fix: only process admin commands if server user is in the room

Should prevent some edge cases with a misconfigured admin room Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-06-12 00:40:45 -04:00 · 2024-06-12 00:40:45 -04:00 · 26d103d314
commit 26d103d314
parent 0688a96c37
1 changed files with 7 additions and 1 deletions
--- a/src/service/rooms/timeline/mod.rs
+++ b/src/service/rooms/timeline/mod.rs
@ -489,7 +489,13 @@ impl Service {
 					// the administrator can execute commands as conduit
 					let from_conduit = pdu.sender == server_user && services().globals.emergency_password().is_none();
 					if let Some(admin_room) = service::admin::Service::get_admin_room().await? {
-						if to_conduit && !from_conduit && admin_room == pdu.room_id {
+						if to_conduit
+							&& !from_conduit && admin_room == pdu.room_id
+							&& services()
+								.rooms
+								.state_cache
+								.is_joined(&UserId::parse(server_user).unwrap(), &admin_room)?
+						{
 							services()
 								.admin
 								.process_message(body, pdu.event_id.clone())