diff options
-rw-r--r-- | OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs | 99 | ||||
-rw-r--r-- | OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs | 17 |
2 files changed, 91 insertions, 25 deletions
diff --git a/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs b/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs index bd0c146..c9ef173 100644 --- a/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs +++ b/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs | |||
@@ -7053,32 +7053,89 @@ namespace OpenSim.Region.ClientStack.LindenUDP | |||
7053 | taskID = new UUID(transfer.TransferInfo.Params, 48); | 7053 | taskID = new UUID(transfer.TransferInfo.Params, 48); |
7054 | UUID itemID = new UUID(transfer.TransferInfo.Params, 64); | 7054 | UUID itemID = new UUID(transfer.TransferInfo.Params, 64); |
7055 | UUID requestID = new UUID(transfer.TransferInfo.Params, 80); | 7055 | UUID requestID = new UUID(transfer.TransferInfo.Params, 80); |
7056 | |||
7057 | // m_log.DebugFormat( | ||
7058 | // "[CLIENT]: Got request for asset {0} from item {1} in prim {2} by {3}", | ||
7059 | // requestID, itemID, taskID, Name); | ||
7060 | |||
7056 | if (!(((Scene)m_scene).Permissions.BypassPermissions())) | 7061 | if (!(((Scene)m_scene).Permissions.BypassPermissions())) |
7057 | { | 7062 | { |
7058 | if (taskID != UUID.Zero) // Prim | 7063 | if (taskID != UUID.Zero) // Prim |
7059 | { | 7064 | { |
7060 | SceneObjectPart part = ((Scene)m_scene).GetSceneObjectPart(taskID); | 7065 | SceneObjectPart part = ((Scene)m_scene).GetSceneObjectPart(taskID); |
7061 | if (part == null) | 7066 | if (part == null) |
7067 | { | ||
7068 | m_log.WarnFormat( | ||
7069 | "[CLIENT]: {0} requested asset {1} from item {2} in prim {3} but prim does not exist", | ||
7070 | Name, requestID, itemID, taskID); | ||
7062 | return true; | 7071 | return true; |
7072 | } | ||
7063 | 7073 | ||
7064 | if (part.OwnerID != AgentId) | 7074 | TaskInventoryItem tii = part.Inventory.GetInventoryItem(itemID); |
7065 | return true; | 7075 | if (tii == null) |
7066 | 7076 | { | |
7067 | if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0) | 7077 | m_log.WarnFormat( |
7068 | return true; | 7078 | "[CLIENT]: {0} requested asset {1} from item {2} in prim {3} but item does not exist", |
7069 | 7079 | Name, requestID, itemID, taskID); | |
7070 | TaskInventoryItem ti = part.Inventory.GetInventoryItem(itemID); | ||
7071 | if (ti == null) | ||
7072 | return true; | ||
7073 | |||
7074 | if (ti.OwnerID != AgentId) | ||
7075 | return true; | ||
7076 | |||
7077 | if ((ti.CurrentPermissions & ((uint)PermissionMask.Modify | (uint)PermissionMask.Copy | (uint)PermissionMask.Transfer)) != ((uint)PermissionMask.Modify | (uint)PermissionMask.Copy | (uint)PermissionMask.Transfer)) | ||
7078 | return true; | ||
7079 | |||
7080 | if (ti.AssetID != requestID) | ||
7081 | return true; | 7080 | return true; |
7081 | } | ||
7082 | |||
7083 | if (tii.Type == (int)AssetType.LSLText) | ||
7084 | { | ||
7085 | if (!((Scene)m_scene).Permissions.CanEditScript(itemID, taskID, AgentId)) | ||
7086 | return true; | ||
7087 | } | ||
7088 | else if (tii.Type == (int)AssetType.Notecard) | ||
7089 | { | ||
7090 | if (!((Scene)m_scene).Permissions.CanEditNotecard(itemID, taskID, AgentId)) | ||
7091 | return true; | ||
7092 | } | ||
7093 | else | ||
7094 | { | ||
7095 | // TODO: Change this code to allow items other than notecards and scripts to be successfully | ||
7096 | // shared with group. In fact, all this permissions checking should move to an IPermissionsModule | ||
7097 | if (part.OwnerID != AgentId) | ||
7098 | { | ||
7099 | m_log.WarnFormat( | ||
7100 | "[CLIENT]: {0} requested asset {1} from item {2} in prim {3} but the prim is owned by {4}", | ||
7101 | Name, requestID, itemID, taskID, part.OwnerID); | ||
7102 | return true; | ||
7103 | } | ||
7104 | |||
7105 | if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0) | ||
7106 | { | ||
7107 | m_log.WarnFormat( | ||
7108 | "[CLIENT]: {0} requested asset {1} from item {2} in prim {3} but modify permissions are not set", | ||
7109 | Name, requestID, itemID, taskID); | ||
7110 | return true; | ||
7111 | } | ||
7112 | |||
7113 | if (tii.OwnerID != AgentId) | ||
7114 | { | ||
7115 | m_log.WarnFormat( | ||
7116 | "[CLIENT]: {0} requested asset {1} from item {2} in prim {3} but the item is owned by {4}", | ||
7117 | Name, requestID, itemID, taskID, tii.OwnerID); | ||
7118 | return true; | ||
7119 | } | ||
7120 | |||
7121 | if (( | ||
7122 | tii.CurrentPermissions & ((uint)PermissionMask.Modify | (uint)PermissionMask.Copy | (uint)PermissionMask.Transfer)) | ||
7123 | != ((uint)PermissionMask.Modify | (uint)PermissionMask.Copy | (uint)PermissionMask.Transfer)) | ||
7124 | { | ||
7125 | m_log.WarnFormat( | ||
7126 | "[CLIENT]: {0} requested asset {1} from item {2} in prim {3} but item permissions are not modify/copy/transfer", | ||
7127 | Name, requestID, itemID, taskID); | ||
7128 | return true; | ||
7129 | } | ||
7130 | |||
7131 | if (tii.AssetID != requestID) | ||
7132 | { | ||
7133 | m_log.WarnFormat( | ||
7134 | "[CLIENT]: {0} requested asset {1} from item {2} in prim {3} but this does not match item's asset {4}", | ||
7135 | Name, requestID, itemID, taskID, tii.AssetID); | ||
7136 | return true; | ||
7137 | } | ||
7138 | } | ||
7082 | } | 7139 | } |
7083 | else // Agent | 7140 | else // Agent |
7084 | { | 7141 | { |
@@ -7114,7 +7171,12 @@ namespace OpenSim.Region.ClientStack.LindenUDP | |||
7114 | } | 7171 | } |
7115 | 7172 | ||
7116 | if (assetRequestItem.AssetID != requestID) | 7173 | if (assetRequestItem.AssetID != requestID) |
7174 | { | ||
7175 | m_log.WarnFormat( | ||
7176 | "[CLIENT]: {0} requested asset {1} from item {2} but this does not match item's asset {3}", | ||
7177 | Name, requestID, itemID, assetRequestItem.AssetID); | ||
7117 | return true; | 7178 | return true; |
7179 | } | ||
7118 | } | 7180 | } |
7119 | } | 7181 | } |
7120 | } | 7182 | } |
@@ -11310,8 +11372,7 @@ namespace OpenSim.Region.ClientStack.LindenUDP | |||
11310 | // } | 11372 | // } |
11311 | } | 11373 | } |
11312 | 11374 | ||
11313 | //check to see if asset is in local cache, if not we need to request it from asset server. | 11375 | // m_log.DebugFormat("[CLIENT]: {0} requesting asset {1}", Name, requestID); |
11314 | //m_log.Debug("asset request " + requestID); | ||
11315 | 11376 | ||
11316 | m_assetService.Get(requestID.ToString(), transferRequest, AssetReceived); | 11377 | m_assetService.Get(requestID.ToString(), transferRequest, AssetReceived); |
11317 | 11378 | ||
diff --git a/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs b/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs index db900df..a972ca6 100644 --- a/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs +++ b/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs | |||
@@ -1063,7 +1063,9 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1063 | 1063 | ||
1064 | if ((part.GroupMask & (uint)PermissionMask.Modify) == 0) | 1064 | if ((part.GroupMask & (uint)PermissionMask.Modify) == 0) |
1065 | return false; | 1065 | return false; |
1066 | } else { | 1066 | } |
1067 | else | ||
1068 | { | ||
1067 | if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0) | 1069 | if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0) |
1068 | return false; | 1070 | return false; |
1069 | } | 1071 | } |
@@ -1079,7 +1081,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1079 | return false; | 1081 | return false; |
1080 | 1082 | ||
1081 | if (!IsGroupMember(ti.GroupID, user, 0)) | 1083 | if (!IsGroupMember(ti.GroupID, user, 0)) |
1082 | return false; | 1084 | return false; |
1083 | } | 1085 | } |
1084 | 1086 | ||
1085 | // Require full perms | 1087 | // Require full perms |
@@ -1483,14 +1485,16 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1483 | if (part.OwnerID != user) | 1485 | if (part.OwnerID != user) |
1484 | { | 1486 | { |
1485 | if (part.GroupID == UUID.Zero) | 1487 | if (part.GroupID == UUID.Zero) |
1486 | return false; | 1488 | return false; |
1487 | 1489 | ||
1488 | if (!IsGroupMember(part.GroupID, user, 0)) | 1490 | if (!IsGroupMember(part.GroupID, user, 0)) |
1489 | return false; | 1491 | return false; |
1490 | 1492 | ||
1491 | if ((part.GroupMask & (uint)PermissionMask.Modify) == 0) | 1493 | if ((part.GroupMask & (uint)PermissionMask.Modify) == 0) |
1492 | return false; | 1494 | return false; |
1493 | } else { | 1495 | } |
1496 | else | ||
1497 | { | ||
1494 | if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0) | 1498 | if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0) |
1495 | return false; | 1499 | return false; |
1496 | } | 1500 | } |
@@ -1806,7 +1810,8 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1806 | // Is it correct to be less restrictive for lists of objects to be returned? | 1810 | // Is it correct to be less restrictive for lists of objects to be returned? |
1807 | } | 1811 | } |
1808 | 1812 | ||
1809 | private bool CanCompileScript(UUID ownerUUID, int scriptType, Scene scene) { | 1813 | private bool CanCompileScript(UUID ownerUUID, int scriptType, Scene scene) |
1814 | { | ||
1810 | //m_log.DebugFormat("check if {0} is allowed to compile {1}", ownerUUID, scriptType); | 1815 | //m_log.DebugFormat("check if {0} is allowed to compile {1}", ownerUUID, scriptType); |
1811 | switch (scriptType) { | 1816 | switch (scriptType) { |
1812 | case 0: | 1817 | case 0: |
@@ -1840,4 +1845,4 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1840 | return(false); | 1845 | return(false); |
1841 | } | 1846 | } |
1842 | } | 1847 | } |
1843 | } | 1848 | } \ No newline at end of file |