diff options
author | Melanie | 2012-03-18 20:44:56 +0000 |
---|---|---|
committer | Melanie | 2012-03-18 20:44:56 +0000 |
commit | c7e302864a2eef7f9587ed22286c96a6074ac5b3 (patch) | |
tree | 8f0df2f66811309fd790966770434fa3ff68bfdf /OpenSim/Region/CoreModules/ServiceConnectorsOut | |
parent | Merge branch 'ubitwork' (diff) | |
parent | Amend to previous commit: normalize strings ToLower. (diff) | |
download | opensim-SC-c7e302864a2eef7f9587ed22286c96a6074ac5b3.zip opensim-SC-c7e302864a2eef7f9587ed22286c96a6074ac5b3.tar.gz opensim-SC-c7e302864a2eef7f9587ed22286c96a6074ac5b3.tar.bz2 opensim-SC-c7e302864a2eef7f9587ed22286c96a6074ac5b3.tar.xz |
Merge branch 'master' into careminster
Conflicts:
OpenSim/Region/CoreModules/World/Estate/EstateManagementModule.cs
OpenSim/Region/Framework/Scenes/Scene.PacketHandlers.cs
OpenSim/Region/Framework/Scenes/Scene.cs
Diffstat (limited to 'OpenSim/Region/CoreModules/ServiceConnectorsOut')
2 files changed, 140 insertions, 27 deletions
diff --git a/OpenSim/Region/CoreModules/ServiceConnectorsOut/Authorization/AuthorizationService.cs b/OpenSim/Region/CoreModules/ServiceConnectorsOut/Authorization/AuthorizationService.cs new file mode 100644 index 0000000..f0d21e6 --- /dev/null +++ b/OpenSim/Region/CoreModules/ServiceConnectorsOut/Authorization/AuthorizationService.cs | |||
@@ -0,0 +1,124 @@ | |||
1 | /* | ||
2 | * Copyright (c) Contributors, http://opensimulator.org/ | ||
3 | * See CONTRIBUTORS.TXT for a full list of copyright holders. | ||
4 | * | ||
5 | * Redistribution and use in source and binary forms, with or without | ||
6 | * modification, are permitted provided that the following conditions are met: | ||
7 | * * Redistributions of source code must retain the above copyright | ||
8 | * notice, this list of conditions and the following disclaimer. | ||
9 | * * Redistributions in binary form must reproduce the above copyright | ||
10 | * notice, this list of conditions and the following disclaimer in the | ||
11 | * documentation and/or other materials provided with the distribution. | ||
12 | * * Neither the name of the OpenSimulator Project nor the | ||
13 | * names of its contributors may be used to endorse or promote products | ||
14 | * derived from this software without specific prior written permission. | ||
15 | * | ||
16 | * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY | ||
17 | * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED | ||
18 | * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE | ||
19 | * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY | ||
20 | * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES | ||
21 | * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
22 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND | ||
23 | * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | ||
24 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS | ||
25 | * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
26 | */ | ||
27 | |||
28 | using System; | ||
29 | using System.Collections.Generic; | ||
30 | using System.Linq; | ||
31 | using System.Reflection; | ||
32 | using Nini.Config; | ||
33 | using log4net; | ||
34 | using OpenSim.Framework; | ||
35 | using OpenSim.Services.Interfaces; | ||
36 | using OpenSim.Region.Framework.Interfaces; | ||
37 | using OpenSim.Region.Framework.Scenes; | ||
38 | using OpenMetaverse; | ||
39 | |||
40 | using GridRegion = OpenSim.Services.Interfaces.GridRegion; | ||
41 | |||
42 | namespace OpenSim.Region.CoreModules.ServiceConnectorsOut.Authorization | ||
43 | { | ||
44 | public class AuthorizationService : IAuthorizationService | ||
45 | { | ||
46 | private enum AccessFlags | ||
47 | { | ||
48 | None = 0, /* No restrictions */ | ||
49 | DisallowResidents = 1, /* Only gods and managers*/ | ||
50 | DisallowForeigners = 2, /* Only local people */ | ||
51 | } | ||
52 | |||
53 | private static readonly ILog m_log = | ||
54 | LogManager.GetLogger( | ||
55 | MethodBase.GetCurrentMethod().DeclaringType); | ||
56 | |||
57 | private IUserManagement m_UserManagement; | ||
58 | private IGridService m_GridService; | ||
59 | |||
60 | private Scene m_Scene; | ||
61 | AccessFlags m_accessValue = AccessFlags.None; | ||
62 | |||
63 | |||
64 | public AuthorizationService(IConfig config, Scene scene) | ||
65 | { | ||
66 | m_Scene = scene; | ||
67 | m_UserManagement = scene.RequestModuleInterface<IUserManagement>(); | ||
68 | m_GridService = scene.GridService; | ||
69 | |||
70 | if (config != null) | ||
71 | { | ||
72 | string accessStr = config.GetString("Region_" + scene.RegionInfo.RegionName.Replace(' ', '_'), String.Empty); | ||
73 | if (accessStr != string.Empty) | ||
74 | { | ||
75 | try | ||
76 | { | ||
77 | m_accessValue = (AccessFlags)Enum.Parse(typeof(AccessFlags), accessStr); | ||
78 | } | ||
79 | catch (ArgumentException) | ||
80 | { | ||
81 | m_log.WarnFormat("[AuthorizationService]: {0} is not a valid access flag", accessStr); | ||
82 | } | ||
83 | } | ||
84 | m_log.DebugFormat("[AuthorizationService]: Region {0} access restrictions: {1}", m_Scene.RegionInfo.RegionName, m_accessValue); | ||
85 | } | ||
86 | |||
87 | } | ||
88 | |||
89 | public bool IsAuthorizedForRegion( | ||
90 | string user, string firstName, string lastName, string regionID, out string message) | ||
91 | { | ||
92 | message = "authorized"; | ||
93 | |||
94 | // This should not happen | ||
95 | if (m_Scene.RegionInfo.RegionID.ToString() != regionID) | ||
96 | { | ||
97 | m_log.WarnFormat("[AuthorizationService]: Service for region {0} received request to authorize for region {1}", | ||
98 | m_Scene.RegionInfo.RegionID, regionID); | ||
99 | return true; | ||
100 | } | ||
101 | |||
102 | if (m_accessValue == AccessFlags.None) | ||
103 | return true; | ||
104 | |||
105 | UUID userID = new UUID(user); | ||
106 | bool authorized = true; | ||
107 | if ((m_accessValue & AccessFlags.DisallowForeigners) == AccessFlags.DisallowForeigners) | ||
108 | { | ||
109 | authorized = m_UserManagement.IsLocalGridUser(userID); | ||
110 | if (!authorized) | ||
111 | message = "no foreigner users allowed in this region"; | ||
112 | } | ||
113 | if (authorized && (m_accessValue & AccessFlags.DisallowResidents) == AccessFlags.DisallowResidents) | ||
114 | { | ||
115 | authorized = m_Scene.Permissions.IsGod(userID) | m_Scene.Permissions.IsAdministrator(userID); | ||
116 | if (!authorized) | ||
117 | message = "only Admins and Managers allowed in this region"; | ||
118 | } | ||
119 | |||
120 | return authorized; | ||
121 | } | ||
122 | |||
123 | } | ||
124 | } \ No newline at end of file | ||
diff --git a/OpenSim/Region/CoreModules/ServiceConnectorsOut/Authorization/LocalAuthorizationServiceConnector.cs b/OpenSim/Region/CoreModules/ServiceConnectorsOut/Authorization/LocalAuthorizationServiceConnector.cs index 18a7177..c982db6 100644 --- a/OpenSim/Region/CoreModules/ServiceConnectorsOut/Authorization/LocalAuthorizationServiceConnector.cs +++ b/OpenSim/Region/CoreModules/ServiceConnectorsOut/Authorization/LocalAuthorizationServiceConnector.cs | |||
@@ -39,13 +39,15 @@ using OpenMetaverse; | |||
39 | 39 | ||
40 | namespace OpenSim.Region.CoreModules.ServiceConnectorsOut.Authorization | 40 | namespace OpenSim.Region.CoreModules.ServiceConnectorsOut.Authorization |
41 | { | 41 | { |
42 | public class LocalAuthorizationServicesConnector : ISharedRegionModule, IAuthorizationService | 42 | public class LocalAuthorizationServicesConnector : INonSharedRegionModule, IAuthorizationService |
43 | { | 43 | { |
44 | private static readonly ILog m_log = | 44 | private static readonly ILog m_log = |
45 | LogManager.GetLogger( | 45 | LogManager.GetLogger( |
46 | MethodBase.GetCurrentMethod().DeclaringType); | 46 | MethodBase.GetCurrentMethod().DeclaringType); |
47 | 47 | ||
48 | private IAuthorizationService m_AuthorizationService; | 48 | private IAuthorizationService m_AuthorizationService; |
49 | private Scene m_Scene; | ||
50 | private IConfig m_AuthorizationConfig; | ||
49 | 51 | ||
50 | private bool m_Enabled = false; | 52 | private bool m_Enabled = false; |
51 | 53 | ||
@@ -69,33 +71,8 @@ namespace OpenSim.Region.CoreModules.ServiceConnectorsOut.Authorization | |||
69 | string name = moduleConfig.GetString("AuthorizationServices", string.Empty); | 71 | string name = moduleConfig.GetString("AuthorizationServices", string.Empty); |
70 | if (name == Name) | 72 | if (name == Name) |
71 | { | 73 | { |
72 | IConfig authorizationConfig = source.Configs["AuthorizationService"]; | ||
73 | if (authorizationConfig == null) | ||
74 | { | ||
75 | m_log.Error("[AUTHORIZATION CONNECTOR]: AuthorizationService missing from OpenSim.ini"); | ||
76 | return; | ||
77 | } | ||
78 | |||
79 | string serviceDll = authorizationConfig.GetString("LocalServiceModule", | ||
80 | String.Empty); | ||
81 | |||
82 | if (serviceDll == String.Empty) | ||
83 | { | ||
84 | m_log.Error("[AUTHORIZATION CONNECTOR]: No LocalServiceModule named in section AuthorizationService"); | ||
85 | return; | ||
86 | } | ||
87 | |||
88 | Object[] args = new Object[] { source }; | ||
89 | m_AuthorizationService = | ||
90 | ServerUtils.LoadPlugin<IAuthorizationService>(serviceDll, | ||
91 | args); | ||
92 | |||
93 | if (m_AuthorizationService == null) | ||
94 | { | ||
95 | m_log.Error("[AUTHORIZATION CONNECTOR]: Can't load authorization service"); | ||
96 | return; | ||
97 | } | ||
98 | m_Enabled = true; | 74 | m_Enabled = true; |
75 | m_AuthorizationConfig = source.Configs["AuthorizationService"]; | ||
99 | m_log.Info("[AUTHORIZATION CONNECTOR]: Local authorization connector enabled"); | 76 | m_log.Info("[AUTHORIZATION CONNECTOR]: Local authorization connector enabled"); |
100 | } | 77 | } |
101 | } | 78 | } |
@@ -115,6 +92,9 @@ namespace OpenSim.Region.CoreModules.ServiceConnectorsOut.Authorization | |||
115 | return; | 92 | return; |
116 | 93 | ||
117 | scene.RegisterModuleInterface<IAuthorizationService>(this); | 94 | scene.RegisterModuleInterface<IAuthorizationService>(this); |
95 | m_Scene = scene; | ||
96 | |||
97 | scene.EventManager.OnLoginsEnabled += new EventManager.LoginsEnabled(OnLoginsEnabled); | ||
118 | } | 98 | } |
119 | 99 | ||
120 | public void RemoveRegion(Scene scene) | 100 | public void RemoveRegion(Scene scene) |
@@ -131,9 +111,18 @@ namespace OpenSim.Region.CoreModules.ServiceConnectorsOut.Authorization | |||
131 | scene.RegionInfo.RegionName); | 111 | scene.RegionInfo.RegionName); |
132 | } | 112 | } |
133 | 113 | ||
114 | private void OnLoginsEnabled(string regionName) | ||
115 | { | ||
116 | m_AuthorizationService = new AuthorizationService(m_AuthorizationConfig, m_Scene); | ||
117 | } | ||
118 | |||
134 | public bool IsAuthorizedForRegion( | 119 | public bool IsAuthorizedForRegion( |
135 | string userID, string firstName, string lastName, string regionID, out string message) | 120 | string userID, string firstName, string lastName, string regionID, out string message) |
136 | { | 121 | { |
122 | message = ""; | ||
123 | if (!m_Enabled) | ||
124 | return true; | ||
125 | |||
137 | return m_AuthorizationService.IsAuthorizedForRegion(userID, firstName, lastName, regionID, out message); | 126 | return m_AuthorizationService.IsAuthorizedForRegion(userID, firstName, lastName, regionID, out message); |
138 | } | 127 | } |
139 | } | 128 | } |