let5see/clawdbot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: harden whatsapp command auth

Browse Source
This commit is contained in:
Peter Steinberger
2026-01-15 07:53:12 +00:00
parent 8c4b8f2c38
commit 8dacafce7f
7 changed files with 286 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/web/auto-reply/monitor/group-gating.ts
View File

@@ -1,10 +1,11 @@
import { hasControlCommand } from "../../../auto-reply/command-detection.js";
import { parseActivationCommand } from "../../../auto-reply/group-activation.js";
import type { loadConfig } from "../../../config/config.js";
import { normalizeE164 } from "../../../utils.js";
import type { MentionConfig } from "../mentions.js";
import { buildMentionConfig, debugMention, resolveOwnerList } from "../mentions.js";
import type { WebInboundMsg } from "../types.js";
import { isStatusCommand, stripMentionsForCommand } from "./commands.js";
import { stripMentionsForCommand } from "./commands.js";
import { resolveGroupActivationFor, resolveGroupPolicyFor } from "./group-activation.js";
import { noteGroupMember } from "./group-members.js";
@@ -59,8 +60,7 @@ export function applyGroupGating(params: {
);
const activationCommand = parseActivationCommand(commandBody);
const owner = isOwnerSender(params.baseMentionConfig, params.msg);
const statusCommand = isStatusCommand(commandBody);
const shouldBypassMention = owner && (activationCommand.hasCommand || statusCommand);
const shouldBypassMention = owner && hasControlCommand(commandBody, params.cfg);
if (activationCommand.hasCommand && !owner) {
params.logVerbose(`Ignoring /activation from non-owner in group ${params.conversationId}`);