2, matchedCount, requiredThreshold);
-    }
-  });
   ctx.on("guild-member-added", async (session) => {
     const groupId = session.guildId;
     const userId = session.userId;
     const set = autoQueue.get(groupId);
     if (set && set.has(userId)) {
-      await updateStats(groupId, "autoApproved");
+      await updateStats(ctx, groupId, "autoApproved");
       set.delete(userId);
       logger.info(`用户 ${userId} 通过机器人审批加入群 ${groupId}（autoQueue），统计已更新`);
       return;
@@ -436,35 +577,15 @@ function apply(ctx, config) {
       userId
     });
     if (pendingRecords.length > 0) {
-      await updateStats(groupId, "autoApproved");
+      await updateStats(ctx, groupId, "autoApproved");
       await ctx.database.remove("group_verification_pending", { id: pendingRecords[0].id });
       logger.info(`用户 ${userId} 通过验证加入群 ${groupId}，统计已更新`);
     } else {
-      await updateStats(groupId, "manuallyApproved");
+      await updateStats(ctx, groupId, "manuallyApproved");
       logger.info(`用户 ${userId} 被手动邀请加入群 ${groupId}，手动批准统计已更新`);
     }
   });
-  async function updateStats(groupId, action) {
-    const existingStats = await ctx.database.get("group_verification_stats", { groupId });
-    if (existingStats.length > 0) {
-      const stats = existingStats[0];
-      await ctx.database.set("group_verification_stats", { id: stats.id }, {
-        [action]: stats[action] + 1,
-        lastUpdated: (/* @__PURE__ */ new Date()).toISOString()
-      });
-    } else {
-      await ctx.database.create("group_verification_stats", {
-        groupId,
-        autoApproved: action === "autoApproved" ? 1 : 0,
-        manuallyApproved: action === "manuallyApproved" ? 1 : 0,
-        rejected: action === "rejected" ? 1 : 0,
-        lastUpdated: (/* @__PURE__ */ new Date()).toISOString()
-      });
-    }
-    await syncTotalStats(ctx);
-  }
-  __name(updateStats, "updateStats");
-  async function checkPermission(session, targetGroupId) {
+  async function checkPermission2(session, targetGroupId) {
     const groupId = targetGroupId || session.guildId;
     if (!groupId) {
       return [false, "请在群聊中使用此命令或使用 -i 参数指定群号"];
@@ -522,7 +643,7 @@ function apply(ctx, config) {
     return [false, `权限不足：需要群主/管理员权限或koishi三级以上权限
 ${debugInfo}`];
   }
-  __name(checkPermission, "checkPermission");
+  __name(checkPermission2, "checkPermission");
   const groupVerify = ctx.command("group-verify", "群组验证管理命令").alias("gv", "gverify");
   groupVerify.subcommand(".config [keywords:text]", "配置群组验证规则").alias(
     "gv.cfg",
@@ -570,7 +691,7 @@ ${debugInfo}`];
       }
       try {
         await session.bot.getGuild(targetGroupId);
-        const [hasPermission, errorMsg] = await checkPermission(session, targetGroupId);
+        const [hasPermission, errorMsg] = await checkPermission2(session, targetGroupId);
         if (!hasPermission) {
           return errorMsg || "权限不足";
         }
@@ -658,13 +779,7 @@ ${debugInfo}`];
     if (keywordList.length === 0 && !cleanedOptions.query && !cleanedOptions.remove) {
       const hasConfigParams = cleanedOptions.method !== void 0 || cleanedOptions.threshold !== void 0 || hasRealMessageParam || hasRealEnableMessageParam || hasRealDisableMessageParam;
       if (!hasConfigParams) {
-        return `用法：
-gvc 关键词1,关键词2 -m 1 -t 2    # 创建配置
-gvc -m 1 -t 2                    # 修改审核参数
-gvc -msg "消息内容"              # 修改提醒消息
-gvc -nomsg                       # 禁用提醒消息
-gvc -?                          # 查询配置
-gvc -r                          # 删除配置`;
+        return usageString();
       }
     }
     let existingConfig = null;
@@ -820,7 +935,7 @@ gvc -r                          # 删除配置`;
     "group-verify.同意",
     "gva"
   ).action(async ({ session }, userId) => {
-    const [hasPermission, errorMsg] = await checkPermission(session);
+    const [hasPermission, errorMsg] = await checkPermission2(session);
     if (!hasPermission) {
       return errorMsg || "权限不足";
     }
@@ -828,6 +943,10 @@ gvc -r                          # 删除配置`;
     if (!groupId) {
       return "请在群聊中使用此命令";
     }
+    const configs = await ctx.database.get("group_verification_config", { groupId });
+    if (configs.length > 0 && configs[0].reviewMethod === 3) {
+      return "该群已设为全部拒绝，无法手动同意任何申请";
+    }
     if (!userId || userId.toLowerCase() === "all") {
       if (userId?.toLowerCase() === "all") {
         const pendingRequests2 = await ctx.database.get("group_verification_pending", { groupId });
@@ -838,8 +957,6 @@ gvc -r                          # 删除配置`;
         for (const request2 of pendingRequests2) {
           try {
             await ctx.database.remove("group_verification_pending", { id: request2.id });
-            if (!autoQueue.has(groupId)) autoQueue.set(groupId, /* @__PURE__ */ new Set());
-            autoQueue.get(groupId).add(request2.userId);
             approvedCount++;
           } catch (error) {
             logger.warn(`处理申请 ${request2.id} 时出错:`, error);
@@ -855,8 +972,6 @@ gvc -r                          # 删除配置`;
         try {
           await session.bot.handleGuildMemberRequest(request2.userId, true);
           await ctx.database.remove("group_verification_pending", { id: request2.id });
-          if (!autoQueue.has(groupId)) autoQueue.set(groupId, /* @__PURE__ */ new Set());
-          autoQueue.get(groupId).add(request2.userId);
           return `已同意用户 ${request2.userName}(${request2.userId}) 的加群申请`;
         } catch (error) {
           return `处理申请时出错: ${error.message}`;
@@ -874,8 +989,6 @@ gvc -r                          # 删除配置`;
     try {
       await session.bot.handleGuildMemberRequest(request.userId, true);
       await ctx.database.remove("group_verification_pending", { id: request.id });
-      if (!autoQueue.has(groupId)) autoQueue.set(groupId, /* @__PURE__ */ new Set());
-      autoQueue.get(groupId).add(userId);
       return `已同意用户 ${request.userName}(${userId}) 的加群申请`;
     } catch (error) {
       return `处理申请时出错: ${error.message}`;
@@ -890,7 +1003,7 @@ gvc -r                          # 删除配置`;
     "group-verify.rej",
     "gvr"
   ).action(async ({ session }, userId) => {
-    const [hasPermission, errorMsg] = await checkPermission(session);
+    const [hasPermission, errorMsg] = await checkPermission2(session);
     if (!hasPermission) {
       return errorMsg || "权限不足";
     }
@@ -908,7 +1021,7 @@ gvc -r                          # 删除配置`;
         for (const request2 of pendingRequests2) {
           try {
             await ctx.database.remove("group_verification_pending", { id: request2.id });
-            await updateStats(groupId, "rejected");
+            await updateStats(ctx, groupId, "rejected");
             rejectedCount++;
           } catch (error) {
             logger.warn(`处理申请 ${request2.id} 时出错:`, error);
@@ -923,7 +1036,7 @@ gvc -r                          # 删除配置`;
         const request2 = recentRequest[0];
         try {
           await ctx.database.remove("group_verification_pending", { id: request2.id });
-          await updateStats(groupId, "rejected");
+          await updateStats(ctx, groupId, "rejected");
           return `已拒绝用户 ${request2.userName}(${request2.userId}) 的加群申请`;
         } catch (error) {
           return `处理申请时出错: ${error.message}`;
@@ -940,7 +1053,7 @@ gvc -r                          # 删除配置`;
     const request = pendingRequests[0];
     try {
       await ctx.database.remove("group_verification_pending", { id: request.id });
-      await updateStats(groupId, "rejected");
+      await updateStats(ctx, groupId, "rejected");
       return `已拒绝用户 ${request.userName}(${userId}) 的加群申请`;
     } catch (error) {
       return `处理申请时出错: ${error.message}`;
@@ -1145,39 +1258,23 @@ gvc -r                          # 删除配置`;
 最后更新: ${lastUpdated}`;
   }
   __name(getTotalStats, "getTotalStats");
-  async function syncTotalStats(ctx2) {
-    try {
-      const allStats = await ctx2.database.get("group_verification_stats", {
-        groupId: { $ne: "TOTAL" }
-      });
-      if (allStats.length > 0) {
-        const totalAutoApproved = allStats.reduce((sum, stat) => sum + (stat.autoApproved || 0), 0);
-        const totalManuallyApproved = allStats.reduce((sum, stat) => sum + (stat.manuallyApproved || 0), 0);
-        const totalRejected = allStats.reduce((sum, stat) => sum + (stat.rejected || 0), 0);
-        await ctx2.database.set("group_verification_stats", { groupId: "TOTAL" }, {
-          autoApproved: totalAutoApproved,
-          manuallyApproved: totalManuallyApproved,
-          rejected: totalRejected,
-          lastUpdated: (/* @__PURE__ */ new Date()).toISOString()
-        });
-        logger.info(`总计统计已同步: 自动批准${totalAutoApproved}, 手动批准${totalManuallyApproved}, 拒绝${totalRejected}`);
-      }
-    } catch (error) {
-      logger.error("同步总计统计时出错:", error);
-    }
-  }
-  __name(syncTotalStats, "syncTotalStats");
 }
 __name(apply, "apply");
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
   Config,
+  __getAutoQueue,
   apply,
+  checkPermission,
   handleFailedVerification,
+  handleGuildMemberRequestEvent,
   inject,
   mergeReminder,
   name,
   parseConfigArgs,
+  syncTotalStats,
   tokenize,
+  updateStats,
+  usageString,
   verifyApplication
 });

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "koishi-plugin-group-verification",
   "description": "[WIP] Koishi 群组加群验证插件，支持多关键词匹配审核、多种审核方式和详细统计功能（开发中）",
-  "version": "1.0.24",
+  "version": "1.0.25",
   "main": "lib/index.js",
   "typings": "lib/index.d.ts",
   "files": [

package/readme.md

@@ -124,7 +124,9 @@ group-verify.stats total
 {question} - 申请理由
 {answer}  - 答对数量/比例
 {threshold} - 阈值要求
-\n        - 换行符
+\n        - 换行符（在配置中写成 `\\n`）
+
+默认模板末尾会附加一句 “使用 gva 同意或 gvr 拒绝申请”，表示管理员可以通过快捷命令操作。
 ```
 
 ## 🔐 权限说明

package/src/index.ts

@@ -56,7 +56,9 @@ export interface Config {
 }
 
 export const Config: Schema<Config> = Schema.object({
-  defaultReminderMessage: Schema.string().description('默认提醒消息模板').default('{user}({id}) 申请加入群 {gname}({group})\n申请理由：{question}\n匹配情况：{answer}/{threshold}'),
+  defaultReminderMessage: Schema.string()
+    .description('默认提醒消息模板（使用 \n 表示换行，可包含下方变量）')
+    .default('{user}({id}) 申请加入群 {gname}({group})\n申请理由：{question}\n匹配情况：{answer}/{threshold}\n使用 gva 同意或 gvr 拒绝申请'),
   enableStrictGroupCheck: Schema.boolean().description('是否启用严格的群号检查（检查群号长度）').default(false),
   logLevel: Schema.union(['debug', 'info', 'warn', 'error']).description('日志级别').default('info')
 }).description('群组验证插件配置')
@@ -216,6 +218,31 @@ function validateKeywordFormat(raw: string): boolean {
  * 返回最终的 reminderEnabled 和 reminderMessage。
  * 对于 -nomsg 不会清除已保存的 message，便于后续再次启用时恢复。
  */
+export function usageString(): string {
+  return `用法：
+# 创建/修改配置
+  gvc 关键词1,关键词2 -m 1 -t 2    # 创建配置
+  gvc -m 1 -t 2                    # 修改审核参数
+
+# 提醒消息控制（可用变量详见下方）
+  gvc -msg "消息内容"              # 修改提醒消息
+  gvc -nomsg                       # 禁用提醒消息
+  # 查询/删除
+  gvc -?                          # 查询配置
+  gvc -r                          # 删除配置
+
+  审核方式说明（使用 -m 参数）：
+    0 全部同意（默认）
+    1 按数量同意，需要 -t 指定数量
+    2 按比例同意，需要 -t 指定百分比
+    3 全部拒绝（拒绝后系统会自动阻止任何通过）
+
+  提醒消息可用变量：{user} 用户名  {id} 用户ID
+    {group} 群号  {gname} 群名称
+    {question} 申请理由  {answer} 匹配情况  {threshold} 阈值
+    使用 \\n   换行`;
+}
+
 export function mergeReminder(
   existingConfig: any | null,
   cleanedOptions: {
@@ -260,6 +287,177 @@ export function mergeReminder(
  * 返回关键词数组和各类 flag 的值，未出现的 flag 保持 undefined。
  * 若检测到格式错误（如纯空格分隔关键词），返回 error 字段。
  */
+// 全局缓存：记录通过机器人自动批准的用户，供 guild-member-added 事件使用
+const autoQueue = new Map<string, Set<string>>();
+
+// 更新统计信息函数，提取到模块层供多个位置调用
+// synchronize overall statistics across groups
+export async function syncTotalStats(ctx: Context) {
+  try {
+    // 获取所有群组统计（排除TOTAL行）
+    const allStats = await ctx.database.get('group_verification_stats', {
+      groupId: { $ne: 'TOTAL' }
+    })
+    
+    if (allStats.length > 0) {
+      // 计算总计
+      const totalAutoApproved = allStats.reduce((sum, stat) => sum + (stat.autoApproved || 0), 0)
+      const totalManuallyApproved = allStats.reduce((sum, stat) => sum + (stat.manuallyApproved || 0), 0)
+      const totalRejected = allStats.reduce((sum, stat) => sum + (stat.rejected || 0), 0)
+      
+      // 更新总计行
+      await ctx.database.set('group_verification_stats', { groupId: 'TOTAL' }, {
+        autoApproved: totalAutoApproved,
+        manuallyApproved: totalManuallyApproved,
+        rejected: totalRejected,
+        lastUpdated: new Date().toISOString()
+      })
+      
+      logger.info(`总计统计已同步: 自动批准${totalAutoApproved}, 手动批准${totalManuallyApproved}, 拒绝${totalRejected}`)
+    }
+  } catch (error) {
+    logger.error('同步总计统计时出错:', error)
+  }
+}
+
+export async function updateStats(ctx: Context, groupId: string, action: 'autoApproved' | 'manuallyApproved' | 'rejected') {
+  // 更新群组统计
+  const existingStats = await ctx.database.get('group_verification_stats', { groupId })
+  
+  if (existingStats.length > 0) {
+    const stats = existingStats[0]
+    await ctx.database.set('group_verification_stats', { id: stats.id }, {
+      [action]: stats[action] + 1,
+      lastUpdated: new Date().toISOString()
+    })
+  } else {
+    await ctx.database.create('group_verification_stats', {
+      groupId,
+      autoApproved: action === 'autoApproved' ? 1 : 0,
+      manuallyApproved: action === 'manuallyApproved' ? 1 : 0,
+      rejected: action === 'rejected' ? 1 : 0,
+      lastUpdated: new Date().toISOString()
+    })
+  }
+  
+  // 同步更新总计统计
+  await syncTotalStats(ctx)
+}
+
+// 权限检查函数（也可用于命令）
+export async function checkPermission(session: any, targetGroupId?: string): Promise<[boolean, string?]> {
+  const groupId = targetGroupId || session.guildId
+  
+  // 私聊情况下必须指定群号
+  if (!groupId) {
+    return [false, '请在群聊中使用此命令或使用 -i 参数指定群号']
+  }
+  
+  logger.info(`权限检查 - 用户ID: ${session.userId}, 群号: ${groupId}`)
+  const koishiAuthority = session.author?.authority || session.user?.authority
+  logger.info(`权限检查 - Koishi权限等级: ${koishiAuthority || '未获取到'}`)
+  
+  if (!session.author) {
+    logger.info(`权限检查 - session中可能的权限字段:`, {
+      authority: session.authority,
+      permission: session.permission,
+      role: session.role
+    })
+  } else {
+    logger.info(`权限检查 - author对象中的字段:`, {
+      authority: session.author.authority,
+      permission: session.author.permission,
+      role: session.author.role,
+      permissions: session.author.permissions
+    })
+  }
+  
+  if (session.user) {
+    logger.info(`权限检查 - user对象中的权限信息:`, {
+      authority: session.user.authority,
+      permission: session.user.permission,
+      role: session.user.role
+    })
+  }
+  
+  if (koishiAuthority && koishiAuthority >= 3) {
+    logger.info(`权限检查 - 通过koishi权限检查: ${koishiAuthority}`)
+    return [true]
+  }
+  
+  try {
+    const member = await session.bot.getGuildMember(groupId, session.userId)
+    logger.info(`权限检查 - 获取到成员信息:`, {
+      roles: member?.roles,
+      permissions: member?.permissions
+    })
+    if (member) {
+      if (member.permissions?.includes('OWNER') || member.roles?.includes('owner')) {
+        logger.info(`权限检查 - 用户是群主`)
+        return [true]
+      }
+      if (member.roles?.includes('admin') || member.permissions?.includes('ADMINISTRATOR')) {
+        logger.info(`权限检查 - 用户是管理员`)
+        return [true]
+      }
+    }
+  } catch (e) {
+    logger.warn('权限检查获取成员信息失败', e)
+  }
+  
+  return [false, '权限不足']
+}
+
+// 提供给测试的辅助函数：处理 guild-member-request 事件的逻辑
+export async function handleGuildMemberRequestEvent(ctx: Context, session: any) {
+  logger.debug('guild-member-request event', session)
+  let guildId = (session.guildId || session.channelId || '').toString().trim();
+  const userId = session.userId;
+  const message = session.content || '';
+
+  if (!guildId) {
+    logger.warn('guild-member-request 没有 guildId，跳过处理');
+    return;
+  }
+
+  const requestId = ((session.event as any)?.requestId) || session.messageId || '';
+  const groupConfig = await ctx.database.get('group_verification_config', { groupId: guildId });
+  if (!groupConfig || groupConfig.length === 0) return;
+  const config = groupConfig[0];
+
+  if (config.reviewMethod === 3) {
+    logger.info(`配置要求全部拒绝，自动拒绝用户 ${userId}`);
+    if (requestId) {
+      try { await session.bot.handleGuildMemberRequest(requestId, false); } catch (e) { logger.warn('自动拒绝失败', e); }
+    }
+    await updateStats(ctx, guildId, 'rejected');
+    return;
+  }
+
+  const { isValid, matchedCount, requiredThreshold } = await verifyApplication(config, message, session);
+  logger.info(`验证结果 guild=${guildId} user=${userId} msg="${message}" matched=${matchedCount} threshold=${requiredThreshold} valid=${isValid}`);
+
+  if (isValid) {
+    if (requestId) {
+      try {
+        await session.bot.handleGuildMemberRequest(requestId, true);
+        logger.info(`自动同意 requestId=${requestId}`);
+        if (!autoQueue.has(guildId)) autoQueue.set(guildId, new Set());
+        autoQueue.get(guildId)!.add(userId);
+      } catch (e) {
+        logger.warn('自动同意失败', e);
+      }
+    }
+  } else {
+    await handleFailedVerification(ctx, session, config, matchedCount, requiredThreshold);
+  }
+}
+
+// 供测试读取当前 autoQueue 状态
+export function __getAutoQueue() {
+  return autoQueue;
+}
+
 export function parseConfigArgs(raw: string): ParsedArgs {
   const res = tokenize(raw);
   if (res.error) {
@@ -543,57 +741,7 @@ export function apply(ctx: Context, config: Config) {
     autoInc: true
   })
 
-  // 缓存正在审批的用户，用于避免 guild-member-added 重复计数
-  const autoQueue = new Map<string, Set<string>>();
-
-  // 监听加群申请事件
-  ctx.on('guild-member-request', async (session) => {
-    // debug: 输出整个 session 以便定位字段名
-    logger.debug('guild-member-request event', session)
-
-    let guildId = (session.guildId || session.channelId || '').toString().trim();
-    const userId = session.userId;
-    const message = session.content || '';
-
-    if (!guildId) {
-      logger.warn('guild-member-request 没有 guildId，跳过处理');
-      return;
-    }
-
-    // 获取 requestId（不同平台字段不同）
-    const requestId = ((session.event as any)?.requestId) || session.messageId || '';
 
-    // 获取群组配置
-    const groupConfig = await ctx.database.get('group_verification_config', {
-      groupId: guildId
-    });
-
-    if (!groupConfig || groupConfig.length === 0) {
-      // 无配置直接放行（需要有 requestId）
-      return;
-    }
-    const config = groupConfig[0];
-
-    // 执行验证，记录详细情况
-    const { isValid, matchedCount, requiredThreshold } = await verifyApplication(config, message, session);
-    logger.info(`验证结果 guild=${guildId} user=${userId} msg="${message}" matched=${matchedCount} threshold=${requiredThreshold} valid=${isValid}`);
-
-    if (isValid) {
-      if (requestId) {
-        try {
-          await session.bot.handleGuildMemberRequest(requestId, true);
-          logger.info(`自动同意 requestId=${requestId}`);
-          // 将此用户标记为自动批准，等待 guild-member-added 更新统计
-          if (!autoQueue.has(guildId)) autoQueue.set(guildId, new Set());
-          autoQueue.get(guildId)!.add(userId);
-        } catch (e) {
-          logger.warn('自动同意失败', e);
-        }
-      }
-    } else {
-      await handleFailedVerification(ctx, session, config, matchedCount, requiredThreshold);
-    }
-  });
 
   // 监听群成员增加事件（包括手动邀请入群）
   ctx.on('guild-member-added', async (session) => {
@@ -603,7 +751,7 @@ export function apply(ctx: Context, config: Config) {
     // 先检查 autoQueue
     const set = autoQueue.get(groupId)
     if (set && set.has(userId)) {
-      await updateStats(groupId, 'autoApproved')
+      await updateStats(ctx, groupId, 'autoApproved')
       set.delete(userId)
       logger.info(`用户 ${userId} 通过机器人审批加入群 ${groupId}（autoQueue），统计已更新`)
       return
@@ -617,13 +765,13 @@ export function apply(ctx: Context, config: Config) {
 
     if (pendingRecords.length > 0) {
       // 通过验证的用户入群，更新统计
-      await updateStats(groupId, 'autoApproved')
+      await updateStats(ctx, groupId, 'autoApproved')
       // 清除待审核记录
       await ctx.database.remove('group_verification_pending', { id: pendingRecords[0].id })
       logger.info(`用户 ${userId} 通过验证加入群 ${groupId}，统计已更新`)
     } else {
       // 手动邀请入群，记录到手动批准统计
-      await updateStats(groupId, 'manuallyApproved')
+      await updateStats(ctx, groupId, 'manuallyApproved')
       logger.info(`用户 ${userId} 被手动邀请加入群 ${groupId}，手动批准统计已更新`)
     }
   })
@@ -631,29 +779,6 @@ export function apply(ctx: Context, config: Config) {
 
 
   // 更新统计信息
-  async function updateStats(groupId: string, action: 'autoApproved' | 'manuallyApproved' | 'rejected') {
-    // 更新群组统计
-    const existingStats = await ctx.database.get('group_verification_stats', { groupId })
-    
-    if (existingStats.length > 0) {
-      const stats = existingStats[0]
-      await ctx.database.set('group_verification_stats', { id: stats.id }, {
-        [action]: stats[action] + 1,
-        lastUpdated: new Date().toISOString()
-      })
-    } else {
-      await ctx.database.create('group_verification_stats', {
-        groupId,
-        autoApproved: action === 'autoApproved' ? 1 : 0,
-        manuallyApproved: action === 'manuallyApproved' ? 1 : 0,
-        rejected: action === 'rejected' ? 1 : 0,
-        lastUpdated: new Date().toISOString()
-      })
-    }
-    
-    // 同步更新总计统计
-    await syncTotalStats(ctx)
-  }
 
   // 权限检查函数
   async function checkPermission(session: any, targetGroupId?: string): Promise<[boolean, string?]> {
@@ -927,13 +1052,7 @@ export function apply(ctx: Context, config: Config) {
                                hasRealEnableMessageParam ||
                                hasRealDisableMessageParam
         if (!hasConfigParams) {
-          return `用法：
-gvc 关键词1,关键词2 -m 1 -t 2    # 创建配置
-gvc -m 1 -t 2                    # 修改审核参数
-gvc -msg "消息内容"              # 修改提醒消息
-gvc -nomsg                       # 禁用提醒消息
-gvc -?                          # 查询配置
-gvc -r                          # 删除配置`
+          return usageString()
         }
         // 这里会在下面获取一次 existingConfig，故暂不重复查询
       }
@@ -1145,6 +1264,11 @@ gvc -r                          # 删除配置`
         return '请在群聊中使用此命令'
       }
 
+      // 在开始之前检查配置是否为全部拒绝
+      const configs = await ctx.database.get('group_verification_config', { groupId })
+      if (configs.length > 0 && configs[0].reviewMethod === 3) {
+        return '该群已设为全部拒绝，无法手动同意任何申请'
+      }
       // 处理默认情况和all情况
       if (!userId || userId.toLowerCase() === 'all') {
         if (userId?.toLowerCase() === 'all') {
@@ -1160,9 +1284,6 @@ gvc -r                          # 删除配置`
               // TODO: 需要获取实际的requestId来进行审批
               // await session.bot.handleGuildMemberRequest(request.requestId, true)
               await ctx.database.remove('group_verification_pending', { id: request.id })
-              // 标记为自动批准，实际统计在 guild-member-added 处理
-              if (!autoQueue.has(groupId)) autoQueue.set(groupId, new Set())
-              autoQueue.get(groupId)!.add(request.userId)
               approvedCount++
             } catch (error) {
               logger.warn(`处理申请 ${request.id} 时出错:`, error)
@@ -1182,8 +1303,6 @@ gvc -r                          # 删除配置`
             // 这里需要获取实际的requestId，暂时用userId作为示例
             await session.bot.handleGuildMemberRequest(request.userId, true)
             await ctx.database.remove('group_verification_pending', { id: request.id })
-            if (!autoQueue.has(groupId)) autoQueue.set(groupId, new Set())
-            autoQueue.get(groupId)!.add(request.userId)
             return `已同意用户 ${request.userName}(${request.userId}) 的加群申请`
           } catch (error) {
             return `处理申请时出错: ${error.message}`
@@ -1206,8 +1325,6 @@ gvc -r                          # 删除配置`
         // 这里需要获取实际的requestId来进行审批
         await session.bot.handleGuildMemberRequest(request.userId, true)
         await ctx.database.remove('group_verification_pending', { id: request.id })
-        if (!autoQueue.has(groupId)) autoQueue.set(groupId, new Set())
-        autoQueue.get(groupId)!.add(userId)
         return `已同意用户 ${request.userName}(${userId}) 的加群申请`
       } catch (error) {
         return `处理申请时出错: ${error.message}`
@@ -1249,7 +1366,7 @@ gvc -r                          # 删除配置`
               // TODO: 需要获取实际的requestId来进行拒绝
               // await session.bot.handleGuildMemberRequest(request.requestId, false)
               await ctx.database.remove('group_verification_pending', { id: request.id })
-              await updateStats(groupId, 'rejected')
+              await updateStats(ctx, groupId, 'rejected')
               rejectedCount++
             } catch (error) {
               logger.warn(`处理申请 ${request.id} 时出错:`, error)
@@ -1269,7 +1386,7 @@ gvc -r                          # 删除配置`
             // TODO: 需要获取实际的requestId来进行拒绝
             // await session.bot.handleGuildMemberRequest(request.requestId, false)
             await ctx.database.remove('group_verification_pending', { id: request.id })
-            await updateStats(groupId, 'rejected')
+            await updateStats(ctx, groupId, 'rejected')
             return `已拒绝用户 ${request.userName}(${request.userId}) 的加群申请`
           } catch (error) {
             return `处理申请时出错: ${error.message}`
@@ -1292,7 +1409,7 @@ gvc -r                          # 删除配置`
         // TODO: 需要获取实际的requestId来进行拒绝
         // await session.bot.handleGuildMemberRequest(request.requestId, false)
         await ctx.database.remove('group_verification_pending', { id: request.id })
-        await updateStats(groupId, 'rejected')
+        await updateStats(ctx, groupId, 'rejected')
         return `已拒绝用户 ${request.userName}(${userId}) 的加群申请`
       } catch (error) {
         return `处理申请时出错: ${error.message}`
@@ -1542,32 +1659,4 @@ gvc -r                          # 删除配置`
 最后更新: ${lastUpdated}`
   }
   
-  // 同步统计数据到总计行的函数
-  async function syncTotalStats(ctx: Context) {
-    try {
-      // 获取所有群组统计（排除TOTAL行）
-      const allStats = await ctx.database.get('group_verification_stats', {
-        groupId: { $ne: 'TOTAL' }
-      })
-      
-      if (allStats.length > 0) {
-        // 计算总计
-        const totalAutoApproved = allStats.reduce((sum, stat) => sum + (stat.autoApproved || 0), 0)
-        const totalManuallyApproved = allStats.reduce((sum, stat) => sum + (stat.manuallyApproved || 0), 0)
-        const totalRejected = allStats.reduce((sum, stat) => sum + (stat.rejected || 0), 0)
-        
-        // 更新总计行
-        await ctx.database.set('group_verification_stats', { groupId: 'TOTAL' }, {
-          autoApproved: totalAutoApproved,
-          manuallyApproved: totalManuallyApproved,
-          rejected: totalRejected,
-          lastUpdated: new Date().toISOString()
-        })
-        
-        logger.info(`总计统计已同步: 自动批准${totalAutoApproved}, 手动批准${totalManuallyApproved}, 拒绝${totalRejected}`)
-      }
-    } catch (error) {
-      logger.error('同步总计统计时出错:', error)
-    }
-  }
 }