aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/OpenSim/Region/Environment/PermissionManager.cs
diff options
context:
space:
mode:
authorSean Dague2007-10-22 15:39:02 +0000
committerSean Dague2007-10-22 15:39:02 +0000
commitc5ea70bf93c47b60f2534854932d564f8811a98a (patch)
treedc533eff741aab7f9aea58a6d9289206bfea8268 /OpenSim/Region/Environment/PermissionManager.cs
parentrevert r2162 as it completely clobbered all the work on (diff)
downloadopensim-SC-c5ea70bf93c47b60f2534854932d564f8811a98a.zip
opensim-SC-c5ea70bf93c47b60f2534854932d564f8811a98a.tar.gz
opensim-SC-c5ea70bf93c47b60f2534854932d564f8811a98a.tar.bz2
opensim-SC-c5ea70bf93c47b60f2534854932d564f8811a98a.tar.xz
nice catch by chi11ken that I was setting the wrong property
Diffstat (limited to 'OpenSim/Region/Environment/PermissionManager.cs')
-rw-r--r--OpenSim/Region/Environment/PermissionManager.cs654
1 files changed, 327 insertions, 327 deletions
diff --git a/OpenSim/Region/Environment/PermissionManager.cs b/OpenSim/Region/Environment/PermissionManager.cs
index c40012d..ab2ad8d 100644
--- a/OpenSim/Region/Environment/PermissionManager.cs
+++ b/OpenSim/Region/Environment/PermissionManager.cs
@@ -1,328 +1,328 @@
1/* 1/*
2* Copyright (c) Contributors, http://opensimulator.org/ 2* Copyright (c) Contributors, http://opensimulator.org/
3* See CONTRIBUTORS.TXT for a full list of copyright holders. 3* See CONTRIBUTORS.TXT for a full list of copyright holders.
4* 4*
5* Redistribution and use in source and binary forms, with or without 5* Redistribution and use in source and binary forms, with or without
6* modification, are permitted provided that the following conditions are met: 6* modification, are permitted provided that the following conditions are met:
7* * Redistributions of source code must retain the above copyright 7* * Redistributions of source code must retain the above copyright
8* notice, this list of conditions and the following disclaimer. 8* notice, this list of conditions and the following disclaimer.
9* * Redistributions in binary form must reproduce the above copyright 9* * Redistributions in binary form must reproduce the above copyright
10* notice, this list of conditions and the following disclaimer in the 10* notice, this list of conditions and the following disclaimer in the
11* documentation and/or other materials provided with the distribution. 11* documentation and/or other materials provided with the distribution.
12* * Neither the name of the OpenSim Project nor the 12* * Neither the name of the OpenSim Project nor the
13* names of its contributors may be used to endorse or promote products 13* names of its contributors may be used to endorse or promote products
14* derived from this software without specific prior written permission. 14* derived from this software without specific prior written permission.
15* 15*
16* THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS AS IS AND ANY 16* THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS AS IS AND ANY
17* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 17* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 18* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
19* DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY 19* DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
20* DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 20* DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
21* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 21* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
22* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND 22* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
23* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 24* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
25* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26* 26*
27*/ 27*/
28 28
29using libsecondlife; 29using libsecondlife;
30using OpenSim.Region.Environment.LandManagement; 30using OpenSim.Region.Environment.LandManagement;
31using OpenSim.Region.Environment.Scenes; 31using OpenSim.Region.Environment.Scenes;
32using OpenSim.Framework.PolicyManager; 32using OpenSim.Framework.PolicyManager;
33 33
34namespace OpenSim.Region.Environment 34namespace OpenSim.Region.Environment
35{ 35{
36 public class PermissionManager 36 public class PermissionManager
37 { 37 {
38 protected Scene m_scene; 38 protected Scene m_scene;
39 39
40 // Bypasses the permissions engine (always returns OK) 40 // Bypasses the permissions engine (always returns OK)
41 // disable in any production environment 41 // disable in any production environment
42 // TODO: Change this to false when permissions are a desired default 42 // TODO: Change this to false when permissions are a desired default
43 // TODO: Move to configuration option. 43 // TODO: Move to configuration option.
44 private bool m_bypassPermissions = true; 44 private bool m_bypassPermissions = true;
45 45
46 public bool BypassPermissions 46 public bool BypassPermissions
47 { 47 {
48 get { return m_bypassPermissions; } 48 get { return m_bypassPermissions; }
49 set { m_bypassPermissions = value; } 49 set { m_bypassPermissions = value; }
50 } 50 }
51 51
52 52
53 public PermissionManager(Scene scene) 53 public PermissionManager(Scene scene)
54 { 54 {
55 m_scene = scene; 55 m_scene = scene;
56 } 56 }
57 57
58 protected virtual void SendPermissionError(LLUUID user, string reason) 58 protected virtual void SendPermissionError(LLUUID user, string reason)
59 { 59 {
60 m_scene.EventManager.TriggerPermissionError(user, reason); 60 m_scene.EventManager.TriggerPermissionError(user, reason);
61 } 61 }
62 62
63 protected virtual bool IsAdministrator(LLUUID user) 63 protected virtual bool IsAdministrator(LLUUID user)
64 { 64 {
65 if (m_bypassPermissions) 65 if (m_bypassPermissions)
66 { 66 {
67 return true; 67 return true;
68 } 68 }
69 69
70 return m_scene.RegionInfo.MasterAvatarAssignedUUID == user; 70 return m_scene.RegionInfo.MasterAvatarAssignedUUID == user;
71 } 71 }
72 72
73 protected virtual bool IsEstateManager(LLUUID user) 73 protected virtual bool IsEstateManager(LLUUID user)
74 { 74 {
75 if (m_bypassPermissions) 75 if (m_bypassPermissions)
76 { 76 {
77 return true; 77 return true;
78 } 78 }
79 79
80 return false; 80 return false;
81 } 81 }
82 82
83 protected virtual bool IsGridUser(LLUUID user) 83 protected virtual bool IsGridUser(LLUUID user)
84 { 84 {
85 return true; 85 return true;
86 } 86 }
87 87
88 protected virtual bool IsGuest(LLUUID user) 88 protected virtual bool IsGuest(LLUUID user)
89 { 89 {
90 return false; 90 return false;
91 } 91 }
92 92
93 public virtual bool CanRezObject(LLUUID user, LLVector3 position) 93 public virtual bool CanRezObject(LLUUID user, LLVector3 position)
94 { 94 {
95 bool permission = false; 95 bool permission = false;
96 96
97 string reason = "Insufficient permission"; 97 string reason = "Insufficient permission";
98 98
99 if (IsAdministrator(user)) 99 if (IsAdministrator(user))
100 { 100 {
101 permission = true; 101 permission = true;
102 } 102 }
103 else 103 else
104 { 104 {
105 reason = "Not an administrator"; 105 reason = "Not an administrator";
106 } 106 }
107 107
108 if (GenericParcelPermission(user, position)) 108 if (GenericParcelPermission(user, position))
109 { 109 {
110 permission = true; 110 permission = true;
111 } 111 }
112 else 112 else
113 { 113 {
114 reason = "Not the parcel owner"; 114 reason = "Not the parcel owner";
115 } 115 }
116 116
117 if (!permission) 117 if (!permission)
118 SendPermissionError(user, reason); 118 SendPermissionError(user, reason);
119 119
120 return permission; 120 return permission;
121 } 121 }
122 122
123 #region Object Permissions 123 #region Object Permissions
124 124
125 protected virtual bool GenericObjectPermission(LLUUID user, LLUUID objId) 125 protected virtual bool GenericObjectPermission(LLUUID user, LLUUID objId)
126 { 126 {
127 // Default: deny 127 // Default: deny
128 bool permission = false; 128 bool permission = false;
129 129
130 if (!m_scene.Entities.ContainsKey(objId)) 130 if (!m_scene.Entities.ContainsKey(objId))
131 { 131 {
132 return false; 132 return false;
133 } 133 }
134 134
135 // If it's not an object, we cant edit it. 135 // If it's not an object, we cant edit it.
136 if (!(m_scene.Entities[objId] is SceneObjectGroup)) 136 if (!(m_scene.Entities[objId] is SceneObjectGroup))
137 { 137 {
138 return false; 138 return false;
139 } 139 }
140 140
141 SceneObjectGroup task = (SceneObjectGroup) m_scene.Entities[objId]; 141 SceneObjectGroup task = (SceneObjectGroup) m_scene.Entities[objId];
142 LLUUID taskOwner = null; 142 LLUUID taskOwner = null;
143 143
144 // Object owners should be able to edit their own content 144 // Object owners should be able to edit their own content
145 if (user == taskOwner) 145 if (user == taskOwner)
146 permission = true; 146 permission = true;
147 147
148 // Users should be able to edit what is over their land. 148 // Users should be able to edit what is over their land.
149 if (m_scene.LandManager.getLandObject(task.AbsolutePosition.X, task.AbsolutePosition.Y).landData.ownerID == 149 if (m_scene.LandManager.getLandObject(task.AbsolutePosition.X, task.AbsolutePosition.Y).landData.ownerID ==
150 user) 150 user)
151 permission = true; 151 permission = true;
152 152
153 // Estate users should be able to edit anything in the sim 153 // Estate users should be able to edit anything in the sim
154 if (IsEstateManager(user)) 154 if (IsEstateManager(user))
155 permission = true; 155 permission = true;
156 156
157 // Admin objects should not be editable by the above 157 // Admin objects should not be editable by the above
158 if (IsAdministrator(taskOwner)) 158 if (IsAdministrator(taskOwner))
159 permission = false; 159 permission = false;
160 160
161 // Admin should be able to edit anything in the sim (including admin objects) 161 // Admin should be able to edit anything in the sim (including admin objects)
162 if (IsAdministrator(user)) 162 if (IsAdministrator(user))
163 permission = true; 163 permission = true;
164 164
165 return permission; 165 return permission;
166 } 166 }
167 167
168 /// <summary> 168 /// <summary>
169 /// Permissions check - can user delete an object? 169 /// Permissions check - can user delete an object?
170 /// </summary> 170 /// </summary>
171 /// <param name="user">User attempting the delete</param> 171 /// <param name="user">User attempting the delete</param>
172 /// <param name="obj">Target object</param> 172 /// <param name="obj">Target object</param>
173 /// <returns>Has permission?</returns> 173 /// <returns>Has permission?</returns>
174 public virtual bool CanDeRezObject(LLUUID user, LLUUID obj) 174 public virtual bool CanDeRezObject(LLUUID user, LLUUID obj)
175 { 175 {
176 return GenericObjectPermission(user, obj); 176 return GenericObjectPermission(user, obj);
177 } 177 }
178 178
179 public virtual bool CanEditObject(LLUUID user, LLUUID obj) 179 public virtual bool CanEditObject(LLUUID user, LLUUID obj)
180 { 180 {
181 return GenericObjectPermission(user, obj); 181 return GenericObjectPermission(user, obj);
182 } 182 }
183 183
184 public virtual bool CanReturnObject(LLUUID user, LLUUID obj) 184 public virtual bool CanReturnObject(LLUUID user, LLUUID obj)
185 { 185 {
186 return GenericObjectPermission(user, obj); 186 return GenericObjectPermission(user, obj);
187 } 187 }
188 188
189 #endregion 189 #endregion
190 190
191 #region Communication Permissions 191 #region Communication Permissions
192 192
193 public virtual bool GenericCommunicationPermission(LLUUID user, LLUUID target) 193 public virtual bool GenericCommunicationPermission(LLUUID user, LLUUID target)
194 { 194 {
195 bool permission = false; 195 bool permission = false;
196 string reason = "Only registered users may communicate with another account."; 196 string reason = "Only registered users may communicate with another account.";
197 197
198 if (IsGridUser(user)) 198 if (IsGridUser(user))
199 permission = true; 199 permission = true;
200 200
201 if (!IsGridUser(user)) 201 if (!IsGridUser(user))
202 { 202 {
203 permission = false; 203 permission = false;
204 reason = "The person that you are messaging is not a registered user."; 204 reason = "The person that you are messaging is not a registered user.";
205 } 205 }
206 if (IsAdministrator(user)) 206 if (IsAdministrator(user))
207 permission = true; 207 permission = true;
208 208
209 if (IsEstateManager(user)) 209 if (IsEstateManager(user))
210 permission = true; 210 permission = true;
211 211
212 if (!permission) 212 if (!permission)
213 SendPermissionError(user, reason); 213 SendPermissionError(user, reason);
214 214
215 return permission; 215 return permission;
216 } 216 }
217 217
218 public virtual bool CanInstantMessage(LLUUID user, LLUUID target) 218 public virtual bool CanInstantMessage(LLUUID user, LLUUID target)
219 { 219 {
220 return GenericCommunicationPermission(user, target); 220 return GenericCommunicationPermission(user, target);
221 } 221 }
222 222
223 public virtual bool CanInventoryTransfer(LLUUID user, LLUUID target) 223 public virtual bool CanInventoryTransfer(LLUUID user, LLUUID target)
224 { 224 {
225 return GenericCommunicationPermission(user, target); 225 return GenericCommunicationPermission(user, target);
226 } 226 }
227 227
228 #endregion 228 #endregion
229 229
230 public virtual bool CanEditScript(LLUUID user, LLUUID script) 230 public virtual bool CanEditScript(LLUUID user, LLUUID script)
231 { 231 {
232 return IsAdministrator(user); 232 return IsAdministrator(user);
233 } 233 }
234 234
235 public virtual bool CanRunScript(LLUUID user, LLUUID script) 235 public virtual bool CanRunScript(LLUUID user, LLUUID script)
236 { 236 {
237 return IsAdministrator(user); 237 return IsAdministrator(user);
238 } 238 }
239 239
240 public virtual bool CanTerraform(LLUUID user, LLVector3 position) 240 public virtual bool CanTerraform(LLUUID user, LLVector3 position)
241 { 241 {
242 bool permission = false; 242 bool permission = false;
243 243
244 // Estate override 244 // Estate override
245 if (GenericEstatePermission(user)) 245 if (GenericEstatePermission(user))
246 permission = true; 246 permission = true;
247 247
248 // Land owner can terraform too 248 // Land owner can terraform too
249 if (GenericParcelPermission(user, m_scene.LandManager.getLandObject(position.X, position.Y))) 249 if (GenericParcelPermission(user, m_scene.LandManager.getLandObject(position.X, position.Y)))
250 permission = true; 250 permission = true;
251 251
252 if (!permission) 252 if (!permission)
253 SendPermissionError(user, "Not authorized to terraform at this location."); 253 SendPermissionError(user, "Not authorized to terraform at this location.");
254 254
255 return permission; 255 return permission;
256 } 256 }
257 257
258 #region Estate Permissions 258 #region Estate Permissions
259 259
260 protected virtual bool GenericEstatePermission(LLUUID user) 260 protected virtual bool GenericEstatePermission(LLUUID user)
261 { 261 {
262 // Default: deny 262 // Default: deny
263 bool permission = false; 263 bool permission = false;
264 264
265 // Estate admins should be able to use estate tools 265 // Estate admins should be able to use estate tools
266 if (IsEstateManager(user)) 266 if (IsEstateManager(user))
267 permission = true; 267 permission = true;
268 268
269 // Administrators always have permission 269 // Administrators always have permission
270 if (IsAdministrator(user)) 270 if (IsAdministrator(user))
271 permission = true; 271 permission = true;
272 272
273 return permission; 273 return permission;
274 } 274 }
275 275
276 public virtual bool CanEditEstateTerrain(LLUUID user) 276 public virtual bool CanEditEstateTerrain(LLUUID user)
277 { 277 {
278 return GenericEstatePermission(user); 278 return GenericEstatePermission(user);
279 } 279 }
280 280
281 #endregion 281 #endregion
282 282
283 #region Parcel Permissions 283 #region Parcel Permissions
284 284
285 protected virtual bool GenericParcelPermission(LLUUID user, Land parcel) 285 protected virtual bool GenericParcelPermission(LLUUID user, Land parcel)
286 { 286 {
287 bool permission = false; 287 bool permission = false;
288 288
289 if (parcel.landData.ownerID == user) 289 if (parcel.landData.ownerID == user)
290 permission = true; 290 permission = true;
291 291
292 if (parcel.landData.isGroupOwned) 292 if (parcel.landData.isGroupOwned)
293 { 293 {
294 // TODO: Need to do some extra checks here. Requires group code. 294 // TODO: Need to do some extra checks here. Requires group code.
295 } 295 }
296 296
297 if (IsEstateManager(user)) 297 if (IsEstateManager(user))
298 permission = true; 298 permission = true;
299 299
300 if (IsAdministrator(user)) 300 if (IsAdministrator(user))
301 permission = true; 301 permission = true;
302 302
303 return permission; 303 return permission;
304 } 304 }
305 305
306 protected virtual bool GenericParcelPermission(LLUUID user, LLVector3 pos) 306 protected virtual bool GenericParcelPermission(LLUUID user, LLVector3 pos)
307 { 307 {
308 return GenericParcelPermission(user, m_scene.LandManager.getLandObject(pos.X, pos.Y)); 308 return GenericParcelPermission(user, m_scene.LandManager.getLandObject(pos.X, pos.Y));
309 } 309 }
310 310
311 public virtual bool CanEditParcel(LLUUID user, Land parcel) 311 public virtual bool CanEditParcel(LLUUID user, Land parcel)
312 { 312 {
313 return GenericParcelPermission(user, parcel); 313 return GenericParcelPermission(user, parcel);
314 } 314 }
315 315
316 public virtual bool CanSellParcel(LLUUID user, Land parcel) 316 public virtual bool CanSellParcel(LLUUID user, Land parcel)
317 { 317 {
318 return GenericParcelPermission(user, parcel); 318 return GenericParcelPermission(user, parcel);
319 } 319 }
320 320
321 public virtual bool CanAbandonParcel(LLUUID user, Land parcel) 321 public virtual bool CanAbandonParcel(LLUUID user, Land parcel)
322 { 322 {
323 return GenericParcelPermission(user, parcel); 323 return GenericParcelPermission(user, parcel);
324 } 324 }
325 325
326 #endregion 326 #endregion
327 } 327 }
328} 328}