fix(gateway): honor config-driven access policies over legacy env fallbacks#34515
Closed
Frowtek wants to merge 1 commit into
Closed
fix(gateway): honor config-driven access policies over legacy env fallbacks#34515Frowtek wants to merge 1 commit into
Frowtek wants to merge 1 commit into
Conversation
teknium1
added a commit
that referenced
this pull request
May 29, 2026
…#34515) Config-driven platform policies (dm_policy / group_policy / allow_from / group_allow_from) for WeCom, Weixin, Yuanbao, and QQBot now work without also setting a PLATFORM_ALLOWED_USERS env var. These adapters enforce their access policy at intake — a message is dropped inside the adapter and never dispatched unless it already passed the policy. The gateway's env-based check (_is_user_authorized) ran afterward and, with no env allowlist set, fell through to an env-only default-deny — silently rejecting `dm_policy: open` and config-only allowlists the adapter had already authorized. Rather than re-implement each adapter's policy a second time in run.py (which would drift), adapters that own their gate now declare it via a new BasePlatformAdapter.enforces_own_access_policy property (default False). The gateway trusts that flag and skips the env-only default-deny for those platforms. Env allowlists still take precedence when set. Also resolves unauthorized DM behavior from config dm_policy so allowlist / disabled policies drop unauthorized DMs silently instead of leaking pairing codes, while an explicit pairing policy opts back in. Co-authored-by: Frowtek <frowte3k@gmail.com>
Contributor
|
Thanks for catching this, @Frowtek. The bug was real and confirmed on main: WeCom, Weixin, Yuanbao, and QQBot enforce their We took your fix in a slightly different shape to avoid maintaining a second copy of each adapter's policy logic in Closing in favor of the merged PR. Appreciate the contribution! |
KKT-OPT
pushed a commit
to KKT-OPT/hermes-agent
that referenced
this pull request
May 31, 2026
…NousResearch#34515) Config-driven platform policies (dm_policy / group_policy / allow_from / group_allow_from) for WeCom, Weixin, Yuanbao, and QQBot now work without also setting a PLATFORM_ALLOWED_USERS env var. These adapters enforce their access policy at intake — a message is dropped inside the adapter and never dispatched unless it already passed the policy. The gateway's env-based check (_is_user_authorized) ran afterward and, with no env allowlist set, fell through to an env-only default-deny — silently rejecting `dm_policy: open` and config-only allowlists the adapter had already authorized. Rather than re-implement each adapter's policy a second time in run.py (which would drift), adapters that own their gate now declare it via a new BasePlatformAdapter.enforces_own_access_policy property (default False). The gateway trusts that flag and skips the env-only default-deny for those platforms. Env allowlists still take precedence when set. Also resolves unauthorized DM behavior from config dm_policy so allowlist / disabled policies drop unauthorized DMs silently instead of leaking pairing codes, while an explicit pairing policy opts back in. Co-authored-by: Frowtek <frowte3k@gmail.com>
18 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What does this PR do?
Fixes gateway authorization so config-driven access policies are enforced before the legacy env-based fallback.
Before this change, documented platform policies such as
dm_policy,allow_from,group_policy, andgroup_allow_fromcould be ignored when no env allowlist was set, causing the gateway to deny requests before adapter-level policy logic could run. This PR aligns gateway auth with the configured platform policy surface and keeps unauthorized DM behavior consistent with those policies.Related Issue
N/A
Type of Change
Changes Made
gateway/run.pyWECOM,WEIXIN,YUANBAO, andQQBOTallowlist/disabledpolicies do not fall through to pairingtests/gateway/test_unauthorized_dm_behavior.pyfor:How to Test
tests/gateway/test_unauthorized_dm_behavior.pytests/gateway/test_wecom.pytests/gateway/test_weixin.pytests/gateway/test_qqbot.pytests/gateway/test_platform_registry.pytests/gateway/test_telegram_group_gating.pytests/gateway/test_whatsapp_group_gating.pytests/test_yuanbao_pipeline.pyChecklist
Code
pytest tests/ -qand all tests passDocumentation & Housekeeping
docs/, docstrings) — or N/Acli-config.yaml.exampleif I added/changed config keys — or N/ACONTRIBUTING.mdorAGENTS.mdif I changed architecture or workflows — or N/AScreenshots / Logs
Test result for the targeted regression/platform suite:
505 passed, 4 warningsWarnings were pre-existing runtime warnings in
tests/gateway/test_qqbot.pyand are not caused by this change.