From b6105b82142ab20a5e1b5c765fc55e0e92e97a7b Mon Sep 17 00:00:00 2001
From: OG T <ogt@WOOOMacMiniM4.local>
Date: Fri, 3 Apr 2026 00:42:02 +0800
Subject: [PATCH] =?UTF-8?q?fix(ai):=20=E9=A6=96=E5=B8=AD=E6=9E=B6=E6=A7=8B?=
 =?UTF-8?q?=E5=B8=AB=E5=AF=A9=E6=9F=A5=E4=BF=AE=E5=BE=A9=20C1+C2=20(Phase?=
 =?UTF-8?q?=2024=20C)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

C1 — telegram_gateway.py Fail-Closed 白名單:
  白名單為空時 'if whitelist and ...' 為 False → 任何人可執行 /ai
  修復: 'if not whitelist or user_id not in whitelist' Fail-Closed
  加入 whitelist_empty 欄位到 warning log

C2 — openclaw.py list comprehension await 語法錯誤:
  Python 3.11 不支援 list comprehension 中使用 await
  'if not await is_provider_disabled(p)' → SyntaxError
  修復: 改為 for loop 明確 await
  I4: 靜默 except 改為 logger.warning

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 apps/api/src/services/openclaw.py         | 10 +++++++---
 apps/api/src/services/telegram_gateway.py |  5 +++--
 2 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/apps/api/src/services/openclaw.py b/apps/api/src/services/openclaw.py
index 325da25e..fcb1ce1c 100644
--- a/apps/api/src/services/openclaw.py
+++ b/apps/api/src/services/openclaw.py
@@ -960,11 +960,15 @@ class OpenClawService:
                         # 把 primary 移到首位 (保留原始 fallback)
                         provider_order = [_primary] + [p for p in provider_order if p != _primary]
                     # 過濾被停用的 Provider
-                    _filtered = [p for p in provider_order if not await is_provider_disabled(p)]
+                    # C2 修復 (2026-04-03 首席架構師審查): Python 3.11 不支援 list comprehension 中 await
+                    _filtered = []
+                    for _p in provider_order:
+                        if not await is_provider_disabled(_p):
+                            _filtered.append(_p)
                     if _filtered:
                         provider_order = _filtered
-                except Exception:
-                    pass
+                except Exception as _e:
+                    logger.warning("ai_control_override_failed", error=str(_e))
 
                 # Step 3: D7 隱私 — DIAGNOSE/CODE_REVIEW 強制 local
                 require_local = decision.intent in (IntentType.DIAGNOSE, IntentType.CODE_REVIEW)
diff --git a/apps/api/src/services/telegram_gateway.py b/apps/api/src/services/telegram_gateway.py
index 105fead3..d4aa86e2 100644
--- a/apps/api/src/services/telegram_gateway.py
+++ b/apps/api/src/services/telegram_gateway.py
@@ -2800,9 +2800,10 @@ class TelegramGateway:
         # 2. /ai 指令攔截 (Phase 24 C — 2026-04-03 ogt)
         # 白名單: OPENCLAW_TG_USER_WHITELIST (與審核白名單共用)
         if text.strip().lower().startswith("/ai"):
+            # C1 修復 (2026-04-03 首席架構師審查): Fail-Closed — 白名單空時拒絕所有人
             whitelist = settings.get_tg_user_whitelist()
-            if whitelist and user_id not in whitelist:
-                logger.warning("telegram_ai_command_unauthorized", user_id=user_id)
+            if not whitelist or user_id not in whitelist:
+                logger.warning("telegram_ai_command_unauthorized", user_id=user_id, whitelist_empty=not whitelist)
                 await self.send_notification(
                     "⛔ 未授權：/ai 指令僅限白名單用戶",
                     parse_mode="HTML",