diff options
author | Melanie Thielker | 2009-06-09 08:15:34 +0000 |
---|---|---|
committer | Melanie Thielker | 2009-06-09 08:15:34 +0000 |
commit | 9c726fb178ce329e44fca9bca79a858f8a9ff4ae (patch) | |
tree | 042d781206ca828c44df463446e801c29e724dd8 | |
parent | From: Alan Webb <alan_webb@us.ibm.com> (diff) | |
download | opensim-SC_OLD-9c726fb178ce329e44fca9bca79a858f8a9ff4ae.zip opensim-SC_OLD-9c726fb178ce329e44fca9bca79a858f8a9ff4ae.tar.gz opensim-SC_OLD-9c726fb178ce329e44fca9bca79a858f8a9ff4ae.tar.bz2 opensim-SC_OLD-9c726fb178ce329e44fca9bca79a858f8a9ff4ae.tar.xz |
Thank you Snoopy, for a patch that implements group permissions.
Applied with changes:
- removed spammy debug message
- corrected tab formatting
Diffstat (limited to '')
-rw-r--r-- | OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs | 377 | ||||
-rw-r--r-- | OpenSim/Region/Framework/Scenes/Scene.Inventory.cs | 27 |
2 files changed, 264 insertions, 140 deletions
diff --git a/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs b/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs index 9298380..036c4b8 100644 --- a/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs +++ b/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs | |||
@@ -36,6 +36,56 @@ using OpenSim.Framework.Communications.Cache; | |||
36 | using OpenSim.Region.Framework.Interfaces; | 36 | using OpenSim.Region.Framework.Interfaces; |
37 | using OpenSim.Region.Framework.Scenes; | 37 | using OpenSim.Region.Framework.Scenes; |
38 | 38 | ||
39 | // Temporary fix of wrong GroupPowers constants in OpenMetaverse library | ||
40 | enum GroupPowers : long | ||
41 | { | ||
42 | None = 0, | ||
43 | LandEjectAndFreeze = 1, | ||
44 | Invite = 2, | ||
45 | ReturnGroupSet = 2, | ||
46 | Eject = 4, | ||
47 | ReturnNonGroup = 4, | ||
48 | ChangeOptions = 8, | ||
49 | LandGardening = 8, | ||
50 | CreateRole = 16, | ||
51 | DeedObject = 16, | ||
52 | ModerateChat = 32, | ||
53 | DeleteRole = 32, | ||
54 | RoleProperties = 64, | ||
55 | ObjectManipulate = 64, | ||
56 | ObjectSetForSale = 128, | ||
57 | AssignMemberLimited = 128, | ||
58 | AssignMember = 256, | ||
59 | Accountable = 256, | ||
60 | RemoveMember = 512, | ||
61 | SendNotices = 1024, | ||
62 | ChangeActions = 1024, | ||
63 | ChangeIdentity = 2048, | ||
64 | ReceiveNotices = 2048, | ||
65 | StartProposal = 4096, | ||
66 | LandDeed = 4096, | ||
67 | VoteOnProposal = 8192, | ||
68 | LandRelease = 8192, | ||
69 | LandSetSale = 16384, | ||
70 | LandDivideJoin = 32768, | ||
71 | ReturnGroupOwned = 65536, | ||
72 | JoinChat = 65536, | ||
73 | FindPlaces = 131072, | ||
74 | LandChangeIdentity = 262144, | ||
75 | SetLandingPoint = 524288, | ||
76 | ChangeMedia = 1048576, | ||
77 | LandEdit = 2097152, | ||
78 | LandOptions = 4194304, | ||
79 | AllowEditLand = 8388608, | ||
80 | AllowFly = 16777216, | ||
81 | AllowRez = 33554432, | ||
82 | AllowLandmark = 67108864, | ||
83 | AllowVoiceChat = 134217728, | ||
84 | AllowSetHome = 268435456, | ||
85 | LandManageAllowed = 536870912, | ||
86 | LandManageBanned = 1073741824 | ||
87 | } | ||
88 | |||
39 | namespace OpenSim.Region.CoreModules.World.Permissions | 89 | namespace OpenSim.Region.CoreModules.World.Permissions |
40 | { | 90 | { |
41 | public class PermissionsModule : IRegionModule | 91 | public class PermissionsModule : IRegionModule |
@@ -62,7 +112,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
62 | All, | 112 | All, |
63 | Administrators | 113 | Administrators |
64 | }; | 114 | }; |
65 | 115 | ||
66 | #endregion | 116 | #endregion |
67 | 117 | ||
68 | #region Bypass Permissions / Debug Permissions Stuff | 118 | #region Bypass Permissions / Debug Permissions Stuff |
@@ -192,38 +242,38 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
192 | HandleDebugPermissions); | 242 | HandleDebugPermissions); |
193 | 243 | ||
194 | 244 | ||
195 | string grant = myConfig.GetString("GrantLSL",""); | 245 | string grant = myConfig.GetString("GrantLSL",""); |
196 | if(grant.Length > 0) { | 246 | if(grant.Length > 0) { |
197 | foreach (string uuidl in grant.Split(',')) { | 247 | foreach (string uuidl in grant.Split(',')) { |
198 | string uuid = uuidl.Trim(" \t".ToCharArray()); | 248 | string uuid = uuidl.Trim(" \t".ToCharArray()); |
199 | GrantLSL.Add(uuid, true); | 249 | GrantLSL.Add(uuid, true); |
200 | } | 250 | } |
201 | } | 251 | } |
202 | 252 | ||
203 | grant = myConfig.GetString("GrantCS",""); | 253 | grant = myConfig.GetString("GrantCS",""); |
204 | if(grant.Length > 0) { | 254 | if(grant.Length > 0) { |
205 | foreach (string uuidl in grant.Split(',')) { | 255 | foreach (string uuidl in grant.Split(',')) { |
206 | string uuid = uuidl.Trim(" \t".ToCharArray()); | 256 | string uuid = uuidl.Trim(" \t".ToCharArray()); |
207 | GrantCS.Add(uuid, true); | 257 | GrantCS.Add(uuid, true); |
208 | } | 258 | } |
209 | } | 259 | } |
210 | 260 | ||
211 | grant = myConfig.GetString("GrantVB",""); | 261 | grant = myConfig.GetString("GrantVB",""); |
212 | if(grant.Length > 0) { | 262 | if(grant.Length > 0) { |
213 | foreach (string uuidl in grant.Split(',')) { | 263 | foreach (string uuidl in grant.Split(',')) { |
214 | string uuid = uuidl.Trim(" \t".ToCharArray()); | 264 | string uuid = uuidl.Trim(" \t".ToCharArray()); |
215 | GrantVB.Add(uuid, true); | 265 | GrantVB.Add(uuid, true); |
216 | } | 266 | } |
217 | } | 267 | } |
218 | 268 | ||
219 | grant = myConfig.GetString("GrantJS",""); | 269 | grant = myConfig.GetString("GrantJS",""); |
220 | if(grant.Length > 0) { | 270 | if(grant.Length > 0) { |
221 | foreach (string uuidl in grant.Split(',')) { | 271 | foreach (string uuidl in grant.Split(',')) { |
222 | string uuid = uuidl.Trim(" \t".ToCharArray()); | 272 | string uuid = uuidl.Trim(" \t".ToCharArray()); |
223 | GrantJS.Add(uuid, true); | 273 | GrantJS.Add(uuid, true); |
224 | } | 274 | } |
225 | } | 275 | } |
226 | 276 | ||
227 | } | 277 | } |
228 | 278 | ||
229 | public void HandleBypassPermissions(string module, string[] args) | 279 | public void HandleBypassPermissions(string module, string[] args) |
@@ -328,7 +378,17 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
328 | if (m_debugPermissions) | 378 | if (m_debugPermissions) |
329 | m_log.Debug("[PERMISSIONS]: " + permissionCalled + " was called from " + m_scene.RegionInfo.RegionName); | 379 | m_log.Debug("[PERMISSIONS]: " + permissionCalled + " was called from " + m_scene.RegionInfo.RegionName); |
330 | } | 380 | } |
331 | 381 | ||
382 | // Checks if the given group is active and if the user is a group member | ||
383 | // with the powers requested (powers = 0 for no powers check) | ||
384 | protected bool IsGroupMember(UUID groupID, UUID userID, ulong powers) | ||
385 | { | ||
386 | IClientAPI client = m_scene.GetScenePresence(userID).ControllingClient; | ||
387 | |||
388 | return ((groupID == client.ActiveGroupId) && (client.ActiveGroupPowers != 0) && | ||
389 | ((powers == 0) || ((client.ActiveGroupPowers & powers) == powers))); | ||
390 | } | ||
391 | |||
332 | /// <summary> | 392 | /// <summary> |
333 | /// Parse a user set configuration setting | 393 | /// Parse a user set configuration setting |
334 | /// </summary> | 394 | /// </summary> |
@@ -371,6 +431,8 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
371 | /// <returns></returns> | 431 | /// <returns></returns> |
372 | protected bool IsAdministrator(UUID user) | 432 | protected bool IsAdministrator(UUID user) |
373 | { | 433 | { |
434 | if (user == UUID.Zero) return false; | ||
435 | |||
374 | if (m_scene.RegionInfo.MasterAvatarAssignedUUID != UUID.Zero) | 436 | if (m_scene.RegionInfo.MasterAvatarAssignedUUID != UUID.Zero) |
375 | { | 437 | { |
376 | if (m_RegionOwnerIsGod && (m_scene.RegionInfo.MasterAvatarAssignedUUID == user)) | 438 | if (m_RegionOwnerIsGod && (m_scene.RegionInfo.MasterAvatarAssignedUUID == user)) |
@@ -391,10 +453,6 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
391 | if (profile.UserProfile.GodLevel >= 200) | 453 | if (profile.UserProfile.GodLevel >= 200) |
392 | return true; | 454 | return true; |
393 | } | 455 | } |
394 | //else | ||
395 | //{ | ||
396 | // m_log.ErrorFormat("[PERMISSIONS]: Could not find user {0} for administrator check", user); | ||
397 | //} | ||
398 | } | 456 | } |
399 | 457 | ||
400 | return false; | 458 | return false; |
@@ -402,6 +460,8 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
402 | 460 | ||
403 | protected bool IsEstateManager(UUID user) | 461 | protected bool IsEstateManager(UUID user) |
404 | { | 462 | { |
463 | if (user == UUID.Zero) return false; | ||
464 | |||
405 | return m_scene.RegionInfo.EstateSettings.IsEstateManager(user); | 465 | return m_scene.RegionInfo.EstateSettings.IsEstateManager(user); |
406 | } | 466 | } |
407 | #endregion | 467 | #endregion |
@@ -473,57 +533,39 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
473 | objectOwnerMask |= (uint)PrimFlags.ObjectYouOwner | (uint)PrimFlags.ObjectAnyOwner | (uint)PrimFlags.ObjectOwnerModify; | 533 | objectOwnerMask |= (uint)PrimFlags.ObjectYouOwner | (uint)PrimFlags.ObjectAnyOwner | (uint)PrimFlags.ObjectOwnerModify; |
474 | 534 | ||
475 | // Customize the GroupMask | 535 | // Customize the GroupMask |
476 | // uint objectGroupMask = ApplyObjectModifyMasks(task.GroupMask, objflags); | 536 | uint objectGroupMask = ApplyObjectModifyMasks(task.GroupMask, objflags); |
477 | 537 | ||
478 | // Customize the EveryoneMask | 538 | // Customize the EveryoneMask |
479 | uint objectEveryoneMask = ApplyObjectModifyMasks(task.EveryoneMask, objflags); | 539 | uint objectEveryoneMask = ApplyObjectModifyMasks(task.EveryoneMask, objflags); |
480 | 540 | ||
481 | |||
482 | // Hack to allow collaboration until Groups and Group Permissions are implemented | ||
483 | if ((objectEveryoneMask & (uint)PrimFlags.ObjectMove) != 0) | ||
484 | objectEveryoneMask |= (uint)PrimFlags.ObjectModify; | ||
485 | |||
486 | if (m_bypassPermissions) | 541 | if (m_bypassPermissions) |
487 | return objectOwnerMask; | 542 | return objectOwnerMask; |
488 | 543 | ||
489 | // Object owners should be able to edit their own content | 544 | // Object owners should be able to edit their own content |
490 | if (user == objectOwner) | 545 | if (user == objectOwner) |
491 | { | ||
492 | return objectOwnerMask; | 546 | return objectOwnerMask; |
493 | } | ||
494 | |||
495 | //// Users should be able to edit what is over their land. | ||
496 | //ILandObject parcel = m_scene.LandChannel.GetLandObject(task.AbsolutePosition.X, task.AbsolutePosition.Y); | ||
497 | //if (parcel != null && parcel.landData.OwnerID == user && m_ParcelOwnerIsGod) | ||
498 | // return objectOwnerMask; | ||
499 | |||
500 | //// Admin objects should not be editable by the above | ||
501 | //if (IsAdministrator(objectOwner)) | ||
502 | // return objectEveryoneMask; | ||
503 | 547 | ||
504 | // Estate users should be able to edit anything in the sim | 548 | // Estate users should be able to edit anything in the sim |
505 | if (IsEstateManager(user) && m_RegionOwnerIsGod && (!IsAdministrator(objectOwner))) | 549 | if (IsEstateManager(user) && m_RegionOwnerIsGod && !IsAdministrator(objectOwner)) |
506 | return objectOwnerMask; | 550 | return objectOwnerMask; |
507 | 551 | ||
508 | // Admin should be able to edit anything in the sim (including admin objects) | 552 | // Admin should be able to edit anything in the sim (including admin objects) |
509 | if (IsAdministrator(user)) | 553 | if (IsAdministrator(user)) |
510 | return objectOwnerMask; | 554 | return objectOwnerMask; |
511 | 555 | ||
512 | // Users should be able to edit what is over their land. | 556 | // Users should be able to edit what is over their land. |
513 | ILandObject parcel = m_scene.LandChannel.GetLandObject(task.AbsolutePosition.X, task.AbsolutePosition.Y); | 557 | ILandObject parcel = m_scene.LandChannel.GetLandObject(task.AbsolutePosition.X, task.AbsolutePosition.Y); |
514 | if (parcel != null && parcel.landData.OwnerID == user && m_ParcelOwnerIsGod) | 558 | if (parcel != null && parcel.landData.OwnerID == user && m_ParcelOwnerIsGod) |
515 | { | 559 | { |
516 | uint responseMask = objectOwnerMask; | ||
517 | |||
518 | // Admin objects should not be editable by the above | 560 | // Admin objects should not be editable by the above |
519 | if (IsAdministrator(objectOwner)) | 561 | if (!IsAdministrator(objectOwner)) |
520 | { | 562 | return objectOwnerMask; |
521 | responseMask = objectEveryoneMask; | ||
522 | } | ||
523 | |||
524 | return responseMask; | ||
525 | } | 563 | } |
526 | 564 | ||
565 | // Group permissions | ||
566 | if ( ( task.GroupID != UUID.Zero) && IsGroupMember(task.GroupID, user, 0) ) | ||
567 | return objectGroupMask; | ||
568 | |||
527 | return objectEveryoneMask; | 569 | return objectEveryoneMask; |
528 | } | 570 | } |
529 | 571 | ||
@@ -607,6 +649,13 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
607 | permission = false; | 649 | permission = false; |
608 | } | 650 | } |
609 | 651 | ||
652 | // Group members should be able to edit group objects | ||
653 | if ( (group.GroupID != UUID.Zero) && ((m_scene.GetSceneObjectPart(objId).GroupMask & (uint)PermissionMask.Modify) != 0) && IsGroupMember(group.GroupID, currentUser, 0) ) | ||
654 | { | ||
655 | // Return immediately, so that the administrator can shares group objects | ||
656 | return true; | ||
657 | } | ||
658 | |||
610 | // Users should be able to edit what is over their land. | 659 | // Users should be able to edit what is over their land. |
611 | ILandObject parcel = m_scene.LandChannel.GetLandObject(group.AbsolutePosition.X, group.AbsolutePosition.Y); | 660 | ILandObject parcel = m_scene.LandChannel.GetLandObject(group.AbsolutePosition.X, group.AbsolutePosition.Y); |
612 | if ((parcel != null) && (parcel.landData.OwnerID == currentUser)) | 661 | if ((parcel != null) && (parcel.landData.OwnerID == currentUser)) |
@@ -673,7 +722,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
673 | return permission; | 722 | return permission; |
674 | } | 723 | } |
675 | 724 | ||
676 | protected bool GenericParcelPermission(UUID user, ILandObject parcel) | 725 | protected bool GenericParcelPermission(UUID user, ILandObject parcel, ulong groupPowers) |
677 | { | 726 | { |
678 | bool permission = false; | 727 | bool permission = false; |
679 | 728 | ||
@@ -682,9 +731,9 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
682 | permission = true; | 731 | permission = true; |
683 | } | 732 | } |
684 | 733 | ||
685 | if (parcel.landData.IsGroupOwned) | 734 | if( ( parcel.landData.GroupID != UUID.Zero) && IsGroupMember(parcel.landData.GroupID, user, groupPowers) ) |
686 | { | 735 | { |
687 | // TODO: Need to do some extra checks here. Requires group code. | 736 | permission = true; |
688 | } | 737 | } |
689 | 738 | ||
690 | if (IsEstateManager(user)) | 739 | if (IsEstateManager(user)) |
@@ -699,12 +748,39 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
699 | 748 | ||
700 | return permission; | 749 | return permission; |
701 | } | 750 | } |
751 | |||
752 | protected bool GenericParcelOwnerPermission(UUID user, ILandObject parcel, ulong groupPowers) | ||
753 | { | ||
754 | bool permission = false; | ||
755 | |||
756 | if (parcel.landData.OwnerID == user) | ||
757 | { | ||
758 | permission = true; | ||
759 | } | ||
760 | |||
761 | if( parcel.landData.IsGroupOwned && IsGroupMember(parcel.landData.GroupID, user, groupPowers) ) | ||
762 | { | ||
763 | permission = true; | ||
764 | } | ||
765 | |||
766 | if (IsEstateManager(user)) | ||
767 | { | ||
768 | permission = true; | ||
769 | } | ||
702 | 770 | ||
703 | protected bool GenericParcelPermission(UUID user, Vector3 pos) | 771 | if (IsAdministrator(user)) |
772 | { | ||
773 | permission = true; | ||
774 | } | ||
775 | |||
776 | return permission; | ||
777 | } | ||
778 | |||
779 | protected bool GenericParcelPermission(UUID user, Vector3 pos, ulong groupPowers) | ||
704 | { | 780 | { |
705 | ILandObject parcel = m_scene.LandChannel.GetLandObject(pos.X, pos.Y); | 781 | ILandObject parcel = m_scene.LandChannel.GetLandObject(pos.X, pos.Y); |
706 | if (parcel == null) return false; | 782 | if (parcel == null) return false; |
707 | return GenericParcelPermission(user, parcel); | 783 | return GenericParcelPermission(user, parcel, groupPowers); |
708 | } | 784 | } |
709 | #endregion | 785 | #endregion |
710 | 786 | ||
@@ -713,8 +789,8 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
713 | { | 789 | { |
714 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | 790 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
715 | if (m_bypassPermissions) return m_bypassPermissionsValue; | 791 | if (m_bypassPermissions) return m_bypassPermissionsValue; |
716 | 792 | ||
717 | return GenericParcelPermission(user, parcel); | 793 | return GenericParcelOwnerPermission(user, parcel, (ulong)GroupPowers.LandRelease); |
718 | } | 794 | } |
719 | 795 | ||
720 | private bool CanReclaimParcel(UUID user, ILandObject parcel, Scene scene) | 796 | private bool CanReclaimParcel(UUID user, ILandObject parcel, Scene scene) |
@@ -722,7 +798,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
722 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | 798 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
723 | if (m_bypassPermissions) return m_bypassPermissionsValue; | 799 | if (m_bypassPermissions) return m_bypassPermissionsValue; |
724 | 800 | ||
725 | return GenericParcelPermission(user, parcel); | 801 | return GenericParcelOwnerPermission(user, parcel, 0); |
726 | } | 802 | } |
727 | 803 | ||
728 | private bool CanDeedParcel(UUID user, ILandObject parcel, Scene scene) | 804 | private bool CanDeedParcel(UUID user, ILandObject parcel, Scene scene) |
@@ -736,10 +812,10 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
736 | ScenePresence sp = scene.GetScenePresence(user); | 812 | ScenePresence sp = scene.GetScenePresence(user); |
737 | IClientAPI client = sp.ControllingClient; | 813 | IClientAPI client = sp.ControllingClient; |
738 | 814 | ||
739 | if ((client.GetGroupPowers(parcel.landData.GroupID) & (long)GroupPowers.LandDeed) == 0) | 815 | if ((client.GetGroupPowers(parcel.landData.GroupID) & (ulong)GroupPowers.LandDeed) == 0) |
740 | return false; | 816 | return false; |
741 | 817 | ||
742 | return GenericParcelPermission(user, parcel); | 818 | return GenericParcelOwnerPermission(user, parcel, (ulong)GroupPowers.LandDeed); |
743 | } | 819 | } |
744 | 820 | ||
745 | private bool IsGod(UUID user, Scene scene) | 821 | private bool IsGod(UUID user, Scene scene) |
@@ -760,17 +836,23 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
760 | //They can't even edit the object | 836 | //They can't even edit the object |
761 | return false; | 837 | return false; |
762 | } | 838 | } |
763 | 839 | ||
764 | SceneObjectPart part = scene.GetSceneObjectPart(objectID); | 840 | SceneObjectPart part = scene.GetSceneObjectPart(objectID); |
765 | if (part == null) | 841 | if (part == null) |
766 | return false; | 842 | return false; |
767 | 843 | ||
768 | if ((part.OwnerMask & PERM_COPY) == 0) | 844 | if (part.OwnerID == owner) |
769 | return false; | 845 | return ((part.OwnerMask & PERM_COPY) != 0); |
770 | 846 | ||
771 | if ((part.ParentGroup.GetEffectivePermissions() & PERM_COPY) == 0) | 847 | if (part.GroupID != UUID.Zero) |
772 | return false; | 848 | { |
849 | if ((part.OwnerID == UUID.Zero) && ((owner != part.LastOwnerID) || ((part.GroupMask & PERM_TRANS) == 0))) | ||
850 | return false; | ||
773 | 851 | ||
852 | if ((part.GroupMask & PERM_COPY) == 0) | ||
853 | return false; | ||
854 | } | ||
855 | |||
774 | //If they can rez, they can duplicate | 856 | //If they can rez, they can duplicate |
775 | return CanRezObject(objectCount, owner, objectPosition, scene); | 857 | return CanRezObject(objectCount, owner, objectPosition, scene); |
776 | } | 858 | } |
@@ -807,11 +889,6 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
807 | part = m_scene.GetSceneObjectPart(objectID); | 889 | part = m_scene.GetSceneObjectPart(objectID); |
808 | } | 890 | } |
809 | 891 | ||
810 | // TODO: add group support! | ||
811 | // | ||
812 | if (part.OwnerID != editorID) | ||
813 | return false; | ||
814 | |||
815 | return GenericObjectPermission(editorID, objectID, false); | 892 | return GenericObjectPermission(editorID, objectID, false); |
816 | } | 893 | } |
817 | 894 | ||
@@ -820,7 +897,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
820 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | 897 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
821 | if (m_bypassPermissions) return m_bypassPermissionsValue; | 898 | if (m_bypassPermissions) return m_bypassPermissionsValue; |
822 | 899 | ||
823 | return GenericParcelPermission(user, parcel); | 900 | return GenericParcelOwnerPermission(user, parcel, (ulong)GroupPowers.LandDivideJoin); |
824 | } | 901 | } |
825 | 902 | ||
826 | /// <summary> | 903 | /// <summary> |
@@ -901,10 +978,19 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
901 | return false; | 978 | return false; |
902 | 979 | ||
903 | if (part.OwnerID != user) | 980 | if (part.OwnerID != user) |
904 | return false; | 981 | { |
982 | if (part.GroupID == UUID.Zero) | ||
983 | return false; | ||
905 | 984 | ||
906 | if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0) | 985 | if( !IsGroupMember(part.GroupID, user, 0) ) |
986 | return false; | ||
987 | |||
988 | if ((part.GroupMask & (uint)PermissionMask.Modify) == 0) | ||
989 | return false; | ||
990 | } else { | ||
991 | if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0) | ||
907 | return false; | 992 | return false; |
993 | } | ||
908 | 994 | ||
909 | TaskInventoryItem ti = part.Inventory.GetInventoryItem(notecard); | 995 | TaskInventoryItem ti = part.Inventory.GetInventoryItem(notecard); |
910 | 996 | ||
@@ -912,7 +998,13 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
912 | return false; | 998 | return false; |
913 | 999 | ||
914 | if (ti.OwnerID != user) | 1000 | if (ti.OwnerID != user) |
1001 | { | ||
1002 | if (ti.GroupID == UUID.Zero) | ||
1003 | return false; | ||
1004 | |||
1005 | if( !IsGroupMember(ti.GroupID, user, 0) ) | ||
915 | return false; | 1006 | return false; |
1007 | } | ||
916 | 1008 | ||
917 | // Require full perms | 1009 | // Require full perms |
918 | if ((ti.CurrentPermissions & | 1010 | if ((ti.CurrentPermissions & |
@@ -1084,8 +1176,6 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1084 | return true; | 1176 | return true; |
1085 | } | 1177 | } |
1086 | 1178 | ||
1087 | //TODO: check for group rights | ||
1088 | |||
1089 | if (!m_scene.Entities.ContainsKey(objectID)) | 1179 | if (!m_scene.Entities.ContainsKey(objectID)) |
1090 | { | 1180 | { |
1091 | return false; | 1181 | return false; |
@@ -1098,7 +1188,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1098 | } | 1188 | } |
1099 | 1189 | ||
1100 | 1190 | ||
1101 | if (GenericParcelPermission(task.OwnerID, newPoint)) | 1191 | if (GenericParcelPermission(task.OwnerID, newPoint, 0)) |
1102 | { | 1192 | { |
1103 | return true; | 1193 | return true; |
1104 | } | 1194 | } |
@@ -1129,14 +1219,13 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1129 | (int)Parcel.ParcelFlags.CreateObjects) | 1219 | (int)Parcel.ParcelFlags.CreateObjects) |
1130 | permission = true; | 1220 | permission = true; |
1131 | 1221 | ||
1132 | //TODO: check for group rights | ||
1133 | |||
1134 | if (IsAdministrator(owner)) | 1222 | if (IsAdministrator(owner)) |
1135 | { | 1223 | { |
1136 | permission = true; | 1224 | permission = true; |
1137 | } | 1225 | } |
1138 | 1226 | ||
1139 | if (GenericParcelPermission(owner, objectPosition)) | 1227 | // Powers are zero, because GroupPowers.AllowRez is not a precondition for rezzing objects |
1228 | if (GenericParcelPermission(owner, objectPosition, 0)) | ||
1140 | { | 1229 | { |
1141 | permission = true; | 1230 | permission = true; |
1142 | } | 1231 | } |
@@ -1166,7 +1255,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1166 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | 1255 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
1167 | if (m_bypassPermissions) return m_bypassPermissionsValue; | 1256 | if (m_bypassPermissions) return m_bypassPermissionsValue; |
1168 | 1257 | ||
1169 | return GenericParcelPermission(user, parcel); | 1258 | return GenericParcelOwnerPermission(user, parcel, (ulong)GroupPowers.LandSetSale); |
1170 | } | 1259 | } |
1171 | 1260 | ||
1172 | private bool CanTakeObject(UUID objectID, UUID stealer, Scene scene) | 1261 | private bool CanTakeObject(UUID objectID, UUID stealer, Scene scene) |
@@ -1182,7 +1271,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1182 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | 1271 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
1183 | if (m_bypassPermissions) return m_bypassPermissionsValue; | 1272 | if (m_bypassPermissions) return m_bypassPermissionsValue; |
1184 | 1273 | ||
1185 | bool permission = GenericObjectPermission(userID, objectID,false); | 1274 | bool permission = GenericObjectPermission(userID, objectID, false); |
1186 | if (!permission) | 1275 | if (!permission) |
1187 | { | 1276 | { |
1188 | if (!m_scene.Entities.ContainsKey(objectID)) | 1277 | if (!m_scene.Entities.ContainsKey(objectID)) |
@@ -1249,7 +1338,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1249 | return true; | 1338 | return true; |
1250 | 1339 | ||
1251 | // Land owner can terraform too | 1340 | // Land owner can terraform too |
1252 | if (parcel != null && GenericParcelPermission(user, parcel)) | 1341 | if (parcel != null && GenericParcelPermission(user, parcel, (ulong)GroupPowers.AllowEditLand)) |
1253 | return true; | 1342 | return true; |
1254 | 1343 | ||
1255 | return false; | 1344 | return false; |
@@ -1316,20 +1405,35 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1316 | 1405 | ||
1317 | if (part == null) | 1406 | if (part == null) |
1318 | return false; | 1407 | return false; |
1319 | 1408 | ||
1320 | if (part.OwnerID != user) | 1409 | if (part.OwnerID != user) |
1410 | { | ||
1411 | if (part.GroupID == UUID.Zero) | ||
1321 | return false; | 1412 | return false; |
1322 | 1413 | ||
1323 | if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0) | 1414 | if( !IsGroupMember(part.GroupID, user, 0) ) |
1324 | return false; | 1415 | return false; |
1416 | |||
1417 | if ((part.GroupMask & (uint)PermissionMask.Modify) == 0) | ||
1418 | return false; | ||
1419 | } else { | ||
1420 | if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0) | ||
1421 | return false; | ||
1422 | } | ||
1325 | 1423 | ||
1326 | TaskInventoryItem ti = part.Inventory.GetInventoryItem(script); | 1424 | TaskInventoryItem ti = part.Inventory.GetInventoryItem(script); |
1327 | 1425 | ||
1328 | if (ti == null) | 1426 | if (ti == null) |
1329 | return false; | 1427 | return false; |
1330 | 1428 | ||
1331 | if (ti.OwnerID != user) | 1429 | if (ti.OwnerID != user) |
1332 | return false; | 1430 | { |
1431 | if (ti.GroupID == UUID.Zero) | ||
1432 | return false; | ||
1433 | |||
1434 | if( !IsGroupMember(ti.GroupID, user, 0) ) | ||
1435 | return false; | ||
1436 | } | ||
1333 | 1437 | ||
1334 | // Require full perms | 1438 | // Require full perms |
1335 | if ((ti.CurrentPermissions & | 1439 | if ((ti.CurrentPermissions & |
@@ -1394,9 +1498,15 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1394 | 1498 | ||
1395 | if (part == null) | 1499 | if (part == null) |
1396 | return false; | 1500 | return false; |
1397 | 1501 | ||
1398 | if (part.OwnerID != user) | 1502 | if (part.OwnerID != user) |
1399 | return false; | 1503 | { |
1504 | if (part.GroupID == UUID.Zero) | ||
1505 | return false; | ||
1506 | |||
1507 | if( !IsGroupMember(part.GroupID, user, 0) ) | ||
1508 | return false; | ||
1509 | } | ||
1400 | 1510 | ||
1401 | if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0) | 1511 | if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0) |
1402 | return false; | 1512 | return false; |
@@ -1407,7 +1517,13 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1407 | return false; | 1517 | return false; |
1408 | 1518 | ||
1409 | if (ti.OwnerID != user) | 1519 | if (ti.OwnerID != user) |
1410 | return false; | 1520 | { |
1521 | if (ti.GroupID == UUID.Zero) | ||
1522 | return false; | ||
1523 | |||
1524 | if( !IsGroupMember(ti.GroupID, user, 0) ) | ||
1525 | return false; | ||
1526 | } | ||
1411 | 1527 | ||
1412 | // Notecards are always readable unless no copy | 1528 | // Notecards are always readable unless no copy |
1413 | // | 1529 | // |
@@ -1420,7 +1536,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1420 | return true; | 1536 | return true; |
1421 | } | 1537 | } |
1422 | 1538 | ||
1423 | #endregion | 1539 | #endregion |
1424 | 1540 | ||
1425 | private bool CanLinkObject(UUID userID, UUID objectID) | 1541 | private bool CanLinkObject(UUID userID, UUID objectID) |
1426 | { | 1542 | { |
@@ -1589,7 +1705,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1589 | if (parcel.landData.OwnerID != client.AgentId) | 1705 | if (parcel.landData.OwnerID != client.AgentId) |
1590 | return false; | 1706 | return false; |
1591 | } | 1707 | } |
1592 | break; | 1708 | return GenericParcelOwnerPermission(client.AgentId, parcel, (ulong)GroupPowers.ReturnGroupOwned); |
1593 | case (uint)ObjectReturnType.Group: | 1709 | case (uint)ObjectReturnType.Group: |
1594 | if (parcel.landData.OwnerID != client.AgentId) | 1710 | if (parcel.landData.OwnerID != client.AgentId) |
1595 | { | 1711 | { |
@@ -1613,45 +1729,44 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1613 | return true; | 1729 | return true; |
1614 | } | 1730 | } |
1615 | } | 1731 | } |
1616 | break; | 1732 | return GenericParcelOwnerPermission(client.AgentId, parcel, (ulong)GroupPowers.ReturnGroupSet); |
1617 | case (uint)ObjectReturnType.Other: | 1733 | case (uint)ObjectReturnType.Other: |
1618 | if ((powers & (long)GroupPowers.ReturnNonGroup) != 0) | 1734 | if ((powers & (long)GroupPowers.ReturnNonGroup) != 0) |
1619 | return true; | 1735 | return true; |
1620 | break; | 1736 | return GenericParcelOwnerPermission(client.AgentId, parcel, (ulong)GroupPowers.ReturnNonGroup); |
1621 | case (uint)ObjectReturnType.List: | 1737 | case (uint)ObjectReturnType.List: |
1622 | break; | 1738 | break; |
1623 | } | 1739 | } |
1624 | 1740 | ||
1625 | return GenericParcelPermission(client.AgentId, parcel); | 1741 | return GenericParcelOwnerPermission(client.AgentId, parcel, 0); |
1742 | // Is it correct to be less restrictive for lists of objects to be returned? | ||
1626 | } | 1743 | } |
1627 | 1744 | ||
1628 | private bool CanCompileScript(UUID ownerUUID, int scriptType, Scene scene) { | 1745 | private bool CanCompileScript(UUID ownerUUID, int scriptType, Scene scene) { |
1629 | //m_log.DebugFormat("check if {0} is allowed to compile {1}", ownerUUID, scriptType); | 1746 | //m_log.DebugFormat("check if {0} is allowed to compile {1}", ownerUUID, scriptType); |
1630 | switch(scriptType) { | 1747 | switch(scriptType) { |
1631 | case 0: | 1748 | case 0: |
1632 | if(GrantLSL.Count == 0 || GrantLSL.ContainsKey(ownerUUID.ToString())) { | 1749 | if(GrantLSL.Count == 0 || GrantLSL.ContainsKey(ownerUUID.ToString())) { |
1633 | return(true); | 1750 | return(true); |
1634 | } | 1751 | } |
1635 | break; | 1752 | break; |
1636 | case 1: | 1753 | case 1: |
1637 | if(GrantCS.Count == 0 || GrantCS.ContainsKey(ownerUUID.ToString())) { | 1754 | if(GrantCS.Count == 0 || GrantCS.ContainsKey(ownerUUID.ToString())) { |
1638 | return(true); | 1755 | return(true); |
1639 | } | 1756 | } |
1640 | break; | 1757 | break; |
1641 | case 2: | 1758 | case 2: |
1642 | if(GrantVB.Count == 0 || GrantVB.ContainsKey(ownerUUID.ToString())) { | 1759 | if(GrantVB.Count == 0 || GrantVB.ContainsKey(ownerUUID.ToString())) { |
1643 | return(true); | 1760 | return(true); |
1644 | } | 1761 | } |
1645 | break; | 1762 | break; |
1646 | case 3: | 1763 | case 3: |
1647 | if(GrantJS.Count == 0 || GrantJS.ContainsKey(ownerUUID.ToString())) { | 1764 | if(GrantJS.Count == 0 || GrantJS.ContainsKey(ownerUUID.ToString())) { |
1648 | return(true); | 1765 | return(true); |
1649 | } | 1766 | } |
1650 | break; | 1767 | break; |
1651 | } | 1768 | } |
1652 | return(false); | 1769 | return(false); |
1653 | } | 1770 | } |
1654 | |||
1655 | |||
1656 | } | 1771 | } |
1657 | } | 1772 | } |
diff --git a/OpenSim/Region/Framework/Scenes/Scene.Inventory.cs b/OpenSim/Region/Framework/Scenes/Scene.Inventory.cs index 6efcaa7..a2a7392 100644 --- a/OpenSim/Region/Framework/Scenes/Scene.Inventory.cs +++ b/OpenSim/Region/Framework/Scenes/Scene.Inventory.cs | |||
@@ -1526,10 +1526,14 @@ namespace OpenSim.Region.Framework.Scenes | |||
1526 | return; | 1526 | return; |
1527 | 1527 | ||
1528 | if (part.OwnerID != remoteClient.AgentId) | 1528 | if (part.OwnerID != remoteClient.AgentId) |
1529 | return; | 1529 | { |
1530 | 1530 | // Group permissions | |
1531 | if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0) | 1531 | if ( (part.GroupID == UUID.Zero) || (remoteClient.GetGroupPowers(part.GroupID) == 0) || ((part.GroupMask & (uint)PermissionMask.Modify) == 0) ) |
1532 | return; | 1532 | return; |
1533 | } else { | ||
1534 | if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0) | ||
1535 | return; | ||
1536 | } | ||
1533 | 1537 | ||
1534 | if (!Permissions.CanCreateObjectInventory( | 1538 | if (!Permissions.CanCreateObjectInventory( |
1535 | itemBase.InvType, part.UUID, remoteClient.AgentId)) | 1539 | itemBase.InvType, part.UUID, remoteClient.AgentId)) |
@@ -1598,13 +1602,18 @@ namespace OpenSim.Region.Framework.Scenes | |||
1598 | destId); | 1602 | destId); |
1599 | return; | 1603 | return; |
1600 | } | 1604 | } |
1601 | 1605 | ||
1602 | // Must own the object, and have modify rights | 1606 | // Must own the object, and have modify rights |
1603 | if (srcPart.OwnerID != destPart.OwnerID) | 1607 | if (srcPart.OwnerID != destPart.OwnerID) |
1604 | return; | 1608 | { |
1605 | 1609 | // Group permissions | |
1606 | if ((destPart.OwnerMask & (uint)PermissionMask.Modify) == 0) | 1610 | if ( (destPart.GroupID == UUID.Zero) || (destPart.GroupID != srcPart.GroupID) || |
1607 | return; | 1611 | ((destPart.GroupMask & (uint)PermissionMask.Modify) == 0) ) |
1612 | return; | ||
1613 | } else { | ||
1614 | if ((destPart.OwnerMask & (uint)PermissionMask.Modify) == 0) | ||
1615 | return; | ||
1616 | } | ||
1608 | 1617 | ||
1609 | if (destPart.ScriptAccessPin != pin) | 1618 | if (destPart.ScriptAccessPin != pin) |
1610 | { | 1619 | { |