@@ -28,20 +28,27 @@ def extract_command(text: Optional[str]) -> Optional[str]:
2828 return command
2929
3030
31- def _load_config (config_path : Path = DEFAULT_CONFIG_PATH ) -> tuple [list [str ], dict [str , str ]]:
32- """Load agent/local commands from TOML config file."""
31+ def _load_config (config_path : Path = DEFAULT_CONFIG_PATH ) -> tuple [list [str ], dict [str , str ], list [int | str ]]:
32+ """Load commands and security config from TOML config file.
33+
34+ Returns:
35+ Tuple of (agent_commands, local_commands, user_whitelist).
36+ """
3337 if not config_path .exists ():
34- return [], {}
38+ return [], {}, [ 'all' ]
3539
3640 try :
3741 with config_path .open ('rb' ) as f :
3842 data = tomllib .load (f )
43+
44+ # Load agent commands
3945 agent_commands = data .get ('agent_commands' , {}).get ('commands' , [])
4046 if not isinstance (agent_commands , list ):
4147 logger .warning ("Agent commands config is not a list; ignoring configuration" )
4248 agent_commands = []
4349 agent_commands = [cmd for cmd in agent_commands if isinstance (cmd , str )]
4450
51+ # Load local commands
4552 local_commands_raw = data .get ('local_commands' , {})
4653 if not isinstance (local_commands_raw , dict ):
4754 logger .warning ("Local commands config is not a table; ignoring configuration" )
@@ -52,10 +59,28 @@ def _load_config(config_path: Path = DEFAULT_CONFIG_PATH) -> tuple[list[str], di
5259 if isinstance (name , str ) and isinstance (value , str )
5360 }
5461
55- return agent_commands , local_commands
62+ # Load security whitelist
63+ security = data .get ('security' , {})
64+ whitelist = security .get ('user_whitelist' , ['all' ])
65+ if not isinstance (whitelist , list ):
66+ logger .warning ("user_whitelist is not a list; using default ['all']" )
67+ whitelist = ['all' ]
68+ else :
69+ validated = []
70+ for item in whitelist :
71+ if item == 'all' :
72+ validated .append ('all' )
73+ elif isinstance (item , int ):
74+ validated .append (item )
75+ else :
76+ logger .warning (f"Invalid whitelist entry: { item } ; skipping" )
77+ whitelist = validated if validated else ['all' ]
78+
79+ return agent_commands , local_commands , whitelist
80+
5681 except (OSError , tomllib .TOMLDecodeError ) as exc : # pragma: no cover - defensive logging
57- logger .warning ("Failed to load command configuration: %s" , exc )
58- return [], {}
82+ logger .warning ("Failed to load configuration: %s" , exc )
83+ return [], {}, [ 'all' ]
5984
6085
6186@dataclass
@@ -68,18 +93,20 @@ class Config:
6893 queue_url : str
6994 agent_commands : list [str ]
7095 local_commands : dict [str , str ]
96+ user_whitelist : list [int | str ]
7197
7298 @classmethod
7399 def from_env (cls , config_path : Optional [Path ] = None ) -> 'Config' :
74100 """Load configuration from environment variables."""
75- agent_cmds , local_cmds = _load_config (config_path or DEFAULT_CONFIG_PATH )
101+ agent_cmds , local_cmds , whitelist = _load_config (config_path or DEFAULT_CONFIG_PATH )
76102 return cls (
77103 telegram_token = os .getenv ('TELEGRAM_BOT_TOKEN' , '' ),
78104 agent_server_url = os .getenv ('AGENT_SERVER_URL' , '' ),
79105 auth_token = os .getenv ('SDK_CLIENT_AUTH_TOKEN' , 'default-token' ),
80106 queue_url = os .getenv ('QUEUE_URL' , '' ),
81107 agent_commands = agent_cmds ,
82108 local_commands = local_cmds ,
109+ user_whitelist = whitelist ,
83110 )
84111
85112 def get_command (self , text : Optional [str ]) -> Optional [str ]:
0 commit comments