hermes-agent/plugins/platforms
SahilRakhaiya05 bb304b4914 fix(gateway): fail-closed external-surface defaults + profile-aware multiplex authz
Aligns runtime behaviour with SECURITY.md 2.6: externally reachable
messaging adapters must fail closed unless access is explicitly
configured. Closes the confirmed multiplex authorization bypass a
secondary profile's open dm/group policy no longer inherits the default
profile's allowlist trust.

- Own-policy adapters (WhatsApp, WeCom, Weixin, QQBot, Yuanbao) default
  dm_policy/group_policy to pairing/allowlist instead of open; open now
  requires an explicit GATEWAY_ALLOW_ALL_USERS or per-platform allow-all.
- Startup guard (_own_policy_open_startup_violation) refuses to boot when
  an enabled adapter is open without the allow-all opt-in; the guard now
  runs for every secondary profile in multiplex mode too.
- Profile-aware own-policy authorization: _authorization_adapter /
  _adapter_for_source resolve the live adapter via SessionSource.profile,
  so _is_user_authorized and the ingress/pairing/busy/queue paths read the
  originating profile's adapter policy, not the default profile's.
- Fail-closed intake for Email, Feishu P2P, and Discord (blank-principal
  denial, empty-allowlist deny, missing-interaction.user deny).

Salvaged from #44073 (external-surface hardening), split into a focused
gateway-authz PR per maintainer request. Follow-up fix by Hermes Agent:
the Discord slash-auth channel bypass now matches DISCORD_ALLOWED_CHANNELS
by the same name-inclusive keys (id + name + #name + parent) the on_message
scope gate uses, so a name-form channel allowlist authorizes slash
interactions consistently (was id-only, breaking #name matching).

Co-authored-by: Hermes Agent <agent@nousresearch.com>
2026-07-01 03:56:28 -07:00
..
dingtalk fix(telegram): preserve Bot API update queue on watcher reconnect 2026-06-25 21:29:57 -07:00
discord fix(gateway): fail-closed external-surface defaults + profile-aware multiplex authz 2026-07-01 03:56:28 -07:00
email fix(gateway): fail-closed external-surface defaults + profile-aware multiplex authz 2026-07-01 03:56:28 -07:00
feishu fix(gateway): fail-closed external-surface defaults + profile-aware multiplex authz 2026-07-01 03:56:28 -07:00
google_chat fix(telegram): preserve Bot API update queue on watcher reconnect 2026-06-25 21:29:57 -07:00
homeassistant fix(telegram): preserve Bot API update queue on watcher reconnect 2026-06-25 21:29:57 -07:00
irc fix(telegram): preserve Bot API update queue on watcher reconnect 2026-06-25 21:29:57 -07:00
line fix(telegram): preserve Bot API update queue on watcher reconnect 2026-06-25 21:29:57 -07:00
matrix fix(matrix): block unsafe image redirects per-hop 2026-07-01 02:44:57 -07:00
mattermost fix(matrix,mattermost): invite auth check + API path traversal guard 2026-06-28 20:47:33 -07:00
ntfy fix(telegram): preserve Bot API update queue on watcher reconnect 2026-06-25 21:29:57 -07:00
photon revert(windows): roll back terminal-popup PRs #53791 #53810 #53829 (#53853) 2026-06-27 15:59:00 -07:00
raft feat(raft): add gateway setup wizard 2026-07-01 02:45:11 -07:00
simplex fix(telegram): preserve Bot API update queue on watcher reconnect 2026-06-25 21:29:57 -07:00
slack feat(cron/slack): flat in-channel continuable cron delivery surface 2026-07-01 03:16:13 -07:00
sms fix(telegram): preserve Bot API update queue on watcher reconnect 2026-06-25 21:29:57 -07:00
teams fix(telegram): preserve Bot API update queue on watcher reconnect 2026-06-25 21:29:57 -07:00
telegram fix(telegram): keep polling alive during transient bootstrap outages 2026-07-01 03:42:32 -07:00
wecom fix(gateway): fail-closed external-surface defaults + profile-aware multiplex authz 2026-07-01 03:56:28 -07:00
whatsapp fix(gateway): fail-closed external-surface defaults + profile-aware multiplex authz 2026-07-01 03:56:28 -07:00