From 76b060aa84d27b23c4931cbdfaf468444bfd59f4 Mon Sep 17 00:00:00 2001
From: Charles Hall <charles@computer.surgery>
Date: Wed, 12 Jun 2024 20:48:06 -0700
Subject: [PATCH] only process admin commands if bot is in room

This isn't exploitable in any way, it just meant that the bot could
receive and run commands from users who were already in the admin room
despite the bot not being in the room, which also means the bot would be
unable to send response messages.

Now, the bot will simply ignore admin room messages if the bot isn't in
the admin room.
---
 src/service/rooms/timeline.rs | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/service/rooms/timeline.rs b/src/service/rooms/timeline.rs
index 1cf176a5..3fc590c4 100644
--- a/src/service/rooms/timeline.rs
+++ b/src/service/rooms/timeline.rs
@@ -536,6 +536,11 @@ impl Service {
                         if to_admin_bot
                             && !from_admin_bot
                             && admin_room == pdu.room_id
+                            && services()
+                                .rooms
+                                .state_cache
+                                .is_joined(admin_bot, &admin_room)
+                                .unwrap_or(false)
                         {
                             services().admin.process_message(body);
                         }