From 3a782b6ace006b10319adf8461a9bf52f70dc124 Mon Sep 17 00:00:00 2001
From: Peter Steinberger <steipete@gmail.com>
Date: Wed, 3 Dec 2025 13:11:01 +0000
Subject: [PATCH] fix(web): let group pings bypass allowFrom

---
 docs/group-messages.md        |  3 ++-
 src/web/inbound.ts            |  7 ++++---
 src/web/monitor-inbox.test.ts | 16 +++++-----------
 3 files changed, 11 insertions(+), 15 deletions(-)

diff --git a/docs/group-messages.md b/docs/group-messages.md
index 680527e5f6..653e8790a3 100644
--- a/docs/group-messages.md
+++ b/docs/group-messages.md
@@ -26,7 +26,8 @@ Goal: Enable warelay’s web provider to participate in WhatsApp group chats, re
   - If `requireMention` and no mention detected, store in buffer only; no reply.
   - Allow opt-out via `requireMention: false`.
 - **Allow list**:
-  - Apply `inbound.allowFrom` to the *participant* (senderE164), not the group ID. Same-phone bypass preserved.
+  - Group chats ignore `inbound.allowFrom` so anyone in the group can trigger a reply; we still record the sender E.164 for context.
+  - Direct chats keep enforcing `inbound.allowFrom` (same-phone bypass preserved).
 - **Heartbeats**:
   - Skip reply heartbeats when the last inbound was a group chat; connection heartbeat still runs.
 - **Sessions**:
diff --git a/src/web/inbound.ts b/src/web/inbound.ts
index f669665db5..0127d46538 100644
--- a/src/web/inbound.ts
+++ b/src/web/inbound.ts
@@ -116,9 +116,10 @@ export async function monitorWebInbox(options: {
       const allowFrom = cfg.inbound?.allowFrom;
       const isSamePhone = from === selfE164;
 
-      if (!isSamePhone && Array.isArray(allowFrom) && allowFrom.length > 0) {
-        const candidate =
-          group && senderE164 ? normalizeE164(senderE164) : from;
+      const allowlistEnabled =
+        !group && Array.isArray(allowFrom) && allowFrom.length > 0;
+      if (!isSamePhone && allowlistEnabled) {
+        const candidate = from;
         const allowedList = allowFrom.map(normalizeE164);
         if (!allowFrom.includes("*") && !allowedList.includes(candidate)) {
           logVerbose(
diff --git a/src/web/monitor-inbox.test.ts b/src/web/monitor-inbox.test.ts
index a516befb75..231282fcb9 100644
--- a/src/web/monitor-inbox.test.ts
+++ b/src/web/monitor-inbox.test.ts
@@ -321,7 +321,7 @@ describe("web monitor inbox", () => {
     await listener.close();
   });
 
-  it("applies allowFrom to group participants", async () => {
+  it("lets group messages through even when sender not in allowFrom", async () => {
     mockLoadConfig.mockReturnValue({
       inbound: {
         allowFrom: ["+1234"],
@@ -353,16 +353,10 @@ describe("web monitor inbox", () => {
     sock.ev.emit("messages.upsert", upsert);
     await new Promise((resolve) => setImmediate(resolve));
 
-    expect(onMessage).not.toHaveBeenCalled();
-
-    mockLoadConfig.mockReturnValue({
-      inbound: {
-        allowFrom: ["*"],
-        messagePrefix: undefined,
-        responsePrefix: undefined,
-        timestampPrefix: false,
-      },
-    });
+    expect(onMessage).toHaveBeenCalledTimes(1);
+    const payload = onMessage.mock.calls[0][0];
+    expect(payload.chatType).toBe("group");
+    expect(payload.senderE164).toBe("+999");
 
     await listener.close();
   });