neoagent 2.2.1-beta.7 → 2.3.0

package/server/services/messaging/access_policy.test.js

@@ -0,0 +1,228 @@
+const test = require('node:test');
+const assert = require('node:assert/strict');
+
+const {
+  createDefaultAccessPolicy,
+  migrateLegacyWhitelist,
+  normalizeAccessPolicy,
+  parseStoredAccessPolicy,
+  evaluateAccessPolicy,
+} = require('./access_policy');
+const { BasePlatform } = require('./base');
+
+test('discord defaults require allowlists and shared mentions', () => {
+  const policy = createDefaultAccessPolicy('discord');
+  assert.equal(policy.directPolicy, 'allowlist');
+  assert.equal(policy.sharedPolicy, 'allowlist');
+  assert.equal(policy.requireMentionInShared, true);
+});
+
+test('discord legacy whitelist migrates into canonical buckets', () => {
+  const policy = migrateLegacyWhitelist('discord', [
+    'user:123',
+    'guild:456',
+    'channel:789',
+    'role:999',
+  ]);
+
+  assert.deepEqual(
+    policy.directRules.map((rule) => `${rule.scope}:${rule.value}`),
+    ['user:123'],
+  );
+  assert.deepEqual(
+    policy.sharedSpaceRules.map((rule) => `${rule.scope}:${rule.value}`),
+    ['server:456', 'channel:789'],
+  );
+  assert.deepEqual(
+    policy.sharedActorRules.map((rule) => `${rule.scope}:${rule.value}`),
+    ['user:123', 'role:999'],
+  );
+});
+
+test('telegram legacy raw ids split users and groups', () => {
+  const policy = migrateLegacyWhitelist('telegram', ['123', '-100555']);
+  assert.deepEqual(
+    policy.directRules.map((rule) => `${rule.scope}:${rule.value}`),
+    ['user:123'],
+  );
+  assert.deepEqual(
+    policy.sharedSpaceRules.map((rule) => `${rule.scope}:${rule.value}`),
+    ['group:-100555'],
+  );
+  assert.deepEqual(
+    policy.sharedActorRules.map((rule) => `${rule.scope}:${rule.value}`),
+    ['user:123'],
+  );
+});
+
+test('telnyx legacy numbers become direct phone rules', () => {
+  const policy = migrateLegacyWhitelist('telnyx', ['+1 (555) 1200']);
+  assert.equal(policy.sharedPolicy, 'disabled');
+  assert.deepEqual(policy.directRules, [
+    { scope: 'phone_number', value: '+15551200' },
+  ]);
+});
+
+test('shared access requires both space allowlist and mention when configured', () => {
+  const policy = normalizeAccessPolicy('discord', {
+    sharedPolicy: 'allowlist',
+    requireMentionInShared: true,
+    sharedSpaceRules: [{ scope: 'server', value: 'guild-1' }],
+    sharedActorRules: [{ scope: 'role', value: 'role-1' }],
+  });
+
+  const deniedByMention = evaluateAccessPolicy(policy, {
+    senderId: 'user-1',
+    chatId: 'chan-1',
+    isDirect: false,
+    isShared: true,
+    groupId: 'chan-1',
+    channelId: 'chan-1',
+    serverId: 'guild-1',
+    roleIds: ['role-1'],
+    wasMentioned: false,
+  }, 'discord');
+  assert.equal(deniedByMention.allowed, false);
+  assert.equal(deniedByMention.reason, 'mention_required');
+
+  const allowed = evaluateAccessPolicy(policy, {
+    senderId: 'user-1',
+    chatId: 'chan-1',
+    isDirect: false,
+    isShared: true,
+    groupId: 'chan-1',
+    channelId: 'chan-1',
+    serverId: 'guild-1',
+    roleIds: ['role-1'],
+    wasMentioned: true,
+  }, 'discord');
+  assert.equal(allowed.allowed, true);
+});
+
+test('direct allowlist requires a matching direct rule', () => {
+  const policy = normalizeAccessPolicy('telegram', {
+    directPolicy: 'allowlist',
+    directRules: [{ scope: 'user', value: '42' }],
+  });
+
+  assert.equal(
+    evaluateAccessPolicy(policy, {
+      senderId: '42',
+      chatId: 'dm_42',
+      isDirect: true,
+      isShared: false,
+      wasMentioned: false,
+    }, 'telegram').allowed,
+    true,
+  );
+
+  assert.equal(
+    evaluateAccessPolicy(policy, {
+      senderId: '99',
+      chatId: 'dm_99',
+      isDirect: true,
+      isShared: false,
+      wasMentioned: false,
+    }, 'telegram').allowed,
+    false,
+  );
+});
+
+test('shared actor role rules gate allowed spaces', () => {
+  const policy = normalizeAccessPolicy('discord', {
+    sharedPolicy: 'open',
+    requireMentionInShared: false,
+    sharedActorRules: [{ scope: 'role', value: 'ops' }],
+  });
+
+  assert.equal(
+    evaluateAccessPolicy(policy, {
+      senderId: 'user-1',
+      chatId: 'chan',
+      isDirect: false,
+      isShared: true,
+      channelId: 'chan',
+      serverId: 'guild',
+      roleIds: ['ops'],
+      wasMentioned: true,
+    }, 'discord').allowed,
+    true,
+  );
+
+  const denied = evaluateAccessPolicy(policy, {
+    senderId: 'user-2',
+    chatId: 'chan',
+    isDirect: false,
+    isShared: true,
+    channelId: 'chan',
+    serverId: 'guild',
+    roleIds: ['guest'],
+    wasMentioned: true,
+  }, 'discord');
+  assert.equal(denied.allowed, false);
+  assert.equal(denied.reason, 'shared_actor_not_allowed');
+});
+
+test('parseStoredAccessPolicy prefers canonical JSON and falls back to legacy JSON', () => {
+  const canonical = parseStoredAccessPolicy(
+    'discord',
+    JSON.stringify({
+      directPolicy: 'open',
+      sharedPolicy: 'disabled',
+      requireMentionInShared: false,
+    }),
+    JSON.stringify(['user:123']),
+  );
+  assert.equal(canonical.directPolicy, 'open');
+  assert.equal(canonical.sharedPolicy, 'disabled');
+
+  const legacy = parseStoredAccessPolicy(
+    'discord',
+    null,
+    JSON.stringify(['user:123']),
+  );
+  assert.deepEqual(
+    legacy.directRules.map((rule) => `${rule.scope}:${rule.value}`),
+    ['user:123'],
+  );
+});
+
+test('live platforms can hot-update policy without reconnecting', () => {
+  class FakePlatform extends BasePlatform {
+    constructor() {
+      super('discord', {});
+    }
+  }
+
+  const platform = new FakePlatform();
+  platform.setAccessPolicy({
+    directPolicy: 'disabled',
+    sharedPolicy: 'disabled',
+  });
+  assert.equal(
+    platform.evaluateAccess({
+      senderId: 'user-1',
+      chatId: 'dm_user-1',
+      isDirect: true,
+      isShared: false,
+      wasMentioned: false,
+    }).allowed,
+    false,
+  );
+
+  platform.setAccessPolicy({
+    directPolicy: 'allowlist',
+    directRules: [{ scope: 'user', value: 'user-1' }],
+    sharedPolicy: 'disabled',
+  });
+  assert.equal(
+    platform.evaluateAccess({
+      senderId: 'user-1',
+      chatId: 'dm_user-1',
+      isDirect: true,
+      isShared: false,
+      wasMentioned: false,
+    }).allowed,
+    true,
+  );
+});

package/server/services/messaging/automation.js

@@ -2,10 +2,17 @@
 
 const db = require('../../db/database');
 const { detectPromptInjection } = require('../../utils/security');
-const { normalizeWhatsAppId } = require('../../utils/whatsapp');
 const { randomUUID } = require('crypto');
 const { isMainAgent } = require('../agents/manager');
 const { buildPlatformFormattingGuide } = require('./formatting_guides');
+const {
+  accessPolicyKey,
+  legacyWhitelistKey,
+  parseStoredAccessPolicy,
+  evaluateAccessPolicy,
+  buildBlockedSenderPayload,
+  contextFromMessage,
+} = require('./access_policy');
 const {
   buildVoiceMessagingPrompt,
   buildVoiceMessagingRunOptions,
@@ -362,120 +369,50 @@ function buildSenderIdentityBlock(msg) {
   return `<sender_identity>\n${lines.join('\n')}\n</sender_identity>`;
 }
 
-function messagingAllowlistCandidates(msg) {
-  const sender = String(msg.sender || '').trim();
-  const chatId = String(msg.chatId || '').trim();
-  const values = new Set([sender, chatId].filter(Boolean));
-  const normalizedChatId = chatId.startsWith('dm_') ? chatId.slice(3) : chatId;
-  const guildId = String(msg.guildId || '').trim();
-
-  if (normalizedChatId) {
-    values.add(normalizedChatId);
-  }
-  if (sender) values.add(`user:${sender}`);
-  if (guildId) values.add(`guild:${guildId}`);
-  if (chatId) {
-    values.add(`chat:${chatId}`);
-    values.add(`channel:${chatId}`);
-    values.add(`room:${chatId}`);
-    values.add(`group:${chatId}`);
-  }
-  if (normalizedChatId) {
-    values.add(`chat:${normalizedChatId}`);
-    values.add(`channel:${normalizedChatId}`);
-    values.add(`room:${normalizedChatId}`);
-    values.add(`group:${normalizedChatId}`);
-  }
-  return [...values];
-}
-
 async function isAllowedMessagingSender({ io, userId, msg }) {
   const agentId = msg.agentId || null;
-  const whitelistRow = db
+  const policyRow = db
     .prepare('SELECT value FROM agent_settings WHERE user_id = ? AND agent_id = ? AND key = ?')
-    .get(userId, agentId, `platform_whitelist_${msg.platform}`)
+    .get(userId, agentId, accessPolicyKey(msg.platform))
     || (isMainAgent(userId, agentId)
       ? db
         .prepare('SELECT value FROM user_settings WHERE user_id = ? AND key = ?')
-        .get(userId, `platform_whitelist_${msg.platform}`)
+        .get(userId, accessPolicyKey(msg.platform))
+      : null);
+  const legacyRow = db
+    .prepare('SELECT value FROM agent_settings WHERE user_id = ? AND agent_id = ? AND key = ?')
+    .get(userId, agentId, legacyWhitelistKey(msg.platform))
+    || (isMainAgent(userId, agentId)
+      ? db
+        .prepare('SELECT value FROM user_settings WHERE user_id = ? AND key = ?')
+        .get(userId, legacyWhitelistKey(msg.platform))
       : null);
 
-  const normalize =
-    msg.platform === 'whatsapp'
-      ? normalizeWhatsAppId
-      : msg.platform === 'telnyx'
-        ? (id) => String(id || '').replace(/[^0-9+]/g, '')
-        : (id) => String(id || '').trim();
-
-  let whitelist = [];
-  if (whitelistRow) {
-    try {
-      const parsed = JSON.parse(whitelistRow.value);
-      if (Array.isArray(parsed)) whitelist = parsed;
-    } catch {
-      whitelist = [];
-    }
-  }
-
-  const shouldCheckWhitelist = whitelist.length > 0;
-
-  if (!shouldCheckWhitelist) {
-    if (!msg.isGroup) return true;
-    console.log(
-      `[Messaging] Blocked ${msg.platform} group message from ${msg.sender} (no group allowlist configured)`
-    );
-    emitBlockedSenderSuggestion({ io, userId, msg });
-    return false;
-  }
-
-  const candidates = messagingAllowlistCandidates(msg).map(normalize).filter(Boolean);
-  const allowed = whitelist.some((entry) => {
-    const normalizedEntry = normalize(entry);
-    return normalizedEntry === '*' || candidates.includes(normalizedEntry);
-  });
-  if (allowed) {
+  const policy = parseStoredAccessPolicy(msg.platform, policyRow?.value, legacyRow?.value);
+  const decision = evaluateAccessPolicy(policy, contextFromMessage(msg), msg.platform);
+  if (decision.allowed) {
     return true;
   }
 
   console.log(
-    `[Messaging] Blocked ${msg.platform} message from ${msg.sender} (not in whitelist)`
+    `[Messaging] Blocked ${msg.platform} message from ${msg.sender} (${decision.reason})`
   );
   emitBlockedSenderSuggestion({ io, userId, msg });
   return false;
 }
 
 function emitBlockedSenderSuggestion({ io, userId, msg }) {
-  const suggestions = [];
-  if (msg.platform === 'whatsapp') {
-    const normalizedSender = normalizeWhatsAppId(msg.sender || msg.chatId);
-    if (normalizedSender) {
-      suggestions.push({
-        label: `Add sender (${msg.senderName || normalizedSender})`,
-        prefixedId: normalizedSender
-      });
-    }
-  } else {
-    const sender = String(msg.sender || '').trim();
-    const chatId = String(msg.chatId || '').trim();
-    if (sender) {
-      suggestions.push({
-        label: `Add sender (${msg.senderName || sender})`,
-        prefixedId: `user:${sender}`
-      });
-    }
-    if (chatId && chatId !== sender) {
-      suggestions.push({
-        label: `Add chat (${chatId})`,
-        prefixedId: msg.isGroup ? `group:${chatId}` : chatId
-      });
-    }
-  }
+  const payload = buildBlockedSenderPayload(msg.platform, contextFromMessage(msg), {
+    senderName: msg.senderName || null,
+    meta: msg.guildName ? `Server: ${msg.guildName}` : (msg.groupName ? `Group: ${msg.groupName}` : ''),
+    serverLabel: msg.guildName || '',
+    groupLabel: msg.groupName || '',
+    channelLabel: msg.channelName || '',
+    roomLabel: msg.roomName || '',
+  });
   io.to(`user:${userId}`).emit('messaging:blocked_sender', {
     platform: msg.platform,
-    sender: msg.sender,
-    chatId: msg.chatId,
-    senderName: msg.senderName || null,
-    suggestions: suggestions.length > 0 ? suggestions : null
+    ...payload,
   });
 }
 

package/server/services/messaging/base.js

@@ -1,4 +1,11 @@
 const EventEmitter = require('events');
+const {
+  createDefaultAccessPolicy,
+  normalizeAccessPolicy,
+  getPlatformAccessCapabilities,
+  evaluateAccessPolicy,
+  buildBlockedSenderPayload,
+} = require('./access_policy');
 
 class BasePlatform extends EventEmitter {
   constructor(name, config = {}) {
@@ -10,6 +17,11 @@ class BasePlatform extends EventEmitter {
     this.supportsMedia = false;
     this.supportsVoice = false;
     this.allowedEntries = new Set();
+    this.accessCapabilities = getPlatformAccessCapabilities(name);
+    this.accessPolicy = createDefaultAccessPolicy(name);
+    if (config.accessPolicy) {
+      this.setAccessPolicy(config.accessPolicy);
+    }
   }
 
   setAllowedEntries(entries) {
@@ -18,16 +30,43 @@ class BasePlatform extends EventEmitter {
     }
   }
 
+  setAccessPolicy(policy) {
+    this.accessPolicy = normalizeAccessPolicy(this.name, policy);
+    return this.accessPolicy;
+  }
+
+  getAccessPolicy() {
+    return this.accessPolicy;
+  }
+
+  getAccessCapabilities() {
+    return this.accessCapabilities;
+  }
+
   _checkAccess(id) {
     if (this.allowedEntries.size === 0) return true;
     return this.allowedEntries.has(String(id));
   }
 
+  evaluateAccess(context) {
+    return evaluateAccessPolicy(this.accessPolicy, context, this.name);
+  }
+
+  _checkInboundAccess(context, options = {}) {
+    const result = this.evaluateAccess(context);
+    if (result.allowed) {
+      return result;
+    }
+    this.emit('blocked_sender', buildBlockedSenderPayload(this.name, context, options));
+    return result;
+  }
+
   async connect() { throw new Error('connect() not implemented'); }
   async disconnect() { throw new Error('disconnect() not implemented'); }
   async sendMessage(to, content, options) { throw new Error('sendMessage() not implemented'); }
   async getContacts() { return []; }
   async getChats() { return []; }
+  async listAccessTargets() { return []; }
   getStatus() { return this.status; }
   getAuthInfo() { return null; }
 }

package/server/services/messaging/discord.js

@@ -113,33 +113,6 @@ class DiscordPlatform extends BasePlatform {
   getStatus() { return this.status; }
   getAuthInfo() { return this._botUser ? { tag: this._botUser.tag, id: this._botUser.id } : null; }
 
-  // ── Whitelist ──────────────────────────────────────────────────────────────
-
-  // Inherits setAllowedEntries from BasePlatform
-
-  /** Returns {allowed, requireMention} */
-  _checkAccess(message) {
-    const isDM = message.channel.type === ChannelType.DM;
-    const userId = message.author.id;
-    const guildId = message.guildId || null;
-    const channelId = message.channelId;
-    const userAllowed = super._checkAccess(`user:${userId}`) || super._checkAccess(userId);
-
-    if (isDM) {
-      return {
-        allowed: this.allowedEntries.size === 0 || userAllowed,
-        requireMention: false,
-      };
-    }
-
-    return {
-      allowed: userAllowed
-        || (guildId && super._checkAccess(`guild:${guildId}`))
-        || super._checkAccess(`channel:${channelId}`),
-      requireMention: true,
-    };
-  }
-
   _isMentioned(message) {
     return this._botUser ? message.mentions.has(this._botUser.id) : false;
   }
@@ -185,28 +158,30 @@ class DiscordPlatform extends BasePlatform {
     const channelId = message.channelId;
     const chatId = isDM ? `dm_${userId}` : channelId;
 
-    const { allowed, requireMention } = this._checkAccess(message);
-
-    if (requireMention && !this._isMentioned(message)) return;
-
-    if (!allowed) {
-      const suggestions = [
-        { label: `Add user (${message.author.username})`, prefixedId: `user:${userId}` },
-      ];
-      if (guildId) suggestions.push({ label: `Add server (${message.guild?.name || guildId})`, prefixedId: `guild:${guildId}` });
-      if (!isDM) suggestions.push({ label: `Add channel (#${message.channel.name || channelId})`, prefixedId: `channel:${channelId}` });
+    const access = this._checkInboundAccess({
+      platform: 'discord',
+      senderId: userId,
+      chatId,
+      isDirect: isDM,
+      isShared: !isDM,
+      groupId: !isDM ? channelId : '',
+      channelId: !isDM ? channelId : '',
+      serverId: guildId || '',
+      roleIds: !isDM && message.member ? [...message.member.roles.cache.keys()] : [],
+      phoneNumber: '',
+      wasMentioned: isDM ? false : this._isMentioned(message),
+    }, {
+      senderName: message.author.username || null,
+      meta: message.guild?.name ? `Server: ${message.guild.name}` : '',
+      serverLabel: message.guild?.name || '',
+      channelLabel: !isDM ? `#${message.channel.name || channelId}` : '',
+    });
 
-      this.emit('blocked_sender', {
-        sender: userId,
-        chatId,
-        senderName: message.author.username,
-        guildName: message.guild?.name || null,
-        suggestions,
-      });
+    if (!access.allowed) {
       return;
     }
 
-    let content = requireMention ? this._stripMention(message.content) : (message.content || '');
+    let content = (!isDM && this._isMentioned(message)) ? this._stripMention(message.content) : (message.content || '');
     if (message.attachments.size > 0) {
       const urls = [...message.attachments.values()].map(a => a.url).join(', ');
       content += (content ? '\n' : '') + `[Attachment: ${urls}]`;
@@ -223,7 +198,7 @@ class DiscordPlatform extends BasePlatform {
       : `${senderDisplayName} in #${message.channel.name || channelId}${message.guild ? ` (${message.guild.name})` : ''}`;
 
     // Fetch recent channel history for context on guild/channel mentions
-    const channelContext = (requireMention && !isDM) ? await this._fetchContext(message.channel, 20) : null;
+    const channelContext = (!isDM && this._isMentioned(message)) ? await this._fetchContext(message.channel, 20) : null;
 
     this.emit('message', {
       platform: 'discord',
@@ -279,6 +254,46 @@ class DiscordPlatform extends BasePlatform {
       }
     } catch { /* non-fatal */ }
   }
+
+  async listAccessTargets() {
+    if (!this._client || this.status !== 'connected') return [];
+    const targets = [];
+    for (const guild of this._client.guilds.cache.values()) {
+      targets.push({
+        source: 'live',
+        bucket: 'sharedSpaceRules',
+        scope: 'server',
+        value: guild.id,
+        label: guild.name || guild.id,
+        subtitle: 'Discord server',
+      });
+      const channels = guild.channels?.cache?.values?.() || [];
+      for (const channel of channels) {
+        if (!channel?.isTextBased?.() || channel.type === ChannelType.DM) continue;
+        targets.push({
+          source: 'live',
+          bucket: 'sharedSpaceRules',
+          scope: 'channel',
+          value: channel.id,
+          label: `#${channel.name || channel.id}`,
+          subtitle: guild.name || 'Discord channel',
+        });
+      }
+      const roles = guild.roles?.cache?.values?.() || [];
+      for (const role of roles) {
+        if (!role || role.managed || role.name === '@everyone') continue;
+        targets.push({
+          source: 'live',
+          bucket: 'sharedActorRules',
+          scope: 'role',
+          value: role.id,
+          label: role.name || role.id,
+          subtitle: guild.name || 'Discord role',
+        });
+      }
+    }
+    return targets;
+  }
 }
 
 module.exports = { DiscordPlatform };