Skip to content

feat(config): add explicit allow_all_channels / allow_all_users flags #475

Closed
#476
Closed
feat(config): add explicit allow_all_channels / allow_all_users flags#475
#476
Labels
discordfeatureneeds-triage
@thepagent

Description

@thepagent
thepagent
opened on Apr 19, 2026

Description

Introduce explicit boolean flags allow_all_channels and allow_all_users to replace the overloaded empty-list semantics for allowed_channels and allowed_users, and revert #398 which made allowed_channels = [] deny-all.

With explicit flags, the empty-list hack from #398 is no longer needed — the flags become the single source of truth for access control.

Before vs After

Intent Before (#398 reverted) After (proposed)
Allow all channels allowed_channels = [] allow_all_channels = true (default)
Restrict to specific channels allowed_channels = ["123"] allow_all_channels = false + allowed_channels = ["123"]
Deny all channels Not possible allow_all_channels = false + allowed_channels = []
Allow all users allowed_users = [] allow_all_users = true (default)
Restrict to specific users allowed_users = ["456"] allow_all_users = false + allowed_users = ["456"]
Deny all users Not possible allow_all_users = false + allowed_users = []

Proposed Config

[discord]
allow_all_channels = false
allowed_channels = ["123456789"]
allow_all_users = true
allowed_users = []
allow_all_* allowed_* Result
true (default) ignored Allow all
false ["123"] Only listed
false [] Deny all

Auto-detect when flags are undefined

When allow_all_channels / allow_all_users is not explicitly set in config.toml, infer from the list:

if allow_all_channels is explicitly set:
    use it
else:
    if allowed_channels is non-empty:
        allow_all_channels = false   # respect the list
    else:
        allow_all_channels = true    # allow all

Same logic for allow_all_users. This ensures zero config changes for any existing deployment.

Helm: always render explicit flags

The Helm chart should always emit explicit flags in the rendered config.toml so there is no ambiguity at runtime:

# Helm-rendered config.toml — all flags explicit, no inference needed
[discord]
bot_token = "${DISCORD_BOT_TOKEN}"
allow_all_channels = false
allowed_channels = ["123456789"]
allow_all_users = true
allowed_users = []
allow_bot_messages = "mentions"
allow_user_messages = "multibot-mentions"

Helm template logic — auto-infer from list if user does not explicitly set the flag:

allow_all_channels = {{ if hasKey .discord "allowAllChannels" }}{{ .discord.allowAllChannels }}{{ else if .discord.allowedChannels }}false{{ else }}true{{ end }}
allow_all_users = {{ if hasKey .discord "allowAllUsers" }}{{ .discord.allowAllUsers }}{{ else if .discord.allowedUsers }}false{{ else }}true{{ end }}

This way:

  • Existing Helm users with allowedChannels: ["123"] → rendered as allow_all_channels = false automatically
  • New users can explicitly set allowAllChannels: true/false
  • The config.toml is always fully explicit — no inference needed in the Rust code

Implementation Plan

  1. Revert fix(discord/slack/helm): empty allowed_channels denies all channels (secure by default) #398 — restore allowed_channels = [] to mean allow-all (original behavior)
  2. Add allow_all_channels (default true) and allow_all_users (default true) to config
  3. Rust runtime: when flag is explicitly set, use it; when undefined, auto-detect from list
  4. Helm chart: always render explicit flags in config.toml (auto-infer from list if flag not set by user)
  5. Update docs, config.toml.example, and Helm chart validation

Use Case

Related

Metadata

Metadata

Assignees

No one assigned

    Labels

    discordfeatureneeds-triage

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions