diff options
author | Adam Frisby | 2007-08-15 14:10:26 +0000 |
---|---|---|
committer | Adam Frisby | 2007-08-15 14:10:26 +0000 |
commit | 5699bb2e64766da634ca4be34bc2d8eab991f2e1 (patch) | |
tree | cf471be738a0ac69cf6a7a17b0a53183a7bfe68f /OpenSim/Region/Environment/PermissionManager.cs | |
parent | Partial fix for the permissions on edited notecards/scripts (now you might st... (diff) | |
download | opensim-SC-5699bb2e64766da634ca4be34bc2d8eab991f2e1.zip opensim-SC-5699bb2e64766da634ca4be34bc2d8eab991f2e1.tar.gz opensim-SC-5699bb2e64766da634ca4be34bc2d8eab991f2e1.tar.bz2 opensim-SC-5699bb2e64766da634ca4be34bc2d8eab991f2e1.tar.xz |
* Permissions! - You can now only perform certain functions (such as editing other peoples objects) if you have permission to do so.
* Moved OnPermissionError to EventManager - now triggers a standard blue alert.
* Terraforming now requires permission via the permissions manager. [Defaults to admin-only]
* Permissions manager is now substantiated in Scene
* Buttload of new permissions added.
* Estate manager operations now require various levels of permission to operate
* OGS1 now produces 'summary reports' for a commsManager of each scene it maintains connections for. Reduces grid network traffic for ping checks.
* Added new "permissions true" / "permissions false" console command to enable or disable permissions.
Diffstat (limited to 'OpenSim/Region/Environment/PermissionManager.cs')
-rw-r--r-- | OpenSim/Region/Environment/PermissionManager.cs | 119 |
1 files changed, 110 insertions, 9 deletions
diff --git a/OpenSim/Region/Environment/PermissionManager.cs b/OpenSim/Region/Environment/PermissionManager.cs index 0758566..2698d3f 100644 --- a/OpenSim/Region/Environment/PermissionManager.cs +++ b/OpenSim/Region/Environment/PermissionManager.cs | |||
@@ -15,35 +15,79 @@ namespace OpenSim.Region.Environment | |||
15 | { | 15 | { |
16 | protected Scene m_scene; | 16 | protected Scene m_scene; |
17 | 17 | ||
18 | // Bypasses the permissions engine (always returns OK) | ||
19 | // disable in any production environment | ||
20 | // TODO: Change this to false when permissions are a desired default | ||
21 | // TODO: Move to configuration option. | ||
22 | private bool bypassPermissions = true; | ||
23 | |||
18 | public PermissionManager(Scene scene) | 24 | public PermissionManager(Scene scene) |
19 | { | 25 | { |
20 | m_scene = scene; | 26 | m_scene = scene; |
21 | } | 27 | } |
22 | 28 | ||
23 | public delegate void OnPermissionErrorDelegate(LLUUID user, string reason); | 29 | public void DisablePermissions() |
24 | public event OnPermissionErrorDelegate OnPermissionError; | 30 | { |
31 | bypassPermissions = true; | ||
32 | } | ||
33 | |||
34 | public void EnablePermissions() | ||
35 | { | ||
36 | bypassPermissions = false; | ||
37 | } | ||
25 | 38 | ||
26 | protected virtual void SendPermissionError(LLUUID user, string reason) | 39 | protected virtual void SendPermissionError(LLUUID user, string reason) |
27 | { | 40 | { |
28 | if (OnPermissionError != null) | 41 | m_scene.EventManager.TriggerPermissionError(user, reason); |
29 | OnPermissionError(user, reason); | ||
30 | } | 42 | } |
31 | 43 | ||
32 | protected virtual bool IsAdministrator(LLUUID user) | 44 | protected virtual bool IsAdministrator(LLUUID user) |
33 | { | 45 | { |
46 | if (bypassPermissions) | ||
47 | return bypassPermissions; | ||
48 | |||
34 | return m_scene.RegionInfo.MasterAvatarAssignedUUID == user; | 49 | return m_scene.RegionInfo.MasterAvatarAssignedUUID == user; |
35 | } | 50 | } |
36 | 51 | ||
37 | protected virtual bool IsEstateManager(LLUUID user) | 52 | protected virtual bool IsEstateManager(LLUUID user) |
38 | { | 53 | { |
54 | if (bypassPermissions) | ||
55 | return bypassPermissions; | ||
56 | |||
39 | return false; | 57 | return false; |
40 | } | 58 | } |
41 | 59 | ||
42 | public virtual bool CanRezObject(LLUUID user, LLVector3 position) | 60 | protected virtual bool IsGridUser(LLUUID user) |
43 | { | 61 | { |
44 | return true; | 62 | return true; |
45 | } | 63 | } |
46 | 64 | ||
65 | protected virtual bool IsGuest(LLUUID user) | ||
66 | { | ||
67 | return false; | ||
68 | } | ||
69 | |||
70 | public virtual bool CanRezObject(LLUUID user, LLVector3 position) | ||
71 | { | ||
72 | bool permission = false; | ||
73 | |||
74 | string reason = "Insufficient permission"; | ||
75 | |||
76 | if (IsAdministrator(user)) | ||
77 | permission = true; | ||
78 | else | ||
79 | reason = "Not an administrator"; | ||
80 | |||
81 | if (GenericParcelPermission(user, position)) | ||
82 | permission = true; | ||
83 | else | ||
84 | reason = "Not the parcel owner"; | ||
85 | |||
86 | if (!permission) | ||
87 | SendPermissionError(user, reason); | ||
88 | |||
89 | return true; | ||
90 | } | ||
47 | 91 | ||
48 | #region Object Permissions | 92 | #region Object Permissions |
49 | 93 | ||
@@ -105,19 +149,71 @@ namespace OpenSim.Region.Environment | |||
105 | 149 | ||
106 | #endregion | 150 | #endregion |
107 | 151 | ||
152 | #region Communication Permissions | ||
153 | |||
154 | public virtual bool GenericCommunicationPermission(LLUUID user, LLUUID target) | ||
155 | { | ||
156 | bool permission = false; | ||
157 | string reason = "Only registered users may communicate with another account."; | ||
158 | |||
159 | if (IsGridUser(user)) | ||
160 | permission = true; | ||
161 | |||
162 | if (!IsGridUser(user)) | ||
163 | { | ||
164 | permission = false; | ||
165 | reason = "The person that you are messaging is not a registered user."; | ||
166 | } | ||
167 | if (IsAdministrator(user)) | ||
168 | permission = true; | ||
169 | |||
170 | if (IsEstateManager(user)) | ||
171 | permission = true; | ||
172 | |||
173 | if (!permission) | ||
174 | SendPermissionError(user, reason); | ||
175 | |||
176 | return permission; | ||
177 | } | ||
178 | |||
179 | public virtual bool CanInstantMessage(LLUUID user, LLUUID target) | ||
180 | { | ||
181 | return GenericCommunicationPermission(user, target); | ||
182 | } | ||
183 | |||
184 | public virtual bool CanInventoryTransfer(LLUUID user, LLUUID target) | ||
185 | { | ||
186 | return GenericCommunicationPermission(user, target); | ||
187 | } | ||
188 | |||
189 | #endregion | ||
190 | |||
108 | public virtual bool CanEditScript(LLUUID user, LLUUID script) | 191 | public virtual bool CanEditScript(LLUUID user, LLUUID script) |
109 | { | 192 | { |
110 | return false; | 193 | return IsAdministrator(user); |
111 | } | 194 | } |
112 | 195 | ||
113 | public virtual bool CanRunScript(LLUUID user, LLUUID script) | 196 | public virtual bool CanRunScript(LLUUID user, LLUUID script) |
114 | { | 197 | { |
115 | return false; | 198 | return IsAdministrator(user); |
116 | } | 199 | } |
117 | 200 | ||
118 | public virtual bool CanTerraform(LLUUID user, LLUUID position) | 201 | public virtual bool CanTerraform(LLUUID user, LLVector3 position) |
119 | { | 202 | { |
120 | return false; | 203 | bool permission = false; |
204 | |||
205 | // Estate override | ||
206 | if (GenericEstatePermission(user)) | ||
207 | permission = true; | ||
208 | |||
209 | // Land owner can terraform too | ||
210 | if (GenericParcelPermission(user, m_scene.LandManager.getLandObject(position.X, position.Y))) | ||
211 | permission = true; | ||
212 | |||
213 | if (!permission) | ||
214 | SendPermissionError(user, "Not authorized to terraform at this location."); | ||
215 | |||
216 | return permission; | ||
121 | } | 217 | } |
122 | 218 | ||
123 | #region Estate Permissions | 219 | #region Estate Permissions |
@@ -168,6 +264,11 @@ namespace OpenSim.Region.Environment | |||
168 | return permission; | 264 | return permission; |
169 | } | 265 | } |
170 | 266 | ||
267 | protected virtual bool GenericParcelPermission(LLUUID user, LLVector3 pos) | ||
268 | { | ||
269 | return GenericParcelPermission(user, m_scene.LandManager.getLandObject(pos.X, pos.Y)); | ||
270 | } | ||
271 | |||
171 | public virtual bool CanEditParcel(LLUUID user, Land parcel) | 272 | public virtual bool CanEditParcel(LLUUID user, Land parcel) |
172 | { | 273 | { |
173 | return GenericParcelPermission(user, parcel); | 274 | return GenericParcelPermission(user, parcel); |