aboutsummaryrefslogtreecommitdiffstatshomepage
diff options
context:
space:
mode:
authorJustin Clark-Casey (justincc)2012-01-12 19:06:46 +0000
committerJustin Clark-Casey (justincc)2012-01-12 19:06:46 +0000
commitba3491c76e2d7cc7187a025dccd782790929f0b7 (patch)
treeda28906958e7a557b8fd3f7b8cf86fe1a80d50f7
parentMerge branch 'master' of ssh://opensimulator.org/var/git/opensim (diff)
downloadopensim-SC_OLD-ba3491c76e2d7cc7187a025dccd782790929f0b7.zip
opensim-SC_OLD-ba3491c76e2d7cc7187a025dccd782790929f0b7.tar.gz
opensim-SC_OLD-ba3491c76e2d7cc7187a025dccd782790929f0b7.tar.bz2
opensim-SC_OLD-ba3491c76e2d7cc7187a025dccd782790929f0b7.tar.xz
Add permissions checks for owned avatars to all other osNpc* functions.
This is being done outside the npc module since the check is meaningless for region module callers, who can fake any id that they like.
-rw-r--r--OpenSim/Region/Framework/Interfaces/INPCModule.cs2
-rw-r--r--OpenSim/Region/OptionalModules/World/NPC/NPCModule.cs5
-rw-r--r--OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs70
3 files changed, 52 insertions, 25 deletions
diff --git a/OpenSim/Region/Framework/Interfaces/INPCModule.cs b/OpenSim/Region/Framework/Interfaces/INPCModule.cs
index 3ec1bda..c50e734 100644
--- a/OpenSim/Region/Framework/Interfaces/INPCModule.cs
+++ b/OpenSim/Region/Framework/Interfaces/INPCModule.cs
@@ -125,7 +125,7 @@ namespace OpenSim.Region.Framework.Interfaces
125 /// <param name="agentID">The UUID of the NPC</param> 125 /// <param name="agentID">The UUID of the NPC</param>
126 /// <param name="scene"></param> 126 /// <param name="scene"></param>
127 /// <returns>True if the operation succeeded, false if there was no such agent or the agent was not an NPC</returns> 127 /// <returns>True if the operation succeeded, false if there was no such agent or the agent was not an NPC</returns>
128 bool DeleteNPC(UUID agentID, UUID CallerID, Scene scene); 128 bool DeleteNPC(UUID agentID, Scene scene);
129 129
130 /// <summary> 130 /// <summary>
131 /// Get the owner of a NPC 131 /// Get the owner of a NPC
diff --git a/OpenSim/Region/OptionalModules/World/NPC/NPCModule.cs b/OpenSim/Region/OptionalModules/World/NPC/NPCModule.cs
index 8f9b513..d90309f 100644
--- a/OpenSim/Region/OptionalModules/World/NPC/NPCModule.cs
+++ b/OpenSim/Region/OptionalModules/World/NPC/NPCModule.cs
@@ -266,16 +266,13 @@ namespace OpenSim.Region.OptionalModules.World.NPC
266 return UUID.Zero; 266 return UUID.Zero;
267 } 267 }
268 268
269 public bool DeleteNPC(UUID agentID, UUID callerID, Scene scene) 269 public bool DeleteNPC(UUID agentID, Scene scene)
270 { 270 {
271 lock (m_avatars) 271 lock (m_avatars)
272 { 272 {
273 NPCAvatar av; 273 NPCAvatar av;
274 if (m_avatars.TryGetValue(agentID, out av)) 274 if (m_avatars.TryGetValue(agentID, out av))
275 { 275 {
276 if (!CheckPermissions(av, callerID));
277 return false;
278
279 scene.RemoveClient(agentID, false); 276 scene.RemoveClient(agentID, false);
280 m_avatars.Remove(agentID); 277 m_avatars.Remove(agentID);
281 278
diff --git a/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs b/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs
index 1d7a210..509bbec 100644
--- a/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs
+++ b/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs
@@ -2173,6 +2173,9 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
2173 if (!UUID.TryParse(npc.m_string, out npcId)) 2173 if (!UUID.TryParse(npc.m_string, out npcId))
2174 return; 2174 return;
2175 2175
2176 if (!npcModule.CheckPermissions(npcId, m_host.OwnerID))
2177 return;
2178
2176 string appearanceSerialized = LoadNotecard(notecard); 2179 string appearanceSerialized = LoadNotecard(notecard);
2177 OSDMap appearanceOsd = (OSDMap)OSDParser.DeserializeLLSDXml(appearanceSerialized); 2180 OSDMap appearanceOsd = (OSDMap)OSDParser.DeserializeLLSDXml(appearanceSerialized);
2178// OSD a = OSDParser.DeserializeLLSDXml(appearanceSerialized); 2181// OSD a = OSDParser.DeserializeLLSDXml(appearanceSerialized);
@@ -2196,7 +2199,7 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
2196 if (!UUID.TryParse(npc.m_string, out npcId)) 2199 if (!UUID.TryParse(npc.m_string, out npcId))
2197 return new LSL_Vector(0, 0, 0); 2200 return new LSL_Vector(0, 0, 0);
2198 2201
2199 if (!npcModule.IsNPC(npcId, m_host.ParentGroup.Scene)) 2202 if (!npcModule.CheckPermissions(npcId, m_host.OwnerID))
2200 return new LSL_Vector(0, 0, 0); 2203 return new LSL_Vector(0, 0, 0);
2201 2204
2202 Vector3 pos = World.GetScenePresence(npcId).AbsolutePosition; 2205 Vector3 pos = World.GetScenePresence(npcId).AbsolutePosition;
@@ -2216,6 +2219,9 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
2216 UUID npcId; 2219 UUID npcId;
2217 if (!UUID.TryParse(npc.m_string, out npcId)) 2220 if (!UUID.TryParse(npc.m_string, out npcId))
2218 return; 2221 return;
2222
2223 if (!module.CheckPermissions(npcId, m_host.OwnerID))
2224 return;
2219 2225
2220 Vector3 pos = new Vector3((float) position.x, (float) position.y, (float) position.z); 2226 Vector3 pos = new Vector3((float) position.x, (float) position.y, (float) position.z);
2221 module.MoveToTarget(npcId, World, pos, false, true); 2227 module.MoveToTarget(npcId, World, pos, false, true);
@@ -2233,6 +2239,9 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
2233 if (!UUID.TryParse(npc.m_string, out npcId)) 2239 if (!UUID.TryParse(npc.m_string, out npcId))
2234 return; 2240 return;
2235 2241
2242 if (!module.CheckPermissions(npcId, m_host.OwnerID))
2243 return;
2244
2236 Vector3 pos = new Vector3((float)target.x, (float)target.y, (float)target.z); 2245 Vector3 pos = new Vector3((float)target.x, (float)target.y, (float)target.z);
2237 module.MoveToTarget( 2246 module.MoveToTarget(
2238 new UUID(npc.m_string), 2247 new UUID(npc.m_string),
@@ -2254,7 +2263,7 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
2254 if (!UUID.TryParse(npc.m_string, out npcId)) 2263 if (!UUID.TryParse(npc.m_string, out npcId))
2255 return new LSL_Rotation(Quaternion.Identity.X, Quaternion.Identity.Y, Quaternion.Identity.Z, Quaternion.Identity.W); 2264 return new LSL_Rotation(Quaternion.Identity.X, Quaternion.Identity.Y, Quaternion.Identity.Z, Quaternion.Identity.W);
2256 2265
2257 if (!npcModule.IsNPC(npcId, m_host.ParentGroup.Scene)) 2266 if (!npcModule.CheckPermissions(npcId, m_host.OwnerID))
2258 return new LSL_Rotation(Quaternion.Identity.X, Quaternion.Identity.Y, Quaternion.Identity.Z, Quaternion.Identity.W); 2267 return new LSL_Rotation(Quaternion.Identity.X, Quaternion.Identity.Y, Quaternion.Identity.Z, Quaternion.Identity.W);
2259 2268
2260 ScenePresence sp = World.GetScenePresence(npcId); 2269 ScenePresence sp = World.GetScenePresence(npcId);
@@ -2277,7 +2286,7 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
2277 if (!UUID.TryParse(npc.m_string, out npcId)) 2286 if (!UUID.TryParse(npc.m_string, out npcId))
2278 return; 2287 return;
2279 2288
2280 if (!npcModule.IsNPC(npcId, m_host.ParentGroup.Scene)) 2289 if (!npcModule.CheckPermissions(npcId, m_host.OwnerID))
2281 return; 2290 return;
2282 2291
2283 ScenePresence sp = World.GetScenePresence(npcId); 2292 ScenePresence sp = World.GetScenePresence(npcId);
@@ -2291,7 +2300,14 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
2291 2300
2292 INPCModule module = World.RequestModuleInterface<INPCModule>(); 2301 INPCModule module = World.RequestModuleInterface<INPCModule>();
2293 if (module != null) 2302 if (module != null)
2294 module.StopMoveToTarget(new UUID(npc.m_string), World); 2303 {
2304 UUID npcId = new UUID(npc.m_string);
2305
2306 if (!module.CheckPermissions(npcId, m_host.OwnerID))
2307 return;
2308
2309 module.StopMoveToTarget(npcId, World);
2310 }
2295 } 2311 }
2296 2312
2297 public void osNpcSay(LSL_Key npc, string message) 2313 public void osNpcSay(LSL_Key npc, string message)
@@ -2301,7 +2317,12 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
2301 INPCModule module = World.RequestModuleInterface<INPCModule>(); 2317 INPCModule module = World.RequestModuleInterface<INPCModule>();
2302 if (module != null) 2318 if (module != null)
2303 { 2319 {
2304 module.Say(new UUID(npc.m_string), World, message); 2320 UUID npcId = new UUID(npc.m_string);
2321
2322 if (!module.CheckPermissions(npcId, m_host.OwnerID))
2323 return;
2324
2325 module.Say(npcId, World, message);
2305 } 2326 }
2306 } 2327 }
2307 2328
@@ -2312,7 +2333,12 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
2312 INPCModule module = World.RequestModuleInterface<INPCModule>(); 2333 INPCModule module = World.RequestModuleInterface<INPCModule>();
2313 if (module != null) 2334 if (module != null)
2314 { 2335 {
2315 module.Sit(new UUID(npc.m_string), new UUID(target.m_string), World); 2336 UUID npcId = new UUID(npc.m_string);
2337
2338 if (!module.CheckPermissions(npcId, m_host.OwnerID))
2339 return;
2340
2341 module.Sit(npcId, new UUID(target.m_string), World);
2316 } 2342 }
2317 } 2343 }
2318 2344
@@ -2323,7 +2349,12 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
2323 INPCModule module = World.RequestModuleInterface<INPCModule>(); 2349 INPCModule module = World.RequestModuleInterface<INPCModule>();
2324 if (module != null) 2350 if (module != null)
2325 { 2351 {
2326 module.Stand(new UUID(npc.m_string), World); 2352 UUID npcId = new UUID(npc.m_string);
2353
2354 if (!module.CheckPermissions(npcId, m_host.OwnerID))
2355 return;
2356
2357 module.Stand(npcId, World);
2327 } 2358 }
2328 } 2359 }
2329 2360
@@ -2334,7 +2365,12 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
2334 INPCModule module = World.RequestModuleInterface<INPCModule>(); 2365 INPCModule module = World.RequestModuleInterface<INPCModule>();
2335 if (module != null) 2366 if (module != null)
2336 { 2367 {
2337 module.DeleteNPC(new UUID(npc.m_string), m_host.OwnerID, World); 2368 UUID npcId = new UUID(npc.m_string);
2369
2370 if (!module.CheckPermissions(npcId, m_host.OwnerID))
2371 return;
2372
2373 module.DeleteNPC(npcId, World);
2338 } 2374 }
2339 } 2375 }
2340 2376
@@ -2346,12 +2382,9 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
2346 if (module != null) 2382 if (module != null)
2347 { 2383 {
2348 UUID npcID = new UUID(npc.m_string); 2384 UUID npcID = new UUID(npc.m_string);
2349 if (module.IsNPC(npcID, m_host.ParentGroup.Scene)) 2385
2350 { 2386 if (module.CheckPermissions(npcID, m_host.OwnerID))
2351 UUID ownerID = module.GetOwner(npcID); 2387 AvatarPlayAnimation(npcID.ToString(), animation);
2352 if (ownerID == UUID.Zero || ownerID == m_host.OwnerID)
2353 AvatarPlayAnimation(npcID.ToString(), animation);
2354 }
2355 } 2388 }
2356 } 2389 }
2357 2390
@@ -2363,12 +2396,9 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
2363 if (module != null) 2396 if (module != null)
2364 { 2397 {
2365 UUID npcID = new UUID(npc.m_string); 2398 UUID npcID = new UUID(npc.m_string);
2366 if (module.IsNPC(npcID, m_host.ParentGroup.Scene)) 2399
2367 { 2400 if (module.CheckPermissions(npcID, m_host.OwnerID))
2368 UUID ownerID = module.GetOwner(npcID); 2401 AvatarPlayAnimation(npcID.ToString(), animation);
2369 if (ownerID == UUID.Zero || ownerID == m_host.OwnerID)
2370 AvatarStopAnimation(npcID.ToString(), animation);
2371 }
2372 } 2402 }
2373 } 2403 }
2374 2404