fix(security): gate slash/control commands

2026-01-17 06:49:17 +00:00
parent 7ed55682b7
commit 6a3ed5c850
22 changed files with 758 additions and 203 deletions
--- a/src/discord/monitor/native-command.ts
+++ b/src/discord/monitor/native-command.ts
@@ -41,6 +41,7 @@ import {
 import { resolveAgentRoute } from "../../routing/resolve-route.js";
 import { loadWebMedia } from "../../web/media.js";
 import { chunkDiscordText } from "../chunk.js";
+import { resolveCommandAuthorizedFromAuthorizers } from "../../channels/command-gating.js";
 import {
  allowListMatches,
  isDiscordGroupAllowedByPolicy,
@@ -529,7 +530,17 @@ async function dispatchDiscordCommandInteraction(params: {
          userTag: formatDiscordUserTag(user),
        })
      : false;
-    commandAuthorized = useAccessGroups ? ownerOk || userOk : hasUserAllowlist ? userOk : true;
+    const authorizers = useAccessGroups
+      ? [
+          { configured: ownerAllowList != null, allowed: ownerOk },
+          { configured: hasUserAllowlist, allowed: userOk },
+        ]
+      : [{ configured: hasUserAllowlist, allowed: userOk }];
+    commandAuthorized = resolveCommandAuthorizedFromAuthorizers({
+      useAccessGroups,
+      authorizers,
+      modeWhenAccessGroupsOff: "configured",
+    });
    if (!commandAuthorized) {
      await respond("You are not authorized to use this command.", { ephemeral: true });
      return;