fix(telegram): apply bot auth policy to Telegram sources

[sweetcornna]

Problem

When two Hermes profiles use separate Telegram bot tokens while polling the same account, one profile's outbound bot message can be delivered to the other gateway. Telegram messages did not carry the sender's bot-origin flag into SessionSource, so those bot messages were evaluated as ordinary human messages and could trigger echo replies.

Closes #32188.

Root Cause

Two Telegram-specific pieces were missing from the existing bot-auth path:

• gateway/platforms/telegram.py did not pass python-telegram-bot's user.is_bot through build_source(...).
• gateway/authz_mixin.py had allow-bots env mappings for Discord and Feishu, but not Telegram.
• gateway/config.py did not bridge telegram.allow_bots from config.yaml into TELEGRAM_ALLOW_BOTS.

Fix

• Added Platform.TELEGRAM: "TELEGRAM_ALLOW_BOTS" to the gateway bot-policy map.
• Propagated Telegram sender is_bot into SessionSource during message event construction.
• Bridged telegram.allow_bots from config YAML into TELEGRAM_ALLOW_BOTS while preserving env-var precedence.
• Added Telegram regression coverage for auth policy, adapter source propagation, and config bridging.
• Updated existing Discord/Feishu cross-platform leak tests to clear TELEGRAM_ALLOW_BOTS, since Telegram now has its own bot policy.

Review State

• Rebased onto current upstream/main at 9c051f57c3b1e9962feef958710ee58fa8ca2444.
• No PR comments or reviews were present when refreshed.
• The fork branch ref is now 02c5628e407e81200f8de2f9a6c37ce978f4e12b.

Verification

RED on current main before the fix:

• .venv\Scripts\python.exe -m pytest tests\gateway\test_telegram_bot_auth_bypass.py tests\gateway\test_config.py::TestLoadGatewayConfig::test_bridges_telegram_allow_bots_from_config_yaml_to_env tests\gateway\test_config.py::TestLoadGatewayConfig::test_telegram_allow_bots_env_takes_precedence_over_config_yaml -q --timeout-method=thread -> 5 failed, 4 passed.

GREEN after the fix:

• Same targeted command -> 9 passed.
• .venv\Scripts\python.exe -m pytest tests\gateway\test_telegram_bot_auth_bypass.py tests\gateway\test_config.py tests\gateway\test_discord_bot_auth_bypass.py tests\gateway\test_feishu_bot_auth_bypass.py tests\gateway\test_telegram_format.py tests\gateway\test_telegram_mention_boundaries.py tests\gateway\test_telegram_reply_mode.py tests\gateway\test_telegram_reply_quote.py -q --timeout-method=thread -> 250 passed.
• .venv\Scripts\ruff.exe check gateway\authz_mixin.py gateway\config.py gateway\platforms\telegram.py tests\gateway\test_config.py tests\gateway\test_telegram_bot_auth_bypass.py tests\gateway\test_discord_bot_auth_bypass.py tests\gateway\test_feishu_bot_auth_bypass.py -> passed.
• .venv\Scripts\python.exe -m py_compile gateway\authz_mixin.py gateway\config.py gateway\platforms\telegram.py tests\gateway\test_config.py tests\gateway\test_telegram_bot_auth_bypass.py tests\gateway\test_discord_bot_auth_bypass.py tests\gateway\test_feishu_bot_auth_bypass.py -> passed.
• git diff --check -> passed.
• git merge-tree --write-tree upstream/main HEAD -> 5c5333999cc2745a92e86c433b9133d89e1ba581.

Risk

Low. Existing non-bot Telegram sender behavior is unchanged. Bot-origin Telegram messages now follow the same explicit none / mentions / all policy shape as Discord and Feishu; the default remains deny unless configured otherwise.