diff options
author | mingchen | 2008-05-08 19:37:57 +0000 |
---|---|---|
committer | mingchen | 2008-05-08 19:37:57 +0000 |
commit | 6c71a04da8150f7948df7a43f532e525d44cc4e7 (patch) | |
tree | e9ed76fd72fa84f9aad4ff5dec66972e08e93b82 /OpenSim/Region/Environment/Modules/World | |
parent | * Committing an extra bit of permissions for attaching to ensure that the per... (diff) | |
download | opensim-SC-6c71a04da8150f7948df7a43f532e525d44cc4e7.zip opensim-SC-6c71a04da8150f7948df7a43f532e525d44cc4e7.tar.gz opensim-SC-6c71a04da8150f7948df7a43f532e525d44cc4e7.tar.bz2 opensim-SC-6c71a04da8150f7948df7a43f532e525d44cc4e7.tar.xz |
*Added all the permission checks to the sceneexternalchecks and modified permission module to follow this.
*This makes permission checking much more modular; allows restrictive and granting module to be made without modifying the existing permission module
Diffstat (limited to 'OpenSim/Region/Environment/Modules/World')
-rw-r--r-- | OpenSim/Region/Environment/Modules/World/Permissions/PermissionsModule.cs | 100 | ||||
-rw-r--r-- | OpenSim/Region/Environment/Modules/World/Terrain/TerrainModule.cs | 2 |
2 files changed, 59 insertions, 43 deletions
diff --git a/OpenSim/Region/Environment/Modules/World/Permissions/PermissionsModule.cs b/OpenSim/Region/Environment/Modules/World/Permissions/PermissionsModule.cs index 7bd1bb3..16cd211 100644 --- a/OpenSim/Region/Environment/Modules/World/Permissions/PermissionsModule.cs +++ b/OpenSim/Region/Environment/Modules/World/Permissions/PermissionsModule.cs | |||
@@ -61,12 +61,33 @@ namespace OpenSim.Region.Environment.Modules.World.Permissions | |||
61 | { | 61 | { |
62 | m_scene = scene; | 62 | m_scene = scene; |
63 | 63 | ||
64 | // FIXME: Possibly move all permissions related stuff to its own section | ||
65 | IConfig myConfig = config.Configs["Startup"]; | 64 | IConfig myConfig = config.Configs["Startup"]; |
66 | 65 | ||
67 | m_bypassPermissions = !myConfig.GetBoolean("serverside_object_permissions", false); | 66 | m_bypassPermissions = !myConfig.GetBoolean("serverside_object_permissions", true); |
68 | 67 | ||
69 | m_scene.RegisterModuleInterface<IScenePermissions>(this); | 68 | m_scene.RegisterModuleInterface<IScenePermissions>(this); |
69 | |||
70 | //Register External Permission Checks! | ||
71 | m_scene.ExternalChecks.addCheckAbandonParcel(this.CanAbandonParcel); | ||
72 | m_scene.ExternalChecks.addCheckCopyObject(this.CanCopyObject); | ||
73 | m_scene.ExternalChecks.addCheckDeRezObject(this.CanDeRezObject); | ||
74 | m_scene.ExternalChecks.addCheckEditEstateTerrain(this.CanEditEstateTerrain); | ||
75 | m_scene.ExternalChecks.addCheckEditObject(this.CanEditObject); | ||
76 | m_scene.ExternalChecks.addCheckEditParcel(this.CanEditParcel); | ||
77 | m_scene.ExternalChecks.addCheckEditScript(this.CanEditScript); | ||
78 | m_scene.ExternalChecks.addCheckInstantMessage(this.CanInstantMessage); | ||
79 | m_scene.ExternalChecks.addCheckInventoryTransfer(this.CanInventoryTransfer); | ||
80 | m_scene.ExternalChecks.addCheckMoveObject(this.CanEditObjectPosition); | ||
81 | m_scene.ExternalChecks.addCheckRestartSim(this.CanRestartSim); | ||
82 | m_scene.ExternalChecks.addCheckReturnObject(this.CanReturnObject); | ||
83 | m_scene.ExternalChecks.addCheckRezObject(this.CanRezObject); | ||
84 | m_scene.ExternalChecks.addCheckBeGodLike(this.CanBeGodLike); | ||
85 | m_scene.ExternalChecks.addCheckRunConsoleCommand(this.CanRunConsoleCommand); | ||
86 | m_scene.ExternalChecks.addCheckRunScript(this.CanRunScript); | ||
87 | m_scene.ExternalChecks.addCheckSellParcel(this.CanSellParcel); | ||
88 | //m_scene.ExternalChecks.addCheckTakeObject; -- NOT YET IMPLEMENTED | ||
89 | m_scene.ExternalChecks.addCheckTerraformLandCommand(this.CanTerraform); | ||
90 | |||
70 | } | 91 | } |
71 | 92 | ||
72 | public void PostInitialise() | 93 | public void PostInitialise() |
@@ -89,12 +110,12 @@ namespace OpenSim.Region.Environment.Modules.World.Permissions | |||
89 | 110 | ||
90 | #endregion | 111 | #endregion |
91 | 112 | ||
92 | protected virtual void SendPermissionError(LLUUID user, string reason) | 113 | protected void SendPermissionError(LLUUID user, string reason) |
93 | { | 114 | { |
94 | m_scene.EventManager.TriggerPermissionError(user, reason); | 115 | m_scene.EventManager.TriggerPermissionError(user, reason); |
95 | } | 116 | } |
96 | 117 | ||
97 | protected virtual bool IsAdministrator(LLUUID user) | 118 | protected bool IsAdministrator(LLUUID user) |
98 | { | 119 | { |
99 | if (m_bypassPermissions) | 120 | if (m_bypassPermissions) |
100 | { | 121 | { |
@@ -110,7 +131,7 @@ namespace OpenSim.Region.Environment.Modules.World.Permissions | |||
110 | return false; | 131 | return false; |
111 | } | 132 | } |
112 | 133 | ||
113 | public virtual bool IsEstateManager(LLUUID user) | 134 | public bool IsEstateManager(LLUUID user) |
114 | { | 135 | { |
115 | if (m_bypassPermissions) | 136 | if (m_bypassPermissions) |
116 | { | 137 | { |
@@ -130,17 +151,17 @@ namespace OpenSim.Region.Environment.Modules.World.Permissions | |||
130 | return false; | 151 | return false; |
131 | } | 152 | } |
132 | 153 | ||
133 | protected virtual bool IsGridUser(LLUUID user) | 154 | protected bool IsGridUser(LLUUID user) |
134 | { | 155 | { |
135 | return true; | 156 | return true; |
136 | } | 157 | } |
137 | 158 | ||
138 | protected virtual bool IsGuest(LLUUID user) | 159 | protected bool IsGuest(LLUUID user) |
139 | { | 160 | { |
140 | return false; | 161 | return false; |
141 | } | 162 | } |
142 | 163 | ||
143 | public virtual bool CanRezObject(LLUUID user, LLVector3 position, int objectCount) | 164 | public bool CanRezObject(int objectCount, LLUUID user, LLVector3 position,Scene scene) |
144 | { | 165 | { |
145 | bool permission = false; | 166 | bool permission = false; |
146 | 167 | ||
@@ -148,13 +169,6 @@ namespace OpenSim.Region.Environment.Modules.World.Permissions | |||
148 | 169 | ||
149 | string reason = "Insufficient permission"; | 170 | string reason = "Insufficient permission"; |
150 | 171 | ||
151 | //Perform ExternalChecks first! | ||
152 | bool results = m_scene.ExternalChecks.ExternalChecksCanRezObject(objectCount, user, position); | ||
153 | if (results == false) | ||
154 | { | ||
155 | return false; | ||
156 | } | ||
157 | |||
158 | ILandObject land = m_scene.LandChannel.GetLandObject(position.X, position.Y); | 172 | ILandObject land = m_scene.LandChannel.GetLandObject(position.X, position.Y); |
159 | if (land == null) return false; | 173 | if (land == null) return false; |
160 | 174 | ||
@@ -189,7 +203,7 @@ namespace OpenSim.Region.Environment.Modules.World.Permissions | |||
189 | } | 203 | } |
190 | 204 | ||
191 | /// <see cref="Opensim.Region.Environment.Interfaces.IScenePermissions></see> | 205 | /// <see cref="Opensim.Region.Environment.Interfaces.IScenePermissions></see> |
192 | public virtual bool CanObjectEntry(LLUUID user, LLVector3 oldPos, LLVector3 newPos) | 206 | public bool CanObjectEntry(LLUUID user, LLVector3 oldPos, LLVector3 newPos) |
193 | { | 207 | { |
194 | if ((newPos.X > 257f || newPos.X < -1f || newPos.Y > 257f || newPos.Y < -1f)) | 208 | if ((newPos.X > 257f || newPos.X < -1f || newPos.Y > 257f || newPos.Y < -1f)) |
195 | { | 209 | { |
@@ -233,7 +247,7 @@ namespace OpenSim.Region.Environment.Modules.World.Permissions | |||
233 | 247 | ||
234 | #region Object Permissions | 248 | #region Object Permissions |
235 | 249 | ||
236 | public virtual uint GenerateClientFlags(LLUUID user, LLUUID objID) | 250 | public uint GenerateClientFlags(LLUUID user, LLUUID objID) |
237 | { | 251 | { |
238 | // Here's the way this works, | 252 | // Here's the way this works, |
239 | // ObjectFlags and Permission flags are two different enumerations | 253 | // ObjectFlags and Permission flags are two different enumerations |
@@ -344,7 +358,7 @@ namespace OpenSim.Region.Environment.Modules.World.Permissions | |||
344 | return objectFlagsMask; | 358 | return objectFlagsMask; |
345 | } | 359 | } |
346 | 360 | ||
347 | protected virtual bool GenericObjectPermission(LLUUID currentUser, LLUUID objId) | 361 | protected bool GenericObjectPermission(LLUUID currentUser, LLUUID objId) |
348 | { | 362 | { |
349 | // Default: deny | 363 | // Default: deny |
350 | bool permission = false; | 364 | bool permission = false; |
@@ -414,17 +428,17 @@ namespace OpenSim.Region.Environment.Modules.World.Permissions | |||
414 | } | 428 | } |
415 | 429 | ||
416 | /// <see cref="Opensim.Region.Environment.Interfaces.IScenePermissions></see> | 430 | /// <see cref="Opensim.Region.Environment.Interfaces.IScenePermissions></see> |
417 | public virtual bool CanDeRezObject(LLUUID user, LLUUID obj) | 431 | public bool CanDeRezObject(LLUUID obj,LLUUID user, Scene scene) |
418 | { | 432 | { |
419 | return GenericObjectPermission(user, obj); | 433 | return GenericObjectPermission(user, obj); |
420 | } | 434 | } |
421 | 435 | ||
422 | public virtual bool CanEditObject(LLUUID user, LLUUID obj) | 436 | public bool CanEditObject(LLUUID obj, LLUUID user, Scene scene) |
423 | { | 437 | { |
424 | return GenericObjectPermission(user, obj); | 438 | return GenericObjectPermission(user, obj); |
425 | } | 439 | } |
426 | 440 | ||
427 | public virtual bool CanEditObjectPosition(LLUUID user, LLUUID obj) | 441 | public bool CanEditObjectPosition(LLUUID obj, LLUUID user, Scene scene) |
428 | { | 442 | { |
429 | bool permission = GenericObjectPermission(user, obj); | 443 | bool permission = GenericObjectPermission(user, obj); |
430 | if (!permission) | 444 | if (!permission) |
@@ -499,7 +513,7 @@ namespace OpenSim.Region.Environment.Modules.World.Permissions | |||
499 | return permission; | 513 | return permission; |
500 | } | 514 | } |
501 | 515 | ||
502 | public virtual bool CanCopyObject(LLUUID user, LLUUID obj) | 516 | public bool CanCopyObject(int objectCount, LLUUID obj, LLUUID user, Scene scene, LLVector3 objectPosition) |
503 | { | 517 | { |
504 | bool permission = GenericObjectPermission(user, obj); | 518 | bool permission = GenericObjectPermission(user, obj); |
505 | if (permission) | 519 | if (permission) |
@@ -521,15 +535,14 @@ namespace OpenSim.Region.Environment.Modules.World.Permissions | |||
521 | // the administrator object permissions to take effect. | 535 | // the administrator object permissions to take effect. |
522 | LLUUID objectOwner = task.OwnerID; | 536 | LLUUID objectOwner = task.OwnerID; |
523 | 537 | ||
524 | //Check ExternalChecks! | 538 | |
525 | if (m_scene.ExternalChecks.ExternalChecksCanRezObject(task.Children.Count, objectOwner, task.GroupCentrePoint) == false) return false; | ||
526 | if ((task.RootPart.EveryoneMask & PERM_COPY) != 0) | 539 | if ((task.RootPart.EveryoneMask & PERM_COPY) != 0) |
527 | permission = true; | 540 | permission = true; |
528 | } | 541 | } |
529 | return permission; | 542 | return permission; |
530 | } | 543 | } |
531 | 544 | ||
532 | public virtual bool CanReturnObject(LLUUID user, LLUUID obj) | 545 | public bool CanReturnObject(LLUUID obj, LLUUID user, Scene scene) |
533 | { | 546 | { |
534 | return GenericObjectPermission(user, obj); | 547 | return GenericObjectPermission(user, obj); |
535 | } | 548 | } |
@@ -538,7 +551,7 @@ namespace OpenSim.Region.Environment.Modules.World.Permissions | |||
538 | 551 | ||
539 | #region Communication Permissions | 552 | #region Communication Permissions |
540 | 553 | ||
541 | protected virtual bool GenericCommunicationPermission(LLUUID user, LLUUID target) | 554 | protected bool GenericCommunicationPermission(LLUUID user, LLUUID target) |
542 | { | 555 | { |
543 | bool permission = false; | 556 | bool permission = false; |
544 | string reason = "Only registered users may communicate with another account."; | 557 | string reason = "Only registered users may communicate with another account."; |
@@ -563,36 +576,34 @@ namespace OpenSim.Region.Environment.Modules.World.Permissions | |||
563 | return permission; | 576 | return permission; |
564 | } | 577 | } |
565 | 578 | ||
566 | public virtual bool CanInstantMessage(LLUUID user, LLUUID target) | 579 | public bool CanInstantMessage(LLUUID user, LLUUID target, Scene scene) |
567 | { | 580 | { |
568 | return GenericCommunicationPermission(user, target); | 581 | return GenericCommunicationPermission(user, target); |
569 | } | 582 | } |
570 | 583 | ||
571 | public virtual bool CanInventoryTransfer(LLUUID user, LLUUID target) | 584 | public bool CanInventoryTransfer(LLUUID user, LLUUID target, Scene scene) |
572 | { | 585 | { |
573 | return GenericCommunicationPermission(user, target); | 586 | return GenericCommunicationPermission(user, target); |
574 | } | 587 | } |
575 | 588 | ||
576 | #endregion | 589 | #endregion |
577 | 590 | ||
578 | public virtual bool CanEditScript(LLUUID user, LLUUID script) | 591 | public bool CanEditScript(LLUUID script, LLUUID user, Scene scene) |
579 | { | 592 | { |
580 | return IsAdministrator(user); | 593 | return IsAdministrator(user); |
581 | } | 594 | } |
582 | 595 | ||
583 | public virtual bool CanRunScript(LLUUID user, LLUUID script) | 596 | public bool CanRunScript(LLUUID script, LLUUID user, Scene scene) |
584 | { | 597 | { |
585 | //External Checks! | ||
586 | if (!m_scene.ExternalChecks.ExternalChecksCanRunScript(script, user)) return false; | ||
587 | return IsAdministrator(user); | 598 | return IsAdministrator(user); |
588 | } | 599 | } |
589 | 600 | ||
590 | public virtual bool CanRunConsoleCommand(LLUUID user) | 601 | public bool CanRunConsoleCommand(LLUUID user, Scene scene) |
591 | { | 602 | { |
592 | return IsAdministrator(user); | 603 | return IsAdministrator(user); |
593 | } | 604 | } |
594 | 605 | ||
595 | public virtual bool CanTerraform(LLUUID user, LLVector3 position) | 606 | public bool CanTerraform(LLUUID user, LLVector3 position, Scene scene) |
596 | { | 607 | { |
597 | bool permission = false; | 608 | bool permission = false; |
598 | 609 | ||
@@ -625,7 +636,7 @@ namespace OpenSim.Region.Environment.Modules.World.Permissions | |||
625 | 636 | ||
626 | #region Estate Permissions | 637 | #region Estate Permissions |
627 | 638 | ||
628 | public virtual bool GenericEstatePermission(LLUUID user) | 639 | public bool GenericEstatePermission(LLUUID user) |
629 | { | 640 | { |
630 | // Default: deny | 641 | // Default: deny |
631 | bool permission = false; | 642 | bool permission = false; |
@@ -641,12 +652,12 @@ namespace OpenSim.Region.Environment.Modules.World.Permissions | |||
641 | return permission; | 652 | return permission; |
642 | } | 653 | } |
643 | 654 | ||
644 | public virtual bool CanEditEstateTerrain(LLUUID user) | 655 | public bool CanEditEstateTerrain(LLUUID user, Scene scene) |
645 | { | 656 | { |
646 | return GenericEstatePermission(user); | 657 | return GenericEstatePermission(user); |
647 | } | 658 | } |
648 | 659 | ||
649 | public virtual bool CanRestartSim(LLUUID user) | 660 | public bool CanRestartSim(LLUUID user, Scene scene) |
650 | { | 661 | { |
651 | // Since this is potentially going on a grid... | 662 | // Since this is potentially going on a grid... |
652 | 663 | ||
@@ -654,11 +665,16 @@ namespace OpenSim.Region.Environment.Modules.World.Permissions | |||
654 | //return m_scene.RegionInfo.MasterAvatarAssignedUUID == user; | 665 | //return m_scene.RegionInfo.MasterAvatarAssignedUUID == user; |
655 | } | 666 | } |
656 | 667 | ||
668 | public bool CanBeGodLike(LLUUID user, Scene scene) | ||
669 | { | ||
670 | return GenericEstatePermission(user); | ||
671 | } | ||
672 | |||
657 | #endregion | 673 | #endregion |
658 | 674 | ||
659 | #region Parcel Permissions | 675 | #region Parcel Permissions |
660 | 676 | ||
661 | protected virtual bool GenericParcelPermission(LLUUID user, ILandObject parcel) | 677 | protected bool GenericParcelPermission(LLUUID user, ILandObject parcel) |
662 | { | 678 | { |
663 | bool permission = false; | 679 | bool permission = false; |
664 | 680 | ||
@@ -685,24 +701,24 @@ namespace OpenSim.Region.Environment.Modules.World.Permissions | |||
685 | return permission; | 701 | return permission; |
686 | } | 702 | } |
687 | 703 | ||
688 | protected virtual bool GenericParcelPermission(LLUUID user, LLVector3 pos) | 704 | protected bool GenericParcelPermission(LLUUID user, LLVector3 pos) |
689 | { | 705 | { |
690 | ILandObject parcel = m_scene.LandChannel.GetLandObject(pos.X, pos.Y); | 706 | ILandObject parcel = m_scene.LandChannel.GetLandObject(pos.X, pos.Y); |
691 | if (parcel == null) return false; | 707 | if (parcel == null) return false; |
692 | return GenericParcelPermission(user, parcel); | 708 | return GenericParcelPermission(user, parcel); |
693 | } | 709 | } |
694 | 710 | ||
695 | public virtual bool CanEditParcel(LLUUID user, ILandObject parcel) | 711 | public bool CanEditParcel(LLUUID user, ILandObject parcel, Scene scene) |
696 | { | 712 | { |
697 | return GenericParcelPermission(user, parcel); | 713 | return GenericParcelPermission(user, parcel); |
698 | } | 714 | } |
699 | 715 | ||
700 | public virtual bool CanSellParcel(LLUUID user, ILandObject parcel) | 716 | public bool CanSellParcel(LLUUID user, ILandObject parcel, Scene scene) |
701 | { | 717 | { |
702 | return GenericParcelPermission(user, parcel); | 718 | return GenericParcelPermission(user, parcel); |
703 | } | 719 | } |
704 | 720 | ||
705 | public virtual bool CanAbandonParcel(LLUUID user, ILandObject parcel) | 721 | public bool CanAbandonParcel(LLUUID user, ILandObject parcel, Scene scene) |
706 | { | 722 | { |
707 | return GenericParcelPermission(user, parcel); | 723 | return GenericParcelPermission(user, parcel); |
708 | } | 724 | } |
diff --git a/OpenSim/Region/Environment/Modules/World/Terrain/TerrainModule.cs b/OpenSim/Region/Environment/Modules/World/Terrain/TerrainModule.cs index 91a28e4..4562fb6 100644 --- a/OpenSim/Region/Environment/Modules/World/Terrain/TerrainModule.cs +++ b/OpenSim/Region/Environment/Modules/World/Terrain/TerrainModule.cs | |||
@@ -449,7 +449,7 @@ namespace OpenSim.Region.Environment.Modules.World.Terrain | |||
449 | float south, float east, IClientAPI remoteClient) | 449 | float south, float east, IClientAPI remoteClient) |
450 | { | 450 | { |
451 | // Not a good permissions check, if in area mode, need to check the entire area. | 451 | // Not a good permissions check, if in area mode, need to check the entire area. |
452 | if (m_scene.Permissions.CanTerraform(remoteClient.AgentId, new LLVector3(north, west, 0))) | 452 | if (m_scene.ExternalChecks.ExternalChecksCanTerraformLand(remoteClient.AgentId, new LLVector3(north, west, 0))) |
453 | { | 453 | { |
454 | if (north == south && east == west) | 454 | if (north == south && east == west) |
455 | { | 455 | { |