Don't trust member list if source user isn't there

CHANGELOG.md

@@ -4,6 +4,8 @@
 * Updated Docker image to Alpine 3.19.
 * Fixed some potential cases where a portal room would be created for the
   relaybot even if `ignore_unbridged_group_chat` was enabled.
+* Fixed member sync in groups with hidden members causing puppeted Matrix users
+  to be kicked even if they're still in the group.
 
 # v0.15.0 (2023-11-26)
 

mautrix_telegram/portal.py

@@ -1146,12 +1146,19 @@ class Portal(DBPortal, BasePortal):
         # We can't trust the member list if any of the following cases is true:
         #  * There are close to 10 000 users, because Telegram might not be sending all members.
         #  * The member sync count is limited, because then we might ignore some members.
-        #  * It's a channel, because non-admins don't have access to the member list.
+        #  * It's a channel, because non-admins don't have access to the member list
+        #    and even admins can only see 200 members.
+        #  * The source user is not in the chat, because that likely means it's a group
+        #    with the member list hidden (so only admins are visible).
         trust_member_list = (
-            len(allowed_tgids) < 9900
-            if self.max_initial_member_sync < 0
-            else len(allowed_tgids) < self.max_initial_member_sync - 10
-        ) and (self.megagroup or self.peer_type != "channel")
+            (
+                len(allowed_tgids) < 9900
+                if self.max_initial_member_sync < 0
+                else len(allowed_tgids) < self.max_initial_member_sync - 10
+            )
+            and (self.megagroup or self.peer_type != "channel")
+            and source.tgid in allowed_tgids
+        )
         if not trust_member_list:
             return None