From 75b9332917372127a277e4556b36695c46e45b7c Mon Sep 17 00:00:00 2001
From: strawberry <strawberry@puppygock.gay>
Date: Thu, 2 May 2024 16:51:43 -0400
Subject: [PATCH] dont allow creating remote users in admin room

Signed-off-by: strawberry <strawberry@puppygock.gay>
---
 src/service/admin/user/user_commands.rs | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/src/service/admin/user/user_commands.rs b/src/service/admin/user/user_commands.rs
index b1a6436d..768371a4 100644
--- a/src/service/admin/user/user_commands.rs
+++ b/src/service/admin/user/user_commands.rs
@@ -6,7 +6,9 @@ use tracing::{error, info, warn};
 use crate::{
 	api::client_server::{join_room_by_id_helper, leave_all_rooms, AUTO_GEN_PASSWORD_LENGTH},
 	service::admin::{escape_html, get_room_info},
-	services, utils, Result,
+	services,
+	utils::{self, user_id::user_is_local},
+	Result,
 };
 
 pub(crate) async fn list(_body: Vec<&str>) -> Result<RoomMessageEventContent> {
@@ -36,6 +38,12 @@ pub(crate) async fn create(
 			},
 		};
 
+	if !user_is_local(&user_id) {
+		return Ok(RoomMessageEventContent::text_plain(format!(
+			"User {user_id} does not belong to our server."
+		)));
+	}
+
 	if user_id.is_historical() {
 		return Ok(RoomMessageEventContent::text_plain(format!(
 			"Userid {user_id} is not allowed due to historical"