diff options
author | Melanie Thielker | 2009-06-14 21:44:34 +0000 |
---|---|---|
committer | Melanie Thielker | 2009-06-14 21:44:34 +0000 |
commit | 664dd58cd9a8318c14fc3e3a3950c3e29cf97ba8 (patch) | |
tree | 41db60d59a2f0b46388e1e598679265dafc9d247 /OpenSim/Region | |
parent | Update svn properties. (diff) | |
download | opensim-SC-664dd58cd9a8318c14fc3e3a3950c3e29cf97ba8.zip opensim-SC-664dd58cd9a8318c14fc3e3a3950c3e29cf97ba8.tar.gz opensim-SC-664dd58cd9a8318c14fc3e3a3950c3e29cf97ba8.tar.bz2 opensim-SC-664dd58cd9a8318c14fc3e3a3950c3e29cf97ba8.tar.xz |
Fixes Mantis #3793 . Committing thomax/Snoopy's patch to allow deeding of objects, with changes:
- Set OwnerID = GroupID for deeded objects.
- Close a security loophole that would have allowed a user with deed rights in a group to deed ANY object to that group, even if it's not owned by them and/or not set to that group
- Set LastOwnerID correctly. Handle objects vs. prims correctly.
Diffstat (limited to '')
3 files changed, 70 insertions, 6 deletions
diff --git a/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs b/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs index d786df8..380104d 100644 --- a/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs +++ b/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs | |||
@@ -184,6 +184,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
184 | m_scene.Permissions.OnAbandonParcel += CanAbandonParcel; | 184 | m_scene.Permissions.OnAbandonParcel += CanAbandonParcel; |
185 | m_scene.Permissions.OnReclaimParcel += CanReclaimParcel; | 185 | m_scene.Permissions.OnReclaimParcel += CanReclaimParcel; |
186 | m_scene.Permissions.OnDeedParcel += CanDeedParcel; | 186 | m_scene.Permissions.OnDeedParcel += CanDeedParcel; |
187 | m_scene.Permissions.OnDeedObject += CanDeedObject; | ||
187 | m_scene.Permissions.OnIsGod += IsGod; | 188 | m_scene.Permissions.OnIsGod += IsGod; |
188 | m_scene.Permissions.OnDuplicateObject += CanDuplicateObject; | 189 | m_scene.Permissions.OnDuplicateObject += CanDuplicateObject; |
189 | m_scene.Permissions.OnDeleteObject += CanDeleteObject; //MAYBE FULLY IMPLEMENTED | 190 | m_scene.Permissions.OnDeleteObject += CanDeleteObject; //MAYBE FULLY IMPLEMENTED |
@@ -818,6 +819,20 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
818 | return GenericParcelOwnerPermission(user, parcel, (ulong)GroupPowers.LandDeed); | 819 | return GenericParcelOwnerPermission(user, parcel, (ulong)GroupPowers.LandDeed); |
819 | } | 820 | } |
820 | 821 | ||
822 | private bool CanDeedObject(UUID user, UUID group, Scene scene) | ||
823 | { | ||
824 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | ||
825 | if (m_bypassPermissions) return m_bypassPermissionsValue; | ||
826 | |||
827 | ScenePresence sp = scene.GetScenePresence(user); | ||
828 | IClientAPI client = sp.ControllingClient; | ||
829 | |||
830 | if((client.GetGroupPowers(group) & (ulong)GroupPowers.DeedObject) == 0) | ||
831 | return false; | ||
832 | |||
833 | return true; | ||
834 | } | ||
835 | |||
821 | private bool IsGod(UUID user, Scene scene) | 836 | private bool IsGod(UUID user, Scene scene) |
822 | { | 837 | { |
823 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | 838 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
@@ -846,7 +861,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
846 | 861 | ||
847 | if (part.GroupID != UUID.Zero) | 862 | if (part.GroupID != UUID.Zero) |
848 | { | 863 | { |
849 | if ((part.OwnerID == UUID.Zero) && ((owner != part.LastOwnerID) || ((part.GroupMask & PERM_TRANS) == 0))) | 864 | if ((part.OwnerID == part.GroupID) && ((owner != part.LastOwnerID) || ((part.GroupMask & PERM_TRANS) == 0))) |
850 | return false; | 865 | return false; |
851 | 866 | ||
852 | if ((part.GroupMask & PERM_COPY) == 0) | 867 | if ((part.GroupMask & PERM_COPY) == 0) |
diff --git a/OpenSim/Region/Framework/Scenes/Scene.Inventory.cs b/OpenSim/Region/Framework/Scenes/Scene.Inventory.cs index 8e3c688..1a40a0d 100644 --- a/OpenSim/Region/Framework/Scenes/Scene.Inventory.cs +++ b/OpenSim/Region/Framework/Scenes/Scene.Inventory.cs | |||
@@ -2682,16 +2682,48 @@ namespace OpenSim.Region.Framework.Scenes | |||
2682 | void ObjectOwner(IClientAPI remoteClient, UUID ownerID, UUID groupID, List<uint> localIDs) | 2682 | void ObjectOwner(IClientAPI remoteClient, UUID ownerID, UUID groupID, List<uint> localIDs) |
2683 | { | 2683 | { |
2684 | if (!Permissions.IsGod(remoteClient.AgentId)) | 2684 | if (!Permissions.IsGod(remoteClient.AgentId)) |
2685 | return; | 2685 | { |
2686 | if (ownerID != UUID.Zero) | ||
2687 | return; | ||
2688 | |||
2689 | if (!Permissions.CanDeedObject(remoteClient.AgentId, groupID)) | ||
2690 | return; | ||
2691 | } | ||
2692 | |||
2693 | List<SceneObjectGroup> groups = new List<SceneObjectGroup>(); | ||
2686 | 2694 | ||
2687 | foreach (uint localID in localIDs) | 2695 | foreach (uint localID in localIDs) |
2688 | { | 2696 | { |
2689 | SceneObjectPart part = GetSceneObjectPart(localID); | 2697 | SceneObjectPart part = GetSceneObjectPart(localID); |
2690 | if (part != null && part.ParentGroup != null) | 2698 | if (!groups.Contains(part.ParentGroup)) |
2699 | groups.Add(part.ParentGroup); | ||
2700 | } | ||
2701 | |||
2702 | foreach (SceneObjectGroup sog in groups) | ||
2703 | { | ||
2704 | if (ownerID != null) | ||
2691 | { | 2705 | { |
2692 | part.ParentGroup.SetOwnerId(ownerID); | 2706 | sog.SetOwnerId(ownerID); |
2693 | part.Inventory.ChangeInventoryOwner(ownerID); | 2707 | sog.SetGroup(groupID, remoteClient); |
2694 | part.ParentGroup.SetGroup(groupID, remoteClient); | 2708 | |
2709 | foreach (SceneObjectPart child in sog.Children.Values) | ||
2710 | child.Inventory.ChangeInventoryOwner(ownerID); | ||
2711 | } | ||
2712 | else | ||
2713 | { | ||
2714 | if (!Permissions.CanEditObject(sog.UUID, remoteClient.AgentId)) | ||
2715 | continue; | ||
2716 | |||
2717 | if (sog.GroupID != groupID) | ||
2718 | continue; | ||
2719 | |||
2720 | foreach (SceneObjectPart child in sog.Children.Values) | ||
2721 | { | ||
2722 | child.LastOwnerID = child.OwnerID; | ||
2723 | child.Inventory.ChangeInventoryOwner(groupID); | ||
2724 | } | ||
2725 | |||
2726 | sog.SetOwnerId(groupID); | ||
2695 | } | 2727 | } |
2696 | } | 2728 | } |
2697 | } | 2729 | } |
diff --git a/OpenSim/Region/Framework/Scenes/Scene.Permissions.cs b/OpenSim/Region/Framework/Scenes/Scene.Permissions.cs index d0da618..226ec15 100644 --- a/OpenSim/Region/Framework/Scenes/Scene.Permissions.cs +++ b/OpenSim/Region/Framework/Scenes/Scene.Permissions.cs | |||
@@ -69,6 +69,7 @@ namespace OpenSim.Region.Framework.Scenes | |||
69 | public delegate bool AbandonParcelHandler(UUID user, ILandObject parcel, Scene scene); | 69 | public delegate bool AbandonParcelHandler(UUID user, ILandObject parcel, Scene scene); |
70 | public delegate bool ReclaimParcelHandler(UUID user, ILandObject parcel, Scene scene); | 70 | public delegate bool ReclaimParcelHandler(UUID user, ILandObject parcel, Scene scene); |
71 | public delegate bool DeedParcelHandler(UUID user, ILandObject parcel, Scene scene); | 71 | public delegate bool DeedParcelHandler(UUID user, ILandObject parcel, Scene scene); |
72 | public delegate bool DeedObjectHandler(UUID user, UUID group, Scene scene); | ||
72 | public delegate bool BuyLandHandler(UUID user, ILandObject parcel, Scene scene); | 73 | public delegate bool BuyLandHandler(UUID user, ILandObject parcel, Scene scene); |
73 | public delegate bool LinkObjectHandler(UUID user, UUID objectID); | 74 | public delegate bool LinkObjectHandler(UUID user, UUID objectID); |
74 | public delegate bool DelinkObjectHandler(UUID user, UUID objectID); | 75 | public delegate bool DelinkObjectHandler(UUID user, UUID objectID); |
@@ -127,6 +128,7 @@ namespace OpenSim.Region.Framework.Scenes | |||
127 | public event AbandonParcelHandler OnAbandonParcel; | 128 | public event AbandonParcelHandler OnAbandonParcel; |
128 | public event ReclaimParcelHandler OnReclaimParcel; | 129 | public event ReclaimParcelHandler OnReclaimParcel; |
129 | public event DeedParcelHandler OnDeedParcel; | 130 | public event DeedParcelHandler OnDeedParcel; |
131 | public event DeedObjectHandler OnDeedObject; | ||
130 | public event BuyLandHandler OnBuyLand; | 132 | public event BuyLandHandler OnBuyLand; |
131 | public event LinkObjectHandler OnLinkObject; | 133 | public event LinkObjectHandler OnLinkObject; |
132 | public event DelinkObjectHandler OnDelinkObject; | 134 | public event DelinkObjectHandler OnDelinkObject; |
@@ -735,6 +737,21 @@ namespace OpenSim.Region.Framework.Scenes | |||
735 | return true; | 737 | return true; |
736 | } | 738 | } |
737 | 739 | ||
740 | public bool CanDeedObject(UUID user, UUID group) | ||
741 | { | ||
742 | DeedObjectHandler handler = OnDeedObject; | ||
743 | if (handler != null) | ||
744 | { | ||
745 | Delegate[] list = handler.GetInvocationList(); | ||
746 | foreach (DeedObjectHandler h in list) | ||
747 | { | ||
748 | if (h(user, group, m_scene) == false) | ||
749 | return false; | ||
750 | } | ||
751 | } | ||
752 | return true; | ||
753 | } | ||
754 | |||
738 | public bool CanBuyLand(UUID user, ILandObject parcel) | 755 | public bool CanBuyLand(UUID user, ILandObject parcel) |
739 | { | 756 | { |
740 | BuyLandHandler handler = OnBuyLand; | 757 | BuyLandHandler handler = OnBuyLand; |