openclaw
diff --git a/‎CHANGELOG.md‎
Lines changed: 1 addition & 0 deletions b/‎CHANGELOG.md‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎src/commands/doctor-config-flow.ts‎
Lines changed: 22 additions & 5 deletions b/‎src/commands/doctor-config-flow.ts‎
Lines changed: 22 additions & 5 deletions
diff --git a/‎src/config/config.allowlist-requires-allowfrom.test.ts‎
Lines changed: 76 additions & 46 deletions b/‎src/config/config.allowlist-requires-allowfrom.test.ts‎
Lines changed: 76 additions & 46 deletions
@@ -17,6 +17,7 @@ Docs: https://docs.openclaw.ai
 
 ### Fixes
 
+- Telegram/DM allowlist runtime inheritance: enforce `dmPolicy: "allowlist"` `allowFrom` requirements using effective account-plus-parent config across account-capable channels (Telegram, Discord, Slack, Signal, iMessage, IRC, BlueBubbles, WhatsApp), and align `openclaw doctor` checks to the same inheritance logic so DM traffic is not silently dropped after upgrades. (#27936) Thanks @widingmarcus-cyber.
 - Delivery queue/recovery backoff: prevent retry starvation by persisting `lastAttemptAt` on failed sends and deferring recovery retries until each entry's `lastAttemptAt + backoff` window is eligible, while continuing to recover ready entries behind deferred ones. Landed from contributor PR #27710 by @Jimmy-xuzimo. Thanks @Jimmy-xuzimo.
 - Google Chat/Lifecycle: keep Google Chat `startAccount` pending until abort in webhook mode so startup is no longer interpreted as immediate exit, preventing auto-restart loops and webhook-target churn. (#27384) thanks @junsuwhy.
 - Temp dirs/Linux umask: force `0700` permissions after temp-dir creation and self-heal existing writable temp dirs before trust checks so `umask 0002` installs no longer crash-loop on startup. Landed from contributor PR #27860 by @stakeswky. (#27853) Thanks @stakeswky.
 
@@ -1112,23 +1112,40 @@ function detectEmptyAllowlistPolicy(cfg: OpenClawConfig): string[] {
   const hasEntries = (list?: Array<string | number>) =>
     Array.isArray(list) && list.map((v) => String(v).trim()).filter(Boolean).length > 0;
 
-  const checkAccount = (account: Record<string, unknown>, prefix: string) => {
+  const checkAccount = (
+    account: Record<string, unknown>,
+    prefix: string,
+    parent?: Record<string, unknown>,
+  ) => {
     const dmEntry = account.dm;
     const dm =
       dmEntry && typeof dmEntry === "object" && !Array.isArray(dmEntry)
         ? (dmEntry as Record<string, unknown>)
         : undefined;
+    const parentDmEntry = parent?.dm;
+    const parentDm =
+      parentDmEntry && typeof parentDmEntry === "object" && !Array.isArray(parentDmEntry)
+        ? (parentDmEntry as Record<string, unknown>)
+        : undefined;
     const dmPolicy =
-      (account.dmPolicy as string | undefined) ?? (dm?.policy as string | undefined) ?? undefined;
+      (account.dmPolicy as string | undefined) ??
+      (dm?.policy as string | undefined) ??
+      (parent?.dmPolicy as string | undefined) ??
+      (parentDm?.policy as string | undefined) ??
+      undefined;
 
     if (dmPolicy !== "allowlist") {
       return;
     }
 
-    const topAllowFrom = account.allowFrom as Array<string | number> | undefined;
+    const topAllowFrom =
+      (account.allowFrom as Array<string | number> | undefined) ??
+      (parent?.allowFrom as Array<string | number> | undefined);
     const nestedAllowFrom = dm?.allowFrom as Array<string | number> | undefined;
+    const parentNestedAllowFrom = parentDm?.allowFrom as Array<string | number> | undefined;
+    const effectiveAllowFrom = topAllowFrom ?? nestedAllowFrom ?? parentNestedAllowFrom;
 
-    if (hasEntries(topAllowFrom) || hasEntries(nestedAllowFrom)) {
+    if (hasEntries(effectiveAllowFrom)) {
       return;
     }
 
@@ -1153,7 +1170,7 @@ function detectEmptyAllowlistPolicy(cfg: OpenClawConfig): string[] {
         if (!account || typeof account !== "object") {
           continue;
         }
-        checkAccount(account, `channels.${channelName}.accounts.${accountId}`);
+        checkAccount(account, `channels.${channelName}.accounts.${accountId}`, channelConfig);
       }
     }
   }
 
@@ -1,115 +1,145 @@
 import { describe, expect, it } from "vitest";
 import { validateConfigObject } from "./config.js";
 
-describe('dmPolicy="allowlist" requires non-empty allowFrom', () => {
+describe('dmPolicy="allowlist" requires non-empty effective allowFrom', () => {
   it('rejects telegram dmPolicy="allowlist" without allowFrom', () => {
     const res = validateConfigObject({
       channels: { telegram: { dmPolicy: "allowlist", botToken: "fake" } },
     });
     expect(res.ok).toBe(false);
     if (!res.ok) {
-      expect(res.issues.some((i) => i.path.includes("allowFrom"))).toBe(true);
+      expect(res.issues.some((i) => i.path.includes("channels.telegram.allowFrom"))).toBe(true);
     }
   });
 
-  it('rejects telegram dmPolicy="allowlist" with empty allowFrom', () => {
+  it('rejects signal dmPolicy="allowlist" without allowFrom', () => {
     const res = validateConfigObject({
-      channels: { telegram: { dmPolicy: "allowlist", allowFrom: [], botToken: "fake" } },
+      channels: { signal: { dmPolicy: "allowlist" } },
     });
     expect(res.ok).toBe(false);
     if (!res.ok) {
-      expect(res.issues.some((i) => i.path.includes("allowFrom"))).toBe(true);
+      expect(res.issues.some((i) => i.path.includes("channels.signal.allowFrom"))).toBe(true);
     }
   });
 
-  it('accepts telegram dmPolicy="allowlist" with allowFrom entries', () => {
+  it('rejects discord dmPolicy="allowlist" without allowFrom', () => {
     const res = validateConfigObject({
-      channels: { telegram: { dmPolicy: "allowlist", allowFrom: ["12345"], botToken: "fake" } },
+      channels: { discord: { dmPolicy: "allowlist" } },
     });
-    expect(res.ok).toBe(true);
+    expect(res.ok).toBe(false);
+    if (!res.ok) {
+      expect(
+        res.issues.some((i) => i.path.includes("channels.discord") && i.path.includes("allowFrom")),
+      ).toBe(true);
+    }
   });
 
-  it('accepts telegram dmPolicy="pairing" without allowFrom', () => {
+  it('rejects whatsapp dmPolicy="allowlist" without allowFrom', () => {
     const res = validateConfigObject({
-      channels: { telegram: { dmPolicy: "pairing", botToken: "fake" } },
+      channels: { whatsapp: { dmPolicy: "allowlist" } },
     });
-    expect(res.ok).toBe(true);
+    expect(res.ok).toBe(false);
+    if (!res.ok) {
+      expect(res.issues.some((i) => i.path.includes("channels.whatsapp.allowFrom"))).toBe(true);
+    }
   });
 
-  it('rejects signal dmPolicy="allowlist" without allowFrom', () => {
+  it('accepts dmPolicy="pairing" without allowFrom', () => {
     const res = validateConfigObject({
-      channels: { signal: { dmPolicy: "allowlist" } },
+      channels: { telegram: { dmPolicy: "pairing", botToken: "fake" } },
     });
-    expect(res.ok).toBe(false);
-    if (!res.ok) {
-      expect(res.issues.some((i) => i.path.includes("allowFrom"))).toBe(true);
-    }
+    expect(res.ok).toBe(true);
   });
+});
 
-  it('accepts signal dmPolicy="allowlist" with allowFrom entries', () => {
+describe('account dmPolicy="allowlist" uses inherited allowFrom', () => {
+  it("accepts telegram account allowlist when parent allowFrom exists", () => {
     const res = validateConfigObject({
-      channels: { signal: { dmPolicy: "allowlist", allowFrom: ["+1234567890"] } },
+      channels: {
+        telegram: {
+          allowFrom: ["12345"],
+          accounts: { bot1: { dmPolicy: "allowlist", botToken: "fake" } },
+        },
+      },
     });
     expect(res.ok).toBe(true);
   });
 
-  it('rejects discord dmPolicy="allowlist" without allowFrom', () => {
+  it("rejects telegram account allowlist when neither account nor parent has allowFrom", () => {
     const res = validateConfigObject({
-      channels: { discord: { dmPolicy: "allowlist" } },
+      channels: { telegram: { accounts: { bot1: { dmPolicy: "allowlist", botToken: "fake" } } } },
     });
     expect(res.ok).toBe(false);
     if (!res.ok) {
-      expect(res.issues.some((i) => i.path.includes("allowFrom"))).toBe(true);
+      expect(
+        res.issues.some((i) => i.path.includes("channels.telegram.accounts.bot1.allowFrom")),
+      ).toBe(true);
     }
   });
 
-  it('accepts discord dmPolicy="allowlist" with allowFrom entries', () => {
+  it("accepts signal account allowlist when parent allowFrom exists", () => {
     const res = validateConfigObject({
-      channels: { discord: { dmPolicy: "allowlist", allowFrom: ["123456789"] } },
+      channels: {
+        signal: { allowFrom: ["+15550001111"], accounts: { work: { dmPolicy: "allowlist" } } },
+      },
     });
     expect(res.ok).toBe(true);
   });
 
-  it('rejects whatsapp dmPolicy="allowlist" without allowFrom', () => {
+  it("accepts discord account allowlist when parent allowFrom exists", () => {
     const res = validateConfigObject({
-      channels: { whatsapp: { dmPolicy: "allowlist" } },
+      channels: {
+        discord: { allowFrom: ["123456789"], accounts: { work: { dmPolicy: "allowlist" } } },
+      },
     });
-    expect(res.ok).toBe(false);
-    if (!res.ok) {
-      expect(res.issues.some((i) => i.path.includes("allowFrom"))).toBe(true);
-    }
+    expect(res.ok).toBe(true);
   });
 
-  it('accepts whatsapp dmPolicy="allowlist" with allowFrom entries', () => {
+  it("accepts slack account allowlist when parent allowFrom exists", () => {
     const res = validateConfigObject({
-      channels: { whatsapp: { dmPolicy: "allowlist", allowFrom: ["+1234567890"] } },
+      channels: {
+        slack: {
+          allowFrom: ["U123"],
+          botToken: "xoxb-top",
+          appToken: "xapp-top",
+          accounts: {
+            work: { dmPolicy: "allowlist", botToken: "xoxb-work", appToken: "xapp-work" },
+          },
+        },
+      },
     });
     expect(res.ok).toBe(true);
   });
 
-  it('accepts telegram account dmPolicy="allowlist" without own allowFrom (inherits from parent)', () => {
-    // Account-level schemas skip allowFrom validation because accounts inherit
-    // allowFrom from the parent channel config at runtime.
+  it("accepts whatsapp account allowlist when parent allowFrom exists", () => {
     const res = validateConfigObject({
       channels: {
-        telegram: {
-          accounts: {
-            bot1: { dmPolicy: "allowlist", botToken: "fake" },
-          },
-        },
+        whatsapp: { allowFrom: ["+15550001111"], accounts: { work: { dmPolicy: "allowlist" } } },
       },
     });
     expect(res.ok).toBe(true);
   });
 
-  it('accepts telegram account dmPolicy="allowlist" with allowFrom entries', () => {
+  it("accepts imessage account allowlist when parent allowFrom exists", () => {
     const res = validateConfigObject({
       channels: {
-        telegram: {
-          accounts: {
-            bot1: { dmPolicy: "allowlist", allowFrom: ["12345"], botToken: "fake" },
-          },
-        },
+        imessage: { allowFrom: ["alice"], accounts: { work: { dmPolicy: "allowlist" } } },
+      },
+    });
+    expect(res.ok).toBe(true);
+  });
+
+  it("accepts irc account allowlist when parent allowFrom exists", () => {
+    const res = validateConfigObject({
+      channels: { irc: { allowFrom: ["nick"], accounts: { work: { dmPolicy: "allowlist" } } } },
+    });
+    expect(res.ok).toBe(true);
+  });
+
+  it("accepts bluebubbles account allowlist when parent allowFrom exists", () => {
+    const res = validateConfigObject({
+      channels: {
+        bluebubbles: { allowFrom: ["sender"], accounts: { work: { dmPolicy: "allowlist" } } },
       },
     });
     expect(res.ok).toBe(true);