aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/OpenSim
diff options
context:
space:
mode:
authorJustin Clark-Casey (justincc)2010-04-19 21:02:36 +0100
committerJustin Clark-Casey (justincc)2010-05-26 21:12:56 +0100
commitd6e1333810b41407378a534a720128b498e0aada (patch)
treefa3cd62cc573cbffb41fb5ccff37e22c65c464d7 /OpenSim
parentcheck group membership and powers with the groups module rather than just the... (diff)
downloadopensim-SC-d6e1333810b41407378a534a720128b498e0aada.zip
opensim-SC-d6e1333810b41407378a534a720128b498e0aada.tar.gz
opensim-SC-d6e1333810b41407378a534a720128b498e0aada.tar.bz2
opensim-SC-d6e1333810b41407378a534a720128b498e0aada.tar.xz
If a transfer request is received for a task inventory item asset, then route the permissions request through the existing CanEditScript() and CanEditNotecard() methods.
This implements the 'share with group' flag for notecards and scripts in prim inventory since the PermissionsModule checks group membership and permissions. Other than that, the code in PermissionsModule duplicates the checks in LLClientView so there should be no change other than allowing group members to edit embedded notecards and scripts. For all other asset types, the permission checking code in LLClientView continues to be used, pending refactoring of suitable permissions code This means that 'share with group' will not yet work for prim inventory items other than notecards and scripts
Diffstat (limited to 'OpenSim')
-rw-r--r--OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs99
-rw-r--r--OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs17
2 files changed, 91 insertions, 25 deletions
diff --git a/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs b/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs
index bd0c146..c9ef173 100644
--- a/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs
+++ b/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs
@@ -7053,32 +7053,89 @@ namespace OpenSim.Region.ClientStack.LindenUDP
7053 taskID = new UUID(transfer.TransferInfo.Params, 48); 7053 taskID = new UUID(transfer.TransferInfo.Params, 48);
7054 UUID itemID = new UUID(transfer.TransferInfo.Params, 64); 7054 UUID itemID = new UUID(transfer.TransferInfo.Params, 64);
7055 UUID requestID = new UUID(transfer.TransferInfo.Params, 80); 7055 UUID requestID = new UUID(transfer.TransferInfo.Params, 80);
7056
7057// m_log.DebugFormat(
7058// "[CLIENT]: Got request for asset {0} from item {1} in prim {2} by {3}",
7059// requestID, itemID, taskID, Name);
7060
7056 if (!(((Scene)m_scene).Permissions.BypassPermissions())) 7061 if (!(((Scene)m_scene).Permissions.BypassPermissions()))
7057 { 7062 {
7058 if (taskID != UUID.Zero) // Prim 7063 if (taskID != UUID.Zero) // Prim
7059 { 7064 {
7060 SceneObjectPart part = ((Scene)m_scene).GetSceneObjectPart(taskID); 7065 SceneObjectPart part = ((Scene)m_scene).GetSceneObjectPart(taskID);
7061 if (part == null) 7066 if (part == null)
7067 {
7068 m_log.WarnFormat(
7069 "[CLIENT]: {0} requested asset {1} from item {2} in prim {3} but prim does not exist",
7070 Name, requestID, itemID, taskID);
7062 return true; 7071 return true;
7072 }
7063 7073
7064 if (part.OwnerID != AgentId) 7074 TaskInventoryItem tii = part.Inventory.GetInventoryItem(itemID);
7065 return true; 7075 if (tii == null)
7066 7076 {
7067 if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0) 7077 m_log.WarnFormat(
7068 return true; 7078 "[CLIENT]: {0} requested asset {1} from item {2} in prim {3} but item does not exist",
7069 7079 Name, requestID, itemID, taskID);
7070 TaskInventoryItem ti = part.Inventory.GetInventoryItem(itemID);
7071 if (ti == null)
7072 return true;
7073
7074 if (ti.OwnerID != AgentId)
7075 return true;
7076
7077 if ((ti.CurrentPermissions & ((uint)PermissionMask.Modify | (uint)PermissionMask.Copy | (uint)PermissionMask.Transfer)) != ((uint)PermissionMask.Modify | (uint)PermissionMask.Copy | (uint)PermissionMask.Transfer))
7078 return true;
7079
7080 if (ti.AssetID != requestID)
7081 return true; 7080 return true;
7081 }
7082
7083 if (tii.Type == (int)AssetType.LSLText)
7084 {
7085 if (!((Scene)m_scene).Permissions.CanEditScript(itemID, taskID, AgentId))
7086 return true;
7087 }
7088 else if (tii.Type == (int)AssetType.Notecard)
7089 {
7090 if (!((Scene)m_scene).Permissions.CanEditNotecard(itemID, taskID, AgentId))
7091 return true;
7092 }
7093 else
7094 {
7095 // TODO: Change this code to allow items other than notecards and scripts to be successfully
7096 // shared with group. In fact, all this permissions checking should move to an IPermissionsModule
7097 if (part.OwnerID != AgentId)
7098 {
7099 m_log.WarnFormat(
7100 "[CLIENT]: {0} requested asset {1} from item {2} in prim {3} but the prim is owned by {4}",
7101 Name, requestID, itemID, taskID, part.OwnerID);
7102 return true;
7103 }
7104
7105 if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0)
7106 {
7107 m_log.WarnFormat(
7108 "[CLIENT]: {0} requested asset {1} from item {2} in prim {3} but modify permissions are not set",
7109 Name, requestID, itemID, taskID);
7110 return true;
7111 }
7112
7113 if (tii.OwnerID != AgentId)
7114 {
7115 m_log.WarnFormat(
7116 "[CLIENT]: {0} requested asset {1} from item {2} in prim {3} but the item is owned by {4}",
7117 Name, requestID, itemID, taskID, tii.OwnerID);
7118 return true;
7119 }
7120
7121 if ((
7122 tii.CurrentPermissions & ((uint)PermissionMask.Modify | (uint)PermissionMask.Copy | (uint)PermissionMask.Transfer))
7123 != ((uint)PermissionMask.Modify | (uint)PermissionMask.Copy | (uint)PermissionMask.Transfer))
7124 {
7125 m_log.WarnFormat(
7126 "[CLIENT]: {0} requested asset {1} from item {2} in prim {3} but item permissions are not modify/copy/transfer",
7127 Name, requestID, itemID, taskID);
7128 return true;
7129 }
7130
7131 if (tii.AssetID != requestID)
7132 {
7133 m_log.WarnFormat(
7134 "[CLIENT]: {0} requested asset {1} from item {2} in prim {3} but this does not match item's asset {4}",
7135 Name, requestID, itemID, taskID, tii.AssetID);
7136 return true;
7137 }
7138 }
7082 } 7139 }
7083 else // Agent 7140 else // Agent
7084 { 7141 {
@@ -7114,7 +7171,12 @@ namespace OpenSim.Region.ClientStack.LindenUDP
7114 } 7171 }
7115 7172
7116 if (assetRequestItem.AssetID != requestID) 7173 if (assetRequestItem.AssetID != requestID)
7174 {
7175 m_log.WarnFormat(
7176 "[CLIENT]: {0} requested asset {1} from item {2} but this does not match item's asset {3}",
7177 Name, requestID, itemID, assetRequestItem.AssetID);
7117 return true; 7178 return true;
7179 }
7118 } 7180 }
7119 } 7181 }
7120 } 7182 }
@@ -11310,8 +11372,7 @@ namespace OpenSim.Region.ClientStack.LindenUDP
11310 // } 11372 // }
11311 } 11373 }
11312 11374
11313 //check to see if asset is in local cache, if not we need to request it from asset server. 11375// m_log.DebugFormat("[CLIENT]: {0} requesting asset {1}", Name, requestID);
11314 //m_log.Debug("asset request " + requestID);
11315 11376
11316 m_assetService.Get(requestID.ToString(), transferRequest, AssetReceived); 11377 m_assetService.Get(requestID.ToString(), transferRequest, AssetReceived);
11317 11378
diff --git a/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs b/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs
index db900df..a972ca6 100644
--- a/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs
+++ b/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs
@@ -1063,7 +1063,9 @@ namespace OpenSim.Region.CoreModules.World.Permissions
1063 1063
1064 if ((part.GroupMask & (uint)PermissionMask.Modify) == 0) 1064 if ((part.GroupMask & (uint)PermissionMask.Modify) == 0)
1065 return false; 1065 return false;
1066 } else { 1066 }
1067 else
1068 {
1067 if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0) 1069 if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0)
1068 return false; 1070 return false;
1069 } 1071 }
@@ -1079,7 +1081,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions
1079 return false; 1081 return false;
1080 1082
1081 if (!IsGroupMember(ti.GroupID, user, 0)) 1083 if (!IsGroupMember(ti.GroupID, user, 0))
1082 return false; 1084 return false;
1083 } 1085 }
1084 1086
1085 // Require full perms 1087 // Require full perms
@@ -1483,14 +1485,16 @@ namespace OpenSim.Region.CoreModules.World.Permissions
1483 if (part.OwnerID != user) 1485 if (part.OwnerID != user)
1484 { 1486 {
1485 if (part.GroupID == UUID.Zero) 1487 if (part.GroupID == UUID.Zero)
1486 return false; 1488 return false;
1487 1489
1488 if (!IsGroupMember(part.GroupID, user, 0)) 1490 if (!IsGroupMember(part.GroupID, user, 0))
1489 return false; 1491 return false;
1490 1492
1491 if ((part.GroupMask & (uint)PermissionMask.Modify) == 0) 1493 if ((part.GroupMask & (uint)PermissionMask.Modify) == 0)
1492 return false; 1494 return false;
1493 } else { 1495 }
1496 else
1497 {
1494 if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0) 1498 if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0)
1495 return false; 1499 return false;
1496 } 1500 }
@@ -1806,7 +1810,8 @@ namespace OpenSim.Region.CoreModules.World.Permissions
1806 // Is it correct to be less restrictive for lists of objects to be returned? 1810 // Is it correct to be less restrictive for lists of objects to be returned?
1807 } 1811 }
1808 1812
1809 private bool CanCompileScript(UUID ownerUUID, int scriptType, Scene scene) { 1813 private bool CanCompileScript(UUID ownerUUID, int scriptType, Scene scene)
1814 {
1810 //m_log.DebugFormat("check if {0} is allowed to compile {1}", ownerUUID, scriptType); 1815 //m_log.DebugFormat("check if {0} is allowed to compile {1}", ownerUUID, scriptType);
1811 switch (scriptType) { 1816 switch (scriptType) {
1812 case 0: 1817 case 0:
@@ -1840,4 +1845,4 @@ namespace OpenSim.Region.CoreModules.World.Permissions
1840 return(false); 1845 return(false);
1841 } 1846 }
1842 } 1847 }
1843} 1848} \ No newline at end of file