-
Notifications
You must be signed in to change notification settings - Fork 127
refactor: make ingress ACL enforcement always-on (G-02) #8283
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -12,7 +12,6 @@ import * as externalConversationStore from '../../memory/external-conversation-s | |
| import { getPendingConfirmationsByConversation } from '../../memory/runs-store.js'; | ||
| import { checkIngressForSecrets } from '../../security/secret-ingress.js'; | ||
| import { IngressBlockedError } from '../../util/errors.js'; | ||
| import { getConfig } from '../../config/loader.js'; | ||
| import { getLogger } from '../../util/logger.js'; | ||
| import { findMember, updateLastSeen } from '../../memory/ingress-member-store.js'; | ||
| import { | ||
|
|
@@ -186,12 +185,11 @@ export async function handleChannelInbound( | |
| } | ||
|
|
||
| // ── Ingress ACL enforcement ── | ||
| const inboxConfig = getConfig().assistantInbox; | ||
| // Track the resolved member so the escalate branch can reference it after | ||
| // recordInbound (where we have a conversationId). | ||
| let resolvedMember: ReturnType<typeof findMember> = null; | ||
|
|
||
| if (inboxConfig.enabled && inboxConfig.memberAclEnabled && body.senderExternalUserId) { | ||
| if (body.senderExternalUserId) { | ||
| resolvedMember = findMember({ | ||
| sourceChannel, | ||
| externalUserId: body.senderExternalUserId, | ||
|
Comment on lines
+192
to
195
Contributor
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 🔴 Always-on ACL enforcement silently denies all channel messages when no member records exist The old condition Root Cause and ImpactThe gateway always sends senderExternalUserId: event.sender.externalUserId,This means every inbound message from these channels will now enter the ACL block. Inside, if (!resolvedMember) {
return Response.json({ accepted: true, denied: true, reason: 'not_a_member' });
}Member records are only created via explicit admin action through Impact: Any existing deployment that uses Telegram/SMS/WhatsApp channels but has not explicitly populated the ingress member store (which was previously unnecessary since the feature was flag-gated) will have all inbound messages silently denied with (Refers to lines 192-216) Was this helpful? React with 👍 or 👎 to provide feedback. |
||
|
|
||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Applying ingress ACL solely on
senderExternalUserIdnow runs before all guardian handling, so messages from guardians who are only configured viachannel_guardian_bindings(and not duplicated inassistant_ingress_members) are rejected asnot_a_memberand return early. In this state,/guardian_verify ...onboarding and guardian approve/deny callback processing never reach their interceptors later inhandleChannelInbound, which can block escalation resolution in normal deployments where guardian identity is managed separately from inbox members.Useful? React with 👍 / 👎.