Changeset

--- a/plugins/mod_admin_shell.lua	Fri Nov 01 13:08:35 2024 +0100
+++ b/plugins/mod_admin_shell.lua	Fri Nov 01 13:10:45 2024 +0100
@@ -1785,6 +1785,8 @@
 		return nil, "No such host: "..host;
 	elseif prosody.hosts[userhost] and not um.user_exists(username, userhost) then
 		return nil, "No such user";
+	elseif userhost ~= host then
+		return nil, "Can't add roles outside users own host"
 	end
 	return um.add_user_secondary_role(username, host, new_role);
 end
@@ -1797,6 +1799,8 @@
 		return nil, "No such host: "..host;
 	elseif prosody.hosts[userhost] and not um.user_exists(username, userhost) then
 		return nil, "No such user";
+	elseif userhost ~= host then
+		return nil, "Can't remove roles outside users own host"
 	end
 	return um.remove_user_secondary_role(username, host, role_name);
 end