diff --git a/Common/Telegram Commands/README.md b/Common/Telegram Commands/README.md index 48e9260..00f1471 100644 --- a/Common/Telegram Commands/README.md +++ b/Common/Telegram Commands/README.md @@ -25,6 +25,16 @@ Commands should start with "/" (e.g., `/status`, `/lights_on`, `/arm_alarm`). Th Each command has its own callback action that executes when received. +## Access Control + +You can restrict which Telegram chats are allowed to trigger the automation by specifying **Allowed Chat IDs**: + +- Leave empty to allow commands from any chat (no filtering) +- Add specific chat IDs to restrict access to those chats only +- Supports user IDs (positive numbers) and group IDs (negative numbers) + +This is useful for security-sensitive commands like arming alarms or controlling locks. + ## Author Alexei Dolgolyov (dolgolyov.alexei@gmail.com) diff --git a/Common/Telegram Commands/blueprint.yaml b/Common/Telegram Commands/blueprint.yaml index 30aed62..861f3a2 100644 --- a/Common/Telegram Commands/blueprint.yaml +++ b/Common/Telegram Commands/blueprint.yaml @@ -11,6 +11,24 @@ blueprint: domain: automation input: + # ------------------------------------------------------------------------- + # Access Control + # ------------------------------------------------------------------------- + access_group: + name: "Access Control" + collapsed: true + input: + allowed_chat_ids: + name: Allowed Chat IDs + description: > + List of Telegram chat IDs allowed to trigger this automation. + Leave empty to allow all chat IDs (no filtering). + Can be user IDs (positive) or group IDs (negative). + default: [] + selector: + text: + multiple: true + # ------------------------------------------------------------------------- # Command Configuration # ------------------------------------------------------------------------- @@ -120,6 +138,7 @@ variables: # Input references commands: !input commands answers: !input answers + allowed_chat_ids: !input allowed_chat_ids # Callback references (needed for condition checks) command_1_callback: !input command_1_callback @@ -136,6 +155,10 @@ variables: chat_id: "{{ trigger.event.data.chat_id | default('') }}" user_id: "{{ trigger.event.data.user_id | default('') }}" + # Check if chat ID is allowed (empty list = allow all) + is_chat_allowed: > + {{ allowed_chat_ids | length == 0 or (chat_id | string) in allowed_chat_ids }} + # Find the index of the received command in our list # Returns -1 if command not found or callback is empty command_index: > @@ -151,11 +174,11 @@ variables: is_debug: false # ============================================================================= -# Condition - Only proceed if we received a valid command +# Condition - Only proceed if we received a valid command from allowed chat # ============================================================================= condition: - condition: template - value_template: "{{ received_command != '' and command_index >= 0 }}" + value_template: "{{ received_command != '' and command_index >= 0 and is_chat_allowed }}" # ============================================================================= # Actions @@ -176,10 +199,12 @@ action: Received command: {{ received_command }} Chat ID: {{ chat_id }} User ID: {{ user_id }} + Chat allowed: {{ is_chat_allowed }} Command index: {{ command_index }} Commands list: {{ commands }} Answers list: {{ answers }} + Allowed chat IDs: {{ allowed_chat_ids if allowed_chat_ids | length > 0 else '(all)' }} # --------------------------------------------------------------------------- # Execute Command Callback diff --git a/manifest.json b/manifest.json index b94e5d0..230d39d 100644 --- a/manifest.json +++ b/manifest.json @@ -1,3 +1,3 @@ { - "version": "1.29.0" + "version": "1.30.0" }