Command being executed from the not-authoritative version of the object if on the host

I have a Player.cs script with two functions:

	void Update() {
		if (Input.GetKeyDown(KeyCode.Space)) {
			Debug.Log("hasAuthority: " + hasAuthority.ToString());

	void CmdTest() {
		Debug.Log("hasAuthority: " + hasAuthority.ToString());

There are two player objects in the scene with that script attached.

I assume that CmdTest should only get executed for one object in the scene since only one of them is an authoritative version. Which is true, when tested on a client.

So I run the host in the separate window, run the client in unity editor, press spacebar and get the following output:

Which is perfectly reasonable: the non-authoritative instance of Player.cs fails to run the Command, while the authoritative instance of the Player.cs is able to do that.

But when I run the same test on the host, (run host in unity editor, connect to it with the client from the separate window) I get that:

So what’s happening here is: the authoritative version of Player.cs gets the input, prints the “hasAuthority: true” message, runs the Command, prints “hasAuthority: true” second time.
And then, NON-authoritative version of Player.cs gets the input, prints “hasAuthority: false” and still runs the Command.

And that drives me insane: turns out that the host CAN run Command on the object that IT DOESN’T HAVE AN AUTHORITY FOR.
Or I simply missed something.

So, if anyone (@Bunny83 maybe?) can explain what am I doing wrong here, please do.

I don’t see where the problem is. You clearly don’t want to call CmdTest, your first screenshot already shows that you receive a warning which you should not ignore. You do this by either adding in a check for hasAuthority, or isLocalPlayer. This will already fix the calling issue on the Host.
As far as I understood it, when the clients are running as hosts, there is no need for network calls, so the calls are just direct method calls as any others. The attributes are plain ignored.