aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/OpenSim/Region
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--OpenSim/Region/Environment/Modules/World/Permissions/PermissionsModule.cs1012
1 files changed, 506 insertions, 506 deletions
diff --git a/OpenSim/Region/Environment/Modules/World/Permissions/PermissionsModule.cs b/OpenSim/Region/Environment/Modules/World/Permissions/PermissionsModule.cs
index 0585213..5d48cbd 100644
--- a/OpenSim/Region/Environment/Modules/World/Permissions/PermissionsModule.cs
+++ b/OpenSim/Region/Environment/Modules/World/Permissions/PermissionsModule.cs
@@ -552,683 +552,683 @@ namespace OpenSim.Region.Environment.Modules.World.Permissions
552#endregion 552#endregion
553 553
554 #region Permission Checks 554 #region Permission Checks
555 private bool CanAbandonParcel(UUID user, ILandObject parcel, Scene scene) 555 private bool CanAbandonParcel(UUID user, ILandObject parcel, Scene scene)
556 { 556 {
557 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); 557 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
558 if (m_bypassPermissions) return m_bypassPermissionsValue; 558 if (m_bypassPermissions) return m_bypassPermissionsValue;
559
560 return GenericParcelPermission(user, parcel);
561 }
562 559
563 private bool CanReclaimParcel(UUID user, ILandObject parcel, Scene scene) 560 return GenericParcelPermission(user, parcel);
564 { 561 }
565 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
566 if (m_bypassPermissions) return m_bypassPermissionsValue;
567 562
568 return GenericParcelPermission(user, parcel); 563 private bool CanReclaimParcel(UUID user, ILandObject parcel, Scene scene)
569 } 564 {
565 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
566 if (m_bypassPermissions) return m_bypassPermissionsValue;
570 567
571 private bool CanBeGodLike(UUID user, Scene scene) 568 return GenericParcelPermission(user, parcel);
572 { 569 }
573 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
574 if (m_bypassPermissions) return m_bypassPermissionsValue;
575 570
576 return IsAdministrator(user); 571 private bool CanBeGodLike(UUID user, Scene scene)
577 } 572 {
573 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
574 if (m_bypassPermissions) return m_bypassPermissionsValue;
578 575
579 private bool CanDuplicateObject(int objectCount, UUID objectID, UUID owner, Scene scene, Vector3 objectPosition) 576 return IsAdministrator(user);
580 { 577 }
581 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
582 if (m_bypassPermissions) return m_bypassPermissionsValue;
583 578
584 if (!GenericObjectPermission(owner, objectID, true)) 579 private bool CanDuplicateObject(int objectCount, UUID objectID, UUID owner, Scene scene, Vector3 objectPosition)
585 { 580 {
586 //They can't even edit the object 581 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
587 return false; 582 if (m_bypassPermissions) return m_bypassPermissionsValue;
588 }
589 //If they can rez, they can duplicate
590 return CanRezObject(objectCount, owner, objectPosition, scene);
591 }
592 583
593 private bool CanDeleteObject(UUID objectID, UUID deleter, Scene scene) 584 if (!GenericObjectPermission(owner, objectID, true))
594 { 585 {
595 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); 586 //They can't even edit the object
596 if (m_bypassPermissions) return m_bypassPermissionsValue; 587 return false;
597
598 return GenericObjectPermission(deleter, objectID, false);
599 } 588 }
589 //If they can rez, they can duplicate
590 return CanRezObject(objectCount, owner, objectPosition, scene);
591 }
600 592
601 private bool CanEditObject(UUID objectID, UUID editorID, Scene scene) 593 private bool CanDeleteObject(UUID objectID, UUID deleter, Scene scene)
602 { 594 {
603 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); 595 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
604 if (m_bypassPermissions) return m_bypassPermissionsValue; 596 if (m_bypassPermissions) return m_bypassPermissionsValue;
605
606 597
607 return GenericObjectPermission(editorID, objectID, false); 598 return GenericObjectPermission(deleter, objectID, false);
608 } 599 }
609 600
610 private bool CanEditObjectInventory(UUID objectID, UUID editorID, Scene scene) 601 private bool CanEditObject(UUID objectID, UUID editorID, Scene scene)
611 { 602 {
612 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); 603 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
613 if (m_bypassPermissions) return m_bypassPermissionsValue; 604 if (m_bypassPermissions) return m_bypassPermissionsValue;
614 605
615 SceneObjectPart part = m_scene.GetSceneObjectPart(objectID);
616 606
617 // TODO: add group support! 607 return GenericObjectPermission(editorID, objectID, false);
618 // 608 }
619 if (part.OwnerID != editorID)
620 return false;
621
622 return GenericObjectPermission(editorID, objectID, false);
623 }
624 609
625 private bool CanEditParcel(UUID user, ILandObject parcel, Scene scene) 610 private bool CanEditObjectInventory(UUID objectID, UUID editorID, Scene scene)
626 { 611 {
627 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); 612 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
628 if (m_bypassPermissions) return m_bypassPermissionsValue; 613 if (m_bypassPermissions) return m_bypassPermissionsValue;
629 614
630 return GenericParcelPermission(user, parcel); 615 SceneObjectPart part = m_scene.GetSceneObjectPart(objectID);
631 }
632 616
633 private bool CanEditScript(UUID script, UUID objectID, UUID user, Scene scene) 617 // TODO: add group support!
634 { 618 //
635 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); 619 if (part.OwnerID != editorID)
636 if (m_bypassPermissions) return m_bypassPermissionsValue; 620 return false;
637 621
638 // If you can view it, you can edit it 622 return GenericObjectPermission(editorID, objectID, false);
639 // There is no viewing a no mod script 623 }
640 //
641 return CanViewScript(script, objectID, user, scene);
642 }
643 624
644 private bool CanEditNotecard(UUID notecard, UUID objectID, UUID user, Scene scene) 625 private bool CanEditParcel(UUID user, ILandObject parcel, Scene scene)
645 { 626 {
646 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); 627 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
647 if (m_bypassPermissions) return m_bypassPermissionsValue; 628 if (m_bypassPermissions) return m_bypassPermissionsValue;
648 629
649 if (objectID == UUID.Zero) // User inventory 630 return GenericParcelPermission(user, parcel);
650 { 631 }
651 CachedUserInfo userInfo =
652 scene.CommsManager.UserProfileCacheService.GetUserDetails(user);
653
654 if (userInfo == null)
655 {
656 m_log.ErrorFormat("[PERMISSIONS]: Could not find user {0} for edit notecard check", user);
657 return false;
658 }
659
660 632
661 if (userInfo.RootFolder == null) 633 private bool CanEditScript(UUID script, UUID objectID, UUID user, Scene scene)
662 return false; 634 {
635 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
636 if (m_bypassPermissions) return m_bypassPermissionsValue;
663 637
664 InventoryItemBase assetRequestItem = userInfo.RootFolder.FindItem(notecard); 638 // If you can view it, you can edit it
665 if (assetRequestItem == null) // Library item 639 // There is no viewing a no mod script
666 { 640 //
667 assetRequestItem = scene.CommsManager.UserProfileCacheService.LibraryRoot.FindItem(notecard); 641 return CanViewScript(script, objectID, user, scene);
642 }
668 643
669 if (assetRequestItem != null) // Implicitly readable 644 private bool CanEditNotecard(UUID notecard, UUID objectID, UUID user, Scene scene)
670 return true; 645 {
671 } 646 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
647 if (m_bypassPermissions) return m_bypassPermissionsValue;
672 648
673 // Notecards must be both mod and copy to be saveable 649 if (objectID == UUID.Zero) // User inventory
674 // This is because of they're not copy, you can't read 650 {
675 // them, and if they're not mod, well, then they're 651 CachedUserInfo userInfo =
676 // not mod. Duh. 652 scene.CommsManager.UserProfileCacheService.GetUserDetails(user);
677 // 653
678 if ((assetRequestItem.CurrentPermissions & 654 if (userInfo == null)
679 ((uint)PermissionMask.Modify |
680 (uint)PermissionMask.Copy)) !=
681 ((uint)PermissionMask.Modify |
682 (uint)PermissionMask.Copy))
683 return false;
684 }
685 else // Prim inventory
686 { 655 {
687 SceneObjectPart part = scene.GetSceneObjectPart(objectID); 656 m_log.ErrorFormat("[PERMISSIONS]: Could not find user {0} for edit notecard check", user);
688 657 return false;
689 if (part == null) 658 }
690 return false; 659
691
692 if (part.OwnerID != user)
693 return false;
694
695 if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0)
696 return false;
697
698 TaskInventoryItem ti = part.GetInventoryItem(notecard);
699 660
700 if (ti == null) 661 if (userInfo.RootFolder == null)
701 return false; 662 return false;
702 663
703 if (ti.OwnerID != user) 664 InventoryItemBase assetRequestItem = userInfo.RootFolder.FindItem(notecard);
704 return false; 665 if (assetRequestItem == null) // Library item
666 {
667 assetRequestItem = scene.CommsManager.UserProfileCacheService.LibraryRoot.FindItem(notecard);
705 668
706 // Require full perms 669 if (assetRequestItem != null) // Implicitly readable
707 if ((ti.CurrentPermissions & 670 return true;
708 ((uint)PermissionMask.Modify |
709 (uint)PermissionMask.Copy)) !=
710 ((uint)PermissionMask.Modify |
711 (uint)PermissionMask.Copy))
712 return false;
713 } 671 }
714 672
715 return true; 673 // Notecards must be both mod and copy to be saveable
674 // This is because of they're not copy, you can't read
675 // them, and if they're not mod, well, then they're
676 // not mod. Duh.
677 //
678 if ((assetRequestItem.CurrentPermissions &
679 ((uint)PermissionMask.Modify |
680 (uint)PermissionMask.Copy)) !=
681 ((uint)PermissionMask.Modify |
682 (uint)PermissionMask.Copy))
683 return false;
716 } 684 }
717 685 else // Prim inventory
718 private bool CanInstantMessage(UUID user, UUID target, Scene startScene)
719 { 686 {
720 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); 687 SceneObjectPart part = scene.GetSceneObjectPart(objectID);
721 if (m_bypassPermissions) return m_bypassPermissionsValue;
722
723 688
724 return GenericCommunicationPermission(user, target); 689 if (part == null)
725 } 690 return false;
726
727 private bool CanInventoryTransfer(UUID user, UUID target, Scene startScene)
728 {
729 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
730 if (m_bypassPermissions) return m_bypassPermissionsValue;
731 691
732 return GenericCommunicationPermission(user, target); 692 if (part.OwnerID != user)
733 } 693 return false;
734 694
735 private bool CanIssueEstateCommand(UUID user, Scene requestFromScene, bool ownerCommand) 695 if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0)
736 { 696 return false;
737 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
738 if (m_bypassPermissions) return m_bypassPermissionsValue;
739 697
740 if (IsAdministrator(user)) 698 TaskInventoryItem ti = part.GetInventoryItem(notecard);
741 return true;
742 699
743 if (m_scene.RegionInfo.EstateSettings.IsEstateOwner(user)) 700 if (ti == null)
744 return true; 701 return false;
745 702
746 if (ownerCommand) 703 if (ti.OwnerID != user)
747 return false; 704 return false;
748 705
749 return GenericEstatePermission(user); 706 // Require full perms
707 if ((ti.CurrentPermissions &
708 ((uint)PermissionMask.Modify |
709 (uint)PermissionMask.Copy)) !=
710 ((uint)PermissionMask.Modify |
711 (uint)PermissionMask.Copy))
712 return false;
750 } 713 }
751 714
752 private bool CanMoveObject(UUID objectID, UUID moverID, Scene scene) 715 return true;
753 { 716 }
754 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
755 if (m_bypassPermissions)
756 {
757 SceneObjectPart part = scene.GetSceneObjectPart(objectID);
758 if (part.OwnerID != moverID)
759 {
760 if (part.ParentGroup != null && !part.ParentGroup.IsDeleted)
761 {
762 if (part.ParentGroup.IsAttachment)
763 return false;
764 }
765 }
766 return m_bypassPermissionsValue;
767 }
768 717
769 bool permission = GenericObjectPermission(moverID, objectID, true); 718 private bool CanInstantMessage(UUID user, UUID target, Scene startScene)
770 if (!permission) 719 {
771 { 720 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
772 if (!m_scene.Entities.ContainsKey(objectID)) 721 if (m_bypassPermissions) return m_bypassPermissionsValue;
773 {
774 return false;
775 }
776 722
777 // The client
778 // may request to edit linked parts, and therefore, it needs
779 // to also check for SceneObjectPart
780 723
781 // If it's not an object, we cant edit it. 724 return GenericCommunicationPermission(user, target);
782 if ((!(m_scene.Entities[objectID] is SceneObjectGroup))) 725 }
783 {
784 return false;
785 }
786 726
727 private bool CanInventoryTransfer(UUID user, UUID target, Scene startScene)
728 {
729 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
730 if (m_bypassPermissions) return m_bypassPermissionsValue;
787 731
788 SceneObjectGroup task = (SceneObjectGroup)m_scene.Entities[objectID]; 732 return GenericCommunicationPermission(user, target);
733 }
789 734
735 private bool CanIssueEstateCommand(UUID user, Scene requestFromScene, bool ownerCommand)
736 {
737 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
738 if (m_bypassPermissions) return m_bypassPermissionsValue;
790 739
791 // UUID taskOwner = null; 740 if (IsAdministrator(user))
792 // Added this because at this point in time it wouldn't be wise for 741 return true;
793 // the administrator object permissions to take effect.
794 // UUID objectOwner = task.OwnerID;
795 742
796 // Anyone can move 743 if (m_scene.RegionInfo.EstateSettings.IsEstateOwner(user))
797 if ((task.RootPart.EveryoneMask & PERM_MOVE) != 0) 744 return true;
798 permission = true;
799 745
800 // Locked 746 if (ownerCommand)
801 if ((task.RootPart.OwnerMask & PERM_LOCKED) == 0) 747 return false;
802 permission = false;
803 748
804 } 749 return GenericEstatePermission(user);
805 else 750 }
806 {
807 bool locked = false;
808 if (!m_scene.Entities.ContainsKey(objectID))
809 {
810 return false;
811 }
812 751
813 // If it's not an object, we cant edit it. 752 private bool CanMoveObject(UUID objectID, UUID moverID, Scene scene)
814 if ((!(m_scene.Entities[objectID] is SceneObjectGroup))) 753 {
754 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
755 if (m_bypassPermissions)
756 {
757 SceneObjectPart part = scene.GetSceneObjectPart(objectID);
758 if (part.OwnerID != moverID)
759 {
760 if (part.ParentGroup != null && !part.ParentGroup.IsDeleted)
815 { 761 {
816 return false; 762 if (part.ParentGroup.IsAttachment)
763 return false;
817 } 764 }
818
819
820 SceneObjectGroup group = (SceneObjectGroup)m_scene.Entities[objectID];
821
822 UUID objectOwner = group.OwnerID;
823 locked = ((group.RootPart.OwnerMask & PERM_LOCKED) == 0);
824
825
826 // This is an exception to the generic object permission.
827 // Administrators who lock their objects should not be able to move them,
828 // however generic object permission should return true.
829 // This keeps locked objects from being affected by random click + drag actions by accident
830 // and allows the administrator to grab or delete a locked object.
831
832 // Administrators and estate managers are still able to click+grab locked objects not
833 // owned by them in the scene
834 // This is by design.
835
836 if (locked && (moverID == objectOwner))
837 return false;
838 } 765 }
839 return permission; 766 return m_bypassPermissionsValue;
840 } 767 }
841 768
842 private bool CanObjectEntry(UUID objectID, Vector3 newPoint, Scene scene) 769 bool permission = GenericObjectPermission(moverID, objectID, true);
770 if (!permission)
843 { 771 {
844 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); 772 if (!m_scene.Entities.ContainsKey(objectID))
845 if (m_bypassPermissions) return m_bypassPermissionsValue;
846
847 if ((newPoint.X > 257f || newPoint.X < -1f || newPoint.Y > 257f || newPoint.Y < -1f))
848 { 773 {
849 return true; 774 return false;
850 } 775 }
851 776
852 ILandObject land = m_scene.LandChannel.GetLandObject(newPoint.X, newPoint.Y); 777 // The client
778 // may request to edit linked parts, and therefore, it needs
779 // to also check for SceneObjectPart
853 780
854 if (land == null) 781 // If it's not an object, we cant edit it.
782 if ((!(m_scene.Entities[objectID] is SceneObjectGroup)))
855 { 783 {
856 return false; 784 return false;
857 } 785 }
858 786
859 if ((land.landData.Flags & ((int)Parcel.ParcelFlags.AllowAPrimitiveEntry)) != 0)
860 {
861 return true;
862 }
863 787
864 //TODO: check for group rights 788 SceneObjectGroup task = (SceneObjectGroup)m_scene.Entities[objectID];
789
790
791 // UUID taskOwner = null;
792 // Added this because at this point in time it wouldn't be wise for
793 // the administrator object permissions to take effect.
794 // UUID objectOwner = task.OwnerID;
865 795
796 // Anyone can move
797 if ((task.RootPart.EveryoneMask & PERM_MOVE) != 0)
798 permission = true;
799
800 // Locked
801 if ((task.RootPart.OwnerMask & PERM_LOCKED) == 0)
802 permission = false;
803
804 }
805 else
806 {
807 bool locked = false;
866 if (!m_scene.Entities.ContainsKey(objectID)) 808 if (!m_scene.Entities.ContainsKey(objectID))
867 { 809 {
868 return false; 810 return false;
869 } 811 }
870 812
871 // If it's not an object, we cant edit it. 813 // If it's not an object, we cant edit it.
872 if (!(m_scene.Entities[objectID] is SceneObjectGroup)) 814 if ((!(m_scene.Entities[objectID] is SceneObjectGroup)))
873 { 815 {
874 return false; 816 return false;
875 } 817 }
876 818
877 SceneObjectGroup task = (SceneObjectGroup)m_scene.Entities[objectID];
878 819
879 if (GenericParcelPermission(task.OwnerID, newPoint)) 820 SceneObjectGroup group = (SceneObjectGroup)m_scene.Entities[objectID];
880 { 821
881 return true; 822 UUID objectOwner = group.OwnerID;
882 } 823 locked = ((group.RootPart.OwnerMask & PERM_LOCKED) == 0);
824
825
826 // This is an exception to the generic object permission.
827 // Administrators who lock their objects should not be able to move them,
828 // however generic object permission should return true.
829 // This keeps locked objects from being affected by random click + drag actions by accident
830 // and allows the administrator to grab or delete a locked object.
831
832 // Administrators and estate managers are still able to click+grab locked objects not
833 // owned by them in the scene
834 // This is by design.
883 835
884 //Otherwise, false! 836 if (locked && (moverID == objectOwner))
837 return false;
838 }
839 return permission;
840 }
841
842 private bool CanObjectEntry(UUID objectID, Vector3 newPoint, Scene scene)
843 {
844 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
845 if (m_bypassPermissions) return m_bypassPermissionsValue;
846
847 if ((newPoint.X > 257f || newPoint.X < -1f || newPoint.Y > 257f || newPoint.Y < -1f))
848 {
849 return true;
850 }
851
852 ILandObject land = m_scene.LandChannel.GetLandObject(newPoint.X, newPoint.Y);
853
854 if (land == null)
855 {
885 return false; 856 return false;
886 } 857 }
887 858
888 private bool CanReturnObject(UUID objectID, UUID returnerID, Scene scene) 859 if ((land.landData.Flags & ((int)Parcel.ParcelFlags.AllowAPrimitiveEntry)) != 0)
889 { 860 {
890 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); 861 return true;
891 if (m_bypassPermissions) return m_bypassPermissionsValue; 862 }
863
864 //TODO: check for group rights
892 865
893 return GenericObjectPermission(returnerID, objectID, false); 866 if (!m_scene.Entities.ContainsKey(objectID))
867 {
868 return false;
894 } 869 }
895 870
896 private bool CanRezObject(int objectCount, UUID owner, Vector3 objectPosition, Scene scene) 871 // If it's not an object, we cant edit it.
872 if (!(m_scene.Entities[objectID] is SceneObjectGroup))
897 { 873 {
898 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); 874 return false;
899 if (m_bypassPermissions) return m_bypassPermissionsValue; 875 }
900 876
901 bool permission = false; 877 SceneObjectGroup task = (SceneObjectGroup)m_scene.Entities[objectID];
902 878
903 ILandObject land = m_scene.LandChannel.GetLandObject(objectPosition.X, objectPosition.Y); 879 if (GenericParcelPermission(task.OwnerID, newPoint))
904 if (land == null) return false; 880 {
881 return true;
882 }
905 883
906 if ((land.landData.Flags & ((int)Parcel.ParcelFlags.CreateObjects)) == 884 //Otherwise, false!
907 (int)Parcel.ParcelFlags.CreateObjects) 885 return false;
908 permission = true; 886 }
909 887
910 //TODO: check for group rights 888 private bool CanReturnObject(UUID objectID, UUID returnerID, Scene scene)
889 {
890 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
891 if (m_bypassPermissions) return m_bypassPermissionsValue;
911 892
912 if (IsAdministrator(owner)) 893 return GenericObjectPermission(returnerID, objectID, false);
913 { 894 }
914 permission = true;
915 }
916 895
917 if (GenericParcelPermission(owner, objectPosition)) 896 private bool CanRezObject(int objectCount, UUID owner, Vector3 objectPosition, Scene scene)
918 { 897 {
919 permission = true; 898 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
920 } 899 if (m_bypassPermissions) return m_bypassPermissionsValue;
921 900
922 return permission; 901 bool permission = false;
923 }
924 902
925 private bool CanRunConsoleCommand(UUID user, Scene requestFromScene) 903 ILandObject land = m_scene.LandChannel.GetLandObject(objectPosition.X, objectPosition.Y);
926 { 904 if (land == null) return false;
927 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
928 if (m_bypassPermissions) return m_bypassPermissionsValue;
929 905
906 if ((land.landData.Flags & ((int)Parcel.ParcelFlags.CreateObjects)) ==
907 (int)Parcel.ParcelFlags.CreateObjects)
908 permission = true;
930 909
931 return IsAdministrator(user); 910 //TODO: check for group rights
932 }
933 911
934 private bool CanRunScript(UUID script, UUID objectID, UUID user, Scene scene) 912 if (IsAdministrator(owner))
935 { 913 {
936 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); 914 permission = true;
937 if (m_bypassPermissions) return m_bypassPermissionsValue;
938
939 return true;
940 } 915 }
941 916
942 private bool CanSellParcel(UUID user, ILandObject parcel, Scene scene) 917 if (GenericParcelPermission(owner, objectPosition))
943 { 918 {
944 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); 919 permission = true;
945 if (m_bypassPermissions) return m_bypassPermissionsValue;
946
947 return GenericParcelPermission(user, parcel);
948 } 920 }
949 921
950 private bool CanTakeObject(UUID objectID, UUID stealer, Scene scene) 922 return permission;
951 { 923 }
952 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
953 if (m_bypassPermissions) return m_bypassPermissionsValue;
954 924
955 return GenericObjectPermission(stealer,objectID, false); 925 private bool CanRunConsoleCommand(UUID user, Scene requestFromScene)
956 } 926 {
927 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
928 if (m_bypassPermissions) return m_bypassPermissionsValue;
957 929
958 private bool CanTakeCopyObject(UUID objectID, UUID userID, Scene inScene)
959 {
960 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
961 if (m_bypassPermissions) return m_bypassPermissionsValue;
962 930
963 bool permission = GenericObjectPermission(userID, objectID,false); 931 return IsAdministrator(user);
964 if (!permission) 932 }
965 {
966 if (!m_scene.Entities.ContainsKey(objectID))
967 {
968 return false;
969 }
970 933
971 // If it's not an object, we cant edit it. 934 private bool CanRunScript(UUID script, UUID objectID, UUID user, Scene scene)
972 if (!(m_scene.Entities[objectID] is SceneObjectGroup)) 935 {
973 { 936 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
974 return false; 937 if (m_bypassPermissions) return m_bypassPermissionsValue;
975 }
976 938
977 SceneObjectGroup task = (SceneObjectGroup)m_scene.Entities[objectID]; 939 return true;
978 // UUID taskOwner = null; 940 }
979 // Added this because at this point in time it wouldn't be wise for
980 // the administrator object permissions to take effect.
981 // UUID objectOwner = task.OwnerID;
982 941
942 private bool CanSellParcel(UUID user, ILandObject parcel, Scene scene)
943 {
944 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
945 if (m_bypassPermissions) return m_bypassPermissionsValue;
983 946
984 if ((task.RootPart.EveryoneMask & PERM_COPY) != 0) 947 return GenericParcelPermission(user, parcel);
985 permission = true; 948 }
986 }
987 return permission;
988 }
989 949
990 private bool CanTerraformLand(UUID user, Vector3 position, Scene requestFromScene) 950 private bool CanTakeObject(UUID objectID, UUID stealer, Scene scene)
991 { 951 {
992 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); 952 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
993 if (m_bypassPermissions) return m_bypassPermissionsValue; 953 if (m_bypassPermissions) return m_bypassPermissionsValue;
994 954
995 // Estate override 955 return GenericObjectPermission(stealer,objectID, false);
996 if (GenericEstatePermission(user)) 956 }
997 return true;
998 957
999 float X = position.X; 958 private bool CanTakeCopyObject(UUID objectID, UUID userID, Scene inScene)
1000 float Y = position.Y; 959 {
960 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
961 if (m_bypassPermissions) return m_bypassPermissionsValue;
1001 962
1002 if (X > 255) 963 bool permission = GenericObjectPermission(userID, objectID,false);
1003 X = 255; 964 if (!permission)
1004 if (Y > 255) 965 {
1005 Y = 255; 966 if (!m_scene.Entities.ContainsKey(objectID))
1006 if (X < 0) 967 {
1007 X = 0; 968 return false;
1008 if (Y < 0) 969 }
1009 Y = 0;
1010 970
1011 ILandObject parcel = m_scene.LandChannel.GetLandObject(X, Y); 971 // If it's not an object, we cant edit it.
1012 if (parcel == null) 972 if (!(m_scene.Entities[objectID] is SceneObjectGroup))
973 {
1013 return false; 974 return false;
975 }
1014 976
1015 // Others allowed to terraform? 977 SceneObjectGroup task = (SceneObjectGroup)m_scene.Entities[objectID];
1016 if ((parcel.landData.Flags & ((int)Parcel.ParcelFlags.AllowTerraform)) != 0) 978 // UUID taskOwner = null;
1017 return true; 979 // Added this because at this point in time it wouldn't be wise for
980 // the administrator object permissions to take effect.
981 // UUID objectOwner = task.OwnerID;
1018 982
1019 // Land owner can terraform too
1020 if (parcel != null && GenericParcelPermission(user, parcel))
1021 return true;
1022 983
1023 return false; 984 if ((task.RootPart.EveryoneMask & PERM_COPY) != 0)
985 permission = true;
1024 } 986 }
987 return permission;
988 }
1025 989
1026 private bool CanViewScript(UUID script, UUID objectID, UUID user, Scene scene) 990 private bool CanTerraformLand(UUID user, Vector3 position, Scene requestFromScene)
1027 { 991 {
1028 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); 992 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
1029 if (m_bypassPermissions) return m_bypassPermissionsValue; 993 if (m_bypassPermissions) return m_bypassPermissionsValue;
1030 994
1031 if (objectID == UUID.Zero) // User inventory 995 // Estate override
1032 { 996 if (GenericEstatePermission(user))
1033 CachedUserInfo userInfo = 997 return true;
1034 scene.CommsManager.UserProfileCacheService.GetUserDetails(user);
1035
1036 if (userInfo == null)
1037 {
1038 m_log.ErrorFormat("[PERMISSIONS]: Could not find user {0} for administrator check", user);
1039 return false;
1040 }
1041 998
1042 if (userInfo.RootFolder == null) 999 float X = position.X;
1043 return false; 1000 float Y = position.Y;
1044 1001
1045 InventoryItemBase assetRequestItem = userInfo.RootFolder.FindItem(script); 1002 if (X > 255)
1046 if (assetRequestItem == null) // Library item 1003 X = 255;
1047 { 1004 if (Y > 255)
1048 assetRequestItem = m_scene.CommsManager.UserProfileCacheService.LibraryRoot.FindItem(script); 1005 Y = 255;
1006 if (X < 0)
1007 X = 0;
1008 if (Y < 0)
1009 Y = 0;
1049 1010
1050 if (assetRequestItem != null) // Implicitly readable 1011 ILandObject parcel = m_scene.LandChannel.GetLandObject(X, Y);
1051 return true; 1012 if (parcel == null)
1052 } 1013 return false;
1053 1014
1054 // SL is rather harebrained here. In SL, a script you 1015 // Others allowed to terraform?
1055 // have mod/copy no trans is readable. This subverts 1016 if ((parcel.landData.Flags & ((int)Parcel.ParcelFlags.AllowTerraform)) != 0)
1056 // permissions, but is used in some products, most 1017 return true;
1057 // notably Hippo door plugin and HippoRent 5 networked
1058 // prim counter.
1059 // To enable this broken SL-ism, remove Transfer from
1060 // the below expressions.
1061 // Trying to improve on SL perms by making a script
1062 // readable only if it's really full perms
1063 //
1064 if ((assetRequestItem.CurrentPermissions &
1065 ((uint)PermissionMask.Modify |
1066 (uint)PermissionMask.Copy |
1067 (uint)PermissionMask.Transfer)) !=
1068 ((uint)PermissionMask.Modify |
1069 (uint)PermissionMask.Copy |
1070 (uint)PermissionMask.Transfer))
1071 return false;
1072 }
1073 else // Prim inventory
1074 {
1075 SceneObjectPart part = scene.GetSceneObjectPart(objectID);
1076 1018
1077 if (part == null) 1019 // Land owner can terraform too
1078 return false; 1020 if (parcel != null && GenericParcelPermission(user, parcel))
1021 return true;
1079 1022
1080 if (part.OwnerID != user) 1023 return false;
1081 return false; 1024 }
1082 1025
1083 if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0) 1026 private bool CanViewScript(UUID script, UUID objectID, UUID user, Scene scene)
1084 return false; 1027 {
1028 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
1029 if (m_bypassPermissions) return m_bypassPermissionsValue;
1085 1030
1086 TaskInventoryItem ti = part.GetInventoryItem(script); 1031 if (objectID == UUID.Zero) // User inventory
1032 {
1033 CachedUserInfo userInfo =
1034 scene.CommsManager.UserProfileCacheService.GetUserDetails(user);
1035
1036 if (userInfo == null)
1037 {
1038 m_log.ErrorFormat("[PERMISSIONS]: Could not find user {0} for administrator check", user);
1039 return false;
1040 }
1087 1041
1088 if (ti == null) 1042 if (userInfo.RootFolder == null)
1089 return false; 1043 return false;
1090 1044
1091 if (ti.OwnerID != user) 1045 InventoryItemBase assetRequestItem = userInfo.RootFolder.FindItem(script);
1092 return false; 1046 if (assetRequestItem == null) // Library item
1047 {
1048 assetRequestItem = m_scene.CommsManager.UserProfileCacheService.LibraryRoot.FindItem(script);
1093 1049
1094 // Require full perms 1050 if (assetRequestItem != null) // Implicitly readable
1095 if ((ti.CurrentPermissions & 1051 return true;
1096 ((uint)PermissionMask.Modify |
1097 (uint)PermissionMask.Copy |
1098 (uint)PermissionMask.Transfer)) !=
1099 ((uint)PermissionMask.Modify |
1100 (uint)PermissionMask.Copy |
1101 (uint)PermissionMask.Transfer))
1102 return false;
1103 } 1052 }
1104 1053
1105 return true; 1054 // SL is rather harebrained here. In SL, a script you
1055 // have mod/copy no trans is readable. This subverts
1056 // permissions, but is used in some products, most
1057 // notably Hippo door plugin and HippoRent 5 networked
1058 // prim counter.
1059 // To enable this broken SL-ism, remove Transfer from
1060 // the below expressions.
1061 // Trying to improve on SL perms by making a script
1062 // readable only if it's really full perms
1063 //
1064 if ((assetRequestItem.CurrentPermissions &
1065 ((uint)PermissionMask.Modify |
1066 (uint)PermissionMask.Copy |
1067 (uint)PermissionMask.Transfer)) !=
1068 ((uint)PermissionMask.Modify |
1069 (uint)PermissionMask.Copy |
1070 (uint)PermissionMask.Transfer))
1071 return false;
1106 } 1072 }
1107 1073 else // Prim inventory
1108 private bool CanViewNotecard(UUID notecard, UUID objectID, UUID user, Scene scene)
1109 { 1074 {
1110 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); 1075 SceneObjectPart part = scene.GetSceneObjectPart(objectID);
1111 if (m_bypassPermissions) return m_bypassPermissionsValue;
1112 1076
1113 if (objectID == UUID.Zero) // User inventory 1077 if (part == null)
1114 { 1078 return false;
1115 CachedUserInfo userInfo =
1116 scene.CommsManager.UserProfileCacheService.GetUserDetails(user);
1117
1118 if (userInfo == null)
1119 {
1120 m_log.ErrorFormat("[PERMISSIONS]: Could not find user {0} for view notecard check", user);
1121 return false;
1122 }
1123 1079
1124 if (userInfo.RootFolder == null) 1080 if (part.OwnerID != user)
1125 return false; 1081 return false;
1126 1082
1127 InventoryItemBase assetRequestItem = userInfo.RootFolder.FindItem(notecard); 1083 if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0)
1128 if (assetRequestItem == null) // Library item 1084 return false;
1129 {
1130 assetRequestItem = m_scene.CommsManager.UserProfileCacheService.LibraryRoot.FindItem(notecard);
1131 1085
1132 if (assetRequestItem != null) // Implicitly readable 1086 TaskInventoryItem ti = part.GetInventoryItem(script);
1133 return true;
1134 }
1135 1087
1136 // Notecards are always readable unless no copy 1088 if (ti == null)
1137 // 1089 return false;
1138 if ((assetRequestItem.CurrentPermissions & 1090
1139 (uint)PermissionMask.Copy) != 1091 if (ti.OwnerID != user)
1140 (uint)PermissionMask.Copy) 1092 return false;
1141 return false;
1142 }
1143 else // Prim inventory
1144 {
1145 SceneObjectPart part = scene.GetSceneObjectPart(objectID);
1146 1093
1147 if (part == null) 1094 // Require full perms
1148 return false; 1095 if ((ti.CurrentPermissions &
1096 ((uint)PermissionMask.Modify |
1097 (uint)PermissionMask.Copy |
1098 (uint)PermissionMask.Transfer)) !=
1099 ((uint)PermissionMask.Modify |
1100 (uint)PermissionMask.Copy |
1101 (uint)PermissionMask.Transfer))
1102 return false;
1103 }
1149 1104
1150 if (part.OwnerID != user) 1105 return true;
1151 return false; 1106 }
1152 1107
1153 if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0) 1108 private bool CanViewNotecard(UUID notecard, UUID objectID, UUID user, Scene scene)
1154 return false; 1109 {
1110 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
1111 if (m_bypassPermissions) return m_bypassPermissionsValue;
1155 1112
1156 TaskInventoryItem ti = part.GetInventoryItem(notecard); 1113 if (objectID == UUID.Zero) // User inventory
1114 {
1115 CachedUserInfo userInfo =
1116 scene.CommsManager.UserProfileCacheService.GetUserDetails(user);
1117
1118 if (userInfo == null)
1119 {
1120 m_log.ErrorFormat("[PERMISSIONS]: Could not find user {0} for view notecard check", user);
1121 return false;
1122 }
1157 1123
1158 if (ti == null) 1124 if (userInfo.RootFolder == null)
1159 return false; 1125 return false;
1160 1126
1161 if (ti.OwnerID != user) 1127 InventoryItemBase assetRequestItem = userInfo.RootFolder.FindItem(notecard);
1162 return false; 1128 if (assetRequestItem == null) // Library item
1129 {
1130 assetRequestItem = m_scene.CommsManager.UserProfileCacheService.LibraryRoot.FindItem(notecard);
1163 1131
1164 // Notecards are always readable unless no copy 1132 if (assetRequestItem != null) // Implicitly readable
1165 // 1133 return true;
1166 if ((ti.CurrentPermissions &
1167 (uint)PermissionMask.Copy) !=
1168 (uint)PermissionMask.Copy)
1169 return false;
1170 } 1134 }
1171 1135
1172 return true; 1136 // Notecards are always readable unless no copy
1137 //
1138 if ((assetRequestItem.CurrentPermissions &
1139 (uint)PermissionMask.Copy) !=
1140 (uint)PermissionMask.Copy)
1141 return false;
1173 } 1142 }
1143 else // Prim inventory
1144 {
1145 SceneObjectPart part = scene.GetSceneObjectPart(objectID);
1174 1146
1175 #endregion 1147 if (part == null)
1148 return false;
1176 1149
1177 public bool CanLinkObject(UUID userID, UUID objectID) 1150 if (part.OwnerID != user)
1178 { 1151 return false;
1179 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
1180 if (m_bypassPermissions) return m_bypassPermissionsValue;
1181 1152
1182 return true; 1153 if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0)
1183 } 1154 return false;
1184 1155
1185 public bool CanDelinkObject(UUID userID, UUID objectID) 1156 TaskInventoryItem ti = part.GetInventoryItem(notecard);
1186 {
1187 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
1188 if (m_bypassPermissions) return m_bypassPermissionsValue;
1189 1157
1190 return true; 1158 if (ti == null)
1191 } 1159 return false;
1192 1160
1193 public bool CanBuyLand(UUID userID, ILandObject parcel, Scene scene) 1161 if (ti.OwnerID != user)
1194 { 1162 return false;
1195 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
1196 if (m_bypassPermissions) return m_bypassPermissionsValue;
1197 1163
1198 return true; 1164 // Notecards are always readable unless no copy
1165 //
1166 if ((ti.CurrentPermissions &
1167 (uint)PermissionMask.Copy) !=
1168 (uint)PermissionMask.Copy)
1169 return false;
1199 } 1170 }
1200 1171
1201 public bool CanCopyInventory(UUID itemID, UUID objectID, UUID userID) 1172 return true;
1202 { 1173 }
1203 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
1204 if (m_bypassPermissions) return m_bypassPermissionsValue;
1205 1174
1206 return true; 1175 #endregion
1207 }
1208 1176
1209 public bool CanDeleteInventory(UUID itemID, UUID objectID, UUID userID) 1177 public bool CanLinkObject(UUID userID, UUID objectID)
1210 { 1178 {
1211 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); 1179 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
1212 if (m_bypassPermissions) return m_bypassPermissionsValue; 1180 if (m_bypassPermissions) return m_bypassPermissionsValue;
1213 1181
1214 return true; 1182 return true;
1215 } 1183 }
1216 1184
1217 public bool CanCreateInventory(uint invType, UUID objectID, UUID userID) 1185 public bool CanDelinkObject(UUID userID, UUID objectID)
1218 { 1186 {
1219 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); 1187 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
1220 if (m_bypassPermissions) return m_bypassPermissionsValue; 1188 if (m_bypassPermissions) return m_bypassPermissionsValue;
1221 1189
1222 return true; 1190 return true;
1223 } 1191 }
1224 1192
1225 public bool CanTeleport(UUID userID) 1193 public bool CanBuyLand(UUID userID, ILandObject parcel, Scene scene)
1226 { 1194 {
1227 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); 1195 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
1228 if (m_bypassPermissions) return m_bypassPermissionsValue; 1196 if (m_bypassPermissions) return m_bypassPermissionsValue;
1229 1197
1230 return true; 1198 return true;
1231 } 1199 }
1200
1201 public bool CanCopyInventory(UUID itemID, UUID objectID, UUID userID)
1202 {
1203 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
1204 if (m_bypassPermissions) return m_bypassPermissionsValue;
1205
1206 return true;
1207 }
1208
1209 public bool CanDeleteInventory(UUID itemID, UUID objectID, UUID userID)
1210 {
1211 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
1212 if (m_bypassPermissions) return m_bypassPermissionsValue;
1213
1214 return true;
1215 }
1216
1217 public bool CanCreateInventory(uint invType, UUID objectID, UUID userID)
1218 {
1219 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
1220 if (m_bypassPermissions) return m_bypassPermissionsValue;
1221
1222 return true;
1223 }
1224
1225 public bool CanTeleport(UUID userID)
1226 {
1227 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
1228 if (m_bypassPermissions) return m_bypassPermissionsValue;
1229
1230 return true;
1231 }
1232 } 1232 }
1233 1233
1234} 1234}