fix(telegram): defense-in-depth — enforce TELEGRAM_ALLOWED_USERS at adapter level (#23778)#28492
Merged
Conversation
…ssages TELEGRAM_ALLOWED_USERS was only checked for callback/inline-button actions but not for inbound messages. Unauthorized users triggered an 'Unauthorized user' log warning but their messages were still processed by the agent — a P0 security bypass (issue #23778). Fix: add allowlist check in _should_process_message() which is called for all message types (text, command, media, location). If the sender is not in TELEGRAM_ALLOWED_USERS, the message is dropped immediately with a warning log. Empty TELEGRAM_ALLOWED_USERS continues to allow all users (existing behavior). Fixes #23778
Contributor
🔎 Lint report:
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Salvage of #23795 (@ygd58).
Summary
Defense-in-depth fix for #23778. The gateway runner's
_is_user_authorizedalready gates inbound messages, but the platform adapter's_should_process_message(the earliest gate per message) did NOT check the allowlist — only callbacks did. This adds a uniform check at the adapter level so unauthorized messages are dropped before they even enter the gateway-runner dispatch flow.This pairs with the (still-pending) #24468 salvage which fixes the fail-OPEN default in
_is_callback_user_authorizedwhenTELEGRAM_ALLOWED_USERSis empty.Changes
gateway/platforms/telegram.py::_should_process_message: check_is_callback_user_authorizedfor the sender; drop with warning if unauthorized.Validation
scripts/run_tests.sh tests/gateway/test_telegram_group_gating.py tests/gateway/test_telegram_mention_boundaries.py -q→ 36/36 passing.Authorship preserved via cherry-pick.