aboutsummaryrefslogtreecommitdiffstatshomepage
diff options
context:
space:
mode:
authorDr Scofield2009-04-27 11:51:25 +0000
committerDr Scofield2009-04-27 11:51:25 +0000
commit515e62dc2f4614b140da222c082d3cd69c5960d4 (patch)
treeeda95f708aad85c1fbbe14459111beb3790b8526
parentAdd copyright headers. Formatting cleanup. (diff)
downloadopensim-SC_OLD-515e62dc2f4614b140da222c082d3cd69c5960d4.zip
opensim-SC_OLD-515e62dc2f4614b140da222c082d3cd69c5960d4.tar.gz
opensim-SC_OLD-515e62dc2f4614b140da222c082d3cd69c5960d4.tar.bz2
opensim-SC_OLD-515e62dc2f4614b140da222c082d3cd69c5960d4.tar.xz
From: Alan M Webb <alan_webb@us.ibm.com>
Added support for access control lists. Scene: Added test to AddNewClient for an entry in the access list when connecting to a region with limited access. EstateSettings: Added an HasAccess(UUID) property to test for an entry in the estate's access list. RemoteAdmin: Add RPC calls for admin_acl_list, clear, add, and remove.
Diffstat (limited to '')
-rw-r--r--OpenSim/ApplicationPlugins/RemoteController/RemoteAdminPlugin.cs288
-rw-r--r--OpenSim/Framework/EstateSettings.cs5
-rw-r--r--OpenSim/Region/Framework/Scenes/Scene.cs82
3 files changed, 341 insertions, 34 deletions
diff --git a/OpenSim/ApplicationPlugins/RemoteController/RemoteAdminPlugin.cs b/OpenSim/ApplicationPlugins/RemoteController/RemoteAdminPlugin.cs
index a7290b9..f6bfb33 100644
--- a/OpenSim/ApplicationPlugins/RemoteController/RemoteAdminPlugin.cs
+++ b/OpenSim/ApplicationPlugins/RemoteController/RemoteAdminPlugin.cs
@@ -102,19 +102,26 @@ namespace OpenSim.ApplicationPlugins.RemoteController
102 Dictionary<string, XmlRpcMethod> availableMethods = new Dictionary<string, XmlRpcMethod>(); 102 Dictionary<string, XmlRpcMethod> availableMethods = new Dictionary<string, XmlRpcMethod>();
103 availableMethods["admin_create_region"] = XmlRpcCreateRegionMethod; 103 availableMethods["admin_create_region"] = XmlRpcCreateRegionMethod;
104 availableMethods["admin_delete_region"] = XmlRpcDeleteRegionMethod; 104 availableMethods["admin_delete_region"] = XmlRpcDeleteRegionMethod;
105 availableMethods["admin_region_query"] = XmlRpcRegionQueryMethod;
105 availableMethods["admin_shutdown"] = XmlRpcShutdownMethod; 106 availableMethods["admin_shutdown"] = XmlRpcShutdownMethod;
106 availableMethods["admin_broadcast"] = XmlRpcAlertMethod; 107 availableMethods["admin_broadcast"] = XmlRpcAlertMethod;
107 availableMethods["admin_restart"] = XmlRpcRestartMethod; 108 availableMethods["admin_restart"] = XmlRpcRestartMethod;
108 availableMethods["admin_load_heightmap"] = XmlRpcLoadHeightmapMethod; 109 availableMethods["admin_load_heightmap"] = XmlRpcLoadHeightmapMethod;
110 // User management
109 availableMethods["admin_create_user"] = XmlRpcCreateUserMethod; 111 availableMethods["admin_create_user"] = XmlRpcCreateUserMethod;
110 availableMethods["admin_create_user_email"] = XmlRpcCreateUserMethod; 112 availableMethods["admin_create_user_email"] = XmlRpcCreateUserMethod;
111 availableMethods["admin_exists_user"] = XmlRpcUserExistsMethod; 113 availableMethods["admin_exists_user"] = XmlRpcUserExistsMethod;
112 availableMethods["admin_update_user"] = XmlRpcUpdateUserAccountMethod; 114 availableMethods["admin_update_user"] = XmlRpcUpdateUserAccountMethod;
115 // Region state management
113 availableMethods["admin_load_xml"] = XmlRpcLoadXMLMethod; 116 availableMethods["admin_load_xml"] = XmlRpcLoadXMLMethod;
114 availableMethods["admin_save_xml"] = XmlRpcSaveXMLMethod; 117 availableMethods["admin_save_xml"] = XmlRpcSaveXMLMethod;
115 availableMethods["admin_load_oar"] = XmlRpcLoadOARMethod; 118 availableMethods["admin_load_oar"] = XmlRpcLoadOARMethod;
116 availableMethods["admin_save_oar"] = XmlRpcSaveOARMethod; 119 availableMethods["admin_save_oar"] = XmlRpcSaveOARMethod;
117 availableMethods["admin_region_query"] = XmlRpcRegionQueryMethod; 120 // Estate access list management
121 availableMethods["admin_acl_clear"] = XmlRpcAccessListClear;
122 availableMethods["admin_acl_add"] = XmlRpcAccessListAdd;
123 availableMethods["admin_acl_remove"] = XmlRpcAccessListRemove;
124 availableMethods["admin_acl_list"] = XmlRpcAccessListList;
118 125
119 // Either enable full remote functionality or just selected features 126 // Either enable full remote functionality or just selected features
120 string enabledMethods = m_config.GetString("enabled_methods", "all"); 127 string enabledMethods = m_config.GetString("enabled_methods", "all");
@@ -1496,8 +1503,287 @@ namespace OpenSim.ApplicationPlugins.RemoteController
1496 return response; 1503 return response;
1497 } 1504 }
1498 1505
1506 public XmlRpcResponse XmlRpcAccessListClear(XmlRpcRequest request)
1507 {
1508
1509 m_log.Info("[RADMIN]: Received Access List Clear Request");
1510 XmlRpcResponse response = new XmlRpcResponse();
1511 Hashtable responseData = new Hashtable();
1512
1513 try
1514 {
1515 responseData["success"] = "true";
1516
1517 Hashtable requestData = (Hashtable) request.Params[0];
1518
1519 if (!requestData.Contains("password"))
1520 throw new Exception(String.Format("missing required parameter"));
1521 if (!String.IsNullOrEmpty(requiredPassword) &&
1522 (string) requestData["password"] != requiredPassword) throw new Exception("wrong password");
1523
1524 if (requestData.Contains("region_uuid"))
1525 {
1526 UUID region_uuid = (UUID) (string) requestData["region_uuid"];
1527 if (!m_app.SceneManager.TrySetCurrentScene(region_uuid))
1528 throw new Exception(String.Format("failed to switch to region {0}", region_uuid.ToString()));
1529 m_log.InfoFormat("[RADMIN] Switched to region {0}", region_uuid.ToString());
1530 }
1531 else if (requestData.Contains("region_name"))
1532 {
1533 string region_name = (string) requestData["region_name"];
1534 if (!m_app.SceneManager.TrySetCurrentScene(region_name))
1535 throw new Exception(String.Format("failed to switch to region {0}", region_name));
1536 m_log.InfoFormat("[RADMIN] Switched to region {0}", region_name);
1537 }
1538 else throw new Exception("neither region_name nor region_uuid given");
1539
1540 Scene s = m_app.SceneManager.CurrentScene;
1541 s.RegionInfo.EstateSettings.EstateAccess = new UUID[]{};
1542
1543 }
1544 catch (Exception e)
1545 {
1546 m_log.InfoFormat("[RADMIN] Access List Clear Request: {0}", e.Message);
1547
1548 responseData["success"] = "false";
1549 responseData["error"] = e.Message;
1550
1551 }
1552 finally
1553 {
1554 response.Value = responseData;
1555 }
1556
1557 m_log.Info("[RADMIN]: Access List Clear Request complete");
1558 return response;
1559 }
1560
1561 public XmlRpcResponse XmlRpcAccessListAdd(XmlRpcRequest request)
1562 {
1563
1564 m_log.Info("[RADMIN]: Received Access List Add Request");
1565 XmlRpcResponse response = new XmlRpcResponse();
1566 Hashtable responseData = new Hashtable();
1567
1568 try
1569 {
1570 responseData["success"] = "true";
1571
1572 Hashtable requestData = (Hashtable) request.Params[0];
1573
1574 if (!requestData.Contains("password"))
1575 throw new Exception(String.Format("missing required parameter"));
1576 if (!String.IsNullOrEmpty(requiredPassword) &&
1577 (string) requestData["password"] != requiredPassword) throw new Exception("wrong password");
1578
1579 if (requestData.Contains("region_uuid"))
1580 {
1581 UUID region_uuid = (UUID) (string) requestData["region_uuid"];
1582 if (!m_app.SceneManager.TrySetCurrentScene(region_uuid))
1583 throw new Exception(String.Format("failed to switch to region {0}", region_uuid.ToString()));
1584 m_log.InfoFormat("[RADMIN] Switched to region {0}", region_uuid.ToString());
1585 }
1586 else if (requestData.Contains("region_name"))
1587 {
1588 string region_name = (string) requestData["region_name"];
1589 if (!m_app.SceneManager.TrySetCurrentScene(region_name))
1590 throw new Exception(String.Format("failed to switch to region {0}", region_name));
1591 m_log.InfoFormat("[RADMIN] Switched to region {0}", region_name);
1592 }
1593 else throw new Exception("neither region_name nor region_uuid given");
1594
1595 int addk = 0;
1596
1597 if(requestData.Contains("users"))
1598 {
1599 UserProfileCacheService ups = m_app.CommunicationsManager.UserProfileCacheService;
1600 Scene s = m_app.SceneManager.CurrentScene;
1601 Hashtable users = (Hashtable) requestData["users"];
1602 List<UUID> uuids = new List<UUID>();
1603 foreach(string name in users.Values)
1604 {
1605 string[] parts = name.Split();
1606 uuids.Add(ups.GetUserDetails(parts[0],parts[1]).UserProfile.ID);
1607 }
1608 List<UUID> acl = new List<UUID>(s.RegionInfo.EstateSettings.EstateAccess);
1609 foreach(UUID uuid in uuids)
1610 {
1611 if(!acl.Contains(uuid))
1612 {
1613 acl.Add(uuid);
1614 addk++;
1615 }
1616 }
1617 s.RegionInfo.EstateSettings.EstateAccess = acl.ToArray();
1618 }
1619
1620 responseData["added"] = addk;
1621
1622 }
1623 catch (Exception e)
1624 {
1625 m_log.InfoFormat("[RADMIN] Access List Add Request: {0}", e.Message);
1626
1627 responseData["success"] = "false";
1628 responseData["error"] = e.Message;
1629
1630 }
1631 finally
1632 {
1633 response.Value = responseData;
1634 }
1635
1636 m_log.Info("[RADMIN]: Access List Add Request complete");
1637 return response;
1638 }
1639
1640 public XmlRpcResponse XmlRpcAccessListRemove(XmlRpcRequest request)
1641 {
1642
1643 m_log.Info("[RADMIN]: Received Access List Remove Request");
1644 XmlRpcResponse response = new XmlRpcResponse();
1645 Hashtable responseData = new Hashtable();
1646
1647 try
1648 {
1649 responseData["success"] = "true";
1650
1651 Hashtable requestData = (Hashtable) request.Params[0];
1652
1653 if (!requestData.Contains("password"))
1654 throw new Exception(String.Format("missing required parameter"));
1655 if (!String.IsNullOrEmpty(requiredPassword) &&
1656 (string) requestData["password"] != requiredPassword) throw new Exception("wrong password");
1657
1658 if (requestData.Contains("region_uuid"))
1659 {
1660 UUID region_uuid = (UUID) (string) requestData["region_uuid"];
1661 if (!m_app.SceneManager.TrySetCurrentScene(region_uuid))
1662 throw new Exception(String.Format("failed to switch to region {0}", region_uuid.ToString()));
1663 m_log.InfoFormat("[RADMIN] Switched to region {0}", region_uuid.ToString());
1664 }
1665 else if (requestData.Contains("region_name"))
1666 {
1667 string region_name = (string) requestData["region_name"];
1668 if (!m_app.SceneManager.TrySetCurrentScene(region_name))
1669 throw new Exception(String.Format("failed to switch to region {0}", region_name));
1670 m_log.InfoFormat("[RADMIN] Switched to region {0}", region_name);
1671 }
1672 else throw new Exception("neither region_name nor region_uuid given");
1673
1674 int remk = 0;
1675
1676 if(requestData.Contains("users"))
1677 {
1678 UserProfileCacheService ups = m_app.CommunicationsManager.UserProfileCacheService;
1679 Scene s = m_app.SceneManager.CurrentScene;
1680 Hashtable users = (Hashtable) requestData["users"];
1681 List<UUID> uuids = new List<UUID>();
1682 foreach(string name in users.Values)
1683 {
1684 string[] parts = name.Split();
1685 uuids.Add(ups.GetUserDetails(parts[0],parts[1]).UserProfile.ID);
1686 }
1687 List<UUID> acl = new List<UUID>(s.RegionInfo.EstateSettings.EstateAccess);
1688 foreach(UUID uuid in uuids)
1689 {
1690 if(acl.Contains(uuid))
1691 {
1692 acl.Remove(uuid);
1693 remk++;
1694 }
1695 }
1696 s.RegionInfo.EstateSettings.EstateAccess = acl.ToArray();
1697 }
1698
1699 responseData["added"] = remk;
1700
1701
1702 }
1703 catch (Exception e)
1704 {
1705 m_log.InfoFormat("[RADMIN] Access List Remove Request: {0}", e.Message);
1706
1707 responseData["success"] = "false";
1708 responseData["error"] = e.Message;
1709
1710 }
1711 finally
1712 {
1713 response.Value = responseData;
1714 }
1715
1716 m_log.Info("[RADMIN]: Access List Remove Request complete");
1717 return response;
1718 }
1719
1720 public XmlRpcResponse XmlRpcAccessListList(XmlRpcRequest request)
1721 {
1722
1723 m_log.Info("[RADMIN]: Received Access List List Request");
1724 XmlRpcResponse response = new XmlRpcResponse();
1725 Hashtable responseData = new Hashtable();
1726
1727 try
1728 {
1729 responseData["success"] = "true";
1730
1731 Hashtable requestData = (Hashtable) request.Params[0];
1732
1733 if (!requestData.Contains("password"))
1734 throw new Exception(String.Format("missing required parameter"));
1735 if (!String.IsNullOrEmpty(requiredPassword) &&
1736 (string) requestData["password"] != requiredPassword) throw new Exception("wrong password");
1737
1738 if (requestData.Contains("region_uuid"))
1739 {
1740 UUID region_uuid = (UUID) (string) requestData["region_uuid"];
1741 if (!m_app.SceneManager.TrySetCurrentScene(region_uuid))
1742 throw new Exception(String.Format("failed to switch to region {0}", region_uuid.ToString()));
1743 m_log.InfoFormat("[RADMIN] Switched to region {0}", region_uuid.ToString());
1744 }
1745 else if (requestData.Contains("region_name"))
1746 {
1747 string region_name = (string) requestData["region_name"];
1748 if (!m_app.SceneManager.TrySetCurrentScene(region_name))
1749 throw new Exception(String.Format("failed to switch to region {0}", region_name));
1750 m_log.InfoFormat("[RADMIN] Switched to region {0}", region_name);
1751 }
1752 else throw new Exception("neither region_name nor region_uuid given");
1753
1754 Scene s = m_app.SceneManager.CurrentScene;
1755 UUID[] acl = s.RegionInfo.EstateSettings.EstateAccess;
1756 Hashtable users = new Hashtable();
1757
1758 foreach(UUID user in acl)
1759 {
1760 users[user.ToString()] =
1761 m_app.CommunicationsManager.UserProfileCacheService.GetUserDetails(user).UserProfile.Name;
1762 }
1763
1764 responseData["users"] = users;
1765
1766 }
1767 catch (Exception e)
1768 {
1769 m_log.InfoFormat("[RADMIN] Acces List List: {0}", e.Message);
1770
1771 responseData["success"] = "false";
1772 responseData["error"] = e.Message;
1773
1774 }
1775 finally
1776 {
1777 response.Value = responseData;
1778 }
1779
1780 m_log.Info("[RADMIN]: Access List List Request complete");
1781 return response;
1782 }
1783
1499 public void Dispose() 1784 public void Dispose()
1500 { 1785 {
1501 } 1786 }
1502 } 1787 }
1788
1503} 1789}
diff --git a/OpenSim/Framework/EstateSettings.cs b/OpenSim/Framework/EstateSettings.cs
index ff0445f..14bb9ef 100644
--- a/OpenSim/Framework/EstateSettings.cs
+++ b/OpenSim/Framework/EstateSettings.cs
@@ -358,6 +358,11 @@ namespace OpenSim.Framework
358 l_EstateBans.Remove(ban); 358 l_EstateBans.Remove(ban);
359 } 359 }
360 360
361 public bool HasAccess(UUID user)
362 {
363 return l_EstateAccess.Contains(user);
364 }
365
361 public void loadConfigurationOptions() 366 public void loadConfigurationOptions()
362 { 367 {
363 configMember.addConfigurationOption("billable_factor", 368 configMember.addConfigurationOption("billable_factor",
diff --git a/OpenSim/Region/Framework/Scenes/Scene.cs b/OpenSim/Region/Framework/Scenes/Scene.cs
index 70713c4..c7d32cc 100644
--- a/OpenSim/Region/Framework/Scenes/Scene.cs
+++ b/OpenSim/Region/Framework/Scenes/Scene.cs
@@ -1846,11 +1846,25 @@ namespace OpenSim.Region.Framework.Scenes
1846 1846
1847 public override void AddNewClient(IClientAPI client) 1847 public override void AddNewClient(IClientAPI client)
1848 { 1848 {
1849 if (m_regInfo.EstateSettings.IsBanned(client.AgentId)) 1849 bool welcome = true;
1850
1851 if(m_regInfo.EstateSettings.IsBanned(client.AgentId))
1850 { 1852 {
1851 m_log.WarnFormat("[CONNECTION BEGIN]: Denied access to: {0} ({1} {2}) at {3} because the user is on the banlist", 1853 m_log.WarnFormat("[CONNECTION BEGIN]: Denied access to: {0} ({1} {2}) at {3} because the user is on the banlist",
1852 client.AgentId, client.FirstName, client.LastName, RegionInfo.RegionName); 1854 client.AgentId, client.FirstName, client.LastName, RegionInfo.RegionName);
1853 client.SendAlertMessage("Denied access to region " + RegionInfo.RegionName + ". You have been banned from that region."); 1855 client.SendAlertMessage("Denied access to region " + RegionInfo.RegionName + ". You have been banned from that region.");
1856 welcome = false;
1857 }
1858 else if (!m_regInfo.EstateSettings.PublicAccess && !m_regInfo.EstateSettings.HasAccess(client.AgentId))
1859 {
1860 m_log.WarnFormat("[CONNECTION BEGIN]: Denied access to: {0} ({1} {2}) at {3} because the user does not have access",
1861 client.AgentId, client.FirstName, client.LastName, RegionInfo.RegionName);
1862 client.SendAlertMessage("Denied access to private region " + RegionInfo.RegionName + ". You do not have access to this region.");
1863 welcome = false;
1864 }
1865
1866 if(!welcome)
1867 {
1854 try 1868 try
1855 { 1869 {
1856 IEventQueue eq = RequestModuleInterface<IEventQueue>(); 1870 IEventQueue eq = RequestModuleInterface<IEventQueue>();
@@ -1867,50 +1881,52 @@ namespace OpenSim.Region.Framework.Scenes
1867 } 1881 }
1868 catch (Exception e) 1882 catch (Exception e)
1869 { 1883 {
1870 m_log.DebugFormat("[SCENE]: Exception while closing banned client {0} {1}: {2}", client.FirstName, client.LastName, e.Message); 1884 m_log.DebugFormat("[SCENE]: Exception while closing unwelcome client {0} {1}: {2}", client.FirstName, client.LastName, e.Message);
1871 } 1885 }
1872 } 1886 }
1887 else
1888 {
1889 SubscribeToClientEvents(client);
1890 ScenePresence presence;
1873 1891
1874 SubscribeToClientEvents(client); 1892 if (m_restorePresences.ContainsKey(client.AgentId))
1875 ScenePresence presence; 1893 {
1894 m_log.DebugFormat("[SCENE]: Restoring agent {0} {1} in {2}", client.Name, client.AgentId, RegionInfo.RegionName);
1876 1895
1877 if (m_restorePresences.ContainsKey(client.AgentId)) 1896 presence = m_restorePresences[client.AgentId];
1878 { 1897 m_restorePresences.Remove(client.AgentId);
1879 m_log.DebugFormat("[SCENE]: Restoring agent {0} {1} in {2}", client.Name, client.AgentId, RegionInfo.RegionName);
1880 1898
1881 presence = m_restorePresences[client.AgentId]; 1899 // This is one of two paths to create avatars that are
1882 m_restorePresences.Remove(client.AgentId); 1900 // used. This tends to get called more in standalone
1901 // than grid, not really sure why, but as such needs
1902 // an explicity appearance lookup here.
1903 AvatarAppearance appearance = null;
1904 GetAvatarAppearance(client, out appearance);
1905 presence.Appearance = appearance;
1883 1906
1884 // This is one of two paths to create avatars that are 1907 presence.initializeScenePresence(client, RegionInfo, this);
1885 // used. This tends to get called more in standalone
1886 // than grid, not really sure why, but as such needs
1887 // an explicity appearance lookup here.
1888 AvatarAppearance appearance = null;
1889 GetAvatarAppearance(client, out appearance);
1890 presence.Appearance = appearance;
1891 1908
1892 presence.initializeScenePresence(client, RegionInfo, this); 1909 m_sceneGraph.AddScenePresence(presence);
1893 1910
1894 m_sceneGraph.AddScenePresence(presence); 1911 lock (m_restorePresences)
1912 {
1913 Monitor.PulseAll(m_restorePresences);
1914 }
1915 }
1916 else
1917 {
1918 m_log.DebugFormat(
1919 "[SCENE]: Adding new child agent for {0} in {1}",
1920 client.Name, RegionInfo.RegionName);
1895 1921
1896 lock (m_restorePresences) 1922 CommsManager.UserProfileCacheService.AddNewUser(client.AgentId);
1897 {
1898 Monitor.PulseAll(m_restorePresences);
1899 }
1900 }
1901 else
1902 {
1903 m_log.DebugFormat(
1904 "[SCENE]: Adding new child agent for {0} in {1}",
1905 client.Name, RegionInfo.RegionName);
1906 1923
1907 CommsManager.UserProfileCacheService.AddNewUser(client.AgentId); 1924 CreateAndAddScenePresence(client);
1925 }
1908 1926
1909 CreateAndAddScenePresence(client); 1927 m_LastLogin = Environment.TickCount;
1928 EventManager.TriggerOnNewClient(client);
1910 } 1929 }
1911
1912 m_LastLogin = Environment.TickCount;
1913 EventManager.TriggerOnNewClient(client);
1914 } 1930 }
1915 1931
1916 protected virtual void SubscribeToClientEvents(IClientAPI client) 1932 protected virtual void SubscribeToClientEvents(IClientAPI client)