diff options
author | Justin Clarke Casey | 2008-11-13 18:52:16 +0000 |
---|---|---|
committer | Justin Clarke Casey | 2008-11-13 18:52:16 +0000 |
commit | ef601d805ab948caf1ab4dcf4f5ee2ff640be1df (patch) | |
tree | 8c7c5390eac69b258c28ecab121a94ad566446e3 /OpenSim/Region/Environment/Modules | |
parent | * Attempt to make OpenSim.ini.example a bit more readable by (diff) | |
download | opensim-SC-ef601d805ab948caf1ab4dcf4f5ee2ff640be1df.zip opensim-SC-ef601d805ab948caf1ab4dcf4f5ee2ff640be1df.tar.gz opensim-SC-ef601d805ab948caf1ab4dcf4f5ee2ff640be1df.tar.bz2 opensim-SC-ef601d805ab948caf1ab4dcf4f5ee2ff640be1df.tar.xz |
* First part of a series of patches
* Intension is to provide a way to lock down script creation to administrators/gods only
* Defaults will remain as they are at the moment
Diffstat (limited to 'OpenSim/Region/Environment/Modules')
-rw-r--r-- | OpenSim/Region/Environment/Modules/World/Permissions/PermissionsModule.cs | 29 |
1 files changed, 22 insertions, 7 deletions
diff --git a/OpenSim/Region/Environment/Modules/World/Permissions/PermissionsModule.cs b/OpenSim/Region/Environment/Modules/World/Permissions/PermissionsModule.cs index 5d48cbd..b6b7d4a 100644 --- a/OpenSim/Region/Environment/Modules/World/Permissions/PermissionsModule.cs +++ b/OpenSim/Region/Environment/Modules/World/Permissions/PermissionsModule.cs | |||
@@ -142,7 +142,6 @@ namespace OpenSim.Region.Environment.Modules.World.Permissions | |||
142 | return; | 142 | return; |
143 | 143 | ||
144 | m_allowGridGods = myConfig.GetBoolean("allow_grid_gods", false); | 144 | m_allowGridGods = myConfig.GetBoolean("allow_grid_gods", false); |
145 | |||
146 | m_bypassPermissions = !myConfig.GetBoolean("serverside_object_permissions", true); | 145 | m_bypassPermissions = !myConfig.GetBoolean("serverside_object_permissions", true); |
147 | m_RegionOwnerIsGod = myConfig.GetBoolean("region_owner_is_god", true); | 146 | m_RegionOwnerIsGod = myConfig.GetBoolean("region_owner_is_god", true); |
148 | m_ParcelOwnerIsGod = myConfig.GetBoolean("parcel_owner_is_god", true); | 147 | m_ParcelOwnerIsGod = myConfig.GetBoolean("parcel_owner_is_god", true); |
@@ -236,7 +235,7 @@ namespace OpenSim.Region.Environment.Modules.World.Permissions | |||
236 | protected void DebugPermissionInformation(string permissionCalled) | 235 | protected void DebugPermissionInformation(string permissionCalled) |
237 | { | 236 | { |
238 | if (m_debugPermissions) | 237 | if (m_debugPermissions) |
239 | m_log.Info("[PERMISSIONS]: " + permissionCalled + " was called from " + m_scene.RegionInfo.RegionName); | 238 | m_log.Debug("[PERMISSIONS]: " + permissionCalled + " was called from " + m_scene.RegionInfo.RegionName); |
240 | } | 239 | } |
241 | 240 | ||
242 | protected bool IsAdministrator(UUID user) | 241 | protected bool IsAdministrator(UUID user) |
@@ -408,6 +407,14 @@ namespace OpenSim.Region.Environment.Modules.World.Permissions | |||
408 | return objectFlagsMask; | 407 | return objectFlagsMask; |
409 | } | 408 | } |
410 | 409 | ||
410 | /// <summary> | ||
411 | /// General permissions checks for any operation involving an object. These supplement more specific checks | ||
412 | /// implemented by callers. | ||
413 | /// </summary> | ||
414 | /// <param name="currentUser"></param> | ||
415 | /// <param name="objId"></param> | ||
416 | /// <param name="denyOnLocked"></param> | ||
417 | /// <returns></returns> | ||
411 | protected bool GenericObjectPermission(UUID currentUser, UUID objId, bool denyOnLocked) | 418 | protected bool GenericObjectPermission(UUID currentUser, UUID objId, bool denyOnLocked) |
412 | { | 419 | { |
413 | // Default: deny | 420 | // Default: deny |
@@ -425,7 +432,6 @@ namespace OpenSim.Region.Environment.Modules.World.Permissions | |||
425 | return false; | 432 | return false; |
426 | } | 433 | } |
427 | 434 | ||
428 | |||
429 | SceneObjectGroup group = (SceneObjectGroup)m_scene.Entities[objId]; | 435 | SceneObjectGroup group = (SceneObjectGroup)m_scene.Entities[objId]; |
430 | 436 | ||
431 | UUID objectOwner = group.OwnerID; | 437 | UUID objectOwner = group.OwnerID; |
@@ -477,7 +483,6 @@ namespace OpenSim.Region.Environment.Modules.World.Permissions | |||
477 | return permission; | 483 | return permission; |
478 | } | 484 | } |
479 | 485 | ||
480 | |||
481 | #endregion | 486 | #endregion |
482 | 487 | ||
483 | #region Generic Permissions | 488 | #region Generic Permissions |
@@ -655,8 +660,7 @@ namespace OpenSim.Region.Environment.Modules.World.Permissions | |||
655 | { | 660 | { |
656 | m_log.ErrorFormat("[PERMISSIONS]: Could not find user {0} for edit notecard check", user); | 661 | m_log.ErrorFormat("[PERMISSIONS]: Could not find user {0} for edit notecard check", user); |
657 | return false; | 662 | return false; |
658 | } | 663 | } |
659 | |||
660 | 664 | ||
661 | if (userInfo.RootFolder == null) | 665 | if (userInfo.RootFolder == null) |
662 | return false; | 666 | return false; |
@@ -1214,8 +1218,19 @@ namespace OpenSim.Region.Environment.Modules.World.Permissions | |||
1214 | return true; | 1218 | return true; |
1215 | } | 1219 | } |
1216 | 1220 | ||
1217 | public bool CanCreateInventory(uint invType, UUID objectID, UUID userID) | 1221 | /// <summary> |
1222 | /// Check whether the specified user is allowed to directly create the given inventory type in a prim's | ||
1223 | /// inventory (e.g. the New Script button in the 1.21 Linden Lab client). This permission check does not | ||
1224 | /// apply to existing items that are being dragged in to that prim's inventory. | ||
1225 | /// </summary> | ||
1226 | /// <param name="invType"></param> | ||
1227 | /// <param name="objectID"></param> | ||
1228 | /// <param name="userID"></param> | ||
1229 | /// <returns></returns> | ||
1230 | public bool CanCreateInventory(int invType, UUID objectID, UUID userID) | ||
1218 | { | 1231 | { |
1232 | m_log.Debug("[PERMISSIONS]: CanCreateInventory called"); | ||
1233 | |||
1219 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | 1234 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
1220 | if (m_bypassPermissions) return m_bypassPermissionsValue; | 1235 | if (m_bypassPermissions) return m_bypassPermissionsValue; |
1221 | 1236 | ||