diff options
author | Justin Clark-Casey (justincc) | 2010-04-19 21:02:36 +0100 |
---|---|---|
committer | Justin Clark-Casey (justincc) | 2010-04-19 21:02:36 +0100 |
commit | da83ee28be93ff2649e1df214d942b01104247de (patch) | |
tree | 9419de09d3ce61f92e2ad871543965717badf5da | |
parent | log problems when an asset request through the UDP TransferRequest channel go... (diff) | |
download | opensim-SC-da83ee28be93ff2649e1df214d942b01104247de.zip opensim-SC-da83ee28be93ff2649e1df214d942b01104247de.tar.gz opensim-SC-da83ee28be93ff2649e1df214d942b01104247de.tar.bz2 opensim-SC-da83ee28be93ff2649e1df214d942b01104247de.tar.xz |
If a transfer request is received for a task inventory item asset, then route the permissions request through the existing CanEditScript() and CanEditNotecard() methods.
This implements the 'share with group' flag for notecards and scripts in prim inventory since the PermissionsModule checks group membership and permissions.
Other than that, the code in PermissionsModule duplicates the checks in LLClientView so there should be no change other than allowing group members to edit embedded notecards and scripts.
For all other asset types, the permission checking code in LLClientView continues to be used, pending refactoring of suitable permissions code
This means that 'share with group' will not yet work for prim inventory items other than notecards and scripts
-rw-r--r-- | OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs | 108 | ||||
-rw-r--r-- | OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs | 17 |
2 files changed, 75 insertions, 50 deletions
diff --git a/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs b/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs index 54c312c..c4e8e09 100644 --- a/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs +++ b/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs | |||
@@ -7093,7 +7093,7 @@ namespace OpenSim.Region.ClientStack.LindenUDP | |||
7093 | UUID requestID = new UUID(transfer.TransferInfo.Params, 80); | 7093 | UUID requestID = new UUID(transfer.TransferInfo.Params, 80); |
7094 | 7094 | ||
7095 | // m_log.DebugFormat( | 7095 | // m_log.DebugFormat( |
7096 | // "[LLCLIENTVIEW]: Got request for asset {0} from item {1} in prim {2} by {3}", | 7096 | // "[CLIENT]: Got request for asset {0} from item {1} in prim {2} by {3}", |
7097 | // requestID, itemID, taskID, Name); | 7097 | // requestID, itemID, taskID, Name); |
7098 | 7098 | ||
7099 | if (!(((Scene)m_scene).Permissions.BypassPermissions())) | 7099 | if (!(((Scene)m_scene).Permissions.BypassPermissions())) |
@@ -7105,60 +7105,75 @@ namespace OpenSim.Region.ClientStack.LindenUDP | |||
7105 | if (part == null) | 7105 | if (part == null) |
7106 | { | 7106 | { |
7107 | m_log.WarnFormat( | 7107 | m_log.WarnFormat( |
7108 | "[LLCLIENTVIEW]: {0} requested asset {1} from item {2} in prim {3} but prim does not exist", | 7108 | "[CLIENT]: {0} requested asset {1} from item {2} in prim {3} but prim does not exist", |
7109 | Name, requestID, itemID, taskID); | 7109 | Name, requestID, itemID, taskID); |
7110 | return true; | 7110 | return true; |
7111 | } | 7111 | } |
7112 | 7112 | ||
7113 | if (part.OwnerID != AgentId) | 7113 | TaskInventoryItem tii = part.Inventory.GetInventoryItem(itemID); |
7114 | if (tii == null) | ||
7114 | { | 7115 | { |
7115 | m_log.WarnFormat( | 7116 | m_log.WarnFormat( |
7116 | "[LLCLIENTVIEW]: {0} requested asset {1} from item {2} in prim {3} but the prim is owned by {4}", | 7117 | "[CLIENT]: {0} requested asset {1} from item {2} in prim {3} but item does not exist", |
7117 | Name, requestID, itemID, taskID, part.OwnerID); | ||
7118 | return true; | ||
7119 | } | ||
7120 | |||
7121 | if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0) | ||
7122 | { | ||
7123 | m_log.WarnFormat( | ||
7124 | "[LLCLIENTVIEW]: {0} requested asset {1} from item {2} in prim {3} but modify permissions are not set", | ||
7125 | Name, requestID, itemID, taskID); | ||
7126 | return true; | ||
7127 | } | ||
7128 | |||
7129 | TaskInventoryItem ti = part.Inventory.GetInventoryItem(itemID); | ||
7130 | if (ti == null) | ||
7131 | { | ||
7132 | m_log.WarnFormat( | ||
7133 | "[LLCLIENTVIEW]: {0} requested asset {1} from item {2} in prim {3} but item does not exist", | ||
7134 | Name, requestID, itemID, taskID); | 7118 | Name, requestID, itemID, taskID); |
7135 | return true; | 7119 | return true; |
7136 | } | 7120 | } |
7137 | 7121 | ||
7138 | if (ti.OwnerID != AgentId) | 7122 | if (tii.Type == (int)AssetType.LSLText) |
7139 | { | 7123 | { |
7140 | m_log.WarnFormat( | 7124 | if (!((Scene)m_scene).Permissions.CanEditScript(itemID, taskID, AgentId)) |
7141 | "[LLCLIENTVIEW]: {0} requested asset {1} from item {2} in prim {3} but the item is owned by {4}", | 7125 | return true; |
7142 | Name, requestID, itemID, taskID, ti.OwnerID); | ||
7143 | return true; | ||
7144 | } | 7126 | } |
7145 | 7127 | else if (tii.Type == (int)AssetType.Notecard) | |
7146 | if (( | ||
7147 | ti.CurrentPermissions & ((uint)PermissionMask.Modify | (uint)PermissionMask.Copy | (uint)PermissionMask.Transfer)) | ||
7148 | != ((uint)PermissionMask.Modify | (uint)PermissionMask.Copy | (uint)PermissionMask.Transfer)) | ||
7149 | { | 7128 | { |
7150 | m_log.WarnFormat( | 7129 | if (!((Scene)m_scene).Permissions.CanEditNotecard(itemID, taskID, AgentId)) |
7151 | "[LLCLIENTVIEW]: {0} requested asset {1} from item {2} in prim {3} but item permissions are not modify/copy/transfer", | 7130 | return true; |
7152 | Name, requestID, itemID, taskID); | ||
7153 | return true; | ||
7154 | } | 7131 | } |
7155 | 7132 | else | |
7156 | if (ti.AssetID != requestID) | ||
7157 | { | 7133 | { |
7158 | m_log.WarnFormat( | 7134 | // TODO: Change this code to allow items other than notecards and scripts to be successfully |
7159 | "[LLCLIENTVIEW]: {0} requested asset {1} from item {2} in prim {3} but this does not match item's asset {4}", | 7135 | // shared with group. In fact, all this permissions checking should move to an IPermissionsModule |
7160 | Name, requestID, itemID, taskID, ti.AssetID); | 7136 | if (part.OwnerID != AgentId) |
7161 | return true; | 7137 | { |
7138 | m_log.WarnFormat( | ||
7139 | "[CLIENT]: {0} requested asset {1} from item {2} in prim {3} but the prim is owned by {4}", | ||
7140 | Name, requestID, itemID, taskID, part.OwnerID); | ||
7141 | return true; | ||
7142 | } | ||
7143 | |||
7144 | if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0) | ||
7145 | { | ||
7146 | m_log.WarnFormat( | ||
7147 | "[CLIENT]: {0} requested asset {1} from item {2} in prim {3} but modify permissions are not set", | ||
7148 | Name, requestID, itemID, taskID); | ||
7149 | return true; | ||
7150 | } | ||
7151 | |||
7152 | if (tii.OwnerID != AgentId) | ||
7153 | { | ||
7154 | m_log.WarnFormat( | ||
7155 | "[CLIENT]: {0} requested asset {1} from item {2} in prim {3} but the item is owned by {4}", | ||
7156 | Name, requestID, itemID, taskID, tii.OwnerID); | ||
7157 | return true; | ||
7158 | } | ||
7159 | |||
7160 | if (( | ||
7161 | tii.CurrentPermissions & ((uint)PermissionMask.Modify | (uint)PermissionMask.Copy | (uint)PermissionMask.Transfer)) | ||
7162 | != ((uint)PermissionMask.Modify | (uint)PermissionMask.Copy | (uint)PermissionMask.Transfer)) | ||
7163 | { | ||
7164 | m_log.WarnFormat( | ||
7165 | "[CLIENT]: {0} requested asset {1} from item {2} in prim {3} but item permissions are not modify/copy/transfer", | ||
7166 | Name, requestID, itemID, taskID); | ||
7167 | return true; | ||
7168 | } | ||
7169 | |||
7170 | if (tii.AssetID != requestID) | ||
7171 | { | ||
7172 | m_log.WarnFormat( | ||
7173 | "[CLIENT]: {0} requested asset {1} from item {2} in prim {3} but this does not match item's asset {4}", | ||
7174 | Name, requestID, itemID, taskID, tii.AssetID); | ||
7175 | return true; | ||
7176 | } | ||
7162 | } | 7177 | } |
7163 | } | 7178 | } |
7164 | else // Agent | 7179 | else // Agent |
@@ -7197,7 +7212,12 @@ namespace OpenSim.Region.ClientStack.LindenUDP | |||
7197 | } | 7212 | } |
7198 | 7213 | ||
7199 | if (assetRequestItem.AssetID != requestID) | 7214 | if (assetRequestItem.AssetID != requestID) |
7215 | { | ||
7216 | m_log.WarnFormat( | ||
7217 | "[CLIENT]: {0} requested asset {1} from item {2} but this does not match item's asset {3}", | ||
7218 | Name, requestID, itemID, assetRequestItem.AssetID); | ||
7200 | return true; | 7219 | return true; |
7220 | } | ||
7201 | } | 7221 | } |
7202 | } | 7222 | } |
7203 | } | 7223 | } |
@@ -11432,7 +11452,7 @@ namespace OpenSim.Region.ClientStack.LindenUDP | |||
11432 | // } | 11452 | // } |
11433 | } | 11453 | } |
11434 | 11454 | ||
11435 | // m_log.DebugFormat("[LLCLIENTVIEW]: {0} requesting asset {1}", Name, requestID); | 11455 | // m_log.DebugFormat("[CLIENT]: {0} requesting asset {1}", Name, requestID); |
11436 | 11456 | ||
11437 | m_assetService.Get(requestID.ToString(), transferRequest, AssetReceived); | 11457 | m_assetService.Get(requestID.ToString(), transferRequest, AssetReceived); |
11438 | } | 11458 | } |
@@ -11800,4 +11820,4 @@ namespace OpenSim.Region.ClientStack.LindenUDP | |||
11800 | OutPacket(dialog, ThrottleOutPacketType.Task); | 11820 | OutPacket(dialog, ThrottleOutPacketType.Task); |
11801 | } | 11821 | } |
11802 | } | 11822 | } |
11803 | } | 11823 | } \ No newline at end of file |
diff --git a/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs b/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs index d940564..01359f0 100644 --- a/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs +++ b/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs | |||
@@ -1079,7 +1079,9 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1079 | 1079 | ||
1080 | if ((part.GroupMask & (uint)PermissionMask.Modify) == 0) | 1080 | if ((part.GroupMask & (uint)PermissionMask.Modify) == 0) |
1081 | return false; | 1081 | return false; |
1082 | } else { | 1082 | } |
1083 | else | ||
1084 | { | ||
1083 | if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0) | 1085 | if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0) |
1084 | return false; | 1086 | return false; |
1085 | } | 1087 | } |
@@ -1095,7 +1097,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1095 | return false; | 1097 | return false; |
1096 | 1098 | ||
1097 | if (!IsGroupMember(ti.GroupID, user, 0)) | 1099 | if (!IsGroupMember(ti.GroupID, user, 0)) |
1098 | return false; | 1100 | return false; |
1099 | } | 1101 | } |
1100 | 1102 | ||
1101 | // Require full perms | 1103 | // Require full perms |
@@ -1593,14 +1595,16 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1593 | if (part.OwnerID != user) | 1595 | if (part.OwnerID != user) |
1594 | { | 1596 | { |
1595 | if (part.GroupID == UUID.Zero) | 1597 | if (part.GroupID == UUID.Zero) |
1596 | return false; | 1598 | return false; |
1597 | 1599 | ||
1598 | if (!IsGroupMember(part.GroupID, user, 0)) | 1600 | if (!IsGroupMember(part.GroupID, user, 0)) |
1599 | return false; | 1601 | return false; |
1600 | 1602 | ||
1601 | if ((part.GroupMask & (uint)PermissionMask.Modify) == 0) | 1603 | if ((part.GroupMask & (uint)PermissionMask.Modify) == 0) |
1602 | return false; | 1604 | return false; |
1603 | } else { | 1605 | } |
1606 | else | ||
1607 | { | ||
1604 | if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0) | 1608 | if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0) |
1605 | return false; | 1609 | return false; |
1606 | } | 1610 | } |
@@ -1855,7 +1859,8 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1855 | return GenericObjectPermission(agentID, prim, false); | 1859 | return GenericObjectPermission(agentID, prim, false); |
1856 | } | 1860 | } |
1857 | 1861 | ||
1858 | private bool CanCompileScript(UUID ownerUUID, int scriptType, Scene scene) { | 1862 | private bool CanCompileScript(UUID ownerUUID, int scriptType, Scene scene) |
1863 | { | ||
1859 | //m_log.DebugFormat("check if {0} is allowed to compile {1}", ownerUUID, scriptType); | 1864 | //m_log.DebugFormat("check if {0} is allowed to compile {1}", ownerUUID, scriptType); |
1860 | switch (scriptType) { | 1865 | switch (scriptType) { |
1861 | case 0: | 1866 | case 0: |
@@ -1889,4 +1894,4 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1889 | return(false); | 1894 | return(false); |
1890 | } | 1895 | } |
1891 | } | 1896 | } |
1892 | } | 1897 | } \ No newline at end of file |