aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/OpenSim/Region/Environment/PermissionManager.cs
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--OpenSim/Region/Environment/PermissionManager.cs610
1 files changed, 305 insertions, 305 deletions
diff --git a/OpenSim/Region/Environment/PermissionManager.cs b/OpenSim/Region/Environment/PermissionManager.cs
index 110a130..cb455f4 100644
--- a/OpenSim/Region/Environment/PermissionManager.cs
+++ b/OpenSim/Region/Environment/PermissionManager.cs
@@ -1,305 +1,305 @@
1using System.Collections.Generic; 1using System.Collections.Generic;
2using OpenSim.Framework; 2using OpenSim.Framework;
3using OpenSim.Framework.Types; 3using OpenSim.Framework.Types;
4using OpenSim.Framework.Communications; 4using OpenSim.Framework.Communications;
5using OpenSim.Framework.Servers; 5using OpenSim.Framework.Servers;
6using OpenSim.Region.Capabilities; 6using OpenSim.Region.Capabilities;
7using OpenSim.Region.Environment.Scenes; 7using OpenSim.Region.Environment.Scenes;
8using OpenSim.Region.Environment.LandManagement; 8using OpenSim.Region.Environment.LandManagement;
9 9
10using libsecondlife; 10using libsecondlife;
11 11
12namespace OpenSim.Region.Environment 12namespace OpenSim.Region.Environment
13{ 13{
14 public class PermissionManager 14 public class PermissionManager
15 { 15 {
16 protected Scene m_scene; 16 protected Scene m_scene;
17 17
18 // Bypasses the permissions engine (always returns OK) 18 // Bypasses the permissions engine (always returns OK)
19 // disable in any production environment 19 // disable in any production environment
20 // TODO: Change this to false when permissions are a desired default 20 // TODO: Change this to false when permissions are a desired default
21 // TODO: Move to configuration option. 21 // TODO: Move to configuration option.
22 private bool m_bypassPermissions = true; 22 private bool m_bypassPermissions = true;
23 public bool BypassPermissions 23 public bool BypassPermissions
24 { 24 {
25 get { return m_bypassPermissions; } 25 get { return m_bypassPermissions; }
26 set { m_bypassPermissions = value; } 26 set { m_bypassPermissions = value; }
27 } 27 }
28 28
29 29
30 public PermissionManager(Scene scene) 30 public PermissionManager(Scene scene)
31 { 31 {
32 m_scene = scene; 32 m_scene = scene;
33 } 33 }
34 34
35 protected virtual void SendPermissionError(LLUUID user, string reason) 35 protected virtual void SendPermissionError(LLUUID user, string reason)
36 { 36 {
37 m_scene.EventManager.TriggerPermissionError(user, reason); 37 m_scene.EventManager.TriggerPermissionError(user, reason);
38 } 38 }
39 39
40 protected virtual bool IsAdministrator(LLUUID user) 40 protected virtual bool IsAdministrator(LLUUID user)
41 { 41 {
42 if (m_bypassPermissions) 42 if (m_bypassPermissions)
43 { 43 {
44 return true; 44 return true;
45 } 45 }
46 46
47 return m_scene.RegionInfo.MasterAvatarAssignedUUID == user; 47 return m_scene.RegionInfo.MasterAvatarAssignedUUID == user;
48 } 48 }
49 49
50 protected virtual bool IsEstateManager(LLUUID user) 50 protected virtual bool IsEstateManager(LLUUID user)
51 { 51 {
52 if (m_bypassPermissions) 52 if (m_bypassPermissions)
53 { 53 {
54 return true; 54 return true;
55 } 55 }
56 56
57 return false; 57 return false;
58 } 58 }
59 59
60 protected virtual bool IsGridUser(LLUUID user) 60 protected virtual bool IsGridUser(LLUUID user)
61 { 61 {
62 return true; 62 return true;
63 } 63 }
64 64
65 protected virtual bool IsGuest(LLUUID user) 65 protected virtual bool IsGuest(LLUUID user)
66 { 66 {
67 return false; 67 return false;
68 } 68 }
69 69
70 public virtual bool CanRezObject(LLUUID user, LLVector3 position) 70 public virtual bool CanRezObject(LLUUID user, LLVector3 position)
71 { 71 {
72 bool permission = false; 72 bool permission = false;
73 73
74 string reason = "Insufficient permission"; 74 string reason = "Insufficient permission";
75 75
76 if (IsAdministrator(user)) 76 if (IsAdministrator(user))
77 { 77 {
78 permission = true; 78 permission = true;
79 } 79 }
80 else 80 else
81 { 81 {
82 reason = "Not an administrator"; 82 reason = "Not an administrator";
83 } 83 }
84 84
85 if (GenericParcelPermission(user, position)) 85 if (GenericParcelPermission(user, position))
86 { 86 {
87 permission = true; 87 permission = true;
88 } 88 }
89 else 89 else
90 { 90 {
91 reason = "Not the parcel owner"; 91 reason = "Not the parcel owner";
92 } 92 }
93 93
94 if (!permission) 94 if (!permission)
95 SendPermissionError(user, reason); 95 SendPermissionError(user, reason);
96 96
97 return permission; 97 return permission;
98 } 98 }
99 99
100 #region Object Permissions 100 #region Object Permissions
101 101
102 protected virtual bool GenericObjectPermission(LLUUID user, LLUUID objId) 102 protected virtual bool GenericObjectPermission(LLUUID user, LLUUID objId)
103 { 103 {
104 // Default: deny 104 // Default: deny
105 bool permission = false; 105 bool permission = false;
106 106
107 if( !m_scene.Entities.ContainsKey( objId )) 107 if( !m_scene.Entities.ContainsKey( objId ))
108 { 108 {
109 return false; 109 return false;
110 } 110 }
111 111
112 // If it's not an object, we cant edit it. 112 // If it's not an object, we cant edit it.
113 if (!(m_scene.Entities[objId] is SceneObjectGroup)) 113 if (!(m_scene.Entities[objId] is SceneObjectGroup))
114 { 114 {
115 return false; 115 return false;
116 } 116 }
117 117
118 SceneObjectGroup task = (SceneObjectGroup)m_scene.Entities[objId]; 118 SceneObjectGroup task = (SceneObjectGroup)m_scene.Entities[objId];
119 LLUUID taskOwner = null; 119 LLUUID taskOwner = null;
120 120
121 // Object owners should be able to edit their own content 121 // Object owners should be able to edit their own content
122 if (user == taskOwner) 122 if (user == taskOwner)
123 permission = true; 123 permission = true;
124 124
125 // Users should be able to edit what is over their land. 125 // Users should be able to edit what is over their land.
126 if (m_scene.LandManager.getLandObject(task.AbsolutePosition.X, task.AbsolutePosition.Y).landData.ownerID == user) 126 if (m_scene.LandManager.getLandObject(task.AbsolutePosition.X, task.AbsolutePosition.Y).landData.ownerID == user)
127 permission = true; 127 permission = true;
128 128
129 // Estate users should be able to edit anything in the sim 129 // Estate users should be able to edit anything in the sim
130 if (IsEstateManager(user)) 130 if (IsEstateManager(user))
131 permission = true; 131 permission = true;
132 132
133 // Admin objects should not be editable by the above 133 // Admin objects should not be editable by the above
134 if (IsAdministrator(taskOwner)) 134 if (IsAdministrator(taskOwner))
135 permission = false; 135 permission = false;
136 136
137 // Admin should be able to edit anything in the sim (including admin objects) 137 // Admin should be able to edit anything in the sim (including admin objects)
138 if (IsAdministrator(user)) 138 if (IsAdministrator(user))
139 permission = true; 139 permission = true;
140 140
141 return permission; 141 return permission;
142 } 142 }
143 143
144 /// <summary> 144 /// <summary>
145 /// Permissions check - can user delete an object? 145 /// Permissions check - can user delete an object?
146 /// </summary> 146 /// </summary>
147 /// <param name="user">User attempting the delete</param> 147 /// <param name="user">User attempting the delete</param>
148 /// <param name="obj">Target object</param> 148 /// <param name="obj">Target object</param>
149 /// <returns>Has permission?</returns> 149 /// <returns>Has permission?</returns>
150 public virtual bool CanDeRezObject(LLUUID user, LLUUID obj) 150 public virtual bool CanDeRezObject(LLUUID user, LLUUID obj)
151 { 151 {
152 return GenericObjectPermission(user, obj); 152 return GenericObjectPermission(user, obj);
153 } 153 }
154 154
155 public virtual bool CanEditObject(LLUUID user, LLUUID obj) 155 public virtual bool CanEditObject(LLUUID user, LLUUID obj)
156 { 156 {
157 return GenericObjectPermission(user, obj); 157 return GenericObjectPermission(user, obj);
158 } 158 }
159 159
160 public virtual bool CanReturnObject(LLUUID user, LLUUID obj) 160 public virtual bool CanReturnObject(LLUUID user, LLUUID obj)
161 { 161 {
162 return GenericObjectPermission(user, obj); 162 return GenericObjectPermission(user, obj);
163 } 163 }
164 164
165 #endregion 165 #endregion
166 166
167 #region Communication Permissions 167 #region Communication Permissions
168 168
169 public virtual bool GenericCommunicationPermission(LLUUID user, LLUUID target) 169 public virtual bool GenericCommunicationPermission(LLUUID user, LLUUID target)
170 { 170 {
171 bool permission = false; 171 bool permission = false;
172 string reason = "Only registered users may communicate with another account."; 172 string reason = "Only registered users may communicate with another account.";
173 173
174 if (IsGridUser(user)) 174 if (IsGridUser(user))
175 permission = true; 175 permission = true;
176 176
177 if (!IsGridUser(user)) 177 if (!IsGridUser(user))
178 { 178 {
179 permission = false; 179 permission = false;
180 reason = "The person that you are messaging is not a registered user."; 180 reason = "The person that you are messaging is not a registered user.";
181 } 181 }
182 if (IsAdministrator(user)) 182 if (IsAdministrator(user))
183 permission = true; 183 permission = true;
184 184
185 if (IsEstateManager(user)) 185 if (IsEstateManager(user))
186 permission = true; 186 permission = true;
187 187
188 if (!permission) 188 if (!permission)
189 SendPermissionError(user, reason); 189 SendPermissionError(user, reason);
190 190
191 return permission; 191 return permission;
192 } 192 }
193 193
194 public virtual bool CanInstantMessage(LLUUID user, LLUUID target) 194 public virtual bool CanInstantMessage(LLUUID user, LLUUID target)
195 { 195 {
196 return GenericCommunicationPermission(user, target); 196 return GenericCommunicationPermission(user, target);
197 } 197 }
198 198
199 public virtual bool CanInventoryTransfer(LLUUID user, LLUUID target) 199 public virtual bool CanInventoryTransfer(LLUUID user, LLUUID target)
200 { 200 {
201 return GenericCommunicationPermission(user, target); 201 return GenericCommunicationPermission(user, target);
202 } 202 }
203 203
204 #endregion 204 #endregion
205 205
206 public virtual bool CanEditScript(LLUUID user, LLUUID script) 206 public virtual bool CanEditScript(LLUUID user, LLUUID script)
207 { 207 {
208 return IsAdministrator(user); 208 return IsAdministrator(user);
209 } 209 }
210 210
211 public virtual bool CanRunScript(LLUUID user, LLUUID script) 211 public virtual bool CanRunScript(LLUUID user, LLUUID script)
212 { 212 {
213 return IsAdministrator(user); 213 return IsAdministrator(user);
214 } 214 }
215 215
216 public virtual bool CanTerraform(LLUUID user, LLVector3 position) 216 public virtual bool CanTerraform(LLUUID user, LLVector3 position)
217 { 217 {
218 bool permission = false; 218 bool permission = false;
219 219
220 // Estate override 220 // Estate override
221 if (GenericEstatePermission(user)) 221 if (GenericEstatePermission(user))
222 permission = true; 222 permission = true;
223 223
224 // Land owner can terraform too 224 // Land owner can terraform too
225 if (GenericParcelPermission(user, m_scene.LandManager.getLandObject(position.X, position.Y))) 225 if (GenericParcelPermission(user, m_scene.LandManager.getLandObject(position.X, position.Y)))
226 permission = true; 226 permission = true;
227 227
228 if (!permission) 228 if (!permission)
229 SendPermissionError(user, "Not authorized to terraform at this location."); 229 SendPermissionError(user, "Not authorized to terraform at this location.");
230 230
231 return permission; 231 return permission;
232 } 232 }
233 233
234 #region Estate Permissions 234 #region Estate Permissions
235 235
236 protected virtual bool GenericEstatePermission(LLUUID user) 236 protected virtual bool GenericEstatePermission(LLUUID user)
237 { 237 {
238 // Default: deny 238 // Default: deny
239 bool permission = false; 239 bool permission = false;
240 240
241 // Estate admins should be able to use estate tools 241 // Estate admins should be able to use estate tools
242 if (IsEstateManager(user)) 242 if (IsEstateManager(user))
243 permission = true; 243 permission = true;
244 244
245 // Administrators always have permission 245 // Administrators always have permission
246 if (IsAdministrator(user)) 246 if (IsAdministrator(user))
247 permission = true; 247 permission = true;
248 248
249 return permission; 249 return permission;
250 } 250 }
251 251
252 public virtual bool CanEditEstateTerrain(LLUUID user) 252 public virtual bool CanEditEstateTerrain(LLUUID user)
253 { 253 {
254 return GenericEstatePermission(user); 254 return GenericEstatePermission(user);
255 } 255 }
256 256
257 #endregion 257 #endregion
258 258
259 #region Parcel Permissions 259 #region Parcel Permissions
260 260
261 protected virtual bool GenericParcelPermission(LLUUID user, Land parcel) 261 protected virtual bool GenericParcelPermission(LLUUID user, Land parcel)
262 { 262 {
263 bool permission = false; 263 bool permission = false;
264 264
265 if (parcel.landData.ownerID == user) 265 if (parcel.landData.ownerID == user)
266 permission = true; 266 permission = true;
267 267
268 if (parcel.landData.isGroupOwned) 268 if (parcel.landData.isGroupOwned)
269 { 269 {
270 // TODO: Need to do some extra checks here. Requires group code. 270 // TODO: Need to do some extra checks here. Requires group code.
271 } 271 }
272 272
273 if(IsEstateManager(user)) 273 if(IsEstateManager(user))
274 permission = true; 274 permission = true;
275 275
276 if (IsAdministrator(user)) 276 if (IsAdministrator(user))
277 permission = true; 277 permission = true;
278 278
279 return permission; 279 return permission;
280 } 280 }
281 281
282 protected virtual bool GenericParcelPermission(LLUUID user, LLVector3 pos) 282 protected virtual bool GenericParcelPermission(LLUUID user, LLVector3 pos)
283 { 283 {
284 return GenericParcelPermission(user, m_scene.LandManager.getLandObject(pos.X, pos.Y)); 284 return GenericParcelPermission(user, m_scene.LandManager.getLandObject(pos.X, pos.Y));
285 } 285 }
286 286
287 public virtual bool CanEditParcel(LLUUID user, Land parcel) 287 public virtual bool CanEditParcel(LLUUID user, Land parcel)
288 { 288 {
289 return GenericParcelPermission(user, parcel); 289 return GenericParcelPermission(user, parcel);
290 } 290 }
291 291
292 public virtual bool CanSellParcel(LLUUID user, Land parcel) 292 public virtual bool CanSellParcel(LLUUID user, Land parcel)
293 { 293 {
294 return GenericParcelPermission(user, parcel); 294 return GenericParcelPermission(user, parcel);
295 } 295 }
296 296
297 public virtual bool CanAbandonParcel(LLUUID user, Land parcel) 297 public virtual bool CanAbandonParcel(LLUUID user, Land parcel)
298 { 298 {
299 return GenericParcelPermission(user, parcel); 299 return GenericParcelPermission(user, parcel);
300 } 300 }
301 301
302 #endregion 302 #endregion
303 303
304 } 304 }
305} 305}