Added optional owner classes to existing OSSL agent Permissions

PARCEL_GROUP, PARCEL_OWNER, ESTATE_MANAGER and REGION_OWNER can be combined with the existing agent uuid option to limit ossl functions to agents and owner classes. Signed-off-by: BlueWall <jamesh@bluewallgroup.com>
author: Michelle Argus 2011-10-26 15:03:10 +0200
committer: BlueWall 2011-10-26 10:35:50 -0400
commit: 41395d544386fbee2d26909a590d4fa9720fdf5f (patch)
tree: f2657625f1503b0aa945817cf97d0335ba2de731
parent: Implementation of PRIM_OMEGA, but only for setting (diff)
download: opensim-SC_OLD-41395d544386fbee2d26909a590d4fa9720fdf5f.zip
opensim-SC_OLD-41395d544386fbee2d26909a590d4fa9720fdf5f.tar.gz
opensim-SC_OLD-41395d544386fbee2d26909a590d4fa9720fdf5f.tar.bz2
opensim-SC_OLD-41395d544386fbee2d26909a590d4fa9720fdf5f.tar.xz
3 files changed, 75 insertions, 6 deletions
diff --git a/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs b/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs
index 52d787d..3cfc3c9 100644
--- a/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs
+++ b/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs
@@ -113,11 +113,13 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
    {
        public List<UUID> AllowedCreators;
        public List<UUID> AllowedOwners;
+        public List<string> AllowedOwnerClasses;
        public FunctionPerms()
        {
            AllowedCreators = new List<UUID>();
            AllowedOwners = new List<UUID>();
+            AllowedOwnerClasses = new List<string>();
        }
    }
@@ -245,6 +247,7 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
                    // Default behavior
                    perms.AllowedOwners = null;
                    perms.AllowedCreators = null;
+                    perms.AllowedOwnerClasses = null;
                }
                else
                {
@@ -265,12 +268,20 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
                        foreach (string id in ids)
                        {
                            string current = id.Trim();
-                            UUID uuid;
+                            if (current.ToUpper() == "PARCEL_GROUP_MEMBER" || current.ToUpper() == "PARCEL_OWNER" || current.ToUpper() == "ESTATE_MANAGER" || current.ToUpper() == "ESTATE_OWNER")
-                            if (UUID.TryParse(current, out uuid))
                            {
-                                if (uuid != UUID.Zero)
+                                if (!perms.AllowedOwnerClasses.Contains(current))
-                                    perms.AllowedOwners.Add(uuid);
+                                    perms.AllowedOwnerClasses.Add(current.ToUpper());
+                            }
+                            else
+                            {
+                                UUID uuid;
+                                if (UUID.TryParse(current, out uuid))
+                                {
+                                    if (uuid != UUID.Zero)
+                                        perms.AllowedOwners.Add(uuid);
+                                }
                            }
                        }
@@ -326,11 +337,55 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
                            String.Format("{0} permission error. Can't find script in prim inventory.",
                            function));
                    }
+                    UUID ownerID = ti.OwnerID;
+                    //OSSL only may be used if objet is in the same group as the parcel
+                    if (m_FunctionPerms[function].AllowedOwnerClasses.Contains("PARCEL_GROUP_MEMBER"))
+                    {
+                        ILandObject land = World.LandChannel.GetLandObject(m_host.AbsolutePosition.X, m_host.AbsolutePosition.Y);
+                        if (land.LandData.GroupID == ti.GroupID && land.LandData.GroupID != UUID.Zero)
+                        {
+                            return;
+                        }
+                    }
+                    //Only Parcelowners may use the function
+                    if (m_FunctionPerms[function].AllowedOwnerClasses.Contains("PARCEL_OWNER"))
+                    {
+                        ILandObject land = World.LandChannel.GetLandObject(m_host.AbsolutePosition.X, m_host.AbsolutePosition.Y);
+                        if (land.LandData.OwnerID == ownerID)
+                        {
+                            return;
+                        }
+                    }
+                    //Only Estate Managers may use the function
+                    if (m_FunctionPerms[function].AllowedOwnerClasses.Contains("ESTATE_MANAGER"))
+                    {
+                        //Only Estate Managers may use the function
+                        if (World.RegionInfo.EstateSettings.IsEstateManager(ownerID) && World.RegionInfo.EstateSettings.EstateOwner != ownerID)
+                        {
+                            return;
+                        }
+                    }
+                    //Only regionowners may use the function
+                    if (m_FunctionPerms[function].AllowedOwnerClasses.Contains("ESTATE_OWNER"))
+                    {
+                        if (World.RegionInfo.EstateSettings.EstateOwner == ownerID)
+                        {
+                            return;
+                        }
+                    }
                    if (!m_FunctionPerms[function].AllowedCreators.Contains(ti.CreatorID))
                        OSSLError(
                            String.Format("{0} permission denied. Script creator is not in the list of users allowed to execute this function and prim owner also has no permission.",
                            function));
-                    if (ti.CreatorID != ti.OwnerID)
+                    if (ti.CreatorID != ownerID)
                    {
                        if ((ti.CurrentPermissions & (uint)PermissionMask.Modify) != 0)
                            OSSLError(
diff --git a/bin/OpenSim.ini.example b/bin/OpenSim.ini.example
index 44da31c..80f4c0e 100644..100755
--- a/bin/OpenSim.ini.example
+++ b/bin/OpenSim.ini.example
@@ -617,6 +617,13 @@
    
    ; Comma separated list of UUIDS allows the function for that list of UUIDS
    ; Allow_osSetRegionWaterHeight = 888760cb-a3cf-43ac-8ea4-8732fd3ee2bb
+    
+    ; Comma separated list of owner classes that allow the function for a particular class of owners. Choices are
+    ; - PARCEL_GROUP_MEMBER: allow if objectgroup is the same group as the parcel
+    ; - PARCEL_OWNER: allow if the objectowner is parcelowner
+    ; - ESTATE_MANAGER: allow if the object owner is a estate manager
+    ; - ESTATE_OWNER: allow if objectowner is estateowner
+    ; Allow_osSetRegionWaterHeight = 888760cb-a3cf-43ac-8ea4-8732fd3ee2bb, PARCEL_OWNER, ESTATE_OWNER>, ...
    ; You can also use script creators as the uuid
    ; Creators_osSetRegionWaterHeight = <uuid>, ...
diff --git a/bin/OpenSimDefaults.ini b/bin/OpenSimDefaults.ini
index 7df4357..16ce125 100644
--- a/bin/OpenSimDefaults.ini
+++ b/bin/OpenSimDefaults.ini
@@ -1196,6 +1196,13 @@
    ; Comma separated list of UUIDS allows the function for that list of UUIDS
    ; Allow_osSetRegionWaterHeight = 888760cb-a3cf-43ac-8ea4-8732fd3ee2bb
+    
+    ; Comma separated list of owner classes that allow the function for a particular class of owners. Choices are
+    ; - PARCEL_GROUP_MEMBER: allow if objectgroup is the same group as the parcel
+    ; - PARCEL_OWNER: allow if the objectowner is parcelowner
+    ; - ESTATE_MANAGER: allow if the object owner is a estate manager
+    ; - ESTATE_OWNER: allow if objectowner is estateowner
+    ; Allow_osSetRegionWaterHeight = 888760cb-a3cf-43ac-8ea4-8732fd3ee2bb, PARCEL_OWNER, ESTATE_OWNER>, ...
    ; You can also use script creators as the uuid
    ; Creators_osSetRegionWaterHeight = <uuid>, ...
author	Michelle Argus	2011-10-26 15:03:10 +0200
committer	BlueWall	2011-10-26 10:35:50 -0400
commit	41395d544386fbee2d26909a590d4fa9720fdf5f (patch)
tree	f2657625f1503b0aa945817cf97d0335ba2de731
parent	Implementation of PRIM_OMEGA, but only for setting (diff)
download	opensim-SC_OLD-41395d544386fbee2d26909a590d4fa9720fdf5f.zip opensim-SC_OLD-41395d544386fbee2d26909a590d4fa9720fdf5f.tar.gz opensim-SC_OLD-41395d544386fbee2d26909a590d4fa9720fdf5f.tar.bz2 opensim-SC_OLD-41395d544386fbee2d26909a590d4fa9720fdf5f.tar.xz

diff --git a/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs b/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs index 52d787d..3cfc3c9 100644 --- a/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs +++ b/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs
@@ -113,11 +113,13 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
113	{	113	{
114	public List<UUID> AllowedCreators;	114	public List<UUID> AllowedCreators;
115	public List<UUID> AllowedOwners;	115	public List<UUID> AllowedOwners;
		116	public List<string> AllowedOwnerClasses;
116		117
117	public FunctionPerms()	118	public FunctionPerms()
118	{	119	{
119	AllowedCreators = new List<UUID>();	120	AllowedCreators = new List<UUID>();
120	AllowedOwners = new List<UUID>();	121	AllowedOwners = new List<UUID>();
		122	AllowedOwnerClasses = new List<string>();
121	}	123	}
122	}	124	}
123		125
@@ -245,6 +247,7 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
245	// Default behavior	247	// Default behavior
246	perms.AllowedOwners = null;	248	perms.AllowedOwners = null;
247	perms.AllowedCreators = null;	249	perms.AllowedCreators = null;
		250	perms.AllowedOwnerClasses = null;
248	}	251	}
249	else	252	else
250	{	253	{
@@ -265,12 +268,20 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
265	foreach (string id in ids)	268	foreach (string id in ids)
266	{	269	{
267	string current = id.Trim();	270	string current = id.Trim();
268	UUID uuid;	271	if (current.ToUpper() == "PARCEL_GROUP_MEMBER" \|\| current.ToUpper() == "PARCEL_OWNER" \|\| current.ToUpper() == "ESTATE_MANAGER" \|\| current.ToUpper() == "ESTATE_OWNER")
269
270	if (UUID.TryParse(current, out uuid))
271	{	272	{
272	if (uuid != UUID.Zero)	273	if (!perms.AllowedOwnerClasses.Contains(current))
273	perms.AllowedOwners.Add(uuid);	274	perms.AllowedOwnerClasses.Add(current.ToUpper());
		275	}
		276	else
		277	{
		278	UUID uuid;
		279
		280	if (UUID.TryParse(current, out uuid))
		281	{
		282	if (uuid != UUID.Zero)
		283	perms.AllowedOwners.Add(uuid);
		284	}
274	}	285	}
275	}	286	}
276		287
@@ -326,11 +337,55 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
326	String.Format("{0} permission error. Can't find script in prim inventory.",	337	String.Format("{0} permission error. Can't find script in prim inventory.",
327	function));	338	function));
328	}	339	}
		340
		341	UUID ownerID = ti.OwnerID;
		342
		343	//OSSL only may be used if objet is in the same group as the parcel
		344	if (m_FunctionPerms[function].AllowedOwnerClasses.Contains("PARCEL_GROUP_MEMBER"))
		345	{
		346	ILandObject land = World.LandChannel.GetLandObject(m_host.AbsolutePosition.X, m_host.AbsolutePosition.Y);
		347
		348	if (land.LandData.GroupID == ti.GroupID && land.LandData.GroupID != UUID.Zero)
		349	{
		350	return;
		351	}
		352	}
		353
		354	//Only Parcelowners may use the function
		355	if (m_FunctionPerms[function].AllowedOwnerClasses.Contains("PARCEL_OWNER"))
		356	{
		357	ILandObject land = World.LandChannel.GetLandObject(m_host.AbsolutePosition.X, m_host.AbsolutePosition.Y);
		358
		359	if (land.LandData.OwnerID == ownerID)
		360	{
		361	return;
		362	}
		363	}
		364
		365	//Only Estate Managers may use the function
		366	if (m_FunctionPerms[function].AllowedOwnerClasses.Contains("ESTATE_MANAGER"))
		367	{
		368	//Only Estate Managers may use the function
		369	if (World.RegionInfo.EstateSettings.IsEstateManager(ownerID) && World.RegionInfo.EstateSettings.EstateOwner != ownerID)
		370	{
		371	return;
		372	}
		373	}
		374
		375	//Only regionowners may use the function
		376	if (m_FunctionPerms[function].AllowedOwnerClasses.Contains("ESTATE_OWNER"))
		377	{
		378	if (World.RegionInfo.EstateSettings.EstateOwner == ownerID)
		379	{
		380	return;
		381	}
		382	}
		383
329	if (!m_FunctionPerms[function].AllowedCreators.Contains(ti.CreatorID))	384	if (!m_FunctionPerms[function].AllowedCreators.Contains(ti.CreatorID))
330	OSSLError(	385	OSSLError(
331	String.Format("{0} permission denied. Script creator is not in the list of users allowed to execute this function and prim owner also has no permission.",	386	String.Format("{0} permission denied. Script creator is not in the list of users allowed to execute this function and prim owner also has no permission.",
332	function));	387	function));
333	if (ti.CreatorID != ti.OwnerID)	388	if (ti.CreatorID != ownerID)
334	{	389	{
335	if ((ti.CurrentPermissions & (uint)PermissionMask.Modify) != 0)	390	if ((ti.CurrentPermissions & (uint)PermissionMask.Modify) != 0)
336	OSSLError(	391	OSSLError(


diff --git a/bin/OpenSim.ini.example b/bin/OpenSim.ini.example index 44da31c..80f4c0e 100644..100755 --- a/bin/OpenSim.ini.example +++ b/bin/OpenSim.ini.example
@@ -617,6 +617,13 @@
617		617
618	; Comma separated list of UUIDS allows the function for that list of UUIDS	618	; Comma separated list of UUIDS allows the function for that list of UUIDS
619	; Allow_osSetRegionWaterHeight = 888760cb-a3cf-43ac-8ea4-8732fd3ee2bb	619	; Allow_osSetRegionWaterHeight = 888760cb-a3cf-43ac-8ea4-8732fd3ee2bb
		620
		621	; Comma separated list of owner classes that allow the function for a particular class of owners. Choices are
		622	; - PARCEL_GROUP_MEMBER: allow if objectgroup is the same group as the parcel
		623	; - PARCEL_OWNER: allow if the objectowner is parcelowner
		624	; - ESTATE_MANAGER: allow if the object owner is a estate manager
		625	; - ESTATE_OWNER: allow if objectowner is estateowner
		626	; Allow_osSetRegionWaterHeight = 888760cb-a3cf-43ac-8ea4-8732fd3ee2bb, PARCEL_OWNER, ESTATE_OWNER>, ...
620		627
621	; You can also use script creators as the uuid	628	; You can also use script creators as the uuid
622	; Creators_osSetRegionWaterHeight = <uuid>, ...	629	; Creators_osSetRegionWaterHeight = <uuid>, ...


diff --git a/bin/OpenSimDefaults.ini b/bin/OpenSimDefaults.ini index 7df4357..16ce125 100644 --- a/bin/OpenSimDefaults.ini +++ b/bin/OpenSimDefaults.ini
@@ -1196,6 +1196,13 @@
1196		1196
1197	; Comma separated list of UUIDS allows the function for that list of UUIDS	1197	; Comma separated list of UUIDS allows the function for that list of UUIDS
1198	; Allow_osSetRegionWaterHeight = 888760cb-a3cf-43ac-8ea4-8732fd3ee2bb	1198	; Allow_osSetRegionWaterHeight = 888760cb-a3cf-43ac-8ea4-8732fd3ee2bb
		1199
		1200	; Comma separated list of owner classes that allow the function for a particular class of owners. Choices are
		1201	; - PARCEL_GROUP_MEMBER: allow if objectgroup is the same group as the parcel
		1202	; - PARCEL_OWNER: allow if the objectowner is parcelowner
		1203	; - ESTATE_MANAGER: allow if the object owner is a estate manager
		1204	; - ESTATE_OWNER: allow if objectowner is estateowner
		1205	; Allow_osSetRegionWaterHeight = 888760cb-a3cf-43ac-8ea4-8732fd3ee2bb, PARCEL_OWNER, ESTATE_OWNER>, ...
1199		1206
1200	; You can also use script creators as the uuid	1207	; You can also use script creators as the uuid
1201	; Creators_osSetRegionWaterHeight = <uuid>, ...	1208	; Creators_osSetRegionWaterHeight = <uuid>, ...