Fimeg/lettabot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: default to allowlist for dedicated numbers in onboarding (#100)

Browse Source 
When user selects "dedicated bot number" mode (selfChatMode=false),
skip the dmPolicy question and default to allowlist. Prompt for
allowed phone numbers immediately.

This is simpler and safer than pairing mode, which sends codes to
whoever messages the bot.

Users who want pairing or open mode can edit lettabot.yaml manually.

Also updates docs to reflect the new defaults.

Written by Cameron ◯ Letta Code

"Simplicity is the ultimate sophistication." - Leonardo da Vinci
This commit is contained in:
Cameron
2026-02-03 12:30:27 -08:00
committed by GitHub
parent b8968a8732
commit 12871128e1
4 changed files with 33 additions and 58 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
docs/configuration.md
View File

@@ -117,8 +117,12 @@ All channels share these common options:
### DM Policies
- **`pairing`** (recommended): New users get a code, approve with `lettabot pairing approve`
- **`allowlist`**: Only specified user IDs can message
**Note:** For WhatsApp/Signal with `selfChat: true` (personal number), dmPolicy is ignored - only you can message via "Message Yourself" / "Note to Self".
For dedicated bot numbers (`selfChat: false`), onboarding defaults to **allowlist**:
- **`allowlist`** (default for dedicated numbers): Only specified phone numbers can message
- **`pairing`**: New users get a code, approve with `lettabot pairing approve`
- **`open`**: Anyone can message (not recommended)
### Channel-Specific Options

7
docs/signal-setup.md
View File

@@ -46,13 +46,12 @@ SIGNAL_PHONE_NUMBER=+17075204676
# SIGNAL_HTTP_HOST=127.0.0.1
# SIGNAL_HTTP_PORT=8090
# Optional: DM access policy (default: pairing)
# SIGNAL_DM_POLICY=pairing
# Optional: Self-chat mode for "Note to Self" (default: true)
# SIGNAL_SELF_CHAT_MODE=true
```
**Note:** For personal numbers (`selfChatMode: true`), `dmPolicy` is ignored - only you can message via "Note to Self". For dedicated bot numbers, onboarding defaults to `allowlist`.
## How It Works
LettaBot automatically:
@@ -66,7 +65,7 @@ The daemon runs on port 8090 by default to avoid conflicts with other services.
- **Direct Messages** - Receive and respond to DMs
- **Note to Self** - Use Signal's "Note to Self" feature to message yourself (selfChatMode)
- **Pairing System** - Unknown senders get a pairing code (same as Telegram)
- **Allowlist** - For dedicated numbers, only pre-approved phone numbers can message
## Troubleshooting

9
docs/whatsapp-setup.md
View File

@@ -24,8 +24,7 @@ Add to your `lettabot.yaml` or set environment variables:
channels:
whatsapp:
enabled: true
selfChatMode: true # IMPORTANT: See below
dmPolicy: pairing # or 'allowlist' or 'open'
selfChat: true # IMPORTANT: See below
```
Or via environment variables:
@@ -34,12 +33,10 @@ Or via environment variables:
# WhatsApp Configuration
WHATSAPP_ENABLED=true
WHATSAPP_SELF_CHAT_MODE=true # CRITICAL - see below
WHATSAPP_DM_POLICY=pairing
# Optional: Restrict to specific phone numbers (if dmPolicy=allowlist)
# WHATSAPP_ALLOWED_USERS=+15551234567,+15559876543
```
**Note:** For personal numbers (`selfChat: true`), `dmPolicy` is ignored - only you can message via "Message Yourself". For dedicated bot numbers, onboarding defaults to `allowlist`.
### Self-Chat Mode (Critical Safety Setting)
**`selfChatMode: true`** (default, recommended for personal numbers):

41
src/onboard.ts
View File

@@ -868,23 +868,9 @@ async function stepChannels(config: OnboardConfig, env: Record<string, string>):
}
}
// Access control only matters for dedicated numbers
// Dedicated numbers use allowlist by default
if (config.whatsapp.selfChat === false) {
const dmPolicy = await p.select({
message: 'WhatsApp: Who can message the bot?',
options: [
{ value: 'pairing', label: 'Pairing (recommended)', hint: 'Requires CLI approval' },
{ value: 'allowlist', label: 'Allowlist only', hint: 'Specific phone numbers' },
{ value: 'open', label: 'Open', hint: '⚠️ Anyone (not recommended - full account access!)' },
],
initialValue: config.whatsapp.dmPolicy || 'pairing',
});
if (!p.isCancel(dmPolicy)) {
config.whatsapp.dmPolicy = dmPolicy as 'pairing' | 'allowlist' | 'open';
if (dmPolicy === 'pairing') {
p.log.info('Users will get a code. Approve with: lettabot pairing approve whatsapp CODE');
} else if (dmPolicy === 'allowlist') {
config.whatsapp.dmPolicy = 'allowlist';
const users = await p.text({
message: 'Allowed phone numbers (comma-separated, with +)',
placeholder: '+15551234567,+15559876543',
@@ -893,7 +879,8 @@ async function stepChannels(config: OnboardConfig, env: Record<string, string>):
if (!p.isCancel(users) && users) {
config.whatsapp.allowedUsers = users.split(',').map(s => s.trim()).filter(Boolean);
}
}
if (!config.whatsapp.allowedUsers?.length) {
p.log.warn('No allowed numbers set. Bot will reject all messages until you add numbers to lettabot.yaml');
}
}
}
@@ -931,22 +918,9 @@ async function stepChannels(config: OnboardConfig, env: Record<string, string>):
}
// Access control only matters for dedicated numbers
// Dedicated numbers use allowlist by default
if (config.signal.selfChat === false) {
const dmPolicy = await p.select({
message: 'Signal: Who can message the bot?',
options: [
{ value: 'pairing', label: 'Pairing (recommended)', hint: 'Requires CLI approval' },
{ value: 'allowlist', label: 'Allowlist only', hint: 'Specific phone numbers' },
{ value: 'open', label: 'Open', hint: 'Anyone (not recommended)' },
],
initialValue: config.signal.dmPolicy || 'pairing',
});
if (!p.isCancel(dmPolicy)) {
config.signal.dmPolicy = dmPolicy as 'pairing' | 'allowlist' | 'open';
if (dmPolicy === 'pairing') {
p.log.info('Users will get a code. Approve with: lettabot pairing approve signal CODE');
} else if (dmPolicy === 'allowlist') {
config.signal.dmPolicy = 'allowlist';
const users = await p.text({
message: 'Allowed phone numbers (comma-separated, with +)',
placeholder: '+15551234567,+15559876543',
@@ -955,7 +929,8 @@ async function stepChannels(config: OnboardConfig, env: Record<string, string>):
if (!p.isCancel(users) && users) {
config.signal.allowedUsers = users.split(',').map(s => s.trim()).filter(Boolean);
}
}
if (!config.signal.allowedUsers?.length) {
p.log.warn('No allowed numbers set. Bot will reject all messages until you add numbers to lettabot.yaml');
}
}
}