/**
* Copyright (c) 2008, Contributors. All rights reserved.
* See CONTRIBUTORS.TXT for a full list of copyright holders.
*
* Redistribution and use in source and binary forms, with or without modification,
* are permitted provided that the following conditions are met:
*
* * Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
* * Redistributions in binary form must reproduce the above copyright notice,
* this list of conditions and the following disclaimer in the documentation
* and/or other materials provided with the distribution.
* * Neither the name of the Organizations nor the names of Individual
* Contributors may be used to endorse or promote products derived from
* this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
* THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
* EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
* GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
* AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
using System;
using System.Collections;
using System.Collections.Generic;
using System.Reflection;
using log4net;
using Nini.Config;
using OpenMetaverse;
using OpenSim.Data;
using OpenSim.Framework;
using OpenSim.Framework.Communications.Clients;
using OpenSim.Framework.Communications.Cache;
using Caps = OpenSim.Framework.Communications.Capabilities.Caps;
using LLSDHelpers = OpenSim.Framework.Communications.Capabilities.LLSDHelpers;
using OpenSim.Framework.Servers;
using OpenSim.Framework.Servers.Interfaces;
using OpenMetaverse.StructuredData;
namespace OpenSim.Framework.Communications.Services
{
public class HGInventoryService
{
private static readonly ILog m_log
= LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
private InventoryServiceBase m_inventoryService;
IHttpServer httpServer;
private string m_thisInventoryUrl = "http://localhost:9000";
private string m_thisHostname = "127.0.0.1";
private uint m_thisPort = 9000;
// These two used for local access, standalone mode
private UserManagerBase m_userService = null;
IAssetDataPlugin m_assetProvider = null;
// These two used for remote access
string m_UserServerURL = string.Empty;
string m_AssetServerURL = string.Empty;
SynchronousGridAssetClient m_AssetClient = null;
// Constructor for grid inventory server
public HGInventoryService(InventoryServiceBase invService, string assetServiceURL, string userServiceURL, IHttpServer httpserver, string thisurl)
{
m_UserServerURL = userServiceURL;
m_AssetServerURL = assetServiceURL;
m_AssetClient = new SynchronousGridAssetClient(m_AssetServerURL);
Init(invService, thisurl, httpserver);
}
// Constructor for standalone mode
public HGInventoryService(InventoryServiceBase invService, IAssetDataPlugin assetService, UserManagerBase userService, IHttpServer httpserver, string thisurl)
{
m_userService = userService;
m_assetProvider = assetService;
Init(invService, thisurl, httpserver);
}
private void Init(InventoryServiceBase invService, string thisurl, IHttpServer httpserver)
{
m_inventoryService = invService;
m_thisInventoryUrl = thisurl;
if (!m_thisInventoryUrl.EndsWith("/"))
m_thisInventoryUrl += "/";
Uri uri = new Uri(m_thisInventoryUrl);
if (uri != null)
{
m_thisHostname = uri.Host;
m_thisPort = (uint)uri.Port;
}
httpServer = httpserver;
AddHttpHandlers();
}
public virtual void AddHttpHandlers()
{
httpServer.AddHTTPHandler("/InvCap/", CapHandler);
}
public bool CheckAuthSession(string session_id, string avatar_id)
{
return true;
}
// In truth, this is not called from the outside, for standalones. I'm just making it
// a handler already so that this can be reused for the InventoryServer.
public string CreateCapUrl(Guid _userid)
{
UUID userID = new UUID(_userid);
UUID random = UUID.Random();
string url = m_thisInventoryUrl + random.ToString() + "/";
m_log.InfoFormat("[HGStandaloneInvService] Creating Cap URL {0} for user {1}", url, userID.ToString());
return url;
}
///
/// Return a user's entire inventory
///
///
/// The user's inventory. If an inventory cannot be found then an empty collection is returned.
public InventoryCollection GetUserInventory(Guid rawUserID)
{
UUID userID = new UUID(rawUserID);
m_log.Info("[HGStandaloneInvModule]: Processing request for inventory of " + userID);
// Uncomment me to simulate a slow responding inventory server
//Thread.Sleep(16000);
InventoryCollection invCollection = new InventoryCollection();
List allFolders = m_inventoryService.GetInventorySkeleton(userID);
if (null == allFolders)
{
m_log.WarnFormat("[HGStandaloneInvModule]: No inventory found for user {0}", rawUserID);
return invCollection;
}
List allItems = new List();
foreach (InventoryFolderBase folder in allFolders)
{
List items = m_inventoryService.RequestFolderItems(folder.ID);
if (items != null)
{
allItems.InsertRange(0, items);
}
}
invCollection.UserID = userID;
invCollection.Folders = allFolders;
invCollection.Items = allItems;
// foreach (InventoryFolderBase folder in invCollection.Folders)
// {
// m_log.DebugFormat("[GRID AGENT INVENTORY]: Sending back folder {0} {1}", folder.Name, folder.ID);
// }
//
// foreach (InventoryItemBase item in invCollection.Items)
// {
// m_log.DebugFormat("[GRID AGENT INVENTORY]: Sending back item {0} {1}, folder {2}", item.Name, item.ID, item.Folder);
// }
m_log.InfoFormat(
"[HGStandaloneInvModule]: Sending back inventory response to user {0} containing {1} folders and {2} items",
invCollection.UserID, invCollection.Folders.Count, invCollection.Items.Count);
return invCollection;
}
public InventoryCollection FetchDescendants(InventoryFolderBase fb)
{
m_log.Info("[HGStandaloneInvService]: Processing request for folder " + fb.ID);
// Uncomment me to simulate a slow responding inventory server
//Thread.Sleep(16000);
InventoryCollection invCollection = new InventoryCollection();
List items = m_inventoryService.RequestFolderItems(fb.ID);
List folders = m_inventoryService.RequestSubFolders(fb.ID);
invCollection.UserID = fb.Owner;
invCollection.Folders = folders;
invCollection.Items = items;
m_log.DebugFormat("[HGStandaloneInvService]: Found {0} items and {1} folders", items.Count, folders.Count);
return invCollection;
}
public bool RemoveFolder(InventoryFolderBase folder)
{
m_log.Debug("[HGStandaloneInvService]: Removefolder: Operation not implemented yet.");
return false;
}
public InventoryItemBase GetInventoryItem(InventoryItemBase item)
{
m_log.Info("[HGStandaloneInvService]: Get item " + item.ID);
item = m_inventoryService.GetInventoryItem(item.ID);
if (item == null)
m_log.Debug("[HGStandaloneInvService]: null item");
return item;
}
public InventoryItemBase AddItem(InventoryItemBase item)
{
m_log.DebugFormat("[HGStandaloneInvService]: Add item {0} from {1}", item.ID, item.Owner);
if (m_inventoryService.AddItem(item))
return item;
else
{
item.ID = UUID.Zero;
return item;
}
}
public InventoryItemBase UpdateItem(InventoryItemBase item)
{
m_log.DebugFormat("[HGStandaloneInvService]: Update item {0} from {1}", item.ID, item.Owner);
InventoryItemBase it = m_inventoryService.GetInventoryItem(item.ID);
item.CurrentPermissions = it.CurrentPermissions;
item.AssetID = it.AssetID;
if (m_inventoryService.UpdateItem(item))
return item;
else
{
item.ID = UUID.Zero;
return item;
}
}
public InventoryItemBase MoveItem(InventoryItemBase newitem)
{
m_log.DebugFormat("[HGStandaloneInvService]: Move item {0} from {1}", newitem.ID, newitem.Owner);
InventoryItemBase Item = m_inventoryService.GetInventoryItem(newitem.ID);
if (Item != null)
{
if (newitem.Name != String.Empty)
{
Item.Name = newitem.Name;
}
Item.Folder = newitem.Folder;
m_inventoryService.UpdateItem(Item);
return Item;
}
else
{
m_log.Debug("[HGStandaloneInvService]: Failed to find item " + newitem.ID);
newitem.ID = UUID.Zero;
return newitem;
}
}
public InventoryItemBase DeleteItem(InventoryItemBase item)
{
item = m_inventoryService.GetInventoryItem(item.ID);
if (m_inventoryService.DeleteItem(item))
return item;
else
{
item.ID = UUID.Zero;
return item;
}
}
public InventoryItemBase CopyItem(InventoryItemBase olditem)
{
m_log.DebugFormat("[HGStandaloneInvService]: Copy item {0} from {1}", olditem.ID, olditem.Owner);
InventoryItemBase Item = m_inventoryService.GetInventoryItem(olditem.ID); // this is the old item id
// BIG HACK here
UUID newID = olditem.AssetID;
if (Item != null)
{
if (olditem.Name != String.Empty)
{
Item.Name = olditem.Name;
}
Item.ID = newID;
Item.Folder = olditem.Folder;
Item.Owner = olditem.Owner;
// There should be some tests here about the owner, etc but I'm going to ignore that
// because I'm not sure it makes any sense
// Also I should probably clone the asset...
m_inventoryService.AddItem(Item);
return Item;
}
else
{
m_log.Debug("[HGStandaloneInvService]: Failed to find item " + olditem.ID);
olditem.ID = UUID.Zero;
return olditem;
}
}
///
/// Guid to UUID wrapper for same name IInventoryServices method
///
///
///
public List GetInventorySkeleton(Guid rawUserID)
{
UUID userID = new UUID(rawUserID);
return m_inventoryService.GetInventorySkeleton(userID);
}
public List GetActiveGestures(Guid rawUserID)
{
UUID userID = new UUID(rawUserID);
m_log.InfoFormat("[HGStandaloneInvService]: fetching active gestures for user {0}", userID);
return m_inventoryService.GetActiveGestures(userID);
}
public AssetBase GetAsset(InventoryItemBase item)
{
m_log.Info("[HGStandaloneInvService]: Get asset " + item.AssetID + " for item " + item.ID);
AssetBase asset = new AssetBase(item.AssetID, "NULL"); // send an asset with no data
InventoryItemBase item2 = m_inventoryService.GetInventoryItem(item.ID);
if (item2 == null)
{
m_log.Debug("[HGStandaloneInvService]: null item");
return asset;
}
if (item2.Owner != item.Owner)
{
m_log.DebugFormat("[HGStandaloneInvService]: client with uuid {0} is trying to get an item of owner {1}", item.Owner, item2.Owner);
return asset;
}
// All good, get the asset
//AssetBase theasset = m_assetProvider.FetchAsset(item.AssetID);
AssetBase theasset = FetchAsset(item.AssetID, (item.InvType == (int)InventoryType.Texture));
m_log.Debug("[HGStandaloneInvService] Found asset " + ((theasset == null) ? "NULL" : "Not Null"));
if (theasset != null)
{
asset = theasset;
//m_log.Debug(" >> Sending assetID " + item.AssetID);
}
return asset;
}
public bool PostAsset(AssetBase asset)
{
m_log.Info("[HGStandaloneInvService]: Post asset " + asset.FullID);
//m_assetProvider.CreateAsset(asset);
StoreAsset(asset);
return true;
}
///
/// CapsUpdatedInventoryItemAsset(IClientAPI, UUID, byte[])
///
public UUID UpdateInventoryItemAsset(UUID userID, UUID itemID, byte[] data)
{
m_log.Debug("[HGStandaloneInvService]: UpdateInventoryitemAsset for user " + userID + " item " + itemID);
InventoryItemBase item = m_inventoryService.GetInventoryItem(itemID);
if (item != null)
{
// We're still not dealing with permissions
//if ((InventoryType)item.InvType == InventoryType.Notecard)
//{
// if (!Permissions.CanEditNotecard(itemID, UUID.Zero, userID))
// {
// //remoteClient.SendAgentAlertMessage("Insufficient permissions to edit notecard", false);
// return UUID.Zero;
// }
// //remoteClient.SendAgentAlertMessage("Notecard saved", false);
//}
//else if ((InventoryType)item.InvType == InventoryType.LSL)
//{
// if (!Permissions.CanEditScript(itemID, UUID.Zero, remoteClient.AgentId))
// {
// //remoteClient.SendAgentAlertMessage("Insufficient permissions to edit script", false);
// return UUID.Zero;
// }
// //remoteClient.SendAgentAlertMessage("Script saved", false);
//}
AssetBase asset = CreateAsset(item.Name, item.Description, (sbyte)item.AssetType, data);
PostAsset(asset);
item.AssetID = asset.FullID;
item.Owner = userID;
m_inventoryService.UpdateItem(item);
return (asset.FullID);
}
return UUID.Zero;
}
private AssetBase CreateAsset(string name, string description, sbyte assetType, byte[] data)
{
AssetBase asset = new AssetBase();
asset.Name = name;
asset.Description = description;
asset.Type = assetType;
asset.FullID = UUID.Random();
asset.Data = (data == null) ? new byte[1] : data;
return asset;
}
#region Caps
Dictionary invCaps = new Dictionary();
public Hashtable CapHandler(Hashtable request)
{
m_log.Debug("[CONNECTION DEBUGGING]: InvCapHandler Called");
m_log.Debug("---------------------------");
m_log.Debug(" >> uri=" + request["uri"]);
m_log.Debug(" >> content-type=" + request["content-type"]);
m_log.Debug(" >> http-method=" + request["http-method"]);
m_log.Debug("---------------------------\n");
// these are requests if the type
// http://inventoryserver/InvCap/uuuuuuuu-uuuu-uuuu-uuuu-uuuuuuuuuuuu/kkkkkkkk-kkkk-kkkk-kkkk-kkkkkkkkkkkk/
Hashtable responsedata = new Hashtable();
responsedata["content_type"] = "text/plain";
UUID userID;
string authToken = string.Empty;
string authority = string.Empty;
if (!GetParams(request, out userID, out authority, out authToken))
{
m_log.InfoFormat("[HGStandaloneInvService]: Invalid parameters for InvCap message {0}", request["uri"]);
responsedata["int_response_code"] = 404;
responsedata["str_response_string"] = "Not found";
return responsedata;
}
// Next, let's parse the verb
string method = (string)request["http-method"];
if (method.Equals("GET"))
{
DoInvCapPost(request, responsedata, userID, authority, authToken);
return responsedata;
}
//else if (method.Equals("DELETE"))
//{
// DoAgentDelete(request, responsedata, agentID, action, regionHandle);
// return responsedata;
//}
else
{
m_log.InfoFormat("[HGStandaloneInvService]: method {0} not supported in agent message", method);
responsedata["int_response_code"] = 405;
responsedata["str_response_string"] = "Method not allowed";
return responsedata;
}
}
public virtual void DoInvCapPost(Hashtable request, Hashtable responsedata, UUID userID, string authority, string authToken)
{
// This is the meaning of POST agent
// Check Auth Token
if ((m_userService != null) && !(m_userService is IAuthentication))
{
m_log.Debug("[HGStandaloneInvService]: UserService is not IAuthentication. Denying access to inventory.");
responsedata["int_response_code"] = 501;
responsedata["str_response_string"] = "Not implemented";
return;
}
bool success = VerifyKey(userID, authority, authToken);
if (success)
{
m_log.DebugFormat("[HGStandaloneInvService]: User has been authorized. Creating service handlers.");
// Then establish secret service handlers
Hashtable usercaps = RegisterCaps(userID, authToken);
responsedata["int_response_code"] = 200;
//responsedata["str_response_string"] = "OK";
responsedata["str_response_string"] = SerializeHashtable(usercaps);
}
else
{
m_log.DebugFormat("[HGStandaloneInvService]: User has is unauthorized. Denying service handlers.");
responsedata["int_response_code"] = 403;
responsedata["str_response_string"] = "Forbidden";
}
}
///
/// Extract the params from a request.
///
public static bool GetParams(Hashtable request, out UUID uuid, out string authority, out string authKey)
{
uuid = UUID.Zero;
authority = string.Empty;
authKey = string.Empty;
string uri = (string)request["uri"];
uri = uri.Trim(new char[] { '/' });
string[] parts = uri.Split('/');
if (parts.Length <= 1)
{
return false;
}
else
{
if (!UUID.TryParse(parts[1], out uuid))
return false;
if (parts.Length >= 3)
{
authKey = parts[2];
return true;
}
}
Uri authUri;
Hashtable headers = (Hashtable)request["headers"];
// Authorization keys look like this:
// http://orgrid.org:8002/
if (headers.ContainsKey("authorization"))
{
if (Uri.TryCreate((string)headers["authorization"], UriKind.Absolute, out authUri))
{
authority = authUri.Authority;
authKey = authUri.PathAndQuery.Trim('/');
m_log.DebugFormat("[HGStandaloneInvService]: Got authority {0} and key {1}", authority, authKey);
return true;
}
else
m_log.Debug("[HGStandaloneInvService]: Wrong format for Authorization header: " + (string)headers["authorization"]);
}
else
m_log.Debug("[HGStandaloneInvService]: Authorization header not found");
return false;
}
string SerializeHashtable(Hashtable hash)
{
string result = string.Empty;
foreach (object key in hash.Keys)
{
result += key.ToString() + "," + hash[key].ToString() + ";";
}
return result;
}
Hashtable RegisterCaps(UUID userID, string authToken)
{
lock (invCaps)
{
if (invCaps.ContainsKey(userID))
{
// Remove the old ones
DeregisterCaps(httpServer, invCaps[userID]);
invCaps.Remove(userID);
}
}
Caps caps = new Caps(null, httpServer, m_thisHostname, m_thisPort, authToken, userID, false, "Inventory");
caps.RegisterInventoryServiceHandlers("/" + authToken + "/InventoryCap/");
caps.ItemUpdatedCall = UpdateInventoryItemAsset;
Hashtable capsHandlers = caps.CapsHandlers.CapsDetails;
httpServer.AddStreamHandler(new RestDeserialiseSecureHandler(
"POST", AddAndGetCapUrl(authToken, "GetInventory", capsHandlers), GetUserInventory, CheckAuthSession));
httpServer.AddStreamHandler(new RestDeserialiseSecureHandler(
"POST", AddAndGetCapUrl(authToken, "FetchDescendants", capsHandlers), FetchDescendants, CheckAuthSession));
httpServer.AddStreamHandler(new RestDeserialiseSecureHandler(
"POST", AddAndGetCapUrl(authToken, "NewFolder", capsHandlers), m_inventoryService.AddFolder, CheckAuthSession));
httpServer.AddStreamHandler(new RestDeserialiseSecureHandler(
"POST", AddAndGetCapUrl(authToken, "UpdateFolder", capsHandlers), m_inventoryService.UpdateFolder, CheckAuthSession));
httpServer.AddStreamHandler(new RestDeserialiseSecureHandler(
"POST", AddAndGetCapUrl(authToken, "MoveFolder", capsHandlers), m_inventoryService.MoveFolder, CheckAuthSession));
httpServer.AddStreamHandler(new RestDeserialiseSecureHandler(
"POST", AddAndGetCapUrl(authToken, "PurgeFolder", capsHandlers), m_inventoryService.PurgeFolder, CheckAuthSession));
httpServer.AddStreamHandler(new RestDeserialiseSecureHandler(
"POST", AddAndGetCapUrl(authToken, "RemoveFolder", capsHandlers), RemoveFolder, CheckAuthSession));
httpServer.AddStreamHandler(new RestDeserialiseSecureHandler(
"POST", AddAndGetCapUrl(authToken, "GetItem", capsHandlers), GetInventoryItem, CheckAuthSession));
httpServer.AddStreamHandler(new RestDeserialiseSecureHandler(
"POST", AddAndGetCapUrl(authToken, "NewItem", capsHandlers), AddItem, CheckAuthSession));
httpServer.AddStreamHandler(new RestDeserialiseSecureHandler(
"POST", AddAndGetCapUrl(authToken, "UpdateItem", capsHandlers), UpdateItem, CheckAuthSession));
httpServer.AddStreamHandler(new RestDeserialiseSecureHandler(
"POST", AddAndGetCapUrl(authToken, "MoveItem", capsHandlers), MoveItem, CheckAuthSession));
httpServer.AddStreamHandler(new RestDeserialiseSecureHandler(
"POST", AddAndGetCapUrl(authToken, "DeleteItem", capsHandlers), DeleteItem, CheckAuthSession));
httpServer.AddStreamHandler(new RestDeserialiseSecureHandler(
"POST", AddAndGetCapUrl(authToken, "CopyItem", capsHandlers), CopyItem, CheckAuthSession));
httpServer.AddStreamHandler(new RestDeserialiseSecureHandler(
"POST", AddAndGetCapUrl(authToken, "GetAsset", capsHandlers), GetAsset, CheckAuthSession));
httpServer.AddStreamHandler(new RestDeserialiseSecureHandler(
"POST", AddAndGetCapUrl(authToken, "PostAsset", capsHandlers), PostAsset, CheckAuthSession));
lock (invCaps)
invCaps.Add(userID, capsHandlers);
return capsHandlers;
}
string AddAndGetCapUrl(string authToken, string capType, Hashtable caps)
{
string capUrl = "/" + authToken + "/" + capType + "/";
m_log.Debug("[HGStandaloneInvService] Adding inventory cap " + capUrl);
caps.Add(capType, capUrl);
return capUrl;
}
void DeregisterCaps(IHttpServer httpServer, Hashtable caps)
{
foreach (string capUrl in caps.Values)
{
m_log.Debug("[HGStandaloneInvService] Removing inventory cap " + capUrl);
httpServer.RemoveStreamHandler("POST", capUrl);
}
}
#endregion Caps
#region Local vs Remote
bool VerifyKey(UUID userID, string authority, string key)
{
// Remote call to the Authorization server
if (m_userService == null)
return AuthClient.VerifyKey("http://" + authority, userID, key);
// local call
else
return ((IAuthentication)m_userService).VerifyKey(userID, key);
}
AssetBase FetchAsset(UUID assetID, bool isTexture)
{
// Remote call to the Asset server
if (m_assetProvider == null)
return m_AssetClient.SyncGetAsset(assetID, isTexture);
// local call
else
return m_assetProvider.FetchAsset(assetID);
}
void StoreAsset(AssetBase asset)
{
// Remote call to the Asset server
if (m_assetProvider == null)
m_AssetClient.StoreAsset(asset);
// local call
else
m_assetProvider.CreateAsset(asset);
}
#endregion Local vs Remote
}
class SynchronousGridAssetClient : GridAssetClient
{
public SynchronousGridAssetClient(string url)
: base(url)
{
}
public AssetBase SyncGetAsset(UUID assetID, bool isTexture)
{
AssetRequest assReq = new AssetRequest();
assReq.AssetID = assetID;
assReq.IsTexture = isTexture;
return base.GetAsset(assReq);
}
}
}