






















@@ -2,6 +2,7 @@
22import { describe, expect, it } from "vitest";
33import type { OpenClawConfig } from "../config/config.js";
44import type { SessionEntry } from "../config/sessions.js";
5+import { buildAgentPeerSessionKey } from "../routing/session-key.js";
56import { resolveSendPolicy } from "./send-policy.js";
6778describe("resolveSendPolicy", () => {
@@ -73,6 +74,31 @@ describe("resolveSendPolicy", () => {
7374sessionKey: "demo-channel:direct:user-1",
7475expected: "deny",
7576},
77+{
78+name: "channel-scoped deny fires for per-account-channel-peer DM key without explicit channel field",
79+cfg: cfgWithRules([{ action: "deny", match: { channel: "demo-channel" } }]),
80+sessionKey: buildAgentPeerSessionKey({
81+agentId: "main",
82+channel: "demo-channel",
83+accountId: "acct-1",
84+peerKind: "direct",
85+peerId: "user-1",
86+dmScope: "per-account-channel-peer",
87+}),
88+expected: "deny",
89+},
90+{
91+name: "channel-scoped deny ignores later peer-kind-looking tokens in non-channel keys",
92+cfg: cfgWithRules([{ action: "deny", match: { channel: "demo-channel" } }]),
93+sessionKey: "demo-channel:not-a-peer-kind:user-1:direct",
94+expected: "allow",
95+},
96+{
97+name: "channel-scoped deny ignores incomplete account-scoped keys",
98+cfg: cfgWithRules([{ action: "deny", match: { channel: "demo-channel" } }]),
99+sessionKey: "demo-channel:acct-1:direct",
100+expected: "allow",
101+},
76102])("$name", ({ cfg, entry, sessionKey, expected }) => {
77103expect(resolveSendPolicy({ cfg, entry, sessionKey })).toBe(expected);
78104});
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。