aboutsummaryrefslogtreecommitdiffstatshomepage
diff options
context:
space:
mode:
authorUbitUmarov2017-01-17 14:30:20 +0000
committerUbitUmarov2017-01-17 14:30:20 +0000
commit06bca0388f303067c592e59d38c4bd885d1baa51 (patch)
treef0d6c9a8599d23a55c7836849c2ca12787feac61
parentadd more calls to effective permissions aggregation, some paths may still be ... (diff)
downloadopensim-SC_OLD-06bca0388f303067c592e59d38c4bd885d1baa51.zip
opensim-SC_OLD-06bca0388f303067c592e59d38c4bd885d1baa51.tar.gz
opensim-SC_OLD-06bca0388f303067c592e59d38c4bd885d1baa51.tar.bz2
opensim-SC_OLD-06bca0388f303067c592e59d38c4bd885d1baa51.tar.xz
Permissions module: add GetObjectPermissions() that should replace GenericObjectPermission
-rw-r--r--OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs78
1 files changed, 77 insertions, 1 deletions
diff --git a/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs b/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs
index dcf0c00..57288dc 100644
--- a/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs
+++ b/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs
@@ -76,7 +76,8 @@ namespace OpenSim.Region.CoreModules.World.Permissions
76 //private uint PERM_MODIFY = (uint)16384; 76 //private uint PERM_MODIFY = (uint)16384;
77 private uint PERM_MOVE = (uint)524288; 77 private uint PERM_MOVE = (uint)524288;
78 private uint PERM_TRANS = (uint)8192; 78 private uint PERM_TRANS = (uint)8192;
79 private uint PERM_LOCKED = (uint)540672; 79// private uint PERM_LOCKED = (uint)540672;
80 private uint PERM_LOCKED = (uint)524288; // same as move
80 81
81 /// <value> 82 /// <value>
82 /// Different user set names that come in from the configuration file. 83 /// Different user set names that come in from the configuration file.
@@ -479,6 +480,23 @@ namespace OpenSim.Region.CoreModules.World.Permissions
479 480
480 return false; 481 return false;
481 } 482 }
483
484 protected bool GroupMemberPowers(UUID groupID, UUID userID, ref ulong powers)
485 {
486 powers = 0;
487 if (null == GroupsModule)
488 return false;
489
490 GroupMembershipData gmd = GroupsModule.GetMembershipData(groupID, userID);
491
492 if (gmd != null)
493 {
494 powers = gmd.GroupPowers;
495 return true;
496 }
497 return false;
498 }
499
482/* 500/*
483 private bool CheckGroupPowers(ScenePresence sp, UUID groupID, ulong powersMask) 501 private bool CheckGroupPowers(ScenePresence sp, UUID groupID, ulong powersMask)
484 { 502 {
@@ -863,6 +881,64 @@ namespace OpenSim.Region.CoreModules.World.Permissions
863 /// <param name="objId">This is a scene object group UUID</param> 881 /// <param name="objId">This is a scene object group UUID</param>
864 /// <param name="denyOnLocked"></param> 882 /// <param name="denyOnLocked"></param>
865 /// <returns></returns> 883 /// <returns></returns>
884 protected uint GetObjectPermissions(UUID currentUser, UUID objId, bool denyOnLocked)
885 {
886 SceneObjectPart part = m_scene.GetSceneObjectPart(objId);
887 if (part == null)
888 return 0;
889
890 // Admin should be able to edit anything in the sim (including admin objects)
891 if (IsAdministrator(currentUser))
892 return (uint)PermissionMask.AllEffective;
893
894 SceneObjectGroup group = part.ParentGroup;
895 SceneObjectPart root = group.RootPart;
896 if (root == null)
897 return 0;
898
899 UUID objectOwner = group.OwnerID;
900 bool locked = denyOnLocked && ((root.OwnerMask & PERM_LOCKED) == 0);
901
902 uint lockmask = (uint)PermissionMask.AllEffective;
903 if(locked)
904 lockmask = (uint)PermissionMask.Move;
905
906 if (currentUser == objectOwner)
907 return group.EffectiveOwnerPerms & lockmask;
908
909 if (group.IsAttachment)
910 return 0;
911
912 // Friends with benefits should be able to edit the objects too
913 if (IsFriendWithPerms(currentUser, objectOwner))
914 return group.EffectiveOwnerPerms & lockmask;
915
916 UUID sogGroupID = group.GroupID;
917 if (sogGroupID != UUID.Zero)
918 {
919 ulong powers = 0;
920 if(GroupMemberPowers(sogGroupID, currentUser, ref powers))
921 {
922 if(sogGroupID == objectOwner)
923 {
924 if((powers & (ulong)GroupPowers.ObjectManipulate) != 0)
925 return group.EffectiveOwnerPerms & lockmask;
926 }
927 return group.EffectiveGroupOrEveryOnePerms & lockmask;
928 }
929 }
930
931 return group.EffectiveEveryOnePerms & lockmask;
932 }
933
934 /// <summary>
935 /// General permissions checks for any operation involving an object. These supplement more specific checks
936 /// implemented by callers.
937 /// </summary>
938 /// <param name="currentUser"></param>
939 /// <param name="objId">This is a scene object group UUID</param>
940 /// <param name="denyOnLocked"></param>
941 /// <returns></returns>
866 protected bool GenericObjectPermission(UUID currentUser, UUID objId, bool denyOnLocked) 942 protected bool GenericObjectPermission(UUID currentUser, UUID objId, bool denyOnLocked)
867 { 943 {
868 // Default: deny 944 // Default: deny