fix(web): let group pings bypass allowFrom
This commit is contained in:
Peter Steinberger
@@ -26,7 +26,8 @@ Goal: Enable warelay’s web provider to participate in WhatsApp group chats, re
|
|||||||
- If `requireMention` and no mention detected, store in buffer only; no reply.
|
- If `requireMention` and no mention detected, store in buffer only; no reply.
|
||||||
- Allow opt-out via `requireMention: false`.
|
- Allow opt-out via `requireMention: false`.
|
||||||
- **Allow list**:
|
- **Allow list**:
|
||||||
- Apply `inbound.allowFrom` to the *participant* (senderE164), not the group ID. Same-phone bypass preserved.
|
- Group chats ignore `inbound.allowFrom` so anyone in the group can trigger a reply; we still record the sender E.164 for context.
|
||||||
|
- Direct chats keep enforcing `inbound.allowFrom` (same-phone bypass preserved).
|
||||||
- **Heartbeats**:
|
- **Heartbeats**:
|
||||||
- Skip reply heartbeats when the last inbound was a group chat; connection heartbeat still runs.
|
- Skip reply heartbeats when the last inbound was a group chat; connection heartbeat still runs.
|
||||||
- **Sessions**:
|
- **Sessions**:
|
||||||
|
|||||||
@@ -116,9 +116,10 @@ export async function monitorWebInbox(options: {
|
|||||||
const allowFrom = cfg.inbound?.allowFrom;
|
const allowFrom = cfg.inbound?.allowFrom;
|
||||||
const isSamePhone = from === selfE164;
|
const isSamePhone = from === selfE164;
|
||||||
|
|
||||||
if (!isSamePhone && Array.isArray(allowFrom) && allowFrom.length > 0) {
|
const allowlistEnabled =
|
||||||
const candidate =
|
!group && Array.isArray(allowFrom) && allowFrom.length > 0;
|
||||||
group && senderE164 ? normalizeE164(senderE164) : from;
|
if (!isSamePhone && allowlistEnabled) {
|
||||||
|
const candidate = from;
|
||||||
const allowedList = allowFrom.map(normalizeE164);
|
const allowedList = allowFrom.map(normalizeE164);
|
||||||
if (!allowFrom.includes("*") && !allowedList.includes(candidate)) {
|
if (!allowFrom.includes("*") && !allowedList.includes(candidate)) {
|
||||||
logVerbose(
|
logVerbose(
|
||||||
|
|||||||
@@ -321,7 +321,7 @@ describe("web monitor inbox", () => {
|
|||||||
await listener.close();
|
await listener.close();
|
||||||
});
|
});
|
||||||
|
|
||||||
it("applies allowFrom to group participants", async () => {
|
it("lets group messages through even when sender not in allowFrom", async () => {
|
||||||
mockLoadConfig.mockReturnValue({
|
mockLoadConfig.mockReturnValue({
|
||||||
inbound: {
|
inbound: {
|
||||||
allowFrom: ["+1234"],
|
allowFrom: ["+1234"],
|
||||||
@@ -353,16 +353,10 @@ describe("web monitor inbox", () => {
|
|||||||
sock.ev.emit("messages.upsert", upsert);
|
sock.ev.emit("messages.upsert", upsert);
|
||||||
await new Promise((resolve) => setImmediate(resolve));
|
await new Promise((resolve) => setImmediate(resolve));
|
||||||
|
|
||||||
expect(onMessage).not.toHaveBeenCalled();
|
expect(onMessage).toHaveBeenCalledTimes(1);
|
||||||
|
const payload = onMessage.mock.calls[0][0];
|
||||||
mockLoadConfig.mockReturnValue({
|
expect(payload.chatType).toBe("group");
|
||||||
inbound: {
|
expect(payload.senderE164).toBe("+999");
|
||||||
allowFrom: ["*"],
|
|
||||||
messagePrefix: undefined,
|
|
||||||
responsePrefix: undefined,
|
|
||||||
timestampPrefix: false,
|
|
||||||
},
|
|
||||||
});
|
|
||||||
|
|
||||||
await listener.close();
|
await listener.close();
|
||||||
});
|
});
|
||||||
|
|||||||
Reference in New Issue
Block a user