diff options
author | Melanie Thielker | 2010-07-14 16:21:55 +0200 |
---|---|---|
committer | Diva Canto | 2010-07-14 10:22:56 -0700 |
commit | 67417f647876e32bc9464c5ec76740437cc49b46 (patch) | |
tree | 7a236b7a782873d8e3ee9ecf7e7d7f1f5f32ead0 | |
parent | Fix obvious bug in XInventoryService.GetFolderItems() which was preventing th... (diff) | |
download | opensim-SC-67417f647876e32bc9464c5ec76740437cc49b46.zip opensim-SC-67417f647876e32bc9464c5ec76740437cc49b46.tar.gz opensim-SC-67417f647876e32bc9464c5ec76740437cc49b46.tar.bz2 opensim-SC-67417f647876e32bc9464c5ec76740437cc49b46.tar.xz |
Fix a permissions issue
-rw-r--r-- | OpenSim/Region/Framework/Scenes/Scene.Inventory.cs | 104 | ||||
-rw-r--r-- | OpenSim/Region/Framework/Scenes/SceneObjectGroup.Inventory.cs | 18 |
2 files changed, 101 insertions, 21 deletions
diff --git a/OpenSim/Region/Framework/Scenes/Scene.Inventory.cs b/OpenSim/Region/Framework/Scenes/Scene.Inventory.cs index 2ccb5dd..f58e27e 100644 --- a/OpenSim/Region/Framework/Scenes/Scene.Inventory.cs +++ b/OpenSim/Region/Framework/Scenes/Scene.Inventory.cs | |||
@@ -384,29 +384,105 @@ namespace OpenSim.Region.Framework.Scenes | |||
384 | 384 | ||
385 | if (Permissions.PropagatePermissions() && recipient != senderId) | 385 | if (Permissions.PropagatePermissions() && recipient != senderId) |
386 | { | 386 | { |
387 | // First, make sore base is limited to the next perms | 387 | // Trying to do this right this time. This is evil. If |
388 | itemCopy.BasePermissions = item.BasePermissions & (item.NextPermissions | (uint)PermissionMask.Move); | 388 | // you believe in Good, go elsewhere. Vampires and other |
389 | // By default, current equals base | 389 | // evil creatores only beyond this point. You have been |
390 | itemCopy.CurrentPermissions = itemCopy.BasePermissions & item.CurrentPermissions; | 390 | // warned. |
391 | 391 | ||
392 | // If this is an object, replace current perms | 392 | // We're going to mask a lot of things by the next perms |
393 | // with folded perms | 393 | // Tweak the next perms to be nicer to our data |
394 | // | ||
395 | // In this mask, all the bits we do NOT want to mess | ||
396 | // with are set. These are: | ||
397 | // | ||
398 | // Transfer | ||
399 | // Copy | ||
400 | // Modufy | ||
401 | uint permsMask = ~ ((uint)PermissionMask.Copy | | ||
402 | (uint)PermissionMask.Transfer | | ||
403 | (uint)PermissionMask.Modify); | ||
404 | |||
405 | // Now, reduce the next perms to the mask bits | ||
406 | // relevant to the operation | ||
407 | uint nextPerms = permsMask | (item.NextPermissions & | ||
408 | ((uint)PermissionMask.Copy | | ||
409 | (uint)PermissionMask.Transfer | | ||
410 | (uint)PermissionMask.Modify)); | ||
411 | |||
412 | // nextPerms now has all bits set, except for the actual | ||
413 | // next permission bits. | ||
414 | |||
415 | // This checks for no mod, no copy, no trans. | ||
416 | // This indicates an error or messed up item. Do it like | ||
417 | // SL and assume trans | ||
418 | if (nextPerms == permsMask) | ||
419 | nextPerms |= (uint)PermissionMask.Transfer; | ||
420 | |||
421 | // Inventory owner perms are the logical AND of the | ||
422 | // folded perms and the root prim perms, however, if | ||
423 | // the root prim is mod, the inventory perms will be | ||
424 | // mod. This happens on "take" and is of little concern | ||
425 | // here, save for preventing escalation | ||
426 | |||
427 | // This hack ensures that items previously permalocked | ||
428 | // get unlocked when they're passed or rezzed | ||
429 | uint basePerms = item.BasePermissions | | ||
430 | (uint)PermissionMask.Move; | ||
431 | uint ownerPerms = item.CurrentPermissions; | ||
432 | |||
433 | // If this is an object, root prim perms may be more | ||
434 | // permissive than folded perms. Use folded perms as | ||
435 | // a mask | ||
394 | if (item.InvType == (int)InventoryType.Object) | 436 | if (item.InvType == (int)InventoryType.Object) |
395 | { | 437 | { |
396 | itemCopy.CurrentPermissions &= ~(uint)(PermissionMask.Copy | PermissionMask.Modify | PermissionMask.Transfer); | 438 | // Create a safe mask for the current perms |
397 | itemCopy.CurrentPermissions |= (item.CurrentPermissions & 7) << 13; | 439 | uint foldedPerms = (item.CurrentPermissions & 7) << 13; |
440 | foldedPerms |= permsMask; | ||
441 | |||
442 | bool isRootMod = (item.CurrentPermissions & | ||
443 | (uint)PermissionMask.Modify) != 0 ? | ||
444 | true : false; | ||
445 | |||
446 | // Mask the owner perms to the folded perms | ||
447 | ownerPerms &= foldedPerms; | ||
448 | basePerms &= foldedPerms; | ||
449 | |||
450 | // If the root was mod, let the mask reflect that | ||
451 | // We also need to adjust the base here, because | ||
452 | // we should be able to edit in-inventory perms | ||
453 | // for the root prim, if it's mod. | ||
454 | if (isRootMod) | ||
455 | { | ||
456 | ownerPerms |= (uint)PermissionMask.Modify; | ||
457 | basePerms |= (uint)PermissionMask.Modify; | ||
458 | } | ||
398 | } | 459 | } |
399 | 460 | ||
400 | // Ensure there is no escalation | 461 | // These will be applied to the root prim at next rez. |
401 | itemCopy.CurrentPermissions &= (item.NextPermissions | (uint)PermissionMask.Move); | 462 | // The slam bit (bit 3) and folded permission (bits 0-2) |
463 | // are preserved due to the above mangling | ||
464 | ownerPerms &= nextPerms; | ||
402 | 465 | ||
403 | // Need slam bit on xfer | 466 | // Mask the base permissions. This is a conservative |
404 | itemCopy.CurrentPermissions |= 8; | 467 | // approach altering only the three main perms |
468 | basePerms &= nextPerms; | ||
469 | |||
470 | // Assign to the actual item. Make sure the slam bit is | ||
471 | // set, if it wasn't set before. | ||
472 | itemCopy.BasePermissions = basePerms; | ||
473 | itemCopy.CurrentPermissions = ownerPerms | 16; // Slam | ||
405 | 474 | ||
406 | itemCopy.NextPermissions = item.NextPermissions; | 475 | itemCopy.NextPermissions = item.NextPermissions; |
407 | 476 | ||
408 | itemCopy.EveryOnePermissions = 0; | 477 | // This preserves "everyone can move" |
478 | itemCopy.EveryOnePermissions = item.EveryOnePermissions & | ||
479 | nextPerms; | ||
480 | |||
481 | // Intentionally killing "share with group" here, as | ||
482 | // the recipient will not have the group this is | ||
483 | // set to | ||
409 | itemCopy.GroupPermissions = 0; | 484 | itemCopy.GroupPermissions = 0; |
485 | |||
410 | } | 486 | } |
411 | else | 487 | else |
412 | { | 488 | { |
diff --git a/OpenSim/Region/Framework/Scenes/SceneObjectGroup.Inventory.cs b/OpenSim/Region/Framework/Scenes/SceneObjectGroup.Inventory.cs index f7e46af..f96573d 100644 --- a/OpenSim/Region/Framework/Scenes/SceneObjectGroup.Inventory.cs +++ b/OpenSim/Region/Framework/Scenes/SceneObjectGroup.Inventory.cs | |||
@@ -281,7 +281,7 @@ namespace OpenSim.Region.Framework.Scenes | |||
281 | PermissionMask.Move | | 281 | PermissionMask.Move | |
282 | PermissionMask.Transfer) | 7; | 282 | PermissionMask.Transfer) | 7; |
283 | 283 | ||
284 | uint ownerMask = 0x7ffffff; | 284 | uint ownerMask = 0x7fffffff; |
285 | foreach (SceneObjectPart part in m_parts.Values) | 285 | foreach (SceneObjectPart part in m_parts.Values) |
286 | { | 286 | { |
287 | ownerMask &= part.OwnerMask; | 287 | ownerMask &= part.OwnerMask; |
@@ -295,12 +295,16 @@ namespace OpenSim.Region.Framework.Scenes | |||
295 | if ((ownerMask & (uint)PermissionMask.Transfer) == 0) | 295 | if ((ownerMask & (uint)PermissionMask.Transfer) == 0) |
296 | perms &= ~(uint)PermissionMask.Transfer; | 296 | perms &= ~(uint)PermissionMask.Transfer; |
297 | 297 | ||
298 | if ((ownerMask & RootPart.NextOwnerMask & (uint)PermissionMask.Modify) == 0) | 298 | // If root prim permissions are applied here, this would screw |
299 | perms &= ~((uint)PermissionMask.Modify >> 13); | 299 | // with in-inventory manipulation of the next owner perms |
300 | if ((ownerMask & RootPart.NextOwnerMask & (uint)PermissionMask.Copy) == 0) | 300 | // in a major way. So, let's move this to the give itself. |
301 | perms &= ~((uint)PermissionMask.Copy >> 13); | 301 | // Yes. I know. Evil. |
302 | if ((ownerMask & RootPart.NextOwnerMask & (uint)PermissionMask.Transfer) == 0) | 302 | // if ((ownerMask & RootPart.NextOwnerMask & (uint)PermissionMask.Modify) == 0) |
303 | perms &= ~((uint)PermissionMask.Transfer >> 13); | 303 | // perms &= ~((uint)PermissionMask.Modify >> 13); |
304 | // if ((ownerMask & RootPart.NextOwnerMask & (uint)PermissionMask.Copy) == 0) | ||
305 | // perms &= ~((uint)PermissionMask.Copy >> 13); | ||
306 | // if ((ownerMask & RootPart.NextOwnerMask & (uint)PermissionMask.Transfer) == 0) | ||
307 | // perms &= ~((uint)PermissionMask.Transfer >> 13); | ||
304 | 308 | ||
305 | return perms; | 309 | return perms; |
306 | } | 310 | } |