mirror of
https://github.com/NousResearch/hermes-agent.git
synced 2026-04-25 00:51:20 +00:00
fix(gateway): honor QQ_GROUP_ALLOWED_USERS in runner auth
This commit is contained in:
parent
590c9964e1
commit
995177d542
2 changed files with 57 additions and 1 deletions
|
|
@ -21,6 +21,7 @@ def _clear_auth_env(monkeypatch) -> None:
|
|||
"MATTERMOST_ALLOWED_USERS",
|
||||
"MATRIX_ALLOWED_USERS",
|
||||
"DINGTALK_ALLOWED_USERS", "FEISHU_ALLOWED_USERS", "WECOM_ALLOWED_USERS",
|
||||
"QQ_ALLOWED_USERS", "QQ_GROUP_ALLOWED_USERS",
|
||||
"GATEWAY_ALLOWED_USERS",
|
||||
"TELEGRAM_ALLOW_ALL_USERS",
|
||||
"DISCORD_ALLOW_ALL_USERS",
|
||||
|
|
@ -32,6 +33,7 @@ def _clear_auth_env(monkeypatch) -> None:
|
|||
"MATTERMOST_ALLOW_ALL_USERS",
|
||||
"MATRIX_ALLOW_ALL_USERS",
|
||||
"DINGTALK_ALLOW_ALL_USERS", "FEISHU_ALLOW_ALL_USERS", "WECOM_ALLOW_ALL_USERS",
|
||||
"QQ_ALLOW_ALL_USERS",
|
||||
"GATEWAY_ALLOW_ALL_USERS",
|
||||
):
|
||||
monkeypatch.delenv(key, raising=False)
|
||||
|
|
@ -130,6 +132,46 @@ def test_star_wildcard_works_for_any_platform(monkeypatch):
|
|||
assert runner._is_user_authorized(source) is True
|
||||
|
||||
|
||||
def test_qq_group_allowlist_authorizes_group_chat_without_user_allowlist(monkeypatch):
|
||||
_clear_auth_env(monkeypatch)
|
||||
monkeypatch.setenv("QQ_GROUP_ALLOWED_USERS", "group-openid-1")
|
||||
|
||||
runner, _adapter = _make_runner(
|
||||
Platform.QQBOT,
|
||||
GatewayConfig(platforms={Platform.QQBOT: PlatformConfig(enabled=True)}),
|
||||
)
|
||||
|
||||
source = SessionSource(
|
||||
platform=Platform.QQBOT,
|
||||
user_id="member-openid-999",
|
||||
chat_id="group-openid-1",
|
||||
user_name="tester",
|
||||
chat_type="group",
|
||||
)
|
||||
|
||||
assert runner._is_user_authorized(source) is True
|
||||
|
||||
|
||||
def test_qq_group_allowlist_does_not_authorize_other_groups(monkeypatch):
|
||||
_clear_auth_env(monkeypatch)
|
||||
monkeypatch.setenv("QQ_GROUP_ALLOWED_USERS", "group-openid-1")
|
||||
|
||||
runner, _adapter = _make_runner(
|
||||
Platform.QQBOT,
|
||||
GatewayConfig(platforms={Platform.QQBOT: PlatformConfig(enabled=True)}),
|
||||
)
|
||||
|
||||
source = SessionSource(
|
||||
platform=Platform.QQBOT,
|
||||
user_id="member-openid-999",
|
||||
chat_id="group-openid-2",
|
||||
user_name="tester",
|
||||
chat_type="group",
|
||||
)
|
||||
|
||||
assert runner._is_user_authorized(source) is False
|
||||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
async def test_unauthorized_dm_pairs_by_default(monkeypatch):
|
||||
_clear_auth_env(monkeypatch)
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue