I'm new to do this kind of project. My goals is to build a telegram bot to forward user(s) message from the bot to a channel. Right now I'm facing that some users abuse to send junk message that disturbs a lot. So, is it possible to blacklist some user from using the bot?
My sourcecode is here Go to GitHub
Bots can't block users (like users can block bots), but you can choose to just not handle updates that come from a specific user id. What I usually do in such cases is to use a telegram.ext.TypeHandler(telegram.Update, callback) where callback looks something like
def callback(update, context):
if update.effective_user and update.effective_user in blocked_users:
# This stops any other handlers in higher groups from running
raise DispatcherHandlerStop
Then register it to a low group for the dispatcher (dispatcher.add_handler(…, group=-1)).
Please have a look at the docs of TypeHandler, DispatcherHandlerStop and add_handler for more info :)
One way to keep track of the blocked_users is to store that list in context.bot_data.
Disclaimer: I'm currently the maintainer of python-telegram-bot.
There isn't any native way to do that, however you can have a list of blocked users (preferably a separate JSON file for that extra modularity) and every time the bot is used, check if the user is in that list:
def start(update, context):
if update.effective_user.id in blacklist:
pass # or do whatever you want
Related
Someone set up Matterbridge to transfer the contents of a Telegram channel into a Mattermost channel. To do this, they created a Telegram bot.
Unfortunately, the person has disappeared (Covid?), and we don't have full details of the account used to set up the bot.
We do have the Bot Token (from the Matterbridge config file).
Is there any way we can find out more about the bot, change its settings, join it to other channels, etc?
A bot's token allows you to do anything the Bot API is capable of doing. You can check a list of available methods here https://core.telegram.org/bots/api#available-methods.
"Is there any way we can find out more about the bot"
Some limited info, yes. Try calling https://api.telegram.org/botBOT_TOKEN/getMe and /getWebhookInfo.
You might be able to get a webhook url - in case it was set up to use one.
"... change its settings"
Rather not. You'd need access to wherever the bot is hosted. It's not possible to tell exactly without knowing how the bot works. But anything specific found within the bot's processing script/program will not be accessible to you.
"...join it to other channels"
Yes. As answered here. Though it may not be useful to do. Depends on how the bot is set up to work.
I was looking into Microsoft Graph Postman Collections but could not locate the tenantID, serviceURL or userID?
Is there a way to fetch userID, tenantID and serviceURL from MSTeams?
As the other answer mentions, you can get this via the "context" object, which in turn means you need to create a Teams application, and it must include a Tab. There is another similar option, which is to create a Bot for Teams, and when the user installs the bot, either 1-1, or into a channel or group chat, you get the chance to retrieve that information. You can see more about that here, including some options based on the type of bot and when you want to retrieve the information.
If it's ok to have an app, then simply go ahead with this approach. If you really don't -want the user to interact with an app, then you could consider the following:
create the application (e.g. a bot) in order to get the context you need
Auto-install the bot, as per this Graph call
Retrieve and save the information in the conversationUpdate, which is fired when you bot is installed by the user / team / chat
Auto uninstall the app using this Graph call
However, you haven't explained why you need those bits of information. That set is often used to send a proactive message from a bot, and if that's what you're trying to do, you'll need the bot anyway.
Please take a look at Get context using Microsoft Teams javascript library.
// Call the initialize API first
microsoftTeams.initialize();
// Check the initial theme user chose and respect it
microsoftTeams.getContext(function (context) {
if (context) {
console.log(context);
}
});
I am using the telegram bot api to make a bot. I have some commands that can only be sent from admins. Like kick and ban commands. How do I check if the sender is an admin or not? I am using the python-telegram-bot api. I do not want everyone to be able to ban members.
You can use getChatMember method. See following instance:
I have found after searching a bit. The admin status is stored under Telegram.ChatMember.status. It is documented here. It is used by bot.get_chat_member(chat_id, user_id). And then getting status in it.
The other answers are correct, but require an additional call to the API. An efficient solution is to cache the list of admins.
A good solution for this is described here, copied below:
Cached Telegram group administrator check
If you want to limit certain bot functions to group administrators, you have to test if a user is an administrator in the group in question. This however requires an extra API request, which is why it can make sense to cache this information for a certain time, especially if your bot is very busy.
This snippet requires this timeout-based cache decorator. (gist mirror)
Save the decorator to a new file named mwt.py and add this line to your imports:
from mwt import MWT
Then, add the following decorated function to your script. You can change the timeout as required.
#MWT(timeout=60*60)
def get_admin_ids(bot, chat_id):
"""Returns a list of admin IDs for a given chat. Results are cached for 1 hour."""
return [admin.user.id for admin in bot.get_chat_administrators(chat_id)]
You can then use the function like this:
if update.message.from_user.id in get_admin_ids(bot, update.message.chat_id):
# admin only
Note: Private chats and groups with all_members_are_administrator flag, are not covered by this snippet. Make sure you handle them.
I have a question about option in CRM > LEAD "Log an internal note", when switch on Log an internal note and send message my followers also receive this message on email. I won't that.
In module stay: "Log an internal note which will not be sent to followers, but which can be read by users accessing this document.
Note: I won't remove this user from folower list!
Any solution?
Log internal note is a functional feature that you put comment without disturbing followers and if you want to notify all then you must send a message. Although if you want to notify person discussion list in your notes then user must use mention feature (# #) If you user # (at) sign then you can alter some specific user and if you user # (hash) will give you discussion list to be notified.
If you still want to force do that then using development you can set comments (mail.message) type from comment to email by over-riding def create for mail.message.
Bests
I have this question in mind and I wanted to get other developer's opinion on this issue.
For creating a user (like in Facebook or creating an account in Gmail), some people suggested to have an public/private (means we don't tell developers how to use it) action in API for it. I, however, think it is a security risk as even if it is not documented, a hacker can simple see the calls and http requests when our front-end app is using that api action to create a new user (using a web debugger like fiddler) and can find the url to that action so simple ! like this POST ~/api/user/create
and then he/she can send thousands of requests to create user, users needs to be verified but still he/she is adding a lot of junk users in our database and puts a lot of pressure on our servers.
So the question is how do we handle this? Allow this only on our website or what?
Thanks
You can use CAPTCHA to verify that's a real user.