Skip to content

[Feature]: Global sender-level allowlist for group chats #29166

Closed
#29174
Closed
[Feature]: Global sender-level allowlist for group chats#29166
#29174
@1MoreBuild

Description

@1MoreBuild
1MoreBuild
opened on Feb 27, 2026

Summary

Add a global groupSenderAllowFrom config option under channels.feishu that filters group message senders across all groups, without requiring per-group allowFrom configuration.

Problem to solve

Currently, sender-level access control in group chats can only be configured per group via groups.<chat_id>.allowFrom. If a bot owner wants to restrict bot interaction to specific users across all groups, they must duplicate the same allowFrom list for every group individually. This becomes tedious and error-prone as the number of groups grows, and newly added groups have no sender restriction by default.

Proposed solution

Add a top-level groupSenderAllowFrom option under channels.feishu that acts as a global sender allowlist for all group chats. When set, any group message from a sender not in this list would be silently ignored. Per-group groups.<chat_id>.allowFrom could still override or extend the global setting.

Example config:

{
  channels: {
    feishu: {
      groupPolicy: "open",
      groupSenderAllowFrom: ["ou_xxx"],
    }
  }
}

Alternatives considered

  1. Duplicate allowFrom in every groups.<chat_id> entry — works but does not scale and new groups are unprotected by default.
  2. Patching the source code locally — not maintainable across upgrades.
  3. Using groupPolicy: "allowlist" with groupAllowFrom — this only filters by group ID (chat_id), not by sender.

Impact

  • Affected: Bot owners who deploy bots in multiple Feishu groups but want to restrict interaction to specific users
  • Severity: Medium — current workaround exists but is cumbersome
  • Frequency: Every time a new group is added
  • Consequence: Extra manual config work; risk of forgetting to add allowFrom to new groups, leaving them unprotected

Evidence/examples

In the current source code (extensions/feishu/src/bot.ts line 598-612), sender-level filtering only reads from groupConfig?.allowFrom, which is resolved per chat_id. There is no fallback to a global sender allowlist.

Additional information

Should remain backward-compatible — when groupSenderAllowFrom is absent or empty, behavior stays the same as today.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions