openclaw/src/discord/monitor/dm-command-auth.test.ts

import { describe, expect, it } from "vitest";
import { resolveDiscordDmCommandAccess } from "./dm-command-auth.js";

describe("resolveDiscordDmCommandAccess", () => {
  const sender = {
    id: "123",
    name: "alice",
    tag: "alice#0001",
  };

  it("allows open DMs and keeps command auth enabled without allowlist entries", async () => {
    const result = await resolveDiscordDmCommandAccess({
      accountId: "default",
      dmPolicy: "open",
      configuredAllowFrom: [],
      sender,
      allowNameMatching: false,
      useAccessGroups: true,
      readStoreAllowFrom: async () => [],
    });

    expect(result.decision).toBe("allow");
    expect(result.commandAuthorized).toBe(true);
  });

  it("marks command auth true when sender is allowlisted", async () => {
    const result = await resolveDiscordDmCommandAccess({
      accountId: "default",
      dmPolicy: "open",
      configuredAllowFrom: ["discord:123"],
      sender,
      allowNameMatching: false,
      useAccessGroups: true,
      readStoreAllowFrom: async () => [],
    });

    expect(result.decision).toBe("allow");
    expect(result.commandAuthorized).toBe(true);
  });

  it("returns pairing decision and unauthorized command auth for unknown senders", async () => {
    const result = await resolveDiscordDmCommandAccess({
      accountId: "default",
      dmPolicy: "pairing",
      configuredAllowFrom: ["discord:456"],
      sender,
      allowNameMatching: false,
      useAccessGroups: true,
      readStoreAllowFrom: async () => [],
    });

    expect(result.decision).toBe("pairing");
    expect(result.commandAuthorized).toBe(false);
  });

  it("authorizes sender from pairing-store allowlist entries", async () => {
    const result = await resolveDiscordDmCommandAccess({
      accountId: "default",
      dmPolicy: "pairing",
      configuredAllowFrom: [],
      sender,
      allowNameMatching: false,
      useAccessGroups: true,
      readStoreAllowFrom: async () => ["discord:123"],
    });

    expect(result.decision).toBe("allow");
    expect(result.commandAuthorized).toBe(true);
  });

  it("keeps open DM command auth true when access groups are disabled", async () => {
    const result = await resolveDiscordDmCommandAccess({
      accountId: "default",
      dmPolicy: "open",
      configuredAllowFrom: [],
      sender,
      allowNameMatching: false,
      useAccessGroups: false,
      readStoreAllowFrom: async () => [],
    });

    expect(result.decision).toBe("allow");
    expect(result.commandAuthorized).toBe(true);
  });
});
fix(discord): unify dm command auth gating 2026-03-01 23:50:17 +00:00			`import { describe, expect, it } from "vitest";`
			`import { resolveDiscordDmCommandAccess } from "./dm-command-auth.js";`

			`describe("resolveDiscordDmCommandAccess", () => {`
			`const sender = {`
			`id: "123",`
			`name: "alice",`
			`tag: "alice#0001",`
			`};`

			`it("allows open DMs and keeps command auth enabled without allowlist entries", async () => {`
			`const result = await resolveDiscordDmCommandAccess({`
			`accountId: "default",`
			`dmPolicy: "open",`
			`configuredAllowFrom: [],`
			`sender,`
			`allowNameMatching: false,`
			`useAccessGroups: true,`
			`readStoreAllowFrom: async () => [],`
			`});`

			`expect(result.decision).toBe("allow");`
			`expect(result.commandAuthorized).toBe(true);`
			`});`

			`it("marks command auth true when sender is allowlisted", async () => {`
			`const result = await resolveDiscordDmCommandAccess({`
			`accountId: "default",`
			`dmPolicy: "open",`
			`configuredAllowFrom: ["discord:123"],`
			`sender,`
			`allowNameMatching: false,`
			`useAccessGroups: true,`
			`readStoreAllowFrom: async () => [],`
			`});`

			`expect(result.decision).toBe("allow");`
			`expect(result.commandAuthorized).toBe(true);`
			`});`

			`it("returns pairing decision and unauthorized command auth for unknown senders", async () => {`
			`const result = await resolveDiscordDmCommandAccess({`
			`accountId: "default",`
			`dmPolicy: "pairing",`
			`configuredAllowFrom: ["discord:456"],`
			`sender,`
			`allowNameMatching: false,`
			`useAccessGroups: true,`
			`readStoreAllowFrom: async () => [],`
			`});`

			`expect(result.decision).toBe("pairing");`
			`expect(result.commandAuthorized).toBe(false);`
			`});`

			`it("authorizes sender from pairing-store allowlist entries", async () => {`
			`const result = await resolveDiscordDmCommandAccess({`
			`accountId: "default",`
			`dmPolicy: "pairing",`
			`configuredAllowFrom: [],`
			`sender,`
			`allowNameMatching: false,`
			`useAccessGroups: true,`
			`readStoreAllowFrom: async () => ["discord:123"],`
			`});`

			`expect(result.decision).toBe("allow");`
			`expect(result.commandAuthorized).toBe(true);`
			`});`

			`it("keeps open DM command auth true when access groups are disabled", async () => {`
			`const result = await resolveDiscordDmCommandAccess({`
			`accountId: "default",`
			`dmPolicy: "open",`
			`configuredAllowFrom: [],`
			`sender,`
			`allowNameMatching: false,`
			`useAccessGroups: false,`
			`readStoreAllowFrom: async () => [],`
			`});`

			`expect(result.decision).toBe("allow");`
			`expect(result.commandAuthorized).toBe(true);`
			`});`
			`});`