aboutsummaryrefslogtreecommitdiffstatshomepage
diff options
context:
space:
mode:
-rw-r--r--OpenSim/Framework/AssetPermissions.cs81
-rw-r--r--OpenSim/Region/CoreModules/Framework/InventoryAccess/HGAssetMapper.cs2
-rw-r--r--OpenSim/Region/CoreModules/ServiceConnectorsOut/Asset/HGAssetBroker.cs23
-rw-r--r--OpenSim/Services/HypergridService/HGAssetService.cs65
-rw-r--r--bin/Robust.HG.ini.example10
-rw-r--r--bin/config-include/GridCommon.ini.example20
-rw-r--r--bin/config-include/StandaloneCommon.ini.example10
7 files changed, 135 insertions, 76 deletions
diff --git a/OpenSim/Framework/AssetPermissions.cs b/OpenSim/Framework/AssetPermissions.cs
new file mode 100644
index 0000000..d276def
--- /dev/null
+++ b/OpenSim/Framework/AssetPermissions.cs
@@ -0,0 +1,81 @@
1using System;
2using System.Collections.Generic;
3using System.Reflection;
4
5using Nini.Config;
6using log4net;
7
8using OpenMetaverse;
9
10namespace OpenSim.Framework
11{
12 public class AssetPermissions
13 {
14 private static readonly ILog m_log =
15 LogManager.GetLogger(
16 MethodBase.GetCurrentMethod().DeclaringType);
17
18 private bool[] m_DisallowExport, m_DisallowImport;
19 private string[] m_AssetTypeNames;
20
21 public AssetPermissions(IConfig config)
22 {
23 Type enumType = typeof(AssetType);
24 m_AssetTypeNames = Enum.GetNames(enumType);
25 for (int i = 0; i < m_AssetTypeNames.Length; i++)
26 m_AssetTypeNames[i] = m_AssetTypeNames[i].ToLower();
27 int n = Enum.GetValues(enumType).Length;
28 m_DisallowExport = new bool[n];
29 m_DisallowImport = new bool[n];
30
31 LoadPermsFromConfig(config, "DisallowExport", m_DisallowExport);
32 LoadPermsFromConfig(config, "DisallowImport", m_DisallowImport);
33
34 }
35
36 private void LoadPermsFromConfig(IConfig assetConfig, string variable, bool[] bitArray)
37 {
38 string perms = assetConfig.GetString(variable, String.Empty);
39 string[] parts = perms.Split(new char[] { ',' }, StringSplitOptions.RemoveEmptyEntries);
40 foreach (string s in parts)
41 {
42 int index = Array.IndexOf(m_AssetTypeNames, s.Trim().ToLower());
43 if (index >= 0)
44 bitArray[index] = true;
45 else
46 m_log.WarnFormat("[Asset Permissions]: Invalid AssetType {0}", s);
47 }
48
49 }
50
51 public bool AllowedExport(sbyte type)
52 {
53 string assetTypeName = ((AssetType)type).ToString();
54
55 int index = Array.IndexOf(m_AssetTypeNames, assetTypeName.ToLower());
56 if (index >= 0 && m_DisallowExport[index])
57 {
58 m_log.DebugFormat("[Asset Permissions]: Export denied: configuration does not allow export of AssetType {0}", assetTypeName);
59 return false;
60 }
61
62 return true;
63 }
64
65 public bool AllowedImport(sbyte type)
66 {
67 string assetTypeName = ((AssetType)type).ToString();
68
69 int index = Array.IndexOf(m_AssetTypeNames, assetTypeName.ToLower());
70 if (index >= 0 && m_DisallowImport[index])
71 {
72 m_log.DebugFormat("[Asset Permissions]: Import denied: configuration does not allow import of AssetType {0}", assetTypeName);
73 return false;
74 }
75
76 return true;
77 }
78
79
80 }
81}
diff --git a/OpenSim/Region/CoreModules/Framework/InventoryAccess/HGAssetMapper.cs b/OpenSim/Region/CoreModules/Framework/InventoryAccess/HGAssetMapper.cs
index fcecbbc..144cc87 100644
--- a/OpenSim/Region/CoreModules/Framework/InventoryAccess/HGAssetMapper.cs
+++ b/OpenSim/Region/CoreModules/Framework/InventoryAccess/HGAssetMapper.cs
@@ -113,7 +113,7 @@ namespace OpenSim.Region.CoreModules.Framework.InventoryAccess
113 asset1.Data = asset.Data; 113 asset1.Data = asset.Data;
114 114
115 string id = m_scene.AssetService.Store(asset1); 115 string id = m_scene.AssetService.Store(asset1);
116 if (id == UUID.Zero.ToString()) 116 if (id == string.Empty)
117 { 117 {
118 m_log.DebugFormat("[HG ASSET MAPPER]: Asset server {0} did not accept {1}", url, asset.ID); 118 m_log.DebugFormat("[HG ASSET MAPPER]: Asset server {0} did not accept {1}", url, asset.ID);
119 success = false; 119 success = false;
diff --git a/OpenSim/Region/CoreModules/ServiceConnectorsOut/Asset/HGAssetBroker.cs b/OpenSim/Region/CoreModules/ServiceConnectorsOut/Asset/HGAssetBroker.cs
index 008465f..0456852 100644
--- a/OpenSim/Region/CoreModules/ServiceConnectorsOut/Asset/HGAssetBroker.cs
+++ b/OpenSim/Region/CoreModules/ServiceConnectorsOut/Asset/HGAssetBroker.cs
@@ -56,6 +56,8 @@ namespace OpenSim.Region.CoreModules.ServiceConnectorsOut.Asset
56 56
57 private bool m_Enabled = false; 57 private bool m_Enabled = false;
58 58
59 private AssetPermissions m_AssetPerms;
60
59 public Type ReplaceableInterface 61 public Type ReplaceableInterface
60 { 62 {
61 get { return null; } 63 get { return null; }
@@ -128,6 +130,9 @@ namespace OpenSim.Region.CoreModules.ServiceConnectorsOut.Asset
128 if (m_LocalAssetServiceURI != string.Empty) 130 if (m_LocalAssetServiceURI != string.Empty)
129 m_LocalAssetServiceURI = m_LocalAssetServiceURI.Trim('/'); 131 m_LocalAssetServiceURI = m_LocalAssetServiceURI.Trim('/');
130 132
133 IConfig hgConfig = source.Configs["HGAssetService"];
134 m_AssetPerms = new AssetPermissions(hgConfig);
135
131 m_Enabled = true; 136 m_Enabled = true;
132 m_log.Info("[HG ASSET CONNECTOR]: HG asset broker enabled"); 137 m_log.Info("[HG ASSET CONNECTOR]: HG asset broker enabled");
133 } 138 }
@@ -206,14 +211,11 @@ namespace OpenSim.Region.CoreModules.ServiceConnectorsOut.Asset
206 asset = m_HGService.Get(id); 211 asset = m_HGService.Get(id);
207 if (asset != null) 212 if (asset != null)
208 { 213 {
209 // Now store it locally 214 // Now store it locally, if allowed
210 // For now, let me just do it for textures and scripts 215 if (m_AssetPerms.AllowedImport(asset.Type))
211 if (((AssetType)asset.Type == AssetType.Texture) ||
212 ((AssetType)asset.Type == AssetType.LSLBytecode) ||
213 ((AssetType)asset.Type == AssetType.LSLText))
214 {
215 m_GridService.Store(asset); 216 m_GridService.Store(asset);
216 } 217 else
218 return null;
217 } 219 }
218 } 220 }
219 else 221 else
@@ -328,7 +330,12 @@ namespace OpenSim.Region.CoreModules.ServiceConnectorsOut.Asset
328 330
329 string id = string.Empty; 331 string id = string.Empty;
330 if (IsHG(asset.ID)) 332 if (IsHG(asset.ID))
331 id = m_HGService.Store(asset); 333 {
334 if (m_AssetPerms.AllowedExport(asset.Type))
335 id = m_HGService.Store(asset);
336 else
337 return String.Empty;
338 }
332 else 339 else
333 id = m_GridService.Store(asset); 340 id = m_GridService.Store(asset);
334 341
diff --git a/OpenSim/Services/HypergridService/HGAssetService.cs b/OpenSim/Services/HypergridService/HGAssetService.cs
index d6541c4..84dec8d 100644
--- a/OpenSim/Services/HypergridService/HGAssetService.cs
+++ b/OpenSim/Services/HypergridService/HGAssetService.cs
@@ -58,8 +58,7 @@ namespace OpenSim.Services.HypergridService
58 58
59 private UserAccountCache m_Cache; 59 private UserAccountCache m_Cache;
60 60
61 private bool[] m_DisallowGET, m_DisallowPOST; 61 private AssetPermissions m_AssetPerms;
62 private string[] m_AssetTypeNames;
63 62
64 public HGAssetService(IConfigSource config, string configName) : base(config, configName) 63 public HGAssetService(IConfigSource config, string configName) : base(config, configName)
65 { 64 {
@@ -85,31 +84,7 @@ namespace OpenSim.Services.HypergridService
85 m_Cache = UserAccountCache.CreateUserAccountCache(m_UserAccountService); 84 m_Cache = UserAccountCache.CreateUserAccountCache(m_UserAccountService);
86 85
87 // Permissions 86 // Permissions
88 Type enumType = typeof(AssetType); 87 m_AssetPerms = new AssetPermissions(assetConfig);
89 m_AssetTypeNames = Enum.GetNames(enumType);
90 for (int i = 0; i < m_AssetTypeNames.Length; i++)
91 m_AssetTypeNames[i] = m_AssetTypeNames[i].ToLower();
92 int n = Enum.GetValues(enumType).Length;
93 m_DisallowGET = new bool[n];
94 m_DisallowPOST = new bool[n];
95
96 LoadPermsFromConfig(assetConfig, "DisallowGET", m_DisallowGET);
97 LoadPermsFromConfig(assetConfig, "DisallowPOST", m_DisallowPOST);
98
99 }
100
101 private void LoadPermsFromConfig(IConfig assetConfig, string variable, bool[] bitArray)
102 {
103 string perms = assetConfig.GetString(variable, String.Empty);
104 string[] parts = perms.Split(new char[] {','}, StringSplitOptions.RemoveEmptyEntries);
105 foreach (string s in parts)
106 {
107 int index = Array.IndexOf(m_AssetTypeNames, s.Trim().ToLower());
108 if (index >= 0)
109 bitArray[index] = true;
110 else
111 m_log.WarnFormat("[HGAsset Service]: Invalid AssetType {0}", s);
112 }
113 88
114 } 89 }
115 90
@@ -121,7 +96,7 @@ namespace OpenSim.Services.HypergridService
121 if (asset == null) 96 if (asset == null)
122 return null; 97 return null;
123 98
124 if (!AllowedGet(asset.Type)) 99 if (!m_AssetPerms.AllowedExport(asset.Type))
125 return null; 100 return null;
126 101
127 if (asset.Metadata.Type == (sbyte)AssetType.Object) 102 if (asset.Metadata.Type == (sbyte)AssetType.Object)
@@ -151,7 +126,7 @@ namespace OpenSim.Services.HypergridService
151 if (asset == null) 126 if (asset == null)
152 return null; 127 return null;
153 128
154 if (!AllowedGet(asset.Type)) 129 if (!m_AssetPerms.AllowedExport(asset.Type))
155 return null; 130 return null;
156 131
157 return asset.Data; 132 return asset.Data;
@@ -161,8 +136,8 @@ namespace OpenSim.Services.HypergridService
161 136
162 public override string Store(AssetBase asset) 137 public override string Store(AssetBase asset)
163 { 138 {
164 if (!AllowedPost(asset.Type)) 139 if (!m_AssetPerms.AllowedImport(asset.Type))
165 return UUID.Zero.ToString(); 140 return string.Empty;
166 141
167 return base.Store(asset); 142 return base.Store(asset);
168 } 143 }
@@ -175,34 +150,6 @@ namespace OpenSim.Services.HypergridService
175 150
176 #endregion 151 #endregion
177 152
178 protected bool AllowedGet(sbyte type)
179 {
180 string assetTypeName = ((AssetType)type).ToString();
181
182 int index = Array.IndexOf(m_AssetTypeNames, assetTypeName.ToLower());
183 if (index >= 0 && m_DisallowGET[index])
184 {
185 m_log.DebugFormat("[HGAsset Service]: GET denied: service does not allow export of AssetType {0}", assetTypeName);
186 return false;
187 }
188
189 return true;
190 }
191
192 protected bool AllowedPost(sbyte type)
193 {
194 string assetTypeName = ((AssetType)type).ToString();
195
196 int index = Array.IndexOf(m_AssetTypeNames, assetTypeName.ToLower());
197 if (index >= 0 && m_DisallowPOST[index])
198 {
199 m_log.DebugFormat("[HGAsset Service]: POST denied: service does not allow import of AssetType {0}", assetTypeName);
200 return false;
201 }
202
203 return true;
204 }
205
206 protected void AdjustIdentifiers(AssetMetadata meta) 153 protected void AdjustIdentifiers(AssetMetadata meta)
207 { 154 {
208 if (meta == null || m_Cache == null) 155 if (meta == null || m_Cache == null)
diff --git a/bin/Robust.HG.ini.example b/bin/Robust.HG.ini.example
index 8218b14..afb3f6f 100644
--- a/bin/Robust.HG.ini.example
+++ b/bin/Robust.HG.ini.example
@@ -437,15 +437,17 @@ ServiceConnectors = "8003/OpenSim.Server.Handlers.dll:AssetServiceConnector,8003
437 UserAccountsService = "OpenSim.Services.UserAccountService.dll:UserAccountService" 437 UserAccountsService = "OpenSim.Services.UserAccountService.dll:UserAccountService"
438 HomeURI = "http://127.0.0.1:8002" 438 HomeURI = "http://127.0.0.1:8002"
439 439
440 ;; The asset types that other grids can get from / post to this service. 440 ;; The asset types that this grid can export to / import from other grids.
441 ;; Comma separated.
441 ;; Valid values are all the asset types in OpenMetaverse.AssetType, namely: 442 ;; Valid values are all the asset types in OpenMetaverse.AssetType, namely:
442 ;; Unknown, Texture, Sound, CallingCard, Landmark, Clothing, Object, Notecard, LSLText, LSLBytecode, TextureTGA, Bodypart, SoundWAV, ImageTGA, ImageJPEG, Animation, Gesture, Mesh 443 ;; Unknown, Texture, Sound, CallingCard, Landmark, Clothing, Object, Notecard, LSLText,
444 ;; LSLBytecode, TextureTGA, Bodypart, SoundWAV, ImageTGA, ImageJPEG, Animation, Gesture, Mesh
443 ;; 445 ;;
444 ;; Leave blank or commented if you don't want to apply any restrictions. 446 ;; Leave blank or commented if you don't want to apply any restrictions.
445 ;; A more strict, but still reasonable, policy may be to disallow the exchange 447 ;; A more strict, but still reasonable, policy may be to disallow the exchange
446 ;; of scripts, like so: 448 ;; of scripts, like so:
447 ; DisallowGET ="LSLText" 449 ; DisallowExport ="LSLText"
448 ; DisallowPOST ="LSLBytecode" 450 ; DisallowImport ="LSLBytecode"
449 451
450[HGFriendsService] 452[HGFriendsService]
451 LocalServiceModule = "OpenSim.Services.HypergridService.dll:HGFriendsService" 453 LocalServiceModule = "OpenSim.Services.HypergridService.dll:HGFriendsService"
diff --git a/bin/config-include/GridCommon.ini.example b/bin/config-include/GridCommon.ini.example
index 8d7f6fc..79f7ed6 100644
--- a/bin/config-include/GridCommon.ini.example
+++ b/bin/config-include/GridCommon.ini.example
@@ -137,6 +137,26 @@
137 ;; uncomment the next line. You may want to do this on sims that have licensed content. 137 ;; uncomment the next line. You may want to do this on sims that have licensed content.
138 ; OutboundPermission = False 138 ; OutboundPermission = False
139 139
140[HGAssetService]
141 ;
142 ; === HG ONLY ===
143 ; Change this to your server
144 ; accessible from other grids
145 ;
146 HomeURI = "http://mygridserver.com:8002"
147
148 ;; The asset types that this grid can export to / import from other grids.
149 ;; Comma separated.
150 ;; Valid values are all the asset types in OpenMetaverse.AssetType, namely:
151 ;; Unknown, Texture, Sound, CallingCard, Landmark, Clothing, Object, Notecard, LSLText,
152 ;; LSLBytecode, TextureTGA, Bodypart, SoundWAV, ImageTGA, ImageJPEG, Animation, Gesture, Mesh
153 ;;
154 ;; Leave blank or commented if you don't want to apply any restrictions.
155 ;; A more strict, but still reasonable, policy may be to disallow the exchange
156 ;; of scripts, like so:
157 ; DisallowExport ="LSLText"
158 ; DisallowImport ="LSLBytecode"
159
140[HGFriendsModule] 160[HGFriendsModule]
141 ; User level required to be able to send friendship invitations to foreign users 161 ; User level required to be able to send friendship invitations to foreign users
142 ;LevelHGFriends = 0; 162 ;LevelHGFriends = 0;
diff --git a/bin/config-include/StandaloneCommon.ini.example b/bin/config-include/StandaloneCommon.ini.example
index d8ecba8..048710a 100644
--- a/bin/config-include/StandaloneCommon.ini.example
+++ b/bin/config-include/StandaloneCommon.ini.example
@@ -53,15 +53,17 @@
53[HGAssetService] 53[HGAssetService]
54 HomeURI = "http://127.0.0.1:9000" 54 HomeURI = "http://127.0.0.1:9000"
55 55
56 ;; The asset types that other grids can get from / post to this service. 56 ;; The asset types that this grid can export to / import from other grids.
57 ;; Comma separated.
57 ;; Valid values are all the asset types in OpenMetaverse.AssetType, namely: 58 ;; Valid values are all the asset types in OpenMetaverse.AssetType, namely:
58 ;; Unknown, Texture, Sound, CallingCard, Landmark, Clothing, Object, Notecard, LSLText, LSLBytecode, TextureTGA, Bodypart, SoundWAV, ImageTGA, ImageJPEG, Animation, Gesture, Mesh 59 ;; Unknown, Texture, Sound, CallingCard, Landmark, Clothing, Object, Notecard, LSLText,
60 ;; LSLBytecode, TextureTGA, Bodypart, SoundWAV, ImageTGA, ImageJPEG, Animation, Gesture, Mesh
59 ;; 61 ;;
60 ;; Leave blank or commented if you don't want to apply any restrictions. 62 ;; Leave blank or commented if you don't want to apply any restrictions.
61 ;; A more strict, but still reasonable, policy may be to disallow the exchange 63 ;; A more strict, but still reasonable, policy may be to disallow the exchange
62 ;; of scripts, like so: 64 ;; of scripts, like so:
63 ; DisallowGET ="LSLText" 65 ; DisallowExport ="LSLText"
64 ; DisallowPOST ="LSLBytecode" 66 ; DisallowImport ="LSLBytecode"
65 67
66 68
67[HGInventoryAccessModule] 69[HGInventoryAccessModule]