aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/OpenSim/Region/ScriptEngine/Shared/Api/Implementation
diff options
context:
space:
mode:
authorMelanie Thielker2008-11-17 04:23:03 +0000
committerMelanie Thielker2008-11-17 04:23:03 +0000
commit928d003bf534156201f1bd94fb6ffe7b418f8284 (patch)
treed5273db0242a2923489c3b4c8ff42f4d5de8b74b /OpenSim/Region/ScriptEngine/Shared/Api/Implementation
parentAllow more then one user server in the user server config of the (diff)
downloadopensim-SC_OLD-928d003bf534156201f1bd94fb6ffe7b418f8284.zip
opensim-SC_OLD-928d003bf534156201f1bd94fb6ffe7b418f8284.tar.gz
opensim-SC_OLD-928d003bf534156201f1bd94fb6ffe7b418f8284.tar.bz2
opensim-SC_OLD-928d003bf534156201f1bd94fb6ffe7b418f8284.tar.xz
Change the semantics of the Allow_* os function control. Omitting a function
causes defautlt behavior. "true" now means usable unconditionally, "false" means disabled, and a list of UUIDs restricts it. This changes SECURITY! If you used "true" here before, you shoudl review your setup!
Diffstat (limited to 'OpenSim/Region/ScriptEngine/Shared/Api/Implementation')
-rw-r--r--OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs52
1 files changed, 34 insertions, 18 deletions
diff --git a/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs b/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs
index 72a8dc5..f010f7d 100644
--- a/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs
+++ b/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs
@@ -187,30 +187,41 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
187 187
188 if (!m_FunctionPerms.ContainsKey(function)) 188 if (!m_FunctionPerms.ContainsKey(function))
189 { 189 {
190 string perm = m_ScriptEngine.Config.GetString("Allow_"+function, "true"); 190 string perm = m_ScriptEngine.Config.GetString("Allow_"+function, "");
191 bool allowed; 191 if (perm == "")
192
193 if (bool.TryParse(perm, out allowed))
194 { 192 {
195 // Boolean given 193 m_FunctionPerms[function] = null; // a null value is default
196 if (allowed)
197 m_FunctionPerms[function] = null; // a null value is all
198 else
199 m_FunctionPerms[function] = new List<UUID>(); // Empty list = none
200 } 194 }
201 else 195 else
202 { 196 {
203 m_FunctionPerms[function] = new List<UUID>(); 197 bool allowed;
204 198
205 string[] ids = perm.Split(new char[] {','}); 199 if (bool.TryParse(perm, out allowed))
206 foreach (string id in ids) 200 {
201 // Boolean given
202 if (allowed)
203 {
204 m_FunctionPerms[function] = new List<UUID>();
205 m_FunctionPerms[function].Add(UUID.Zero);
206 }
207 else
208 m_FunctionPerms[function] = new List<UUID>(); // Empty list = none
209 }
210 else
207 { 211 {
208 string current = id.Trim(); 212 m_FunctionPerms[function] = new List<UUID>();
209 UUID uuid;
210 213
211 if (UUID.TryParse(current, out uuid)) 214 string[] ids = perm.Split(new char[] {','});
215 foreach (string id in ids)
212 { 216 {
213 m_FunctionPerms[function].Add(uuid); 217 string current = id.Trim();
218 UUID uuid;
219
220 if (UUID.TryParse(current, out uuid))
221 {
222 if (uuid != uuid.Zero)
223 m_FunctionPerms[function].Add(uuid);
224 }
214 } 225 }
215 } 226 }
216 } 227 }
@@ -223,6 +234,8 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
223 // to use that particular function. False causes an empty 234 // to use that particular function. False causes an empty
224 // list and therefore means "no one" 235 // list and therefore means "no one"
225 // 236 //
237 // To allow use by anyone, the list contains UUID.Zero
238 //
226 if (m_FunctionPerms[function] == null) // No list = true 239 if (m_FunctionPerms[function] == null) // No list = true
227 { 240 {
228 if (level > m_MaxThreatLevel) 241 if (level > m_MaxThreatLevel)
@@ -230,8 +243,11 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
230 } 243 }
231 else 244 else
232 { 245 {
233 if (!m_FunctionPerms[function].Contains(m_host.OwnerID)) 246 if (!m_FunctionPerms[function].Contains(UUID.Zero))
234 throw new Exception("Threat level too high - "+function); 247 {
248 if (!m_FunctionPerms[function].Contains(m_host.OwnerID))
249 throw new Exception("Threat level too high - "+function);
250 }
235 } 251 }
236 } 252 }
237 253