diff options
author | Diva Canto | 2010-07-30 14:04:29 -0700 |
---|---|---|
committer | Diva Canto | 2010-07-30 14:04:29 -0700 |
commit | f3fa10fa151ef5f07599d557d1f7c05656e7ea04 (patch) | |
tree | a14ca2b853df1aa87cad30664210c995006e358e /OpenSim/Framework/ACL.cs | |
parent | Changed the way HG client verification is done: now transforming local and LA... (diff) | |
parent | remove gods event subscription to gods module from scene (diff) | |
download | opensim-SC_OLD-f3fa10fa151ef5f07599d557d1f7c05656e7ea04.zip opensim-SC_OLD-f3fa10fa151ef5f07599d557d1f7c05656e7ea04.tar.gz opensim-SC_OLD-f3fa10fa151ef5f07599d557d1f7c05656e7ea04.tar.bz2 opensim-SC_OLD-f3fa10fa151ef5f07599d557d1f7c05656e7ea04.tar.xz |
Merge branch 'master' of ssh://diva@opensimulator.org/var/git/opensim
Diffstat (limited to 'OpenSim/Framework/ACL.cs')
-rw-r--r-- | OpenSim/Framework/ACL.cs | 252 |
1 files changed, 0 insertions, 252 deletions
diff --git a/OpenSim/Framework/ACL.cs b/OpenSim/Framework/ACL.cs deleted file mode 100644 index f76e8b7..0000000 --- a/OpenSim/Framework/ACL.cs +++ /dev/null | |||
@@ -1,252 +0,0 @@ | |||
1 | /* | ||
2 | * Copyright (c) Contributors, http://opensimulator.org/ | ||
3 | * See CONTRIBUTORS.TXT for a full list of copyright holders. | ||
4 | * | ||
5 | * Redistribution and use in source and binary forms, with or without | ||
6 | * modification, are permitted provided that the following conditions are met: | ||
7 | * * Redistributions of source code must retain the above copyright | ||
8 | * notice, this list of conditions and the following disclaimer. | ||
9 | * * Redistributions in binary form must reproduce the above copyright | ||
10 | * notice, this list of conditions and the following disclaimer in the | ||
11 | * documentation and/or other materials provided with the distribution. | ||
12 | * * Neither the name of the OpenSimulator Project nor the | ||
13 | * names of its contributors may be used to endorse or promote products | ||
14 | * derived from this software without specific prior written permission. | ||
15 | * | ||
16 | * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY | ||
17 | * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED | ||
18 | * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE | ||
19 | * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY | ||
20 | * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES | ||
21 | * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
22 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND | ||
23 | * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | ||
24 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS | ||
25 | * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
26 | */ | ||
27 | |||
28 | using System; | ||
29 | using System.Collections.Generic; | ||
30 | |||
31 | namespace OpenSim.Framework | ||
32 | { | ||
33 | // ACL Class | ||
34 | // Modelled after the structure of the Zend ACL Framework Library | ||
35 | // with one key difference - the tree will search for all matching | ||
36 | // permissions rather than just the first. Deny permissions will | ||
37 | // override all others. | ||
38 | |||
39 | #region ACL Core Class | ||
40 | |||
41 | /// <summary> | ||
42 | /// Access Control List Engine | ||
43 | /// </summary> | ||
44 | public class ACL | ||
45 | { | ||
46 | private Dictionary<string, Resource> Resources = new Dictionary<string, Resource>(); | ||
47 | private Dictionary<string, Role> Roles = new Dictionary<string, Role>(); | ||
48 | |||
49 | /// <summary> | ||
50 | /// Adds a new role | ||
51 | /// </summary> | ||
52 | /// <param name="role"></param> | ||
53 | /// <returns></returns> | ||
54 | public ACL AddRole(Role role) | ||
55 | { | ||
56 | if (Roles.ContainsKey(role.Name)) | ||
57 | throw new AlreadyContainsRoleException(role); | ||
58 | |||
59 | Roles.Add(role.Name, role); | ||
60 | |||
61 | return this; | ||
62 | } | ||
63 | |||
64 | /// <summary> | ||
65 | /// Adds a new resource | ||
66 | /// </summary> | ||
67 | /// <param name="resource"></param> | ||
68 | /// <returns></returns> | ||
69 | public ACL AddResource(Resource resource) | ||
70 | { | ||
71 | Resources.Add(resource.Name, resource); | ||
72 | |||
73 | return this; | ||
74 | } | ||
75 | |||
76 | /// <summary> | ||
77 | /// Permision for user/roll on a resource | ||
78 | /// </summary> | ||
79 | /// <param name="role"></param> | ||
80 | /// <param name="resource"></param> | ||
81 | /// <returns></returns> | ||
82 | public Permission HasPermission(string role, string resource) | ||
83 | { | ||
84 | if (!Roles.ContainsKey(role)) | ||
85 | throw new KeyNotFoundException(); | ||
86 | |||
87 | if (!Resources.ContainsKey(resource)) | ||
88 | throw new KeyNotFoundException(); | ||
89 | |||
90 | return Roles[role].RequestPermission(resource); | ||
91 | } | ||
92 | |||
93 | public ACL GrantPermission(string role, string resource) | ||
94 | { | ||
95 | if (!Roles.ContainsKey(role)) | ||
96 | throw new KeyNotFoundException(); | ||
97 | |||
98 | if (!Resources.ContainsKey(resource)) | ||
99 | throw new KeyNotFoundException(); | ||
100 | |||
101 | Roles[role].GivePermission(resource, Permission.Allow); | ||
102 | |||
103 | return this; | ||
104 | } | ||
105 | |||
106 | public ACL DenyPermission(string role, string resource) | ||
107 | { | ||
108 | if (!Roles.ContainsKey(role)) | ||
109 | throw new KeyNotFoundException(); | ||
110 | |||
111 | if (!Resources.ContainsKey(resource)) | ||
112 | throw new KeyNotFoundException(); | ||
113 | |||
114 | Roles[role].GivePermission(resource, Permission.Deny); | ||
115 | |||
116 | return this; | ||
117 | } | ||
118 | |||
119 | public ACL ResetPermission(string role, string resource) | ||
120 | { | ||
121 | if (!Roles.ContainsKey(role)) | ||
122 | throw new KeyNotFoundException(); | ||
123 | |||
124 | if (!Resources.ContainsKey(resource)) | ||
125 | throw new KeyNotFoundException(); | ||
126 | |||
127 | Roles[role].GivePermission(resource, Permission.None); | ||
128 | |||
129 | return this; | ||
130 | } | ||
131 | } | ||
132 | |||
133 | #endregion | ||
134 | |||
135 | #region Exceptions | ||
136 | |||
137 | /// <summary> | ||
138 | /// Thrown when an ACL attempts to add a duplicate role. | ||
139 | /// </summary> | ||
140 | public class AlreadyContainsRoleException : Exception | ||
141 | { | ||
142 | protected Role m_role; | ||
143 | |||
144 | public AlreadyContainsRoleException(Role role) | ||
145 | { | ||
146 | m_role = role; | ||
147 | } | ||
148 | |||
149 | public Role ErrorRole | ||
150 | { | ||
151 | get { return m_role; } | ||
152 | } | ||
153 | |||
154 | public override string ToString() | ||
155 | { | ||
156 | return "This ACL already contains a role called '" + m_role.Name + "'."; | ||
157 | } | ||
158 | } | ||
159 | |||
160 | #endregion | ||
161 | |||
162 | #region Roles and Resources | ||
163 | |||
164 | /// <summary> | ||
165 | /// Does this Role have permission to access a specified Resource? | ||
166 | /// </summary> | ||
167 | public enum Permission | ||
168 | { | ||
169 | Deny, | ||
170 | None, | ||
171 | Allow | ||
172 | } ; | ||
173 | |||
174 | /// <summary> | ||
175 | /// A role class, for use with Users or Groups | ||
176 | /// </summary> | ||
177 | public class Role | ||
178 | { | ||
179 | private string m_name; | ||
180 | private Role[] m_parents; | ||
181 | private Dictionary<string, Permission> m_resources = new Dictionary<string, Permission>(); | ||
182 | |||
183 | public Role(string name) | ||
184 | { | ||
185 | m_name = name; | ||
186 | m_parents = null; | ||
187 | } | ||
188 | |||
189 | public Role(string name, Role[] parents) | ||
190 | { | ||
191 | m_name = name; | ||
192 | m_parents = parents; | ||
193 | } | ||
194 | |||
195 | public string Name | ||
196 | { | ||
197 | get { return m_name; } | ||
198 | } | ||
199 | |||
200 | public Permission RequestPermission(string resource) | ||
201 | { | ||
202 | return RequestPermission(resource, Permission.None); | ||
203 | } | ||
204 | |||
205 | public Permission RequestPermission(string resource, Permission current) | ||
206 | { | ||
207 | // Deny permissions always override any others | ||
208 | if (current == Permission.Deny) | ||
209 | return current; | ||
210 | |||
211 | Permission temp = Permission.None; | ||
212 | |||
213 | // Pickup non-None permissions | ||
214 | if (m_resources.ContainsKey(resource) && m_resources[resource] != Permission.None) | ||
215 | temp = m_resources[resource]; | ||
216 | |||
217 | if (m_parents != null) | ||
218 | { | ||
219 | foreach (Role parent in m_parents) | ||
220 | { | ||
221 | temp = parent.RequestPermission(resource, temp); | ||
222 | } | ||
223 | } | ||
224 | |||
225 | return temp; | ||
226 | } | ||
227 | |||
228 | public void GivePermission(string resource, Permission perm) | ||
229 | { | ||
230 | m_resources[resource] = perm; | ||
231 | } | ||
232 | } | ||
233 | |||
234 | public class Resource | ||
235 | { | ||
236 | private string m_name; | ||
237 | |||
238 | public Resource(string name) | ||
239 | { | ||
240 | m_name = name; | ||
241 | } | ||
242 | |||
243 | public string Name | ||
244 | { | ||
245 | get { return m_name; } | ||
246 | } | ||
247 | } | ||
248 | |||
249 | #endregion | ||
250 | |||
251 | |||
252 | } \ No newline at end of file | ||