aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/OpenSim/Services
diff options
context:
space:
mode:
authorDiva Canto2012-09-20 15:49:22 -0700
committerDiva Canto2012-09-20 15:49:22 -0700
commit3089b6d824f1d4eb25ba12c5fd037153fdc92e1e (patch)
treef70c7a399cf2e2af599f25798a6b3c3b3d3f89d6 /OpenSim/Services
parentCorrectly override and call base OpenSimTestCase.SetUp() method in GridConnec... (diff)
downloadopensim-SC_OLD-3089b6d824f1d4eb25ba12c5fd037153fdc92e1e.zip
opensim-SC_OLD-3089b6d824f1d4eb25ba12c5fd037153fdc92e1e.tar.gz
opensim-SC_OLD-3089b6d824f1d4eb25ba12c5fd037153fdc92e1e.tar.bz2
opensim-SC_OLD-3089b6d824f1d4eb25ba12c5fd037153fdc92e1e.tar.xz
More HG2.0: Added permission policies in HGAsset Service based on asset types. The policies are given in the config. This is only half of the story. The other half, pertaining to exports/imports made by the sim, will be done next.
Diffstat (limited to 'OpenSim/Services')
-rw-r--r--OpenSim/Services/HypergridService/HGAssetService.cs79
1 files changed, 76 insertions, 3 deletions
diff --git a/OpenSim/Services/HypergridService/HGAssetService.cs b/OpenSim/Services/HypergridService/HGAssetService.cs
index db98166..d6541c4 100644
--- a/OpenSim/Services/HypergridService/HGAssetService.cs
+++ b/OpenSim/Services/HypergridService/HGAssetService.cs
@@ -58,6 +58,9 @@ namespace OpenSim.Services.HypergridService
58 58
59 private UserAccountCache m_Cache; 59 private UserAccountCache m_Cache;
60 60
61 private bool[] m_DisallowGET, m_DisallowPOST;
62 private string[] m_AssetTypeNames;
63
61 public HGAssetService(IConfigSource config, string configName) : base(config, configName) 64 public HGAssetService(IConfigSource config, string configName) : base(config, configName)
62 { 65 {
63 m_log.Debug("[HGAsset Service]: Starting"); 66 m_log.Debug("[HGAsset Service]: Starting");
@@ -80,6 +83,34 @@ namespace OpenSim.Services.HypergridService
80 m_HomeURL = assetConfig.GetString("HomeURI", m_HomeURL); 83 m_HomeURL = assetConfig.GetString("HomeURI", m_HomeURL);
81 84
82 m_Cache = UserAccountCache.CreateUserAccountCache(m_UserAccountService); 85 m_Cache = UserAccountCache.CreateUserAccountCache(m_UserAccountService);
86
87 // Permissions
88 Type enumType = typeof(AssetType);
89 m_AssetTypeNames = Enum.GetNames(enumType);
90 for (int i = 0; i < m_AssetTypeNames.Length; i++)
91 m_AssetTypeNames[i] = m_AssetTypeNames[i].ToLower();
92 int n = Enum.GetValues(enumType).Length;
93 m_DisallowGET = new bool[n];
94 m_DisallowPOST = new bool[n];
95
96 LoadPermsFromConfig(assetConfig, "DisallowGET", m_DisallowGET);
97 LoadPermsFromConfig(assetConfig, "DisallowPOST", m_DisallowPOST);
98
99 }
100
101 private void LoadPermsFromConfig(IConfig assetConfig, string variable, bool[] bitArray)
102 {
103 string perms = assetConfig.GetString(variable, String.Empty);
104 string[] parts = perms.Split(new char[] {','}, StringSplitOptions.RemoveEmptyEntries);
105 foreach (string s in parts)
106 {
107 int index = Array.IndexOf(m_AssetTypeNames, s.Trim().ToLower());
108 if (index >= 0)
109 bitArray[index] = true;
110 else
111 m_log.WarnFormat("[HGAsset Service]: Invalid AssetType {0}", s);
112 }
113
83 } 114 }
84 115
85 #region IAssetService overrides 116 #region IAssetService overrides
@@ -90,6 +121,9 @@ namespace OpenSim.Services.HypergridService
90 if (asset == null) 121 if (asset == null)
91 return null; 122 return null;
92 123
124 if (!AllowedGet(asset.Type))
125 return null;
126
93 if (asset.Metadata.Type == (sbyte)AssetType.Object) 127 if (asset.Metadata.Type == (sbyte)AssetType.Object)
94 asset.Data = AdjustIdentifiers(asset.Data); ; 128 asset.Data = AdjustIdentifiers(asset.Data); ;
95 129
@@ -112,16 +146,27 @@ namespace OpenSim.Services.HypergridService
112 146
113 public override byte[] GetData(string id) 147 public override byte[] GetData(string id)
114 { 148 {
115 byte[] data = base.GetData(id); 149 AssetBase asset = Get(id);
116 150
117 if (data == null) 151 if (asset == null)
118 return null; 152 return null;
119 153
120 return AdjustIdentifiers(data); 154 if (!AllowedGet(asset.Type))
155 return null;
156
157 return asset.Data;
121 } 158 }
122 159
123 //public virtual bool Get(string id, Object sender, AssetRetrieved handler) 160 //public virtual bool Get(string id, Object sender, AssetRetrieved handler)
124 161
162 public override string Store(AssetBase asset)
163 {
164 if (!AllowedPost(asset.Type))
165 return UUID.Zero.ToString();
166
167 return base.Store(asset);
168 }
169
125 public override bool Delete(string id) 170 public override bool Delete(string id)
126 { 171 {
127 // NOGO 172 // NOGO
@@ -130,6 +175,34 @@ namespace OpenSim.Services.HypergridService
130 175
131 #endregion 176 #endregion
132 177
178 protected bool AllowedGet(sbyte type)
179 {
180 string assetTypeName = ((AssetType)type).ToString();
181
182 int index = Array.IndexOf(m_AssetTypeNames, assetTypeName.ToLower());
183 if (index >= 0 && m_DisallowGET[index])
184 {
185 m_log.DebugFormat("[HGAsset Service]: GET denied: service does not allow export of AssetType {0}", assetTypeName);
186 return false;
187 }
188
189 return true;
190 }
191
192 protected bool AllowedPost(sbyte type)
193 {
194 string assetTypeName = ((AssetType)type).ToString();
195
196 int index = Array.IndexOf(m_AssetTypeNames, assetTypeName.ToLower());
197 if (index >= 0 && m_DisallowPOST[index])
198 {
199 m_log.DebugFormat("[HGAsset Service]: POST denied: service does not allow import of AssetType {0}", assetTypeName);
200 return false;
201 }
202
203 return true;
204 }
205
133 protected void AdjustIdentifiers(AssetMetadata meta) 206 protected void AdjustIdentifiers(AssetMetadata meta)
134 { 207 {
135 if (meta == null || m_Cache == null) 208 if (meta == null || m_Cache == null)