User level based restrictions for HyperGrid teleports, asset uploads, group creations and getting contacted from other grids. Incoming HyperGrid teleports can also be restricted to local users.

author: Snoopy Pfeffer 2012-03-27 22:09:58 +0200
committer: Snoopy Pfeffer 2012-03-27 22:09:58 +0200
commit: 7223b63563f28f6fe8044bdabcd1b9900d28c54a (patch)
tree: 7bf1df67f9a1388b940b386e64e239f52f986a4b /OpenSim
parent: HG: beginning of a more restrictive inventory access procedure (optional). Ex... (diff)
download: opensim-SC-7223b63563f28f6fe8044bdabcd1b9900d28c54a.zip
opensim-SC-7223b63563f28f6fe8044bdabcd1b9900d28c54a.tar.gz
opensim-SC-7223b63563f28f6fe8044bdabcd1b9900d28c54a.tar.bz2
opensim-SC-7223b63563f28f6fe8044bdabcd1b9900d28c54a.tar.xz
8 files changed, 142 insertions, 25 deletions
diff --git a/OpenSim/Region/ClientStack/Linden/Caps/BunchOfCaps/BunchOfCaps.cs b/OpenSim/Region/ClientStack/Linden/Caps/BunchOfCaps/BunchOfCaps.cs
index ed3430a..8ec2f20 100644
--- a/OpenSim/Region/ClientStack/Linden/Caps/BunchOfCaps/BunchOfCaps.cs
+++ b/OpenSim/Region/ClientStack/Linden/Caps/BunchOfCaps/BunchOfCaps.cs
@@ -111,6 +111,7 @@ namespace OpenSim.Region.ClientStack.Linden
        private IAssetService m_assetService;
        private bool m_dumpAssetsToFile = false;
        private string m_regionName;
+        private int m_levelUpload = 0;
        public BunchOfCaps(Scene scene, Caps caps)
        {
@@ -121,7 +122,10 @@ namespace OpenSim.Region.ClientStack.Linden
            {
                IConfig sconfig = config.Configs["Startup"];
                if (sconfig != null)
+                {
                    m_persistBakedTextures = sconfig.GetBoolean("PersistBakedTextures", m_persistBakedTextures);
+                    m_levelUpload = sconfig.GetInt("LevelUpload", 0);
+                }
            }
            m_assetService = m_Scene.AssetService;
@@ -357,21 +361,37 @@ namespace OpenSim.Region.ClientStack.Linden
                llsdRequest.asset_type == "animation" ||
                llsdRequest.asset_type == "sound")
            {
+                ScenePresence avatar = null;
                IClientAPI client = null;
-                IScene scene = null;
+                m_Scene.TryGetScenePresence(m_HostCapsObj.AgentID, out avatar);
-                if (GetClient != null)
+                // check user level
+                if (avatar != null)
                {
-                    client = GetClient(m_HostCapsObj.AgentID);
+                    client = avatar.ControllingClient;
-                    scene = client.Scene;
+                    if (avatar.UserLevel < m_levelUpload)
+                    {
+                        if (client != null)
+                            client.SendAgentAlertMessage("Unable to upload asset. Insufficient permissions.", false);
-                    IMoneyModule mm = scene.RequestModuleInterface<IMoneyModule>();
+                        LLSDAssetUploadResponse errorResponse = new LLSDAssetUploadResponse();
+                        errorResponse.uploader = "";
+                        errorResponse.state = "error";
+                        return errorResponse;
+                    }
+                }
+                // check funds
+                if (client != null)
+                {
+                    IMoneyModule mm = m_Scene.RequestModuleInterface<IMoneyModule>();
                    if (mm != null)
                    {
                        if (!mm.UploadCovered(client.AgentId, mm.UploadCharge))
                        {
-                            if (client != null)
+                            client.SendAgentAlertMessage("Unable to upload asset. Insufficient funds.", false);
-                                client.SendAgentAlertMessage("Unable to upload asset. Insufficient funds.", false);
                            LLSDAssetUploadResponse errorResponse = new LLSDAssetUploadResponse();
                            errorResponse.uploader = "";
diff --git a/OpenSim/Region/ClientStack/Linden/Caps/NewFileAgentInventoryVariablePriceModule.cs b/OpenSim/Region/ClientStack/Linden/Caps/NewFileAgentInventoryVariablePriceModule.cs
index 1117f2a..91872c5 100644
--- a/OpenSim/Region/ClientStack/Linden/Caps/NewFileAgentInventoryVariablePriceModule.cs
+++ b/OpenSim/Region/ClientStack/Linden/Caps/NewFileAgentInventoryVariablePriceModule.cs
@@ -56,6 +56,7 @@ namespace OpenSim.Region.ClientStack.Linden
 //        private IAssetService m_assetService;
        private bool m_dumpAssetsToFile = false;
        private bool m_enabled = true;
+        private int  m_levelUpload = 0;
        #region IRegionModuleBase Members
@@ -72,6 +73,7 @@ namespace OpenSim.Region.ClientStack.Linden
                return;
            m_enabled = meshConfig.GetBoolean("AllowMeshUpload", true);
+            m_levelUpload = meshConfig.GetInt("LevelUpload", 0);
        }
        public void AddRegion(Scene pScene)
@@ -137,25 +139,41 @@ namespace OpenSim.Region.ClientStack.Linden
           //     llsdRequest.asset_type == "animation" ||
           //     llsdRequest.asset_type == "sound")
           // {
+                // check user level
+                ScenePresence avatar = null;
                IClientAPI client = null;
+                m_scene.TryGetScenePresence(agentID, out avatar);
-                
+                if (avatar != null)
+                {
+                    client = avatar.ControllingClient;
+                    if (avatar.UserLevel < m_levelUpload)
+                    {
+                        if (client != null)
+                            client.SendAgentAlertMessage("Unable to upload asset. Insufficient permissions.", false);
+                        LLSDNewFileAngentInventoryVariablePriceReplyResponse errorResponse = new LLSDNewFileAngentInventoryVariablePriceReplyResponse();
+                        errorResponse.rsvp = "";
+                        errorResponse.state = "error";
+                        return errorResponse;
+                    }
+                }
+                // check funds
                IMoneyModule mm = m_scene.RequestModuleInterface<IMoneyModule>();
-                
                if (mm != null)
                {
-                    if (m_scene.TryGetClient(agentID, out client))
+                    if (!mm.UploadCovered(agentID, mm.UploadCharge))
                    {
-                        if (!mm.UploadCovered(client.AgentId, mm.UploadCharge))
+                        if (client != null)
-                        {
+                            client.SendAgentAlertMessage("Unable to upload asset. Insufficient funds.", false);
-                            if (client != null)
-                                client.SendAgentAlertMessage("Unable to upload asset. Insufficient funds.", false);
+                        LLSDNewFileAngentInventoryVariablePriceReplyResponse errorResponse = new LLSDNewFileAngentInventoryVariablePriceReplyResponse();
+                        errorResponse.rsvp = "";
-                            LLSDNewFileAngentInventoryVariablePriceReplyResponse errorResponse = new LLSDNewFileAngentInventoryVariablePriceReplyResponse();
+                        errorResponse.state = "error";
-                            errorResponse.rsvp = "";
+                        return errorResponse;
-                            errorResponse.state = "error";
-                            return errorResponse;
-                        }
                    }
                }
           // }
diff --git a/OpenSim/Region/CoreModules/Agent/AssetTransaction/AssetTransactionModule.cs b/OpenSim/Region/CoreModules/Agent/AssetTransaction/AssetTransactionModule.cs
index 95e3aec..874693e 100644
--- a/OpenSim/Region/CoreModules/Agent/AssetTransaction/AssetTransactionModule.cs
+++ b/OpenSim/Region/CoreModules/Agent/AssetTransaction/AssetTransactionModule.cs
@@ -47,6 +47,7 @@ namespace OpenSim.Region.CoreModules.Agent.AssetTransaction
        
        protected Scene m_Scene;
        private bool m_dumpAssetsToFile = false;
+        private int  m_levelUpload = 0;
        /// <summary>
        /// Each agent has its own singleton collection of transactions
@@ -56,8 +57,13 @@ namespace OpenSim.Region.CoreModules.Agent.AssetTransaction
        
        #region IRegionModule Members
-        public void Initialise(IConfigSource config)
+        public void Initialise(IConfigSource source)
        {
+            IConfig sconfig = source.Configs["Startup"];
+            if (sconfig != null)
+            {
+                m_levelUpload = sconfig.GetInt("LevelUpload", 0);
+            }
        }
        public void AddRegion(Scene scene)
@@ -241,7 +247,21 @@ namespace OpenSim.Region.CoreModules.Agent.AssetTransaction
                (AssetType)type == AssetType.Animation) &&
                tempFile == false)
            {
+                ScenePresence avatar = null;
                Scene scene = (Scene)remoteClient.Scene;
+                scene.TryGetScenePresence(remoteClient.AgentId, out avatar);
+                // check user level
+                if (avatar != null)
+                {
+                    if (avatar.UserLevel < m_levelUpload)
+                    {
+                        remoteClient.SendAgentAlertMessage("Unable to upload asset. Insufficient permissions.", false);
+                        return;
+                    }
+                }
+                // check funds
                IMoneyModule mm = scene.RequestModuleInterface<IMoneyModule>();
                if (mm != null)
diff --git a/OpenSim/Region/CoreModules/Framework/EntityTransfer/EntityTransferModule.cs b/OpenSim/Region/CoreModules/Framework/EntityTransfer/EntityTransferModule.cs
index 2d73594..427a49d 100644
--- a/OpenSim/Region/CoreModules/Framework/EntityTransfer/EntityTransferModule.cs
+++ b/OpenSim/Region/CoreModules/Framework/EntityTransfer/EntityTransferModule.cs
@@ -60,6 +60,8 @@ namespace OpenSim.Region.CoreModules.Framework.EntityTransfer
            set { m_MaxTransferDistance = value; }
        }
+        private int m_levelHGTeleport = 0;
        protected bool m_Enabled = false;
        protected Scene m_aScene;
        protected List<Scene> m_Scenes = new List<Scene>();
@@ -101,7 +103,10 @@ namespace OpenSim.Region.CoreModules.Framework.EntityTransfer
        {
            IConfig transferConfig = source.Configs["EntityTransfer"];
            if (transferConfig != null)
+            {
                MaxTransferDistance = transferConfig.GetInt("max_distance", 4095);
+                m_levelHGTeleport = transferConfig.GetInt("LevelHGTeleport", 0);
+            }
            m_agentsInTransit = new List<UUID>();
            m_Enabled = true;
@@ -227,6 +232,16 @@ namespace OpenSim.Region.CoreModules.Framework.EntityTransfer
                            return;
                        }
+                        // check if HyperGrid teleport is allowed, based on user level
+                        int flags = m_aScene.GridService.GetRegionFlags(sp.Scene.RegionInfo.ScopeID, reg.RegionID);
+                        if (((flags & (int)OpenSim.Data.RegionFlags.Hyperlink) != 0) && (sp.UserLevel < m_levelHGTeleport))
+                        {
+                            m_log.WarnFormat("[ENTITY TRANSFER MODULE]: Final destination link is non permitted hypergrid region. Unable to teleport agent.");
+                            sp.ControllingClient.SendTeleportFailed("HyperGrid teleport not permitted");
+                            return;
+                        }
                        uint curX = 0, curY = 0;
                        Utils.LongToUInts(sp.Scene.RegionInfo.RegionHandle, out curX, out curY);
                        int curCellX = (int)(curX / Constants.RegionSize);
diff --git a/OpenSim/Region/OptionalModules/Avatar/XmlRpcGroups/GroupsModule.cs b/OpenSim/Region/OptionalModules/Avatar/XmlRpcGroups/GroupsModule.cs
index b60cd42..ea5d805 100644
--- a/OpenSim/Region/OptionalModules/Avatar/XmlRpcGroups/GroupsModule.cs
+++ b/OpenSim/Region/OptionalModules/Avatar/XmlRpcGroups/GroupsModule.cs
@@ -84,6 +84,7 @@ namespace OpenSim.Region.OptionalModules.Avatar.XmlRpcGroups
        private bool m_groupsEnabled = false;
        private bool m_groupNoticesEnabled = true;
        private bool m_debugEnabled = false;
+        private int  m_levelGroupCreate = 0;
        #region IRegionModuleBase Members
@@ -115,6 +116,7 @@ namespace OpenSim.Region.OptionalModules.Avatar.XmlRpcGroups
                m_groupNoticesEnabled   = groupsConfig.GetBoolean("NoticesEnabled", true);
                m_debugEnabled          = groupsConfig.GetBoolean("DebugEnabled", false);
+                m_levelGroupCreate      = groupsConfig.GetInt("LevelGroupCreate", 0);
            }
        }
@@ -708,13 +710,29 @@ namespace OpenSim.Region.OptionalModules.Avatar.XmlRpcGroups
                remoteClient.SendCreateGroupReply(UUID.Zero, false, "A group with the same name already exists.");
                return UUID.Zero;
            }
+            // check user level
+            ScenePresence avatar = null;
+            Scene scene = (Scene)remoteClient.Scene;
+            scene.TryGetScenePresence(remoteClient.AgentId, out avatar);
+            if (avatar != null)
+            {
+                if (avatar.UserLevel < m_levelGroupCreate)
+                {
+                    remoteClient.SendCreateGroupReply(UUID.Zero, false, "You have got insufficient permissions to create a group.");
+                    return UUID.Zero;
+                }
+            }
+            // check funds
            // is there is a money module present ?
-            IMoneyModule money = remoteClient.Scene.RequestModuleInterface<IMoneyModule>();
+            IMoneyModule money = scene.RequestModuleInterface<IMoneyModule>();
            if (money != null)
            {
                // do the transaction, that is if the agent has got sufficient funds
                if (!money.AmountCovered(remoteClient.AgentId, money.GroupCreationCharge)) {
-                    remoteClient.SendCreateGroupReply(UUID.Zero, false, "You have got issuficient funds to create a group.");
+                    remoteClient.SendCreateGroupReply(UUID.Zero, false, "You have got insufficient funds to create a group.");
                    return UUID.Zero;
                }
                money.ApplyCharge(GetRequestingAgentID(remoteClient), money.GroupCreationCharge, "Group Creation");
diff --git a/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/LSL_Api.cs b/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/LSL_Api.cs
index d7a629b..7455929 100644
--- a/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/LSL_Api.cs
+++ b/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/LSL_Api.cs
@@ -4151,6 +4151,9 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
            case 4: // DATA_RATING (0,0,0,0,0,0)
                reply = "0,0,0,0,0,0";
                break;
+            case 7: // DATA_USERLEVEL (integer)
+                reply = account.UserLevel.ToString();
+                break;
            case 8: // DATA_PAYINFO (0|1|2|3)
                reply = "0";
                break;
diff --git a/OpenSim/Services/HypergridService/GatekeeperService.cs b/OpenSim/Services/HypergridService/GatekeeperService.cs
index 4e38687..149a0ab 100644
--- a/OpenSim/Services/HypergridService/GatekeeperService.cs
+++ b/OpenSim/Services/HypergridService/GatekeeperService.cs
@@ -60,6 +60,7 @@ namespace OpenSim.Services.HypergridService
        protected string m_AllowedClients = string.Empty;
        protected string m_DeniedClients = string.Empty;
+        private static bool m_ForeignAgentsAllowed = true;
        private static UUID m_ScopeID;
        private static bool m_AllowTeleportsToAnyRegion;
@@ -110,6 +111,7 @@ namespace OpenSim.Services.HypergridService
                m_AllowedClients = serverConfig.GetString("AllowedClients", string.Empty);
                m_DeniedClients = serverConfig.GetString("DeniedClients", string.Empty);
+                m_ForeignAgentsAllowed = serverConfig.GetBoolean("ForeignAgentsAllowed", true);
                if (m_GridService == null || m_PresenceService == null || m_SimulationService == null)
                    throw new Exception("Unable to load a required plugin, Gatekeeper Service cannot function.");
@@ -257,6 +259,17 @@ namespace OpenSim.Services.HypergridService
            }
            m_log.DebugFormat("[GATEKEEPER SERVICE]: User is ok");
+            //
+            // Foreign agents allowed
+            //
+            if (account == null && !m_ForeignAgentsAllowed)
+            {
+                reason = "Unauthorized";
+                m_log.InfoFormat("[GATEKEEPER SERVICE]: Foreign agents are not permitted {0} {1}. Refusing service.",
+                    aCircuit.firstname, aCircuit.lastname);
+                return false;
+            }
            // May want to authorize
            bool isFirstLogin = false;
diff --git a/OpenSim/Services/HypergridService/UserAgentService.cs b/OpenSim/Services/HypergridService/UserAgentService.cs
index 6a5007f..49c7f89 100644
--- a/OpenSim/Services/HypergridService/UserAgentService.cs
+++ b/OpenSim/Services/HypergridService/UserAgentService.cs
@@ -73,6 +73,8 @@ namespace OpenSim.Services.HypergridService
        protected static string m_GridName;
+        protected static int m_LevelOutsideContacts;
        protected static bool m_BypassClientVerification;
        public UserAgentService(IConfigSource config) : this(config, null)
@@ -127,6 +129,8 @@ namespace OpenSim.Services.HypergridService
                }
                if (!m_GridName.EndsWith("/"))
                    m_GridName = m_GridName + "/";
+                m_LevelOutsideContacts = serverConfig.GetInt("LevelOutsideContacts", 0);
            }
        }
@@ -571,10 +575,16 @@ namespace OpenSim.Services.HypergridService
        public UUID GetUUID(String first, String last)
        {
-                        // Let's see if it's a local user
+            // Let's see if it's a local user
            UserAccount account = m_UserAccountService.GetUserAccount(UUID.Zero, first, last);
            if (account != null)
-                return account.PrincipalID;
+            {
+                // check user level
+                if (account.UserLevel < m_LevelOutsideContacts)
+                    return UUID.Zero;
+                else
+                    return account.PrincipalID;
+            }
            else
                return UUID.Zero;
        }
author	Snoopy Pfeffer	2012-03-27 22:09:58 +0200
committer	Snoopy Pfeffer	2012-03-27 22:09:58 +0200
commit	7223b63563f28f6fe8044bdabcd1b9900d28c54a (patch)
tree	7bf1df67f9a1388b940b386e64e239f52f986a4b /OpenSim
parent	HG: beginning of a more restrictive inventory access procedure (optional). Ex... (diff)
download	opensim-SC-7223b63563f28f6fe8044bdabcd1b9900d28c54a.zip opensim-SC-7223b63563f28f6fe8044bdabcd1b9900d28c54a.tar.gz opensim-SC-7223b63563f28f6fe8044bdabcd1b9900d28c54a.tar.bz2 opensim-SC-7223b63563f28f6fe8044bdabcd1b9900d28c54a.tar.xz

diff --git a/OpenSim/Region/ClientStack/Linden/Caps/BunchOfCaps/BunchOfCaps.cs b/OpenSim/Region/ClientStack/Linden/Caps/BunchOfCaps/BunchOfCaps.cs index ed3430a..8ec2f20 100644 --- a/OpenSim/Region/ClientStack/Linden/Caps/BunchOfCaps/BunchOfCaps.cs +++ b/OpenSim/Region/ClientStack/Linden/Caps/BunchOfCaps/BunchOfCaps.cs
@@ -111,6 +111,7 @@ namespace OpenSim.Region.ClientStack.Linden
111	private IAssetService m_assetService;	111	private IAssetService m_assetService;
112	private bool m_dumpAssetsToFile = false;	112	private bool m_dumpAssetsToFile = false;
113	private string m_regionName;	113	private string m_regionName;
		114	private int m_levelUpload = 0;
114		115
115	public BunchOfCaps(Scene scene, Caps caps)	116	public BunchOfCaps(Scene scene, Caps caps)
116	{	117	{
@@ -121,7 +122,10 @@ namespace OpenSim.Region.ClientStack.Linden
121	{	122	{
122	IConfig sconfig = config.Configs["Startup"];	123	IConfig sconfig = config.Configs["Startup"];
123	if (sconfig != null)	124	if (sconfig != null)
		125	{
124	m_persistBakedTextures = sconfig.GetBoolean("PersistBakedTextures", m_persistBakedTextures);	126	m_persistBakedTextures = sconfig.GetBoolean("PersistBakedTextures", m_persistBakedTextures);
		127	m_levelUpload = sconfig.GetInt("LevelUpload", 0);
		128	}
125	}	129	}
126		130
127	m_assetService = m_Scene.AssetService;	131	m_assetService = m_Scene.AssetService;
@@ -357,21 +361,37 @@ namespace OpenSim.Region.ClientStack.Linden
357	llsdRequest.asset_type == "animation" \|\|	361	llsdRequest.asset_type == "animation" \|\|
358	llsdRequest.asset_type == "sound")	362	llsdRequest.asset_type == "sound")
359	{	363	{
		364	ScenePresence avatar = null;
360	IClientAPI client = null;	365	IClientAPI client = null;
361	IScene scene = null;	366	m_Scene.TryGetScenePresence(m_HostCapsObj.AgentID, out avatar);
362	if (GetClient != null)	367
		368	// check user level
		369	if (avatar != null)
363	{	370	{
364	client = GetClient(m_HostCapsObj.AgentID);	371	client = avatar.ControllingClient;
365	scene = client.Scene;	372
		373	if (avatar.UserLevel < m_levelUpload)
		374	{
		375	if (client != null)
		376	client.SendAgentAlertMessage("Unable to upload asset. Insufficient permissions.", false);
366		377
367	IMoneyModule mm = scene.RequestModuleInterface<IMoneyModule>();	378	LLSDAssetUploadResponse errorResponse = new LLSDAssetUploadResponse();
		379	errorResponse.uploader = "";
		380	errorResponse.state = "error";
		381	return errorResponse;
		382	}
		383	}
		384
		385	// check funds
		386	if (client != null)
		387	{
		388	IMoneyModule mm = m_Scene.RequestModuleInterface<IMoneyModule>();
368		389
369	if (mm != null)	390	if (mm != null)
370	{	391	{
371	if (!mm.UploadCovered(client.AgentId, mm.UploadCharge))	392	if (!mm.UploadCovered(client.AgentId, mm.UploadCharge))
372	{	393	{
373	if (client != null)	394	client.SendAgentAlertMessage("Unable to upload asset. Insufficient funds.", false);
374	client.SendAgentAlertMessage("Unable to upload asset. Insufficient funds.", false);
375		395
376	LLSDAssetUploadResponse errorResponse = new LLSDAssetUploadResponse();	396	LLSDAssetUploadResponse errorResponse = new LLSDAssetUploadResponse();
377	errorResponse.uploader = "";	397	errorResponse.uploader = "";


diff --git a/OpenSim/Region/ClientStack/Linden/Caps/NewFileAgentInventoryVariablePriceModule.cs b/OpenSim/Region/ClientStack/Linden/Caps/NewFileAgentInventoryVariablePriceModule.cs index 1117f2a..91872c5 100644 --- a/OpenSim/Region/ClientStack/Linden/Caps/NewFileAgentInventoryVariablePriceModule.cs +++ b/OpenSim/Region/ClientStack/Linden/Caps/NewFileAgentInventoryVariablePriceModule.cs
@@ -56,6 +56,7 @@ namespace OpenSim.Region.ClientStack.Linden
56	// private IAssetService m_assetService;	56	// private IAssetService m_assetService;
57	private bool m_dumpAssetsToFile = false;	57	private bool m_dumpAssetsToFile = false;
58	private bool m_enabled = true;	58	private bool m_enabled = true;
		59	private int m_levelUpload = 0;
59		60
60	#region IRegionModuleBase Members	61	#region IRegionModuleBase Members
61		62
@@ -72,6 +73,7 @@ namespace OpenSim.Region.ClientStack.Linden
72	return;	73	return;
73		74
74	m_enabled = meshConfig.GetBoolean("AllowMeshUpload", true);	75	m_enabled = meshConfig.GetBoolean("AllowMeshUpload", true);
		76	m_levelUpload = meshConfig.GetInt("LevelUpload", 0);
75	}	77	}
76		78
77	public void AddRegion(Scene pScene)	79	public void AddRegion(Scene pScene)
@@ -137,25 +139,41 @@ namespace OpenSim.Region.ClientStack.Linden
137	// llsdRequest.asset_type == "animation" \|\|	139	// llsdRequest.asset_type == "animation" \|\|
138	// llsdRequest.asset_type == "sound")	140	// llsdRequest.asset_type == "sound")
139	// {	141	// {
		142	// check user level
		143	ScenePresence avatar = null;
140	IClientAPI client = null;	144	IClientAPI client = null;
		145	m_scene.TryGetScenePresence(agentID, out avatar);
141		146
142		147	if (avatar != null)
		148	{
		149	client = avatar.ControllingClient;
		150
		151	if (avatar.UserLevel < m_levelUpload)
		152	{
		153	if (client != null)
		154	client.SendAgentAlertMessage("Unable to upload asset. Insufficient permissions.", false);
		155
		156	LLSDNewFileAngentInventoryVariablePriceReplyResponse errorResponse = new LLSDNewFileAngentInventoryVariablePriceReplyResponse();
		157	errorResponse.rsvp = "";
		158	errorResponse.state = "error";
		159	return errorResponse;
		160	}
		161	}
		162
		163	// check funds
143	IMoneyModule mm = m_scene.RequestModuleInterface<IMoneyModule>();	164	IMoneyModule mm = m_scene.RequestModuleInterface<IMoneyModule>();
144		165
145	if (mm != null)	166	if (mm != null)
146	{	167	{
147	if (m_scene.TryGetClient(agentID, out client))	168	if (!mm.UploadCovered(agentID, mm.UploadCharge))
148	{	169	{
149	if (!mm.UploadCovered(client.AgentId, mm.UploadCharge))	170	if (client != null)
150	{	171	client.SendAgentAlertMessage("Unable to upload asset. Insufficient funds.", false);
151	if (client != null)	172
152	client.SendAgentAlertMessage("Unable to upload asset. Insufficient funds.", false);	173	LLSDNewFileAngentInventoryVariablePriceReplyResponse errorResponse = new LLSDNewFileAngentInventoryVariablePriceReplyResponse();
153		174	errorResponse.rsvp = "";
154	LLSDNewFileAngentInventoryVariablePriceReplyResponse errorResponse = new LLSDNewFileAngentInventoryVariablePriceReplyResponse();	175	errorResponse.state = "error";
155	errorResponse.rsvp = "";	176	return errorResponse;
156	errorResponse.state = "error";
157	return errorResponse;
158	}
159	}	177	}
160	}	178	}
161	// }	179	// }


diff --git a/OpenSim/Region/CoreModules/Agent/AssetTransaction/AssetTransactionModule.cs b/OpenSim/Region/CoreModules/Agent/AssetTransaction/AssetTransactionModule.cs index 95e3aec..874693e 100644 --- a/OpenSim/Region/CoreModules/Agent/AssetTransaction/AssetTransactionModule.cs +++ b/OpenSim/Region/CoreModules/Agent/AssetTransaction/AssetTransactionModule.cs
@@ -47,6 +47,7 @@ namespace OpenSim.Region.CoreModules.Agent.AssetTransaction
47		47
48	protected Scene m_Scene;	48	protected Scene m_Scene;
49	private bool m_dumpAssetsToFile = false;	49	private bool m_dumpAssetsToFile = false;
		50	private int m_levelUpload = 0;
50		51
51	/// <summary>	52	/// <summary>
52	/// Each agent has its own singleton collection of transactions	53	/// Each agent has its own singleton collection of transactions
@@ -56,8 +57,13 @@ namespace OpenSim.Region.CoreModules.Agent.AssetTransaction
56		57
57	#region IRegionModule Members	58	#region IRegionModule Members
58		59
59	public void Initialise(IConfigSource config)	60	public void Initialise(IConfigSource source)
60	{	61	{
		62	IConfig sconfig = source.Configs["Startup"];
		63	if (sconfig != null)
		64	{
		65	m_levelUpload = sconfig.GetInt("LevelUpload", 0);
		66	}
61	}	67	}
62		68
63	public void AddRegion(Scene scene)	69	public void AddRegion(Scene scene)
@@ -241,7 +247,21 @@ namespace OpenSim.Region.CoreModules.Agent.AssetTransaction
241	(AssetType)type == AssetType.Animation) &&	247	(AssetType)type == AssetType.Animation) &&
242	tempFile == false)	248	tempFile == false)
243	{	249	{
		250	ScenePresence avatar = null;
244	Scene scene = (Scene)remoteClient.Scene;	251	Scene scene = (Scene)remoteClient.Scene;
		252	scene.TryGetScenePresence(remoteClient.AgentId, out avatar);
		253
		254	// check user level
		255	if (avatar != null)
		256	{
		257	if (avatar.UserLevel < m_levelUpload)
		258	{
		259	remoteClient.SendAgentAlertMessage("Unable to upload asset. Insufficient permissions.", false);
		260	return;
		261	}
		262	}
		263
		264	// check funds
245	IMoneyModule mm = scene.RequestModuleInterface<IMoneyModule>();	265	IMoneyModule mm = scene.RequestModuleInterface<IMoneyModule>();
246		266
247	if (mm != null)	267	if (mm != null)


diff --git a/OpenSim/Region/CoreModules/Framework/EntityTransfer/EntityTransferModule.cs b/OpenSim/Region/CoreModules/Framework/EntityTransfer/EntityTransferModule.cs index 2d73594..427a49d 100644 --- a/OpenSim/Region/CoreModules/Framework/EntityTransfer/EntityTransferModule.cs +++ b/OpenSim/Region/CoreModules/Framework/EntityTransfer/EntityTransferModule.cs
@@ -60,6 +60,8 @@ namespace OpenSim.Region.CoreModules.Framework.EntityTransfer
60	set { m_MaxTransferDistance = value; }	60	set { m_MaxTransferDistance = value; }
61	}	61	}
62		62
		63	private int m_levelHGTeleport = 0;
		64
63	protected bool m_Enabled = false;	65	protected bool m_Enabled = false;
64	protected Scene m_aScene;	66	protected Scene m_aScene;
65	protected List<Scene> m_Scenes = new List<Scene>();	67	protected List<Scene> m_Scenes = new List<Scene>();
@@ -101,7 +103,10 @@ namespace OpenSim.Region.CoreModules.Framework.EntityTransfer
101	{	103	{
102	IConfig transferConfig = source.Configs["EntityTransfer"];	104	IConfig transferConfig = source.Configs["EntityTransfer"];
103	if (transferConfig != null)	105	if (transferConfig != null)
		106	{
104	MaxTransferDistance = transferConfig.GetInt("max_distance", 4095);	107	MaxTransferDistance = transferConfig.GetInt("max_distance", 4095);
		108	m_levelHGTeleport = transferConfig.GetInt("LevelHGTeleport", 0);
		109	}
105		110
106	m_agentsInTransit = new List<UUID>();	111	m_agentsInTransit = new List<UUID>();
107	m_Enabled = true;	112	m_Enabled = true;
@@ -227,6 +232,16 @@ namespace OpenSim.Region.CoreModules.Framework.EntityTransfer
227	return;	232	return;
228	}	233	}
229		234
		235	// check if HyperGrid teleport is allowed, based on user level
		236	int flags = m_aScene.GridService.GetRegionFlags(sp.Scene.RegionInfo.ScopeID, reg.RegionID);
		237
		238	if (((flags & (int)OpenSim.Data.RegionFlags.Hyperlink) != 0) && (sp.UserLevel < m_levelHGTeleport))
		239	{
		240	m_log.WarnFormat("[ENTITY TRANSFER MODULE]: Final destination link is non permitted hypergrid region. Unable to teleport agent.");
		241	sp.ControllingClient.SendTeleportFailed("HyperGrid teleport not permitted");
		242	return;
		243	}
		244
230	uint curX = 0, curY = 0;	245	uint curX = 0, curY = 0;
231	Utils.LongToUInts(sp.Scene.RegionInfo.RegionHandle, out curX, out curY);	246	Utils.LongToUInts(sp.Scene.RegionInfo.RegionHandle, out curX, out curY);
232	int curCellX = (int)(curX / Constants.RegionSize);	247	int curCellX = (int)(curX / Constants.RegionSize);


diff --git a/OpenSim/Region/OptionalModules/Avatar/XmlRpcGroups/GroupsModule.cs b/OpenSim/Region/OptionalModules/Avatar/XmlRpcGroups/GroupsModule.cs index b60cd42..ea5d805 100644 --- a/OpenSim/Region/OptionalModules/Avatar/XmlRpcGroups/GroupsModule.cs +++ b/OpenSim/Region/OptionalModules/Avatar/XmlRpcGroups/GroupsModule.cs
@@ -84,6 +84,7 @@ namespace OpenSim.Region.OptionalModules.Avatar.XmlRpcGroups
84	private bool m_groupsEnabled = false;	84	private bool m_groupsEnabled = false;
85	private bool m_groupNoticesEnabled = true;	85	private bool m_groupNoticesEnabled = true;
86	private bool m_debugEnabled = false;	86	private bool m_debugEnabled = false;
		87	private int m_levelGroupCreate = 0;
87		88
88	#region IRegionModuleBase Members	89	#region IRegionModuleBase Members
89		90
@@ -115,6 +116,7 @@ namespace OpenSim.Region.OptionalModules.Avatar.XmlRpcGroups
115		116
116	m_groupNoticesEnabled = groupsConfig.GetBoolean("NoticesEnabled", true);	117	m_groupNoticesEnabled = groupsConfig.GetBoolean("NoticesEnabled", true);
117	m_debugEnabled = groupsConfig.GetBoolean("DebugEnabled", false);	118	m_debugEnabled = groupsConfig.GetBoolean("DebugEnabled", false);
		119	m_levelGroupCreate = groupsConfig.GetInt("LevelGroupCreate", 0);
118	}	120	}
119	}	121	}
120		122
@@ -708,13 +710,29 @@ namespace OpenSim.Region.OptionalModules.Avatar.XmlRpcGroups
708	remoteClient.SendCreateGroupReply(UUID.Zero, false, "A group with the same name already exists.");	710	remoteClient.SendCreateGroupReply(UUID.Zero, false, "A group with the same name already exists.");
709	return UUID.Zero;	711	return UUID.Zero;
710	}	712	}
		713
		714	// check user level
		715	ScenePresence avatar = null;
		716	Scene scene = (Scene)remoteClient.Scene;
		717	scene.TryGetScenePresence(remoteClient.AgentId, out avatar);
		718
		719	if (avatar != null)
		720	{
		721	if (avatar.UserLevel < m_levelGroupCreate)
		722	{
		723	remoteClient.SendCreateGroupReply(UUID.Zero, false, "You have got insufficient permissions to create a group.");
		724	return UUID.Zero;
		725	}
		726	}
		727
		728	// check funds
711	// is there is a money module present ?	729	// is there is a money module present ?
712	IMoneyModule money = remoteClient.Scene.RequestModuleInterface<IMoneyModule>();	730	IMoneyModule money = scene.RequestModuleInterface<IMoneyModule>();
713	if (money != null)	731	if (money != null)
714	{	732	{
715	// do the transaction, that is if the agent has got sufficient funds	733	// do the transaction, that is if the agent has got sufficient funds
716	if (!money.AmountCovered(remoteClient.AgentId, money.GroupCreationCharge)) {	734	if (!money.AmountCovered(remoteClient.AgentId, money.GroupCreationCharge)) {
717	remoteClient.SendCreateGroupReply(UUID.Zero, false, "You have got issuficient funds to create a group.");	735	remoteClient.SendCreateGroupReply(UUID.Zero, false, "You have got insufficient funds to create a group.");
718	return UUID.Zero;	736	return UUID.Zero;
719	}	737	}
720	money.ApplyCharge(GetRequestingAgentID(remoteClient), money.GroupCreationCharge, "Group Creation");	738	money.ApplyCharge(GetRequestingAgentID(remoteClient), money.GroupCreationCharge, "Group Creation");


diff --git a/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/LSL_Api.cs b/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/LSL_Api.cs index d7a629b..7455929 100644 --- a/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/LSL_Api.cs +++ b/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/LSL_Api.cs
@@ -4151,6 +4151,9 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
4151	case 4: // DATA_RATING (0,0,0,0,0,0)	4151	case 4: // DATA_RATING (0,0,0,0,0,0)
4152	reply = "0,0,0,0,0,0";	4152	reply = "0,0,0,0,0,0";
4153	break;	4153	break;
		4154	case 7: // DATA_USERLEVEL (integer)
		4155	reply = account.UserLevel.ToString();
		4156	break;
4154	case 8: // DATA_PAYINFO (0\|1\|2\|3)	4157	case 8: // DATA_PAYINFO (0\|1\|2\|3)
4155	reply = "0";	4158	reply = "0";
4156	break;	4159	break;


diff --git a/OpenSim/Services/HypergridService/GatekeeperService.cs b/OpenSim/Services/HypergridService/GatekeeperService.cs index 4e38687..149a0ab 100644 --- a/OpenSim/Services/HypergridService/GatekeeperService.cs +++ b/OpenSim/Services/HypergridService/GatekeeperService.cs
@@ -60,6 +60,7 @@ namespace OpenSim.Services.HypergridService
60		60
61	protected string m_AllowedClients = string.Empty;	61	protected string m_AllowedClients = string.Empty;
62	protected string m_DeniedClients = string.Empty;	62	protected string m_DeniedClients = string.Empty;
		63	private static bool m_ForeignAgentsAllowed = true;
63		64
64	private static UUID m_ScopeID;	65	private static UUID m_ScopeID;
65	private static bool m_AllowTeleportsToAnyRegion;	66	private static bool m_AllowTeleportsToAnyRegion;
@@ -110,6 +111,7 @@ namespace OpenSim.Services.HypergridService
110		111
111	m_AllowedClients = serverConfig.GetString("AllowedClients", string.Empty);	112	m_AllowedClients = serverConfig.GetString("AllowedClients", string.Empty);
112	m_DeniedClients = serverConfig.GetString("DeniedClients", string.Empty);	113	m_DeniedClients = serverConfig.GetString("DeniedClients", string.Empty);
		114	m_ForeignAgentsAllowed = serverConfig.GetBoolean("ForeignAgentsAllowed", true);
113		115
114	if (m_GridService == null \|\| m_PresenceService == null \|\| m_SimulationService == null)	116	if (m_GridService == null \|\| m_PresenceService == null \|\| m_SimulationService == null)
115	throw new Exception("Unable to load a required plugin, Gatekeeper Service cannot function.");	117	throw new Exception("Unable to load a required plugin, Gatekeeper Service cannot function.");
@@ -257,6 +259,17 @@ namespace OpenSim.Services.HypergridService
257	}	259	}
258	m_log.DebugFormat("[GATEKEEPER SERVICE]: User is ok");	260	m_log.DebugFormat("[GATEKEEPER SERVICE]: User is ok");
259		261
		262	//
		263	// Foreign agents allowed
		264	//
		265	if (account == null && !m_ForeignAgentsAllowed)
		266	{
		267	reason = "Unauthorized";
		268	m_log.InfoFormat("[GATEKEEPER SERVICE]: Foreign agents are not permitted {0} {1}. Refusing service.",
		269	aCircuit.firstname, aCircuit.lastname);
		270	return false;
		271	}
		272
260	// May want to authorize	273	// May want to authorize
261		274
262	bool isFirstLogin = false;	275	bool isFirstLogin = false;


diff --git a/OpenSim/Services/HypergridService/UserAgentService.cs b/OpenSim/Services/HypergridService/UserAgentService.cs index 6a5007f..49c7f89 100644 --- a/OpenSim/Services/HypergridService/UserAgentService.cs +++ b/OpenSim/Services/HypergridService/UserAgentService.cs
@@ -73,6 +73,8 @@ namespace OpenSim.Services.HypergridService
73		73
74	protected static string m_GridName;	74	protected static string m_GridName;
75		75
		76	protected static int m_LevelOutsideContacts;
		77
76	protected static bool m_BypassClientVerification;	78	protected static bool m_BypassClientVerification;
77		79
78	public UserAgentService(IConfigSource config) : this(config, null)	80	public UserAgentService(IConfigSource config) : this(config, null)
@@ -127,6 +129,8 @@ namespace OpenSim.Services.HypergridService
127	}	129	}
128	if (!m_GridName.EndsWith("/"))	130	if (!m_GridName.EndsWith("/"))
129	m_GridName = m_GridName + "/";	131	m_GridName = m_GridName + "/";
		132
		133	m_LevelOutsideContacts = serverConfig.GetInt("LevelOutsideContacts", 0);
130	}	134	}
131	}	135	}
132		136
@@ -571,10 +575,16 @@ namespace OpenSim.Services.HypergridService
571		575
572	public UUID GetUUID(String first, String last)	576	public UUID GetUUID(String first, String last)
573	{	577	{
574	// Let's see if it's a local user	578	// Let's see if it's a local user
575	UserAccount account = m_UserAccountService.GetUserAccount(UUID.Zero, first, last);	579	UserAccount account = m_UserAccountService.GetUserAccount(UUID.Zero, first, last);
576	if (account != null)	580	if (account != null)
577	return account.PrincipalID;	581	{
		582	// check user level
		583	if (account.UserLevel < m_LevelOutsideContacts)
		584	return UUID.Zero;
		585	else
		586	return account.PrincipalID;
		587	}
578	else	588	else
579	return UUID.Zero;	589	return UUID.Zero;
580	}	590	}