negodiy/openclaw
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

refactor: unify dm policy store reads and reason codes

Browse Source
This commit is contained in:
Peter Steinberger
2026-02-26 17:47:51 +01:00
parent 53e30475e2
commit cd80c7e7ff
21 changed files with 259 additions and 92 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
src/imessage/monitor/inbound-processing.ts
View File

@@ -20,7 +20,10 @@ import {
resolveChannelGroupRequireMention,
} from "../../config/group-policy.js";
import { resolveAgentRoute } from "../../routing/resolve-route.js";
import { resolveDmGroupAccessWithLists } from "../../security/dm-policy-shared.js";
import {
DM_GROUP_ACCESS_REASON,
resolveDmGroupAccessWithLists,
} from "../../security/dm-policy-shared.js";
import { truncateUtf16Safe } from "../../utils.js";
import {
formatIMessageChatTarget,
@@ -162,24 +165,24 @@ export function resolveIMessageInboundDecision(params: {
if (accessDecision.decision !== "allow") {
if (isGroup) {
if (accessDecision.reason === "groupPolicy=disabled") {
if (accessDecision.reasonCode === DM_GROUP_ACCESS_REASON.GROUP_POLICY_DISABLED) {
params.logVerbose?.("Blocked iMessage group message (groupPolicy: disabled)");
return { kind: "drop", reason: "groupPolicy disabled" };
}
if (accessDecision.reason === "groupPolicy=allowlist (empty allowlist)") {
if (accessDecision.reasonCode === DM_GROUP_ACCESS_REASON.GROUP_POLICY_EMPTY_ALLOWLIST) {
params.logVerbose?.(
"Blocked iMessage group message (groupPolicy: allowlist, no groupAllowFrom)",
);
return { kind: "drop", reason: "groupPolicy allowlist (empty groupAllowFrom)" };
}
if (accessDecision.reason === "groupPolicy=allowlist (not allowlisted)") {
if (accessDecision.reasonCode === DM_GROUP_ACCESS_REASON.GROUP_POLICY_NOT_ALLOWLISTED) {
params.logVerbose?.(`Blocked iMessage sender ${sender} (not in groupAllowFrom)`);
return { kind: "drop", reason: "not in groupAllowFrom" };
}
params.logVerbose?.(`Blocked iMessage group message (${accessDecision.reason})`);
return { kind: "drop", reason: accessDecision.reason };
}
if (accessDecision.reason === "dmPolicy=disabled") {
if (accessDecision.reasonCode === DM_GROUP_ACCESS_REASON.DM_POLICY_DISABLED) {
return { kind: "drop", reason: "dmPolicy disabled" };
}
if (accessDecision.decision === "pairing") {