From 03c04ce0a18b6d6f5f701210e20d98814dacb23a Mon Sep 17 00:00:00 2001
From: strawberry <strawberry@puppygock.gay>
Date: Fri, 14 Jun 2024 23:46:07 -0400
Subject: [PATCH] dont allow "remote admins" to run public escaped cmds on
 behalf of others

Signed-off-by: strawberry <strawberry@puppygock.gay>
---
 src/service/admin/mod.rs | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/service/admin/mod.rs b/src/service/admin/mod.rs
index f5f818d3..dca3ac8d 100644
--- a/src/service/admin/mod.rs
+++ b/src/service/admin/mod.rs
@@ -18,7 +18,7 @@ use serde_json::value::to_raw_value;
 use tokio::{sync::Mutex, task::JoinHandle};
 use tracing::error;
 
-use crate::{pdu::PduBuilder, services, PduEvent};
+use crate::{pdu::PduBuilder, services, user_is_local, PduEvent};
 
 pub type HandlerResult = Pin<Box<dyn Future<Output = Result<AdminEvent, Error>> + Send>>;
 pub type Handler = fn(AdminEvent) -> HandlerResult;
@@ -276,6 +276,11 @@ pub async fn is_admin_command(pdu: &PduEvent, body: &str) -> bool {
 		return false;
 	}
 
+	// only allow public escaped commands by local admins
+	if is_public_escape && !user_is_local(&pdu.sender) {
+		return false;
+	}
+
 	// Check if server-side command-escape is disabled by configuration
 	if is_public_escape && !services().globals.config.admin_escape_commands {
 		return false;