fix(telegram): honor commands.allowFrom in native command auth by vincentkoc · Pull Request #39310 · openclaw/openclaw

vincentkoc · 2026-03-08T00:58:35Z

Summary

Problem: Telegram native slash commands did not consult commands.allowFrom, so group commands could be rejected even when the sender was explicitly authorized for commands.
Why it matters: text commands already treat commands.allowFrom as the command-specific authorization source, so native Telegram commands drifted from the documented command auth contract.
What changed: native Telegram command auth now uses commands.allowFrom as the command-specific auth source when configured, and skips channel sender allowlist / useAccessGroups sender gating for that case.
What did NOT change (scope boundary): this does not change the separate groupAllowFrom runtime behavior from fix(telegram): use group allowlist for native command auth in groups #39267, and it does not widen non-command message authorization.

Change Type (select all)

Scope (select all touched areas)

Linked Issue/PR

User-visible / Behavior Changes

Telegram native commands now honor commands.allowFrom.telegram / commands.allowFrom["*"] the same way text commands do. When configured, that command-specific allowlist takes precedence over Telegram channel sender allowlists for native command authorization.

Security Impact (required)

New permissions/capabilities? (No)
Secrets/tokens handling changed? (No)
New/changed network calls? (No)
Command/tool execution surface changed? (No)
Data access scope changed? (No)
If any Yes, explain risk + mitigation:

Repro + Verification

Environment

OS: macOS
Runtime/container: Node 22 + Bun / Vitest
Model/provider: N/A
Integration/channel (if any): Telegram
Relevant config (redacted): commands.allowFrom.telegram, channels.telegram.groupAllowFrom

Steps

Configure commands.allowFrom.telegram with a Telegram sender ID and leave Telegram channel allowlists unmatched.
Send a native Telegram command in a supergroup/forum topic.
Verify the command is allowed when the sender matches commands.allowFrom, and rejected when only channel/group allowlists match.

Expected

Native Telegram commands follow commands.allowFrom precedence when configured.

Actual

Before this change, native Telegram commands only checked Telegram channel/group sender allowlists.

Evidence

Attach at least one:

Failing test/log before + passing after
Trace/log snippets
Screenshot/recording
Perf numbers (if relevant)

Human Verification (required)

What you personally verified (not just CI), and how:

Verified scenarios: commands.allowFrom.telegram authorizes native group commands; mismatched commands.allowFrom.telegram rejects even when groupAllowFrom would allow; existing groupAllowFrom native command tests still pass.
Edge cases checked: forum-topic auth rejections still reply in-topic; plugin auth/session-meta native command tests stay green.
What you did not verify: full repo CI, live Telegram bot runtime.

Compatibility / Migration

Backward compatible? (Yes)
Config/env changes? (No)
Migration needed? (No)
If yes, exact upgrade steps:

Failure Recovery (if this breaks)

How to disable/revert this change quickly: revert the three commits in this PR.
Files/config to restore: src/telegram/bot-native-commands.ts, src/telegram/bot-native-commands.group-auth.test.ts, CHANGELOG.md
Known bad symptoms reviewers should watch for: native Telegram commands ignoring groupAllowFrom fallback when commands.allowFrom is unset, or unauthorized senders passing because precedence is not applied correctly.

Risks and Mitigations

Risk: command-specific precedence could accidentally bypass unrelated Telegram group command checks.
- Mitigation: tests cover both the new commands.allowFrom path and the existing groupAllowFrom path, including the rejection reply thread behavior from fix(telegram): use group allowlist for native command auth in groups #39267.

…-allowfrom

greptile-apps · 2026-03-08T01:05:33Z

Greptile Summary

This PR makes native Telegram slash commands honour commands.allowFrom (the command-specific authorization source) the same way text commands already do, fixing a drift from the documented command auth contract. When commands.allowFrom.telegram or commands.allowFrom["*"] is configured, native command auth now resolves authorization exclusively against that list and bypasses the channel sender allowlists and useAccessGroups gating.

Key changes:

commandsAllowFromConfigured flag computed from cfg.commands?.allowFrom to detect when the command-specific allowlist is active.
resolveCommandAuthorization (already used by text commands) called to check commands.allowFrom precedence for native commands.
enforceAllowOverride, enforcePolicy, enforceAllowlistAuthorization, and checkChatAllowlist all gated on !commandsAllowFromConfigured to skip channel-level sender gating when the command-specific list takes over.
Two new tests verify the positive (sender authorized via commands.allowFrom.telegram) and negative (sender rejected because they are only in groupAllowFrom, not in commands.allowFrom.telegram) paths.

⚠️ Logic gap:
Setting enforcePolicy: useAccessGroups && !commandsAllowFromConfigured causes evaluateTelegramGroupPolicyAccess to return early before it evaluates groupPolicy === "disabled". This means a Telegram account with groupPolicy: "disabled" set (intending to globally turn off group commands) will have that policy silently bypassed for any sender listed in commands.allowFrom.telegram. The PR description only mentions skipping sender-level gating, not global policy, so this bypass may be unintended. The suggested fix keeps enforcePolicy: useAccessGroups unchanged and only gates the sender-level checks.

Confidence Score: 2/5

A verified logic gap allows groupPolicy: "disabled" to be bypassed when commands.allowFrom is configured, though this only manifests in deployments with both settings simultaneously.
The core feature (commands.allowFrom precedence for native Telegram commands) is well-implemented and tested. However, a logic gap at line 279 causes the global groupPolicy: "disabled" kill-switch to be silently bypassed when commands.allowFrom is active. This is a distinct policy concern from sender-level gating, the PR description doesn't mention intentionally bypassing it, and there's no test coverage for this edge case. The gap is fixable with a one-line change that preserves the feature intent while respecting the global policy.
src/telegram/bot-native-commands.ts (line 279) — enforcePolicy assignment should preserve groupPolicy:disabled checks while only gating sender-level authorization.

_{Last reviewed commit: 8d2893e}

src/telegram/bot-native-commands.ts

vincentkoc · 2026-03-08T01:25:49Z

Addressed the group-policy / chat-allowlist review concern.

Follow-up changes on top of the original #28216 fix:

kept groupPolicy enforcement on
kept group chat allowlist checks on
kept per-group/topic sender override enforcement on
still use commands.allowFrom as the sender-authorization source when configured

Re-ran:

bunx vitest run src/telegram/bot-native-commands.group-auth.test.ts src/telegram/bot-native-commands.session-meta.test.ts src/telegram/bot-native-commands.plugin-auth.test.ts

…law#39310) * telegram: honor commands.allowFrom in native auth * test(telegram): cover native commands.allowFrom precedence * changelog: note telegram native commands allowFrom fix * Update CHANGELOG.md * telegram: preserve group policy in native command auth * test(telegram): keep commands.allowFrom under group gating

fix(telegram): honor commands.allowFrom in native command auth (openclaw#39310) * telegram: honor commands.allowFrom in native auth * test(telegram): cover native commands.allowFrom precedence * changelog: note telegram native commands allowFrom fix * Update CHANGELOG.md * telegram: preserve group policy in native command auth * test(telegram): keep commands.allowFrom under group gating

…law#39310) * telegram: honor commands.allowFrom in native auth * test(telegram): cover native commands.allowFrom precedence * changelog: note telegram native commands allowFrom fix * Update CHANGELOG.md * telegram: preserve group policy in native command auth * test(telegram): keep commands.allowFrom under group gating

…law#39310) * telegram: honor commands.allowFrom in native auth * test(telegram): cover native commands.allowFrom precedence * changelog: note telegram native commands allowFrom fix * Update CHANGELOG.md * telegram: preserve group policy in native command auth * test(telegram): keep commands.allowFrom under group gating (cherry picked from commit c22a445)

@widingmarcus-cyber

* refactor(discord): extract route resolution helpers (cherry picked from commit c1d07b0) * refactor(discord): extract native command context builder (cherry picked from commit 9d10697) * refactor(discord): extract native command session targets (cherry picked from commit 8f719e5) * fix(discord): default missing native command args (cherry picked from commit eb9e78d) * refactor(discord): extract inbound context helpers (cherry picked from commit 547436b) * refactor(discord): compose native command routes (cherry picked from commit 6016e22) * fix(telegram): honor commands.allowFrom in native command auth (openclaw#39310) * telegram: honor commands.allowFrom in native auth * test(telegram): cover native commands.allowFrom precedence * changelog: note telegram native commands allowFrom fix * Update CHANGELOG.md * telegram: preserve group policy in native command auth * test(telegram): keep commands.allowFrom under group gating (cherry picked from commit c22a445) * Discord: fix native command context test args (cherry picked from commit ad80ecd) * refactor(routing): centralize inbound last-route policy (cherry picked from commit 6a8081a) * refactor(telegram): centralize text parsing helpers (cherry picked from commit e705627) * refactor(telegram): split bot message context helpers (cherry picked from commit c2e1ae6) * fix: isolate TUI /new sessions per client Landed from contributor PR openclaw#39238 by @widingmarcus-cyber. Co-authored-by: Marcus Widing <[email protected]> (cherry picked from commit 4600817) * TUI: type setSession test mocks (cherry picked from commit 6cb889d) * fix(telegram): restore DM draft streaming (cherry picked from commit e45fcc5) * fix(ci): pin multi-arch docker base digests (cherry picked from commit 5759b93) * fix: reject launchd pid sentinel values Landed from contributor PR openclaw#39281 by @mvanhorn. Co-authored-by: Matt Van Horn <[email protected]> (cherry picked from commit 7f44bc5) * refactor: register gateway service adapters (cherry picked from commit bd41326) * fix: resolve cherry-pick type errors (rebrand, gutted modules, lastRoutePolicy) Co-Authored-By: Claude Opus 4.6 (1M context) <[email protected]> * fix: resolve cherry-pick test failures (gutted Dockerfiles, rebrand INSTALL_BROWSER, preflight stub) Co-Authored-By: Claude Opus 4.6 (1M context) <[email protected]> --------- Co-authored-by: Peter Steinberger <[email protected]> Co-authored-by: Vincent Koc <[email protected]> Co-authored-by: Marcus Widing <[email protected]> Co-authored-by: Ayaan Zaidi <[email protected]> Co-authored-by: Matt Van Horn <[email protected]> Co-authored-by: Claude Opus 4.6 (1M context) <[email protected]>

vincentkoc added 3 commits March 7, 2026 16:57

telegram: honor commands.allowFrom in native auth

e88aaa6

test(telegram): cover native commands.allowFrom precedence

3cc28b9

changelog: note telegram native commands allowFrom fix

4611dee

openclaw-barnacle bot added the channel: telegram Channel integration: telegram label Mar 8, 2026

vincentkoc self-assigned this Mar 8, 2026

openclaw-barnacle bot added size: S maintainer Maintainer-authored PR labels Mar 8, 2026

vincentkoc marked this pull request as ready for review March 8, 2026 01:01

vincentkoc added 2 commits March 7, 2026 20:01

Merge branch 'main' into vincentkoc-code/fix-telegram-native-commands…

d819045

…-allowfrom

Update CHANGELOG.md

8d2893e

greptile-apps bot reviewed Mar 8, 2026

View reviewed changes

src/telegram/bot-native-commands.ts Outdated Show resolved Hide resolved

vincentkoc added 2 commits March 7, 2026 17:25

telegram: preserve group policy in native command auth

f8421cc

test(telegram): keep commands.allowFrom under group gating

06f74cf

openclaw-barnacle bot added size: M and removed size: S labels Mar 8, 2026

vincentkoc merged commit c22a445 into main Mar 8, 2026
29 of 30 checks passed

vincentkoc deleted the vincentkoc-code/fix-telegram-native-commands-allowfrom branch March 8, 2026 01:28

github-actions bot mentioned this pull request Mar 8, 2026

上游更新: v2026.3.7 — 19 P0 + 122 P1 待合并 jiulingyun/openclaw-cn#486

Open

alexey-pelykh mentioned this pull request Mar 10, 2026

Cherry-pick: upstream src misc updates (17 commits) remoteclaw/remoteclaw#888

Closed

4 tasks

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

fix(telegram): honor commands.allowFrom in native command auth#39310

fix(telegram): honor commands.allowFrom in native command auth#39310
vincentkoc merged 7 commits intomainfrom
vincentkoc-code/fix-telegram-native-commands-allowfrom

vincentkoc commented Mar 8, 2026

Uh oh!

greptile-apps bot commented Mar 8, 2026

Uh oh!

Uh oh!

vincentkoc commented Mar 8, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Uh oh!

Conversation

vincentkoc commented Mar 8, 2026

Summary

Change Type (select all)

Scope (select all touched areas)

Linked Issue/PR

User-visible / Behavior Changes

Security Impact (required)

Repro + Verification

Environment

Steps

Expected

Actual

Evidence

Human Verification (required)

Compatibility / Migration

Failure Recovery (if this breaks)

Risks and Mitigations

Uh oh!

greptile-apps bot commented Mar 8, 2026

Greptile Summary

Confidence Score: 2/5

Uh oh!

Uh oh!

vincentkoc commented Mar 8, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant