Skip to content

feat(web): enforce allowFrom in group chats#175

Closed
pasogott wants to merge 1 commit intoopenclaw:mainfrom
pasogott:feat/group-allowfrom-enforcement
Closed

feat(web): enforce allowFrom in group chats#175
pasogott wants to merge 1 commit intoopenclaw:mainfrom
pasogott:feat/group-allowfrom-enforcement

Conversation

@pasogott
Copy link
Copy Markdown
Contributor

@pasogott pasogott commented Jan 4, 2026

Description

Adds allowFrom enforcement for group chats. Currently, non-owner messages in groups bypass allowFrom checks, allowing any group member to trigger the agent.

Changes

  • Added owner check for group messages in monitorWebProvider
  • Non-owner messages are now logged (verbose) and ignored
  • Prevents unauthorized group members from triggering agent when allowFrom restrictions are configured

Testing

  • Tested locally with group chat containing non-owner members
  • Verified owner messages still work
  • Checked verbose logging output

AI-Assisted

⚠️ This PR was built with Claude Code assistance. Code has been tested locally but may benefit from additional review of edge cases.

@pasogott
feat(web): enforce allowFrom in group chats
6a05d45 
Only process group messages from allowed senders (owner).
Non-owner messages in groups are now ignored with verbose logging.

Prevents unauthorized group members from triggering the agent
when allowFrom restrictions are configured.
@pasogott pasogott closed this Jan 4, 2026
dgarson referenced this pull request in dgarson/clawdbot Feb 7, 2026
@dgarson
Web: wire channel config to gateway (#175)
2e904f6
This was referenced Feb 9, 2026
Closed
Closed
This was referenced Feb 20, 2026
Closed
Closed
dgarson referenced this pull request in dgarson/clawdbot Feb 22, 2026
@dgarson
Views #175-176: ObservabilityDashboard, AccessControlManager (RBAC)
219a03d
dalefrieswthat pushed a commit to dalefrieswthat/openclaw that referenced this pull request Feb 25, 2026
@dgarson
Routing: add durable decision-feedback review loop primitives (opencl…
02776b6 
…aw#128)

* Docs: fix router feedback analytics schema tables

* Routing: wire feedback loop into runtime surfaces

* Routing: deepen feedback telemetry and review lifecycle

* Routing: tighten implicit feedback calibration signals (openclaw#175)
cael-dandelion-cult added a commit to karmaterminal/openclaw that referenced this pull request Mar 4, 2026
@cael-dandelion-cult
WORKORDER: Phase 4 scope — delegate-as-task-scheduler, Aquinas basis,…
da42769 
… comms discipline

Phase 4 adds:
- DELEGATE dispatch verification + attachment passthrough (openclaw#177)
- Time-based self-continuation with agent-specified delay (openclaw#176)
- Pre/post-compaction lifecycle hooks (openclaw#178)
- Config hot-reload gap (openclaw#182)
- Context-pressure canary confirmation (smaller model per figs)

Updated issue tracking: openclaw#174 closed, openclaw#175 root cause found.
Added Discord comms discipline section (Storm Lag Protocol + figs directives).
Thomistic basis: Summa II-II Q47-Q53, prudentia survives forgetfulness via voluntas.
heatherstew44-maker pushed a commit to heatherstew44-maker/openclaw that referenced this pull request Mar 8, 2026
@wsxiaoys @pochi-agent
feat: display overlay on active monitor (openclaw#175)
1a2ec72 
This change updates the recording and transcribing overlay to appear on the monitor that currently contains the mouse cursor, rather than always appearing on the primary monitor.

This improves the user experience for those with multi-monitor setups.

🤖 Generated with [Pochi](https://getpochi.com)

Co-authored-by: Pochi <[email protected]>
venhi5282 pushed a commit to venhi5282/openclaw that referenced this pull request Mar 9, 2026
@jiulingyun
fix(agent): isolate last-turn total in token usage reporting (opencla…
3c21c25 
…w#175)

* Initial plan

* fix(agent): 隔离最后一轮的 token 使用量报告总数

移植上游 commit a62ff19: 修复 token 使用量报告在多轮对话中累积 token 总数的问题

变更:
- run.ts: 捕获最后一轮的 token 总数并在返回前覆盖到 usage.total
- usage-reporting.test.ts: 新增测试验证 usage.total 反映当前轮次,而非累积总数

上游 PR: openclaw#17016

Co-authored-by: jiulingyun <[email protected]>

* test: 修复 run.overflow-compaction.test.ts 中的函数名错误

将 agent-paths mock 中的 resolveOpenClawAgentDir 改为正确的 resolveClawdbotAgentDir

Co-authored-by: jiulingyun <[email protected]>

---------

Co-authored-by: copilot-swe-agent[bot] <[email protected]>
Co-authored-by: jiulingyun <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@pasogott