diff options
author | onefang | 2019-09-11 16:36:50 +1000 |
---|---|---|
committer | onefang | 2019-09-11 16:36:50 +1000 |
commit | 50cd1ffd32f69228e566f2b0b89f86ea0d9fe489 (patch) | |
tree | 52f2ab0c04f1a5d7d6ac5dc872981b4b156447e7 /OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs | |
parent | Renamed branch to SledjChisl. (diff) | |
parent | Bump to release flavour, build 0. (diff) | |
download | opensim-SC_OLD-50cd1ffd32f69228e566f2b0b89f86ea0d9fe489.zip opensim-SC_OLD-50cd1ffd32f69228e566f2b0b89f86ea0d9fe489.tar.gz opensim-SC_OLD-50cd1ffd32f69228e566f2b0b89f86ea0d9fe489.tar.bz2 opensim-SC_OLD-50cd1ffd32f69228e566f2b0b89f86ea0d9fe489.tar.xz |
Merge branch 'SledjChisl'
Diffstat (limited to '')
-rw-r--r-- | OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs | 2054 |
1 files changed, 1357 insertions, 697 deletions
diff --git a/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs b/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs index 780ec69..45c1c56 100644 --- a/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs +++ b/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs | |||
@@ -43,12 +43,13 @@ using PermissionMask = OpenSim.Framework.PermissionMask; | |||
43 | 43 | ||
44 | namespace OpenSim.Region.CoreModules.World.Permissions | 44 | namespace OpenSim.Region.CoreModules.World.Permissions |
45 | { | 45 | { |
46 | [Extension(Path = "/OpenSim/RegionModules", NodeName = "RegionModule", Id = "PermissionsModule")] | 46 | [Extension(Path = "/OpenSim/RegionModules", NodeName = "RegionModule", Id = "DefaultPermissionsModule")] |
47 | public class PermissionsModule : INonSharedRegionModule, IPermissionsModule | 47 | public class DefaultPermissionsModule : INonSharedRegionModule, IPermissionsModule |
48 | { | 48 | { |
49 | private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); | 49 | private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); |
50 | 50 | ||
51 | protected Scene m_scene; | 51 | protected Scene m_scene; |
52 | protected ScenePermissions scenePermissions; | ||
52 | protected bool m_Enabled; | 53 | protected bool m_Enabled; |
53 | 54 | ||
54 | private InventoryFolderImpl m_libraryRootFolder; | 55 | private InventoryFolderImpl m_libraryRootFolder; |
@@ -69,15 +70,6 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
69 | } | 70 | } |
70 | 71 | ||
71 | #region Constants | 72 | #region Constants |
72 | // These are here for testing. They will be taken out | ||
73 | |||
74 | //private uint PERM_ALL = (uint)2147483647; | ||
75 | private uint PERM_COPY = (uint)32768; | ||
76 | //private uint PERM_MODIFY = (uint)16384; | ||
77 | private uint PERM_MOVE = (uint)524288; | ||
78 | private uint PERM_TRANS = (uint)8192; | ||
79 | private uint PERM_LOCKED = (uint)540672; | ||
80 | |||
81 | /// <value> | 73 | /// <value> |
82 | /// Different user set names that come in from the configuration file. | 74 | /// Different user set names that come in from the configuration file. |
83 | /// </value> | 75 | /// </value> |
@@ -96,12 +88,12 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
96 | private bool m_bypassPermissionsValue = true; | 88 | private bool m_bypassPermissionsValue = true; |
97 | private bool m_propagatePermissions = false; | 89 | private bool m_propagatePermissions = false; |
98 | private bool m_debugPermissions = false; | 90 | private bool m_debugPermissions = false; |
99 | private bool m_allowGridGods = false; | 91 | private bool m_allowGridAdmins = false; |
100 | private bool m_RegionOwnerIsGod = false; | 92 | private bool m_RegionOwnerIsAdmin = false; |
101 | private bool m_RegionManagerIsGod = false; | 93 | private bool m_RegionManagerIsAdmin = false; |
102 | private bool m_ParcelOwnerIsGod = false; | 94 | private bool m_forceGridAdminsOnly; |
103 | 95 | private bool m_forceAdminModeAlwaysOn; | |
104 | private bool m_SimpleBuildPermissions = false; | 96 | private bool m_allowAdminActionsWithoutGodMode; |
105 | 97 | ||
106 | /// <value> | 98 | /// <value> |
107 | /// The set of users that are allowed to create scripts. This is only active if permissions are not being | 99 | /// The set of users that are allowed to create scripts. This is only active if permissions are not being |
@@ -110,17 +102,17 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
110 | private UserSet m_allowedScriptCreators = UserSet.All; | 102 | private UserSet m_allowedScriptCreators = UserSet.All; |
111 | 103 | ||
112 | /// <value> | 104 | /// <value> |
113 | /// The set of users that are allowed to edit (save) scripts. This is only active if | 105 | /// The set of users that are allowed to edit (save) scripts. This is only active if |
114 | /// permissions are not being bypassed. This overrides normal permissions.- | 106 | /// permissions are not being bypassed. This overrides normal permissions.- |
115 | /// </value> | 107 | /// </value> |
116 | private UserSet m_allowedScriptEditors = UserSet.All; | 108 | private UserSet m_allowedScriptEditors = UserSet.All; |
117 | 109 | ||
118 | private Dictionary<string, bool> GrantLSL = new Dictionary<string, bool>(); | 110 | private Dictionary<string, bool> GrantLSL = new Dictionary<string, bool>(); |
119 | private Dictionary<string, bool> GrantCS = new Dictionary<string, bool>(); | 111 | private Dictionary<string, bool> GrantCS = new Dictionary<string, bool>(); |
120 | private Dictionary<string, bool> GrantVB = new Dictionary<string, bool>(); | 112 | private Dictionary<string, bool> GrantVB = new Dictionary<string, bool>(); |
121 | private Dictionary<string, bool> GrantJS = new Dictionary<string, bool>(); | 113 | private Dictionary<string, bool> GrantJS = new Dictionary<string, bool>(); |
122 | private Dictionary<string, bool> GrantYP = new Dictionary<string, bool>(); | 114 | private Dictionary<string, bool> GrantYP = new Dictionary<string, bool>(); |
123 | 115 | ||
124 | private IFriendsModule m_friendsModule; | 116 | private IFriendsModule m_friendsModule; |
125 | private IFriendsModule FriendsModule | 117 | private IFriendsModule FriendsModule |
126 | { | 118 | { |
@@ -168,21 +160,25 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
168 | 160 | ||
169 | m_Enabled = true; | 161 | m_Enabled = true; |
170 | 162 | ||
171 | m_allowGridGods = Util.GetConfigVarFromSections<bool>(config, "allow_grid_gods", | 163 | string[] sections = new string[] { "Startup", "Permissions" }; |
172 | new string[] { "Startup", "Permissions" }, false); | 164 | |
173 | m_bypassPermissions = !Util.GetConfigVarFromSections<bool>(config, "serverside_object_permissions", | 165 | m_allowGridAdmins = Util.GetConfigVarFromSections<bool>(config, "allow_grid_gods", sections, false); |
174 | new string[] { "Startup", "Permissions" }, true); | 166 | m_bypassPermissions = !Util.GetConfigVarFromSections<bool>(config, "serverside_object_permissions", sections, true); |
175 | m_propagatePermissions = Util.GetConfigVarFromSections<bool>(config, "propagate_permissions", | 167 | m_propagatePermissions = Util.GetConfigVarFromSections<bool>(config, "propagate_permissions", sections, true); |
176 | new string[] { "Startup", "Permissions" }, true); | 168 | |
177 | m_RegionOwnerIsGod = Util.GetConfigVarFromSections<bool>(config, "region_owner_is_god", | 169 | m_forceGridAdminsOnly = Util.GetConfigVarFromSections<bool>(config, "force_grid_gods_only", sections, false); |
178 | new string[] { "Startup", "Permissions" }, true); | 170 | if(!m_forceGridAdminsOnly) |
179 | m_RegionManagerIsGod = Util.GetConfigVarFromSections<bool>(config, "region_manager_is_god", | 171 | { |
180 | new string[] { "Startup", "Permissions" }, false); | 172 | m_RegionOwnerIsAdmin = Util.GetConfigVarFromSections<bool>(config, "region_owner_is_god",sections, true); |
181 | m_ParcelOwnerIsGod = Util.GetConfigVarFromSections<bool>(config, "parcel_owner_is_god", | 173 | m_RegionManagerIsAdmin = Util.GetConfigVarFromSections<bool>(config, "region_manager_is_god",sections, false); |
182 | new string[] { "Startup", "Permissions" }, true); | 174 | } |
183 | 175 | else | |
184 | m_SimpleBuildPermissions = Util.GetConfigVarFromSections<bool>(config, "simple_build_permissions", | 176 | m_allowGridAdmins = true; |
185 | new string[] { "Startup", "Permissions" }, false); | 177 | |
178 | m_forceAdminModeAlwaysOn = Util.GetConfigVarFromSections<bool>(config, "automatic_gods", sections, false); | ||
179 | m_allowAdminActionsWithoutGodMode = Util.GetConfigVarFromSections<bool>(config, "implicit_gods", sections, false); | ||
180 | if(m_allowAdminActionsWithoutGodMode) | ||
181 | m_forceAdminModeAlwaysOn = false; | ||
186 | 182 | ||
187 | m_allowedScriptCreators | 183 | m_allowedScriptCreators |
188 | = ParseUserSetConfigSetting(config, "allowed_script_creators", m_allowedScriptCreators); | 184 | = ParseUserSetConfigSetting(config, "allowed_script_creators", m_allowedScriptCreators); |
@@ -206,7 +202,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
206 | } | 202 | } |
207 | 203 | ||
208 | grant = Util.GetConfigVarFromSections<string>(config, "GrantCS", | 204 | grant = Util.GetConfigVarFromSections<string>(config, "GrantCS", |
209 | new string[] { "Startup", "Permissions" }, string.Empty); | 205 | new string[] { "Startup", "Permissions" }, string.Empty); |
210 | if (grant.Length > 0) | 206 | if (grant.Length > 0) |
211 | { | 207 | { |
212 | foreach (string uuidl in grant.Split(',')) | 208 | foreach (string uuidl in grant.Split(',')) |
@@ -258,61 +254,79 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
258 | m_scene = scene; | 254 | m_scene = scene; |
259 | 255 | ||
260 | scene.RegisterModuleInterface<IPermissionsModule>(this); | 256 | scene.RegisterModuleInterface<IPermissionsModule>(this); |
257 | scenePermissions = m_scene.Permissions; | ||
261 | 258 | ||
262 | //Register functions with Scene External Checks! | 259 | //Register functions with Scene External Checks! |
263 | m_scene.Permissions.OnBypassPermissions += BypassPermissions; | 260 | scenePermissions.OnBypassPermissions += BypassPermissions; |
264 | m_scene.Permissions.OnSetBypassPermissions += SetBypassPermissions; | 261 | scenePermissions.OnSetBypassPermissions += SetBypassPermissions; |
265 | m_scene.Permissions.OnPropagatePermissions += PropagatePermissions; | 262 | scenePermissions.OnPropagatePermissions += PropagatePermissions; |
266 | m_scene.Permissions.OnGenerateClientFlags += GenerateClientFlags; | 263 | |
267 | m_scene.Permissions.OnAbandonParcel += CanAbandonParcel; | 264 | scenePermissions.OnIsGridGod += IsGridAdministrator; |
268 | m_scene.Permissions.OnReclaimParcel += CanReclaimParcel; | 265 | scenePermissions.OnIsAdministrator += IsAdministrator; |
269 | m_scene.Permissions.OnDeedParcel += CanDeedParcel; | 266 | scenePermissions.OnIsEstateManager += IsEstateManager; |
270 | m_scene.Permissions.OnDeedObject += CanDeedObject; | 267 | |
271 | m_scene.Permissions.OnIsGod += IsGod; | 268 | scenePermissions.OnGenerateClientFlags += GenerateClientFlags; |
272 | m_scene.Permissions.OnIsGridGod += IsGridGod; | 269 | |
273 | m_scene.Permissions.OnIsAdministrator += IsAdministrator; | 270 | scenePermissions.OnIssueEstateCommand += CanIssueEstateCommand; |
274 | m_scene.Permissions.OnDuplicateObject += CanDuplicateObject; | 271 | scenePermissions.OnRunConsoleCommand += CanRunConsoleCommand; |
275 | m_scene.Permissions.OnDeleteObject += CanDeleteObject; | 272 | |
276 | m_scene.Permissions.OnEditObject += CanEditObject; | 273 | scenePermissions.OnTeleport += CanTeleport; |
277 | m_scene.Permissions.OnEditParcelProperties += CanEditParcelProperties; | 274 | |
278 | m_scene.Permissions.OnInstantMessage += CanInstantMessage; | 275 | scenePermissions.OnInstantMessage += CanInstantMessage; |
279 | m_scene.Permissions.OnInventoryTransfer += CanInventoryTransfer; | 276 | |
280 | m_scene.Permissions.OnIssueEstateCommand += CanIssueEstateCommand; | 277 | scenePermissions.OnAbandonParcel += CanAbandonParcel; |
281 | m_scene.Permissions.OnMoveObject += CanMoveObject; | 278 | scenePermissions.OnReclaimParcel += CanReclaimParcel; |
282 | m_scene.Permissions.OnObjectEntry += CanObjectEntry; | 279 | scenePermissions.OnDeedParcel += CanDeedParcel; |
283 | m_scene.Permissions.OnReturnObjects += CanReturnObjects; | 280 | scenePermissions.OnSellParcel += CanSellParcel; |
284 | m_scene.Permissions.OnRezObject += CanRezObject; | 281 | scenePermissions.OnEditParcelProperties += CanEditParcelProperties; |
285 | m_scene.Permissions.OnRunConsoleCommand += CanRunConsoleCommand; | 282 | scenePermissions.OnTerraformLand += CanTerraformLand; |
286 | m_scene.Permissions.OnRunScript += CanRunScript; | 283 | scenePermissions.OnBuyLand += CanBuyLand; |
287 | m_scene.Permissions.OnCompileScript += CanCompileScript; | 284 | |
288 | m_scene.Permissions.OnSellParcel += CanSellParcel; | 285 | scenePermissions.OnReturnObjects += CanReturnObjects; |
289 | m_scene.Permissions.OnTakeObject += CanTakeObject; | 286 | |
290 | m_scene.Permissions.OnTakeCopyObject += CanTakeCopyObject; | 287 | scenePermissions.OnRezObject += CanRezObject; |
291 | m_scene.Permissions.OnTerraformLand += CanTerraformLand; | 288 | scenePermissions.OnObjectEntry += CanObjectEntry; |
292 | m_scene.Permissions.OnLinkObject += CanLinkObject; | 289 | scenePermissions.OnObjectEnterWithScripts += OnObjectEnterWithScripts; |
293 | m_scene.Permissions.OnDelinkObject += CanDelinkObject; | 290 | |
294 | m_scene.Permissions.OnBuyLand += CanBuyLand; | 291 | scenePermissions.OnDuplicateObject += CanDuplicateObject; |
295 | 292 | scenePermissions.OnDeleteObjectByIDs += CanDeleteObjectByIDs; | |
296 | m_scene.Permissions.OnViewNotecard += CanViewNotecard; | 293 | scenePermissions.OnDeleteObject += CanDeleteObject; |
297 | m_scene.Permissions.OnViewScript += CanViewScript; | 294 | scenePermissions.OnEditObjectByIDs += CanEditObjectByIDs; |
298 | m_scene.Permissions.OnEditNotecard += CanEditNotecard; | 295 | scenePermissions.OnEditObject += CanEditObject; |
299 | m_scene.Permissions.OnEditScript += CanEditScript; | 296 | scenePermissions.OnEditObjectPerms += CanEditObjectPerms; |
300 | 297 | scenePermissions.OnInventoryTransfer += CanInventoryTransfer; | |
301 | m_scene.Permissions.OnCreateObjectInventory += CanCreateObjectInventory; | 298 | scenePermissions.OnMoveObject += CanMoveObject; |
302 | m_scene.Permissions.OnEditObjectInventory += CanEditObjectInventory; | 299 | scenePermissions.OnTakeObject += CanTakeObject; |
303 | m_scene.Permissions.OnCopyObjectInventory += CanCopyObjectInventory; | 300 | scenePermissions.OnTakeCopyObject += CanTakeCopyObject; |
304 | m_scene.Permissions.OnDeleteObjectInventory += CanDeleteObjectInventory; | 301 | scenePermissions.OnLinkObject += CanLinkObject; |
305 | m_scene.Permissions.OnResetScript += CanResetScript; | 302 | scenePermissions.OnDelinkObject += CanDelinkObject; |
303 | scenePermissions.OnDeedObject += CanDeedObject; | ||
304 | scenePermissions.OnSellGroupObject += CanSellGroupObject; | ||
305 | scenePermissions.OnSellObjectByUserID += CanSellObjectByUserID; | ||
306 | scenePermissions.OnSellObject += CanSellObject; | ||
306 | 307 | ||
307 | m_scene.Permissions.OnCreateUserInventory += CanCreateUserInventory; | 308 | scenePermissions.OnCreateObjectInventory += CanCreateObjectInventory; |
308 | m_scene.Permissions.OnCopyUserInventory += CanCopyUserInventory; | 309 | scenePermissions.OnEditObjectInventory += CanEditObjectInventory; |
309 | m_scene.Permissions.OnEditUserInventory += CanEditUserInventory; | 310 | scenePermissions.OnCopyObjectInventory += CanCopyObjectInventory; |
310 | m_scene.Permissions.OnDeleteUserInventory += CanDeleteUserInventory; | 311 | scenePermissions.OnDeleteObjectInventory += CanDeleteObjectInventory; |
312 | scenePermissions.OnDoObjectInvToObjectInv += CanDoObjectInvToObjectInv; | ||
313 | scenePermissions.OnDropInObjectInv += CanDropInObjectInv; | ||
314 | |||
315 | scenePermissions.OnViewNotecard += CanViewNotecard; | ||
316 | scenePermissions.OnViewScript += CanViewScript; | ||
317 | scenePermissions.OnEditNotecard += CanEditNotecard; | ||
318 | scenePermissions.OnEditScript += CanEditScript; | ||
319 | scenePermissions.OnResetScript += CanResetScript; | ||
320 | scenePermissions.OnRunScript += CanRunScript; | ||
321 | scenePermissions.OnCompileScript += CanCompileScript; | ||
311 | 322 | ||
312 | m_scene.Permissions.OnTeleport += CanTeleport; | 323 | scenePermissions.OnCreateUserInventory += CanCreateUserInventory; |
313 | 324 | scenePermissions.OnCopyUserInventory += CanCopyUserInventory; | |
314 | m_scene.Permissions.OnControlPrimMedia += CanControlPrimMedia; | 325 | scenePermissions.OnEditUserInventory += CanEditUserInventory; |
315 | m_scene.Permissions.OnInteractWithPrimMedia += CanInteractWithPrimMedia; | 326 | scenePermissions.OnDeleteUserInventory += CanDeleteUserInventory; |
327 | |||
328 | scenePermissions.OnControlPrimMedia += CanControlPrimMedia; | ||
329 | scenePermissions.OnInteractWithPrimMedia += CanInteractWithPrimMedia; | ||
316 | 330 | ||
317 | m_scene.AddCommand("Users", this, "bypass permissions", | 331 | m_scene.AddCommand("Users", this, "bypass permissions", |
318 | "bypass permissions <true / false>", | 332 | "bypass permissions <true / false>", |
@@ -327,8 +341,8 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
327 | m_scene.AddCommand("Debug", this, "debug permissions", | 341 | m_scene.AddCommand("Debug", this, "debug permissions", |
328 | "debug permissions <true / false>", | 342 | "debug permissions <true / false>", |
329 | "Turn on permissions debugging", | 343 | "Turn on permissions debugging", |
330 | HandleDebugPermissions); | 344 | HandleDebugPermissions); |
331 | 345 | ||
332 | } | 346 | } |
333 | 347 | ||
334 | public void RegionLoaded(Scene scene) | 348 | public void RegionLoaded(Scene scene) |
@@ -341,6 +355,79 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
341 | return; | 355 | return; |
342 | 356 | ||
343 | m_scene.UnregisterModuleInterface<IPermissionsModule>(this); | 357 | m_scene.UnregisterModuleInterface<IPermissionsModule>(this); |
358 | |||
359 | scenePermissions.OnBypassPermissions -= BypassPermissions; | ||
360 | scenePermissions.OnSetBypassPermissions -= SetBypassPermissions; | ||
361 | scenePermissions.OnPropagatePermissions -= PropagatePermissions; | ||
362 | |||
363 | scenePermissions.OnIsGridGod -= IsGridAdministrator; | ||
364 | scenePermissions.OnIsAdministrator -= IsAdministrator; | ||
365 | scenePermissions.OnIsEstateManager -= IsEstateManager; | ||
366 | |||
367 | scenePermissions.OnGenerateClientFlags -= GenerateClientFlags; | ||
368 | |||
369 | scenePermissions.OnIssueEstateCommand -= CanIssueEstateCommand; | ||
370 | scenePermissions.OnRunConsoleCommand -= CanRunConsoleCommand; | ||
371 | |||
372 | scenePermissions.OnTeleport -= CanTeleport; | ||
373 | |||
374 | scenePermissions.OnInstantMessage -= CanInstantMessage; | ||
375 | |||
376 | scenePermissions.OnAbandonParcel -= CanAbandonParcel; | ||
377 | scenePermissions.OnReclaimParcel -= CanReclaimParcel; | ||
378 | scenePermissions.OnDeedParcel -= CanDeedParcel; | ||
379 | scenePermissions.OnSellParcel -= CanSellParcel; | ||
380 | scenePermissions.OnEditParcelProperties -= CanEditParcelProperties; | ||
381 | scenePermissions.OnTerraformLand -= CanTerraformLand; | ||
382 | scenePermissions.OnBuyLand -= CanBuyLand; | ||
383 | |||
384 | scenePermissions.OnRezObject -= CanRezObject; | ||
385 | scenePermissions.OnObjectEntry -= CanObjectEntry; | ||
386 | scenePermissions.OnObjectEnterWithScripts -= OnObjectEnterWithScripts; | ||
387 | |||
388 | scenePermissions.OnReturnObjects -= CanReturnObjects; | ||
389 | |||
390 | scenePermissions.OnDuplicateObject -= CanDuplicateObject; | ||
391 | scenePermissions.OnDeleteObjectByIDs -= CanDeleteObjectByIDs; | ||
392 | scenePermissions.OnDeleteObject -= CanDeleteObject; | ||
393 | scenePermissions.OnEditObjectByIDs -= CanEditObjectByIDs; | ||
394 | scenePermissions.OnEditObject -= CanEditObject; | ||
395 | scenePermissions.OnEditObjectPerms -= CanEditObjectPerms; | ||
396 | scenePermissions.OnInventoryTransfer -= CanInventoryTransfer; | ||
397 | scenePermissions.OnMoveObject -= CanMoveObject; | ||
398 | scenePermissions.OnTakeObject -= CanTakeObject; | ||
399 | scenePermissions.OnTakeCopyObject -= CanTakeCopyObject; | ||
400 | scenePermissions.OnLinkObject -= CanLinkObject; | ||
401 | scenePermissions.OnDelinkObject -= CanDelinkObject; | ||
402 | scenePermissions.OnDeedObject -= CanDeedObject; | ||
403 | |||
404 | scenePermissions.OnSellGroupObject -= CanSellGroupObject; | ||
405 | scenePermissions.OnSellObjectByUserID -= CanSellObjectByUserID; | ||
406 | scenePermissions.OnSellObject -= CanSellObject; | ||
407 | |||
408 | scenePermissions.OnCreateObjectInventory -= CanCreateObjectInventory; | ||
409 | scenePermissions.OnEditObjectInventory -= CanEditObjectInventory; | ||
410 | scenePermissions.OnCopyObjectInventory -= CanCopyObjectInventory; | ||
411 | scenePermissions.OnDeleteObjectInventory -= CanDeleteObjectInventory; | ||
412 | scenePermissions.OnDoObjectInvToObjectInv -= CanDoObjectInvToObjectInv; | ||
413 | scenePermissions.OnDropInObjectInv -= CanDropInObjectInv; | ||
414 | |||
415 | scenePermissions.OnViewNotecard -= CanViewNotecard; | ||
416 | scenePermissions.OnViewScript -= CanViewScript; | ||
417 | scenePermissions.OnEditNotecard -= CanEditNotecard; | ||
418 | scenePermissions.OnEditScript -= CanEditScript; | ||
419 | scenePermissions.OnResetScript -= CanResetScript; | ||
420 | scenePermissions.OnRunScript -= CanRunScript; | ||
421 | scenePermissions.OnCompileScript -= CanCompileScript; | ||
422 | |||
423 | scenePermissions.OnCreateUserInventory -= CanCreateUserInventory; | ||
424 | scenePermissions.OnCopyUserInventory -= CanCopyUserInventory; | ||
425 | scenePermissions.OnEditUserInventory -= CanEditUserInventory; | ||
426 | scenePermissions.OnDeleteUserInventory -= CanDeleteUserInventory; | ||
427 | |||
428 | scenePermissions.OnControlPrimMedia -= CanControlPrimMedia; | ||
429 | scenePermissions.OnInteractWithPrimMedia -= CanInteractWithPrimMedia; | ||
430 | |||
344 | } | 431 | } |
345 | 432 | ||
346 | public void Close() | 433 | public void Close() |
@@ -349,7 +436,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
349 | 436 | ||
350 | public string Name | 437 | public string Name |
351 | { | 438 | { |
352 | get { return "PermissionsModule"; } | 439 | get { return "DefaultPermissionsModule"; } |
353 | } | 440 | } |
354 | 441 | ||
355 | public Type ReplaceableInterface | 442 | public Type ReplaceableInterface |
@@ -439,7 +526,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
439 | { | 526 | { |
440 | m_scene.EventManager.TriggerPermissionError(user, reason); | 527 | m_scene.EventManager.TriggerPermissionError(user, reason); |
441 | } | 528 | } |
442 | 529 | ||
443 | protected void DebugPermissionInformation(string permissionCalled) | 530 | protected void DebugPermissionInformation(string permissionCalled) |
444 | { | 531 | { |
445 | if (m_debugPermissions) | 532 | if (m_debugPermissions) |
@@ -469,7 +556,37 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
469 | 556 | ||
470 | return false; | 557 | return false; |
471 | } | 558 | } |
472 | 559 | ||
560 | protected bool GroupMemberPowers(UUID groupID, UUID userID, ref ulong powers) | ||
561 | { | ||
562 | powers = 0; | ||
563 | if (null == GroupsModule) | ||
564 | return false; | ||
565 | |||
566 | GroupMembershipData gmd = GroupsModule.GetMembershipData(groupID, userID); | ||
567 | |||
568 | if (gmd != null) | ||
569 | { | ||
570 | powers = gmd.GroupPowers; | ||
571 | return true; | ||
572 | } | ||
573 | return false; | ||
574 | } | ||
575 | |||
576 | protected bool GroupMemberPowers(UUID groupID, ScenePresence sp, ref ulong powers) | ||
577 | { | ||
578 | powers = 0; | ||
579 | IClientAPI client = sp.ControllingClient; | ||
580 | if (client == null) | ||
581 | return false; | ||
582 | |||
583 | if(!client.IsGroupMember(groupID)) | ||
584 | return false; | ||
585 | |||
586 | powers = client.GetGroupPowers(groupID); | ||
587 | return true; | ||
588 | } | ||
589 | |||
473 | /// <summary> | 590 | /// <summary> |
474 | /// Parse a user set configuration setting | 591 | /// Parse a user set configuration setting |
475 | /// </summary> | 592 | /// </summary> |
@@ -481,28 +598,28 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
481 | { | 598 | { |
482 | UserSet userSet = defaultValue; | 599 | UserSet userSet = defaultValue; |
483 | 600 | ||
484 | string rawSetting = Util.GetConfigVarFromSections<string>(config, settingName, | 601 | string rawSetting = Util.GetConfigVarFromSections<string>(config, settingName, |
485 | new string[] {"Startup", "Permissions"}, defaultValue.ToString()); | 602 | new string[] {"Startup", "Permissions"}, defaultValue.ToString()); |
486 | 603 | ||
487 | // Temporary measure to allow 'gods' to be specified in config for consistency's sake. In the long term | 604 | // Temporary measure to allow 'gods' to be specified in config for consistency's sake. In the long term |
488 | // this should disappear. | 605 | // this should disappear. |
489 | if ("gods" == rawSetting.ToLower()) | 606 | if ("gods" == rawSetting.ToLower()) |
490 | rawSetting = UserSet.Administrators.ToString(); | 607 | rawSetting = UserSet.Administrators.ToString(); |
491 | 608 | ||
492 | // Doing it this was so that we can do a case insensitive conversion | 609 | // Doing it this was so that we can do a case insensitive conversion |
493 | try | 610 | try |
494 | { | 611 | { |
495 | userSet = (UserSet)Enum.Parse(typeof(UserSet), rawSetting, true); | 612 | userSet = (UserSet)Enum.Parse(typeof(UserSet), rawSetting, true); |
496 | } | 613 | } |
497 | catch | 614 | catch |
498 | { | 615 | { |
499 | m_log.ErrorFormat( | 616 | m_log.ErrorFormat( |
500 | "[PERMISSIONS]: {0} is not a valid {1} value, setting to {2}", | 617 | "[PERMISSIONS]: {0} is not a valid {1} value, setting to {2}", |
501 | rawSetting, settingName, userSet); | 618 | rawSetting, settingName, userSet); |
502 | } | 619 | } |
503 | 620 | ||
504 | m_log.DebugFormat("[PERMISSIONS]: {0} {1}", settingName, userSet); | 621 | m_log.DebugFormat("[PERMISSIONS]: {0} {1}", settingName, userSet); |
505 | 622 | ||
506 | return userSet; | 623 | return userSet; |
507 | } | 624 | } |
508 | 625 | ||
@@ -516,13 +633,13 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
516 | if (user == UUID.Zero) | 633 | if (user == UUID.Zero) |
517 | return false; | 634 | return false; |
518 | 635 | ||
519 | if (m_scene.RegionInfo.EstateSettings.EstateOwner == user && m_RegionOwnerIsGod) | 636 | if (m_RegionOwnerIsAdmin && m_scene.RegionInfo.EstateSettings.EstateOwner == user) |
520 | return true; | 637 | return true; |
521 | 638 | ||
522 | if (IsEstateManager(user) && m_RegionManagerIsGod) | 639 | if (m_RegionManagerIsAdmin && IsEstateManager(user)) |
523 | return true; | 640 | return true; |
524 | 641 | ||
525 | if (IsGridGod(user, null)) | 642 | if (IsGridAdministrator(user)) |
526 | return true; | 643 | return true; |
527 | 644 | ||
528 | return false; | 645 | return false; |
@@ -534,18 +651,19 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
534 | /// <param name="user">The user</param> | 651 | /// <param name="user">The user</param> |
535 | /// <param name="scene">Unused, can be null</param> | 652 | /// <param name="scene">Unused, can be null</param> |
536 | /// <returns></returns> | 653 | /// <returns></returns> |
537 | protected bool IsGridGod(UUID user, Scene scene) | 654 | protected bool IsGridAdministrator(UUID user) |
538 | { | 655 | { |
539 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | 656 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
540 | if (m_bypassPermissions) return m_bypassPermissionsValue; | 657 | if (m_bypassPermissions) return m_bypassPermissionsValue; |
541 | 658 | ||
542 | if (user == UUID.Zero) return false; | 659 | if (user == UUID.Zero) |
660 | return false; | ||
543 | 661 | ||
544 | if (m_allowGridGods) | 662 | if (m_allowGridAdmins) |
545 | { | 663 | { |
546 | ScenePresence sp = m_scene.GetScenePresence(user); | 664 | ScenePresence sp = m_scene.GetScenePresence(user); |
547 | if (sp != null) | 665 | if (sp != null) |
548 | return (sp.UserLevel >= 200); | 666 | return (sp.GodController.UserLevel >= 200); |
549 | 667 | ||
550 | UserAccount account = m_scene.UserAccountService.GetUserAccount(m_scene.RegionInfo.ScopeID, user); | 668 | UserAccount account = m_scene.UserAccountService.GetUserAccount(m_scene.RegionInfo.ScopeID, user); |
551 | if (account != null) | 669 | if (account != null) |
@@ -556,11 +674,11 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
556 | } | 674 | } |
557 | 675 | ||
558 | protected bool IsFriendWithPerms(UUID user, UUID objectOwner) | 676 | protected bool IsFriendWithPerms(UUID user, UUID objectOwner) |
559 | { | 677 | { |
560 | if (user == UUID.Zero) | 678 | if (FriendsModule == null) |
561 | return false; | 679 | return false; |
562 | 680 | ||
563 | if (FriendsModule == null) | 681 | if (user == UUID.Zero) |
564 | return false; | 682 | return false; |
565 | 683 | ||
566 | int friendPerms = FriendsModule.GetRightsGrantedByFriend(user, objectOwner); | 684 | int friendPerms = FriendsModule.GetRightsGrantedByFriend(user, objectOwner); |
@@ -570,7 +688,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
570 | protected bool IsEstateManager(UUID user) | 688 | protected bool IsEstateManager(UUID user) |
571 | { | 689 | { |
572 | if (user == UUID.Zero) return false; | 690 | if (user == UUID.Zero) return false; |
573 | 691 | ||
574 | return m_scene.RegionInfo.EstateSettings.IsEstateManagerOrOwner(user); | 692 | return m_scene.RegionInfo.EstateSettings.IsEstateManagerOrOwner(user); |
575 | } | 693 | } |
576 | 694 | ||
@@ -596,75 +714,178 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
596 | 714 | ||
597 | #region Object Permissions | 715 | #region Object Permissions |
598 | 716 | ||
599 | public uint GenerateClientFlags(UUID user, UUID objID) | 717 | const uint DEFAULT_FLAGS = (uint)( |
600 | { | 718 | PrimFlags.ObjectCopy | // Tells client you can copy the object |
601 | // Here's the way this works, | 719 | PrimFlags.ObjectModify | // tells client you can modify the object |
602 | // ObjectFlags and Permission flags are two different enumerations | 720 | PrimFlags.ObjectMove | // tells client that you can move the object (only, no mod) |
603 | // ObjectFlags, however, tells the client to change what it will allow the user to do. | 721 | PrimFlags.ObjectTransfer | // tells the client that you can /take/ the object if you don't own it |
604 | // So, that means that all of the permissions type ObjectFlags are /temporary/ and only | 722 | PrimFlags.ObjectYouOwner | // Tells client that you're the owner of the object |
605 | // supposed to be set when customizing the objectflags for the client. | 723 | PrimFlags.ObjectAnyOwner | // Tells client that someone owns the object |
724 | PrimFlags.ObjectOwnerModify // Tells client that you're the owner of the object | ||
725 | ); | ||
726 | |||
727 | const uint NOT_DEFAULT_FLAGS = (uint)~( | ||
728 | PrimFlags.ObjectCopy | // Tells client you can copy the object | ||
729 | PrimFlags.ObjectModify | // tells client you can modify the object | ||
730 | PrimFlags.ObjectMove | // tells client that you can move the object (only, no mod) | ||
731 | PrimFlags.ObjectTransfer | // tells the client that you can /take/ the object if you don't own it | ||
732 | PrimFlags.ObjectYouOwner | // Tells client that you're the owner of the object | ||
733 | PrimFlags.ObjectAnyOwner | // Tells client that someone owns the object | ||
734 | PrimFlags.ObjectOwnerModify // Tells client that you're the owner of the object | ||
735 | ); | ||
736 | |||
737 | const uint EXTRAOWNERMASK = (uint)( | ||
738 | PrimFlags.ObjectYouOwner | | ||
739 | PrimFlags.ObjectAnyOwner | ||
740 | ); | ||
741 | |||
742 | const uint EXTRAGODMASK = (uint)( | ||
743 | PrimFlags.ObjectYouOwner | | ||
744 | PrimFlags.ObjectAnyOwner | | ||
745 | PrimFlags.ObjectOwnerModify | | ||
746 | PrimFlags.ObjectModify | | ||
747 | PrimFlags.ObjectMove | ||
748 | ); | ||
749 | |||
750 | const uint GOD_FLAGS = (uint)( | ||
751 | PrimFlags.ObjectCopy | // Tells client you can copy the object | ||
752 | PrimFlags.ObjectModify | // tells client you can modify the object | ||
753 | PrimFlags.ObjectMove | // tells client that you can move the object (only, no mod) | ||
754 | PrimFlags.ObjectTransfer | // tells the client that you can /take/ the object if you don't own it | ||
755 | PrimFlags.ObjectYouOwner | // Tells client that you're the owner of the object | ||
756 | PrimFlags.ObjectAnyOwner | // Tells client that someone owns the object | ||
757 | PrimFlags.ObjectOwnerModify // Tells client that you're the owner of the object | ||
758 | ); | ||
759 | |||
760 | const uint LOCKED_GOD_FLAGS = (uint)( | ||
761 | PrimFlags.ObjectCopy | // Tells client you can copy the object | ||
762 | PrimFlags.ObjectTransfer | // tells the client that you can /take/ the object if you don't own it | ||
763 | PrimFlags.ObjectYouOwner | // Tells client that you're the owner of the object | ||
764 | PrimFlags.ObjectAnyOwner // Tells client that someone owns the object | ||
765 | ); | ||
766 | |||
767 | const uint SHAREDMASK = (uint)( | ||
768 | PermissionMask.Move | | ||
769 | PermissionMask.Modify | | ||
770 | PermissionMask.Copy | ||
771 | ); | ||
772 | |||
773 | public uint GenerateClientFlags(SceneObjectPart task, ScenePresence sp, uint curEffectivePerms) | ||
774 | { | ||
775 | if(sp == null || task == null || curEffectivePerms == 0) | ||
776 | return 0; | ||
606 | 777 | ||
607 | // These temporary objectflags get computed and added in this function based on the | 778 | // Remove any of the objectFlags that are temporary. These will get added back if appropriate |
608 | // Permission mask that's appropriate! | 779 | uint objflags = curEffectivePerms & NOT_DEFAULT_FLAGS ; |
609 | // Outside of this method, they should never be added to objectflags! | ||
610 | // -teravus | ||
611 | 780 | ||
612 | SceneObjectPart task = m_scene.GetSceneObjectPart(objID); | 781 | uint returnMask; |
613 | 782 | ||
614 | // this shouldn't ever happen.. return no permissions/objectflags. | 783 | SceneObjectGroup grp = task.ParentGroup; |
615 | if (task == null) | 784 | if(grp == null) |
616 | return (uint)0; | 785 | return 0; |
617 | 786 | ||
618 | uint objflags = task.GetEffectiveObjectFlags(); | 787 | UUID taskOwnerID = task.OwnerID; |
619 | UUID objectOwner = task.OwnerID; | 788 | UUID spID = sp.UUID; |
620 | 789 | ||
790 | bool unlocked = (grp.RootPart.OwnerMask & (uint)PermissionMask.Move) != 0; | ||
621 | 791 | ||
622 | // Remove any of the objectFlags that are temporary. These will get added back if appropriate | 792 | if(sp.IsGod) |
623 | // in the next bit of code | 793 | { |
624 | 794 | // do locked on objects owned by admin | |
625 | // libomv will moan about PrimFlags.ObjectYouOfficer being | 795 | if(!unlocked && spID == taskOwnerID) |
626 | // deprecated | 796 | return objflags | LOCKED_GOD_FLAGS; |
627 | #pragma warning disable 0612 | 797 | else |
628 | objflags &= (uint) | 798 | return objflags | GOD_FLAGS; |
629 | ~(PrimFlags.ObjectCopy | // Tells client you can copy the object | 799 | } |
630 | PrimFlags.ObjectModify | // tells client you can modify the object | 800 | |
631 | PrimFlags.ObjectMove | // tells client that you can move the object (only, no mod) | 801 | //bypass option == owner rights |
632 | PrimFlags.ObjectTransfer | // tells the client that you can /take/ the object if you don't own it | 802 | if (m_bypassPermissions) |
633 | PrimFlags.ObjectYouOwner | // Tells client that you're the owner of the object | 803 | { |
634 | PrimFlags.ObjectAnyOwner | // Tells client that someone owns the object | 804 | returnMask = ApplyObjectModifyMasks(task.OwnerMask, objflags, true); //?? |
635 | PrimFlags.ObjectOwnerModify | // Tells client that you're the owner of the object | 805 | returnMask |= EXTRAOWNERMASK; |
636 | PrimFlags.ObjectYouOfficer // Tells client that you've got group object editing permission. Used when ObjectGroupOwned is set | 806 | if((returnMask & (uint)PrimFlags.ObjectModify) != 0) |
637 | ); | 807 | returnMask |= (uint)PrimFlags.ObjectOwnerModify; |
638 | #pragma warning restore 0612 | 808 | return returnMask; |
639 | 809 | } | |
640 | // Creating the three ObjectFlags options for this method to choose from. | 810 | |
641 | // Customize the OwnerMask | 811 | // owner |
642 | uint objectOwnerMask = ApplyObjectModifyMasks(task.OwnerMask, objflags); | 812 | if (spID == taskOwnerID) |
643 | objectOwnerMask |= (uint)PrimFlags.ObjectYouOwner | (uint)PrimFlags.ObjectAnyOwner | (uint)PrimFlags.ObjectOwnerModify; | 813 | { |
644 | 814 | returnMask = ApplyObjectModifyMasks(grp.EffectiveOwnerPerms, objflags, unlocked); | |
645 | // Customize the GroupMask | 815 | returnMask |= EXTRAOWNERMASK; |
646 | uint objectGroupMask = ApplyObjectModifyMasks(task.GroupMask, objflags); | 816 | if((returnMask & (uint)PrimFlags.ObjectModify) != 0) |
647 | 817 | returnMask |= (uint)PrimFlags.ObjectOwnerModify; | |
648 | // Customize the EveryoneMask | 818 | return returnMask; |
649 | uint objectEveryoneMask = ApplyObjectModifyMasks(task.EveryoneMask, objflags); | 819 | } |
650 | if (objectOwner != UUID.Zero) | 820 | |
651 | objectEveryoneMask |= (uint)PrimFlags.ObjectAnyOwner; | 821 | // if not god or owner, do attachments as everyone |
652 | 822 | if(task.ParentGroup.IsAttachment) | |
653 | PermissionClass permissionClass = GetPermissionClass(user, task); | 823 | { |
654 | 824 | returnMask = ApplyObjectModifyMasks(grp.EffectiveEveryOnePerms, objflags, unlocked); | |
655 | switch (permissionClass) | 825 | if (taskOwnerID != UUID.Zero) |
826 | returnMask |= (uint)PrimFlags.ObjectAnyOwner; | ||
827 | return returnMask; | ||
828 | } | ||
829 | |||
830 | UUID taskGroupID = task.GroupID; | ||
831 | bool notGroupdOwned = taskOwnerID != taskGroupID; | ||
832 | |||
833 | // if friends with rights then owner | ||
834 | if (notGroupdOwned && IsFriendWithPerms(spID, taskOwnerID)) | ||
835 | { | ||
836 | returnMask = ApplyObjectModifyMasks(grp.EffectiveOwnerPerms, objflags, unlocked); | ||
837 | returnMask |= EXTRAOWNERMASK; | ||
838 | if((returnMask & (uint)PrimFlags.ObjectModify) != 0) | ||
839 | returnMask |= (uint)PrimFlags.ObjectOwnerModify; | ||
840 | return returnMask; | ||
841 | } | ||
842 | |||
843 | // group owned or shared ? | ||
844 | IClientAPI client = sp.ControllingClient; | ||
845 | ulong powers = 0; | ||
846 | if(taskGroupID != UUID.Zero && GroupMemberPowers(taskGroupID, sp, ref powers)) | ||
656 | { | 847 | { |
657 | case PermissionClass.Owner: | 848 | if(notGroupdOwned) |
658 | return objectOwnerMask; | 849 | { |
659 | case PermissionClass.Group: | 850 | // group sharing or everyone |
660 | return objectGroupMask | objectEveryoneMask; | 851 | returnMask = ApplyObjectModifyMasks(grp.EffectiveGroupOrEveryOnePerms, objflags, unlocked); |
661 | case PermissionClass.Everyone: | 852 | if (taskOwnerID != UUID.Zero) |
662 | default: | 853 | returnMask |= (uint)PrimFlags.ObjectAnyOwner; |
663 | return objectEveryoneMask; | 854 | return returnMask; |
855 | } | ||
856 | |||
857 | // object is owned by group, check role powers | ||
858 | if((powers & (ulong)GroupPowers.ObjectManipulate) == 0) | ||
859 | { | ||
860 | // group sharing or everyone | ||
861 | returnMask = ApplyObjectModifyMasks(grp.EffectiveGroupOrEveryOnePerms, objflags, unlocked); | ||
862 | returnMask |= | ||
863 | (uint)PrimFlags.ObjectGroupOwned | | ||
864 | (uint)PrimFlags.ObjectAnyOwner; | ||
865 | return returnMask; | ||
866 | } | ||
867 | |||
868 | // we may have copy without transfer | ||
869 | uint grpEffectiveOwnerPerms = grp.EffectiveOwnerPerms; | ||
870 | if((grpEffectiveOwnerPerms & (uint)PermissionMask.Transfer) == 0) | ||
871 | grpEffectiveOwnerPerms &= ~(uint)PermissionMask.Copy; | ||
872 | returnMask = ApplyObjectModifyMasks(grpEffectiveOwnerPerms, objflags, unlocked); | ||
873 | returnMask |= | ||
874 | (uint)PrimFlags.ObjectGroupOwned | | ||
875 | (uint)PrimFlags.ObjectYouOwner; | ||
876 | if((returnMask & (uint)PrimFlags.ObjectModify) != 0) | ||
877 | returnMask |= (uint)PrimFlags.ObjectOwnerModify; | ||
878 | return returnMask; | ||
664 | } | 879 | } |
880 | |||
881 | // fallback is everyone rights | ||
882 | returnMask = ApplyObjectModifyMasks(grp.EffectiveEveryOnePerms, objflags, unlocked); | ||
883 | if (taskOwnerID != UUID.Zero) | ||
884 | returnMask |= (uint)PrimFlags.ObjectAnyOwner; | ||
885 | return returnMask; | ||
665 | } | 886 | } |
666 | 887 | ||
667 | private uint ApplyObjectModifyMasks(uint setPermissionMask, uint objectFlagsMask) | 888 | private uint ApplyObjectModifyMasks(uint setPermissionMask, uint objectFlagsMask, bool unlocked) |
668 | { | 889 | { |
669 | // We are adding the temporary objectflags to the object's objectflags based on the | 890 | // We are adding the temporary objectflags to the object's objectflags based on the |
670 | // permission flag given. These change the F flags on the client. | 891 | // permission flag given. These change the F flags on the client. |
@@ -674,14 +895,17 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
674 | objectFlagsMask |= (uint)PrimFlags.ObjectCopy; | 895 | objectFlagsMask |= (uint)PrimFlags.ObjectCopy; |
675 | } | 896 | } |
676 | 897 | ||
677 | if ((setPermissionMask & (uint)PermissionMask.Move) != 0) | 898 | if (unlocked) |
678 | { | 899 | { |
679 | objectFlagsMask |= (uint)PrimFlags.ObjectMove; | 900 | if ((setPermissionMask & (uint)PermissionMask.Move) != 0) |
680 | } | 901 | { |
902 | objectFlagsMask |= (uint)PrimFlags.ObjectMove; | ||
903 | } | ||
681 | 904 | ||
682 | if ((setPermissionMask & (uint)PermissionMask.Modify) != 0) | 905 | if ((setPermissionMask & (uint)PermissionMask.Modify) != 0) |
683 | { | 906 | { |
684 | objectFlagsMask |= (uint)PrimFlags.ObjectModify; | 907 | objectFlagsMask |= (uint)PrimFlags.ObjectModify; |
908 | } | ||
685 | } | 909 | } |
686 | 910 | ||
687 | if ((setPermissionMask & (uint)PermissionMask.Transfer) != 0) | 911 | if ((setPermissionMask & (uint)PermissionMask.Transfer) != 0) |
@@ -692,6 +916,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
692 | return objectFlagsMask; | 916 | return objectFlagsMask; |
693 | } | 917 | } |
694 | 918 | ||
919 | // OARs still need this method that handles offline users | ||
695 | public PermissionClass GetPermissionClass(UUID user, SceneObjectPart obj) | 920 | public PermissionClass GetPermissionClass(UUID user, SceneObjectPart obj) |
696 | { | 921 | { |
697 | if (obj == null) | 922 | if (obj == null) |
@@ -705,135 +930,199 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
705 | if (user == objectOwner) | 930 | if (user == objectOwner) |
706 | return PermissionClass.Owner; | 931 | return PermissionClass.Owner; |
707 | 932 | ||
708 | if (IsFriendWithPerms(user, objectOwner)) | ||
709 | return PermissionClass.Owner; | ||
710 | |||
711 | // Estate users should be able to edit anything in the sim if RegionOwnerIsGod is set | ||
712 | if (m_RegionOwnerIsGod && IsEstateManager(user) && !IsAdministrator(objectOwner)) | ||
713 | return PermissionClass.Owner; | ||
714 | |||
715 | // Admin should be able to edit anything in the sim (including admin objects) | 933 | // Admin should be able to edit anything in the sim (including admin objects) |
716 | if (IsAdministrator(user)) | 934 | if (IsAdministrator(user)) |
717 | return PermissionClass.Owner; | 935 | return PermissionClass.Owner; |
718 | 936 | ||
719 | // Users should be able to edit what is over their land. | 937 | if(!obj.ParentGroup.IsAttachment) |
720 | Vector3 taskPos = obj.AbsolutePosition; | ||
721 | ILandObject parcel = m_scene.LandChannel.GetLandObject(taskPos.X, taskPos.Y); | ||
722 | if (parcel != null && parcel.LandData.OwnerID == user && m_ParcelOwnerIsGod) | ||
723 | { | 938 | { |
724 | // Admin objects should not be editable by the above | 939 | if (IsFriendWithPerms(user, objectOwner) ) |
725 | if (!IsAdministrator(objectOwner)) | ||
726 | return PermissionClass.Owner; | 940 | return PermissionClass.Owner; |
727 | } | ||
728 | 941 | ||
729 | // Group permissions | 942 | // Group permissions |
730 | if ((obj.GroupID != UUID.Zero) && IsGroupMember(obj.GroupID, user, 0)) | 943 | if (obj.GroupID != UUID.Zero && IsGroupMember(obj.GroupID, user, 0)) |
731 | return PermissionClass.Group; | 944 | return PermissionClass.Group; |
945 | } | ||
732 | 946 | ||
733 | return PermissionClass.Everyone; | 947 | return PermissionClass.Everyone; |
734 | } | 948 | } |
735 | 949 | ||
736 | /// <summary> | 950 | // get effective object permissions using user UUID. User rights will be fixed |
737 | /// General permissions checks for any operation involving an object. These supplement more specific checks | 951 | protected uint GetObjectPermissions(UUID currentUser, SceneObjectGroup group, bool denyOnLocked) |
738 | /// implemented by callers. | ||
739 | /// </summary> | ||
740 | /// <param name="currentUser"></param> | ||
741 | /// <param name="objId">This is a scene object group UUID</param> | ||
742 | /// <param name="denyOnLocked"></param> | ||
743 | /// <returns></returns> | ||
744 | protected bool GenericObjectPermission(UUID currentUser, UUID objId, bool denyOnLocked) | ||
745 | { | 952 | { |
746 | // Default: deny | 953 | if (group == null) |
747 | bool permission = false; | 954 | return 0; |
748 | bool locked = false; | ||
749 | |||
750 | SceneObjectPart part = m_scene.GetSceneObjectPart(objId); | ||
751 | 955 | ||
752 | if (part == null) | 956 | SceneObjectPart root = group.RootPart; |
753 | return false; | 957 | if (root == null) |
754 | 958 | return 0; | |
755 | SceneObjectGroup group = part.ParentGroup; | ||
756 | 959 | ||
757 | UUID objectOwner = group.OwnerID; | 960 | UUID objectOwner = group.OwnerID; |
758 | locked = ((group.RootPart.OwnerMask & PERM_LOCKED) == 0); | 961 | bool locked = denyOnLocked && ((root.OwnerMask & (uint)PermissionMask.Move) == 0); |
759 | 962 | ||
760 | // People shouldn't be able to do anything with locked objects, except the Administrator | 963 | if (IsAdministrator(currentUser)) |
761 | // The 'set permissions' runs through a different permission check, so when an object owner | ||
762 | // sets an object locked, the only thing that they can do is unlock it. | ||
763 | // | ||
764 | // Nobody but the object owner can set permissions on an object | ||
765 | // | ||
766 | if (locked && (!IsAdministrator(currentUser)) && denyOnLocked) | ||
767 | { | 964 | { |
768 | return false; | 965 | // do lock on admin owned objects |
966 | if(locked && currentUser == objectOwner) | ||
967 | return (uint)(PermissionMask.AllEffective & ~(PermissionMask.Modify | PermissionMask.Move)); | ||
968 | return (uint)PermissionMask.AllEffective; | ||
769 | } | 969 | } |
770 | 970 | ||
771 | // Object owners should be able to edit their own content | 971 | uint lockmask = (uint)PermissionMask.AllEffective; |
972 | if(locked) | ||
973 | lockmask &= ~(uint)(PermissionMask.Modify | PermissionMask.Move); | ||
974 | |||
772 | if (currentUser == objectOwner) | 975 | if (currentUser == objectOwner) |
976 | return group.EffectiveOwnerPerms & lockmask; | ||
977 | |||
978 | if (group.IsAttachment) | ||
979 | return 0; | ||
980 | |||
981 | UUID sogGroupID = group.GroupID; | ||
982 | bool notgroudOwned = sogGroupID != objectOwner; | ||
983 | |||
984 | if (notgroudOwned && IsFriendWithPerms(currentUser, objectOwner)) | ||
985 | return group.EffectiveOwnerPerms & lockmask; | ||
986 | |||
987 | ulong powers = 0; | ||
988 | if (sogGroupID != UUID.Zero && GroupMemberPowers(sogGroupID, currentUser, ref powers)) | ||
773 | { | 989 | { |
774 | // there is no way that later code can change this back to false | 990 | if(notgroudOwned) |
775 | // so just return true immediately and short circuit the more | 991 | return group.EffectiveGroupOrEveryOnePerms & lockmask; |
776 | // expensive group checks | 992 | |
777 | return true; | 993 | if((powers & (ulong)GroupPowers.ObjectManipulate) == 0) |
778 | 994 | return group.EffectiveGroupOrEveryOnePerms & lockmask; | |
779 | //permission = true; | 995 | |
996 | uint grpEffectiveOwnerPerms = group.EffectiveOwnerPerms & lockmask; | ||
997 | if((grpEffectiveOwnerPerms & (uint)PermissionMask.Transfer) == 0) | ||
998 | grpEffectiveOwnerPerms &= ~(uint)PermissionMask.Copy; | ||
999 | return grpEffectiveOwnerPerms; | ||
780 | } | 1000 | } |
781 | else if (group.IsAttachment) | 1001 | |
1002 | return group.EffectiveEveryOnePerms & lockmask; | ||
1003 | } | ||
1004 | |||
1005 | // get effective object permissions using present presence. So some may depend on requested rights (ie God) | ||
1006 | protected uint GetObjectPermissions(ScenePresence sp, SceneObjectGroup group, bool denyOnLocked) | ||
1007 | { | ||
1008 | if (sp == null || sp.IsDeleted || group == null || group.IsDeleted) | ||
1009 | return 0; | ||
1010 | |||
1011 | SceneObjectPart root = group.RootPart; | ||
1012 | if (root == null) | ||
1013 | return 0; | ||
1014 | |||
1015 | UUID spID = sp.UUID; | ||
1016 | UUID objectOwner = group.OwnerID; | ||
1017 | |||
1018 | bool locked = denyOnLocked && ((root.OwnerMask & (uint)PermissionMask.Move) == 0); | ||
1019 | |||
1020 | if (sp.IsGod) | ||
782 | { | 1021 | { |
783 | permission = false; | 1022 | if(locked && spID == objectOwner) |
1023 | return (uint)(PermissionMask.AllEffective & ~(PermissionMask.Modify | PermissionMask.Move)); | ||
1024 | return (uint)PermissionMask.AllEffective; | ||
784 | } | 1025 | } |
785 | 1026 | ||
786 | // m_log.DebugFormat( | 1027 | uint lockmask = (uint)PermissionMask.AllEffective; |
787 | // "[PERMISSIONS]: group.GroupID = {0}, part.GroupMask = {1}, isGroupMember = {2} for {3}", | 1028 | if(locked) |
788 | // group.GroupID, | 1029 | lockmask &= ~(uint)(PermissionMask.Modify | PermissionMask.Move); |
789 | // m_scene.GetSceneObjectPart(objId).GroupMask, | 1030 | |
790 | // IsGroupMember(group.GroupID, currentUser, 0), | 1031 | if (spID == objectOwner) |
791 | // currentUser); | 1032 | return group.EffectiveOwnerPerms & lockmask; |
792 | 1033 | ||
793 | // Group members should be able to edit group objects | 1034 | if (group.IsAttachment) |
794 | if ((group.GroupID != UUID.Zero) | 1035 | return 0; |
795 | && ((m_scene.GetSceneObjectPart(objId).GroupMask & (uint)PermissionMask.Modify) != 0) | 1036 | |
796 | && IsGroupMember(group.GroupID, currentUser, 0)) | 1037 | UUID sogGroupID = group.GroupID; |
797 | { | 1038 | bool notgroudOwned = sogGroupID != objectOwner; |
798 | // Return immediately, so that the administrator can shares group objects | ||
799 | return true; | ||
800 | } | ||
801 | 1039 | ||
802 | // Friends with benefits should be able to edit the objects too | 1040 | if (notgroudOwned && IsFriendWithPerms(spID, objectOwner)) |
803 | if (IsFriendWithPerms(currentUser, objectOwner)) | 1041 | return group.EffectiveOwnerPerms & lockmask; |
804 | { | ||
805 | // Return immediately, so that the administrator can share objects with friends | ||
806 | return true; | ||
807 | } | ||
808 | |||
809 | // Users should be able to edit what is over their land. | ||
810 | ILandObject parcel = m_scene.LandChannel.GetLandObject(group.AbsolutePosition.X, group.AbsolutePosition.Y); | ||
811 | if ((parcel != null) && (parcel.LandData.OwnerID == currentUser)) | ||
812 | { | ||
813 | permission = true; | ||
814 | } | ||
815 | 1042 | ||
816 | // Estate users should be able to edit anything in the sim | 1043 | ulong powers = 0; |
817 | if (IsEstateManager(currentUser)) | 1044 | if (sogGroupID != UUID.Zero && GroupMemberPowers(sogGroupID, sp, ref powers)) |
818 | { | 1045 | { |
819 | permission = true; | 1046 | if(notgroudOwned) |
1047 | return group.EffectiveGroupOrEveryOnePerms & lockmask; | ||
1048 | |||
1049 | if((powers & (ulong)GroupPowers.ObjectManipulate) == 0) | ||
1050 | return group.EffectiveGroupOrEveryOnePerms & lockmask; | ||
1051 | |||
1052 | uint grpEffectiveOwnerPerms = group.EffectiveOwnerPerms & lockmask; | ||
1053 | if((grpEffectiveOwnerPerms & (uint)PermissionMask.Transfer) == 0) | ||
1054 | grpEffectiveOwnerPerms &= ~(uint)PermissionMask.Copy; | ||
1055 | return grpEffectiveOwnerPerms; | ||
820 | } | 1056 | } |
821 | 1057 | ||
822 | // Admin objects should not be editable by the above | 1058 | return group.EffectiveEveryOnePerms & lockmask; |
823 | if (IsAdministrator(objectOwner)) | 1059 | } |
1060 | |||
1061 | private uint GetObjectItemPermissions(UUID userID, TaskInventoryItem ti) | ||
1062 | { | ||
1063 | UUID tiOwnerID = ti.OwnerID; | ||
1064 | if(tiOwnerID == userID) | ||
1065 | return ti.CurrentPermissions; | ||
1066 | |||
1067 | if(IsAdministrator(userID)) | ||
1068 | return (uint)PermissionMask.AllEffective; | ||
1069 | // ?? | ||
1070 | if (IsFriendWithPerms(userID, tiOwnerID)) | ||
1071 | return ti.CurrentPermissions; | ||
1072 | |||
1073 | UUID tiGroupID = ti.GroupID; | ||
1074 | if(tiGroupID != UUID.Zero) | ||
824 | { | 1075 | { |
825 | permission = false; | 1076 | ulong powers = 0; |
1077 | if(GroupMemberPowers(tiGroupID, userID, ref powers)) | ||
1078 | { | ||
1079 | if(tiGroupID == ti.OwnerID) | ||
1080 | { | ||
1081 | if((powers & (ulong)GroupPowers.ObjectManipulate) != 0) | ||
1082 | return ti.CurrentPermissions; | ||
1083 | } | ||
1084 | return ti.GroupPermissions; | ||
1085 | } | ||
826 | } | 1086 | } |
827 | 1087 | ||
828 | // Admin should be able to edit anything in the sim (including admin objects) | 1088 | return 0; |
829 | if (IsAdministrator(currentUser)) | 1089 | } |
1090 | |||
1091 | private uint GetObjectItemPermissions(ScenePresence sp, TaskInventoryItem ti, bool notEveryone) | ||
1092 | { | ||
1093 | UUID tiOwnerID = ti.OwnerID; | ||
1094 | UUID spID = sp.UUID; | ||
1095 | |||
1096 | if(tiOwnerID == spID) | ||
1097 | return ti.CurrentPermissions; | ||
1098 | |||
1099 | // ?? | ||
1100 | if (IsFriendWithPerms(spID, tiOwnerID)) | ||
1101 | return ti.CurrentPermissions; | ||
1102 | |||
1103 | UUID tiGroupID = ti.GroupID; | ||
1104 | if(tiGroupID != UUID.Zero) | ||
830 | { | 1105 | { |
831 | permission = true; | 1106 | ulong powers = 0; |
1107 | if(GroupMemberPowers(tiGroupID, spID, ref powers)) | ||
1108 | { | ||
1109 | if(tiGroupID == ti.OwnerID) | ||
1110 | { | ||
1111 | if((powers & (ulong)GroupPowers.ObjectManipulate) != 0) | ||
1112 | return ti.CurrentPermissions; | ||
1113 | } | ||
1114 | uint p = ti.GroupPermissions; | ||
1115 | if(!notEveryone) | ||
1116 | p |= ti.EveryonePermissions; | ||
1117 | return p; | ||
1118 | } | ||
832 | } | 1119 | } |
833 | 1120 | ||
834 | return permission; | 1121 | if(notEveryone) |
835 | } | 1122 | return 0; |
836 | 1123 | ||
1124 | return ti.EveryonePermissions; | ||
1125 | } | ||
837 | #endregion | 1126 | #endregion |
838 | 1127 | ||
839 | #region Generic Permissions | 1128 | #region Generic Permissions |
@@ -858,97 +1147,45 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
858 | 1147 | ||
859 | public bool GenericEstatePermission(UUID user) | 1148 | public bool GenericEstatePermission(UUID user) |
860 | { | 1149 | { |
861 | // Default: deny | ||
862 | bool permission = false; | ||
863 | |||
864 | // Estate admins should be able to use estate tools | 1150 | // Estate admins should be able to use estate tools |
865 | if (IsEstateManager(user)) | 1151 | if (IsEstateManager(user)) |
866 | permission = true; | 1152 | return true; |
867 | 1153 | ||
868 | // Administrators always have permission | 1154 | // Administrators always have permission |
869 | if (IsAdministrator(user)) | 1155 | if (IsAdministrator(user)) |
870 | permission = true; | 1156 | return true; |
871 | 1157 | ||
872 | return permission; | 1158 | return false; |
873 | } | 1159 | } |
874 | 1160 | ||
875 | protected bool GenericParcelPermission(UUID user, ILandObject parcel, ulong groupPowers) | ||
876 | { | ||
877 | bool permission = false; | ||
878 | |||
879 | if (parcel.LandData.OwnerID == user) | ||
880 | { | ||
881 | permission = true; | ||
882 | } | ||
883 | |||
884 | if ((parcel.LandData.GroupID != UUID.Zero) && IsGroupMember(parcel.LandData.GroupID, user, groupPowers)) | ||
885 | { | ||
886 | permission = true; | ||
887 | } | ||
888 | |||
889 | if (IsEstateManager(user)) | ||
890 | { | ||
891 | permission = true; | ||
892 | } | ||
893 | |||
894 | if (IsAdministrator(user)) | ||
895 | { | ||
896 | permission = true; | ||
897 | } | ||
898 | |||
899 | if (m_SimpleBuildPermissions && | ||
900 | (parcel.LandData.Flags & (uint)ParcelFlags.UseAccessList) == 0 && parcel.IsInLandAccessList(user)) | ||
901 | permission = true; | ||
902 | |||
903 | return permission; | ||
904 | } | ||
905 | |||
906 | protected bool GenericParcelOwnerPermission(UUID user, ILandObject parcel, ulong groupPowers, bool allowEstateManager) | 1161 | protected bool GenericParcelOwnerPermission(UUID user, ILandObject parcel, ulong groupPowers, bool allowEstateManager) |
907 | { | 1162 | { |
908 | if (parcel.LandData.OwnerID == user) | 1163 | if (parcel.LandData.OwnerID == user) |
909 | { | ||
910 | // Returning immediately so that group deeded objects on group deeded land don't trigger a NRE on | ||
911 | // the subsequent redundant checks when using lParcelMediaCommandList() | ||
912 | // See http://opensimulator.org/mantis/view.php?id=3999 for more details | ||
913 | return true; | 1164 | return true; |
914 | } | ||
915 | 1165 | ||
916 | if (parcel.LandData.IsGroupOwned && IsGroupMember(parcel.LandData.GroupID, user, groupPowers)) | 1166 | if (parcel.LandData.IsGroupOwned && IsGroupMember(parcel.LandData.GroupID, user, groupPowers)) |
917 | { | ||
918 | return true; | 1167 | return true; |
919 | } | 1168 | |
920 | |||
921 | if (allowEstateManager && IsEstateManager(user)) | 1169 | if (allowEstateManager && IsEstateManager(user)) |
922 | { | ||
923 | return true; | 1170 | return true; |
924 | } | ||
925 | 1171 | ||
926 | if (IsAdministrator(user)) | 1172 | if (IsAdministrator(user)) |
927 | { | ||
928 | return true; | 1173 | return true; |
929 | } | ||
930 | 1174 | ||
931 | return false; | 1175 | return false; |
932 | } | 1176 | } |
933 | |||
934 | protected bool GenericParcelPermission(UUID user, Vector3 pos, ulong groupPowers) | ||
935 | { | ||
936 | ILandObject parcel = m_scene.LandChannel.GetLandObject(pos.X, pos.Y); | ||
937 | if (parcel == null) return false; | ||
938 | return GenericParcelPermission(user, parcel, groupPowers); | ||
939 | } | ||
940 | #endregion | 1177 | #endregion |
941 | 1178 | ||
942 | #region Permission Checks | 1179 | #region Permission Checks |
943 | private bool CanAbandonParcel(UUID user, ILandObject parcel, Scene scene) | 1180 | private bool CanAbandonParcel(UUID user, ILandObject parcel) |
944 | { | 1181 | { |
945 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | 1182 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
946 | if (m_bypassPermissions) return m_bypassPermissionsValue; | 1183 | if (m_bypassPermissions) return m_bypassPermissionsValue; |
947 | 1184 | ||
948 | return GenericParcelOwnerPermission(user, parcel, (ulong)GroupPowers.LandRelease, false); | 1185 | return GenericParcelOwnerPermission(user, parcel, (ulong)GroupPowers.LandRelease, false); |
949 | } | 1186 | } |
950 | 1187 | ||
951 | private bool CanReclaimParcel(UUID user, ILandObject parcel, Scene scene) | 1188 | private bool CanReclaimParcel(UUID user, ILandObject parcel) |
952 | { | 1189 | { |
953 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | 1190 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
954 | if (m_bypassPermissions) return m_bypassPermissionsValue; | 1191 | if (m_bypassPermissions) return m_bypassPermissionsValue; |
@@ -956,108 +1193,252 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
956 | return GenericParcelOwnerPermission(user, parcel, 0,true); | 1193 | return GenericParcelOwnerPermission(user, parcel, 0,true); |
957 | } | 1194 | } |
958 | 1195 | ||
959 | private bool CanDeedParcel(UUID user, ILandObject parcel, Scene scene) | 1196 | private bool CanDeedParcel(UUID user, ILandObject parcel) |
960 | { | 1197 | { |
961 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | 1198 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
962 | if (m_bypassPermissions) return m_bypassPermissionsValue; | 1199 | if (m_bypassPermissions) return m_bypassPermissionsValue; |
963 | 1200 | ||
1201 | if(parcel.LandData.GroupID == UUID.Zero) | ||
1202 | return false; | ||
1203 | |||
1204 | if (IsAdministrator(user)) | ||
1205 | return true; | ||
1206 | |||
964 | if (parcel.LandData.OwnerID != user) // Only the owner can deed! | 1207 | if (parcel.LandData.OwnerID != user) // Only the owner can deed! |
965 | return false; | 1208 | return false; |
966 | 1209 | ||
967 | ScenePresence sp = scene.GetScenePresence(user); | 1210 | ScenePresence sp = m_scene.GetScenePresence(user); |
968 | IClientAPI client = sp.ControllingClient; | 1211 | if(sp == null) |
1212 | return false; | ||
969 | 1213 | ||
1214 | IClientAPI client = sp.ControllingClient; | ||
970 | if ((client.GetGroupPowers(parcel.LandData.GroupID) & (ulong)GroupPowers.LandDeed) == 0) | 1215 | if ((client.GetGroupPowers(parcel.LandData.GroupID) & (ulong)GroupPowers.LandDeed) == 0) |
971 | return false; | 1216 | return false; |
972 | 1217 | ||
973 | return GenericParcelOwnerPermission(user, parcel, (ulong)GroupPowers.LandDeed, false); | 1218 | return true; |
974 | } | 1219 | } |
975 | 1220 | ||
976 | private bool CanDeedObject(UUID user, UUID group, Scene scene) | 1221 | private bool CanDeedObject(ScenePresence sp, SceneObjectGroup sog, UUID targetGroupID) |
977 | { | 1222 | { |
978 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | 1223 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
979 | if (m_bypassPermissions) return m_bypassPermissionsValue; | 1224 | if (m_bypassPermissions) return m_bypassPermissionsValue; |
980 | 1225 | ||
981 | ScenePresence sp = scene.GetScenePresence(user); | 1226 | if(sog == null || sog.IsDeleted || sp == null || sp.IsDeleted || targetGroupID == UUID.Zero) |
982 | IClientAPI client = sp.ControllingClient; | 1227 | return false; |
1228 | |||
1229 | // object has group already? | ||
1230 | if(sog.GroupID != targetGroupID) | ||
1231 | return false; | ||
1232 | |||
1233 | // is effectivelly shared? | ||
1234 | if(sog.EffectiveGroupPerms == 0) | ||
1235 | return false; | ||
1236 | |||
1237 | if(sp.IsGod) | ||
1238 | return true; | ||
1239 | |||
1240 | // owned by requester? | ||
1241 | if(sog.OwnerID != sp.UUID) | ||
1242 | return false; | ||
1243 | |||
1244 | // owner can transfer? | ||
1245 | if((sog.EffectiveOwnerPerms & (uint)PermissionMask.Transfer) == 0) | ||
1246 | return false; | ||
1247 | |||
1248 | // group member ? | ||
1249 | ulong powers = 0; | ||
1250 | if(!GroupMemberPowers(targetGroupID, sp, ref powers)) | ||
1251 | return false; | ||
983 | 1252 | ||
984 | if ((client.GetGroupPowers(group) & (ulong)GroupPowers.DeedObject) == 0) | 1253 | // has group rights? |
1254 | if ((powers & (ulong)GroupPowers.DeedObject) == 0) | ||
985 | return false; | 1255 | return false; |
986 | 1256 | ||
987 | return true; | 1257 | return true; |
988 | } | 1258 | } |
989 | 1259 | ||
990 | private bool IsGod(UUID user, Scene scene) | 1260 | private bool CanDuplicateObject(SceneObjectGroup sog, ScenePresence sp) |
991 | { | 1261 | { |
992 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | 1262 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
993 | if (m_bypassPermissions) return m_bypassPermissionsValue; | 1263 | if (m_bypassPermissions) return m_bypassPermissionsValue; |
994 | 1264 | ||
995 | return IsAdministrator(user); | 1265 | if (sog == null || sog.IsDeleted || sp == null || sp.IsDeleted) |
1266 | return false; | ||
1267 | |||
1268 | uint perms = GetObjectPermissions(sp, sog, false); | ||
1269 | if((perms & (uint)PermissionMask.Copy) == 0) | ||
1270 | return false; | ||
1271 | |||
1272 | if(sog.OwnerID != sp.UUID && (perms & (uint)PermissionMask.Transfer) == 0) | ||
1273 | return false; | ||
1274 | |||
1275 | //If they can rez, they can duplicate | ||
1276 | return CanRezObject(0, sp.UUID, sog.AbsolutePosition); | ||
996 | } | 1277 | } |
997 | 1278 | ||
998 | private bool CanDuplicateObject(int objectCount, UUID objectID, UUID owner, Scene scene, Vector3 objectPosition) | 1279 | private bool CanDeleteObject(SceneObjectGroup sog, ScenePresence sp) |
999 | { | 1280 | { |
1281 | // ignoring locked. viewers should warn and ask for confirmation | ||
1282 | |||
1000 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | 1283 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
1001 | if (m_bypassPermissions) return m_bypassPermissionsValue; | 1284 | if (m_bypassPermissions) return m_bypassPermissionsValue; |
1002 | 1285 | ||
1003 | if (!GenericObjectPermission(owner, objectID, true)) | 1286 | if (sog == null || sog.IsDeleted || sp == null || sp.IsDeleted) |
1004 | { | ||
1005 | //They can't even edit the object | ||
1006 | return false; | 1287 | return false; |
1007 | } | 1288 | |
1008 | 1289 | if(sog.IsAttachment) | |
1009 | SceneObjectPart part = scene.GetSceneObjectPart(objectID); | ||
1010 | if (part == null) | ||
1011 | return false; | 1290 | return false; |
1012 | 1291 | ||
1013 | if (part.OwnerID == owner) | 1292 | UUID sogOwnerID = sog.OwnerID; |
1293 | UUID spID = sp.UUID; | ||
1294 | |||
1295 | if(sogOwnerID == spID) | ||
1296 | return true; | ||
1297 | |||
1298 | if (sp.IsGod) | ||
1299 | return true; | ||
1300 | |||
1301 | if (IsFriendWithPerms(sog.UUID, sogOwnerID)) | ||
1302 | return true; | ||
1303 | |||
1304 | UUID sogGroupID = sog.GroupID; | ||
1305 | if (sogGroupID != UUID.Zero) | ||
1014 | { | 1306 | { |
1015 | if ((part.OwnerMask & PERM_COPY) == 0) | 1307 | ulong powers = 0; |
1016 | return false; | 1308 | if(GroupMemberPowers(sogGroupID, sp, ref powers)) |
1309 | { | ||
1310 | if(sogGroupID == sogOwnerID) | ||
1311 | { | ||
1312 | if((powers & (ulong)GroupPowers.ObjectManipulate) != 0) | ||
1313 | return true; | ||
1314 | } | ||
1315 | return (sog.EffectiveGroupPerms & (uint)PermissionMask.Modify) != 0; | ||
1316 | } | ||
1017 | } | 1317 | } |
1018 | else if (part.GroupID != UUID.Zero) | 1318 | return false; |
1019 | { | 1319 | } |
1020 | if ((part.OwnerID == part.GroupID) && ((owner != part.LastOwnerID) || ((part.GroupMask & PERM_TRANS) == 0))) | ||
1021 | return false; | ||
1022 | 1320 | ||
1023 | if ((part.GroupMask & PERM_COPY) == 0) | 1321 | private bool CanDeleteObjectByIDs(UUID objectID, UUID userID) |
1024 | return false; | 1322 | { |
1323 | // ignoring locked. viewers should warn and ask for confirmation | ||
1324 | |||
1325 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | ||
1326 | if (m_bypassPermissions) return m_bypassPermissionsValue; | ||
1327 | |||
1328 | SceneObjectGroup sog = m_scene.GetGroupByPrim(objectID); | ||
1329 | if (sog == null) | ||
1330 | return false; | ||
1331 | |||
1332 | if(sog.IsAttachment) | ||
1333 | return false; | ||
1334 | |||
1335 | UUID sogOwnerID = sog.OwnerID; | ||
1336 | |||
1337 | if(sogOwnerID == userID) | ||
1338 | return true; | ||
1339 | |||
1340 | if (IsAdministrator(userID)) | ||
1341 | return true; | ||
1342 | |||
1343 | if (IsFriendWithPerms(objectID, sogOwnerID)) | ||
1344 | return true; | ||
1345 | |||
1346 | UUID sogGroupID = sog.GroupID; | ||
1347 | if (sogGroupID != UUID.Zero) | ||
1348 | { | ||
1349 | ulong powers = 0; | ||
1350 | if(GroupMemberPowers(sogGroupID, userID, ref powers)) | ||
1351 | { | ||
1352 | if(sogGroupID == sogOwnerID) | ||
1353 | { | ||
1354 | if((powers & (ulong)GroupPowers.ObjectManipulate) != 0) | ||
1355 | return true; | ||
1356 | } | ||
1357 | return (sog.EffectiveGroupPerms & (uint)PermissionMask.Modify) != 0; | ||
1358 | } | ||
1025 | } | 1359 | } |
1026 | 1360 | return false; | |
1027 | //If they can rez, they can duplicate | 1361 | } |
1028 | return CanRezObject(objectCount, owner, objectPosition, scene); | 1362 | |
1363 | private bool CanEditObjectByIDs(UUID objectID, UUID userID) | ||
1364 | { | ||
1365 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | ||
1366 | if (m_bypassPermissions) return m_bypassPermissionsValue; | ||
1367 | |||
1368 | SceneObjectGroup sog = m_scene.GetGroupByPrim(objectID); | ||
1369 | if (sog == null) | ||
1370 | return false; | ||
1371 | |||
1372 | uint perms = GetObjectPermissions(userID, sog, true); | ||
1373 | if((perms & (uint)PermissionMask.Modify) == 0) | ||
1374 | return false; | ||
1375 | return true; | ||
1029 | } | 1376 | } |
1030 | 1377 | ||
1031 | private bool CanDeleteObject(UUID objectID, UUID deleter, Scene scene) | 1378 | private bool CanEditObject(SceneObjectGroup sog, ScenePresence sp) |
1032 | { | 1379 | { |
1033 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | 1380 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
1034 | if (m_bypassPermissions) return m_bypassPermissionsValue; | 1381 | if (m_bypassPermissions) return m_bypassPermissionsValue; |
1035 | 1382 | ||
1036 | return GenericObjectPermission(deleter, objectID, false); | 1383 | if(sog == null || sog.IsDeleted || sp == null || sp.IsDeleted) |
1384 | return false; | ||
1385 | |||
1386 | uint perms = GetObjectPermissions(sp, sog, true); | ||
1387 | if((perms & (uint)PermissionMask.Modify) == 0) | ||
1388 | return false; | ||
1389 | return true; | ||
1037 | } | 1390 | } |
1038 | 1391 | ||
1039 | private bool CanEditObject(UUID objectID, UUID editorID, Scene scene) | 1392 | private bool CanEditObjectPerms(SceneObjectGroup sog, UUID userID) |
1040 | { | 1393 | { |
1041 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | 1394 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
1042 | if (m_bypassPermissions) return m_bypassPermissionsValue; | 1395 | if (m_bypassPermissions) return m_bypassPermissionsValue; |
1043 | 1396 | ||
1044 | return GenericObjectPermission(editorID, objectID, false); | 1397 | if (sog == null) |
1398 | return false; | ||
1399 | |||
1400 | if(sog.OwnerID == userID || IsAdministrator(userID)) | ||
1401 | return true; | ||
1402 | |||
1403 | UUID sogGroupID = sog.GroupID; | ||
1404 | if(sogGroupID == UUID.Zero || sogGroupID != sog.OwnerID) | ||
1405 | return false; | ||
1406 | |||
1407 | uint perms = sog.EffectiveOwnerPerms; | ||
1408 | if((perms & (uint)PermissionMask.Modify) == 0) | ||
1409 | return false; | ||
1410 | |||
1411 | ulong powers = 0; | ||
1412 | if(GroupMemberPowers(sogGroupID, userID, ref powers)) | ||
1413 | { | ||
1414 | if((powers & (ulong)GroupPowers.ObjectManipulate) != 0) | ||
1415 | return true; | ||
1416 | } | ||
1417 | |||
1418 | return false; | ||
1045 | } | 1419 | } |
1046 | 1420 | ||
1047 | private bool CanEditObjectInventory(UUID objectID, UUID editorID, Scene scene) | 1421 | private bool CanEditObjectInventory(UUID objectID, UUID userID) |
1048 | { | 1422 | { |
1049 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | 1423 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
1050 | if (m_bypassPermissions) return m_bypassPermissionsValue; | 1424 | if (m_bypassPermissions) return m_bypassPermissionsValue; |
1051 | 1425 | ||
1052 | return GenericObjectPermission(editorID, objectID, false); | 1426 | SceneObjectGroup sog = m_scene.GetGroupByPrim(objectID); |
1427 | if (sog == null) | ||
1428 | return false; | ||
1429 | |||
1430 | uint perms = GetObjectPermissions(userID, sog, true); | ||
1431 | if((perms & (uint)PermissionMask.Modify) == 0) | ||
1432 | return false; | ||
1433 | return true; | ||
1053 | } | 1434 | } |
1054 | 1435 | ||
1055 | private bool CanEditParcelProperties(UUID user, ILandObject parcel, GroupPowers p, Scene scene) | 1436 | private bool CanEditParcelProperties(UUID userID, ILandObject parcel, GroupPowers p, bool allowManager) |
1056 | { | 1437 | { |
1057 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | 1438 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
1058 | if (m_bypassPermissions) return m_bypassPermissionsValue; | 1439 | if (m_bypassPermissions) return m_bypassPermissionsValue; |
1059 | 1440 | ||
1060 | return GenericParcelOwnerPermission(user, parcel, (ulong)p, false); | 1441 | return GenericParcelOwnerPermission(userID, parcel, (ulong)p, false); |
1061 | } | 1442 | } |
1062 | 1443 | ||
1063 | /// <summary> | 1444 | /// <summary> |
@@ -1068,18 +1449,18 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1068 | /// <param name="user"></param> | 1449 | /// <param name="user"></param> |
1069 | /// <param name="scene"></param> | 1450 | /// <param name="scene"></param> |
1070 | /// <returns></returns> | 1451 | /// <returns></returns> |
1071 | private bool CanEditScript(UUID script, UUID objectID, UUID user, Scene scene) | 1452 | private bool CanEditScript(UUID script, UUID objectID, UUID userID) |
1072 | { | 1453 | { |
1073 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | 1454 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
1074 | if (m_bypassPermissions) return m_bypassPermissionsValue; | 1455 | if (m_bypassPermissions) return m_bypassPermissionsValue; |
1075 | 1456 | ||
1076 | if (m_allowedScriptEditors == UserSet.Administrators && !IsAdministrator(user)) | 1457 | if (m_allowedScriptEditors == UserSet.Administrators && !IsAdministrator(userID)) |
1077 | return false; | 1458 | return false; |
1078 | 1459 | ||
1079 | // Ordinarily, if you can view it, you can edit it | 1460 | // Ordinarily, if you can view it, you can edit it |
1080 | // There is no viewing a no mod script | 1461 | // There is no viewing a no mod script |
1081 | // | 1462 | // |
1082 | return CanViewScript(script, objectID, user, scene); | 1463 | return CanViewScript(script, objectID, userID); |
1083 | } | 1464 | } |
1084 | 1465 | ||
1085 | /// <summary> | 1466 | /// <summary> |
@@ -1090,7 +1471,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1090 | /// <param name="user"></param> | 1471 | /// <param name="user"></param> |
1091 | /// <param name="scene"></param> | 1472 | /// <param name="scene"></param> |
1092 | /// <returns></returns> | 1473 | /// <returns></returns> |
1093 | private bool CanEditNotecard(UUID notecard, UUID objectID, UUID user, Scene scene) | 1474 | private bool CanEditNotecard(UUID notecard, UUID objectID, UUID user) |
1094 | { | 1475 | { |
1095 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | 1476 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
1096 | if (m_bypassPermissions) return m_bypassPermissionsValue; | 1477 | if (m_bypassPermissions) return m_bypassPermissionsValue; |
@@ -1098,8 +1479,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1098 | if (objectID == UUID.Zero) // User inventory | 1479 | if (objectID == UUID.Zero) // User inventory |
1099 | { | 1480 | { |
1100 | IInventoryService invService = m_scene.InventoryService; | 1481 | IInventoryService invService = m_scene.InventoryService; |
1101 | InventoryItemBase assetRequestItem = new InventoryItemBase(notecard, user); | 1482 | InventoryItemBase assetRequestItem = invService.GetItem(user, notecard); |
1102 | assetRequestItem = invService.GetItem(assetRequestItem); | ||
1103 | if (assetRequestItem == null && LibraryRootFolder != null) // Library item | 1483 | if (assetRequestItem == null && LibraryRootFolder != null) // Library item |
1104 | { | 1484 | { |
1105 | assetRequestItem = LibraryRootFolder.FindItem(notecard); | 1485 | assetRequestItem = LibraryRootFolder.FindItem(notecard); |
@@ -1122,69 +1502,68 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1122 | } | 1502 | } |
1123 | else // Prim inventory | 1503 | else // Prim inventory |
1124 | { | 1504 | { |
1125 | SceneObjectPart part = scene.GetSceneObjectPart(objectID); | 1505 | SceneObjectPart part = m_scene.GetSceneObjectPart(objectID); |
1126 | |||
1127 | if (part == null) | 1506 | if (part == null) |
1128 | return false; | 1507 | return false; |
1129 | 1508 | ||
1130 | if (part.OwnerID != user) | 1509 | SceneObjectGroup sog = part.ParentGroup; |
1131 | { | 1510 | if (sog == null) |
1132 | if (part.GroupID == UUID.Zero) | 1511 | return false; |
1133 | return false; | ||
1134 | 1512 | ||
1135 | if (!IsGroupMember(part.GroupID, user, 0)) | 1513 | // check object mod right |
1136 | return false; | 1514 | uint perms = GetObjectPermissions(user, sog, true); |
1137 | 1515 | if((perms & (uint)PermissionMask.Modify) == 0) | |
1138 | if ((part.GroupMask & (uint)PermissionMask.Modify) == 0) | ||
1139 | return false; | ||
1140 | } | ||
1141 | else | ||
1142 | { | ||
1143 | if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0) | ||
1144 | return false; | 1516 | return false; |
1145 | } | ||
1146 | 1517 | ||
1147 | TaskInventoryItem ti = part.Inventory.GetInventoryItem(notecard); | 1518 | TaskInventoryItem ti = part.Inventory.GetInventoryItem(notecard); |
1148 | |||
1149 | if (ti == null) | 1519 | if (ti == null) |
1150 | return false; | 1520 | return false; |
1151 | 1521 | ||
1152 | if (ti.OwnerID != user) | 1522 | if (ti.OwnerID != user) |
1153 | { | 1523 | { |
1154 | if (ti.GroupID == UUID.Zero) | 1524 | UUID tiGroupID = ti.GroupID; |
1525 | if (tiGroupID == UUID.Zero) | ||
1155 | return false; | 1526 | return false; |
1156 | 1527 | ||
1157 | if (!IsGroupMember(ti.GroupID, user, 0)) | 1528 | ulong powers = 0; |
1529 | if(!GroupMemberPowers(tiGroupID, user, ref powers)) | ||
1158 | return false; | 1530 | return false; |
1531 | |||
1532 | if(tiGroupID == ti.OwnerID && (powers & (ulong)GroupPowers.ObjectManipulate) != 0) | ||
1533 | { | ||
1534 | if ((ti.CurrentPermissions & ((uint)PermissionMask.Modify | (uint)PermissionMask.Copy)) == | ||
1535 | ((uint)PermissionMask.Modify | (uint)PermissionMask.Copy)) | ||
1536 | return true; | ||
1537 | } | ||
1538 | if ((ti.GroupPermissions & ((uint)PermissionMask.Modify | (uint)PermissionMask.Copy)) == | ||
1539 | ((uint)PermissionMask.Modify | (uint)PermissionMask.Copy)) | ||
1540 | return true; | ||
1541 | return false; | ||
1159 | } | 1542 | } |
1160 | 1543 | ||
1161 | // Require full perms | 1544 | // Require full perms |
1162 | if ((ti.CurrentPermissions & | 1545 | if ((ti.CurrentPermissions & ((uint)PermissionMask.Modify | (uint)PermissionMask.Copy)) != |
1163 | ((uint)PermissionMask.Modify | | 1546 | ((uint)PermissionMask.Modify | (uint)PermissionMask.Copy)) |
1164 | (uint)PermissionMask.Copy)) != | ||
1165 | ((uint)PermissionMask.Modify | | ||
1166 | (uint)PermissionMask.Copy)) | ||
1167 | return false; | 1547 | return false; |
1168 | } | 1548 | } |
1169 | |||
1170 | return true; | 1549 | return true; |
1171 | } | 1550 | } |
1172 | 1551 | ||
1173 | private bool CanInstantMessage(UUID user, UUID target, Scene startScene) | 1552 | private bool CanInstantMessage(UUID user, UUID target) |
1174 | { | 1553 | { |
1175 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | 1554 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
1176 | if (m_bypassPermissions) return m_bypassPermissionsValue; | 1555 | if (m_bypassPermissions) return m_bypassPermissionsValue; |
1177 | 1556 | ||
1178 | // If the sender is an object, check owner instead | 1557 | // If the sender is an object, check owner instead |
1179 | // | 1558 | // |
1180 | SceneObjectPart part = startScene.GetSceneObjectPart(user); | 1559 | SceneObjectPart part = m_scene.GetSceneObjectPart(user); |
1181 | if (part != null) | 1560 | if (part != null) |
1182 | user = part.OwnerID; | 1561 | user = part.OwnerID; |
1183 | 1562 | ||
1184 | return GenericCommunicationPermission(user, target); | 1563 | return GenericCommunicationPermission(user, target); |
1185 | } | 1564 | } |
1186 | 1565 | ||
1187 | private bool CanInventoryTransfer(UUID user, UUID target, Scene startScene) | 1566 | private bool CanInventoryTransfer(UUID user, UUID target) |
1188 | { | 1567 | { |
1189 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | 1568 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
1190 | if (m_bypassPermissions) return m_bypassPermissionsValue; | 1569 | if (m_bypassPermissions) return m_bypassPermissionsValue; |
@@ -1192,7 +1571,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1192 | return GenericCommunicationPermission(user, target); | 1571 | return GenericCommunicationPermission(user, target); |
1193 | } | 1572 | } |
1194 | 1573 | ||
1195 | private bool CanIssueEstateCommand(UUID user, Scene requestFromScene, bool ownerCommand) | 1574 | private bool CanIssueEstateCommand(UUID user, bool ownerCommand) |
1196 | { | 1575 | { |
1197 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | 1576 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
1198 | if (m_bypassPermissions) return m_bypassPermissionsValue; | 1577 | if (m_bypassPermissions) return m_bypassPermissionsValue; |
@@ -1200,174 +1579,161 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1200 | if (IsAdministrator(user)) | 1579 | if (IsAdministrator(user)) |
1201 | return true; | 1580 | return true; |
1202 | 1581 | ||
1203 | if (m_scene.RegionInfo.EstateSettings.IsEstateOwner(user)) | ||
1204 | return true; | ||
1205 | |||
1206 | if (ownerCommand) | 1582 | if (ownerCommand) |
1207 | return false; | 1583 | return m_scene.RegionInfo.EstateSettings.IsEstateOwner(user); |
1208 | 1584 | ||
1209 | return GenericEstatePermission(user); | 1585 | return IsEstateManager(user); |
1210 | } | 1586 | } |
1211 | 1587 | ||
1212 | private bool CanMoveObject(UUID objectID, UUID moverID, Scene scene) | 1588 | private bool CanMoveObject(SceneObjectGroup sog, ScenePresence sp) |
1213 | { | 1589 | { |
1214 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | 1590 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
1591 | |||
1592 | if(sog == null || sog.IsDeleted || sp == null || sp.IsDeleted) | ||
1593 | return false; | ||
1594 | |||
1215 | if (m_bypassPermissions) | 1595 | if (m_bypassPermissions) |
1216 | { | 1596 | { |
1217 | SceneObjectPart part = scene.GetSceneObjectPart(objectID); | 1597 | if (sog.OwnerID != sp.UUID && sog.IsAttachment) |
1218 | if (part.OwnerID != moverID) | 1598 | return false; |
1219 | { | ||
1220 | if (!part.ParentGroup.IsDeleted) | ||
1221 | { | ||
1222 | if (part.ParentGroup.IsAttachment) | ||
1223 | return false; | ||
1224 | } | ||
1225 | } | ||
1226 | return m_bypassPermissionsValue; | 1599 | return m_bypassPermissionsValue; |
1227 | } | 1600 | } |
1228 | 1601 | ||
1229 | bool permission = GenericObjectPermission(moverID, objectID, true); | 1602 | uint perms = GetObjectPermissions(sp, sog, true); |
1230 | if (!permission) | 1603 | if((perms & (uint)PermissionMask.Move) == 0) |
1231 | { | 1604 | return false; |
1232 | if (!m_scene.Entities.ContainsKey(objectID)) | 1605 | return true; |
1233 | { | 1606 | } |
1234 | return false; | ||
1235 | } | ||
1236 | 1607 | ||
1237 | // The client | 1608 | private bool CanObjectEntry(SceneObjectGroup sog, bool enteringRegion, Vector3 newPoint) |
1238 | // may request to edit linked parts, and therefore, it needs | 1609 | { |
1239 | // to also check for SceneObjectPart | 1610 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
1240 | 1611 | ||
1241 | // If it's not an object, we cant edit it. | 1612 | float newX = newPoint.X; |
1242 | if ((!(m_scene.Entities[objectID] is SceneObjectGroup))) | 1613 | float newY = newPoint.Y; |
1243 | { | ||
1244 | return false; | ||
1245 | } | ||
1246 | 1614 | ||
1615 | // allow outside region this is needed for crossings | ||
1616 | if (newX < -1f || newX > (m_scene.RegionInfo.RegionSizeX + 1.0f) || | ||
1617 | newY < -1f || newY > (m_scene.RegionInfo.RegionSizeY + 1.0f) ) | ||
1618 | return true; | ||
1247 | 1619 | ||
1248 | SceneObjectGroup task = (SceneObjectGroup)m_scene.Entities[objectID]; | 1620 | if(sog == null || sog.IsDeleted) |
1621 | return false; | ||
1249 | 1622 | ||
1623 | if (m_bypassPermissions) | ||
1624 | return m_bypassPermissionsValue; | ||
1250 | 1625 | ||
1251 | // UUID taskOwner = null; | 1626 | ILandObject parcel = m_scene.LandChannel.GetLandObject(newX, newY); |
1252 | // Added this because at this point in time it wouldn't be wise for | 1627 | if (parcel == null) |
1253 | // the administrator object permissions to take effect. | 1628 | return false; |
1254 | // UUID objectOwner = task.OwnerID; | ||
1255 | 1629 | ||
1256 | // Anyone can move | 1630 | if ((parcel.LandData.Flags & ((int)ParcelFlags.AllowAPrimitiveEntry)) != 0) |
1257 | if ((task.RootPart.EveryoneMask & PERM_MOVE) != 0) | 1631 | return true; |
1258 | permission = true; | ||
1259 | 1632 | ||
1260 | // Locked | 1633 | if (!enteringRegion) |
1261 | if ((task.RootPart.OwnerMask & PERM_LOCKED) == 0) | ||
1262 | permission = false; | ||
1263 | } | ||
1264 | else | ||
1265 | { | 1634 | { |
1266 | bool locked = false; | 1635 | Vector3 oldPoint = sog.AbsolutePosition; |
1267 | if (!m_scene.Entities.ContainsKey(objectID)) | 1636 | ILandObject fromparcel = m_scene.LandChannel.GetLandObject(oldPoint.X, oldPoint.Y); |
1268 | { | 1637 | if (fromparcel != null && fromparcel.Equals(parcel)) // it already entered parcel ???? |
1269 | return false; | 1638 | return true; |
1270 | } | 1639 | } |
1271 | |||
1272 | // If it's not an object, we cant edit it. | ||
1273 | if ((!(m_scene.Entities[objectID] is SceneObjectGroup))) | ||
1274 | { | ||
1275 | return false; | ||
1276 | } | ||
1277 | 1640 | ||
1278 | SceneObjectGroup group = (SceneObjectGroup)m_scene.Entities[objectID]; | 1641 | UUID userID = sog.OwnerID; |
1642 | LandData landdata = parcel.LandData; | ||
1279 | 1643 | ||
1280 | UUID objectOwner = group.OwnerID; | 1644 | if (landdata.OwnerID == userID) |
1281 | locked = ((group.RootPart.OwnerMask & PERM_LOCKED) == 0); | 1645 | return true; |
1282 | 1646 | ||
1283 | // This is an exception to the generic object permission. | 1647 | if (IsAdministrator(userID)) |
1284 | // Administrators who lock their objects should not be able to move them, | 1648 | return true; |
1285 | // however generic object permission should return true. | ||
1286 | // This keeps locked objects from being affected by random click + drag actions by accident | ||
1287 | // and allows the administrator to grab or delete a locked object. | ||
1288 | 1649 | ||
1289 | // Administrators and estate managers are still able to click+grab locked objects not | 1650 | UUID landGroupID = landdata.GroupID; |
1290 | // owned by them in the scene | 1651 | if (landGroupID != UUID.Zero) |
1291 | // This is by design. | 1652 | { |
1653 | if ((parcel.LandData.Flags & ((int)ParcelFlags.AllowGroupObjectEntry)) != 0) | ||
1654 | return IsGroupMember(landGroupID, userID, 0); | ||
1292 | 1655 | ||
1293 | if (locked && (moverID == objectOwner)) | 1656 | if (landdata.IsGroupOwned && IsGroupMember(landGroupID, userID, (ulong)GroupPowers.AllowRez)) |
1294 | return false; | 1657 | return true; |
1295 | } | 1658 | } |
1296 | return permission; | 1659 | |
1660 | //Otherwise, false! | ||
1661 | return false; | ||
1297 | } | 1662 | } |
1298 | 1663 | ||
1299 | private bool CanObjectEntry(UUID objectID, bool enteringRegion, Vector3 newPoint, Scene scene) | 1664 | private bool OnObjectEnterWithScripts(SceneObjectGroup sog, ILandObject parcel) |
1300 | { | 1665 | { |
1301 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | 1666 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
1302 | if (m_bypassPermissions) return m_bypassPermissionsValue; | ||
1303 | 1667 | ||
1304 | if ((newPoint.X > 257f || newPoint.X < -1f || newPoint.Y > 257f || newPoint.Y < -1f)) | 1668 | if(sog == null || sog.IsDeleted) |
1305 | { | 1669 | return false; |
1306 | return true; | ||
1307 | } | ||
1308 | 1670 | ||
1309 | SceneObjectGroup task = (SceneObjectGroup)m_scene.Entities[objectID]; | 1671 | if (m_bypassPermissions) |
1672 | return m_bypassPermissionsValue; | ||
1310 | 1673 | ||
1311 | ILandObject land = m_scene.LandChannel.GetLandObject(newPoint.X, newPoint.Y); | 1674 | if (parcel == null) |
1675 | return true; | ||
1312 | 1676 | ||
1313 | if (!enteringRegion) | 1677 | int checkflags = ((int)ParcelFlags.AllowAPrimitiveEntry); |
1314 | { | 1678 | bool scripts = (sog.ScriptCount() > 0); |
1315 | ILandObject fromland = m_scene.LandChannel.GetLandObject(task.AbsolutePosition.X, task.AbsolutePosition.Y); | 1679 | if(scripts) |
1680 | checkflags |= ((int)ParcelFlags.AllowOtherScripts); | ||
1316 | 1681 | ||
1317 | if (fromland == land) // Not entering | 1682 | if ((parcel.LandData.Flags & checkflags) == checkflags) |
1318 | return true; | 1683 | return true; |
1319 | } | ||
1320 | 1684 | ||
1321 | if (land == null) | 1685 | UUID userID = sog.OwnerID; |
1322 | { | 1686 | LandData landdata = parcel.LandData; |
1323 | return false; | ||
1324 | } | ||
1325 | 1687 | ||
1326 | if ((land.LandData.Flags & ((int)ParcelFlags.AllowAPrimitiveEntry)) != 0) | 1688 | if (landdata.OwnerID == userID) |
1327 | { | ||
1328 | return true; | 1689 | return true; |
1329 | } | ||
1330 | 1690 | ||
1331 | if (!m_scene.Entities.ContainsKey(objectID)) | 1691 | if (IsAdministrator(userID)) |
1332 | { | 1692 | return true; |
1333 | return false; | ||
1334 | } | ||
1335 | 1693 | ||
1336 | // If it's not an object, we cant edit it. | 1694 | UUID landGroupID = landdata.GroupID; |
1337 | if (!(m_scene.Entities[objectID] is SceneObjectGroup)) | 1695 | if (landGroupID != UUID.Zero) |
1338 | { | 1696 | { |
1339 | return false; | 1697 | checkflags = (int)ParcelFlags.AllowGroupObjectEntry; |
1340 | } | 1698 | if(scripts) |
1699 | checkflags |= ((int)ParcelFlags.AllowGroupScripts); | ||
1341 | 1700 | ||
1701 | if ((parcel.LandData.Flags & checkflags) == checkflags) | ||
1702 | return IsGroupMember(landGroupID, userID, 0); | ||
1342 | 1703 | ||
1343 | if (GenericParcelPermission(task.OwnerID, newPoint, 0)) | 1704 | if (landdata.IsGroupOwned && IsGroupMember(landGroupID, userID, (ulong)GroupPowers.AllowRez)) |
1344 | { | 1705 | return true; |
1345 | return true; | ||
1346 | } | 1706 | } |
1347 | 1707 | ||
1348 | //Otherwise, false! | 1708 | //Otherwise, false! |
1349 | return false; | 1709 | return false; |
1350 | } | 1710 | } |
1351 | 1711 | ||
1352 | private bool CanReturnObjects(ILandObject land, UUID user, List<SceneObjectGroup> objects, Scene scene) | 1712 | private bool CanReturnObjects(ILandObject land, ScenePresence sp, List<SceneObjectGroup> objects) |
1353 | { | 1713 | { |
1354 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | 1714 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
1355 | if (m_bypassPermissions) return m_bypassPermissionsValue; | 1715 | if (m_bypassPermissions) return m_bypassPermissionsValue; |
1356 | 1716 | ||
1357 | GroupPowers powers; | 1717 | if(sp == null) |
1358 | ILandObject l; | 1718 | return true; // assuming that in this case rights are as owner |
1359 | 1719 | ||
1360 | ScenePresence sp = scene.GetScenePresence(user); | 1720 | UUID userID = sp.UUID; |
1361 | if (sp == null) | 1721 | bool isPrivUser = sp.IsGod || IsEstateManager(userID); |
1362 | return false; | ||
1363 | 1722 | ||
1364 | IClientAPI client = sp.ControllingClient; | 1723 | IClientAPI client = sp.ControllingClient; |
1365 | 1724 | ||
1725 | ulong powers = 0; | ||
1726 | ILandObject l; | ||
1727 | |||
1366 | foreach (SceneObjectGroup g in new List<SceneObjectGroup>(objects)) | 1728 | foreach (SceneObjectGroup g in new List<SceneObjectGroup>(objects)) |
1367 | { | 1729 | { |
1368 | // Any user can return their own objects at any time | 1730 | if(g.IsAttachment) |
1369 | // | 1731 | { |
1370 | if (GenericObjectPermission(user, g.UUID, false)) | 1732 | objects.Remove(g); |
1733 | continue; | ||
1734 | } | ||
1735 | |||
1736 | if (isPrivUser || g.OwnerID == userID) | ||
1371 | continue; | 1737 | continue; |
1372 | 1738 | ||
1373 | // This is a short cut for efficiency. If land is non-null, | 1739 | // This is a short cut for efficiency. If land is non-null, |
@@ -1381,39 +1747,40 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1381 | else | 1747 | else |
1382 | { | 1748 | { |
1383 | Vector3 pos = g.AbsolutePosition; | 1749 | Vector3 pos = g.AbsolutePosition; |
1384 | 1750 | l = m_scene.LandChannel.GetLandObject(pos.X, pos.Y); | |
1385 | l = scene.LandChannel.GetLandObject(pos.X, pos.Y); | ||
1386 | } | 1751 | } |
1387 | 1752 | ||
1388 | // If it's not over any land, then we can't do a thing | 1753 | // If it's not over any land, then we can't do a thing |
1389 | if (l == null) | 1754 | if (l == null || l.LandData == null) |
1390 | { | 1755 | { |
1391 | objects.Remove(g); | 1756 | objects.Remove(g); |
1392 | continue; | 1757 | continue; |
1393 | } | 1758 | } |
1394 | 1759 | ||
1760 | LandData ldata = l.LandData; | ||
1395 | // If we own the land outright, then allow | 1761 | // If we own the land outright, then allow |
1396 | // | 1762 | // |
1397 | if (l.LandData.OwnerID == user) | 1763 | if (ldata.OwnerID == userID) |
1398 | continue; | 1764 | continue; |
1399 | 1765 | ||
1400 | // Group voodoo | 1766 | // Group voodoo |
1401 | // | 1767 | // |
1402 | if (l.LandData.IsGroupOwned) | 1768 | if (ldata.IsGroupOwned) |
1403 | { | 1769 | { |
1404 | powers = (GroupPowers)client.GetGroupPowers(l.LandData.GroupID); | 1770 | UUID lGroupID = ldata.GroupID; |
1405 | // Not a group member, or no rights at all | 1771 | // Not a group member, or no rights at all |
1406 | // | 1772 | // |
1407 | if (powers == (GroupPowers)0) | 1773 | powers = client.GetGroupPowers(lGroupID); |
1774 | if(powers == 0) | ||
1408 | { | 1775 | { |
1409 | objects.Remove(g); | 1776 | objects.Remove(g); |
1410 | continue; | 1777 | continue; |
1411 | } | 1778 | } |
1412 | 1779 | ||
1413 | // Group deeded object? | 1780 | // Group deeded object? |
1414 | // | 1781 | // |
1415 | if (g.OwnerID == l.LandData.GroupID && | 1782 | if (g.OwnerID == lGroupID && |
1416 | (powers & GroupPowers.ReturnGroupOwned) == (GroupPowers)0) | 1783 | (powers & (ulong)GroupPowers.ReturnGroupOwned) == 0) |
1417 | { | 1784 | { |
1418 | objects.Remove(g); | 1785 | objects.Remove(g); |
1419 | continue; | 1786 | continue; |
@@ -1421,14 +1788,14 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1421 | 1788 | ||
1422 | // Group set object? | 1789 | // Group set object? |
1423 | // | 1790 | // |
1424 | if (g.GroupID == l.LandData.GroupID && | 1791 | if (g.GroupID == lGroupID && |
1425 | (powers & GroupPowers.ReturnGroupSet) == (GroupPowers)0) | 1792 | (powers & (ulong)GroupPowers.ReturnGroupSet) == 0) |
1426 | { | 1793 | { |
1427 | objects.Remove(g); | 1794 | objects.Remove(g); |
1428 | continue; | 1795 | continue; |
1429 | } | 1796 | } |
1430 | 1797 | ||
1431 | if ((powers & GroupPowers.ReturnNonGroup) == (GroupPowers)0) | 1798 | if ((powers & (ulong)GroupPowers.ReturnNonGroup) == 0) |
1432 | { | 1799 | { |
1433 | objects.Remove(g); | 1800 | objects.Remove(g); |
1434 | continue; | 1801 | continue; |
@@ -1451,41 +1818,41 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1451 | return true; | 1818 | return true; |
1452 | } | 1819 | } |
1453 | 1820 | ||
1454 | private bool CanRezObject(int objectCount, UUID owner, Vector3 objectPosition, Scene scene) | 1821 | private bool CanRezObject(int objectCount, UUID userID, Vector3 objectPosition) |
1455 | { | 1822 | { |
1456 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | 1823 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
1457 | if (m_bypassPermissions) return m_bypassPermissionsValue; | 1824 | if (m_bypassPermissions) |
1825 | return m_bypassPermissionsValue; | ||
1458 | 1826 | ||
1459 | // m_log.DebugFormat("[PERMISSIONS MODULE]: Checking rez object at {0} in {1}", objectPosition, m_scene.Name); | 1827 | // m_log.DebugFormat("[PERMISSIONS MODULE]: Checking rez object at {0} in {1}", objectPosition, m_scene.Name); |
1460 | 1828 | ||
1461 | ILandObject parcel = m_scene.LandChannel.GetLandObject(objectPosition.X, objectPosition.Y); | 1829 | ILandObject parcel = m_scene.LandChannel.GetLandObject(objectPosition.X, objectPosition.Y); |
1462 | if (parcel == null) | 1830 | if (parcel == null || parcel.LandData == null) |
1463 | return false; | 1831 | return false; |
1464 | 1832 | ||
1465 | if ((parcel.LandData.Flags & (uint)ParcelFlags.CreateObjects) != 0) | 1833 | LandData landdata = parcel.LandData; |
1466 | { | 1834 | if ((userID == landdata.OwnerID)) |
1467 | return true; | ||
1468 | } | ||
1469 | else if ((owner == parcel.LandData.OwnerID) || IsAdministrator(owner)) | ||
1470 | { | ||
1471 | return true; | 1835 | return true; |
1472 | } | 1836 | |
1473 | else if (((parcel.LandData.Flags & (uint)ParcelFlags.CreateGroupObjects) != 0) | 1837 | if ((landdata.Flags & (uint)ParcelFlags.CreateObjects) != 0) |
1474 | && (parcel.LandData.GroupID != UUID.Zero) && IsGroupMember(parcel.LandData.GroupID, owner, 0)) | ||
1475 | { | ||
1476 | return true; | 1838 | return true; |
1477 | } | 1839 | |
1478 | else if (parcel.LandData.GroupID != UUID.Zero && IsGroupMember(parcel.LandData.GroupID, owner, (ulong)GroupPowers.AllowRez)) | 1840 | if(IsAdministrator(userID)) |
1479 | { | ||
1480 | return true; | 1841 | return true; |
1481 | } | 1842 | |
1482 | else | 1843 | if(landdata.GroupID != UUID.Zero) |
1483 | { | 1844 | { |
1484 | return false; | 1845 | if ((landdata.Flags & (uint)ParcelFlags.CreateGroupObjects) != 0) |
1846 | return IsGroupMember(landdata.GroupID, userID, 0); | ||
1847 | |||
1848 | if (landdata.IsGroupOwned && IsGroupMember(landdata.GroupID, userID, (ulong)GroupPowers.AllowRez)) | ||
1849 | return true; | ||
1485 | } | 1850 | } |
1851 | |||
1852 | return false; | ||
1486 | } | 1853 | } |
1487 | 1854 | ||
1488 | private bool CanRunConsoleCommand(UUID user, Scene requestFromScene) | 1855 | private bool CanRunConsoleCommand(UUID user) |
1489 | { | 1856 | { |
1490 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | 1857 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
1491 | if (m_bypassPermissions) return m_bypassPermissionsValue; | 1858 | if (m_bypassPermissions) return m_bypassPermissionsValue; |
@@ -1494,82 +1861,214 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1494 | return IsAdministrator(user); | 1861 | return IsAdministrator(user); |
1495 | } | 1862 | } |
1496 | 1863 | ||
1497 | private bool CanRunScript(UUID script, UUID objectID, UUID user, Scene scene) | 1864 | private bool CanRunScript(TaskInventoryItem scriptitem, SceneObjectPart part) |
1498 | { | 1865 | { |
1499 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | 1866 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
1500 | if (m_bypassPermissions) return m_bypassPermissionsValue; | 1867 | if (m_bypassPermissions) return m_bypassPermissionsValue; |
1501 | 1868 | ||
1502 | return true; | 1869 | if(scriptitem == null || part == null) |
1870 | return false; | ||
1871 | |||
1872 | SceneObjectGroup sog = part.ParentGroup; | ||
1873 | if(sog == null) | ||
1874 | return false; | ||
1875 | |||
1876 | Vector3 pos = sog.AbsolutePosition; | ||
1877 | ILandObject parcel = m_scene.LandChannel.GetLandObject(pos.X, pos.Y); | ||
1878 | if (parcel == null) | ||
1879 | return false; | ||
1880 | |||
1881 | LandData ldata = parcel.LandData; | ||
1882 | if(ldata == null) | ||
1883 | return false; | ||
1884 | |||
1885 | uint lflags = ldata.Flags; | ||
1886 | |||
1887 | if ((lflags & (uint)ParcelFlags.AllowOtherScripts) != 0) | ||
1888 | return true; | ||
1889 | |||
1890 | if ((part.OwnerID == ldata.OwnerID)) | ||
1891 | return true; | ||
1892 | |||
1893 | if (((lflags & (uint)ParcelFlags.AllowGroupScripts) != 0) | ||
1894 | && (ldata.GroupID != UUID.Zero) && (ldata.GroupID == part.GroupID)) | ||
1895 | return true; | ||
1896 | |||
1897 | return GenericEstatePermission(part.OwnerID); | ||
1503 | } | 1898 | } |
1504 | 1899 | ||
1505 | private bool CanSellParcel(UUID user, ILandObject parcel, Scene scene) | 1900 | private bool CanSellParcel(UUID user, ILandObject parcel) |
1506 | { | 1901 | { |
1507 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | 1902 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
1508 | if (m_bypassPermissions) return m_bypassPermissionsValue; | 1903 | if (m_bypassPermissions) return m_bypassPermissionsValue; |
1509 | 1904 | ||
1510 | return GenericParcelOwnerPermission(user, parcel, (ulong)GroupPowers.LandSetSale, false); | 1905 | return GenericParcelOwnerPermission(user, parcel, (ulong)GroupPowers.LandSetSale, true); |
1511 | } | 1906 | } |
1512 | 1907 | ||
1513 | private bool CanTakeObject(UUID objectID, UUID stealer, Scene scene) | 1908 | private bool CanSellGroupObject(UUID userID, UUID groupID) |
1514 | { | 1909 | { |
1515 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | 1910 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
1516 | if (m_bypassPermissions) return m_bypassPermissionsValue; | 1911 | if (m_bypassPermissions) return m_bypassPermissionsValue; |
1517 | 1912 | ||
1518 | return GenericObjectPermission(stealer,objectID, false); | 1913 | return IsGroupMember(groupID, userID, (ulong)GroupPowers.ObjectSetForSale); |
1519 | } | 1914 | } |
1520 | 1915 | ||
1521 | private bool CanTakeCopyObject(UUID objectID, UUID userID, Scene inScene) | 1916 | private bool CanSellObjectByUserID(SceneObjectGroup sog, UUID userID, byte saleType) |
1522 | { | 1917 | { |
1523 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | 1918 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
1524 | if (m_bypassPermissions) return m_bypassPermissionsValue; | 1919 | if (m_bypassPermissions) return m_bypassPermissionsValue; |
1525 | 1920 | ||
1526 | bool permission = GenericObjectPermission(userID, objectID, false); | 1921 | if (sog == null || sog.IsDeleted || userID == UUID.Zero) |
1922 | return false; | ||
1527 | 1923 | ||
1528 | SceneObjectGroup so = (SceneObjectGroup)m_scene.Entities[objectID]; | 1924 | // sell is not a attachment op |
1925 | if(sog.IsAttachment) | ||
1926 | return false; | ||
1529 | 1927 | ||
1530 | if (!permission) | 1928 | if(IsAdministrator(userID)) |
1531 | { | 1929 | return true; |
1532 | if (!m_scene.Entities.ContainsKey(objectID)) | ||
1533 | { | ||
1534 | return false; | ||
1535 | } | ||
1536 | 1930 | ||
1537 | // If it's not an object, we cant edit it. | 1931 | uint sogEffectiveOwnerPerms = sog.EffectiveOwnerPerms; |
1538 | if (!(m_scene.Entities[objectID] is SceneObjectGroup)) | 1932 | if((sogEffectiveOwnerPerms & (uint)PermissionMask.Transfer) == 0) |
1539 | { | 1933 | return false; |
1540 | return false; | ||
1541 | } | ||
1542 | 1934 | ||
1543 | // UUID taskOwner = null; | 1935 | if(saleType == (byte)SaleType.Copy && |
1544 | // Added this because at this point in time it wouldn't be wise for | 1936 | (sogEffectiveOwnerPerms & (uint)PermissionMask.Copy) == 0) |
1545 | // the administrator object permissions to take effect. | 1937 | return false; |
1546 | // UUID objectOwner = task.OwnerID; | ||
1547 | 1938 | ||
1548 | if ((so.RootPart.EveryoneMask & PERM_COPY) != 0) | 1939 | UUID sogOwnerID = sog.OwnerID; |
1549 | permission = true; | 1940 | |
1550 | } | 1941 | if(sogOwnerID == userID) |
1942 | return true; | ||
1943 | |||
1944 | // else only group owned can be sold by members with powers | ||
1945 | UUID sogGroupID = sog.GroupID; | ||
1946 | if(sog.OwnerID != sogGroupID || sogGroupID == UUID.Zero) | ||
1947 | return false; | ||
1948 | |||
1949 | return IsGroupMember(sogGroupID, userID, (ulong)GroupPowers.ObjectSetForSale); | ||
1950 | } | ||
1951 | |||
1952 | private bool CanSellObject(SceneObjectGroup sog, ScenePresence sp, byte saleType) | ||
1953 | { | ||
1954 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | ||
1955 | if (m_bypassPermissions) return m_bypassPermissionsValue; | ||
1551 | 1956 | ||
1552 | if (so.OwnerID != userID) | 1957 | if (sog == null || sog.IsDeleted || sp == null || sp.IsDeleted) |
1958 | return false; | ||
1959 | |||
1960 | // sell is not a attachment op | ||
1961 | if(sog.IsAttachment) | ||
1962 | return false; | ||
1963 | |||
1964 | if(sp.IsGod) | ||
1965 | return true; | ||
1966 | |||
1967 | uint sogEffectiveOwnerPerms = sog.EffectiveOwnerPerms; | ||
1968 | if((sogEffectiveOwnerPerms & (uint)PermissionMask.Transfer) == 0) | ||
1969 | return false; | ||
1970 | |||
1971 | if(saleType == (byte)SaleType.Copy && | ||
1972 | (sogEffectiveOwnerPerms & (uint)PermissionMask.Copy) == 0) | ||
1973 | return false; | ||
1974 | |||
1975 | UUID userID = sp.UUID; | ||
1976 | UUID sogOwnerID = sog.OwnerID; | ||
1977 | |||
1978 | if(sogOwnerID == userID) | ||
1979 | return true; | ||
1980 | |||
1981 | // else only group owned can be sold by members with powers | ||
1982 | UUID sogGroupID = sog.GroupID; | ||
1983 | if(sog.OwnerID != sogGroupID || sogGroupID == UUID.Zero) | ||
1984 | return false; | ||
1985 | |||
1986 | ulong powers = 0; | ||
1987 | if(!GroupMemberPowers(sogGroupID, sp, ref powers)) | ||
1988 | return false; | ||
1989 | |||
1990 | if((powers & (ulong)GroupPowers.ObjectSetForSale) == 0) | ||
1991 | return false; | ||
1992 | |||
1993 | return true; | ||
1994 | } | ||
1995 | |||
1996 | private bool CanTakeObject(SceneObjectGroup sog, ScenePresence sp) | ||
1997 | { | ||
1998 | // ignore locked, viewers shell ask for confirmation | ||
1999 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | ||
2000 | if (m_bypassPermissions) return m_bypassPermissionsValue; | ||
2001 | |||
2002 | if (sog == null || sog.IsDeleted || sp == null || sp.IsDeleted) | ||
2003 | return false; | ||
2004 | |||
2005 | // take is not a attachment op | ||
2006 | if(sog.IsAttachment) | ||
2007 | return false; | ||
2008 | |||
2009 | UUID sogOwnerID = sog.OwnerID; | ||
2010 | UUID spID = sp.UUID; | ||
2011 | |||
2012 | if(sogOwnerID == spID) | ||
2013 | return true; | ||
2014 | |||
2015 | if (sp.IsGod) | ||
2016 | return true; | ||
2017 | |||
2018 | if((sog.EffectiveOwnerPerms & (uint)PermissionMask.Transfer) == 0) | ||
2019 | return false; | ||
2020 | |||
2021 | if (IsFriendWithPerms(sog.UUID, sogOwnerID)) | ||
2022 | return true; | ||
2023 | |||
2024 | UUID sogGroupID = sog.GroupID; | ||
2025 | if (sogGroupID != UUID.Zero) | ||
1553 | { | 2026 | { |
1554 | if ((so.GetEffectivePermissions() & (PERM_COPY | PERM_TRANS)) != (PERM_COPY | PERM_TRANS)) | 2027 | ulong powers = 0; |
1555 | permission = false; | 2028 | if(GroupMemberPowers(sogGroupID, sp, ref powers)) |
2029 | { | ||
2030 | if(sogGroupID == sogOwnerID) | ||
2031 | { | ||
2032 | if((powers & (ulong)GroupPowers.ObjectManipulate) != 0) | ||
2033 | return true; | ||
2034 | } | ||
2035 | return (sog.EffectiveGroupPerms & (uint)PermissionMask.Modify) != 0; | ||
2036 | } | ||
1556 | } | 2037 | } |
1557 | else | 2038 | return false; |
2039 | } | ||
2040 | |||
2041 | private bool CanTakeCopyObject(SceneObjectGroup sog, ScenePresence sp) | ||
2042 | { | ||
2043 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | ||
2044 | if (m_bypassPermissions) return m_bypassPermissionsValue; | ||
2045 | |||
2046 | if (sog == null || sog.IsDeleted || sp == null || sp.IsDeleted) | ||
2047 | return false; | ||
2048 | |||
2049 | // refuse on attachments | ||
2050 | if(sog.IsAttachment && !sp.IsGod) | ||
2051 | return false; | ||
2052 | |||
2053 | uint perms = GetObjectPermissions(sp, sog, true); | ||
2054 | if((perms & (uint)PermissionMask.Copy) == 0) | ||
1558 | { | 2055 | { |
1559 | if ((so.GetEffectivePermissions() & PERM_COPY) != PERM_COPY) | 2056 | sp.ControllingClient.SendAgentAlertMessage("Copying this item has been denied by the permissions system", false); |
1560 | permission = false; | 2057 | return false; |
1561 | } | 2058 | } |
1562 | 2059 | ||
1563 | return permission; | 2060 | if(sog.OwnerID != sp.UUID && (perms & (uint)PermissionMask.Transfer) == 0) |
2061 | return false; | ||
2062 | return true; | ||
1564 | } | 2063 | } |
1565 | 2064 | ||
1566 | private bool CanTerraformLand(UUID user, Vector3 position, Scene requestFromScene) | 2065 | private bool CanTerraformLand(UUID userID, Vector3 position) |
1567 | { | 2066 | { |
1568 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | 2067 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
1569 | if (m_bypassPermissions) return m_bypassPermissionsValue; | 2068 | if (m_bypassPermissions) return m_bypassPermissionsValue; |
1570 | 2069 | ||
1571 | // Estate override | 2070 | // Estate override |
1572 | if (GenericEstatePermission(user)) | 2071 | if (GenericEstatePermission(userID)) |
1573 | return true; | 2072 | return true; |
1574 | 2073 | ||
1575 | float X = position.X; | 2074 | float X = position.X; |
@@ -1587,13 +2086,19 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1587 | ILandObject parcel = m_scene.LandChannel.GetLandObject(X, Y); | 2086 | ILandObject parcel = m_scene.LandChannel.GetLandObject(X, Y); |
1588 | if (parcel == null) | 2087 | if (parcel == null) |
1589 | return false; | 2088 | return false; |
1590 | 2089 | ||
1591 | // Others allowed to terraform? | 2090 | LandData landdata = parcel.LandData; |
1592 | if ((parcel.LandData.Flags & ((int)ParcelFlags.AllowTerraform)) != 0) | 2091 | if (landdata == null) |
2092 | return false; | ||
2093 | |||
2094 | if ((landdata.Flags & ((int)ParcelFlags.AllowTerraform)) != 0) | ||
1593 | return true; | 2095 | return true; |
1594 | 2096 | ||
1595 | // Land owner can terraform too | 2097 | if(landdata.OwnerID == userID) |
1596 | if (parcel != null && GenericParcelPermission(user, parcel, (ulong)GroupPowers.AllowEditLand)) | 2098 | return true; |
2099 | |||
2100 | if (landdata.IsGroupOwned && parcel.LandData.GroupID != UUID.Zero && | ||
2101 | IsGroupMember(landdata.GroupID, userID, (ulong)GroupPowers.AllowEditLand)) | ||
1597 | return true; | 2102 | return true; |
1598 | 2103 | ||
1599 | return false; | 2104 | return false; |
@@ -1607,16 +2112,19 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1607 | /// <param name="user"></param> | 2112 | /// <param name="user"></param> |
1608 | /// <param name="scene"></param> | 2113 | /// <param name="scene"></param> |
1609 | /// <returns></returns> | 2114 | /// <returns></returns> |
1610 | private bool CanViewScript(UUID script, UUID objectID, UUID user, Scene scene) | 2115 | private bool CanViewScript(UUID script, UUID objectID, UUID userID) |
1611 | { | 2116 | { |
1612 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | 2117 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
1613 | if (m_bypassPermissions) return m_bypassPermissionsValue; | 2118 | if (m_bypassPermissions) return m_bypassPermissionsValue; |
1614 | 2119 | ||
2120 | // A god is a god is a god | ||
2121 | if (IsAdministrator(userID)) | ||
2122 | return true; | ||
2123 | |||
1615 | if (objectID == UUID.Zero) // User inventory | 2124 | if (objectID == UUID.Zero) // User inventory |
1616 | { | 2125 | { |
1617 | IInventoryService invService = m_scene.InventoryService; | 2126 | IInventoryService invService = m_scene.InventoryService; |
1618 | InventoryItemBase assetRequestItem = new InventoryItemBase(script, user); | 2127 | InventoryItemBase assetRequestItem = invService.GetItem(userID, script); |
1619 | assetRequestItem = invService.GetItem(assetRequestItem); | ||
1620 | if (assetRequestItem == null && LibraryRootFolder != null) // Library item | 2128 | if (assetRequestItem == null && LibraryRootFolder != null) // Library item |
1621 | { | 2129 | { |
1622 | assetRequestItem = LibraryRootFolder.FindItem(script); | 2130 | assetRequestItem = LibraryRootFolder.FindItem(script); |
@@ -1636,60 +2144,53 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1636 | // readable only if it's really full perms | 2144 | // readable only if it's really full perms |
1637 | // | 2145 | // |
1638 | if ((assetRequestItem.CurrentPermissions & | 2146 | if ((assetRequestItem.CurrentPermissions & |
2147 | /* | ||
1639 | ((uint)PermissionMask.Modify | | 2148 | ((uint)PermissionMask.Modify | |
1640 | (uint)PermissionMask.Copy | | 2149 | (uint)PermissionMask.Copy | |
1641 | (uint)PermissionMask.Transfer)) != | 2150 | (uint)PermissionMask.Transfer)) != |
1642 | ((uint)PermissionMask.Modify | | 2151 | ((uint)PermissionMask.Modify | |
1643 | (uint)PermissionMask.Copy | | 2152 | (uint)PermissionMask.Copy | |
1644 | (uint)PermissionMask.Transfer)) | 2153 | (uint)PermissionMask.Transfer)) |
2154 | */ | ||
2155 | (uint)(PermissionMask.Modify | PermissionMask.Copy)) != | ||
2156 | (uint)(PermissionMask.Modify | PermissionMask.Copy)) | ||
1645 | return false; | 2157 | return false; |
1646 | } | 2158 | } |
1647 | else // Prim inventory | 2159 | else // Prim inventory |
1648 | { | 2160 | { |
1649 | SceneObjectPart part = scene.GetSceneObjectPart(objectID); | 2161 | SceneObjectPart part = m_scene.GetSceneObjectPart(objectID); |
1650 | |||
1651 | if (part == null) | 2162 | if (part == null) |
1652 | return false; | 2163 | return false; |
1653 | |||
1654 | if (part.OwnerID != user) | ||
1655 | { | ||
1656 | if (part.GroupID == UUID.Zero) | ||
1657 | return false; | ||
1658 | 2164 | ||
1659 | if (!IsGroupMember(part.GroupID, user, 0)) | 2165 | SceneObjectGroup sog = part.ParentGroup; |
1660 | return false; | 2166 | if (sog == null) |
1661 | 2167 | return false; | |
1662 | if ((part.GroupMask & (uint)PermissionMask.Modify) == 0) | 2168 | |
1663 | return false; | 2169 | uint perms = GetObjectPermissions(userID, sog, true); |
1664 | } | 2170 | if((perms & (uint)PermissionMask.Modify) == 0) |
1665 | else | 2171 | return false; |
1666 | { | ||
1667 | if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0) | ||
1668 | return false; | ||
1669 | } | ||
1670 | 2172 | ||
1671 | TaskInventoryItem ti = part.Inventory.GetInventoryItem(script); | 2173 | TaskInventoryItem ti = part.Inventory.GetInventoryItem(script); |
1672 | 2174 | ||
1673 | if (ti == null) | 2175 | // if (ti == null || ti.InvType != (int)InventoryType.LSL) |
2176 | if (ti == null) // legacy may not have type | ||
1674 | return false; | 2177 | return false; |
1675 | 2178 | ||
1676 | if (ti.OwnerID != user) | 2179 | uint itperms = GetObjectItemPermissions(userID, ti); |
1677 | { | ||
1678 | if (ti.GroupID == UUID.Zero) | ||
1679 | return false; | ||
1680 | |||
1681 | if (!IsGroupMember(ti.GroupID, user, 0)) | ||
1682 | return false; | ||
1683 | } | ||
1684 | 2180 | ||
1685 | // Require full perms | 2181 | // Require full perms |
1686 | if ((ti.CurrentPermissions & | 2182 | |
1687 | ((uint)PermissionMask.Modify | | 2183 | if ((itperms & |
2184 | /* | ||
2185 | ((uint)(PermissionMask.Modify | | ||
1688 | (uint)PermissionMask.Copy | | 2186 | (uint)PermissionMask.Copy | |
1689 | (uint)PermissionMask.Transfer)) != | 2187 | (uint)PermissionMask.Transfer)) != |
1690 | ((uint)PermissionMask.Modify | | 2188 | ((uint)PermissionMask.Modify | |
1691 | (uint)PermissionMask.Copy | | 2189 | (uint)PermissionMask.Copy | |
1692 | (uint)PermissionMask.Transfer)) | 2190 | (uint)PermissionMask.Transfer)) |
2191 | */ | ||
2192 | (uint)(PermissionMask.Modify | PermissionMask.Copy)) != | ||
2193 | (uint)(PermissionMask.Modify | PermissionMask.Copy)) | ||
1693 | return false; | 2194 | return false; |
1694 | } | 2195 | } |
1695 | 2196 | ||
@@ -1704,16 +2205,19 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1704 | /// <param name="user"></param> | 2205 | /// <param name="user"></param> |
1705 | /// <param name="scene"></param> | 2206 | /// <param name="scene"></param> |
1706 | /// <returns></returns> | 2207 | /// <returns></returns> |
1707 | private bool CanViewNotecard(UUID notecard, UUID objectID, UUID user, Scene scene) | 2208 | private bool CanViewNotecard(UUID notecard, UUID objectID, UUID userID) |
1708 | { | 2209 | { |
1709 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | 2210 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
1710 | if (m_bypassPermissions) return m_bypassPermissionsValue; | 2211 | if (m_bypassPermissions) return m_bypassPermissionsValue; |
1711 | 2212 | ||
2213 | // A god is a god is a god | ||
2214 | if (IsAdministrator(userID)) | ||
2215 | return true; | ||
2216 | |||
1712 | if (objectID == UUID.Zero) // User inventory | 2217 | if (objectID == UUID.Zero) // User inventory |
1713 | { | 2218 | { |
1714 | IInventoryService invService = m_scene.InventoryService; | 2219 | IInventoryService invService = m_scene.InventoryService; |
1715 | InventoryItemBase assetRequestItem = new InventoryItemBase(notecard, user); | 2220 | InventoryItemBase assetRequestItem = invService.GetItem(userID, notecard); |
1716 | assetRequestItem = invService.GetItem(assetRequestItem); | ||
1717 | if (assetRequestItem == null && LibraryRootFolder != null) // Library item | 2221 | if (assetRequestItem == null && LibraryRootFolder != null) // Library item |
1718 | { | 2222 | { |
1719 | assetRequestItem = LibraryRootFolder.FindItem(notecard); | 2223 | assetRequestItem = LibraryRootFolder.FindItem(notecard); |
@@ -1731,40 +2235,29 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1731 | } | 2235 | } |
1732 | else // Prim inventory | 2236 | else // Prim inventory |
1733 | { | 2237 | { |
1734 | SceneObjectPart part = scene.GetSceneObjectPart(objectID); | 2238 | SceneObjectPart part = m_scene.GetSceneObjectPart(objectID); |
1735 | |||
1736 | if (part == null) | 2239 | if (part == null) |
1737 | return false; | 2240 | return false; |
1738 | |||
1739 | if (part.OwnerID != user) | ||
1740 | { | ||
1741 | if (part.GroupID == UUID.Zero) | ||
1742 | return false; | ||
1743 | |||
1744 | if (!IsGroupMember(part.GroupID, user, 0)) | ||
1745 | return false; | ||
1746 | } | ||
1747 | 2241 | ||
1748 | if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0) | 2242 | SceneObjectGroup sog = part.ParentGroup; |
2243 | if (sog == null) | ||
2244 | return false; | ||
2245 | |||
2246 | uint perms = GetObjectPermissions(userID, sog, true); | ||
2247 | if((perms & (uint)PermissionMask.Modify) == 0) | ||
1749 | return false; | 2248 | return false; |
1750 | 2249 | ||
1751 | TaskInventoryItem ti = part.Inventory.GetInventoryItem(notecard); | 2250 | TaskInventoryItem ti = part.Inventory.GetInventoryItem(notecard); |
1752 | 2251 | ||
2252 | // if (ti == null || ti.InvType != (int)InventoryType.Notecard) | ||
1753 | if (ti == null) | 2253 | if (ti == null) |
1754 | return false; | 2254 | return false; |
1755 | 2255 | ||
1756 | if (ti.OwnerID != user) | 2256 | uint itperms = GetObjectItemPermissions(userID, ti); |
1757 | { | ||
1758 | if (ti.GroupID == UUID.Zero) | ||
1759 | return false; | ||
1760 | |||
1761 | if (!IsGroupMember(ti.GroupID, user, 0)) | ||
1762 | return false; | ||
1763 | } | ||
1764 | 2257 | ||
1765 | // Notecards are always readable unless no copy | 2258 | // Notecards are always readable unless no copy |
1766 | // | 2259 | // |
1767 | if ((ti.CurrentPermissions & | 2260 | if ((itperms & |
1768 | (uint)PermissionMask.Copy) != | 2261 | (uint)PermissionMask.Copy) != |
1769 | (uint)PermissionMask.Copy) | 2262 | (uint)PermissionMask.Copy) |
1770 | return false; | 2263 | return false; |
@@ -1780,7 +2273,14 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1780 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | 2273 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
1781 | if (m_bypassPermissions) return m_bypassPermissionsValue; | 2274 | if (m_bypassPermissions) return m_bypassPermissionsValue; |
1782 | 2275 | ||
1783 | return GenericObjectPermission(userID, objectID, false); | 2276 | SceneObjectGroup sog = m_scene.GetGroupByPrim(objectID); |
2277 | if (sog == null) | ||
2278 | return false; | ||
2279 | |||
2280 | uint perms = GetObjectPermissions(userID, sog, true); | ||
2281 | if((perms & (uint)PermissionMask.Modify) == 0) | ||
2282 | return false; | ||
2283 | return true; | ||
1784 | } | 2284 | } |
1785 | 2285 | ||
1786 | private bool CanDelinkObject(UUID userID, UUID objectID) | 2286 | private bool CanDelinkObject(UUID userID, UUID objectID) |
@@ -1788,10 +2288,17 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1788 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | 2288 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
1789 | if (m_bypassPermissions) return m_bypassPermissionsValue; | 2289 | if (m_bypassPermissions) return m_bypassPermissionsValue; |
1790 | 2290 | ||
1791 | return GenericObjectPermission(userID, objectID, false); | 2291 | SceneObjectGroup sog = m_scene.GetGroupByPrim(objectID); |
2292 | if (sog == null) | ||
2293 | return false; | ||
2294 | |||
2295 | uint perms = GetObjectPermissions(userID, sog, true); | ||
2296 | if((perms & (uint)PermissionMask.Modify) == 0) | ||
2297 | return false; | ||
2298 | return true; | ||
1792 | } | 2299 | } |
1793 | 2300 | ||
1794 | private bool CanBuyLand(UUID userID, ILandObject parcel, Scene scene) | 2301 | private bool CanBuyLand(UUID userID, ILandObject parcel) |
1795 | { | 2302 | { |
1796 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | 2303 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
1797 | if (m_bypassPermissions) return m_bypassPermissionsValue; | 2304 | if (m_bypassPermissions) return m_bypassPermissionsValue; |
@@ -1804,6 +2311,138 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1804 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | 2311 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
1805 | if (m_bypassPermissions) return m_bypassPermissionsValue; | 2312 | if (m_bypassPermissions) return m_bypassPermissionsValue; |
1806 | 2313 | ||
2314 | SceneObjectPart part = m_scene.GetSceneObjectPart(objectID); | ||
2315 | if (part == null) | ||
2316 | return false; | ||
2317 | |||
2318 | SceneObjectGroup sog = part.ParentGroup; | ||
2319 | if (sog == null) | ||
2320 | return false; | ||
2321 | |||
2322 | if(sog.OwnerID == userID || IsAdministrator(userID)) | ||
2323 | return true; | ||
2324 | |||
2325 | if(sog.IsAttachment) | ||
2326 | return false; | ||
2327 | |||
2328 | UUID sogGroupID = sog.GroupID; | ||
2329 | |||
2330 | if(sogGroupID == UUID.Zero || sogGroupID != sog.OwnerID) | ||
2331 | return false; | ||
2332 | |||
2333 | TaskInventoryItem ti = part.Inventory.GetInventoryItem(itemID); | ||
2334 | if(ti == null) | ||
2335 | return false; | ||
2336 | |||
2337 | ulong powers = 0; | ||
2338 | if(GroupMemberPowers(sogGroupID, userID, ref powers)) | ||
2339 | { | ||
2340 | if((powers & (ulong)GroupPowers.ObjectManipulate) != 0) | ||
2341 | return true; | ||
2342 | |||
2343 | if((ti.EveryonePermissions & (uint)PermissionMask.Copy) != 0) | ||
2344 | return true; | ||
2345 | } | ||
2346 | return false; | ||
2347 | } | ||
2348 | |||
2349 | // object inventory to object inventory item drag and drop | ||
2350 | private bool CanDoObjectInvToObjectInv(TaskInventoryItem item, SceneObjectPart sourcePart, SceneObjectPart destPart) | ||
2351 | { | ||
2352 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | ||
2353 | |||
2354 | if (sourcePart == null || destPart == null || item == null) | ||
2355 | return false; | ||
2356 | |||
2357 | if (m_bypassPermissions) | ||
2358 | return m_bypassPermissionsValue; | ||
2359 | |||
2360 | SceneObjectGroup srcsog = sourcePart.ParentGroup; | ||
2361 | SceneObjectGroup destsog = destPart.ParentGroup; | ||
2362 | if (srcsog == null || destsog == null) | ||
2363 | return false; | ||
2364 | |||
2365 | // dest is locked | ||
2366 | if((destsog.EffectiveOwnerPerms & (uint)PermissionMask.Move) == 0) | ||
2367 | return false; | ||
2368 | |||
2369 | uint itperms = item.CurrentPermissions; | ||
2370 | |||
2371 | // if item is no copy the source is modifed | ||
2372 | if((itperms & (uint)PermissionMask.Copy) == 0 && (srcsog.EffectiveOwnerPerms & (uint)PermissionMask.Modify) == 0) | ||
2373 | return false; | ||
2374 | |||
2375 | UUID srcOwner = srcsog.OwnerID; | ||
2376 | UUID destOwner = destsog.OwnerID; | ||
2377 | bool notSameOwner = srcOwner != destOwner; | ||
2378 | |||
2379 | if(notSameOwner) | ||
2380 | { | ||
2381 | if((itperms & (uint)PermissionMask.Transfer) == 0) | ||
2382 | return false; | ||
2383 | |||
2384 | // scripts can't be droped | ||
2385 | if(item.InvType == (int)InventoryType.LSL) | ||
2386 | return false; | ||
2387 | |||
2388 | if((destsog.RootPart.GetEffectiveObjectFlags() & (uint)PrimFlags.AllowInventoryDrop) == 0) | ||
2389 | return false; | ||
2390 | } | ||
2391 | else | ||
2392 | { | ||
2393 | if((destsog.RootPart.GetEffectiveObjectFlags() & (uint)PrimFlags.AllowInventoryDrop) == 0 && | ||
2394 | (destsog.EffectiveOwnerPerms & (uint)PermissionMask.Modify) == 0) | ||
2395 | return false; | ||
2396 | } | ||
2397 | |||
2398 | return true; | ||
2399 | } | ||
2400 | |||
2401 | private bool CanDropInObjectInv(InventoryItemBase item, ScenePresence sp, SceneObjectPart destPart) | ||
2402 | { | ||
2403 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | ||
2404 | |||
2405 | if (sp == null || sp.IsDeleted || destPart == null || item == null) | ||
2406 | return false; | ||
2407 | |||
2408 | SceneObjectGroup destsog = destPart.ParentGroup; | ||
2409 | if (destsog == null || destsog.IsDeleted) | ||
2410 | return false; | ||
2411 | |||
2412 | if (m_bypassPermissions) | ||
2413 | return m_bypassPermissionsValue; | ||
2414 | |||
2415 | if(sp.IsGod) | ||
2416 | return true; | ||
2417 | |||
2418 | // dest is locked | ||
2419 | if((destsog.EffectiveOwnerPerms & (uint)PermissionMask.Move) == 0) | ||
2420 | return false; | ||
2421 | |||
2422 | UUID destOwner = destsog.OwnerID; | ||
2423 | UUID spID = sp.UUID; | ||
2424 | bool spNotOwner = spID != destOwner; | ||
2425 | |||
2426 | // scripts can't be droped | ||
2427 | if(spNotOwner && item.InvType == (int)InventoryType.LSL) | ||
2428 | return false; | ||
2429 | |||
2430 | if(spNotOwner || item.Owner != destOwner) | ||
2431 | { | ||
2432 | // no copy item will be moved if it has transfer | ||
2433 | uint itperms = item.CurrentPermissions; | ||
2434 | if((itperms & (uint)PermissionMask.Transfer) == 0) | ||
2435 | return false; | ||
2436 | } | ||
2437 | |||
2438 | // allowdrop is a root part thing and does bypass modify rights | ||
2439 | if((destsog.RootPart.GetEffectiveObjectFlags() & (uint)PrimFlags.AllowInventoryDrop) != 0) | ||
2440 | return true; | ||
2441 | |||
2442 | uint perms = GetObjectPermissions(spID, destsog, true); | ||
2443 | if((perms & (uint)PermissionMask.Modify) == 0) | ||
2444 | return false; | ||
2445 | |||
1807 | return true; | 2446 | return true; |
1808 | } | 2447 | } |
1809 | 2448 | ||
@@ -1812,6 +2451,23 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1812 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | 2451 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
1813 | if (m_bypassPermissions) return m_bypassPermissionsValue; | 2452 | if (m_bypassPermissions) return m_bypassPermissionsValue; |
1814 | 2453 | ||
2454 | SceneObjectPart part = m_scene.GetSceneObjectPart(objectID); | ||
2455 | if (part == null) | ||
2456 | return false; | ||
2457 | |||
2458 | SceneObjectGroup sog = part.ParentGroup; | ||
2459 | if (sog == null) | ||
2460 | return false; | ||
2461 | |||
2462 | uint perms = GetObjectPermissions(userID, sog, true); | ||
2463 | if((perms & (uint)PermissionMask.Modify) == 0) | ||
2464 | return false; | ||
2465 | |||
2466 | TaskInventoryItem ti = part.Inventory.GetInventoryItem(itemID); | ||
2467 | if(ti == null) | ||
2468 | return false; | ||
2469 | |||
2470 | //TODO item perm ? | ||
1815 | return true; | 2471 | return true; |
1816 | } | 2472 | } |
1817 | 2473 | ||
@@ -1828,31 +2484,28 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1828 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | 2484 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
1829 | if (m_bypassPermissions) return m_bypassPermissionsValue; | 2485 | if (m_bypassPermissions) return m_bypassPermissionsValue; |
1830 | 2486 | ||
1831 | SceneObjectPart part = m_scene.GetSceneObjectPart(objectID); | ||
1832 | ScenePresence p = m_scene.GetScenePresence(userID); | 2487 | ScenePresence p = m_scene.GetScenePresence(userID); |
1833 | 2488 | ||
1834 | if (part == null || p == null) | 2489 | if (p == null) |
2490 | return false; | ||
2491 | |||
2492 | SceneObjectGroup sog = m_scene.GetGroupByPrim(objectID); | ||
2493 | if (sog == null) | ||
2494 | return false; | ||
2495 | |||
2496 | uint perms = GetObjectPermissions(userID, sog, true); | ||
2497 | if((perms & (uint)PermissionMask.Modify) == 0) | ||
1835 | return false; | 2498 | return false; |
1836 | 2499 | ||
1837 | if (!IsAdministrator(userID)) | 2500 | if ((int)InventoryType.LSL == invType) |
1838 | { | 2501 | { |
1839 | if (part.OwnerID != userID) | 2502 | if (m_allowedScriptCreators == UserSet.Administrators) |
1840 | { | 2503 | return false; |
1841 | // Group permissions | ||
1842 | if ((part.GroupID == UUID.Zero) || (p.ControllingClient.GetGroupPowers(part.GroupID) == 0) || ((part.GroupMask & (uint)PermissionMask.Modify) == 0)) | ||
1843 | return false; | ||
1844 | } else { | ||
1845 | if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0) | ||
1846 | return false; | ||
1847 | } | ||
1848 | if ((int)InventoryType.LSL == invType) | ||
1849 | if (m_allowedScriptCreators == UserSet.Administrators) | ||
1850 | return false; | ||
1851 | } | 2504 | } |
1852 | 2505 | ||
1853 | return true; | 2506 | return true; |
1854 | } | 2507 | } |
1855 | 2508 | ||
1856 | /// <summary> | 2509 | /// <summary> |
1857 | /// Check whether the specified user is allowed to create the given inventory type in their inventory. | 2510 | /// Check whether the specified user is allowed to create the given inventory type in their inventory. |
1858 | /// </summary> | 2511 | /// </summary> |
@@ -1867,10 +2520,10 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1867 | if ((int)InventoryType.LSL == invType) | 2520 | if ((int)InventoryType.LSL == invType) |
1868 | if (m_allowedScriptCreators == UserSet.Administrators && !IsAdministrator(userID)) | 2521 | if (m_allowedScriptCreators == UserSet.Administrators && !IsAdministrator(userID)) |
1869 | return false; | 2522 | return false; |
1870 | 2523 | ||
1871 | return true; | 2524 | return true; |
1872 | } | 2525 | } |
1873 | 2526 | ||
1874 | /// <summary> | 2527 | /// <summary> |
1875 | /// Check whether the specified user is allowed to copy the given inventory type in their inventory. | 2528 | /// Check whether the specified user is allowed to copy the given inventory type in their inventory. |
1876 | /// </summary> | 2529 | /// </summary> |
@@ -1884,7 +2537,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1884 | 2537 | ||
1885 | return true; | 2538 | return true; |
1886 | } | 2539 | } |
1887 | 2540 | ||
1888 | /// <summary> | 2541 | /// <summary> |
1889 | /// Check whether the specified user is allowed to edit the given inventory item within their own inventory. | 2542 | /// Check whether the specified user is allowed to edit the given inventory item within their own inventory. |
1890 | /// </summary> | 2543 | /// </summary> |
@@ -1898,7 +2551,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1898 | 2551 | ||
1899 | return true; | 2552 | return true; |
1900 | } | 2553 | } |
1901 | 2554 | ||
1902 | /// <summary> | 2555 | /// <summary> |
1903 | /// Check whether the specified user is allowed to delete the given inventory item from their own inventory. | 2556 | /// Check whether the specified user is allowed to delete the given inventory item from their own inventory. |
1904 | /// </summary> | 2557 | /// </summary> |
@@ -1921,22 +2574,22 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1921 | return true; | 2574 | return true; |
1922 | } | 2575 | } |
1923 | 2576 | ||
1924 | private bool CanResetScript(UUID prim, UUID script, UUID agentID, Scene scene) | 2577 | private bool CanResetScript(UUID primID, UUID script, UUID agentID) |
1925 | { | 2578 | { |
1926 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); | 2579 | DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); |
1927 | if (m_bypassPermissions) return m_bypassPermissionsValue; | 2580 | if (m_bypassPermissions) return m_bypassPermissionsValue; |
1928 | 2581 | ||
1929 | SceneObjectPart part = m_scene.GetSceneObjectPart(prim); | 2582 | SceneObjectGroup sog = m_scene.GetGroupByPrim(primID); |
1930 | 2583 | if (sog == null) | |
1931 | // If we selected a sub-prim to reset, prim won't represent the object, but only a part. | 2584 | return false; |
1932 | // We have to check the permissions of the object, though. | ||
1933 | if (part.ParentID != 0) prim = part.ParentUUID; | ||
1934 | 2585 | ||
1935 | // You can reset the scripts in any object you can edit | 2586 | uint perms = GetObjectPermissions(agentID, sog, false); |
1936 | return GenericObjectPermission(agentID, prim, false); | 2587 | if((perms & (uint)PermissionMask.Modify) == 0) // ?? |
2588 | return false; | ||
2589 | return true; | ||
1937 | } | 2590 | } |
1938 | 2591 | ||
1939 | private bool CanCompileScript(UUID ownerUUID, int scriptType, Scene scene) | 2592 | private bool CanCompileScript(UUID ownerUUID, int scriptType) |
1940 | { | 2593 | { |
1941 | //m_log.DebugFormat("check if {0} is allowed to compile {1}", ownerUUID, scriptType); | 2594 | //m_log.DebugFormat("check if {0} is allowed to compile {1}", ownerUUID, scriptType); |
1942 | switch (scriptType) { | 2595 | switch (scriptType) { |
@@ -1970,64 +2623,71 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
1970 | } | 2623 | } |
1971 | return(false); | 2624 | return(false); |
1972 | } | 2625 | } |
1973 | 2626 | ||
1974 | private bool CanControlPrimMedia(UUID agentID, UUID primID, int face) | 2627 | private bool CanControlPrimMedia(UUID agentID, UUID primID, int face) |
1975 | { | 2628 | { |
1976 | // m_log.DebugFormat( | 2629 | // m_log.DebugFormat( |
1977 | // "[PERMISSONS]: Performing CanControlPrimMedia check with agentID {0}, primID {1}, face {2}", | 2630 | // "[PERMISSONS]: Performing CanControlPrimMedia check with agentID {0}, primID {1}, face {2}", |
1978 | // agentID, primID, face); | 2631 | // agentID, primID, face); |
1979 | 2632 | ||
1980 | if (null == MoapModule) | 2633 | if (null == MoapModule) |
1981 | return false; | 2634 | return false; |
1982 | 2635 | ||
1983 | SceneObjectPart part = m_scene.GetSceneObjectPart(primID); | 2636 | SceneObjectPart part = m_scene.GetSceneObjectPart(primID); |
1984 | if (null == part) | 2637 | if (null == part) |
1985 | return false; | 2638 | return false; |
1986 | 2639 | ||
1987 | MediaEntry me = MoapModule.GetMediaEntry(part, face); | 2640 | MediaEntry me = MoapModule.GetMediaEntry(part, face); |
1988 | 2641 | ||
1989 | // If there is no existing media entry then it can be controlled (in this context, created). | 2642 | // If there is no existing media entry then it can be controlled (in this context, created). |
1990 | if (null == me) | 2643 | if (null == me) |
1991 | return true; | 2644 | return true; |
1992 | 2645 | ||
1993 | // m_log.DebugFormat( | 2646 | // m_log.DebugFormat( |
1994 | // "[PERMISSIONS]: Checking CanControlPrimMedia for {0} on {1} face {2} with control permissions {3}", | 2647 | // "[PERMISSIONS]: Checking CanControlPrimMedia for {0} on {1} face {2} with control permissions {3}", |
1995 | // agentID, primID, face, me.ControlPermissions); | 2648 | // agentID, primID, face, me.ControlPermissions); |
1996 | 2649 | ||
1997 | return GenericObjectPermission(agentID, part.ParentGroup.UUID, true); | 2650 | SceneObjectGroup sog = part.ParentGroup; |
2651 | if (sog == null) | ||
2652 | return false; | ||
2653 | |||
2654 | uint perms = GetObjectPermissions(agentID, sog, false); | ||
2655 | if((perms & (uint)PermissionMask.Modify) == 0) | ||
2656 | return false; | ||
2657 | return true; | ||
1998 | } | 2658 | } |
1999 | 2659 | ||
2000 | private bool CanInteractWithPrimMedia(UUID agentID, UUID primID, int face) | 2660 | private bool CanInteractWithPrimMedia(UUID agentID, UUID primID, int face) |
2001 | { | 2661 | { |
2002 | // m_log.DebugFormat( | 2662 | // m_log.DebugFormat( |
2003 | // "[PERMISSONS]: Performing CanInteractWithPrimMedia check with agentID {0}, primID {1}, face {2}", | 2663 | // "[PERMISSONS]: Performing CanInteractWithPrimMedia check with agentID {0}, primID {1}, face {2}", |
2004 | // agentID, primID, face); | 2664 | // agentID, primID, face); |
2005 | 2665 | ||
2006 | if (null == MoapModule) | 2666 | if (null == MoapModule) |
2007 | return false; | 2667 | return false; |
2008 | 2668 | ||
2009 | SceneObjectPart part = m_scene.GetSceneObjectPart(primID); | 2669 | SceneObjectPart part = m_scene.GetSceneObjectPart(primID); |
2010 | if (null == part) | 2670 | if (null == part) |
2011 | return false; | 2671 | return false; |
2012 | 2672 | ||
2013 | MediaEntry me = MoapModule.GetMediaEntry(part, face); | 2673 | MediaEntry me = MoapModule.GetMediaEntry(part, face); |
2014 | 2674 | ||
2015 | // If there is no existing media entry then it can be controlled (in this context, created). | 2675 | // If there is no existing media entry then it can be controlled (in this context, created). |
2016 | if (null == me) | 2676 | if (null == me) |
2017 | return true; | 2677 | return true; |
2018 | 2678 | ||
2019 | // m_log.DebugFormat( | 2679 | // m_log.DebugFormat( |
2020 | // "[PERMISSIONS]: Checking CanInteractWithPrimMedia for {0} on {1} face {2} with interact permissions {3}", | 2680 | // "[PERMISSIONS]: Checking CanInteractWithPrimMedia for {0} on {1} face {2} with interact permissions {3}", |
2021 | // agentID, primID, face, me.InteractPermissions); | 2681 | // agentID, primID, face, me.InteractPermissions); |
2022 | 2682 | ||
2023 | return GenericPrimMediaPermission(part, agentID, me.InteractPermissions); | 2683 | return GenericPrimMediaPermission(part, agentID, me.InteractPermissions); |
2024 | } | 2684 | } |
2025 | 2685 | ||
2026 | private bool GenericPrimMediaPermission(SceneObjectPart part, UUID agentID, MediaPermission perms) | 2686 | private bool GenericPrimMediaPermission(SceneObjectPart part, UUID agentID, MediaPermission perms) |
2027 | { | 2687 | { |
2028 | // if (IsAdministrator(agentID)) | 2688 | // if (IsAdministrator(agentID)) |
2029 | // return true; | 2689 | // return true; |
2030 | 2690 | ||
2031 | if ((perms & MediaPermission.Anyone) == MediaPermission.Anyone) | 2691 | if ((perms & MediaPermission.Anyone) == MediaPermission.Anyone) |
2032 | return true; | 2692 | return true; |
2033 | 2693 | ||
@@ -2036,13 +2696,13 @@ namespace OpenSim.Region.CoreModules.World.Permissions | |||
2036 | if (agentID == part.OwnerID) | 2696 | if (agentID == part.OwnerID) |
2037 | return true; | 2697 | return true; |
2038 | } | 2698 | } |
2039 | 2699 | ||
2040 | if ((perms & MediaPermission.Group) == MediaPermission.Group) | 2700 | if ((perms & MediaPermission.Group) == MediaPermission.Group) |
2041 | { | 2701 | { |
2042 | if (IsGroupMember(part.GroupID, agentID, 0)) | 2702 | if (IsGroupMember(part.GroupID, agentID, 0)) |
2043 | return true; | 2703 | return true; |
2044 | } | 2704 | } |
2045 | 2705 | ||
2046 | return false; | 2706 | return false; |
2047 | } | 2707 | } |
2048 | } | 2708 | } |