feat(gateway): allowed_{channels,chats,rooms} whitelist — Slack (salvage #7401) + widening to Telegram/Mattermost/Matrix/DingTalk

[teknium1]

Summary

Adds an allowed_{channels,chats,rooms} whitelist to five gateway platforms. Salvages @CashWilliams's Slack PR #7401 onto current main, fixes a duplicate-key bug it introduced in DEFAULT_CONFIG, and widens the same pattern (already merged for Discord in #7044) to Telegram, Mattermost, Matrix, and DingTalk.

All settings are config.yaml primary, env-var fallback — matching the project policy that .env is for secrets only and behavioral settings belong in config.yaml.

Platforms

Platform	config.yaml key	Env-var fallback	Scope
Slack	slack.allowed_channels	SLACK_ALLOWED_CHANNELS	Channels
Telegram	telegram.allowed_chats	TELEGRAM_ALLOWED_CHATS	Group/supergroup chats
Mattermost	mattermost.allowed_channels	MATTERMOST_ALLOWED_CHANNELS	Channels
Matrix	matrix.allowed_rooms	MATRIX_ALLOWED_ROOMS	Rooms
DingTalk	dingtalk.allowed_chats	DINGTALK_ALLOWED_CHATS	Group chats
Discord (already merged #7044)	discord.allowed_channels	DISCORD_ALLOWED_CHANNELS	Channels

Mattermost and Matrix previously had no config.yaml bridging at all for their gating settings; this PR adds load_gateway_config bridges for them (Mattermost: require_mention + free_response_channels + allowed_channels; Matrix: allowed_rooms on top of existing bridges for require_mention and free_response_rooms).

Semantics (identical everywhere)

• Empty → no restriction. Fully backward compatible.
• Non-empty → hard whitelist. Non-listed chats are silently ignored, even when the bot is @mentioned. The check runs before require_mention / free_response_*.
• DMs bypass the check entirely.

Bugfix

PR #7401 added a new top-level slack block to DEFAULT_CONFIG while another slack block (for channel_prompts) already existed further down. Python dict literals silently drop the earlier key, so allowed_channels, require_mention, and free_response_channels never made it into DEFAULT_CONFIG. Merged into a single block.

Example config.yaml

telegram:
  allowed_chats:
    - -1001234567890
    - -1009876543210

matrix:
  allowed_rooms:
    - '!abc123:matrix.org'

mattermost:
  allowed_channels: [chan_id_a, chan_id_b]

Not included

• Feishu — has its own per-chat rule system (chat_rules) that already covers this differently.
• WhatsApp — already has group_allow_from via group_policy: allowlist.
• Pure-DM platforms (Signal, SMS, BlueBubbles, Yuanbao) — no group/channel concept.

Validation

	Tests
Slack salvage	tests/gateway/test_slack_mention.py — 55/55 passed
Widening (Telegram/DingTalk/Mattermost/Matrix)	tests/gateway/test_allowed_channels_widening.py — 27/27 passed
Regression sweep (slack/telegram/matrix/mattermost/dingtalk/discord/config)	387/387 passed
E2E	load_gateway_config() with all six YAML keys set → correct env vars populated

Credits

• @CashWilliams — original Slack implementation (PR feat(slack): add allowed_channels whitelist config #7401), authorship preserved in commit 0547d8d.
• Closes feat(slack): add allowed_channels whitelist config #7401.

[github-actions]

🔎 Lint report: hermes/hermes-80b9f9ce vs origin/main

ruff

Total: 0 on HEAD, 0 on base (➖ 0)

🆕 New issues: none

✅ Fixed issues: none

Unchanged: 0 pre-existing issues carried over.

ty (type checker)

Total: 7533 on HEAD, 7532 on base (🆕 +1)

🆕 New issues (1):

Rule	Count
unresolved-import	1

First entries

tests/gateway/test_allowed_channels_widening.py:17: [unresolved-import] unresolved-import: Cannot resolve imported module `pytest`

✅ Fixed issues: none

Unchanged: 3955 pre-existing issues carried over.

Diagnostics are surfaced as warnings — this check never fails the build.