aboutsummaryrefslogtreecommitdiffstatshomepage
diff options
context:
space:
mode:
authorUbitUmarov2017-01-18 00:42:08 +0000
committerUbitUmarov2017-01-18 00:42:08 +0000
commitc14d81f5383b95c8bcb07cf023efa0d8d0e1c3e1 (patch)
treef36473d0c841577c34d10e14ef42763ae1105964
parentPermissions module: GenerateClientFlags() no need to keep looking for the sam... (diff)
downloadopensim-SC_OLD-c14d81f5383b95c8bcb07cf023efa0d8d0e1c3e1.zip
opensim-SC_OLD-c14d81f5383b95c8bcb07cf023efa0d8d0e1c3e1.tar.gz
opensim-SC_OLD-c14d81f5383b95c8bcb07cf023efa0d8d0e1c3e1.tar.bz2
opensim-SC_OLD-c14d81f5383b95c8bcb07cf023efa0d8d0e1c3e1.tar.xz
Permissions module: replace some GenericObjectPermission by GenericObjectPermission on some checks. Note that in some cases behavour is now diferent.
-rw-r--r--OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs174
1 files changed, 51 insertions, 123 deletions
diff --git a/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs b/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs
index 6f16ae6..930f5f2 100644
--- a/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs
+++ b/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs
@@ -728,7 +728,6 @@ namespace OpenSim.Region.CoreModules.World.Permissions
728 return returnMask; 728 return returnMask;
729 } 729 }
730 730
731
732 UUID taskOwnerID = task.OwnerID; 731 UUID taskOwnerID = task.OwnerID;
733 UUID spID = sp.UUID; 732 UUID spID = sp.UUID;
734 733
@@ -878,16 +877,14 @@ namespace OpenSim.Region.CoreModules.World.Permissions
878 /// <param name="objId">This is a scene object group UUID</param> 877 /// <param name="objId">This is a scene object group UUID</param>
879 /// <param name="denyOnLocked"></param> 878 /// <param name="denyOnLocked"></param>
880 /// <returns></returns> 879 /// <returns></returns>
881 protected uint GetObjectPermissions(UUID currentUser, UUID objId, bool denyOnLocked) 880 protected uint GetObjectPermissions(UUID currentUser, SceneObjectGroup group, bool denyOnLocked)
882 { 881 {
883 SceneObjectPart part = m_scene.GetSceneObjectPart(objId); 882 if (group == null)
884 if (part == null)
885 return 0; 883 return 0;
886 884
887 if (IsAdministrator(currentUser)) 885 if (IsAdministrator(currentUser))
888 return (uint)PermissionMask.AllEffective; 886 return (uint)PermissionMask.AllEffective;
889 887
890 SceneObjectGroup group = part.ParentGroup;
891 SceneObjectPart root = group.RootPart; 888 SceneObjectPart root = group.RootPart;
892 if (root == null) 889 if (root == null)
893 return 0; 890 return 0;
@@ -1193,30 +1190,14 @@ namespace OpenSim.Region.CoreModules.World.Permissions
1193 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); 1190 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
1194 if (m_bypassPermissions) return m_bypassPermissionsValue; 1191 if (m_bypassPermissions) return m_bypassPermissionsValue;
1195 1192
1196 if (!GenericObjectPermission(owner, objectID, true)) 1193 SceneObjectGroup sog = scene.GetGroupByPrim(objectID);
1197 { 1194 if (sog == null)
1198 //They can't even edit the object
1199 return false; 1195 return false;
1200 }
1201 1196
1202 SceneObjectPart part = scene.GetSceneObjectPart(objectID); 1197 uint perms = GetObjectPermissions(owner, sog, false);
1203 if (part == null) 1198 if((perms & (uint)PermissionMask.Copy) == 0)
1204 return false; 1199 return false;
1205 1200
1206 if (part.OwnerID == owner)
1207 {
1208 if ((part.OwnerMask & PERM_COPY) == 0)
1209 return false;
1210 }
1211 else if (part.GroupID != UUID.Zero)
1212 {
1213 if ((part.OwnerID == part.GroupID) && ((owner != part.LastOwnerID) || ((part.GroupMask & PERM_TRANS) == 0)))
1214 return false;
1215
1216 if ((part.GroupMask & PERM_COPY) == 0)
1217 return false;
1218 }
1219
1220 //If they can rez, they can duplicate 1201 //If they can rez, they can duplicate
1221 return CanRezObject(objectCount, owner, objectPosition, scene); 1202 return CanRezObject(objectCount, owner, objectPosition, scene);
1222 } 1203 }
@@ -1226,7 +1207,14 @@ namespace OpenSim.Region.CoreModules.World.Permissions
1226 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); 1207 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
1227 if (m_bypassPermissions) return m_bypassPermissionsValue; 1208 if (m_bypassPermissions) return m_bypassPermissionsValue;
1228 1209
1229 return GenericObjectPermission(deleter, objectID, false); 1210 SceneObjectGroup sog = scene.GetGroupByPrim(objectID);
1211 if (sog == null)
1212 return false;
1213
1214 uint perms = GetObjectPermissions(deleter, sog, false);
1215 if((perms & (uint)PermissionMask.Modify) == 0)
1216 return false;
1217 return true;
1230 } 1218 }
1231 1219
1232 private bool CanEditObject(UUID objectID, UUID editorID, Scene scene) 1220 private bool CanEditObject(UUID objectID, UUID editorID, Scene scene)
@@ -1234,7 +1222,14 @@ namespace OpenSim.Region.CoreModules.World.Permissions
1234 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); 1222 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
1235 if (m_bypassPermissions) return m_bypassPermissionsValue; 1223 if (m_bypassPermissions) return m_bypassPermissionsValue;
1236 1224
1237 return GenericObjectPermission(editorID, objectID, false); 1225 SceneObjectGroup sog = scene.GetGroupByPrim(objectID);
1226 if (sog == null)
1227 return false;
1228
1229 uint perms = GetObjectPermissions(editorID, sog, true);
1230 if((perms & (uint)PermissionMask.Modify) == 0)
1231 return false;
1232 return true;
1238 } 1233 }
1239 1234
1240 private bool CanEditObjectInventory(UUID objectID, UUID editorID, Scene scene) 1235 private bool CanEditObjectInventory(UUID objectID, UUID editorID, Scene scene)
@@ -1242,7 +1237,14 @@ namespace OpenSim.Region.CoreModules.World.Permissions
1242 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); 1237 DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
1243 if (m_bypassPermissions) return m_bypassPermissionsValue; 1238 if (m_bypassPermissions) return m_bypassPermissionsValue;
1244 1239
1245 return GenericObjectPermission(editorID, objectID, false); 1240 SceneObjectGroup sog = scene.GetGroupByPrim(objectID);
1241 if (sog == null)
1242 return false;
1243
1244 uint perms = GetObjectPermissions(editorID, sog, true);
1245 if((perms & (uint)PermissionMask.Modify) == 0)
1246 return false;
1247 return true;
1246 } 1248 }
1247 1249
1248 private bool CanEditParcelProperties(UUID user, ILandObject parcel, GroupPowers p, Scene scene, bool allowManager) 1250 private bool CanEditParcelProperties(UUID user, ILandObject parcel, GroupPowers p, Scene scene, bool allowManager)
@@ -1314,30 +1316,19 @@ namespace OpenSim.Region.CoreModules.World.Permissions
1314 } 1316 }
1315 else // Prim inventory 1317 else // Prim inventory
1316 { 1318 {
1317 SceneObjectPart part = scene.GetSceneObjectPart(objectID); 1319 SceneObjectGroup sog = scene.GetGroupByPrim(objectID);
1318 1320 if (sog == null)
1319 if (part == null)
1320 return false; 1321 return false;
1321 1322
1322 if (part.OwnerID != user) 1323 uint perms = GetObjectPermissions(user, sog, true);
1323 { 1324 if((perms & (uint)PermissionMask.Modify) == 0)
1324 if (part.GroupID == UUID.Zero) 1325 return false;
1325 return false;
1326
1327 if (!IsGroupMember(part.GroupID, user, 0))
1328 return false;
1329 1326
1330 if ((part.GroupMask & (uint)PermissionMask.Modify) == 0) 1327 SceneObjectPart part = scene.GetSceneObjectPart(objectID);
1331 return false; 1328 if (part == null)
1332 }
1333 else
1334 {
1335 if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0)
1336 return false; 1329 return false;
1337 }
1338 1330
1339 TaskInventoryItem ti = part.Inventory.GetInventoryItem(notecard); 1331 TaskInventoryItem ti = part.Inventory.GetInventoryItem(notecard);
1340
1341 if (ti == null) 1332 if (ti == null)
1342 return false; 1333 return false;
1343 1334
@@ -1351,14 +1342,10 @@ namespace OpenSim.Region.CoreModules.World.Permissions
1351 } 1342 }
1352 1343
1353 // Require full perms 1344 // Require full perms
1354 if ((ti.CurrentPermissions & 1345 if ((ti.CurrentPermissions & ((uint)PermissionMask.Modify | (uint)PermissionMask.Copy)) !=
1355 ((uint)PermissionMask.Modify | 1346 ((uint)PermissionMask.Modify | (uint)PermissionMask.Copy))
1356 (uint)PermissionMask.Copy)) !=
1357 ((uint)PermissionMask.Modify |
1358 (uint)PermissionMask.Copy))
1359 return false; 1347 return false;
1360 } 1348 }
1361
1362 return true; 1349 return true;
1363 } 1350 }
1364 1351
@@ -1407,85 +1394,26 @@ namespace OpenSim.Region.CoreModules.World.Permissions
1407 if (m_bypassPermissions) 1394 if (m_bypassPermissions)
1408 { 1395 {
1409 SceneObjectPart part = scene.GetSceneObjectPart(objectID); 1396 SceneObjectPart part = scene.GetSceneObjectPart(objectID);
1397 if(part == null)
1398 return false;
1399
1410 if (part.OwnerID != moverID) 1400 if (part.OwnerID != moverID)
1411 { 1401 {
1412 if (!part.ParentGroup.IsDeleted) 1402 if (part.ParentGroup.IsDeleted || part.ParentGroup.IsAttachment)
1413 {
1414 if (part.ParentGroup.IsAttachment)
1415 return false; 1403 return false;
1416 }
1417 } 1404 }
1418 return m_bypassPermissionsValue; 1405 return m_bypassPermissionsValue;
1419 } 1406 }
1420 1407
1421 bool permission = GenericObjectPermission(moverID, objectID, true); 1408 SceneObjectGroup sog = scene.GetGroupByPrim(objectID);
1422 if (!permission) 1409 if (sog == null)
1423 { 1410 return false;
1424 if (!m_scene.Entities.ContainsKey(objectID))
1425 {
1426 return false;
1427 }
1428
1429 // The client
1430 // may request to edit linked parts, and therefore, it needs
1431 // to also check for SceneObjectPart
1432
1433 // If it's not an object, we cant edit it.
1434 if ((!(m_scene.Entities[objectID] is SceneObjectGroup)))
1435 {
1436 return false;
1437 }
1438
1439
1440 SceneObjectGroup task = (SceneObjectGroup)m_scene.Entities[objectID];
1441
1442
1443 // UUID taskOwner = null;
1444 // Added this because at this point in time it wouldn't be wise for
1445 // the administrator object permissions to take effect.
1446 // UUID objectOwner = task.OwnerID;
1447
1448 // Anyone can move
1449 if ((task.RootPart.EveryoneMask & PERM_MOVE) != 0)
1450 permission = true;
1451
1452 // Locked
1453 if ((task.RootPart.OwnerMask & PERM_LOCKED) == 0)
1454 permission = false;
1455 }
1456 else
1457 {
1458 bool locked = false;
1459 if (!m_scene.Entities.ContainsKey(objectID))
1460 {
1461 return false;
1462 }
1463
1464 // If it's not an object, we cant edit it.
1465 if ((!(m_scene.Entities[objectID] is SceneObjectGroup)))
1466 {
1467 return false;
1468 }
1469
1470 SceneObjectGroup group = (SceneObjectGroup)m_scene.Entities[objectID];
1471
1472 UUID objectOwner = group.OwnerID;
1473 locked = ((group.RootPart.OwnerMask & PERM_LOCKED) == 0);
1474
1475 // This is an exception to the generic object permission.
1476 // Administrators who lock their objects should not be able to move them,
1477 // however generic object permission should return true.
1478 // This keeps locked objects from being affected by random click + drag actions by accident
1479 // and allows the administrator to grab or delete a locked object.
1480
1481 // Administrators and estate managers are still able to click+grab locked objects not
1482 // owned by them in the scene
1483 // This is by design.
1484 1411
1485 if (locked && (moverID == objectOwner)) 1412 uint perms = GetObjectPermissions(moverID, sog, true);
1486 return false; 1413 if((perms & (uint)PermissionMask.Move) == 0)
1487 } 1414 return false;
1488 return permission; 1415 // admins exception ? if needed then should be done at GetObjectPermissions
1416 return true;
1489 } 1417 }
1490 1418
1491 private bool CanObjectEntry(UUID objectID, bool enteringRegion, Vector3 newPoint, Scene scene) 1419 private bool CanObjectEntry(UUID objectID, bool enteringRegion, Vector3 newPoint, Scene scene)