aboutsummaryrefslogtreecommitdiffstatshomepage
diff options
context:
space:
mode:
authorAdam Frisby2007-08-15 14:10:26 +0000
committerAdam Frisby2007-08-15 14:10:26 +0000
commit5699bb2e64766da634ca4be34bc2d8eab991f2e1 (patch)
treecf471be738a0ac69cf6a7a17b0a53183a7bfe68f
parentPartial fix for the permissions on edited notecards/scripts (now you might st... (diff)
downloadopensim-SC-5699bb2e64766da634ca4be34bc2d8eab991f2e1.zip
opensim-SC-5699bb2e64766da634ca4be34bc2d8eab991f2e1.tar.gz
opensim-SC-5699bb2e64766da634ca4be34bc2d8eab991f2e1.tar.bz2
opensim-SC-5699bb2e64766da634ca4be34bc2d8eab991f2e1.tar.xz
* Permissions! - You can now only perform certain functions (such as editing other peoples objects) if you have permission to do so.
* Moved OnPermissionError to EventManager - now triggers a standard blue alert. * Terraforming now requires permission via the permissions manager. [Defaults to admin-only] * Permissions manager is now substantiated in Scene * Buttload of new permissions added. * Estate manager operations now require various levels of permission to operate * OGS1 now produces 'summary reports' for a commsManager of each scene it maintains connections for. Reduces grid network traffic for ping checks. * Added new "permissions true" / "permissions false" console command to enable or disable permissions.
-rw-r--r--OpenSim/Region/Application/OpenSimMain.cs11
-rw-r--r--OpenSim/Region/Communications/OGS1/OGS1GridServices.cs10
-rw-r--r--OpenSim/Region/Environment/EstateManager.cs48
-rw-r--r--OpenSim/Region/Environment/PermissionManager.cs119
-rw-r--r--OpenSim/Region/Environment/Scenes/Scene.PacketHandlers.cs42
-rw-r--r--OpenSim/Region/Environment/Scenes/Scene.cs16
-rw-r--r--OpenSim/Region/Environment/Scenes/SceneEvents.cs9
7 files changed, 208 insertions, 47 deletions
diff --git a/OpenSim/Region/Application/OpenSimMain.cs b/OpenSim/Region/Application/OpenSimMain.cs
index 887db67..9f95e01 100644
--- a/OpenSim/Region/Application/OpenSimMain.cs
+++ b/OpenSim/Region/Application/OpenSimMain.cs
@@ -320,6 +320,17 @@ namespace OpenSim
320 } 320 }
321 break; 321 break;
322 322
323 case "permissions":
324 // Treats each user as a super-admin when disabled
325 foreach (Scene scene in m_localScenes)
326 {
327 if (Convert.ToBoolean(cmdparams[0]))
328 scene.PermissionsMngr.EnablePermissions();
329 else
330 scene.PermissionsMngr.DisablePermissions();
331 }
332 break;
333
323 case "backup": 334 case "backup":
324 foreach (Scene scene in m_localScenes) 335 foreach (Scene scene in m_localScenes)
325 { 336 {
diff --git a/OpenSim/Region/Communications/OGS1/OGS1GridServices.cs b/OpenSim/Region/Communications/OGS1/OGS1GridServices.cs
index 32b0cfc..071ad0f 100644
--- a/OpenSim/Region/Communications/OGS1/OGS1GridServices.cs
+++ b/OpenSim/Region/Communications/OGS1/OGS1GridServices.cs
@@ -260,6 +260,16 @@ namespace OpenSim.Region.Communications.OGS1
260 Hashtable respData = new Hashtable(); 260 Hashtable respData = new Hashtable();
261 respData["online"] = "true"; 261 respData["online"] = "true";
262 262
263 foreach (ulong region in this.listeners.Keys)
264 {
265 Hashtable regData = new Hashtable();
266 RegionInfo reg = regions[region];
267 regData["status"] = "active";
268 regData["handle"] = region.ToString();
269
270 respData[reg.SimUUID.ToStringHyphenated()] = regData;
271 }
272
263 response.Value = respData; 273 response.Value = respData;
264 274
265 return response; 275 return response;
diff --git a/OpenSim/Region/Environment/EstateManager.cs b/OpenSim/Region/Environment/EstateManager.cs
index 83bfbb4..447a22c 100644
--- a/OpenSim/Region/Environment/EstateManager.cs
+++ b/OpenSim/Region/Environment/EstateManager.cs
@@ -147,35 +147,37 @@ namespace OpenSim.Region.Environment
147 147
148 public void handleEstateOwnerMessage(EstateOwnerMessagePacket packet, IClientAPI remote_client) 148 public void handleEstateOwnerMessage(EstateOwnerMessagePacket packet, IClientAPI remote_client)
149 { 149 {
150 if (remote_client.AgentId == m_regInfo.MasterAvatarAssignedUUID) 150 switch (Helpers.FieldToUTF8String(packet.MethodData.Method))
151 { 151 {
152 switch (Helpers.FieldToUTF8String(packet.MethodData.Method)) 152 case "getinfo":
153 { 153 this.sendRegionInfoPacketToAll();
154 case "getinfo": 154 break;
155 this.sendRegionInfoPacketToAll(); 155 case "setregioninfo":
156 break; 156 if (m_scene.PermissionsMngr.CanEditEstateTerrain(remote_client.AgentId))
157 case "setregioninfo":
158 estateSetRegionInfoHandler(packet); 157 estateSetRegionInfoHandler(packet);
159 break; 158 break;
160 case "texturebase": 159 case "texturebase":
160 if (m_scene.PermissionsMngr.CanEditEstateTerrain(remote_client.AgentId))
161 estateTextureBaseHandler(packet); 161 estateTextureBaseHandler(packet);
162 break; 162 break;
163 case "texturedetail": 163 case "texturedetail":
164 if (m_scene.PermissionsMngr.CanEditEstateTerrain(remote_client.AgentId))
164 estateTextureDetailHandler(packet); 165 estateTextureDetailHandler(packet);
165 break; 166 break;
166 case "textureheights": 167 case "textureheights":
168 if (m_scene.PermissionsMngr.CanEditEstateTerrain(remote_client.AgentId))
167 estateTextureHeightsHandler(packet); 169 estateTextureHeightsHandler(packet);
168 break; 170 break;
169 case "texturecommit": 171 case "texturecommit":
170 sendRegionHandshakeToAll(); 172 sendRegionHandshakeToAll();
171 break; 173 break;
172 case "setregionterrain": 174 case "setregionterrain":
175 if (m_scene.PermissionsMngr.CanEditEstateTerrain(remote_client.AgentId))
173 estateSetRegionTerrainHandler(packet); 176 estateSetRegionTerrainHandler(packet);
174 break; 177 break;
175 default: 178 default:
176 MainLog.Instance.Error("EstateOwnerMessage: Unknown method requested\n" + packet.ToString()); 179 MainLog.Instance.Error("EstateOwnerMessage: Unknown method requested\n" + packet.ToString());
177 break; 180 break;
178 }
179 } 181 }
180 } 182 }
181 183
diff --git a/OpenSim/Region/Environment/PermissionManager.cs b/OpenSim/Region/Environment/PermissionManager.cs
index 0758566..2698d3f 100644
--- a/OpenSim/Region/Environment/PermissionManager.cs
+++ b/OpenSim/Region/Environment/PermissionManager.cs
@@ -15,35 +15,79 @@ namespace OpenSim.Region.Environment
15 { 15 {
16 protected Scene m_scene; 16 protected Scene m_scene;
17 17
18 // Bypasses the permissions engine (always returns OK)
19 // disable in any production environment
20 // TODO: Change this to false when permissions are a desired default
21 // TODO: Move to configuration option.
22 private bool bypassPermissions = true;
23
18 public PermissionManager(Scene scene) 24 public PermissionManager(Scene scene)
19 { 25 {
20 m_scene = scene; 26 m_scene = scene;
21 } 27 }
22 28
23 public delegate void OnPermissionErrorDelegate(LLUUID user, string reason); 29 public void DisablePermissions()
24 public event OnPermissionErrorDelegate OnPermissionError; 30 {
31 bypassPermissions = true;
32 }
33
34 public void EnablePermissions()
35 {
36 bypassPermissions = false;
37 }
25 38
26 protected virtual void SendPermissionError(LLUUID user, string reason) 39 protected virtual void SendPermissionError(LLUUID user, string reason)
27 { 40 {
28 if (OnPermissionError != null) 41 m_scene.EventManager.TriggerPermissionError(user, reason);
29 OnPermissionError(user, reason);
30 } 42 }
31 43
32 protected virtual bool IsAdministrator(LLUUID user) 44 protected virtual bool IsAdministrator(LLUUID user)
33 { 45 {
46 if (bypassPermissions)
47 return bypassPermissions;
48
34 return m_scene.RegionInfo.MasterAvatarAssignedUUID == user; 49 return m_scene.RegionInfo.MasterAvatarAssignedUUID == user;
35 } 50 }
36 51
37 protected virtual bool IsEstateManager(LLUUID user) 52 protected virtual bool IsEstateManager(LLUUID user)
38 { 53 {
54 if (bypassPermissions)
55 return bypassPermissions;
56
39 return false; 57 return false;
40 } 58 }
41 59
42 public virtual bool CanRezObject(LLUUID user, LLVector3 position) 60 protected virtual bool IsGridUser(LLUUID user)
43 { 61 {
44 return true; 62 return true;
45 } 63 }
46 64
65 protected virtual bool IsGuest(LLUUID user)
66 {
67 return false;
68 }
69
70 public virtual bool CanRezObject(LLUUID user, LLVector3 position)
71 {
72 bool permission = false;
73
74 string reason = "Insufficient permission";
75
76 if (IsAdministrator(user))
77 permission = true;
78 else
79 reason = "Not an administrator";
80
81 if (GenericParcelPermission(user, position))
82 permission = true;
83 else
84 reason = "Not the parcel owner";
85
86 if (!permission)
87 SendPermissionError(user, reason);
88
89 return true;
90 }
47 91
48 #region Object Permissions 92 #region Object Permissions
49 93
@@ -105,19 +149,71 @@ namespace OpenSim.Region.Environment
105 149
106 #endregion 150 #endregion
107 151
152 #region Communication Permissions
153
154 public virtual bool GenericCommunicationPermission(LLUUID user, LLUUID target)
155 {
156 bool permission = false;
157 string reason = "Only registered users may communicate with another account.";
158
159 if (IsGridUser(user))
160 permission = true;
161
162 if (!IsGridUser(user))
163 {
164 permission = false;
165 reason = "The person that you are messaging is not a registered user.";
166 }
167 if (IsAdministrator(user))
168 permission = true;
169
170 if (IsEstateManager(user))
171 permission = true;
172
173 if (!permission)
174 SendPermissionError(user, reason);
175
176 return permission;
177 }
178
179 public virtual bool CanInstantMessage(LLUUID user, LLUUID target)
180 {
181 return GenericCommunicationPermission(user, target);
182 }
183
184 public virtual bool CanInventoryTransfer(LLUUID user, LLUUID target)
185 {
186 return GenericCommunicationPermission(user, target);
187 }
188
189 #endregion
190
108 public virtual bool CanEditScript(LLUUID user, LLUUID script) 191 public virtual bool CanEditScript(LLUUID user, LLUUID script)
109 { 192 {
110 return false; 193 return IsAdministrator(user);
111 } 194 }
112 195
113 public virtual bool CanRunScript(LLUUID user, LLUUID script) 196 public virtual bool CanRunScript(LLUUID user, LLUUID script)
114 { 197 {
115 return false; 198 return IsAdministrator(user);
116 } 199 }
117 200
118 public virtual bool CanTerraform(LLUUID user, LLUUID position) 201 public virtual bool CanTerraform(LLUUID user, LLVector3 position)
119 { 202 {
120 return false; 203 bool permission = false;
204
205 // Estate override
206 if (GenericEstatePermission(user))
207 permission = true;
208
209 // Land owner can terraform too
210 if (GenericParcelPermission(user, m_scene.LandManager.getLandObject(position.X, position.Y)))
211 permission = true;
212
213 if (!permission)
214 SendPermissionError(user, "Not authorized to terraform at this location.");
215
216 return permission;
121 } 217 }
122 218
123 #region Estate Permissions 219 #region Estate Permissions
@@ -168,6 +264,11 @@ namespace OpenSim.Region.Environment
168 return permission; 264 return permission;
169 } 265 }
170 266
267 protected virtual bool GenericParcelPermission(LLUUID user, LLVector3 pos)
268 {
269 return GenericParcelPermission(user, m_scene.LandManager.getLandObject(pos.X, pos.Y));
270 }
271
171 public virtual bool CanEditParcel(LLUUID user, Land parcel) 272 public virtual bool CanEditParcel(LLUUID user, Land parcel)
172 { 273 {
173 return GenericParcelPermission(user, parcel); 274 return GenericParcelPermission(user, parcel);
diff --git a/OpenSim/Region/Environment/Scenes/Scene.PacketHandlers.cs b/OpenSim/Region/Environment/Scenes/Scene.PacketHandlers.cs
index bba0138..cca8998 100644
--- a/OpenSim/Region/Environment/Scenes/Scene.PacketHandlers.cs
+++ b/OpenSim/Region/Environment/Scenes/Scene.PacketHandlers.cs
@@ -50,6 +50,12 @@ namespace OpenSim.Region.Environment.Scenes
50 /// <param name="west">Distance from the west border where the cursor is located</param> 50 /// <param name="west">Distance from the west border where the cursor is located</param>
51 public void ModifyTerrain(float height, float seconds, byte brushsize, byte action, float north, float west, IClientAPI remoteUser) 51 public void ModifyTerrain(float height, float seconds, byte brushsize, byte action, float north, float west, IClientAPI remoteUser)
52 { 52 {
53 // Do a permissions check before allowing terraforming.
54 // random users are now no longer allowed to terraform
55 // if permissions are enabled.
56 if (!PermissionsMngr.CanTerraform(remoteUser.AgentId, new LLVector3(north, west, 0)))
57 return;
58
53 // Shiny. 59 // Shiny.
54 double size = (double)(1 << brushsize); 60 double size = (double)(1 << brushsize);
55 61
@@ -240,15 +246,18 @@ namespace OpenSim.Region.Environment.Scenes
240 } 246 }
241 if (selectedEnt != null) 247 if (selectedEnt != null)
242 { 248 {
243 List<ScenePresence> avatars = this.RequestAvatarList(); 249 if (PermissionsMngr.CanDeRezObject(simClient.AgentId, selectedEnt.m_uuid))
244 foreach (ScenePresence avatar in avatars)
245 {
246 avatar.ControllingClient.SendKillObject(this.m_regionHandle, selectedEnt.LocalId);
247 }
248
249 lock (Entities)
250 { 250 {
251 Entities.Remove(selectedEnt.m_uuid); 251 List<ScenePresence> avatars = this.RequestAvatarList();
252 foreach (ScenePresence avatar in avatars)
253 {
254 avatar.ControllingClient.SendKillObject(this.m_regionHandle, selectedEnt.LocalId);
255 }
256
257 lock (Entities)
258 {
259 Entities.Remove(selectedEnt.m_uuid);
260 }
252 } 261 }
253 } 262 }
254 } 263 }
@@ -501,16 +510,19 @@ namespace OpenSim.Region.Environment.Scenes
501 510
502 public void MoveObject(LLUUID objectID, LLVector3 offset, LLVector3 pos, IClientAPI remoteClient) 511 public void MoveObject(LLUUID objectID, LLVector3 offset, LLVector3 pos, IClientAPI remoteClient)
503 { 512 {
504 bool hasPrim = false; 513 if (PermissionsMngr.CanEditObject(remoteClient.AgentId, objectID))
505 foreach (EntityBase ent in Entities.Values)
506 { 514 {
507 if (ent is SceneObjectGroup) 515 bool hasPrim = false;
516 foreach (EntityBase ent in Entities.Values)
508 { 517 {
509 hasPrim = ((SceneObjectGroup)ent).HasChildPrim(objectID); 518 if (ent is SceneObjectGroup)
510 if (hasPrim != false)
511 { 519 {
512 ((SceneObjectGroup)ent).GrabMovement(offset, pos, remoteClient); 520 hasPrim = ((SceneObjectGroup)ent).HasChildPrim(objectID);
513 break; 521 if (hasPrim != false)
522 {
523 ((SceneObjectGroup)ent).GrabMovement(offset, pos, remoteClient);
524 break;
525 }
514 } 526 }
515 } 527 }
516 } 528 }
diff --git a/OpenSim/Region/Environment/Scenes/Scene.cs b/OpenSim/Region/Environment/Scenes/Scene.cs
index 6c87c5d..0fa3ab7 100644
--- a/OpenSim/Region/Environment/Scenes/Scene.cs
+++ b/OpenSim/Region/Environment/Scenes/Scene.cs
@@ -110,6 +110,13 @@ namespace OpenSim.Region.Environment.Scenes
110 get { return m_scriptManager; } 110 get { return m_scriptManager; }
111 } 111 }
112 112
113 private PermissionManager m_permissionManager;
114
115 public PermissionManager PermissionsMngr
116 {
117 get { return m_permissionManager; }
118 }
119
113 public Dictionary<LLUUID, SceneObjectGroup> Objects 120 public Dictionary<LLUUID, SceneObjectGroup> Objects
114 { 121 {
115 get { return Prims; } 122 get { return Prims; }
@@ -143,10 +150,13 @@ namespace OpenSim.Region.Environment.Scenes
143 m_estateManager = new EstateManager(this, m_regInfo); 150 m_estateManager = new EstateManager(this, m_regInfo);
144 m_scriptManager = new ScriptManager(this); 151 m_scriptManager = new ScriptManager(this);
145 m_eventManager = new EventManager(); 152 m_eventManager = new EventManager();
153 m_permissionManager = new PermissionManager(this);
146 154
147 m_eventManager.OnParcelPrimCountAdd += 155 m_eventManager.OnParcelPrimCountAdd +=
148 m_LandManager.addPrimToLandPrimCounts; 156 m_LandManager.addPrimToLandPrimCounts;
149 157
158 m_eventManager.OnPermissionError += SendPermissionAlert;
159
150 MainLog.Instance.Verbose("Creating new entitities instance"); 160 MainLog.Instance.Verbose("Creating new entitities instance");
151 Entities = new Dictionary<LLUUID, EntityBase>(); 161 Entities = new Dictionary<LLUUID, EntityBase>();
152 Avatars = new Dictionary<LLUUID, ScenePresence>(); 162 Avatars = new Dictionary<LLUUID, ScenePresence>();
@@ -966,6 +976,12 @@ namespace OpenSim.Region.Environment.Scenes
966 #endregion 976 #endregion
967 977
968 #region Alert Methods 978 #region Alert Methods
979
980 void SendPermissionAlert(LLUUID user, string reason)
981 {
982 SendAlertToUser(user, reason, false);
983 }
984
969 public void SendGeneralAlert(string message) 985 public void SendGeneralAlert(string message)
970 { 986 {
971 foreach (ScenePresence presence in this.Avatars.Values) 987 foreach (ScenePresence presence in this.Avatars.Values)
diff --git a/OpenSim/Region/Environment/Scenes/SceneEvents.cs b/OpenSim/Region/Environment/Scenes/SceneEvents.cs
index cb5a967..050207c 100644
--- a/OpenSim/Region/Environment/Scenes/SceneEvents.cs
+++ b/OpenSim/Region/Environment/Scenes/SceneEvents.cs
@@ -33,7 +33,16 @@ namespace OpenSim.Region.Environment.Scenes
33 public event OnShutdownDelegate OnShutdown; 33 public event OnShutdownDelegate OnShutdown;
34 34
35 public delegate void ObjectGrabDelegate(uint localID, LLVector3 offsetPos, IClientAPI remoteClient); 35 public delegate void ObjectGrabDelegate(uint localID, LLVector3 offsetPos, IClientAPI remoteClient);
36 public delegate void OnPermissionErrorDelegate(LLUUID user, string reason);
36 public event ObjectGrabDelegate OnObjectGrab; 37 public event ObjectGrabDelegate OnObjectGrab;
38 public event OnPermissionErrorDelegate OnPermissionError;
39
40
41 public void TriggerPermissionError(LLUUID user, string reason)
42 {
43 if (OnPermissionError != null)
44 OnPermissionError(user, reason);
45 }
37 46
38 public void TriggerOnScriptConsole(string[] args) 47 public void TriggerOnScriptConsole(string[] args)
39 { 48 {