慣性聚合 高效追蹤和閱讀你感興趣的部落格、新聞、科技資訊
閱讀原文 在慣性聚合中打開

推薦訂閱源

Google DeepMind News
Google DeepMind News
人人都是产品经理
人人都是产品经理
M
MIT News - Artificial intelligence
博客园 - 叶小钗
MyScale Blog
MyScale Blog
V
Visual Studio Blog
月光博客
月光博客
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
量子位
I
InfoQ
有赞技术团队
有赞技术团队
阮一峰的网络日志
阮一峰的网络日志
Jina AI
Jina AI
V
V2EX
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
Blog — PlanetScale
Blog — PlanetScale
Last Week in AI
Last Week in AI
雷峰网
雷峰网
Stack Overflow Blog
Stack Overflow Blog
博客园 - Franky

Recent Commits to openclaw:main

test: merge chat side-result checks · openclaw/openclaw@ddd2c2a test: merge cron history checks · openclaw/openclaw@f7eb746 test: merge responsive navigation shell checks · openclaw/openclaw@c2e4b47 docs(changelog): add codex oauth fixes · openclaw/openclaw@628e6cd test: merge navigation routing cases · openclaw/openclaw@5d8cecb Tests: mock channel registry bundled fallback · openclaw/openclaw@2b08233 Secrets: avoid broad web search discovery for single plugin config · openclaw/openclaw@a464f59 test: merge config view browser checks · openclaw/openclaw@20cf511 fix(status): align oauth health with runtime · openclaw/openclaw@eed7116 feat: add macOS screen snapshots for monitor preview (#67954) thanks … · openclaw/openclaw@f377db1 fix: report shared auth scopes in hello-ok (#67810) thanks @BunsDev · openclaw/openclaw@0b6c39b Auto-reply: avoid eager bundled route fallback · openclaw/openclaw@3ea1bf4 Tests: narrow session binding contract setup · openclaw/openclaw@54e4e16 fix(macOS): enable undo/redo in webchat composer text input (#34962) · openclaw/openclaw@00951dc Tests: speed up channel setup promotion · openclaw/openclaw@82b529a Docs: refresh agent instructions · openclaw/openclaw@5775fe2 fix(auth): serialize OAuth refresh across agents to fix #26322 (#67876) · openclaw/openclaw@8e79080 test: allow ollama public surface boundary test · openclaw/openclaw@7d4f1a6 Docs: add test performance guardrails · openclaw/openclaw@89706d3 Tests: restore context-engine usage proof · openclaw/openclaw@e4c4f95 Tests: slim context engine runtime coverage · openclaw/openclaw@74c198f ci: retry failed custom checkouts · openclaw/openclaw@0ee5baf test: trim duplicate provider auth onboarding cases · openclaw/openclaw@1ffc02e matrix: fix sessions_spawn --thread subagent session spawning (#67643) · openclaw/openclaw@1ce2596 test: reduce auth choice fixture churn · openclaw/openclaw@857b9cd test: mock health status config boundaries · openclaw/openclaw@9d5ab4a test: mock onboard config io boundary · openclaw/openclaw@299694d test: mock legacy state plugin boundaries · openclaw/openclaw@2713089 test: mock channel install boundaries · openclaw/openclaw@b945248 test: mock doctor preview channel boundaries · openclaw/openclaw@b1a3ad4 test: trim doctor command hotspots · openclaw/openclaw@c66f16a test: isolate agent auth and spawn hotspots · openclaw/openclaw@9285935 test: stabilize MCP startup disposal race · openclaw/openclaw@dd9d2eb test: merge browser contract server suites · openclaw/openclaw@5817a76 test: narrow ollama provider discovery setup · openclaw/openclaw@a0d9598 build: declare qa-lab aimock runtime dependency · openclaw/openclaw@24431e5 test: speed up safe-bins exec harness · openclaw/openclaw@ee856ab test: preserve tool helpers in embedded runner mocks · openclaw/openclaw@acd86a0 refactor: move memory embeddings into provider plugins · openclaw/openclaw@77e6e4c test: reuse system-run temp fixtures · openclaw/openclaw@7e9ff0f test: trim hotspot wait overhead · openclaw/openclaw@12a59b0 Check: avoid duplicate boundary prep · openclaw/openclaw@baf11b8 test: reduce hotspot fixture overhead · openclaw/openclaw@3a59edd feat(ui): overhaul settings and slash command UX (#67819) thanks @Bun… · openclaw/openclaw@2cfb660 QA Matrix: exit cleanly on failure · openclaw/openclaw@42805d2 QA Matrix: isolate scenario coverage · openclaw/openclaw@7e659e1 Matrix: refresh crypto bootstrap state · openclaw/openclaw@94081d8 QA Lab: add provider registry · openclaw/openclaw@bb7e982 Matrix: add plugin changelog · openclaw/openclaw@4acab55 test: trim more hotspot overhead · openclaw/openclaw@f485311
新增支援拇指點擊反應 (#85952) · openclaw/openclaw@5c7980f
omarshahine · 2026-05-25 · via Recent Commits to openclaw:main

@@ -0,0 +1,146 @@

1+

import { describe, expect, it } from "vitest";

2+

import { getIMessageApprovalApprovers, imessageApprovalAuth } from "./approval-auth.js";

3+4+

describe("imessageApprovalAuth", () => {

5+

it("authorizes individual handles and ignores group/chat target entries", () => {

6+

expect(

7+

imessageApprovalAuth.authorizeActorAction({

8+

cfg: { channels: { imessage: { allowFrom: ["+1 (555) 123-0000"] } } },

9+

senderId: "+15551230000",

10+

action: "approve",

11+

approvalKind: "exec",

12+

}),

13+

).toEqual({ authorized: true });

14+15+

expect(

16+

getIMessageApprovalApprovers({

17+

cfg: {

18+

channels: {

19+

imessage: {

20+

allowFrom: ["chat_guid:iMessage;+;chat123", "chat_id:42"],

21+

},

22+

},

23+

},

24+

}),

25+

).toEqual([]);

26+27+

expect(

28+

imessageApprovalAuth.authorizeActorAction({

29+

cfg: { channels: { imessage: { allowFrom: ["+15551230000"] } } },

30+

senderId: "+15551239999",

31+

action: "approve",

32+

approvalKind: "exec",

33+

}),

34+

).toEqual({

35+

authorized: false,

36+

reason: "❌ You are not authorized to approve exec requests on iMessage.",

37+

});

38+

});

39+40+

it("authorizes lowercase-normalized email senders against canonical allowFrom", () => {

41+

expect(

42+

imessageApprovalAuth.authorizeActorAction({

43+

cfg: { channels: { imessage: { allowFrom: ["Owner@Example.com"] } } },

44+

senderId: "owner@example.com",

45+

action: "approve",

46+

approvalKind: "plugin",

47+

}),

48+

).toEqual({ authorized: true });

49+

});

50+51+

it("falls back to implicit same-chat authorization when no allowFrom is configured", () => {

52+

expect(

53+

getIMessageApprovalApprovers({

54+

cfg: { channels: { imessage: { allowFrom: [] } } },

55+

}),

56+

).toEqual([]);

57+58+

expect(

59+

imessageApprovalAuth.authorizeActorAction({

60+

cfg: { channels: { imessage: { allowFrom: [] } } },

61+

senderId: "+15551230000",

62+

action: "approve",

63+

approvalKind: "exec",

64+

}),

65+

).toEqual({ authorized: true });

66+

});

67+68+

it("supports explicit wildcard approval approvers", () => {

69+

expect(

70+

imessageApprovalAuth.authorizeActorAction({

71+

cfg: { channels: { imessage: { allowFrom: ["*"] } } },

72+

senderId: "+15551230000",

73+

action: "approve",

74+

approvalKind: "plugin",

75+

}),

76+

).toEqual({ authorized: true });

77+

});

78+79+

it("strips imessage:/sms:/auto: service prefixes when normalizing approver entries", () => {

80+

// The resolved approver list itself must contain the bare normalized

81+

// handle — a previous bug rejected service-prefixed entries entirely,

82+

// which silently fell back to the empty-approvers implicit-same-chat

83+

// authorization and masked the regression. Assert the explicit list here

84+

// so reaction resolution (which requires a non-empty approver list) works

85+

// for service-prefixed allowFrom values too.

86+

expect(

87+

getIMessageApprovalApprovers({

88+

cfg: { channels: { imessage: { allowFrom: ["imessage:+15551230000"] } } },

89+

}),

90+

).toEqual(["+15551230000"]);

91+

expect(

92+

getIMessageApprovalApprovers({

93+

cfg: { channels: { imessage: { allowFrom: ["sms:+15551230001"] } } },

94+

}),

95+

).toEqual(["+15551230001"]);

96+

expect(

97+

getIMessageApprovalApprovers({

98+

cfg: { channels: { imessage: { allowFrom: ["auto:Owner@Example.com"] } } },

99+

}),

100+

).toEqual(["owner@example.com"]);

101+102+

// A sender that matches the normalized handle is explicitly authorized

103+

// (not via the implicit same-chat fallback).

104+

expect(

105+

imessageApprovalAuth.authorizeActorAction({

106+

cfg: { channels: { imessage: { allowFrom: ["imessage:+15551230000"] } } },

107+

senderId: "+15551230000",

108+

action: "approve",

109+

approvalKind: "exec",

110+

}),

111+

).toEqual({ authorized: true });

112+113+

// And a NON-matching sender is rejected — proving the entry was added

114+

// to the approver list rather than collapsing to empty.

115+

expect(

116+

imessageApprovalAuth.authorizeActorAction({

117+

cfg: { channels: { imessage: { allowFrom: ["imessage:+15551230000"] } } },

118+

senderId: "+15559999999",

119+

action: "approve",

120+

approvalKind: "exec",

121+

}),

122+

).toEqual({

123+

authorized: false,

124+

reason: "❌ You are not authorized to approve exec requests on iMessage.",

125+

});

126+

});

127+128+

it("rejects chat_id / chat_guid / chat_identifier as approver entries even with service prefixes", () => {

129+

expect(

130+

getIMessageApprovalApprovers({

131+

cfg: {

132+

channels: {

133+

imessage: {

134+

allowFrom: [

135+

"chat_id:42",

136+

"chat_guid:iMessage;+;chat42",

137+

"chat_identifier:chat42@example.com",

138+

"imessage:chat_id:43",

139+

],

140+

},

141+

},

142+

},

143+

}),

144+

).toEqual([]);

145+

});

146+

});

此內容由慣性聚合(RSS閱讀器)自動聚合整理,僅供閱讀參考。 原文來自 — 版權歸原作者所有。