From 26d103d31486a932e24b4095eed546c12f142bf6 Mon Sep 17 00:00:00 2001
From: Matthias Ahouansou <matthias@ahouansou.cz>
Date: Wed, 12 Jun 2024 00:40:45 -0400
Subject: [PATCH] fix: only process admin commands if server user is in the
 room

Should prevent some edge cases with a misconfigured admin room

Signed-off-by: strawberry <strawberry@puppygock.gay>
---
 src/service/rooms/timeline/mod.rs | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/service/rooms/timeline/mod.rs b/src/service/rooms/timeline/mod.rs
index c7d045e9..82f5f1bf 100644
--- a/src/service/rooms/timeline/mod.rs
+++ b/src/service/rooms/timeline/mod.rs
@@ -489,7 +489,13 @@ impl Service {
 					// the administrator can execute commands as conduit
 					let from_conduit = pdu.sender == server_user && services().globals.emergency_password().is_none();
 					if let Some(admin_room) = service::admin::Service::get_admin_room().await? {
-						if to_conduit && !from_conduit && admin_room == pdu.room_id {
+						if to_conduit
+							&& !from_conduit && admin_room == pdu.room_id
+							&& services()
+								.rooms
+								.state_cache
+								.is_joined(&UserId::parse(server_user).unwrap(), &admin_room)?
+						{
 							services()
 								.admin
 								.process_message(body, pdu.event_id.clone())