a few more changes on Permissions module

author: UbitUmarov 2017-01-18 22:25:49 +0000
committer: UbitUmarov 2017-01-18 22:25:49 +0000
commit: 1ff7e3499620417f3f1e8173200bec2624d99f1a (patch)
tree: f2057e99ea360e216e953ceb0d1a8f3eab96e555
parent: enforce effective perms hierarchy (diff)
download: opensim-SC_OLD-1ff7e3499620417f3f1e8173200bec2624d99f1a.zip
opensim-SC_OLD-1ff7e3499620417f3f1e8173200bec2624d99f1a.tar.gz
opensim-SC_OLD-1ff7e3499620417f3f1e8173200bec2624d99f1a.tar.bz2
opensim-SC_OLD-1ff7e3499620417f3f1e8173200bec2624d99f1a.tar.xz
1 files changed, 80 insertions, 90 deletions
diff --git a/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs b/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs
index 6e8ca55..d70cf61 100644
--- a/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs
+++ b/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs
@@ -882,9 +882,6 @@ namespace OpenSim.Region.CoreModules.World.Permissions
            if (group == null)
                return 0;
-            if (IsAdministrator(currentUser))
-                return (uint)PermissionMask.AllEffective;
            SceneObjectPart root = group.RootPart;
            if (root == null)
                return 0;
@@ -892,6 +889,14 @@ namespace OpenSim.Region.CoreModules.World.Permissions
            UUID objectOwner = group.OwnerID;
            bool locked = denyOnLocked && ((root.OwnerMask & PERM_LOCKED) == 0);
+            if (IsAdministrator(currentUser))
+            {
+                // do lock on admin owned objects
+                if(locked && currentUser == objectOwner)
+                    return (uint)(PermissionMask.AllEffective & ~PermissionMask.Modify);
+                return (uint)PermissionMask.AllEffective;
+            }
            uint lockmask = (uint)PermissionMask.AllEffective;
            if(locked)
                lockmask &= ~(uint)PermissionMask.Modify;
@@ -1185,7 +1190,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions
            return IsAdministrator(user);
        }
-        private bool CanDuplicateObject(int objectCount, UUID objectID, UUID owner, Scene scene, Vector3 objectPosition)
+        private bool CanDuplicateObject(int objectCount, UUID objectID, UUID userID, Scene scene, Vector3 objectPosition)
        {
            DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
            if (m_bypassPermissions) return m_bypassPermissionsValue;
@@ -1194,15 +1199,18 @@ namespace OpenSim.Region.CoreModules.World.Permissions
            if (sog == null)
                return false;
-            uint perms = GetObjectPermissions(owner, sog, false);
+            uint perms = GetObjectPermissions(userID, sog, false);
            if((perms & (uint)PermissionMask.Copy) == 0)
                return false;
+            if(sog.OwnerID != userID && sog.OwnerID != sog.GroupID && (perms & (uint)PermissionMask.Transfer) == 0)
+                return false;
            //If they can rez, they can duplicate
-            return CanRezObject(objectCount, owner, objectPosition, scene);
+            return CanRezObject(objectCount, userID, objectPosition, scene);
        }
-        private bool CanDeleteObject(UUID objectID, UUID deleter, Scene scene)
+        private bool CanDeleteObject(UUID objectID, UUID userID, Scene scene)
        {
            DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
            if (m_bypassPermissions) return m_bypassPermissionsValue;
@@ -1211,13 +1219,14 @@ namespace OpenSim.Region.CoreModules.World.Permissions
            if (sog == null)
                return false;
-            uint perms = GetObjectPermissions(deleter, sog, false);
+            // ignoring locked. viewers should warn and ask for confirmation
+            uint perms = GetObjectPermissions(userID, sog, false);
            if((perms & (uint)PermissionMask.Modify) == 0)
                return false;
            return true;
        }
-        private bool CanEditObject(UUID objectID, UUID editorID, Scene scene)
+        private bool CanEditObject(UUID objectID, UUID userID, Scene scene)
        {
            DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
            if (m_bypassPermissions) return m_bypassPermissionsValue;
@@ -1226,13 +1235,13 @@ namespace OpenSim.Region.CoreModules.World.Permissions
            if (sog == null)
                return false;
-            uint perms = GetObjectPermissions(editorID, sog, true);
+            uint perms = GetObjectPermissions(userID, sog, true);
            if((perms & (uint)PermissionMask.Modify) == 0)
                return false;
            return true;
        }
-        private bool CanEditObjectInventory(UUID objectID, UUID editorID, Scene scene)
+        private bool CanEditObjectInventory(UUID objectID, UUID userID, Scene scene)
        {
            DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
            if (m_bypassPermissions) return m_bypassPermissionsValue;
@@ -1241,18 +1250,18 @@ namespace OpenSim.Region.CoreModules.World.Permissions
            if (sog == null)
                return false;
-            uint perms = GetObjectPermissions(editorID, sog, true);
+            uint perms = GetObjectPermissions(userID, sog, true);
            if((perms & (uint)PermissionMask.Modify) == 0)
                return false;
            return true;
        }
-        private bool CanEditParcelProperties(UUID user, ILandObject parcel, GroupPowers p, Scene scene, bool allowManager)
+        private bool CanEditParcelProperties(UUID userID, ILandObject parcel, GroupPowers p, Scene scene, bool allowManager)
        {
            DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
            if (m_bypassPermissions) return m_bypassPermissionsValue;
-            return GenericParcelOwnerPermission(user, parcel, (ulong)p, false);
+            return GenericParcelOwnerPermission(userID, parcel, (ulong)p, false);
        }
        /// <summary>
@@ -1263,18 +1272,18 @@ namespace OpenSim.Region.CoreModules.World.Permissions
        /// <param name="user"></param>
        /// <param name="scene"></param>
        /// <returns></returns>
-        private bool CanEditScript(UUID script, UUID objectID, UUID user, Scene scene)
+        private bool CanEditScript(UUID script, UUID objectID, UUID userID, Scene scene)
        {
            DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
            if (m_bypassPermissions) return m_bypassPermissionsValue;
-            if (m_allowedScriptEditors == UserSet.Administrators && !IsAdministrator(user))
+            if (m_allowedScriptEditors == UserSet.Administrators && !IsAdministrator(userID))
                return false;
            // Ordinarily, if you can view it, you can edit it
            // There is no viewing a no mod script
            //
-            return CanViewScript(script, objectID, user, scene);
+            return CanViewScript(script, objectID, userID, scene);
        }
        /// <summary>
@@ -1316,7 +1325,11 @@ namespace OpenSim.Region.CoreModules.World.Permissions
            }
            else // Prim inventory
            {
-                SceneObjectGroup sog = scene.GetGroupByPrim(objectID);
+                SceneObjectPart part = scene.GetSceneObjectPart(objectID);
+                if (part == null)
+                    return false;
+                SceneObjectGroup sog = part.ParentGroup;
                if (sog == null)
                    return false;
@@ -1325,10 +1338,6 @@ namespace OpenSim.Region.CoreModules.World.Permissions
                if((perms & (uint)PermissionMask.Modify) == 0)
                    return false;
-                SceneObjectPart part = scene.GetSceneObjectPart(objectID);
-                if (part == null)
-                    return false;
                TaskInventoryItem ti = part.Inventory.GetInventoryItem(notecard);
                if (ti == null)
                    return false;
@@ -1426,7 +1435,6 @@ namespace OpenSim.Region.CoreModules.World.Permissions
            uint perms = GetObjectPermissions(moverID, sog, true);
            if((perms & (uint)PermissionMask.Move) == 0)
                return false;
-            // admins exception ?  if needed then should be done at GetObjectPermissions
            return true;
        }
@@ -1435,7 +1443,6 @@ namespace OpenSim.Region.CoreModules.World.Permissions
            DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
            if (m_bypassPermissions) return m_bypassPermissionsValue;
            // allow outide region??
            if (newPoint.X < -1f || newPoint.Y < -1f)
                return true;
@@ -1656,12 +1663,23 @@ namespace OpenSim.Region.CoreModules.World.Permissions
            return IsGroupMember(groupID, userID, (ulong)GroupPowers.ObjectSetForSale);
        }
-        private bool CanTakeObject(UUID objectID, UUID stealer, Scene scene)
+        private bool CanTakeObject(UUID objectID, UUID userID, Scene scene)
        {
            DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
            if (m_bypassPermissions) return m_bypassPermissionsValue;
-            return GenericObjectPermission(stealer,objectID, false);
+            SceneObjectGroup sog = m_scene.GetGroupByPrim(objectID);
+            if (sog == null)
+                return false;
+            // ignore locked, viewers shell ask for confirmation
+            uint perms = GetObjectPermissions(userID, sog, false);
+            if((perms & (uint)PermissionMask.Modify) == 0)
+                return false;
+            if (sog.OwnerID != userID && ((perms & (uint)PermissionMask.Transfer) == 0))
+                 return false;
+            return true;
        }
        private bool CanTakeCopyObject(UUID objectID, UUID userID, Scene inScene)
@@ -1669,44 +1687,17 @@ namespace OpenSim.Region.CoreModules.World.Permissions
            DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
            if (m_bypassPermissions) return m_bypassPermissionsValue;
-            bool permission = GenericObjectPermission(userID, objectID, false);
+            SceneObjectGroup sog = m_scene.GetGroupByPrim(objectID);
+            if (sog == null)
-            SceneObjectGroup so = (SceneObjectGroup)m_scene.Entities[objectID];
+                return false;
-            if (!permission)
-            {
-                if (!m_scene.Entities.ContainsKey(objectID))
-                {
-                    return false;
-                }
-                // If it's not an object, we cant edit it.
-                if (!(m_scene.Entities[objectID] is SceneObjectGroup))
-                {
-                    return false;
-                }
-                // UUID taskOwner = null;
-                // Added this because at this point in time it wouldn't be wise for
-                // the administrator object permissions to take effect.
-                // UUID objectOwner = task.OwnerID;
-                if ((so.RootPart.EveryoneMask & PERM_COPY) != 0)
-                    permission = true;
-            }
-            if (so.OwnerID != userID)
+            uint perms = GetObjectPermissions(userID, sog, true);
-            {
+            if((perms & (uint)PermissionMask.Copy) == 0)
-                if ((so.GetEffectivePermissions() & (PERM_COPY | PERM_TRANS)) != (PERM_COPY | PERM_TRANS))
+                return false;
-                    permission = false;
-            }
-            else
-            {
-                if ((so.GetEffectivePermissions() & PERM_COPY) != PERM_COPY)
-                    permission = false;
-            }
-            return permission;
+            if(sog.OwnerID != userID && sog.OwnerID != sog.GroupID && (perms & (uint)PermissionMask.Transfer) == 0)
+                 return false;
+            return true;
        }
        private bool CanTerraformLand(UUID user, Vector3 position, Scene requestFromScene)
@@ -1792,26 +1783,16 @@ namespace OpenSim.Region.CoreModules.World.Permissions
            else // Prim inventory
            {
                SceneObjectPart part = scene.GetSceneObjectPart(objectID);
                if (part == null)
                    return false;
-                if (part.OwnerID != user)
+                SceneObjectGroup sog = part.ParentGroup;
-                {
+                if (sog == null)
-                    if (part.GroupID == UUID.Zero)
+                    return false;
-                        return false;
-                    if (!IsGroupMember(part.GroupID, user, 0))
-                        return false;
-                    if ((part.GroupMask & (uint)PermissionMask.Modify) == 0)
+                uint perms = GetObjectPermissions(user, sog, true);
-                        return false;
+                if((perms & (uint)PermissionMask.Modify) == 0)
-                }
+                    return false;
-                else
-                {
-                    if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0)
-                        return false;
-                }
                TaskInventoryItem ti = part.Inventory.GetInventoryItem(script);
@@ -1876,20 +1857,15 @@ namespace OpenSim.Region.CoreModules.World.Permissions
            else // Prim inventory
            {
                SceneObjectPart part = scene.GetSceneObjectPart(objectID);
                if (part == null)
                    return false;
-                if (part.OwnerID != user)
+                SceneObjectGroup sog = part.ParentGroup;
-                {
+                if (sog == null)
-                    if (part.GroupID == UUID.Zero)
+                    return false;
-                        return false;
-                    if (!IsGroupMember(part.GroupID, user, 0))
-                        return false;
-                }
-                if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0)
+                uint perms = GetObjectPermissions(user, sog, true);
+                if((perms & (uint)PermissionMask.Modify) == 0)
                    return false;
                TaskInventoryItem ti = part.Inventory.GetInventoryItem(notecard);
@@ -1924,7 +1900,14 @@ namespace OpenSim.Region.CoreModules.World.Permissions
            DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
            if (m_bypassPermissions) return m_bypassPermissionsValue;
-            return GenericObjectPermission(userID, objectID, false);
+            SceneObjectGroup sog = m_scene.GetGroupByPrim(objectID);
+            if (sog == null)
+                return false;
+            uint perms = GetObjectPermissions(userID, sog, true);
+            if((perms & (uint)PermissionMask.Modify) == 0)
+                return false;
+            return true;
        }
        private bool CanDelinkObject(UUID userID, UUID objectID)
@@ -1932,7 +1915,14 @@ namespace OpenSim.Region.CoreModules.World.Permissions
            DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
            if (m_bypassPermissions) return m_bypassPermissionsValue;
-            return GenericObjectPermission(userID, objectID, false);
+            SceneObjectGroup sog = m_scene.GetGroupByPrim(objectID);
+            if (sog == null)
+                return false;
+            uint perms = GetObjectPermissions(userID, sog, true);
+            if((perms & (uint)PermissionMask.Modify) == 0)
+                return false;
+            return true;
        }
        private bool CanBuyLand(UUID userID, ILandObject parcel, Scene scene)
author	UbitUmarov	2017-01-18 22:25:49 +0000
committer	UbitUmarov	2017-01-18 22:25:49 +0000
commit	1ff7e3499620417f3f1e8173200bec2624d99f1a (patch)
tree	f2057e99ea360e216e953ceb0d1a8f3eab96e555
parent	enforce effective perms hierarchy (diff)
download	opensim-SC_OLD-1ff7e3499620417f3f1e8173200bec2624d99f1a.zip opensim-SC_OLD-1ff7e3499620417f3f1e8173200bec2624d99f1a.tar.gz opensim-SC_OLD-1ff7e3499620417f3f1e8173200bec2624d99f1a.tar.bz2 opensim-SC_OLD-1ff7e3499620417f3f1e8173200bec2624d99f1a.tar.xz

diff --git a/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs b/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs index 6e8ca55..d70cf61 100644 --- a/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs +++ b/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs
@@ -882,9 +882,6 @@ namespace OpenSim.Region.CoreModules.World.Permissions
882	if (group == null)	882	if (group == null)
883	return 0;	883	return 0;
884		884
885	if (IsAdministrator(currentUser))
886	return (uint)PermissionMask.AllEffective;
887
888	SceneObjectPart root = group.RootPart;	885	SceneObjectPart root = group.RootPart;
889	if (root == null)	886	if (root == null)
890	return 0;	887	return 0;
@@ -892,6 +889,14 @@ namespace OpenSim.Region.CoreModules.World.Permissions
892	UUID objectOwner = group.OwnerID;	889	UUID objectOwner = group.OwnerID;
893	bool locked = denyOnLocked && ((root.OwnerMask & PERM_LOCKED) == 0);	890	bool locked = denyOnLocked && ((root.OwnerMask & PERM_LOCKED) == 0);
894		891
		892	if (IsAdministrator(currentUser))
		893	{
		894	// do lock on admin owned objects
		895	if(locked && currentUser == objectOwner)
		896	return (uint)(PermissionMask.AllEffective & ~PermissionMask.Modify);
		897	return (uint)PermissionMask.AllEffective;
		898	}
		899
895	uint lockmask = (uint)PermissionMask.AllEffective;	900	uint lockmask = (uint)PermissionMask.AllEffective;
896	if(locked)	901	if(locked)
897	lockmask &= ~(uint)PermissionMask.Modify;	902	lockmask &= ~(uint)PermissionMask.Modify;
@@ -1185,7 +1190,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions
1185	return IsAdministrator(user);	1190	return IsAdministrator(user);
1186	}	1191	}
1187		1192
1188	private bool CanDuplicateObject(int objectCount, UUID objectID, UUID owner, Scene scene, Vector3 objectPosition)	1193	private bool CanDuplicateObject(int objectCount, UUID objectID, UUID userID, Scene scene, Vector3 objectPosition)
1189	{	1194	{
1190	DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);	1195	DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
1191	if (m_bypassPermissions) return m_bypassPermissionsValue;	1196	if (m_bypassPermissions) return m_bypassPermissionsValue;
@@ -1194,15 +1199,18 @@ namespace OpenSim.Region.CoreModules.World.Permissions
1194	if (sog == null)	1199	if (sog == null)
1195	return false;	1200	return false;
1196		1201
1197	uint perms = GetObjectPermissions(owner, sog, false);	1202	uint perms = GetObjectPermissions(userID, sog, false);
1198	if((perms & (uint)PermissionMask.Copy) == 0)	1203	if((perms & (uint)PermissionMask.Copy) == 0)
1199	return false;	1204	return false;
1200		1205
		1206	if(sog.OwnerID != userID && sog.OwnerID != sog.GroupID && (perms & (uint)PermissionMask.Transfer) == 0)
		1207	return false;
		1208
1201	//If they can rez, they can duplicate	1209	//If they can rez, they can duplicate
1202	return CanRezObject(objectCount, owner, objectPosition, scene);	1210	return CanRezObject(objectCount, userID, objectPosition, scene);
1203	}	1211	}
1204		1212
1205	private bool CanDeleteObject(UUID objectID, UUID deleter, Scene scene)	1213	private bool CanDeleteObject(UUID objectID, UUID userID, Scene scene)
1206	{	1214	{
1207	DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);	1215	DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
1208	if (m_bypassPermissions) return m_bypassPermissionsValue;	1216	if (m_bypassPermissions) return m_bypassPermissionsValue;
@@ -1211,13 +1219,14 @@ namespace OpenSim.Region.CoreModules.World.Permissions
1211	if (sog == null)	1219	if (sog == null)
1212	return false;	1220	return false;
1213		1221
1214	uint perms = GetObjectPermissions(deleter, sog, false);	1222	// ignoring locked. viewers should warn and ask for confirmation
		1223	uint perms = GetObjectPermissions(userID, sog, false);
1215	if((perms & (uint)PermissionMask.Modify) == 0)	1224	if((perms & (uint)PermissionMask.Modify) == 0)
1216	return false;	1225	return false;
1217	return true;	1226	return true;
1218	}	1227	}
1219		1228
1220	private bool CanEditObject(UUID objectID, UUID editorID, Scene scene)	1229	private bool CanEditObject(UUID objectID, UUID userID, Scene scene)
1221	{	1230	{
1222	DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);	1231	DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
1223	if (m_bypassPermissions) return m_bypassPermissionsValue;	1232	if (m_bypassPermissions) return m_bypassPermissionsValue;
@@ -1226,13 +1235,13 @@ namespace OpenSim.Region.CoreModules.World.Permissions
1226	if (sog == null)	1235	if (sog == null)
1227	return false;	1236	return false;
1228		1237
1229	uint perms = GetObjectPermissions(editorID, sog, true);	1238	uint perms = GetObjectPermissions(userID, sog, true);
1230	if((perms & (uint)PermissionMask.Modify) == 0)	1239	if((perms & (uint)PermissionMask.Modify) == 0)
1231	return false;	1240	return false;
1232	return true;	1241	return true;
1233	}	1242	}
1234		1243
1235	private bool CanEditObjectInventory(UUID objectID, UUID editorID, Scene scene)	1244	private bool CanEditObjectInventory(UUID objectID, UUID userID, Scene scene)
1236	{	1245	{
1237	DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);	1246	DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
1238	if (m_bypassPermissions) return m_bypassPermissionsValue;	1247	if (m_bypassPermissions) return m_bypassPermissionsValue;
@@ -1241,18 +1250,18 @@ namespace OpenSim.Region.CoreModules.World.Permissions
1241	if (sog == null)	1250	if (sog == null)
1242	return false;	1251	return false;
1243		1252
1244	uint perms = GetObjectPermissions(editorID, sog, true);	1253	uint perms = GetObjectPermissions(userID, sog, true);
1245	if((perms & (uint)PermissionMask.Modify) == 0)	1254	if((perms & (uint)PermissionMask.Modify) == 0)
1246	return false;	1255	return false;
1247	return true;	1256	return true;
1248	}	1257	}
1249		1258
1250	private bool CanEditParcelProperties(UUID user, ILandObject parcel, GroupPowers p, Scene scene, bool allowManager)	1259	private bool CanEditParcelProperties(UUID userID, ILandObject parcel, GroupPowers p, Scene scene, bool allowManager)
1251	{	1260	{
1252	DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);	1261	DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
1253	if (m_bypassPermissions) return m_bypassPermissionsValue;	1262	if (m_bypassPermissions) return m_bypassPermissionsValue;
1254		1263
1255	return GenericParcelOwnerPermission(user, parcel, (ulong)p, false);	1264	return GenericParcelOwnerPermission(userID, parcel, (ulong)p, false);
1256	}	1265	}
1257		1266
1258	/// <summary>	1267	/// <summary>
@@ -1263,18 +1272,18 @@ namespace OpenSim.Region.CoreModules.World.Permissions
1263	/// <param name="user"></param>	1272	/// <param name="user"></param>
1264	/// <param name="scene"></param>	1273	/// <param name="scene"></param>
1265	/// <returns></returns>	1274	/// <returns></returns>
1266	private bool CanEditScript(UUID script, UUID objectID, UUID user, Scene scene)	1275	private bool CanEditScript(UUID script, UUID objectID, UUID userID, Scene scene)
1267	{	1276	{
1268	DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);	1277	DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
1269	if (m_bypassPermissions) return m_bypassPermissionsValue;	1278	if (m_bypassPermissions) return m_bypassPermissionsValue;
1270		1279
1271	if (m_allowedScriptEditors == UserSet.Administrators && !IsAdministrator(user))	1280	if (m_allowedScriptEditors == UserSet.Administrators && !IsAdministrator(userID))
1272	return false;	1281	return false;
1273		1282
1274	// Ordinarily, if you can view it, you can edit it	1283	// Ordinarily, if you can view it, you can edit it
1275	// There is no viewing a no mod script	1284	// There is no viewing a no mod script
1276	//	1285	//
1277	return CanViewScript(script, objectID, user, scene);	1286	return CanViewScript(script, objectID, userID, scene);
1278	}	1287	}
1279		1288
1280	/// <summary>	1289	/// <summary>
@@ -1316,7 +1325,11 @@ namespace OpenSim.Region.CoreModules.World.Permissions
1316	}	1325	}
1317	else // Prim inventory	1326	else // Prim inventory
1318	{	1327	{
1319	SceneObjectGroup sog = scene.GetGroupByPrim(objectID);	1328	SceneObjectPart part = scene.GetSceneObjectPart(objectID);
		1329	if (part == null)
		1330	return false;
		1331
		1332	SceneObjectGroup sog = part.ParentGroup;
1320	if (sog == null)	1333	if (sog == null)
1321	return false;	1334	return false;
1322		1335
@@ -1325,10 +1338,6 @@ namespace OpenSim.Region.CoreModules.World.Permissions
1325	if((perms & (uint)PermissionMask.Modify) == 0)	1338	if((perms & (uint)PermissionMask.Modify) == 0)
1326	return false;	1339	return false;
1327		1340
1328	SceneObjectPart part = scene.GetSceneObjectPart(objectID);
1329	if (part == null)
1330	return false;
1331
1332	TaskInventoryItem ti = part.Inventory.GetInventoryItem(notecard);	1341	TaskInventoryItem ti = part.Inventory.GetInventoryItem(notecard);
1333	if (ti == null)	1342	if (ti == null)
1334	return false;	1343	return false;
@@ -1426,7 +1435,6 @@ namespace OpenSim.Region.CoreModules.World.Permissions
1426	uint perms = GetObjectPermissions(moverID, sog, true);	1435	uint perms = GetObjectPermissions(moverID, sog, true);
1427	if((perms & (uint)PermissionMask.Move) == 0)	1436	if((perms & (uint)PermissionMask.Move) == 0)
1428	return false;	1437	return false;
1429	// admins exception ? if needed then should be done at GetObjectPermissions
1430	return true;	1438	return true;
1431	}	1439	}
1432		1440
@@ -1435,7 +1443,6 @@ namespace OpenSim.Region.CoreModules.World.Permissions
1435	DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);	1443	DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
1436	if (m_bypassPermissions) return m_bypassPermissionsValue;	1444	if (m_bypassPermissions) return m_bypassPermissionsValue;
1437		1445
1438
1439	// allow outide region??	1446	// allow outide region??
1440	if (newPoint.X < -1f \|\| newPoint.Y < -1f)	1447	if (newPoint.X < -1f \|\| newPoint.Y < -1f)
1441	return true;	1448	return true;
@@ -1656,12 +1663,23 @@ namespace OpenSim.Region.CoreModules.World.Permissions
1656	return IsGroupMember(groupID, userID, (ulong)GroupPowers.ObjectSetForSale);	1663	return IsGroupMember(groupID, userID, (ulong)GroupPowers.ObjectSetForSale);
1657	}	1664	}
1658		1665
1659	private bool CanTakeObject(UUID objectID, UUID stealer, Scene scene)	1666	private bool CanTakeObject(UUID objectID, UUID userID, Scene scene)
1660	{	1667	{
1661	DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);	1668	DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
1662	if (m_bypassPermissions) return m_bypassPermissionsValue;	1669	if (m_bypassPermissions) return m_bypassPermissionsValue;
1663		1670
1664	return GenericObjectPermission(stealer,objectID, false);	1671	SceneObjectGroup sog = m_scene.GetGroupByPrim(objectID);
		1672	if (sog == null)
		1673	return false;
		1674
		1675	// ignore locked, viewers shell ask for confirmation
		1676	uint perms = GetObjectPermissions(userID, sog, false);
		1677	if((perms & (uint)PermissionMask.Modify) == 0)
		1678	return false;
		1679
		1680	if (sog.OwnerID != userID && ((perms & (uint)PermissionMask.Transfer) == 0))
		1681	return false;
		1682	return true;
1665	}	1683	}
1666		1684
1667	private bool CanTakeCopyObject(UUID objectID, UUID userID, Scene inScene)	1685	private bool CanTakeCopyObject(UUID objectID, UUID userID, Scene inScene)
@@ -1669,44 +1687,17 @@ namespace OpenSim.Region.CoreModules.World.Permissions
1669	DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);	1687	DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
1670	if (m_bypassPermissions) return m_bypassPermissionsValue;	1688	if (m_bypassPermissions) return m_bypassPermissionsValue;
1671		1689
1672	bool permission = GenericObjectPermission(userID, objectID, false);	1690	SceneObjectGroup sog = m_scene.GetGroupByPrim(objectID);
1673		1691	if (sog == null)
1674	SceneObjectGroup so = (SceneObjectGroup)m_scene.Entities[objectID];	1692	return false;
1675
1676	if (!permission)
1677	{
1678	if (!m_scene.Entities.ContainsKey(objectID))
1679	{
1680	return false;
1681	}
1682
1683	// If it's not an object, we cant edit it.
1684	if (!(m_scene.Entities[objectID] is SceneObjectGroup))
1685	{
1686	return false;
1687	}
1688
1689	// UUID taskOwner = null;
1690	// Added this because at this point in time it wouldn't be wise for
1691	// the administrator object permissions to take effect.
1692	// UUID objectOwner = task.OwnerID;
1693
1694	if ((so.RootPart.EveryoneMask & PERM_COPY) != 0)
1695	permission = true;
1696	}
1697		1693
1698	if (so.OwnerID != userID)	1694	uint perms = GetObjectPermissions(userID, sog, true);
1699	{	1695	if((perms & (uint)PermissionMask.Copy) == 0)
1700	if ((so.GetEffectivePermissions() & (PERM_COPY \| PERM_TRANS)) != (PERM_COPY \| PERM_TRANS))	1696	return false;
1701	permission = false;
1702	}
1703	else
1704	{
1705	if ((so.GetEffectivePermissions() & PERM_COPY) != PERM_COPY)
1706	permission = false;
1707	}
1708		1697
1709	return permission;	1698	if(sog.OwnerID != userID && sog.OwnerID != sog.GroupID && (perms & (uint)PermissionMask.Transfer) == 0)
		1699	return false;
		1700	return true;
1710	}	1701	}
1711		1702
1712	private bool CanTerraformLand(UUID user, Vector3 position, Scene requestFromScene)	1703	private bool CanTerraformLand(UUID user, Vector3 position, Scene requestFromScene)
@@ -1792,26 +1783,16 @@ namespace OpenSim.Region.CoreModules.World.Permissions
1792	else // Prim inventory	1783	else // Prim inventory
1793	{	1784	{
1794	SceneObjectPart part = scene.GetSceneObjectPart(objectID);	1785	SceneObjectPart part = scene.GetSceneObjectPart(objectID);
1795
1796	if (part == null)	1786	if (part == null)
1797	return false;	1787	return false;
1798		1788
1799	if (part.OwnerID != user)	1789	SceneObjectGroup sog = part.ParentGroup;
1800	{	1790	if (sog == null)
1801	if (part.GroupID == UUID.Zero)	1791	return false;
1802	return false;
1803
1804	if (!IsGroupMember(part.GroupID, user, 0))
1805	return false;
1806		1792
1807	if ((part.GroupMask & (uint)PermissionMask.Modify) == 0)	1793	uint perms = GetObjectPermissions(user, sog, true);
1808	return false;	1794	if((perms & (uint)PermissionMask.Modify) == 0)
1809	}	1795	return false;
1810	else
1811	{
1812	if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0)
1813	return false;
1814	}
1815		1796
1816	TaskInventoryItem ti = part.Inventory.GetInventoryItem(script);	1797	TaskInventoryItem ti = part.Inventory.GetInventoryItem(script);
1817		1798
@@ -1876,20 +1857,15 @@ namespace OpenSim.Region.CoreModules.World.Permissions
1876	else // Prim inventory	1857	else // Prim inventory
1877	{	1858	{
1878	SceneObjectPart part = scene.GetSceneObjectPart(objectID);	1859	SceneObjectPart part = scene.GetSceneObjectPart(objectID);
1879
1880	if (part == null)	1860	if (part == null)
1881	return false;	1861	return false;
1882		1862
1883	if (part.OwnerID != user)	1863	SceneObjectGroup sog = part.ParentGroup;
1884	{	1864	if (sog == null)
1885	if (part.GroupID == UUID.Zero)	1865	return false;
1886	return false;
1887
1888	if (!IsGroupMember(part.GroupID, user, 0))
1889	return false;
1890	}
1891		1866
1892	if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0)	1867	uint perms = GetObjectPermissions(user, sog, true);
		1868	if((perms & (uint)PermissionMask.Modify) == 0)
1893	return false;	1869	return false;
1894		1870
1895	TaskInventoryItem ti = part.Inventory.GetInventoryItem(notecard);	1871	TaskInventoryItem ti = part.Inventory.GetInventoryItem(notecard);
@@ -1924,7 +1900,14 @@ namespace OpenSim.Region.CoreModules.World.Permissions
1924	DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);	1900	DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
1925	if (m_bypassPermissions) return m_bypassPermissionsValue;	1901	if (m_bypassPermissions) return m_bypassPermissionsValue;
1926		1902
1927	return GenericObjectPermission(userID, objectID, false);	1903	SceneObjectGroup sog = m_scene.GetGroupByPrim(objectID);
		1904	if (sog == null)
		1905	return false;
		1906
		1907	uint perms = GetObjectPermissions(userID, sog, true);
		1908	if((perms & (uint)PermissionMask.Modify) == 0)
		1909	return false;
		1910	return true;
1928	}	1911	}
1929		1912
1930	private bool CanDelinkObject(UUID userID, UUID objectID)	1913	private bool CanDelinkObject(UUID userID, UUID objectID)
@@ -1932,7 +1915,14 @@ namespace OpenSim.Region.CoreModules.World.Permissions
1932	DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);	1915	DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
1933	if (m_bypassPermissions) return m_bypassPermissionsValue;	1916	if (m_bypassPermissions) return m_bypassPermissionsValue;
1934		1917
1935	return GenericObjectPermission(userID, objectID, false);	1918	SceneObjectGroup sog = m_scene.GetGroupByPrim(objectID);
		1919	if (sog == null)
		1920	return false;
		1921
		1922	uint perms = GetObjectPermissions(userID, sog, true);
		1923	if((perms & (uint)PermissionMask.Modify) == 0)
		1924	return false;
		1925	return true;
1936	}	1926	}
1937		1927
1938	private bool CanBuyLand(UUID userID, ILandObject parcel, Scene scene)	1928	private bool CanBuyLand(UUID userID, ILandObject parcel, Scene scene)