diff options
Diffstat (limited to '')
-rw-r--r-- | OpenSim/Region/Environment/PermissionManager.cs | 117 |
1 files changed, 79 insertions, 38 deletions
diff --git a/OpenSim/Region/Environment/PermissionManager.cs b/OpenSim/Region/Environment/PermissionManager.cs index e768d7f..3f1ba18 100644 --- a/OpenSim/Region/Environment/PermissionManager.cs +++ b/OpenSim/Region/Environment/PermissionManager.cs | |||
@@ -44,69 +44,75 @@ namespace OpenSim.Region.Environment | |||
44 | return true; | 44 | return true; |
45 | } | 45 | } |
46 | 46 | ||
47 | /// <summary> | 47 | |
48 | /// Permissions check - can user delete an object? | 48 | #region Object Permissions |
49 | /// </summary> | 49 | |
50 | /// <param name="user">User attempting the delete</param> | 50 | protected virtual bool GenericObjectPermission(LLUUID user, LLUUID obj) |
51 | /// <param name="obj">Target object</param> | ||
52 | /// <returns>Has permission?</returns> | ||
53 | public virtual bool CanDeRezObject(LLUUID user, LLUUID obj) | ||
54 | { | 51 | { |
55 | // Default: deny | 52 | // Default: deny |
56 | bool canDeRez = false; | 53 | bool permission = false; |
57 | 54 | ||
58 | // If it's not an object, we cant derez it. | 55 | // If it's not an object, we cant edit it. |
59 | if (!(m_scene.Entities[obj] is SceneObject)) | 56 | if (!(m_scene.Entities[obj] is SceneObject)) |
60 | return false; | 57 | return false; |
61 | 58 | ||
62 | SceneObject task = (SceneObject)m_scene.Entities[obj]; | 59 | SceneObject task = (SceneObject)m_scene.Entities[obj]; |
63 | LLUUID taskOwner = null; // Since we dont have a 'owner' property on task yet | 60 | LLUUID taskOwner = null; // Since we dont have a 'owner' property on task yet |
64 | 61 | ||
65 | // Object owners should be able to delete their own content | 62 | // Object owners should be able to edit their own content |
66 | if (user == taskOwner) | 63 | if (user == taskOwner) |
67 | canDeRez = true; | 64 | permission = true; |
68 | 65 | ||
69 | // Users should be able to delete what is over their land. | 66 | // Users should be able to edit what is over their land. |
70 | if (m_scene.LandManager.getLandObject(task.Pos.X, task.Pos.Y).landData.ownerID == user) | 67 | if (m_scene.LandManager.getLandObject(task.Pos.X, task.Pos.Y).landData.ownerID == user) |
71 | canDeRez = true; | 68 | permission = true; |
72 | 69 | ||
73 | // Estate users should be able to delete anything in the sim | 70 | // Estate users should be able to edit anything in the sim |
74 | if (IsEstateManager(user)) | 71 | if (IsEstateManager(user)) |
75 | canDeRez = true; | 72 | permission = true; |
76 | 73 | ||
77 | // Admin objects should not be deletable by the above | 74 | // Admin objects should not be editable by the above |
78 | if (IsAdministrator(taskOwner)) | 75 | if (IsAdministrator(taskOwner)) |
79 | canDeRez = false; | 76 | permission = false; |
80 | 77 | ||
81 | // Admin should be able to delete anything in the sim (including admin objects) | 78 | // Admin should be able to edit anything in the sim (including admin objects) |
82 | if (IsAdministrator(user)) | 79 | if (IsAdministrator(user)) |
83 | canDeRez = true; | 80 | permission = true; |
84 | 81 | ||
85 | return canDeRez; | 82 | return permission; |
83 | } | ||
84 | |||
85 | /// <summary> | ||
86 | /// Permissions check - can user delete an object? | ||
87 | /// </summary> | ||
88 | /// <param name="user">User attempting the delete</param> | ||
89 | /// <param name="obj">Target object</param> | ||
90 | /// <returns>Has permission?</returns> | ||
91 | public virtual bool CanDeRezObject(LLUUID user, LLUUID obj) | ||
92 | { | ||
93 | return GenericObjectPermission(user, obj); | ||
86 | } | 94 | } |
87 | 95 | ||
88 | public virtual bool CanEditObject(LLUUID user, LLUUID obj) | 96 | public virtual bool CanEditObject(LLUUID user, LLUUID obj) |
89 | { | 97 | { |
90 | // Permissions for editing fall into the same category as deleting | 98 | return GenericObjectPermission(user, obj); |
91 | // May need to add check for "no-mod" items. | ||
92 | return CanDeRezObject(user, obj); | ||
93 | } | 99 | } |
94 | 100 | ||
95 | public virtual bool CanEditScript(LLUUID user, LLUUID script) | 101 | public virtual bool CanReturnObject(LLUUID user, LLUUID obj) |
96 | { | 102 | { |
97 | return false; | 103 | return GenericObjectPermission(user, obj); |
98 | } | 104 | } |
99 | 105 | ||
100 | public virtual bool CanRunScript(LLUUID user, LLUUID script) | 106 | #endregion |
107 | |||
108 | public virtual bool CanEditScript(LLUUID user, LLUUID script) | ||
101 | { | 109 | { |
102 | return false; | 110 | return false; |
103 | } | 111 | } |
104 | 112 | ||
105 | public virtual bool CanReturnObject(LLUUID user, LLUUID obj) | 113 | public virtual bool CanRunScript(LLUUID user, LLUUID script) |
106 | { | 114 | { |
107 | // Same category as deleting, but eventually will need seperate check | 115 | return false; |
108 | // as sometimes it's better to allow returning only. | ||
109 | return CanDeRezObject(user, obj); | ||
110 | } | 116 | } |
111 | 117 | ||
112 | public virtual bool CanTerraform(LLUUID user, LLUUID position) | 118 | public virtual bool CanTerraform(LLUUID user, LLUUID position) |
@@ -114,35 +120,70 @@ namespace OpenSim.Region.Environment | |||
114 | return false; | 120 | return false; |
115 | } | 121 | } |
116 | 122 | ||
117 | public virtual bool CanEditEstateSettings(LLUUID user) | 123 | #region Estate Permissions |
124 | |||
125 | protected virtual bool GenericEstatePermission(LLUUID user) | ||
118 | { | 126 | { |
119 | // Default: deny | 127 | // Default: deny |
120 | bool canEdit = false; | 128 | bool permission = false; |
121 | 129 | ||
122 | // Estate admins should be able to use estate tools | 130 | // Estate admins should be able to use estate tools |
123 | if (IsEstateManager(user)) | 131 | if (IsEstateManager(user)) |
124 | canEdit = true; | 132 | permission = true; |
125 | 133 | ||
126 | // Administrators always have permission | 134 | // Administrators always have permission |
127 | if (IsAdministrator(user)) | 135 | if (IsAdministrator(user)) |
128 | canEdit = true; | 136 | permission = true; |
137 | |||
138 | return permission; | ||
139 | } | ||
140 | |||
141 | public virtual bool CanEditEstateTerrain(LLUUID user) | ||
142 | { | ||
143 | return GenericEstatePermission(user); | ||
144 | } | ||
145 | |||
146 | #endregion | ||
147 | |||
148 | #region Parcel Permissions | ||
149 | |||
150 | protected virtual bool GenericParcelPermission(LLUUID user, Land parcel) | ||
151 | { | ||
152 | bool permission = false; | ||
153 | |||
154 | if (parcel.landData.ownerID == user) | ||
155 | permission = true; | ||
156 | |||
157 | if (parcel.landData.isGroupOwned) | ||
158 | { | ||
159 | // TODO: Need to do some extra checks here. Requires group code. | ||
160 | } | ||
161 | |||
162 | if(IsEstateManager(user)) | ||
163 | permission = true; | ||
164 | |||
165 | if (IsAdministrator(user)) | ||
166 | permission = true; | ||
129 | 167 | ||
130 | return canEdit; | 168 | return permission; |
131 | } | 169 | } |
132 | 170 | ||
133 | public virtual bool CanEditParcel(LLUUID user, Land parcel) | 171 | public virtual bool CanEditParcel(LLUUID user, Land parcel) |
134 | { | 172 | { |
135 | return false; | 173 | return GenericParcelPermission(user, parcel); |
136 | } | 174 | } |
137 | 175 | ||
138 | public virtual bool CanSellParcel(LLUUID user, Land parcel) | 176 | public virtual bool CanSellParcel(LLUUID user, Land parcel) |
139 | { | 177 | { |
140 | return false; | 178 | return GenericParcelPermission(user, parcel); |
141 | } | 179 | } |
142 | 180 | ||
143 | public virtual bool CanAbandonParcel(LLUUID user, Land parcel) | 181 | public virtual bool CanAbandonParcel(LLUUID user, Land parcel) |
144 | { | 182 | { |
145 | return false; | 183 | return GenericParcelPermission(user, parcel); |
146 | } | 184 | } |
185 | |||
186 | #endregion | ||
187 | |||
147 | } | 188 | } |
148 | } | 189 | } |