From 3aaa98dd01a520641e7eb163ff3630976d834023 Mon Sep 17 00:00:00 2001 From: teknium1 <127238744+teknium1@users.noreply.github.com> Date: Sun, 28 Jun 2026 01:31:04 -0700 Subject: [PATCH] test(whatsapp): cover LID allowlist match on modern session layout MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Add an _is_user_authorized E2E for the platforms/whatsapp/session layout on top of fesalfayed's resolver fix (#36665) — guards the actual silently-dropped-LID-sender path from #36664. --- .../gateway/test_unauthorized_dm_behavior.py | 36 +++++++++++++++++++ 1 file changed, 36 insertions(+) diff --git a/tests/gateway/test_unauthorized_dm_behavior.py b/tests/gateway/test_unauthorized_dm_behavior.py index f4ea14cdb70..ad0c274b2f7 100644 --- a/tests/gateway/test_unauthorized_dm_behavior.py +++ b/tests/gateway/test_unauthorized_dm_behavior.py @@ -100,6 +100,42 @@ def test_whatsapp_lid_user_matches_phone_allowlist_via_session_mapping(monkeypat assert runner._is_user_authorized(source) is True +def test_whatsapp_lid_user_matches_phone_allowlist_via_modern_session_mapping( + monkeypatch, tmp_path, +): + """Modern ``platforms/`` installs store bridge mappings under + ``platforms/whatsapp/session`` — the LID→phone resolution (and therefore + the allowlist match) must work there too, not just the legacy layout. + Regression guard for the silently-dropped-LID-sender bug (#36664).""" + _clear_auth_env(monkeypatch) + monkeypatch.setenv("WHATSAPP_ALLOWED_USERS", "15550000001") + monkeypatch.setenv("HERMES_HOME", str(tmp_path)) + + session_dir = tmp_path / "platforms" / "whatsapp" / "session" + session_dir.mkdir(parents=True) + (session_dir / "lid-mapping-15550000001.json").write_text( + '"900000000000001"', encoding="utf-8", + ) + (session_dir / "lid-mapping-900000000000001_reverse.json").write_text( + '"15550000001"', encoding="utf-8", + ) + + runner, _adapter = _make_runner( + Platform.WHATSAPP, + GatewayConfig(platforms={Platform.WHATSAPP: PlatformConfig(enabled=True)}), + ) + + source = SessionSource( + platform=Platform.WHATSAPP, + user_id="900000000000001@lid", + chat_id="900000000000001@lid", + user_name="tester", + chat_type="dm", + ) + + assert runner._is_user_authorized(source) is True + + def test_simplex_allowlist_accepts_display_name(monkeypatch): """SIMPLEX_ALLOWED_USERS should match the contact's display name as well as the numeric contactId. The SimpleX UI surfaces only display names, so