

























@@ -285,7 +285,7 @@ describe("validateConfigObjectWithPlugins channel metadata (applyDefaults: true)
285285}
286286});
287287288-it('rejects Mattermost dmPolicy="open" without wildcard allowFrom', () => {
288+it('warns on Mattermost dmPolicy="open" without wildcard allowFrom', () => {
289289const result = validateConfigObjectWithPlugins({
290290channels: {
291291mattermost: {
@@ -297,20 +297,16 @@ describe("validateConfigObjectWithPlugins channel metadata (applyDefaults: true)
297297},
298298});
299299300-expect(result.ok).toBe(false);
301-if (!result.ok) {
302-expect(result.issues).toContainEqual(
303-expect.objectContaining({
304-path: "channels.mattermost.allowFrom",
305-message: expect.stringContaining(
306-'channels.mattermost.dmPolicy="open" requires channels.mattermost.allowFrom to include "*"',
307-),
308-}),
309-);
310-}
300+expect(result.ok).toBe(true);
301+expect(result.warnings).toContainEqual(
302+expect.objectContaining({
303+path: "channels.mattermost.allowFrom",
304+message: expect.stringContaining('channels.mattermost.dmPolicy="open"'),
305+}),
306+);
311307});
312308313-it('rejects account-scoped Mattermost dmPolicy="open" without wildcard allowFrom', () => {
309+it('warns on account-scoped Mattermost dmPolicy="open" without wildcard allowFrom', () => {
314310const result = validateConfigObjectWithPlugins({
315311channels: {
316312mattermost: {
@@ -326,17 +322,76 @@ describe("validateConfigObjectWithPlugins channel metadata (applyDefaults: true)
326322},
327323});
328324329-expect(result.ok).toBe(false);
330-if (!result.ok) {
331-expect(result.issues).toContainEqual(
332-expect.objectContaining({
333-path: "channels.mattermost.accounts.work.allowFrom",
334-message: expect.stringContaining(
335-'channels.mattermost.accounts.work.dmPolicy="open" requires channels.mattermost.accounts.work.allowFrom to include "*"',
336-),
337-}),
338-);
339-}
325+expect(result.ok).toBe(true);
326+expect(result.warnings).toContainEqual(
327+expect.objectContaining({
328+path: "channels.mattermost.accounts.work.allowFrom",
329+message: expect.stringContaining('channels.mattermost.accounts.work.dmPolicy="open"'),
330+}),
331+);
332+});
333+334+it("applies the dmPolicy/allowFrom dependency check generically (telegram), not just Mattermost", () => {
335+// Use generated bundled metadata (no plugin-owned schema override) so this proves
336+// the check is channel-agnostic rather than wired to a specific channel id.
337+mockLoadPluginManifestRegistry.mockReturnValue({ diagnostics: [], plugins: [] });
338+const result = validateConfigObjectWithPlugins({
339+channels: {
340+telegram: {
341+botToken: "test-token",
342+dmPolicy: "open",
343+},
344+},
345+});
346+347+expect(result.ok).toBe(true);
348+expect(result.warnings).toContainEqual(
349+expect.objectContaining({
350+path: "channels.telegram.allowFrom",
351+message: expect.stringContaining('channels.telegram.dmPolicy="open"'),
352+}),
353+);
354+});
355+356+it('does not warn when dmPolicy="open" includes a wildcard allowFrom', () => {
357+const result = validateConfigObjectWithPlugins({
358+channels: {
359+mattermost: {
360+enabled: true,
361+baseUrl: "https://chat.example.com",
362+botToken: "test-token",
363+dmPolicy: "open",
364+allowFrom: ["*"],
365+},
366+},
367+});
368+369+expect(result.ok).toBe(true);
370+expect(
371+result.warnings.some((warning) => warning.path === "channels.mattermost.allowFrom"),
372+).toBe(false);
373+});
374+375+it("does not warn when an account inherits a wildcard allowFrom from the channel default", () => {
376+const result = validateConfigObjectWithPlugins({
377+channels: {
378+mattermost: {
379+baseUrl: "https://chat.example.com",
380+botToken: "test-token",
381+allowFrom: ["*"],
382+accounts: {
383+work: {
384+dmPolicy: "open",
385+},
386+},
387+},
388+},
389+});
390+391+expect(result.ok).toBe(true);
392+expect(result.warnings.some((warning) => warning.path.startsWith("channels.mattermost"))).toBe(
393+false,
394+);
340395});
341396});
342397此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。