Ayuriel/openclaw
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
openclaw/extensions/telegram/src/bot-native-commands.group-auth.test.ts
scoootscooob e5bca0832f
refactor: move Telegram channel implementation to extensions/ (#45635) 
* refactor: move Telegram channel implementation to extensions/telegram/src/

Move all Telegram channel code (123 files + 10 bot/ files + 8 channel plugin
files) from src/telegram/ and src/channels/plugins/*/telegram.ts to
extensions/telegram/src/. Leave thin re-export shims at original locations so
cross-cutting src/ imports continue to resolve.

- Fix all relative import paths in moved files (../X/ -> ../../../src/X/)
- Fix vi.mock paths in 60 test files
- Fix inline typeof import() expressions
- Update tsconfig.plugin-sdk.dts.json rootDir to "." for cross-directory DTS
- Update write-plugin-sdk-entry-dts.ts for new rootDir structure
- Move channel plugin files with correct path remapping

* fix: support keyed telegram send deps

* fix: sync telegram extension copies with latest main

* fix: correct import paths and remove misplaced files in telegram extension

* fix: sync outbound-adapter with main (add sendTelegramPayloadMessages) and fix delivery.test import path
2026-03-14 02:50:17 -07:00

195 lines
5.4 KiB
TypeScript
Raw Blame History

import { describe, expect, it } from "vitest";
import type { OpenClawConfig } from "../../../src/config/config.js";
import type { ChannelGroupPolicy } from "../../../src/config/group-policy.js";
import type { TelegramAccountConfig } from "../../../src/config/types.js";
import {
createNativeCommandsHarness,
createTelegramGroupCommandContext,
findNotAuthorizedCalls,
} from "./bot-native-commands.test-helpers.js";
describe("native command auth in groups", () => {
function setup(params: {
cfg?: OpenClawConfig;
telegramCfg?: TelegramAccountConfig;
allowFrom?: string[];
groupAllowFrom?: string[];
useAccessGroups?: boolean;
groupConfig?: Record<string, unknown>;
resolveGroupPolicy?: () => ChannelGroupPolicy;
}) {
return createNativeCommandsHarness({
cfg: params.cfg ?? ({} as OpenClawConfig),
telegramCfg: params.telegramCfg ?? ({} as TelegramAccountConfig),
allowFrom: params.allowFrom ?? [],
groupAllowFrom: params.groupAllowFrom ?? [],
useAccessGroups: params.useAccessGroups ?? false,
resolveGroupPolicy:
params.resolveGroupPolicy ??
(() =>
({
allowlistEnabled: false,
allowed: true,
}) as ChannelGroupPolicy),
groupConfig: params.groupConfig,
});
}
it("authorizes native commands in groups when sender is in groupAllowFrom", async () => {
const { handlers, sendMessage } = setup({
groupAllowFrom: ["12345"],
useAccessGroups: true,
// no allowFrom — sender is NOT in DM allowlist
});
const ctx = createTelegramGroupCommandContext();
await handlers.status?.(ctx);
const notAuthCalls = findNotAuthorizedCalls(sendMessage);
expect(notAuthCalls).toHaveLength(0);
});
it("authorizes native commands in groups from commands.allowFrom.telegram", async () => {
const { handlers, sendMessage } = setup({
cfg: {
commands: {
allowFrom: {
telegram: ["12345"],
},
},
} as OpenClawConfig,
allowFrom: ["99999"],
groupAllowFrom: ["99999"],
useAccessGroups: true,
});
const ctx = createTelegramGroupCommandContext();
await handlers.status?.(ctx);
const notAuthCalls = findNotAuthorizedCalls(sendMessage);
expect(notAuthCalls).toHaveLength(0);
});
it("uses commands.allowFrom.telegram as the sole auth source when configured", async () => {
const { handlers, sendMessage } = setup({
cfg: {
commands: {
allowFrom: {
telegram: ["99999"],
},
},
} as OpenClawConfig,
groupAllowFrom: ["12345"],
useAccessGroups: true,
});
const ctx = createTelegramGroupCommandContext();
await handlers.status?.(ctx);
expect(sendMessage).toHaveBeenCalledWith(
-100999,
"You are not authorized to use this command.",
expect.objectContaining({ message_thread_id: 42 }),
);
});
it("keeps groupPolicy disabled enforced when commands.allowFrom is configured", async () => {
const { handlers, sendMessage } = setup({
cfg: {
commands: {
allowFrom: {
telegram: ["12345"],
},
},
} as OpenClawConfig,
telegramCfg: {
groupPolicy: "disabled",
} as TelegramAccountConfig,
useAccessGroups: true,
resolveGroupPolicy: () =>
({
allowlistEnabled: false,
allowed: false,
}) as ChannelGroupPolicy,
});
const ctx = createTelegramGroupCommandContext();
await handlers.status?.(ctx);
expect(sendMessage).toHaveBeenCalledWith(
-100999,
"Telegram group commands are disabled.",
expect.objectContaining({ message_thread_id: 42 }),
);
});
it("keeps group chat allowlists enforced when commands.allowFrom is configured", async () => {
const { handlers, sendMessage } = setup({
cfg: {
commands: {
allowFrom: {
telegram: ["12345"],
},
},
} as OpenClawConfig,
useAccessGroups: true,
resolveGroupPolicy: () =>
({
allowlistEnabled: true,
allowed: false,
}) as ChannelGroupPolicy,
});
const ctx = createTelegramGroupCommandContext();
await handlers.status?.(ctx);
expect(sendMessage).toHaveBeenCalledWith(
-100999,
"This group is not allowed.",
expect.objectContaining({ message_thread_id: 42 }),
);
});
it("rejects native commands in groups when sender is in neither allowlist", async () => {
const { handlers, sendMessage } = setup({
allowFrom: ["99999"],
groupAllowFrom: ["99999"],
useAccessGroups: true,
});
const ctx = createTelegramGroupCommandContext({
username: "intruder",
});
await handlers.status?.(ctx);
const notAuthCalls = findNotAuthorizedCalls(sendMessage);
expect(notAuthCalls.length).toBeGreaterThan(0);
});
it("replies in the originating forum topic when auth is rejected", async () => {
const { handlers, sendMessage } = setup({
allowFrom: ["99999"],
groupAllowFrom: ["99999"],
useAccessGroups: true,
});
const ctx = createTelegramGroupCommandContext({
username: "intruder",
});
await handlers.status?.(ctx);
expect(sendMessage).toHaveBeenCalledWith(
-100999,
"You are not authorized to use this command.",
expect.objectContaining({ message_thread_id: 42 }),
);
});
});
Reference in New Issue View Git Blame Copy Permalink