aboutsummaryrefslogtreecommitdiffstatshomepage
diff options
context:
space:
mode:
authorDiva Canto2012-09-20 19:50:57 -0700
committerDiva Canto2012-09-20 19:50:57 -0700
commite379566e6e3bed0d7001f099a5ea8dfd648d76cf (patch)
treed3c9877c5b0e24e3d56b5ee1029324efd05beff6
parentMerge branch 'master' of ssh://opensimulator.org/var/git/opensim (diff)
downloadopensim-SC_OLD-e379566e6e3bed0d7001f099a5ea8dfd648d76cf.zip
opensim-SC_OLD-e379566e6e3bed0d7001f099a5ea8dfd648d76cf.tar.gz
opensim-SC_OLD-e379566e6e3bed0d7001f099a5ea8dfd648d76cf.tar.bz2
opensim-SC_OLD-e379566e6e3bed0d7001f099a5ea8dfd648d76cf.tar.xz
Improvement over last commit: refactor the asset permissions code, so that it can be used by both the HG Asset Service and the simulator. Also renamed the config vars to something more intuitive
-rw-r--r--OpenSim/Framework/AssetPermissions.cs81
-rw-r--r--OpenSim/Services/HypergridService/HGAssetService.cs63
-rw-r--r--bin/Robust.HG.ini.example10
-rw-r--r--bin/config-include/StandaloneCommon.ini.example10
4 files changed, 98 insertions, 66 deletions
diff --git a/OpenSim/Framework/AssetPermissions.cs b/OpenSim/Framework/AssetPermissions.cs
new file mode 100644
index 0000000..d276def
--- /dev/null
+++ b/OpenSim/Framework/AssetPermissions.cs
@@ -0,0 +1,81 @@
1using System;
2using System.Collections.Generic;
3using System.Reflection;
4
5using Nini.Config;
6using log4net;
7
8using OpenMetaverse;
9
10namespace OpenSim.Framework
11{
12 public class AssetPermissions
13 {
14 private static readonly ILog m_log =
15 LogManager.GetLogger(
16 MethodBase.GetCurrentMethod().DeclaringType);
17
18 private bool[] m_DisallowExport, m_DisallowImport;
19 private string[] m_AssetTypeNames;
20
21 public AssetPermissions(IConfig config)
22 {
23 Type enumType = typeof(AssetType);
24 m_AssetTypeNames = Enum.GetNames(enumType);
25 for (int i = 0; i < m_AssetTypeNames.Length; i++)
26 m_AssetTypeNames[i] = m_AssetTypeNames[i].ToLower();
27 int n = Enum.GetValues(enumType).Length;
28 m_DisallowExport = new bool[n];
29 m_DisallowImport = new bool[n];
30
31 LoadPermsFromConfig(config, "DisallowExport", m_DisallowExport);
32 LoadPermsFromConfig(config, "DisallowImport", m_DisallowImport);
33
34 }
35
36 private void LoadPermsFromConfig(IConfig assetConfig, string variable, bool[] bitArray)
37 {
38 string perms = assetConfig.GetString(variable, String.Empty);
39 string[] parts = perms.Split(new char[] { ',' }, StringSplitOptions.RemoveEmptyEntries);
40 foreach (string s in parts)
41 {
42 int index = Array.IndexOf(m_AssetTypeNames, s.Trim().ToLower());
43 if (index >= 0)
44 bitArray[index] = true;
45 else
46 m_log.WarnFormat("[Asset Permissions]: Invalid AssetType {0}", s);
47 }
48
49 }
50
51 public bool AllowedExport(sbyte type)
52 {
53 string assetTypeName = ((AssetType)type).ToString();
54
55 int index = Array.IndexOf(m_AssetTypeNames, assetTypeName.ToLower());
56 if (index >= 0 && m_DisallowExport[index])
57 {
58 m_log.DebugFormat("[Asset Permissions]: Export denied: configuration does not allow export of AssetType {0}", assetTypeName);
59 return false;
60 }
61
62 return true;
63 }
64
65 public bool AllowedImport(sbyte type)
66 {
67 string assetTypeName = ((AssetType)type).ToString();
68
69 int index = Array.IndexOf(m_AssetTypeNames, assetTypeName.ToLower());
70 if (index >= 0 && m_DisallowImport[index])
71 {
72 m_log.DebugFormat("[Asset Permissions]: Import denied: configuration does not allow import of AssetType {0}", assetTypeName);
73 return false;
74 }
75
76 return true;
77 }
78
79
80 }
81}
diff --git a/OpenSim/Services/HypergridService/HGAssetService.cs b/OpenSim/Services/HypergridService/HGAssetService.cs
index d6541c4..f1275a0 100644
--- a/OpenSim/Services/HypergridService/HGAssetService.cs
+++ b/OpenSim/Services/HypergridService/HGAssetService.cs
@@ -58,8 +58,7 @@ namespace OpenSim.Services.HypergridService
58 58
59 private UserAccountCache m_Cache; 59 private UserAccountCache m_Cache;
60 60
61 private bool[] m_DisallowGET, m_DisallowPOST; 61 private AssetPermissions m_AssetPerms;
62 private string[] m_AssetTypeNames;
63 62
64 public HGAssetService(IConfigSource config, string configName) : base(config, configName) 63 public HGAssetService(IConfigSource config, string configName) : base(config, configName)
65 { 64 {
@@ -85,31 +84,7 @@ namespace OpenSim.Services.HypergridService
85 m_Cache = UserAccountCache.CreateUserAccountCache(m_UserAccountService); 84 m_Cache = UserAccountCache.CreateUserAccountCache(m_UserAccountService);
86 85
87 // Permissions 86 // Permissions
88 Type enumType = typeof(AssetType); 87 m_AssetPerms = new AssetPermissions(assetConfig);
89 m_AssetTypeNames = Enum.GetNames(enumType);
90 for (int i = 0; i < m_AssetTypeNames.Length; i++)
91 m_AssetTypeNames[i] = m_AssetTypeNames[i].ToLower();
92 int n = Enum.GetValues(enumType).Length;
93 m_DisallowGET = new bool[n];
94 m_DisallowPOST = new bool[n];
95
96 LoadPermsFromConfig(assetConfig, "DisallowGET", m_DisallowGET);
97 LoadPermsFromConfig(assetConfig, "DisallowPOST", m_DisallowPOST);
98
99 }
100
101 private void LoadPermsFromConfig(IConfig assetConfig, string variable, bool[] bitArray)
102 {
103 string perms = assetConfig.GetString(variable, String.Empty);
104 string[] parts = perms.Split(new char[] {','}, StringSplitOptions.RemoveEmptyEntries);
105 foreach (string s in parts)
106 {
107 int index = Array.IndexOf(m_AssetTypeNames, s.Trim().ToLower());
108 if (index >= 0)
109 bitArray[index] = true;
110 else
111 m_log.WarnFormat("[HGAsset Service]: Invalid AssetType {0}", s);
112 }
113 88
114 } 89 }
115 90
@@ -121,7 +96,7 @@ namespace OpenSim.Services.HypergridService
121 if (asset == null) 96 if (asset == null)
122 return null; 97 return null;
123 98
124 if (!AllowedGet(asset.Type)) 99 if (!m_AssetPerms.AllowedExport(asset.Type))
125 return null; 100 return null;
126 101
127 if (asset.Metadata.Type == (sbyte)AssetType.Object) 102 if (asset.Metadata.Type == (sbyte)AssetType.Object)
@@ -151,7 +126,7 @@ namespace OpenSim.Services.HypergridService
151 if (asset == null) 126 if (asset == null)
152 return null; 127 return null;
153 128
154 if (!AllowedGet(asset.Type)) 129 if (!m_AssetPerms.AllowedExport(asset.Type))
155 return null; 130 return null;
156 131
157 return asset.Data; 132 return asset.Data;
@@ -161,7 +136,7 @@ namespace OpenSim.Services.HypergridService
161 136
162 public override string Store(AssetBase asset) 137 public override string Store(AssetBase asset)
163 { 138 {
164 if (!AllowedPost(asset.Type)) 139 if (!m_AssetPerms.AllowedImport(asset.Type))
165 return UUID.Zero.ToString(); 140 return UUID.Zero.ToString();
166 141
167 return base.Store(asset); 142 return base.Store(asset);
@@ -175,34 +150,6 @@ namespace OpenSim.Services.HypergridService
175 150
176 #endregion 151 #endregion
177 152
178 protected bool AllowedGet(sbyte type)
179 {
180 string assetTypeName = ((AssetType)type).ToString();
181
182 int index = Array.IndexOf(m_AssetTypeNames, assetTypeName.ToLower());
183 if (index >= 0 && m_DisallowGET[index])
184 {
185 m_log.DebugFormat("[HGAsset Service]: GET denied: service does not allow export of AssetType {0}", assetTypeName);
186 return false;
187 }
188
189 return true;
190 }
191
192 protected bool AllowedPost(sbyte type)
193 {
194 string assetTypeName = ((AssetType)type).ToString();
195
196 int index = Array.IndexOf(m_AssetTypeNames, assetTypeName.ToLower());
197 if (index >= 0 && m_DisallowPOST[index])
198 {
199 m_log.DebugFormat("[HGAsset Service]: POST denied: service does not allow import of AssetType {0}", assetTypeName);
200 return false;
201 }
202
203 return true;
204 }
205
206 protected void AdjustIdentifiers(AssetMetadata meta) 153 protected void AdjustIdentifiers(AssetMetadata meta)
207 { 154 {
208 if (meta == null || m_Cache == null) 155 if (meta == null || m_Cache == null)
diff --git a/bin/Robust.HG.ini.example b/bin/Robust.HG.ini.example
index 8218b14..399779d 100644
--- a/bin/Robust.HG.ini.example
+++ b/bin/Robust.HG.ini.example
@@ -437,15 +437,17 @@ ServiceConnectors = "8003/OpenSim.Server.Handlers.dll:AssetServiceConnector,8003
437 UserAccountsService = "OpenSim.Services.UserAccountService.dll:UserAccountService" 437 UserAccountsService = "OpenSim.Services.UserAccountService.dll:UserAccountService"
438 HomeURI = "http://127.0.0.1:8002" 438 HomeURI = "http://127.0.0.1:8002"
439 439
440 ;; The asset types that other grids can get from / post to this service. 440 ;; The asset types that this service can export to / import from other grids.
441 ;; Comma separated.
441 ;; Valid values are all the asset types in OpenMetaverse.AssetType, namely: 442 ;; Valid values are all the asset types in OpenMetaverse.AssetType, namely:
442 ;; Unknown, Texture, Sound, CallingCard, Landmark, Clothing, Object, Notecard, LSLText, LSLBytecode, TextureTGA, Bodypart, SoundWAV, ImageTGA, ImageJPEG, Animation, Gesture, Mesh 443 ;; Unknown, Texture, Sound, CallingCard, Landmark, Clothing, Object, Notecard, LSLText,
444 ;; LSLBytecode, TextureTGA, Bodypart, SoundWAV, ImageTGA, ImageJPEG, Animation, Gesture, Mesh
443 ;; 445 ;;
444 ;; Leave blank or commented if you don't want to apply any restrictions. 446 ;; Leave blank or commented if you don't want to apply any restrictions.
445 ;; A more strict, but still reasonable, policy may be to disallow the exchange 447 ;; A more strict, but still reasonable, policy may be to disallow the exchange
446 ;; of scripts, like so: 448 ;; of scripts, like so:
447 ; DisallowGET ="LSLText" 449 ; DisallowExport ="LSLText"
448 ; DisallowPOST ="LSLBytecode" 450 ; DisallowImport ="LSLBytecode"
449 451
450[HGFriendsService] 452[HGFriendsService]
451 LocalServiceModule = "OpenSim.Services.HypergridService.dll:HGFriendsService" 453 LocalServiceModule = "OpenSim.Services.HypergridService.dll:HGFriendsService"
diff --git a/bin/config-include/StandaloneCommon.ini.example b/bin/config-include/StandaloneCommon.ini.example
index d8ecba8..d5eb50d 100644
--- a/bin/config-include/StandaloneCommon.ini.example
+++ b/bin/config-include/StandaloneCommon.ini.example
@@ -53,15 +53,17 @@
53[HGAssetService] 53[HGAssetService]
54 HomeURI = "http://127.0.0.1:9000" 54 HomeURI = "http://127.0.0.1:9000"
55 55
56 ;; The asset types that other grids can get from / post to this service. 56 ;; The asset types that this service can export to / import from other grids.
57 ;; Comma separated.
57 ;; Valid values are all the asset types in OpenMetaverse.AssetType, namely: 58 ;; Valid values are all the asset types in OpenMetaverse.AssetType, namely:
58 ;; Unknown, Texture, Sound, CallingCard, Landmark, Clothing, Object, Notecard, LSLText, LSLBytecode, TextureTGA, Bodypart, SoundWAV, ImageTGA, ImageJPEG, Animation, Gesture, Mesh 59 ;; Unknown, Texture, Sound, CallingCard, Landmark, Clothing, Object, Notecard, LSLText,
60 ;; LSLBytecode, TextureTGA, Bodypart, SoundWAV, ImageTGA, ImageJPEG, Animation, Gesture, Mesh
59 ;; 61 ;;
60 ;; Leave blank or commented if you don't want to apply any restrictions. 62 ;; Leave blank or commented if you don't want to apply any restrictions.
61 ;; A more strict, but still reasonable, policy may be to disallow the exchange 63 ;; A more strict, but still reasonable, policy may be to disallow the exchange
62 ;; of scripts, like so: 64 ;; of scripts, like so:
63 ; DisallowGET ="LSLText" 65 ; DisallowExport ="LSLText"
64 ; DisallowPOST ="LSLBytecode" 66 ; DisallowImport ="LSLBytecode"
65 67
66 68
67[HGInventoryAccessModule] 69[HGInventoryAccessModule]