diff options
author | Teravus Ovares | 2008-02-10 10:55:57 +0000 |
---|---|---|
committer | Teravus Ovares | 2008-02-10 10:55:57 +0000 |
commit | 85a9834ed84f33d3610499914fa3168a8eebce6d (patch) | |
tree | 23b51c0c9e944a64a54428d6f684210e784f42a3 /OpenSim/Region/Environment/PermissionManager.cs | |
parent | Clean up logging calls using String.Format explicitly (diff) | |
download | opensim-SC_OLD-85a9834ed84f33d3610499914fa3168a8eebce6d.zip opensim-SC_OLD-85a9834ed84f33d3610499914fa3168a8eebce6d.tar.gz opensim-SC_OLD-85a9834ed84f33d3610499914fa3168a8eebce6d.tar.bz2 opensim-SC_OLD-85a9834ed84f33d3610499914fa3168a8eebce6d.tar.xz |
* A lot of ugly permissions updates.
** Created SendFullUpdateToAllClientsExcept(LLUUID) so that permission updates /appear/ to apply immediately
** Separated out the ObjectFlags and the Permission Flags. They're related but not the same
** Added a hack routine to add *back* the objectflags to the client flags because the client hates the way we're doing object permissions
** Updated the clientflags routine to properly tell the client when they can't edit admin objects (objects owned by the sim administrator) even when they're an estate manager(why? >.< argh!)
** Fixed a null sim administrator/estate manager/user from causing permissions to return false even when it should return true.
** Re-added ObjectModify hack to allow collaboration with the allow anyone to move checkbox until we get group permissions done.
Diffstat (limited to 'OpenSim/Region/Environment/PermissionManager.cs')
-rw-r--r-- | OpenSim/Region/Environment/PermissionManager.cs | 164 |
1 files changed, 118 insertions, 46 deletions
diff --git a/OpenSim/Region/Environment/PermissionManager.cs b/OpenSim/Region/Environment/PermissionManager.cs index 7cf89b0..5cd2b81 100644 --- a/OpenSim/Region/Environment/PermissionManager.cs +++ b/OpenSim/Region/Environment/PermissionManager.cs | |||
@@ -80,7 +80,13 @@ namespace OpenSim.Region.Environment | |||
80 | return true; | 80 | return true; |
81 | } | 81 | } |
82 | 82 | ||
83 | return m_scene.RegionInfo.MasterAvatarAssignedUUID == user; | 83 | // If there is no master avatar, return false |
84 | if (m_scene.RegionInfo.MasterAvatarAssignedUUID != null) | ||
85 | { | ||
86 | return m_scene.RegionInfo.MasterAvatarAssignedUUID == user; | ||
87 | } | ||
88 | |||
89 | return false; | ||
84 | } | 90 | } |
85 | 91 | ||
86 | public virtual bool IsEstateManager(LLUUID user) | 92 | public virtual bool IsEstateManager(LLUUID user) |
@@ -89,13 +95,20 @@ namespace OpenSim.Region.Environment | |||
89 | { | 95 | { |
90 | return true; | 96 | return true; |
91 | } | 97 | } |
92 | 98 | if (user != null) | |
93 | LLUUID[] estatemanagers = m_scene.RegionInfo.EstateSettings.estateManagers; | ||
94 | for (int i = 0; i < estatemanagers.Length; i++) | ||
95 | { | 99 | { |
96 | if (estatemanagers[i] == user) | 100 | LLUUID[] estatemanagers = m_scene.RegionInfo.EstateSettings.estateManagers; |
97 | return true; | 101 | for (int i = 0; i < estatemanagers.Length; i++) |
102 | { | ||
103 | if (estatemanagers[i] == user) | ||
104 | return true; | ||
105 | } | ||
98 | } | 106 | } |
107 | // The below is commented out because logically it happens anyway. It's left in for readability | ||
108 | //else | ||
109 | //{ | ||
110 | //return false; | ||
111 | //} | ||
99 | 112 | ||
100 | return false; | 113 | return false; |
101 | } | 114 | } |
@@ -153,6 +166,18 @@ namespace OpenSim.Region.Environment | |||
153 | 166 | ||
154 | public virtual uint GenerateClientFlags(LLUUID user, LLUUID objID) | 167 | public virtual uint GenerateClientFlags(LLUUID user, LLUUID objID) |
155 | { | 168 | { |
169 | |||
170 | // Here's the way this works, | ||
171 | // ObjectFlags and Permission flags are two different enumerations | ||
172 | // ObjectFlags, however, tells the client to change what it will allow the user to do. | ||
173 | // So, that means that all of the permissions type ObjectFlags are /temporary/ and only | ||
174 | // supposed to be set when customizing the objectflags for the client. | ||
175 | |||
176 | // These temporary objectflags get computed and added in this function based on the | ||
177 | // Permission mask that's appropriate! | ||
178 | // Outside of this method, they should never be added to objectflags! | ||
179 | // -teravus | ||
180 | |||
156 | if (!m_scene.Entities.ContainsKey(objID)) | 181 | if (!m_scene.Entities.ContainsKey(objID)) |
157 | { | 182 | { |
158 | return 0; | 183 | return 0; |
@@ -170,10 +195,38 @@ namespace OpenSim.Region.Environment | |||
170 | // the administrator object permissions to take effect. | 195 | // the administrator object permissions to take effect. |
171 | LLUUID objectOwner = task.OwnerID; | 196 | LLUUID objectOwner = task.OwnerID; |
172 | 197 | ||
173 | uint objectOwnerMask = task.RootPart.ObjectFlags; | 198 | uint objflags = task.RootPart.ObjectFlags; |
174 | objectOwnerMask = ApplyObjectModifyMasks(task.RootPart.OwnerMask, objectOwnerMask); | 199 | |
200 | |||
201 | // Remove any of the objectFlags that are temporary. These will get added back if appropriate | ||
202 | // in the next bit of code | ||
203 | |||
204 | objflags &= (uint)LLObject.ObjectFlags.ObjectCopy; // Tells client you can copy the object | ||
205 | objflags &= (uint)LLObject.ObjectFlags.ObjectModify; // tells client you can modify the object | ||
206 | objflags &= (uint)LLObject.ObjectFlags.ObjectMove; // tells client that you can move the object (only, no mod) | ||
207 | objflags &= (uint)LLObject.ObjectFlags.ObjectTransfer; // tells the client that you can /take/ the object if you don't own it | ||
208 | objflags &= (uint)LLObject.ObjectFlags.ObjectYouOwner; // Tells client that you're the owner of the object | ||
209 | objflags &= (uint)LLObject.ObjectFlags.ObjectYouOfficer; // Tells client that you've got group object editing permission. Used when ObjectGroupOwned is set | ||
210 | |||
211 | |||
212 | // Creating the three ObjectFlags options for this method to choose from. | ||
213 | bool tasklocked = task.GetLocked(); // more debug needed to apply this, so we're going to set this to false for now | ||
214 | tasklocked = false; | ||
175 | 215 | ||
176 | uint objectEveryoneMask = task.RootPart.ObjectFlags | task.RootPart.EveryoneMask; | 216 | uint objectOwnerMask = ApplyObjectModifyMasks(task.RootPart.OwnerMask, objflags, tasklocked); |
217 | objectOwnerMask = AddBackBrokenObjectProperties(task.RootPart, objectOwnerMask); | ||
218 | |||
219 | objectOwnerMask |= (uint)LLObject.ObjectFlags.ObjectYouOwner; | ||
220 | |||
221 | uint objectGroupMask = ApplyObjectModifyMasks(task.RootPart.GroupMask, objflags, tasklocked); | ||
222 | objectGroupMask = AddBackBrokenObjectProperties(task.RootPart,objectGroupMask); | ||
223 | |||
224 | uint objectEveryoneMask = ApplyObjectModifyMasks(task.RootPart.EveryoneMask, objflags, tasklocked); | ||
225 | objectEveryoneMask = AddBackBrokenObjectProperties(task.RootPart,objectEveryoneMask); | ||
226 | |||
227 | // Hack to allow collaboration until Groups and Group Permissions are implemented | ||
228 | if ((objectEveryoneMask & (uint)LLObject.ObjectFlags.ObjectMove) != 0) | ||
229 | objectEveryoneMask |= (uint)LLObject.ObjectFlags.ObjectModify; | ||
177 | 230 | ||
178 | if (m_bypassPermissions) | 231 | if (m_bypassPermissions) |
179 | return objectOwnerMask; | 232 | return objectOwnerMask; |
@@ -181,7 +234,6 @@ namespace OpenSim.Region.Environment | |||
181 | // Object owners should be able to edit their own content | 234 | // Object owners should be able to edit their own content |
182 | if (user == objectOwner) | 235 | if (user == objectOwner) |
183 | { | 236 | { |
184 | objectOwnerMask |= (uint)LLObject.ObjectFlags.ObjectYouOwner; | ||
185 | return objectOwnerMask; | 237 | return objectOwnerMask; |
186 | } | 238 | } |
187 | 239 | ||
@@ -189,58 +241,70 @@ namespace OpenSim.Region.Environment | |||
189 | Land parcel = m_scene.LandManager.getLandObject(task.AbsolutePosition.X, task.AbsolutePosition.Y); | 241 | Land parcel = m_scene.LandManager.getLandObject(task.AbsolutePosition.X, task.AbsolutePosition.Y); |
190 | if (parcel != null && parcel.landData.ownerID == user) | 242 | if (parcel != null && parcel.landData.ownerID == user) |
191 | return objectOwnerMask; | 243 | return objectOwnerMask; |
192 | 244 | ||
245 | // Admin objects should not be editable by the above | ||
246 | if (IsAdministrator(objectOwner)) | ||
247 | return objectEveryoneMask; | ||
248 | |||
193 | // Estate users should be able to edit anything in the sim | 249 | // Estate users should be able to edit anything in the sim |
194 | if (IsEstateManager(user)) | 250 | if (IsEstateManager(user)) |
195 | return objectOwnerMask; | 251 | return objectOwnerMask; |
196 | 252 | ||
197 | // Admin objects should not be editable by the above | 253 | |
198 | if (IsAdministrator(taskOwner)) | ||
199 | return objectEveryoneMask; | ||
200 | 254 | ||
201 | // Admin should be able to edit anything in the sim (including admin objects) | 255 | // Admin should be able to edit anything in the sim (including admin objects) |
202 | if (IsAdministrator(user)) | 256 | if (IsAdministrator(user)) |
203 | return objectOwnerMask; | 257 | return objectOwnerMask; |
204 | 258 | ||
205 | if (((objectEveryoneMask & PERM_MOVE) != 0) || ((objectEveryoneMask & PERM_COPY) != 0)) | ||
206 | { | ||
207 | if ((objectEveryoneMask & PERM_MOVE) != 0) | ||
208 | objectOwnerMask &= ~PERM_MOVE; | ||
209 | 259 | ||
210 | if ((objectEveryoneMask & PERM_COPY) != 0) | 260 | return objectEveryoneMask; |
211 | objectOwnerMask &= ~PERM_COPY; | 261 | } |
262 | private uint AddBackBrokenObjectProperties(SceneObjectPart task, uint objectmask) | ||
263 | { | ||
264 | if ((task.ObjectFlags & (uint)LLObject.ObjectFlags.Physics) != 0) | ||
265 | objectmask |= (uint)LLObject.ObjectFlags.Physics; | ||
212 | 266 | ||
213 | objectOwnerMask &= ~PERM_MODIFY; | 267 | if ((task.ObjectFlags & (uint)LLObject.ObjectFlags.Scripted) != 0) |
214 | objectOwnerMask &= ~PERM_TRANS; | 268 | objectmask |= (uint)LLObject.ObjectFlags.Scripted; |
215 | 269 | ||
216 | return objectOwnerMask; | 270 | if ((task.ObjectFlags & (uint)LLObject.ObjectFlags.TemporaryOnRez) != 0) |
217 | } | 271 | objectmask |= (uint)LLObject.ObjectFlags.TemporaryOnRez; |
218 | return objectEveryoneMask; | 272 | |
273 | if ((task.ObjectFlags & (uint)LLObject.ObjectFlags.Phantom) != 0) | ||
274 | objectmask |= (uint)LLObject.ObjectFlags.Phantom; | ||
275 | |||
276 | return objectmask; | ||
219 | } | 277 | } |
220 | 278 | ||
221 | 279 | ||
222 | private uint ApplyObjectModifyMasks(uint parentMask, uint objectOwnerMask) | 280 | private uint ApplyObjectModifyMasks(uint setPermissionMask, uint objectFlagsMask, bool locked) |
223 | { | 281 | { |
224 | if ((parentMask & (uint)PermissionMask.Copy) != 0) | 282 | // We are adding the temporary objectflags to the object's objectflags based on the |
283 | // permission flag given. These change the F flags on the client. | ||
284 | if (!locked) | ||
225 | { | 285 | { |
226 | objectOwnerMask |= (uint)LLObject.ObjectFlags.ObjectCopy; | ||
227 | } | ||
228 | 286 | ||
229 | if ((parentMask & (uint)PermissionMask.Move) != 0) | 287 | if ((setPermissionMask & (uint)PermissionMask.Copy) != 0) |
230 | { | 288 | { |
231 | objectOwnerMask |= (uint)LLObject.ObjectFlags.ObjectMove; | 289 | objectFlagsMask |= (uint)LLObject.ObjectFlags.ObjectCopy; |
232 | } | 290 | } |
233 | 291 | ||
234 | if ((parentMask & (uint)PermissionMask.Modify) != 0) | 292 | if ((setPermissionMask & (uint)PermissionMask.Move) != 0) |
235 | { | 293 | { |
236 | objectOwnerMask |= (uint)LLObject.ObjectFlags.ObjectModify; | 294 | objectFlagsMask |= (uint)LLObject.ObjectFlags.ObjectMove; |
237 | } | 295 | } |
238 | 296 | ||
239 | if ((parentMask & (uint)PermissionMask.Transfer) != 0) | 297 | if ((setPermissionMask & (uint)PermissionMask.Modify) != 0) |
240 | { | 298 | { |
241 | objectOwnerMask |= (uint)LLObject.ObjectFlags.ObjectTransfer; | 299 | objectFlagsMask |= (uint)LLObject.ObjectFlags.ObjectModify; |
300 | } | ||
301 | |||
302 | if ((setPermissionMask & (uint)PermissionMask.Transfer) != 0) | ||
303 | { | ||
304 | objectFlagsMask |= (uint)LLObject.ObjectFlags.ObjectTransfer; | ||
305 | } | ||
242 | } | 306 | } |
243 | return objectOwnerMask; | 307 | return objectFlagsMask; |
244 | } | 308 | } |
245 | 309 | ||
246 | protected virtual bool GenericObjectPermission(LLUUID currentUser, LLUUID objId) | 310 | protected virtual bool GenericObjectPermission(LLUUID currentUser, LLUUID objId) |
@@ -254,13 +318,14 @@ namespace OpenSim.Region.Environment | |||
254 | } | 318 | } |
255 | 319 | ||
256 | // If it's not an object, we cant edit it. | 320 | // If it's not an object, we cant edit it. |
257 | if (!(m_scene.Entities[objId] is SceneObjectGroup)) | 321 | if ((!(m_scene.Entities[objId] is SceneObjectGroup))) |
258 | { | 322 | { |
259 | return false; | 323 | return false; |
260 | } | 324 | } |
261 | 325 | ||
262 | SceneObjectGroup group = (SceneObjectGroup) m_scene.Entities[objId]; | 326 | |
263 | 327 | SceneObjectGroup group = (SceneObjectGroup)m_scene.Entities[objId]; | |
328 | |||
264 | LLUUID objectOwner = group.OwnerID; | 329 | LLUUID objectOwner = group.OwnerID; |
265 | 330 | ||
266 | // Object owners should be able to edit their own content | 331 | // Object owners should be able to edit their own content |
@@ -323,13 +388,20 @@ namespace OpenSim.Region.Environment | |||
323 | return false; | 388 | return false; |
324 | } | 389 | } |
325 | 390 | ||
391 | // The client | ||
392 | // may request to edit linked parts, and therefore, it needs | ||
393 | // to also check for SceneObjectPart | ||
394 | |||
326 | // If it's not an object, we cant edit it. | 395 | // If it's not an object, we cant edit it. |
327 | if (!(m_scene.Entities[obj] is SceneObjectGroup)) | 396 | if ((!(m_scene.Entities[obj] is SceneObjectGroup))) |
328 | { | 397 | { |
329 | return false; | 398 | return false; |
330 | } | 399 | } |
331 | 400 | ||
332 | SceneObjectGroup task = (SceneObjectGroup) m_scene.Entities[obj]; | 401 | |
402 | SceneObjectGroup task = (SceneObjectGroup)m_scene.Entities[obj]; | ||
403 | |||
404 | |||
333 | LLUUID taskOwner = null; | 405 | LLUUID taskOwner = null; |
334 | // Added this because at this point in time it wouldn't be wise for | 406 | // Added this because at this point in time it wouldn't be wise for |
335 | // the administrator object permissions to take effect. | 407 | // the administrator object permissions to take effect. |