enforce effective perms hierarchy

author: UbitUmarov 2017-01-18 21:17:09 +0000
committer: UbitUmarov 2017-01-18 21:17:09 +0000
commit: b23ce04a6e9b620a8b6b78ece58711754bb6c49f (patch)
tree: b30832ea3d339e68142526822b747da04876f82b /OpenSim
parent: antecipate baked cache check and Xbakes requests, so they happen before viewe... (diff)
download: opensim-SC_OLD-b23ce04a6e9b620a8b6b78ece58711754bb6c49f.zip
opensim-SC_OLD-b23ce04a6e9b620a8b6b78ece58711754bb6c49f.tar.gz
opensim-SC_OLD-b23ce04a6e9b620a8b6b78ece58711754bb6c49f.tar.bz2
opensim-SC_OLD-b23ce04a6e9b620a8b6b78ece58711754bb6c49f.tar.xz
1 files changed, 59 insertions, 42 deletions
diff --git a/OpenSim/Region/Framework/Scenes/SceneObjectGroup.Inventory.cs b/OpenSim/Region/Framework/Scenes/SceneObjectGroup.Inventory.cs
index 5ecf352..b9fa8e4 100644
--- a/OpenSim/Region/Framework/Scenes/SceneObjectGroup.Inventory.cs
+++ b/OpenSim/Region/Framework/Scenes/SceneObjectGroup.Inventory.cs
@@ -304,6 +304,7 @@ namespace OpenSim.Region.Framework.Scenes
        }
        // aggregates perms scanning parts and their contents
+        // AggregatePerms does same using cached parts content perms
        public void AggregateDeepPerms()
        {
            lock(PermissionsLock)
@@ -313,12 +314,16 @@ namespace OpenSim.Region.Framework.Scenes
                const uint movemodmask = (uint)(PermissionMask.Move | PermissionMask.Modify);
                const uint copytransfermast = (uint)(PermissionMask.Copy | PermissionMask.Transfer);
-                uint baseOwnerPerms = RootPart.OwnerMask;
+                uint basePerms = (RootPart.BaseMask & allmask) | (uint)PermissionMask.Move;
-                uint owner = baseOwnerPerms;
+                bool noBaseTransfer = (RootPart.OwnerID != RootPart.GroupID &&
-                uint baseGroupPerms = RootPart.GroupMask;
+                        (basePerms & (uint)PermissionMask.Transfer) == 0);
-                uint group = baseGroupPerms;
-                uint baseEveryonePerms = RootPart.EveryoneMask;
+                uint rootOwnerPerms = RootPart.OwnerMask;
-                uint everyone = baseEveryonePerms;
+                uint owner = rootOwnerPerms;
+                uint rootGroupPerms = RootPart.GroupMask;
+                uint group = rootGroupPerms;
+                uint rootEveryonePerms = RootPart.EveryoneMask;
+                uint everyone = rootEveryonePerms;
                SceneObjectPart[] parts = m_parts.GetArray();
                for (int i = 0; i < parts.Length; i++)
@@ -330,42 +335,47 @@ namespace OpenSim.Region.Framework.Scenes
                    everyone &= part.AggregatedInnerEveryonePerms;
                }
                // recover modify and move
-                baseOwnerPerms &= movemodmask;
+                rootOwnerPerms &= movemodmask;
-                owner |= baseOwnerPerms;
+                owner |= rootOwnerPerms;
                if((owner & copytransfermast) == 0)
                    owner |= (uint)PermissionMask.Transfer;
-                owner &= allmask;
+                owner &= basePerms;
                m_EffectiveOwnerPerms = owner;
                // recover modify and move
-                baseGroupPerms &= movemodmask;
+                rootGroupPerms &= movemodmask;
-                group |= baseGroupPerms;
+                group |= rootGroupPerms;
-                group &= allmask;
+                if(noBaseTransfer)
+                    group &=~(uint)PermissionMask.Copy;
                uint groupOrEveryone = group;
                if((group & copytransfermast) == 0)
                    group |= (uint)PermissionMask.Transfer;
-                m_EffectiveGroupPerms = group;
+                m_EffectiveGroupPerms = group & owner;
                // recover move
-                baseEveryonePerms &= (uint)PermissionMask.Move;
+                rootEveryonePerms &= (uint)PermissionMask.Move;
-                everyone |= baseEveryonePerms;
+                everyone |= rootEveryonePerms;
-                everyone &= allmask;
+                everyone &= ~(uint)PermissionMask.Modify;
+                if(noBaseTransfer)
+                    everyone &=~(uint)PermissionMask.Copy;
                groupOrEveryone |= everyone;
-                if((everyone & copytransfermast) == 0) // not much sense but as sl
+                if((everyone & copytransfermast) == 0)
                    everyone |= (uint)PermissionMask.Transfer;
-                m_EffectiveEveryOnePerms = everyone;
+                m_EffectiveEveryOnePerms = everyone  & owner;
-                if((groupOrEveryone & copytransfermast) == 0) // not much sense but as sl
+                if((groupOrEveryone & copytransfermast) == 0)
                    groupOrEveryone |= (uint)PermissionMask.Transfer;
-                m_EffectiveGroupOrEveryOnePerms = groupOrEveryone;
+                m_EffectiveGroupOrEveryOnePerms = groupOrEveryone  & owner;
            }
        }
-        // aggregates perms scanning parts, assuming their contents was already aggregated
+        // aggregates perms scanning parts, assuming their contents was already aggregated and cached
+        // ie is AggregateDeepPerms without the part.AggregateInnerPerms() call on parts loop
        public void AggregatePerms()
        {
            lock(PermissionsLock)
@@ -375,55 +385,62 @@ namespace OpenSim.Region.Framework.Scenes
                const uint movemodmask = (uint)(PermissionMask.Move | PermissionMask.Modify);
                const uint copytransfermast = (uint)(PermissionMask.Copy | PermissionMask.Transfer);
-                uint baseOwnerPerms = RootPart.OwnerMask;
+                uint basePerms = (RootPart.BaseMask & allmask) | (uint)PermissionMask.Move;
-                uint owner = baseOwnerPerms;
+                bool noBaseTransfer = (RootPart.OwnerID == RootPart.GroupID &&
-                uint baseGroupPerms = RootPart.GroupMask;
+                        (basePerms & (uint)PermissionMask.Transfer) == 0);
-                uint group = baseGroupPerms;
-                uint baseEveryonePerms = RootPart.EveryoneMask;
+                uint rootOwnerPerms = RootPart.OwnerMask;
-                uint everyone = baseEveryonePerms;
+                uint owner = rootOwnerPerms;
+                uint rootGroupPerms = RootPart.GroupMask;
+                uint group = rootGroupPerms;
+                uint rootEveryonePerms = RootPart.EveryoneMask;
+                uint everyone = rootEveryonePerms;
                SceneObjectPart[] parts = m_parts.GetArray();
                for (int i = 0; i < parts.Length; i++)
                {
                    SceneObjectPart part = parts[i];
-                    part.AggregateInnerPerms();
                    owner &= part.AggregatedInnerOwnerPerms; 
                    group &= part.AggregatedInnerGroupPerms;
                    everyone &= part.AggregatedInnerEveryonePerms;
                }
                // recover modify and move
-                baseOwnerPerms &= movemodmask;
+                rootOwnerPerms &= movemodmask;
-                owner |= baseOwnerPerms;
+                owner |= rootOwnerPerms;
                if((owner & copytransfermast) == 0)
                    owner |= (uint)PermissionMask.Transfer;
-                owner &= allmask;
+                owner &= basePerms;
                m_EffectiveOwnerPerms = owner;
                // recover modify and move
-                baseGroupPerms &= movemodmask;
+                rootGroupPerms &= movemodmask;
-                group |= baseGroupPerms;
+                group |= rootGroupPerms;
-                group &= allmask;
+                if(noBaseTransfer)
+                    group &=~(uint)PermissionMask.Copy;
                uint groupOrEveryone = group;
                if((group & copytransfermast) == 0)
                    group |= (uint)PermissionMask.Transfer;
-                m_EffectiveGroupPerms = group;
+                m_EffectiveGroupPerms = group & owner;
                // recover move
-                baseEveryonePerms &= (uint)PermissionMask.Move;
+                rootEveryonePerms &= (uint)PermissionMask.Move;
-                everyone |= baseEveryonePerms;
+                everyone |= rootEveryonePerms;
-                everyone &= allmask;
+                everyone &= ~(uint)PermissionMask.Modify;
+                if(noBaseTransfer)
+                    everyone &=~(uint)PermissionMask.Copy;
                groupOrEveryone |= everyone;
-                if((everyone & copytransfermast) == 0) // not much sense but as sl
+                if((everyone & copytransfermast) == 0)
                    everyone |= (uint)PermissionMask.Transfer;
-                m_EffectiveEveryOnePerms = everyone;
+                m_EffectiveEveryOnePerms = everyone  & owner;
-                if((groupOrEveryone & copytransfermast) == 0) // not much sense but as sl
+                if((groupOrEveryone & copytransfermast) == 0)
                    groupOrEveryone |= (uint)PermissionMask.Transfer;
-                m_EffectiveGroupOrEveryOnePerms = groupOrEveryone;
+                m_EffectiveGroupOrEveryOnePerms = groupOrEveryone  & owner;
            }
        }
author	UbitUmarov	2017-01-18 21:17:09 +0000
committer	UbitUmarov	2017-01-18 21:17:09 +0000
commit	b23ce04a6e9b620a8b6b78ece58711754bb6c49f (patch)
tree	b30832ea3d339e68142526822b747da04876f82b /OpenSim
parent	antecipate baked cache check and Xbakes requests, so they happen before viewe... (diff)
download	opensim-SC_OLD-b23ce04a6e9b620a8b6b78ece58711754bb6c49f.zip opensim-SC_OLD-b23ce04a6e9b620a8b6b78ece58711754bb6c49f.tar.gz opensim-SC_OLD-b23ce04a6e9b620a8b6b78ece58711754bb6c49f.tar.bz2 opensim-SC_OLD-b23ce04a6e9b620a8b6b78ece58711754bb6c49f.tar.xz

diff --git a/OpenSim/Region/Framework/Scenes/SceneObjectGroup.Inventory.cs b/OpenSim/Region/Framework/Scenes/SceneObjectGroup.Inventory.cs index 5ecf352..b9fa8e4 100644 --- a/OpenSim/Region/Framework/Scenes/SceneObjectGroup.Inventory.cs +++ b/OpenSim/Region/Framework/Scenes/SceneObjectGroup.Inventory.cs
@@ -304,6 +304,7 @@ namespace OpenSim.Region.Framework.Scenes
304	}	304	}
305		305
306	// aggregates perms scanning parts and their contents	306	// aggregates perms scanning parts and their contents
		307	// AggregatePerms does same using cached parts content perms
307	public void AggregateDeepPerms()	308	public void AggregateDeepPerms()
308	{	309	{
309	lock(PermissionsLock)	310	lock(PermissionsLock)
@@ -313,12 +314,16 @@ namespace OpenSim.Region.Framework.Scenes
313	const uint movemodmask = (uint)(PermissionMask.Move \| PermissionMask.Modify);	314	const uint movemodmask = (uint)(PermissionMask.Move \| PermissionMask.Modify);
314	const uint copytransfermast = (uint)(PermissionMask.Copy \| PermissionMask.Transfer);	315	const uint copytransfermast = (uint)(PermissionMask.Copy \| PermissionMask.Transfer);
315		316
316	uint baseOwnerPerms = RootPart.OwnerMask;	317	uint basePerms = (RootPart.BaseMask & allmask) \| (uint)PermissionMask.Move;
317	uint owner = baseOwnerPerms;	318	bool noBaseTransfer = (RootPart.OwnerID != RootPart.GroupID &&
318	uint baseGroupPerms = RootPart.GroupMask;	319	(basePerms & (uint)PermissionMask.Transfer) == 0);
319	uint group = baseGroupPerms;	320
320	uint baseEveryonePerms = RootPart.EveryoneMask;	321	uint rootOwnerPerms = RootPart.OwnerMask;
321	uint everyone = baseEveryonePerms;	322	uint owner = rootOwnerPerms;
		323	uint rootGroupPerms = RootPart.GroupMask;
		324	uint group = rootGroupPerms;
		325	uint rootEveryonePerms = RootPart.EveryoneMask;
		326	uint everyone = rootEveryonePerms;
322		327
323	SceneObjectPart[] parts = m_parts.GetArray();	328	SceneObjectPart[] parts = m_parts.GetArray();
324	for (int i = 0; i < parts.Length; i++)	329	for (int i = 0; i < parts.Length; i++)
@@ -330,42 +335,47 @@ namespace OpenSim.Region.Framework.Scenes
330	everyone &= part.AggregatedInnerEveryonePerms;	335	everyone &= part.AggregatedInnerEveryonePerms;
331	}	336	}
332	// recover modify and move	337	// recover modify and move
333	baseOwnerPerms &= movemodmask;	338	rootOwnerPerms &= movemodmask;
334	owner \|= baseOwnerPerms;	339	owner \|= rootOwnerPerms;
335	if((owner & copytransfermast) == 0)	340	if((owner & copytransfermast) == 0)
336	owner \|= (uint)PermissionMask.Transfer;	341	owner \|= (uint)PermissionMask.Transfer;
337	owner &= allmask;	342
		343	owner &= basePerms;
338	m_EffectiveOwnerPerms = owner;	344	m_EffectiveOwnerPerms = owner;
339		345
340	// recover modify and move	346	// recover modify and move
341	baseGroupPerms &= movemodmask;	347	rootGroupPerms &= movemodmask;
342	group \|= baseGroupPerms;	348	group \|= rootGroupPerms;
343	group &= allmask;	349	if(noBaseTransfer)
		350	group &=~(uint)PermissionMask.Copy;
344		351
345	uint groupOrEveryone = group;	352	uint groupOrEveryone = group;
346		353
347	if((group & copytransfermast) == 0)	354	if((group & copytransfermast) == 0)
348	group \|= (uint)PermissionMask.Transfer;	355	group \|= (uint)PermissionMask.Transfer;
349	m_EffectiveGroupPerms = group;	356	m_EffectiveGroupPerms = group & owner;
350		357
351	// recover move	358	// recover move
352	baseEveryonePerms &= (uint)PermissionMask.Move;	359	rootEveryonePerms &= (uint)PermissionMask.Move;
353	everyone \|= baseEveryonePerms;	360	everyone \|= rootEveryonePerms;
354	everyone &= allmask;	361	everyone &= ~(uint)PermissionMask.Modify;
		362	if(noBaseTransfer)
		363	everyone &=~(uint)PermissionMask.Copy;
355		364
356	groupOrEveryone \|= everyone;	365	groupOrEveryone \|= everyone;
357		366
358	if((everyone & copytransfermast) == 0) // not much sense but as sl	367	if((everyone & copytransfermast) == 0)
359	everyone \|= (uint)PermissionMask.Transfer;	368	everyone \|= (uint)PermissionMask.Transfer;
360	m_EffectiveEveryOnePerms = everyone;	369	m_EffectiveEveryOnePerms = everyone & owner;
361		370
362	if((groupOrEveryone & copytransfermast) == 0) // not much sense but as sl	371	if((groupOrEveryone & copytransfermast) == 0)
363	groupOrEveryone \|= (uint)PermissionMask.Transfer;	372	groupOrEveryone \|= (uint)PermissionMask.Transfer;
364	m_EffectiveGroupOrEveryOnePerms = groupOrEveryone;	373	m_EffectiveGroupOrEveryOnePerms = groupOrEveryone & owner;
365	}	374	}
366	}	375	}
367		376
368	// aggregates perms scanning parts, assuming their contents was already aggregated	377	// aggregates perms scanning parts, assuming their contents was already aggregated and cached
		378	// ie is AggregateDeepPerms without the part.AggregateInnerPerms() call on parts loop
369	public void AggregatePerms()	379	public void AggregatePerms()
370	{	380	{
371	lock(PermissionsLock)	381	lock(PermissionsLock)
@@ -375,55 +385,62 @@ namespace OpenSim.Region.Framework.Scenes
375	const uint movemodmask = (uint)(PermissionMask.Move \| PermissionMask.Modify);	385	const uint movemodmask = (uint)(PermissionMask.Move \| PermissionMask.Modify);
376	const uint copytransfermast = (uint)(PermissionMask.Copy \| PermissionMask.Transfer);	386	const uint copytransfermast = (uint)(PermissionMask.Copy \| PermissionMask.Transfer);
377		387
378	uint baseOwnerPerms = RootPart.OwnerMask;	388	uint basePerms = (RootPart.BaseMask & allmask) \| (uint)PermissionMask.Move;
379	uint owner = baseOwnerPerms;	389	bool noBaseTransfer = (RootPart.OwnerID == RootPart.GroupID &&
380	uint baseGroupPerms = RootPart.GroupMask;	390	(basePerms & (uint)PermissionMask.Transfer) == 0);
381	uint group = baseGroupPerms;	391
382	uint baseEveryonePerms = RootPart.EveryoneMask;	392	uint rootOwnerPerms = RootPart.OwnerMask;
383	uint everyone = baseEveryonePerms;	393	uint owner = rootOwnerPerms;
		394	uint rootGroupPerms = RootPart.GroupMask;
		395	uint group = rootGroupPerms;
		396	uint rootEveryonePerms = RootPart.EveryoneMask;
		397	uint everyone = rootEveryonePerms;
384		398
385	SceneObjectPart[] parts = m_parts.GetArray();	399	SceneObjectPart[] parts = m_parts.GetArray();
386	for (int i = 0; i < parts.Length; i++)	400	for (int i = 0; i < parts.Length; i++)
387	{	401	{
388	SceneObjectPart part = parts[i];	402	SceneObjectPart part = parts[i];
389	part.AggregateInnerPerms();
390	owner &= part.AggregatedInnerOwnerPerms;	403	owner &= part.AggregatedInnerOwnerPerms;
391	group &= part.AggregatedInnerGroupPerms;	404	group &= part.AggregatedInnerGroupPerms;
392	everyone &= part.AggregatedInnerEveryonePerms;	405	everyone &= part.AggregatedInnerEveryonePerms;
393	}	406	}
394	// recover modify and move	407	// recover modify and move
395	baseOwnerPerms &= movemodmask;	408	rootOwnerPerms &= movemodmask;
396	owner \|= baseOwnerPerms;	409	owner \|= rootOwnerPerms;
397	if((owner & copytransfermast) == 0)	410	if((owner & copytransfermast) == 0)
398	owner \|= (uint)PermissionMask.Transfer;	411	owner \|= (uint)PermissionMask.Transfer;
399	owner &= allmask;	412
		413	owner &= basePerms;
400	m_EffectiveOwnerPerms = owner;	414	m_EffectiveOwnerPerms = owner;
401		415
402	// recover modify and move	416	// recover modify and move
403	baseGroupPerms &= movemodmask;	417	rootGroupPerms &= movemodmask;
404	group \|= baseGroupPerms;	418	group \|= rootGroupPerms;
405	group &= allmask;	419	if(noBaseTransfer)
		420	group &=~(uint)PermissionMask.Copy;
406		421
407	uint groupOrEveryone = group;	422	uint groupOrEveryone = group;
408		423
409	if((group & copytransfermast) == 0)	424	if((group & copytransfermast) == 0)
410	group \|= (uint)PermissionMask.Transfer;	425	group \|= (uint)PermissionMask.Transfer;
411	m_EffectiveGroupPerms = group;	426	m_EffectiveGroupPerms = group & owner;
412		427
413	// recover move	428	// recover move
414	baseEveryonePerms &= (uint)PermissionMask.Move;	429	rootEveryonePerms &= (uint)PermissionMask.Move;
415	everyone \|= baseEveryonePerms;	430	everyone \|= rootEveryonePerms;
416	everyone &= allmask;	431	everyone &= ~(uint)PermissionMask.Modify;
		432	if(noBaseTransfer)
		433	everyone &=~(uint)PermissionMask.Copy;
417		434
418	groupOrEveryone \|= everyone;	435	groupOrEveryone \|= everyone;
419		436
420	if((everyone & copytransfermast) == 0) // not much sense but as sl	437	if((everyone & copytransfermast) == 0)
421	everyone \|= (uint)PermissionMask.Transfer;	438	everyone \|= (uint)PermissionMask.Transfer;
422	m_EffectiveEveryOnePerms = everyone;	439	m_EffectiveEveryOnePerms = everyone & owner;
423		440
424	if((groupOrEveryone & copytransfermast) == 0) // not much sense but as sl	441	if((groupOrEveryone & copytransfermast) == 0)
425	groupOrEveryone \|= (uint)PermissionMask.Transfer;	442	groupOrEveryone \|= (uint)PermissionMask.Transfer;
426	m_EffectiveGroupOrEveryOnePerms = groupOrEveryone;	443	m_EffectiveGroupOrEveryOnePerms = groupOrEveryone & owner;
427	}	444	}
428	}	445	}
429		446