aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/OpenSim/Region
diff options
context:
space:
mode:
authorMelanie Thielker2009-06-14 21:44:34 +0000
committerMelanie Thielker2009-06-14 21:44:34 +0000
commit664dd58cd9a8318c14fc3e3a3950c3e29cf97ba8 (patch)
tree41db60d59a2f0b46388e1e598679265dafc9d247 /OpenSim/Region
parentUpdate svn properties. (diff)
downloadopensim-SC-664dd58cd9a8318c14fc3e3a3950c3e29cf97ba8.zip
opensim-SC-664dd58cd9a8318c14fc3e3a3950c3e29cf97ba8.tar.gz
opensim-SC-664dd58cd9a8318c14fc3e3a3950c3e29cf97ba8.tar.bz2
opensim-SC-664dd58cd9a8318c14fc3e3a3950c3e29cf97ba8.tar.xz
Fixes Mantis #3793 . Committing thomax/Snoopy's patch to allow deeding of objects, with changes:
- Set OwnerID = GroupID for deeded objects. - Close a security loophole that would have allowed a user with deed rights in a group to deed ANY object to that group, even if it's not owned by them and/or not set to that group - Set LastOwnerID correctly. Handle objects vs. prims correctly.
Diffstat (limited to '')
-rw-r--r--OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs17
-rw-r--r--OpenSim/Region/Framework/Scenes/Scene.Inventory.cs42
-rw-r--r--OpenSim/Region/Framework/Scenes/Scene.Permissions.cs17
3 files changed, 70 insertions, 6 deletions
diff --git a/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs b/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs
index d786df8..380104d 100644
--- a/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs
+++ b/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs
@@ -184,6 +184,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions
184 m_scene.Permissions.OnAbandonParcel += CanAbandonParcel; 184 m_scene.Permissions.OnAbandonParcel += CanAbandonParcel;
185 m_scene.Permissions.OnReclaimParcel += CanReclaimParcel; 185 m_scene.Permissions.OnReclaimParcel += CanReclaimParcel;
186 m_scene.Permissions.OnDeedParcel += CanDeedParcel; 186 m_scene.Permissions.OnDeedParcel += CanDeedParcel;
187 m_scene.Permissions.OnDeedObject += CanDeedObject;
187 m_scene.Permissions.OnIsGod += IsGod; 188 m_scene.Permissions.OnIsGod += IsGod;
188 m_scene.Permissions.OnDuplicateObject += CanDuplicateObject; 189 m_scene.Permissions.OnDuplicateObject += CanDuplicateObject;
189 m_scene.Permissions.OnDeleteObject += CanDeleteObject; //MAYBE FULLY IMPLEMENTED 190 m_scene.Permissions.OnDeleteObject += CanDeleteObject; //MAYBE FULLY IMPLEMENTED
@@ -818,6 +819,20 @@ namespace OpenSim.Region.CoreModules.World.Permissions
818 return GenericParcelOwnerPermission(user, parcel, (ulong)GroupPowers.LandDeed); 819 return GenericParcelOwnerPermission(user, parcel, (ulong)GroupPowers.LandDeed);
819 } 820 }
820 821
822 private bool CanDeedObject(UUID user, UUID group, Scene scene)
823 {
824 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
825 if (m_bypassPermissions) return m_bypassPermissionsValue;
826
827 ScenePresence sp = scene.GetScenePresence(user);
828 IClientAPI client = sp.ControllingClient;
829
830 if((client.GetGroupPowers(group) & (ulong)GroupPowers.DeedObject) == 0)
831 return false;
832
833 return true;
834 }
835
821 private bool IsGod(UUID user, Scene scene) 836 private bool IsGod(UUID user, Scene scene)
822 { 837 {
823 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); 838 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
@@ -846,7 +861,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions
846 861
847 if (part.GroupID != UUID.Zero) 862 if (part.GroupID != UUID.Zero)
848 { 863 {
849 if ((part.OwnerID == UUID.Zero) && ((owner != part.LastOwnerID) || ((part.GroupMask & PERM_TRANS) == 0))) 864 if ((part.OwnerID == part.GroupID) && ((owner != part.LastOwnerID) || ((part.GroupMask & PERM_TRANS) == 0)))
850 return false; 865 return false;
851 866
852 if ((part.GroupMask & PERM_COPY) == 0) 867 if ((part.GroupMask & PERM_COPY) == 0)
diff --git a/OpenSim/Region/Framework/Scenes/Scene.Inventory.cs b/OpenSim/Region/Framework/Scenes/Scene.Inventory.cs
index 8e3c688..1a40a0d 100644
--- a/OpenSim/Region/Framework/Scenes/Scene.Inventory.cs
+++ b/OpenSim/Region/Framework/Scenes/Scene.Inventory.cs
@@ -2682,16 +2682,48 @@ namespace OpenSim.Region.Framework.Scenes
2682 void ObjectOwner(IClientAPI remoteClient, UUID ownerID, UUID groupID, List<uint> localIDs) 2682 void ObjectOwner(IClientAPI remoteClient, UUID ownerID, UUID groupID, List<uint> localIDs)
2683 { 2683 {
2684 if (!Permissions.IsGod(remoteClient.AgentId)) 2684 if (!Permissions.IsGod(remoteClient.AgentId))
2685 return; 2685 {
2686 if (ownerID != UUID.Zero)
2687 return;
2688
2689 if (!Permissions.CanDeedObject(remoteClient.AgentId, groupID))
2690 return;
2691 }
2692
2693 List<SceneObjectGroup> groups = new List<SceneObjectGroup>();
2686 2694
2687 foreach (uint localID in localIDs) 2695 foreach (uint localID in localIDs)
2688 { 2696 {
2689 SceneObjectPart part = GetSceneObjectPart(localID); 2697 SceneObjectPart part = GetSceneObjectPart(localID);
2690 if (part != null && part.ParentGroup != null) 2698 if (!groups.Contains(part.ParentGroup))
2699 groups.Add(part.ParentGroup);
2700 }
2701
2702 foreach (SceneObjectGroup sog in groups)
2703 {
2704 if (ownerID != null)
2691 { 2705 {
2692 part.ParentGroup.SetOwnerId(ownerID); 2706 sog.SetOwnerId(ownerID);
2693 part.Inventory.ChangeInventoryOwner(ownerID); 2707 sog.SetGroup(groupID, remoteClient);
2694 part.ParentGroup.SetGroup(groupID, remoteClient); 2708
2709 foreach (SceneObjectPart child in sog.Children.Values)
2710 child.Inventory.ChangeInventoryOwner(ownerID);
2711 }
2712 else
2713 {
2714 if (!Permissions.CanEditObject(sog.UUID, remoteClient.AgentId))
2715 continue;
2716
2717 if (sog.GroupID != groupID)
2718 continue;
2719
2720 foreach (SceneObjectPart child in sog.Children.Values)
2721 {
2722 child.LastOwnerID = child.OwnerID;
2723 child.Inventory.ChangeInventoryOwner(groupID);
2724 }
2725
2726 sog.SetOwnerId(groupID);
2695 } 2727 }
2696 } 2728 }
2697 } 2729 }
diff --git a/OpenSim/Region/Framework/Scenes/Scene.Permissions.cs b/OpenSim/Region/Framework/Scenes/Scene.Permissions.cs
index d0da618..226ec15 100644
--- a/OpenSim/Region/Framework/Scenes/Scene.Permissions.cs
+++ b/OpenSim/Region/Framework/Scenes/Scene.Permissions.cs
@@ -69,6 +69,7 @@ namespace OpenSim.Region.Framework.Scenes
69 public delegate bool AbandonParcelHandler(UUID user, ILandObject parcel, Scene scene); 69 public delegate bool AbandonParcelHandler(UUID user, ILandObject parcel, Scene scene);
70 public delegate bool ReclaimParcelHandler(UUID user, ILandObject parcel, Scene scene); 70 public delegate bool ReclaimParcelHandler(UUID user, ILandObject parcel, Scene scene);
71 public delegate bool DeedParcelHandler(UUID user, ILandObject parcel, Scene scene); 71 public delegate bool DeedParcelHandler(UUID user, ILandObject parcel, Scene scene);
72 public delegate bool DeedObjectHandler(UUID user, UUID group, Scene scene);
72 public delegate bool BuyLandHandler(UUID user, ILandObject parcel, Scene scene); 73 public delegate bool BuyLandHandler(UUID user, ILandObject parcel, Scene scene);
73 public delegate bool LinkObjectHandler(UUID user, UUID objectID); 74 public delegate bool LinkObjectHandler(UUID user, UUID objectID);
74 public delegate bool DelinkObjectHandler(UUID user, UUID objectID); 75 public delegate bool DelinkObjectHandler(UUID user, UUID objectID);
@@ -127,6 +128,7 @@ namespace OpenSim.Region.Framework.Scenes
127 public event AbandonParcelHandler OnAbandonParcel; 128 public event AbandonParcelHandler OnAbandonParcel;
128 public event ReclaimParcelHandler OnReclaimParcel; 129 public event ReclaimParcelHandler OnReclaimParcel;
129 public event DeedParcelHandler OnDeedParcel; 130 public event DeedParcelHandler OnDeedParcel;
131 public event DeedObjectHandler OnDeedObject;
130 public event BuyLandHandler OnBuyLand; 132 public event BuyLandHandler OnBuyLand;
131 public event LinkObjectHandler OnLinkObject; 133 public event LinkObjectHandler OnLinkObject;
132 public event DelinkObjectHandler OnDelinkObject; 134 public event DelinkObjectHandler OnDelinkObject;
@@ -735,6 +737,21 @@ namespace OpenSim.Region.Framework.Scenes
735 return true; 737 return true;
736 } 738 }
737 739
740 public bool CanDeedObject(UUID user, UUID group)
741 {
742 DeedObjectHandler handler = OnDeedObject;
743 if (handler != null)
744 {
745 Delegate[] list = handler.GetInvocationList();
746 foreach (DeedObjectHandler h in list)
747 {
748 if (h(user, group, m_scene) == false)
749 return false;
750 }
751 }
752 return true;
753 }
754
738 public bool CanBuyLand(UUID user, ILandObject parcel) 755 public bool CanBuyLand(UUID user, ILandObject parcel)
739 { 756 {
740 BuyLandHandler handler = OnBuyLand; 757 BuyLandHandler handler = OnBuyLand;