diff options
author | UbitUmarov | 2017-01-18 00:42:08 +0000 |
---|---|---|
committer | UbitUmarov | 2017-01-18 00:42:08 +0000 |
commit | c14d81f5383b95c8bcb07cf023efa0d8d0e1c3e1 (patch) | |
tree | f36473d0c841577c34d10e14ef42763ae1105964 | |
parent | Permissions module: GenerateClientFlags() no need to keep looking for the sam... (diff) | |
download | opensim-SC_OLD-c14d81f5383b95c8bcb07cf023efa0d8d0e1c3e1.zip opensim-SC_OLD-c14d81f5383b95c8bcb07cf023efa0d8d0e1c3e1.tar.gz opensim-SC_OLD-c14d81f5383b95c8bcb07cf023efa0d8d0e1c3e1.tar.bz2 opensim-SC_OLD-c14d81f5383b95c8bcb07cf023efa0d8d0e1c3e1.tar.xz |
Permissions module: replace some GenericObjectPermission by GenericObjectPermission on some checks. Note that in some cases behavour is now diferent.
-rw-r--r-- | OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs | 174 |
1 files changed, 51 insertions, 123 deletions
diff --git a/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs b/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs index 6f16ae6..930f5f2 100644 --- a/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs +++ b/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs | |||
@@ -728,7 +728,6 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
728 | return returnMask; | 728 | return returnMask; |
729 | } | 729 | } |
730 | 730 | ||
731 | |||
732 | UUID taskOwnerID = task.OwnerID; | 731 | UUID taskOwnerID = task.OwnerID; |
733 | UUID spID = sp.UUID; | 732 | UUID spID = sp.UUID; |
734 | 733 | ||
@@ -878,16 +877,14 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
878 | /// <param name="objId">This is a scene object group UUID</param> | 877 | /// <param name="objId">This is a scene object group UUID</param> |
879 | /// <param name="denyOnLocked"></param> | 878 | /// <param name="denyOnLocked"></param> |
880 | /// <returns></returns> | 879 | /// <returns></returns> |
881 | protected uint GetObjectPermissions(UUID currentUser, UUID objId, bool denyOnLocked) | 880 | protected uint GetObjectPermissions(UUID currentUser, SceneObjectGroup group, bool denyOnLocked) |
882 | { | 881 | { |
883 | SceneObjectPart part = m_scene.GetSceneObjectPart(objId); | 882 | if (group == null) |
884 | if (part == null) | ||
885 | return 0; | 883 | return 0; |
886 | 884 | ||
887 | if (IsAdministrator(currentUser)) | 885 | if (IsAdministrator(currentUser)) |
888 | return (uint)PermissionMask.AllEffective; | 886 | return (uint)PermissionMask.AllEffective; |
889 | 887 | ||
890 | SceneObjectGroup group = part.ParentGroup; | ||
891 | SceneObjectPart root = group.RootPart; | 888 | SceneObjectPart root = group.RootPart; |
892 | if (root == null) | 889 | if (root == null) |
893 | return 0; | 890 | return 0; |
@@ -1193,30 +1190,14 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1193 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | 1190 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
1194 | if (m_bypassPermissions) return m_bypassPermissionsValue; | 1191 | if (m_bypassPermissions) return m_bypassPermissionsValue; |
1195 | 1192 | ||
1196 | if (!GenericObjectPermission(owner, objectID, true)) | 1193 | SceneObjectGroup sog = scene.GetGroupByPrim(objectID); |
1197 | { | 1194 | if (sog == null) |
1198 | //They can't even edit the object | ||
1199 | return false; | 1195 | return false; |
1200 | } | ||
1201 | 1196 | ||
1202 | SceneObjectPart part = scene.GetSceneObjectPart(objectID); | 1197 | uint perms = GetObjectPermissions(owner, sog, false); |
1203 | if (part == null) | 1198 | if((perms & (uint)PermissionMask.Copy) == 0) |
1204 | return false; | 1199 | return false; |
1205 | 1200 | ||
1206 | if (part.OwnerID == owner) | ||
1207 | { | ||
1208 | if ((part.OwnerMask & PERM_COPY) == 0) | ||
1209 | return false; | ||
1210 | } | ||
1211 | else if (part.GroupID != UUID.Zero) | ||
1212 | { | ||
1213 | if ((part.OwnerID == part.GroupID) && ((owner != part.LastOwnerID) || ((part.GroupMask & PERM_TRANS) == 0))) | ||
1214 | return false; | ||
1215 | |||
1216 | if ((part.GroupMask & PERM_COPY) == 0) | ||
1217 | return false; | ||
1218 | } | ||
1219 | |||
1220 | //If they can rez, they can duplicate | 1201 | //If they can rez, they can duplicate |
1221 | return CanRezObject(objectCount, owner, objectPosition, scene); | 1202 | return CanRezObject(objectCount, owner, objectPosition, scene); |
1222 | } | 1203 | } |
@@ -1226,7 +1207,14 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1226 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | 1207 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
1227 | if (m_bypassPermissions) return m_bypassPermissionsValue; | 1208 | if (m_bypassPermissions) return m_bypassPermissionsValue; |
1228 | 1209 | ||
1229 | return GenericObjectPermission(deleter, objectID, false); | 1210 | SceneObjectGroup sog = scene.GetGroupByPrim(objectID); |
1211 | if (sog == null) | ||
1212 | return false; | ||
1213 | |||
1214 | uint perms = GetObjectPermissions(deleter, sog, false); | ||
1215 | if((perms & (uint)PermissionMask.Modify) == 0) | ||
1216 | return false; | ||
1217 | return true; | ||
1230 | } | 1218 | } |
1231 | 1219 | ||
1232 | private bool CanEditObject(UUID objectID, UUID editorID, Scene scene) | 1220 | private bool CanEditObject(UUID objectID, UUID editorID, Scene scene) |
@@ -1234,7 +1222,14 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1234 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | 1222 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
1235 | if (m_bypassPermissions) return m_bypassPermissionsValue; | 1223 | if (m_bypassPermissions) return m_bypassPermissionsValue; |
1236 | 1224 | ||
1237 | return GenericObjectPermission(editorID, objectID, false); | 1225 | SceneObjectGroup sog = scene.GetGroupByPrim(objectID); |
1226 | if (sog == null) | ||
1227 | return false; | ||
1228 | |||
1229 | uint perms = GetObjectPermissions(editorID, sog, true); | ||
1230 | if((perms & (uint)PermissionMask.Modify) == 0) | ||
1231 | return false; | ||
1232 | return true; | ||
1238 | } | 1233 | } |
1239 | 1234 | ||
1240 | private bool CanEditObjectInventory(UUID objectID, UUID editorID, Scene scene) | 1235 | private bool CanEditObjectInventory(UUID objectID, UUID editorID, Scene scene) |
@@ -1242,7 +1237,14 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1242 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | 1237 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
1243 | if (m_bypassPermissions) return m_bypassPermissionsValue; | 1238 | if (m_bypassPermissions) return m_bypassPermissionsValue; |
1244 | 1239 | ||
1245 | return GenericObjectPermission(editorID, objectID, false); | 1240 | SceneObjectGroup sog = scene.GetGroupByPrim(objectID); |
1241 | if (sog == null) | ||
1242 | return false; | ||
1243 | |||
1244 | uint perms = GetObjectPermissions(editorID, sog, true); | ||
1245 | if((perms & (uint)PermissionMask.Modify) == 0) | ||
1246 | return false; | ||
1247 | return true; | ||
1246 | } | 1248 | } |
1247 | 1249 | ||
1248 | private bool CanEditParcelProperties(UUID user, ILandObject parcel, GroupPowers p, Scene scene, bool allowManager) | 1250 | private bool CanEditParcelProperties(UUID user, ILandObject parcel, GroupPowers p, Scene scene, bool allowManager) |
@@ -1314,30 +1316,19 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1314 | } | 1316 | } |
1315 | else // Prim inventory | 1317 | else // Prim inventory |
1316 | { | 1318 | { |
1317 | SceneObjectPart part = scene.GetSceneObjectPart(objectID); | 1319 | SceneObjectGroup sog = scene.GetGroupByPrim(objectID); |
1318 | 1320 | if (sog == null) | |
1319 | if (part == null) | ||
1320 | return false; | 1321 | return false; |
1321 | 1322 | ||
1322 | if (part.OwnerID != user) | 1323 | uint perms = GetObjectPermissions(user, sog, true); |
1323 | { | 1324 | if((perms & (uint)PermissionMask.Modify) == 0) |
1324 | if (part.GroupID == UUID.Zero) | 1325 | return false; |
1325 | return false; | ||
1326 | |||
1327 | if (!IsGroupMember(part.GroupID, user, 0)) | ||
1328 | return false; | ||
1329 | 1326 | ||
1330 | if ((part.GroupMask & (uint)PermissionMask.Modify) == 0) | 1327 | SceneObjectPart part = scene.GetSceneObjectPart(objectID); |
1331 | return false; | 1328 | if (part == null) |
1332 | } | ||
1333 | else | ||
1334 | { | ||
1335 | if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0) | ||
1336 | return false; | 1329 | return false; |
1337 | } | ||
1338 | 1330 | ||
1339 | TaskInventoryItem ti = part.Inventory.GetInventoryItem(notecard); | 1331 | TaskInventoryItem ti = part.Inventory.GetInventoryItem(notecard); |
1340 | |||
1341 | if (ti == null) | 1332 | if (ti == null) |
1342 | return false; | 1333 | return false; |
1343 | 1334 | ||
@@ -1351,14 +1342,10 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1351 | } | 1342 | } |
1352 | 1343 | ||
1353 | // Require full perms | 1344 | // Require full perms |
1354 | if ((ti.CurrentPermissions & | 1345 | if ((ti.CurrentPermissions & ((uint)PermissionMask.Modify | (uint)PermissionMask.Copy)) != |
1355 | ((uint)PermissionMask.Modify | | 1346 | ((uint)PermissionMask.Modify | (uint)PermissionMask.Copy)) |
1356 | (uint)PermissionMask.Copy)) != | ||
1357 | ((uint)PermissionMask.Modify | | ||
1358 | (uint)PermissionMask.Copy)) | ||
1359 | return false; | 1347 | return false; |
1360 | } | 1348 | } |
1361 | |||
1362 | return true; | 1349 | return true; |
1363 | } | 1350 | } |
1364 | 1351 | ||
@@ -1407,85 +1394,26 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1407 | if (m_bypassPermissions) | 1394 | if (m_bypassPermissions) |
1408 | { | 1395 | { |
1409 | SceneObjectPart part = scene.GetSceneObjectPart(objectID); | 1396 | SceneObjectPart part = scene.GetSceneObjectPart(objectID); |
1397 | if(part == null) | ||
1398 | return false; | ||
1399 | |||
1410 | if (part.OwnerID != moverID) | 1400 | if (part.OwnerID != moverID) |
1411 | { | 1401 | { |
1412 | if (!part.ParentGroup.IsDeleted) | 1402 | if (part.ParentGroup.IsDeleted || part.ParentGroup.IsAttachment) |
1413 | { | ||
1414 | if (part.ParentGroup.IsAttachment) | ||
1415 | return false; | 1403 | return false; |
1416 | } | ||
1417 | } | 1404 | } |
1418 | return m_bypassPermissionsValue; | 1405 | return m_bypassPermissionsValue; |
1419 | } | 1406 | } |
1420 | 1407 | ||
1421 | bool permission = GenericObjectPermission(moverID, objectID, true); | 1408 | SceneObjectGroup sog = scene.GetGroupByPrim(objectID); |
1422 | if (!permission) | 1409 | if (sog == null) |
1423 | { | 1410 | return false; |
1424 | if (!m_scene.Entities.ContainsKey(objectID)) | ||
1425 | { | ||
1426 | return false; | ||
1427 | } | ||
1428 | |||
1429 | // The client | ||
1430 | // may request to edit linked parts, and therefore, it needs | ||
1431 | // to also check for SceneObjectPart | ||
1432 | |||
1433 | // If it's not an object, we cant edit it. | ||
1434 | if ((!(m_scene.Entities[objectID] is SceneObjectGroup))) | ||
1435 | { | ||
1436 | return false; | ||
1437 | } | ||
1438 | |||
1439 | |||
1440 | SceneObjectGroup task = (SceneObjectGroup)m_scene.Entities[objectID]; | ||
1441 | |||
1442 | |||
1443 | // UUID taskOwner = null; | ||
1444 | // Added this because at this point in time it wouldn't be wise for | ||
1445 | // the administrator object permissions to take effect. | ||
1446 | // UUID objectOwner = task.OwnerID; | ||
1447 | |||
1448 | // Anyone can move | ||
1449 | if ((task.RootPart.EveryoneMask & PERM_MOVE) != 0) | ||
1450 | permission = true; | ||
1451 | |||
1452 | // Locked | ||
1453 | if ((task.RootPart.OwnerMask & PERM_LOCKED) == 0) | ||
1454 | permission = false; | ||
1455 | } | ||
1456 | else | ||
1457 | { | ||
1458 | bool locked = false; | ||
1459 | if (!m_scene.Entities.ContainsKey(objectID)) | ||
1460 | { | ||
1461 | return false; | ||
1462 | } | ||
1463 | |||
1464 | // If it's not an object, we cant edit it. | ||
1465 | if ((!(m_scene.Entities[objectID] is SceneObjectGroup))) | ||
1466 | { | ||
1467 | return false; | ||
1468 | } | ||
1469 | |||
1470 | SceneObjectGroup group = (SceneObjectGroup)m_scene.Entities[objectID]; | ||
1471 | |||
1472 | UUID objectOwner = group.OwnerID; | ||
1473 | locked = ((group.RootPart.OwnerMask & PERM_LOCKED) == 0); | ||
1474 | |||
1475 | // This is an exception to the generic object permission. | ||
1476 | // Administrators who lock their objects should not be able to move them, | ||
1477 | // however generic object permission should return true. | ||
1478 | // This keeps locked objects from being affected by random click + drag actions by accident | ||
1479 | // and allows the administrator to grab or delete a locked object. | ||
1480 | |||
1481 | // Administrators and estate managers are still able to click+grab locked objects not | ||
1482 | // owned by them in the scene | ||
1483 | // This is by design. | ||
1484 | 1411 | ||
1485 | if (locked && (moverID == objectOwner)) | 1412 | uint perms = GetObjectPermissions(moverID, sog, true); |
1486 | return false; | 1413 | if((perms & (uint)PermissionMask.Move) == 0) |
1487 | } | 1414 | return false; |
1488 | return permission; | 1415 | // admins exception ? if needed then should be done at GetObjectPermissions |
1416 | return true; | ||
1489 | } | 1417 | } |
1490 | 1418 | ||
1491 | private bool CanObjectEntry(UUID objectID, bool enteringRegion, Vector3 newPoint, Scene scene) | 1419 | private bool CanObjectEntry(UUID objectID, bool enteringRegion, Vector3 newPoint, Scene scene) |