anthropics/claude-plugins-official
1
0
Fork 0
mirror of https://github.com/anthropics/claude-plugins-official.git synced 2026-05-11 14:05:52 -03:00
Code Issues Packages Projects Releases Wiki Activity

telegram: gate /start, /help, /status behind dmPolicy

Browse Source 
The bot command handlers bypassed access control — they responded to
any DM user regardless of dmPolicy, leaking bot presence and
contradicting ACCESS.md's "Drop silently. No reply." contract for
allowlist mode.

Add dmCommandGate() that applies the same disabled/allowlist checks
as gate() without the pairing side effects, and route all three
handlers through it. Also prune expired pending codes before /status
iterates them.

Fixes #854
This commit is contained in:
Claude 2026-03-22 08:07:07 +00:00
parent 61c0597779
commit 0a0f09866c
No known key found for this signature in database
1 changed files with 19 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
external_plugins/telegram/server.ts
View File

@ -261,6 +261,19 @@ function gate(ctx: Context): GateResult {
return { action: 'drop' } return { action: 'drop' }
} }
// Like gate() but for bot commands: no pairing side effects, just allow/drop.
function dmCommandGate(ctx: Context): { access: Access; senderId: string } | null {
if (ctx.chat?.type !== 'private') return null
if (!ctx.from) return null
const senderId = String(ctx.from.id)
const access = loadAccess()
const pruned = pruneExpired(access)
if (pruned) saveAccess(access)
if (access.dmPolicy === 'disabled') return null
if (access.dmPolicy === 'allowlist' && !access.allowFrom.includes(senderId)) return null
return { access, senderId }
}
function isMentioned(ctx: Context, extraPatterns?: string[]): boolean { function isMentioned(ctx: Context, extraPatterns?: string[]): boolean {
const entities = ctx.message?.entities ?? ctx.message?.caption_entities ?? [] const entities = ctx.message?.entities ?? ctx.message?.caption_entities ?? []
const text = ctx.message?.text ?? ctx.message?.caption ?? '' const text = ctx.message?.text ?? ctx.message?.caption ?? ''
@ -585,12 +598,7 @@ process.on('SIGINT', shutdown)
// the gate's behavior for unrecognized groups. // the gate's behavior for unrecognized groups.
bot.command('start', async ctx => { bot.command('start', async ctx => {
if (ctx.chat?.type !== 'private') return if (!dmCommandGate(ctx)) return
const access = loadAccess()
if (access.dmPolicy === 'disabled') {
await ctx.reply(`This bot isn't accepting new connections.`)
return
}
await ctx.reply( await ctx.reply(
`This bot bridges Telegram to a Claude Code session.\n\n` + `This bot bridges Telegram to a Claude Code session.\n\n` +
`To pair:\n` + `To pair:\n` +
@ -601,7 +609,7 @@ bot.command('start', async ctx => {
}) })
bot.command('help', async ctx => { bot.command('help', async ctx => {
if (ctx.chat?.type !== 'private') return if (!dmCommandGate(ctx)) return
await ctx.reply( await ctx.reply(
`Messages you send here route to a paired Claude Code session. ` + `Messages you send here route to a paired Claude Code session. ` +
`Text and photos are forwarded; replies and reactions come back.\n\n` + `Text and photos are forwarded; replies and reactions come back.\n\n` +
@ -611,14 +619,12 @@ bot.command('help', async ctx => {
}) })
bot.command('status', async ctx => { bot.command('status', async ctx => {
if (ctx.chat?.type !== 'private') return const gated = dmCommandGate(ctx)
const from = ctx.from if (!gated) return
if (!from) return const { access, senderId } = gated
const senderId = String(from.id)
const access = loadAccess()
if (access.allowFrom.includes(senderId)) { if (access.allowFrom.includes(senderId)) {
const name = from.username ? `@${from.username}` : senderId const name = ctx.from!.username ? `@${ctx.from!.username}` : senderId
await ctx.reply(`Paired as ${name}.`) await ctx.reply(`Paired as ${name}.`)
return return
} }