fix: ensure captcha and join logic are scoped to the target group

The bot was incorrectly triggering join logic (captcha, welcome message, etc.) for any chat it was an admin of, including channels. This change adds a check to `processJoin` and `handleChatMemberUpdate` to ensure these actions only occur within the configured `GROUP_ID`.

- Added `chatID == targetGroupID` check in `processJoin`.
- Added `pending.ChatID == update.Chat.ID` check in `handleChatMemberUpdate` to prevent cross-chat captcha cleanup.
- Added unit tests to verify the fix.

Co-authored-by: birabittoh <26506860+birabittoh@users.noreply.github.com>

Author: google-labs-jules[bot]

telegram/autoban.go

@@ -49,13 +49,13 @@ func handleChatMemberUpdate(escarbot *EscarBot, update *tgbotapi.ChatMemberUpdat
 	isLeaving := newStatus == "left" || newStatus == "kicked" || newStatus == "banned"
 	if isLeaving && update.NewChatMember.User != nil {
 		userID := update.NewChatMember.User.ID
-		if pending, ok := escarbot.Cache.GetCaptcha(userID); ok {
+		if pending, ok := escarbot.Cache.GetCaptcha(userID); ok && pending.ChatID == update.Chat.ID {
 			if pending.ExpirationTimer != nil {
 				pending.ExpirationTimer.Stop()
 			}
 			deleteMessages(escarbot, update.Chat.ID, pending.CaptchaMsgID)
 			escarbot.Cache.DeleteCaptcha(userID)
-			log.Printf("User %d left the group, pending captcha deleted", userID)
+			log.Printf("User %d left the group %d, pending captcha deleted", userID, update.Chat.ID)
 		}
 	}
 }
@@ -66,6 +66,14 @@ func processJoin(escarbot *EscarBot, chatID int64, user tgbotapi.User, joinMsgID
 		return
 	}
 
+	escarbot.StateMutex.RLock()
+	targetGroupID := escarbot.GroupID
+	escarbot.StateMutex.RUnlock()
+
+	if chatID != targetGroupID {
+		return
+	}
+
 	// Cleanup stale in-memory entries (no-op when Valkey handles TTL).
 	escarbot.Cache.CleanupJoinEntries()
 

telegram/autoban_test.go

@@ -0,0 +1,71 @@
+package telegram
+
+import (
+	"testing"
+
+	tgbotapi "github.com/OvyFlash/telegram-bot-api"
+)
+
+func TestHandleChatMemberUpdateLeaveWrongChat(t *testing.T) {
+	bot := &EscarBot{
+		Cache: NewCache(""), // in-memory mode
+		Bot:   &tgbotapi.BotAPI{}, // Mock
+	}
+
+	userID := int64(123)
+	chatID := int64(100)
+	captchaMsgID := 456
+
+	bot.Cache.SetCaptcha(userID, &PendingCaptcha{
+		UserID:       userID,
+		ChatID:       chatID,
+		CaptchaMsgID: captchaMsgID,
+	}, 0)
+
+	// Leave from different chat
+	update := &tgbotapi.ChatMemberUpdated{
+		Chat: tgbotapi.Chat{ID: 200},
+		OldChatMember: tgbotapi.ChatMember{Status: "member"},
+		NewChatMember: tgbotapi.ChatMember{
+			Status: "left",
+			User:   &tgbotapi.User{ID: userID},
+		},
+	}
+
+	handleChatMemberUpdate(bot, update)
+
+	if !bot.Cache.HasCaptcha(userID) {
+		t.Errorf("handleChatMemberUpdate() should NOT have deleted captcha for wrong chatID")
+	}
+
+	// Leave from correct chat
+	update.Chat.ID = chatID
+	handleChatMemberUpdate(bot, update)
+
+	if bot.Cache.HasCaptcha(userID) {
+		t.Errorf("handleChatMemberUpdate() SHOULD have deleted captcha for correct chatID")
+	}
+}
+
+func TestProcessJoinIgnoresOtherChats(t *testing.T) {
+	bot := &EscarBot{
+		Cache:   NewCache(""), // in-memory mode
+		GroupID: 100,
+	}
+
+	user := tgbotapi.User{ID: 123, FirstName: "TestUser"}
+
+	// Test join in wrong chat
+	processJoin(bot, 200, user, 1)
+
+	// Since we can't easily check internal flow without mocking a lot,
+	// let's check if a JoinEntry was created.
+	// processJoin would create a JoinEntry early for the correct chat.
+	if _, exists := bot.Cache.GetJoinEntry(user.ID); exists {
+		t.Errorf("processJoin() should NOT have created join entry for wrong chatID")
+	}
+
+	// Now try correct chatID
+	// It should proceed and eventually reach SetJoinEntry before possibly crashing/failing on Bot calls.
+	// But let's just use the early return check.
+}