github/openclaw
1
1
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-04-03 03:03:24 -04:00
Code Issues Packages Projects Releases Wiki Activity

Commands: add commands.allowFrom config

Browse Source
This commit is contained in:
Shadow
2026-02-09 23:57:17 -06:00
committed by Shadow
parent e7f0769c82
commit 47f6bb4146
8 changed files with 277 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

60
src/auto-reply/command-auth.ts
View File

@@ -126,6 +126,41 @@ function resolveOwnerAllowFromList(params: {
});
}
/**
* Resolves the commands.allowFrom list for a given provider.
* Returns the provider-specific list if defined, otherwise the "*" global list.
* Returns null if commands.allowFrom is not configured at all (fall back to channel allowFrom).
*/
function resolveCommandsAllowFromList(params: {
dock?: ChannelDock;
cfg: OpenClawConfig;
accountId?: string | null;
providerId?: ChannelId;
}): string[] | null {
const { dock, cfg, accountId, providerId } = params;
const commandsAllowFrom = cfg.commands?.allowFrom;
if (!commandsAllowFrom || typeof commandsAllowFrom !== "object") {
return null; // Not configured, fall back to channel allowFrom
}
// Check provider-specific list first, then fall back to global "*"
const providerKey = providerId ?? "";
const providerList = commandsAllowFrom[providerKey];
const globalList = commandsAllowFrom["*"];
const rawList = Array.isArray(providerList) ? providerList : globalList;
if (!Array.isArray(rawList)) {
return null; // No applicable list found
}
return formatAllowFromList({
dock,
cfg,
accountId,
allowFrom: rawList,
});
}
function resolveSenderCandidates(params: {
dock?: ChannelDock;
providerId?: ChannelId;
@@ -175,6 +210,15 @@ export function resolveCommandAuthorization(params: {
const dock = providerId ? getChannelDock(providerId) : undefined;
const from = (ctx.From ?? "").trim();
const to = (ctx.To ?? "").trim();
// Check if commands.allowFrom is configured (separate command authorization)
const commandsAllowFromList = resolveCommandsAllowFromList({
dock,
cfg,
accountId: ctx.AccountId,
providerId,
});
const allowFromRaw = dock?.config?.resolveAllowFrom
? dock.config.resolveAllowFrom({ cfg, accountId: ctx.AccountId })
: [];
@@ -256,7 +300,21 @@ export function resolveCommandAuthorization(params: {
: ownerAllowlistConfigured
? senderIsOwner
: allowAll || ownerCandidatesForCommands.length === 0 || Boolean(matchedCommandOwner);
const isAuthorizedSender = commandAuthorized && isOwnerForCommands;
// If commands.allowFrom is configured, use it for command authorization
// Otherwise, fall back to existing behavior (channel allowFrom + owner checks)
let isAuthorizedSender: boolean;
if (commandsAllowFromList !== null) {
// commands.allowFrom is configured - use it for authorization
const commandsAllowAll = commandsAllowFromList.some((entry) => entry.trim() === "*");
const matchedCommandsAllowFrom = commandsAllowFromList.length
? senderCandidates.find((candidate) => commandsAllowFromList.includes(candidate))
: undefined;
isAuthorizedSender = commandsAllowAll || Boolean(matchedCommandsAllowFrom);
} else {
// Fall back to existing behavior
isAuthorizedSender = commandAuthorized && isOwnerForCommands;
}
return {
providerId,

176
src/auto-reply/command-control.test.ts
View File

@@ -211,6 +211,182 @@ describe("resolveCommandAuthorization", () => {
expect(auth.senderIsOwner).toBe(true);
expect(auth.ownerList).toEqual(["123"]);
});
describe("commands.allowFrom", () => {
it("uses commands.allowFrom global list when configured", () => {
const cfg = {
commands: {
allowFrom: {
"*": ["user123"],
},
},
channels: { whatsapp: { allowFrom: ["+different"] } },
} as OpenClawConfig;
const authorizedCtx = {
Provider: "whatsapp",
Surface: "whatsapp",
From: "whatsapp:user123",
SenderId: "user123",
} as MsgContext;
const authorizedAuth = resolveCommandAuthorization({
ctx: authorizedCtx,
cfg,
commandAuthorized: true,
});
expect(authorizedAuth.isAuthorizedSender).toBe(true);
const unauthorizedCtx = {
Provider: "whatsapp",
Surface: "whatsapp",
From: "whatsapp:otheruser",
SenderId: "otheruser",
} as MsgContext;
const unauthorizedAuth = resolveCommandAuthorization({
ctx: unauthorizedCtx,
cfg,
commandAuthorized: true,
});
expect(unauthorizedAuth.isAuthorizedSender).toBe(false);
});
it("ignores commandAuthorized when commands.allowFrom is configured", () => {
const cfg = {
commands: {
allowFrom: {
"*": ["user123"],
},
},
channels: { whatsapp: { allowFrom: ["+different"] } },
} as OpenClawConfig;
const authorizedCtx = {
Provider: "whatsapp",
Surface: "whatsapp",
From: "whatsapp:user123",
SenderId: "user123",
} as MsgContext;
const authorizedAuth = resolveCommandAuthorization({
ctx: authorizedCtx,
cfg,
commandAuthorized: false,
});
expect(authorizedAuth.isAuthorizedSender).toBe(true);
const unauthorizedCtx = {
Provider: "whatsapp",
Surface: "whatsapp",
From: "whatsapp:otheruser",
SenderId: "otheruser",
} as MsgContext;
const unauthorizedAuth = resolveCommandAuthorization({
ctx: unauthorizedCtx,
cfg,
commandAuthorized: false,
});
expect(unauthorizedAuth.isAuthorizedSender).toBe(false);
});
it("uses commands.allowFrom provider-specific list over global", () => {
const cfg = {
commands: {
allowFrom: {
"*": ["globaluser"],
whatsapp: ["+15551234567"],
},
},
channels: { whatsapp: { allowFrom: ["*"] } },
} as OpenClawConfig;
// User in global list but not in whatsapp-specific list
const globalUserCtx = {
Provider: "whatsapp",
Surface: "whatsapp",
From: "whatsapp:globaluser",
SenderId: "globaluser",
} as MsgContext;
const globalAuth = resolveCommandAuthorization({
ctx: globalUserCtx,
cfg,
commandAuthorized: true,
});
// Provider-specific list overrides global, so globaluser is not authorized
expect(globalAuth.isAuthorizedSender).toBe(false);
// User in whatsapp-specific list
const whatsappUserCtx = {
Provider: "whatsapp",
Surface: "whatsapp",
From: "whatsapp:+15551234567",
SenderE164: "+15551234567",
} as MsgContext;
const whatsappAuth = resolveCommandAuthorization({
ctx: whatsappUserCtx,
cfg,
commandAuthorized: true,
});
expect(whatsappAuth.isAuthorizedSender).toBe(true);
});
it("falls back to channel allowFrom when commands.allowFrom not set", () => {
const cfg = {
channels: { whatsapp: { allowFrom: ["+15551234567"] } },
} as OpenClawConfig;
const authorizedCtx = {
Provider: "whatsapp",
Surface: "whatsapp",
From: "whatsapp:+15551234567",
SenderE164: "+15551234567",
} as MsgContext;
const auth = resolveCommandAuthorization({
ctx: authorizedCtx,
cfg,
commandAuthorized: true,
});
expect(auth.isAuthorizedSender).toBe(true);
});
it("allows all senders when commands.allowFrom includes wildcard", () => {
const cfg = {
commands: {
allowFrom: {
"*": ["*"],
},
},
channels: { whatsapp: { allowFrom: ["+specific"] } },
} as OpenClawConfig;
const anyUserCtx = {
Provider: "whatsapp",
Surface: "whatsapp",
From: "whatsapp:anyuser",
SenderId: "anyuser",
} as MsgContext;
const auth = resolveCommandAuthorization({
ctx: anyUserCtx,
cfg,
commandAuthorized: true,
});
expect(auth.isAuthorizedSender).toBe(true);
});
});
});
describe("control command parsing", () => {

3
src/config/schema.ts
View File

@@ -306,6 +306,7 @@ const FIELD_LABELS: Record<string, string> = {
"commands.restart": "Allow Restart",
"commands.useAccessGroups": "Use Access Groups",
"commands.ownerAllowFrom": "Command Owners",
"commands.allowFrom": "Command Access Allowlist",
"ui.seamColor": "Accent Color",
"ui.assistant.name": "Assistant Name",
"ui.assistant.avatar": "Assistant Avatar",
@@ -675,6 +676,8 @@ const FIELD_HELP: Record<string, string> = {
"commands.useAccessGroups": "Enforce access-group allowlists/policies for commands.",
"commands.ownerAllowFrom":
"Explicit owner allowlist for owner-only tools/commands. Use channel-native IDs (optionally prefixed like \"whatsapp:+15551234567\"). '*' is ignored.",
"commands.allowFrom":
'Per-provider allowlist restricting who can use slash commands. If set, overrides the channel\'s allowFrom for command authorization. Use \'*\' key for global default; provider-specific keys (e.g. \'discord\') override the global. Example: { "*": ["user1"], "discord": ["user:123"] }.',
"session.dmScope":
'DM session scoping: "main" keeps continuity; "per-peer", "per-channel-peer", or "per-account-channel-peer" isolates DM history (recommended for shared inboxes/multi-account).',
"session.identityLinks":

14
src/config/types.messages.ts
View File

@@ -88,6 +88,13 @@ export type MessagesConfig = {
export type NativeCommandsSetting = boolean | "auto";
/**
* Per-provider allowlist for command authorization.
* Keys are channel IDs (e.g., "discord", "whatsapp") or "*" for global default.
* Values are arrays of sender IDs allowed to use commands on that channel.
*/
export type CommandAllowFrom = Record<string, Array<string | number>>;
export type CommandsConfig = {
/** Enable native command registration when supported (default: "auto"). */
native?: NativeCommandsSetting;
@@ -109,6 +116,13 @@ export type CommandsConfig = {
useAccessGroups?: boolean;
/** Explicit owner allowlist for owner-only tools/commands (channel-native IDs). */
ownerAllowFrom?: Array<string | number>;
/**
* Per-provider allowlist restricting who can use slash commands.
* If set, overrides the channel's allowFrom for command authorization.
* Use "*" key for global default, provider-specific keys override the global.
* Example: { "*": ["user1"], discord: ["user:123"] }
*/
allowFrom?: CommandAllowFrom;
};
export type ProviderCommandsConfig = {

2
src/config/zod-schema.session.ts
View File

@@ -1,6 +1,7 @@
import { z } from "zod";
import { parseByteSize } from "../cli/parse-bytes.js";
import { parseDurationMs } from "../cli/parse-duration.js";
import { ElevatedAllowFromSchema } from "./zod-schema.agent-runtime.js";
import {
GroupChatSchema,
InboundDebounceSchema,
@@ -158,6 +159,7 @@ export const CommandsSchema = z
restart: z.boolean().optional(),
useAccessGroups: z.boolean().optional(),
ownerAllowFrom: z.array(z.union([z.string(), z.number()])).optional(),
allowFrom: ElevatedAllowFromSchema.optional(),
})
.strict()
.optional()