aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs
diff options
context:
space:
mode:
authorUbitUmarov2019-10-16 00:08:45 +0100
committerUbitUmarov2019-10-16 00:08:45 +0100
commitd79d7e228a059e40a9334c9e2ec4c81075443f83 (patch)
tree14e2d3ef3e7515f1e285cdd3ef66925ccd6039b0 /OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs
parentchange coments on osslEnable.ini and remove list of functions always suported; (diff)
downloadopensim-SC-d79d7e228a059e40a9334c9e2ec4c81075443f83.zip
opensim-SC-d79d7e228a059e40a9334c9e2ec4c81075443f83.tar.gz
opensim-SC-d79d7e228a059e40a9334c9e2ec4c81075443f83.tar.bz2
opensim-SC-d79d7e228a059e40a9334c9e2ec4c81075443f83.tar.xz
add OSSL option PermissionErrortoOwner (true or false). if true ossl functions permission errors will only be sent to prim owner, defaul false: send all around
Diffstat (limited to 'OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs')
-rw-r--r--OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs194
1 files changed, 101 insertions, 93 deletions
diff --git a/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs b/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs
index f0f6781..4abd2f1 100644
--- a/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs
+++ b/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs
@@ -146,6 +146,7 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
146 protected ISoundModule m_SoundModule = null; 146 protected ISoundModule m_SoundModule = null;
147 internal IConfig m_osslconfig; 147 internal IConfig m_osslconfig;
148 internal TimeZoneInfo PSTTimeZone = null; 148 internal TimeZoneInfo PSTTimeZone = null;
149 internal bool m_PermissionErrortoOwner = false;
149 150
150 public void Initialize( 151 public void Initialize(
151 IScriptEngine scriptEngine, SceneObjectPart host, TaskInventoryItem item) 152 IScriptEngine scriptEngine, SceneObjectPart host, TaskInventoryItem item)
@@ -167,10 +168,10 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
167 // m_log.Warn("[OSSL] OSSL FUNCTIONS ENABLED"); 168 // m_log.Warn("[OSSL] OSSL FUNCTIONS ENABLED");
168 } 169 }
169 170
170 m_ScriptDelayFactor = 171 m_PermissionErrortoOwner = m_osslconfig.GetBoolean("PermissionErrorToOwner", m_PermissionErrortoOwner);
171 m_ScriptEngine.Config.GetFloat("ScriptDelayFactor", 1.0f); 172
172 m_ScriptDistanceFactor = 173 m_ScriptDelayFactor = m_ScriptEngine.Config.GetFloat("ScriptDelayFactor", 1.0f);
173 m_ScriptEngine.Config.GetFloat("ScriptDistanceLimitFactor", 1.0f); 174 m_ScriptDistanceFactor = m_ScriptEngine.Config.GetFloat("ScriptDistanceLimitFactor", 1.0f);
174 175
175 string risk = m_osslconfig.GetString("OSFunctionThreatLevel", "VeryLow"); 176 string risk = m_osslconfig.GetString("OSFunctionThreatLevel", "VeryLow");
176 switch (risk) 177 switch (risk)
@@ -286,7 +287,7 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
286 { 287 {
287 m_host.AddScriptLPS(1); 288 m_host.AddScriptLPS(1);
288 if (!m_OSFunctionsEnabled) 289 if (!m_OSFunctionsEnabled)
289 OSSLError("permission denied. All OS functions are disabled."); // throws 290 OSSLError("permission denied. All unsafe OSSL funtions disabled"); // throws
290 } 291 }
291 292
292 // Returns if the function is allowed. Throws a script exception if not allowed. 293 // Returns if the function is allowed. Throws a script exception if not allowed.
@@ -294,17 +295,24 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
294 { 295 {
295 m_host.AddScriptLPS(1); 296 m_host.AddScriptLPS(1);
296 if (!m_OSFunctionsEnabled) 297 if (!m_OSFunctionsEnabled)
297 OSSLError(String.Format("{0} permission denied. All OS functions are disabled.", function)); // throws 298 {
299 if (m_PermissionErrortoOwner)
300 throw new ScriptException("(OWNER)OSSL Permission Error: All unsafe OSSL funtions disabled");
301 else
302 throw new ScriptException("OSSL Permission Error: All unsafe OSSL funtions disabled");
303 }
298 304
299 string reasonWhyNot = CheckThreatLevelTest(level, function); 305 string reasonWhyNot = CheckThreatLevelTest(level, function);
300 if (!String.IsNullOrEmpty(reasonWhyNot)) 306 if (!String.IsNullOrEmpty(reasonWhyNot))
301 { 307 {
302 OSSLError(reasonWhyNot); 308 if (m_PermissionErrortoOwner)
309 throw new ScriptException("(OWNER)OSSL Permission Error: " + reasonWhyNot);
310 else
311 throw new ScriptException("OSSL Permission Error: " + reasonWhyNot);
303 } 312 }
304 } 313 }
305 314 // Check to see if function is allowed. Returns an empty string if function permitted
306 // Check to see if function is allowed. Returns an empty string if function permitted 315 // or a string explaining why this function can't be used.
307 // or a string explaining why this function can't be used.
308 private string CheckThreatLevelTest(ThreatLevel level, string function) 316 private string CheckThreatLevelTest(ThreatLevel level, string function)
309 { 317 {
310 if (!m_FunctionPerms.ContainsKey(function)) 318 if (!m_FunctionPerms.ContainsKey(function))
@@ -386,107 +394,107 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
386 { 394 {
387 // Allow / disallow by threat level 395 // Allow / disallow by threat level
388 if (level > m_MaxThreatLevel) 396 if (level > m_MaxThreatLevel)
389 return 397 return String.Empty;
390 String.Format( 398 return String.Format(
391 "{0} permission denied. Allowed threat level is {1} but function threat level is {2}.", 399 "{0} permission denied. Allowed threat level is {1} but function threat level is {2}.",
392 function, m_MaxThreatLevel, level); 400 function, m_MaxThreatLevel, level);
393 } 401 }
394 else
395 {
396 if (!m_FunctionPerms[function].AllowedOwners.Contains(UUID.Zero))
397 {
398 // Not anyone. Do detailed checks
399 if (m_FunctionPerms[function].AllowedOwners.Contains(m_host.OwnerID))
400 {
401 // prim owner is in the list of allowed owners
402 return String.Empty;
403 }
404 402
405 UUID ownerID = m_item.OwnerID; 403 if(m_FunctionPerms[function].AllowedOwners.Count == 0 && m_FunctionPerms[function].AllowedCreators.Count == 0)
404 return String.Format("{0} disabled in region configuration", function);
406 405
407 //OSSL only may be used if object is in the same group as the parcel 406 if (m_FunctionPerms[function].AllowedOwners.Contains(UUID.Zero)) // always allowed
408 if (m_FunctionPerms[function].AllowedOwnerClasses.Contains("PARCEL_GROUP_MEMBER")) 407 return String.Empty;
409 {
410 ILandObject land = World.LandChannel.GetLandObject(m_host.AbsolutePosition);
411 408
412 if (land.LandData.GroupID == m_item.GroupID && land.LandData.GroupID != UUID.Zero) 409 if (m_FunctionPerms[function].AllowedOwners.Contains(m_host.OwnerID))
413 { 410 {
414 return String.Empty; 411 // prim owner is in the list of allowed owners
415 } 412 return String.Empty;
416 } 413 }
417 414
418 //Only Parcelowners may use the function 415 UUID ownerID = m_item.OwnerID;
419 if (m_FunctionPerms[function].AllowedOwnerClasses.Contains("PARCEL_OWNER"))
420 {
421 ILandObject land = World.LandChannel.GetLandObject(m_host.AbsolutePosition);
422 416
423 if (land.LandData.OwnerID == ownerID) 417 //Only Parcelowners may use the function
424 { 418 if (m_FunctionPerms[function].AllowedOwnerClasses.Contains("PARCEL_OWNER"))
425 return String.Empty; 419 {
426 } 420 ILandObject land = World.LandChannel.GetLandObject(m_host.AbsolutePosition);
427 }
428
429 //Only Estate Managers may use the function
430 if (m_FunctionPerms[function].AllowedOwnerClasses.Contains("ESTATE_MANAGER"))
431 {
432 //Only Estate Managers may use the function
433 if (World.RegionInfo.EstateSettings.IsEstateManagerOrOwner(ownerID) && World.RegionInfo.EstateSettings.EstateOwner != ownerID)
434 {
435 return String.Empty;
436 }
437 }
438 421
439 //Only regionowners may use the function 422 if (land.LandData.OwnerID == ownerID)
440 if (m_FunctionPerms[function].AllowedOwnerClasses.Contains("ESTATE_OWNER")) 423 {
441 { 424 return String.Empty;
442 if (World.RegionInfo.EstateSettings.EstateOwner == ownerID) 425 }
443 { 426 }
444 return String.Empty;
445 }
446 }
447 427
428 //OSSL only may be used if object is in the same group as the parcel
429 if (m_FunctionPerms[function].AllowedOwnerClasses.Contains("PARCEL_GROUP_MEMBER"))
430 {
431 ILandObject land = World.LandChannel.GetLandObject(m_host.AbsolutePosition);
448 432
449 //Only grid gods may use the function 433 if (land.LandData.GroupID == m_item.GroupID && land.LandData.GroupID != UUID.Zero)
450 if (m_FunctionPerms[function].AllowedOwnerClasses.Contains("GRID_GOD")) 434 {
451 { 435 return String.Empty;
452 if (World.Permissions.IsGridGod(ownerID)) 436 }
453 { 437 }
454 return String.Empty;
455 }
456 }
457 438
458 //Any god may use the function 439 //Only Estate Managers may use the function
459 if (m_FunctionPerms[function].AllowedOwnerClasses.Contains("GOD")) 440 if (m_FunctionPerms[function].AllowedOwnerClasses.Contains("ESTATE_MANAGER"))
460 { 441 {
461 if (World.Permissions.IsAdministrator(ownerID)) 442 //Only Estate Managers may use the function
462 { 443 if (World.RegionInfo.EstateSettings.IsEstateManagerOrOwner(ownerID) && World.RegionInfo.EstateSettings.EstateOwner != ownerID)
463 return String.Empty; 444 {
464 } 445 return String.Empty;
465 } 446 }
447 }
466 448
467 //Only active gods may use the function 449 //Only regionowners may use the function
468 if (m_FunctionPerms[function].AllowedOwnerClasses.Contains("ACTIVE_GOD")) 450 if (m_FunctionPerms[function].AllowedOwnerClasses.Contains("ESTATE_OWNER"))
469 { 451 {
470 ScenePresence sp = World.GetScenePresence(ownerID); 452 if (World.RegionInfo.EstateSettings.EstateOwner == ownerID)
471 if (sp != null && !sp.IsDeleted && sp.IsGod) 453 {
472 { 454 return String.Empty;
473 return String.Empty; 455 }
474 } 456 }
475 }
476 457
477 if (!m_FunctionPerms[function].AllowedCreators.Contains(m_item.CreatorID)) 458 //Only grid gods may use the function
478 return( 459 if (m_FunctionPerms[function].AllowedOwnerClasses.Contains("GRID_GOD"))
479 String.Format("{0} permission denied. Script creator is not in the list of users allowed to execute this function and prim owner also has no permission.", 460 {
480 function)); 461 if (World.Permissions.IsGridGod(ownerID))
462 {
463 return String.Empty;
464 }
465 }
481 466
482 if (m_item.CreatorID != ownerID) 467 //Any god may use the function
483 { 468 if (m_FunctionPerms[function].AllowedOwnerClasses.Contains("GOD"))
484 if ((m_item.CurrentPermissions & (uint)PermissionMask.Modify) != 0) 469 {
485 return String.Format("{0} permission denied. Script permissions error.", function); 470 if (World.Permissions.IsAdministrator(ownerID))
471 {
472 return String.Empty;
473 }
474 }
486 475
487 } 476 //Only active gods may use the function
477 if (m_FunctionPerms[function].AllowedOwnerClasses.Contains("ACTIVE_GOD"))
478 {
479 ScenePresence sp = World.GetScenePresence(ownerID);
480 if (sp != null && !sp.IsDeleted && sp.IsGod)
481 {
482 return String.Empty;
488 } 483 }
489 } 484 }
485
486 if (!m_FunctionPerms[function].AllowedCreators.Contains(m_item.CreatorID))
487 return(
488 String.Format("{0} permission denied. Script creator is not in the list of users allowed to execute this function and prim owner also has no permission.",
489 function));
490
491 if (m_item.CreatorID != ownerID)
492 {
493 if ((m_item.CurrentPermissions & (uint)PermissionMask.Modify) != 0)
494 return String.Format("{0} permission denied. Script creator is not prim owner.", function);
495
496 }
497
490 return String.Empty; 498 return String.Empty;
491 } 499 }
492 500