access.md

🔒 Access

This bot employs access control to decide who can use its services and manage its configuration.

👋 Joining rooms

The bot automatically joins rooms only when invited by someone considered a bot 👥 user.

👥 Users

The bot can be used by users that match some dynamically configured Matrix user id patterns.

Users:

• ✅ can invite the bot to rooms
• ✅ can use all the bot's features (💬 Text Generation, 🦻 Speech-to-Text, etc.) by sending room messages
• ✅ can mention the bot in threads and reply chains to provoke it to respond to non-user messages (see 🌟 Features / 💬 Text Generation / On-demand involvement)
• ✅ can change the bot's configuration in a room (e.g. !bai config room ... commands)
• ❌ cannot change the bot's global configuration (e.g. !bai config global ... commands)
• ❌ cannot create new 🤖 Agents (neither in rooms, nor globally). See 💼 Room-local agent managers for controlling which users can create agents.

The following commands are available:

• Show the currently allowed users: !bai access users
• Set the list of allowed users: !bai access set-users SPACE_SEPARATED_PATTERNS

Example patterns: @*:example.com @*:another.com @someone:company.org

👮‍♂️ Administrators

Administrators can manage the bot's configuration and access control.

Administrators are 👥 Users and 💼 Room-local agent managers implicitly, so they inherit all their permissions.

The bot can be administrated by users that match some statically configured Matrix user id patterns.

Administrators cannot be changed without adjusting the bot's configuration on the server.

💼 Room-local agent managers

Room-local agent managers are users privileged to create their own agents (see !bai agent) in rooms.

The following commands are available:

• Show the currently allowed users: !bai access room-local-agent-managers
• Set the list of allowed users: !bai access set-room-local-agent-managers SPACE_SEPARATED_PATTERNS

Example patterns: @*:example.com @*:another.com @someone:company.org