Is it even possible to restrict access to the system(Ubuntu machine with dongle) with Linux tools (everyone can see, but not everyone can connect (for example only specific type of devices)), without writing own script?Bluetooth isn't an especially secure protocol. About the best most devices do right now is a short pairing key, you can temporarily make your device "broadcast"
so that the host will see it. Once it is paired you generally don't care about other security concerns. (Perhaps this could be a higher priority).
You shouldn't have any other connections if you haven't paired to them.
As far as device class. I haven't looked at this much, we develop more towards pids (in bluetooth this doesn't mean process I D)
It's sometimes more convenient to look for specific company identifiers, than specific device types.
https://www.bluetooth.com/specifications/assigned-numbers/company-identifiers/ (Beware, this is 40 pages long)