aboutsummaryrefslogtreecommitdiffstatshomepage
diff options
context:
space:
mode:
authorDiva Canto2012-09-20 19:50:57 -0700
committerDiva Canto2012-09-20 19:50:57 -0700
commite379566e6e3bed0d7001f099a5ea8dfd648d76cf (patch)
treed3c9877c5b0e24e3d56b5ee1029324efd05beff6
parentMerge branch 'master' of ssh://opensimulator.org/var/git/opensim (diff)
downloadopensim-SC-e379566e6e3bed0d7001f099a5ea8dfd648d76cf.zip
opensim-SC-e379566e6e3bed0d7001f099a5ea8dfd648d76cf.tar.gz
opensim-SC-e379566e6e3bed0d7001f099a5ea8dfd648d76cf.tar.bz2
opensim-SC-e379566e6e3bed0d7001f099a5ea8dfd648d76cf.tar.xz
Improvement over last commit: refactor the asset permissions code, so that it can be used by both the HG Asset Service and the simulator. Also renamed the config vars to something more intuitive
Diffstat (limited to '')
-rw-r--r--OpenSim/Framework/AssetPermissions.cs81
-rw-r--r--OpenSim/Services/HypergridService/HGAssetService.cs63
-rw-r--r--bin/Robust.HG.ini.example10
-rw-r--r--bin/config-include/StandaloneCommon.ini.example10
4 files changed, 98 insertions, 66 deletions
diff --git a/OpenSim/Framework/AssetPermissions.cs b/OpenSim/Framework/AssetPermissions.cs
new file mode 100644
index 0000000..d276def
--- /dev/null
+++ b/OpenSim/Framework/AssetPermissions.cs
@@ -0,0 +1,81 @@
1using System;
2using System.Collections.Generic;
3using System.Reflection;
4
5using Nini.Config;
6using log4net;
7
8using OpenMetaverse;
9
10namespace OpenSim.Framework
11{
12 public class AssetPermissions
13 {
14 private static readonly ILog m_log =
15 LogManager.GetLogger(
16 MethodBase.GetCurrentMethod().DeclaringType);
17
18 private bool[] m_DisallowExport, m_DisallowImport;
19 private string[] m_AssetTypeNames;
20
21 public AssetPermissions(IConfig config)
22 {
23 Type enumType = typeof(AssetType);
24 m_AssetTypeNames = Enum.GetNames(enumType);
25 for (int i = 0; i < m_AssetTypeNames.Length; i++)
26 m_AssetTypeNames[i] = m_AssetTypeNames[i].ToLower();
27 int n = Enum.GetValues(enumType).Length;
28 m_DisallowExport = new bool[n];
29 m_DisallowImport = new bool[n];
30
31 LoadPermsFromConfig(config, "DisallowExport", m_DisallowExport);
32 LoadPermsFromConfig(config, "DisallowImport", m_DisallowImport);
33
34 }
35
36 private void LoadPermsFromConfig(IConfig assetConfig, string variable, bool[] bitArray)
37 {
38 string perms = assetConfig.GetString(variable, String.Empty);
39 string[] parts = perms.Split(new char[] { ',' }, StringSplitOptions.RemoveEmptyEntries);
40 foreach (string s in parts)
41 {
42 int index = Array.IndexOf(m_AssetTypeNames, s.Trim().ToLower());
43 if (index >= 0)
44 bitArray[index] = true;
45 else
46 m_log.WarnFormat("[Asset Permissions]: Invalid AssetType {0}", s);
47 }
48
49 }
50
51 public bool AllowedExport(sbyte type)
52 {
53 string assetTypeName = ((AssetType)type).ToString();
54
55 int index = Array.IndexOf(m_AssetTypeNames, assetTypeName.ToLower());
56 if (index >= 0 && m_DisallowExport[index])
57 {
58 m_log.DebugFormat("[Asset Permissions]: Export denied: configuration does not allow export of AssetType {0}", assetTypeName);
59 return false;
60 }
61
62 return true;
63 }
64
65 public bool AllowedImport(sbyte type)
66 {
67 string assetTypeName = ((AssetType)type).ToString();
68
69 int index = Array.IndexOf(m_AssetTypeNames, assetTypeName.ToLower());
70 if (index >= 0 && m_DisallowImport[index])
71 {
72 m_log.DebugFormat("[Asset Permissions]: Import denied: configuration does not allow import of AssetType {0}", assetTypeName);
73 return false;
74 }
75
76 return true;
77 }
78
79
80 }
81}
diff --git a/OpenSim/Services/HypergridService/HGAssetService.cs b/OpenSim/Services/HypergridService/HGAssetService.cs
index d6541c4..f1275a0 100644
--- a/OpenSim/Services/HypergridService/HGAssetService.cs
+++ b/OpenSim/Services/HypergridService/HGAssetService.cs
@@ -58,8 +58,7 @@ namespace OpenSim.Services.HypergridService
58 58
59 private UserAccountCache m_Cache; 59 private UserAccountCache m_Cache;
60 60
61 private bool[] m_DisallowGET, m_DisallowPOST; 61 private AssetPermissions m_AssetPerms;
62 private string[] m_AssetTypeNames;
63 62
64 public HGAssetService(IConfigSource config, string configName) : base(config, configName) 63 public HGAssetService(IConfigSource config, string configName) : base(config, configName)
65 { 64 {
@@ -85,31 +84,7 @@ namespace OpenSim.Services.HypergridService
85 m_Cache = UserAccountCache.CreateUserAccountCache(m_UserAccountService); 84 m_Cache = UserAccountCache.CreateUserAccountCache(m_UserAccountService);
86 85
87 // Permissions 86 // Permissions
88 Type enumType = typeof(AssetType); 87 m_AssetPerms = new AssetPermissions(assetConfig);
89 m_AssetTypeNames = Enum.GetNames(enumType);
90 for (int i = 0; i < m_AssetTypeNames.Length; i++)
91 m_AssetTypeNames[i] = m_AssetTypeNames[i].ToLower();
92 int n = Enum.GetValues(enumType).Length;
93 m_DisallowGET = new bool[n];
94 m_DisallowPOST = new bool[n];
95
96 LoadPermsFromConfig(assetConfig, "DisallowGET", m_DisallowGET);
97 LoadPermsFromConfig(assetConfig, "DisallowPOST", m_DisallowPOST);
98
99 }
100
101 private void LoadPermsFromConfig(IConfig assetConfig, string variable, bool[] bitArray)
102 {
103 string perms = assetConfig.GetString(variable, String.Empty);
104 string[] parts = perms.Split(new char[] {','}, StringSplitOptions.RemoveEmptyEntries);
105 foreach (string s in parts)
106 {
107 int index = Array.IndexOf(m_AssetTypeNames, s.Trim().ToLower());
108 if (index >= 0)
109 bitArray[index] = true;
110 else
111 m_log.WarnFormat("[HGAsset Service]: Invalid AssetType {0}", s);
112 }
113 88
114 } 89 }
115 90
@@ -121,7 +96,7 @@ namespace OpenSim.Services.HypergridService
121 if (asset == null) 96 if (asset == null)
122 return null; 97 return null;
123 98
124 if (!AllowedGet(asset.Type)) 99 if (!m_AssetPerms.AllowedExport(asset.Type))
125 return null; 100 return null;
126 101
127 if (asset.Metadata.Type == (sbyte)AssetType.Object) 102 if (asset.Metadata.Type == (sbyte)AssetType.Object)
@@ -151,7 +126,7 @@ namespace OpenSim.Services.HypergridService
151 if (asset == null) 126 if (asset == null)
152 return null; 127 return null;
153 128
154 if (!AllowedGet(asset.Type)) 129 if (!m_AssetPerms.AllowedExport(asset.Type))
155 return null; 130 return null;
156 131
157 return asset.Data; 132 return asset.Data;
@@ -161,7 +136,7 @@ namespace OpenSim.Services.HypergridService
161 136
162 public override string Store(AssetBase asset) 137 public override string Store(AssetBase asset)
163 { 138 {
164 if (!AllowedPost(asset.Type)) 139 if (!m_AssetPerms.AllowedImport(asset.Type))
165 return UUID.Zero.ToString(); 140 return UUID.Zero.ToString();
166 141
167 return base.Store(asset); 142 return base.Store(asset);
@@ -175,34 +150,6 @@ namespace OpenSim.Services.HypergridService
175 150
176 #endregion 151 #endregion
177 152
178 protected bool AllowedGet(sbyte type)
179 {
180 string assetTypeName = ((AssetType)type).ToString();
181
182 int index = Array.IndexOf(m_AssetTypeNames, assetTypeName.ToLower());
183 if (index >= 0 && m_DisallowGET[index])
184 {
185 m_log.DebugFormat("[HGAsset Service]: GET denied: service does not allow export of AssetType {0}", assetTypeName);
186 return false;
187 }
188
189 return true;
190 }
191
192 protected bool AllowedPost(sbyte type)
193 {
194 string assetTypeName = ((AssetType)type).ToString();
195
196 int index = Array.IndexOf(m_AssetTypeNames, assetTypeName.ToLower());
197 if (index >= 0 && m_DisallowPOST[index])
198 {
199 m_log.DebugFormat("[HGAsset Service]: POST denied: service does not allow import of AssetType {0}", assetTypeName);
200 return false;
201 }
202
203 return true;
204 }
205
206 protected void AdjustIdentifiers(AssetMetadata meta) 153 protected void AdjustIdentifiers(AssetMetadata meta)
207 { 154 {
208 if (meta == null || m_Cache == null) 155 if (meta == null || m_Cache == null)
diff --git a/bin/Robust.HG.ini.example b/bin/Robust.HG.ini.example
index 8218b14..399779d 100644
--- a/bin/Robust.HG.ini.example
+++ b/bin/Robust.HG.ini.example
@@ -437,15 +437,17 @@ ServiceConnectors = "8003/OpenSim.Server.Handlers.dll:AssetServiceConnector,8003
437 UserAccountsService = "OpenSim.Services.UserAccountService.dll:UserAccountService" 437 UserAccountsService = "OpenSim.Services.UserAccountService.dll:UserAccountService"
438 HomeURI = "http://127.0.0.1:8002" 438 HomeURI = "http://127.0.0.1:8002"
439 439
440 ;; The asset types that other grids can get from / post to this service. 440 ;; The asset types that this service can export to / import from other grids.
441 ;; Comma separated.
441 ;; Valid values are all the asset types in OpenMetaverse.AssetType, namely: 442 ;; Valid values are all the asset types in OpenMetaverse.AssetType, namely:
442 ;; Unknown, Texture, Sound, CallingCard, Landmark, Clothing, Object, Notecard, LSLText, LSLBytecode, TextureTGA, Bodypart, SoundWAV, ImageTGA, ImageJPEG, Animation, Gesture, Mesh 443 ;; Unknown, Texture, Sound, CallingCard, Landmark, Clothing, Object, Notecard, LSLText,
444 ;; LSLBytecode, TextureTGA, Bodypart, SoundWAV, ImageTGA, ImageJPEG, Animation, Gesture, Mesh
443 ;; 445 ;;
444 ;; Leave blank or commented if you don't want to apply any restrictions. 446 ;; Leave blank or commented if you don't want to apply any restrictions.
445 ;; A more strict, but still reasonable, policy may be to disallow the exchange 447 ;; A more strict, but still reasonable, policy may be to disallow the exchange
446 ;; of scripts, like so: 448 ;; of scripts, like so:
447 ; DisallowGET ="LSLText" 449 ; DisallowExport ="LSLText"
448 ; DisallowPOST ="LSLBytecode" 450 ; DisallowImport ="LSLBytecode"
449 451
450[HGFriendsService] 452[HGFriendsService]
451 LocalServiceModule = "OpenSim.Services.HypergridService.dll:HGFriendsService" 453 LocalServiceModule = "OpenSim.Services.HypergridService.dll:HGFriendsService"
diff --git a/bin/config-include/StandaloneCommon.ini.example b/bin/config-include/StandaloneCommon.ini.example
index d8ecba8..d5eb50d 100644
--- a/bin/config-include/StandaloneCommon.ini.example
+++ b/bin/config-include/StandaloneCommon.ini.example
@@ -53,15 +53,17 @@
53[HGAssetService] 53[HGAssetService]
54 HomeURI = "http://127.0.0.1:9000" 54 HomeURI = "http://127.0.0.1:9000"
55 55
56 ;; The asset types that other grids can get from / post to this service. 56 ;; The asset types that this service can export to / import from other grids.
57 ;; Comma separated.
57 ;; Valid values are all the asset types in OpenMetaverse.AssetType, namely: 58 ;; Valid values are all the asset types in OpenMetaverse.AssetType, namely:
58 ;; Unknown, Texture, Sound, CallingCard, Landmark, Clothing, Object, Notecard, LSLText, LSLBytecode, TextureTGA, Bodypart, SoundWAV, ImageTGA, ImageJPEG, Animation, Gesture, Mesh 59 ;; Unknown, Texture, Sound, CallingCard, Landmark, Clothing, Object, Notecard, LSLText,
60 ;; LSLBytecode, TextureTGA, Bodypart, SoundWAV, ImageTGA, ImageJPEG, Animation, Gesture, Mesh
59 ;; 61 ;;
60 ;; Leave blank or commented if you don't want to apply any restrictions. 62 ;; Leave blank or commented if you don't want to apply any restrictions.
61 ;; A more strict, but still reasonable, policy may be to disallow the exchange 63 ;; A more strict, but still reasonable, policy may be to disallow the exchange
62 ;; of scripts, like so: 64 ;; of scripts, like so:
63 ; DisallowGET ="LSLText" 65 ; DisallowExport ="LSLText"
64 ; DisallowPOST ="LSLBytecode" 66 ; DisallowImport ="LSLBytecode"
65 67
66 68
67[HGInventoryAccessModule] 69[HGInventoryAccessModule]