diff options
Diffstat (limited to 'OpenSim/ApplicationPlugins/Rest/Inventory/RestInventoryServices.cs')
| -rw-r--r-- | OpenSim/ApplicationPlugins/Rest/Inventory/RestInventoryServices.cs | 400 |
1 files changed, 201 insertions, 199 deletions
diff --git a/OpenSim/ApplicationPlugins/Rest/Inventory/RestInventoryServices.cs b/OpenSim/ApplicationPlugins/Rest/Inventory/RestInventoryServices.cs index 01bfe00..10f387d 100644 --- a/OpenSim/ApplicationPlugins/Rest/Inventory/RestInventoryServices.cs +++ b/OpenSim/ApplicationPlugins/Rest/Inventory/RestInventoryServices.cs | |||
| @@ -36,7 +36,7 @@ using System.Xml; | |||
| 36 | using OpenMetaverse; | 36 | using OpenMetaverse; |
| 37 | using OpenMetaverse.Imaging; | 37 | using OpenMetaverse.Imaging; |
| 38 | using OpenSim.Framework; | 38 | using OpenSim.Framework; |
| 39 | using OpenSim.Framework.Communications.Cache; | 39 | |
| 40 | using OpenSim.Framework.Servers; | 40 | using OpenSim.Framework.Servers; |
| 41 | using OpenSim.Framework.Servers.HttpServer; | 41 | using OpenSim.Framework.Servers.HttpServer; |
| 42 | using Timer=System.Timers.Timer; | 42 | using Timer=System.Timers.Timer; |
| @@ -143,203 +143,205 @@ namespace OpenSim.ApplicationPlugins.Rest.Inventory | |||
| 143 | 143 | ||
| 144 | Rest.Log.DebugFormat("{0} DoInventory ENTRY", MsgId); | 144 | Rest.Log.DebugFormat("{0} DoInventory ENTRY", MsgId); |
| 145 | 145 | ||
| 146 | // If we're disabled, do nothing. | 146 | // !!! REFACTORING PROBLEM |
| 147 | 147 | ||
| 148 | if (!enabled) | 148 | //// If we're disabled, do nothing. |
| 149 | { | 149 | |
| 150 | return; | 150 | //if (!enabled) |
| 151 | } | 151 | //{ |
| 152 | 152 | // return; | |
| 153 | // Now that we know this is a serious attempt to | 153 | //} |
| 154 | // access inventory data, we should find out who | 154 | |
| 155 | // is asking, and make sure they are authorized | 155 | //// Now that we know this is a serious attempt to |
| 156 | // to do so. We need to validate the caller's | 156 | //// access inventory data, we should find out who |
| 157 | // identity before revealing anything about the | 157 | //// is asking, and make sure they are authorized |
| 158 | // status quo. Authenticate throws an exception | 158 | //// to do so. We need to validate the caller's |
| 159 | // via Fail if no identity information is present. | 159 | //// identity before revealing anything about the |
| 160 | // | 160 | //// status quo. Authenticate throws an exception |
| 161 | // With the present HTTP server we can't use the | 161 | //// via Fail if no identity information is present. |
| 162 | // builtin authentication mechanisms because they | 162 | //// |
| 163 | // would be enforced for all in-bound requests. | 163 | //// With the present HTTP server we can't use the |
| 164 | // Instead we look at the headers ourselves and | 164 | //// builtin authentication mechanisms because they |
| 165 | // handle authentication directly. | 165 | //// would be enforced for all in-bound requests. |
| 166 | 166 | //// Instead we look at the headers ourselves and | |
| 167 | try | 167 | //// handle authentication directly. |
| 168 | { | 168 | |
| 169 | if (!rdata.IsAuthenticated) | 169 | //try |
| 170 | { | 170 | //{ |
| 171 | rdata.Fail(Rest.HttpStatusCodeNotAuthorized,String.Format("user \"{0}\" could not be authenticated", rdata.userName)); | 171 | // if (!rdata.IsAuthenticated) |
| 172 | } | 172 | // { |
| 173 | } | 173 | // rdata.Fail(Rest.HttpStatusCodeNotAuthorized,String.Format("user \"{0}\" could not be authenticated", rdata.userName)); |
| 174 | catch (RestException e) | 174 | // } |
| 175 | { | 175 | //} |
| 176 | if (e.statusCode == Rest.HttpStatusCodeNotAuthorized) | 176 | //catch (RestException e) |
| 177 | { | 177 | //{ |
| 178 | Rest.Log.WarnFormat("{0} User not authenticated", MsgId); | 178 | // if (e.statusCode == Rest.HttpStatusCodeNotAuthorized) |
| 179 | Rest.Log.DebugFormat("{0} Authorization header: {1}", MsgId, rdata.request.Headers.Get("Authorization")); | 179 | // { |
| 180 | } | 180 | // Rest.Log.WarnFormat("{0} User not authenticated", MsgId); |
| 181 | else | 181 | // Rest.Log.DebugFormat("{0} Authorization header: {1}", MsgId, rdata.request.Headers.Get("Authorization")); |
| 182 | { | 182 | // } |
| 183 | Rest.Log.ErrorFormat("{0} User authentication failed", MsgId); | 183 | // else |
| 184 | Rest.Log.DebugFormat("{0} Authorization header: {1}", MsgId, rdata.request.Headers.Get("Authorization")); | 184 | // { |
| 185 | } | 185 | // Rest.Log.ErrorFormat("{0} User authentication failed", MsgId); |
| 186 | throw (e); | 186 | // Rest.Log.DebugFormat("{0} Authorization header: {1}", MsgId, rdata.request.Headers.Get("Authorization")); |
| 187 | } | 187 | // } |
| 188 | 188 | // throw (e); | |
| 189 | Rest.Log.DebugFormat("{0} Authenticated {1}", MsgId, rdata.userName); | 189 | //} |
| 190 | 190 | ||
| 191 | // We can only get here if we are authorized | 191 | //Rest.Log.DebugFormat("{0} Authenticated {1}", MsgId, rdata.userName); |
| 192 | // | 192 | |
| 193 | // The requestor may have specified an UUID or | 193 | //// We can only get here if we are authorized |
| 194 | // a conjoined FirstName LastName string. We'll | 194 | //// |
| 195 | // try both. If we fail with the first, UUID, | 195 | //// The requestor may have specified an UUID or |
| 196 | // attempt, we try the other. As an example, the | 196 | //// a conjoined FirstName LastName string. We'll |
| 197 | // URI for a valid inventory request might be: | 197 | //// try both. If we fail with the first, UUID, |
| 198 | // | 198 | //// attempt, we try the other. As an example, the |
| 199 | // http://<host>:<port>/admin/inventory/Arthur Dent | 199 | //// URI for a valid inventory request might be: |
| 200 | // | 200 | //// |
| 201 | // Indicating that this is an inventory request for | 201 | //// http://<host>:<port>/admin/inventory/Arthur Dent |
| 202 | // an avatar named Arthur Dent. This is ALL that is | 202 | //// |
| 203 | // required to designate a GET for an entire | 203 | //// Indicating that this is an inventory request for |
| 204 | // inventory. | 204 | //// an avatar named Arthur Dent. This is ALL that is |
| 205 | // | 205 | //// required to designate a GET for an entire |
| 206 | 206 | //// inventory. | |
| 207 | 207 | //// | |
| 208 | // Do we have at least a user agent name? | 208 | |
| 209 | 209 | ||
| 210 | if (rdata.Parameters.Length < 1) | 210 | //// Do we have at least a user agent name? |
| 211 | { | 211 | |
| 212 | Rest.Log.WarnFormat("{0} Inventory: No user agent identifier specified", MsgId); | 212 | //if (rdata.Parameters.Length < 1) |
| 213 | rdata.Fail(Rest.HttpStatusCodeBadRequest, "no user identity specified"); | 213 | //{ |
| 214 | } | 214 | // Rest.Log.WarnFormat("{0} Inventory: No user agent identifier specified", MsgId); |
| 215 | 215 | // rdata.Fail(Rest.HttpStatusCodeBadRequest, "no user identity specified"); | |
| 216 | // The first parameter MUST be the agent identification, either an UUID | 216 | //} |
| 217 | // or a space-separated First-name Last-Name specification. We check for | 217 | |
| 218 | // an UUID first, if anyone names their character using a valid UUID | 218 | //// The first parameter MUST be the agent identification, either an UUID |
| 219 | // that identifies another existing avatar will cause this a problem... | 219 | //// or a space-separated First-name Last-Name specification. We check for |
| 220 | 220 | //// an UUID first, if anyone names their character using a valid UUID | |
| 221 | try | 221 | //// that identifies another existing avatar will cause this a problem... |
| 222 | { | 222 | |
| 223 | rdata.uuid = new UUID(rdata.Parameters[PARM_USERID]); | 223 | //try |
| 224 | Rest.Log.DebugFormat("{0} UUID supplied", MsgId); | 224 | //{ |
| 225 | rdata.userProfile = Rest.UserServices.GetUserProfile(rdata.uuid); | 225 | // rdata.uuid = new UUID(rdata.Parameters[PARM_USERID]); |
| 226 | } | 226 | // Rest.Log.DebugFormat("{0} UUID supplied", MsgId); |
| 227 | catch | 227 | // rdata.userProfile = Rest.UserServices.GetUserProfile(rdata.uuid); |
| 228 | { | 228 | //} |
| 229 | string[] names = rdata.Parameters[PARM_USERID].Split(Rest.CA_SPACE); | 229 | //catch |
| 230 | if (names.Length == 2) | 230 | //{ |
| 231 | { | 231 | // string[] names = rdata.Parameters[PARM_USERID].Split(Rest.CA_SPACE); |
| 232 | Rest.Log.DebugFormat("{0} Agent Name supplied [2]", MsgId); | 232 | // if (names.Length == 2) |
| 233 | rdata.userProfile = Rest.UserServices.GetUserProfile(names[0],names[1]); | 233 | // { |
| 234 | } | 234 | // Rest.Log.DebugFormat("{0} Agent Name supplied [2]", MsgId); |
| 235 | else | 235 | // rdata.userProfile = Rest.UserServices.GetUserProfile(names[0],names[1]); |
| 236 | { | 236 | // } |
| 237 | Rest.Log.WarnFormat("{0} A Valid UUID or both first and last names must be specified", MsgId); | 237 | // else |
| 238 | rdata.Fail(Rest.HttpStatusCodeBadRequest, "invalid user identity"); | 238 | // { |
| 239 | } | 239 | // Rest.Log.WarnFormat("{0} A Valid UUID or both first and last names must be specified", MsgId); |
| 240 | } | 240 | // rdata.Fail(Rest.HttpStatusCodeBadRequest, "invalid user identity"); |
| 241 | 241 | // } | |
| 242 | // If the user profile is null then either the server is broken, or the | 242 | //} |
| 243 | // user is not known. We always assume the latter case. | 243 | |
| 244 | 244 | //// If the user profile is null then either the server is broken, or the | |
| 245 | if (rdata.userProfile != null) | 245 | //// user is not known. We always assume the latter case. |
| 246 | { | 246 | |
| 247 | Rest.Log.DebugFormat("{0} Profile obtained for agent {1} {2}", | 247 | //if (rdata.userProfile != null) |
| 248 | MsgId, rdata.userProfile.FirstName, rdata.userProfile.SurName); | 248 | //{ |
| 249 | } | 249 | // Rest.Log.DebugFormat("{0} Profile obtained for agent {1} {2}", |
| 250 | else | 250 | // MsgId, rdata.userProfile.FirstName, rdata.userProfile.SurName); |
| 251 | { | 251 | //} |
| 252 | Rest.Log.WarnFormat("{0} No profile for {1}", MsgId, rdata.path); | 252 | //else |
| 253 | rdata.Fail(Rest.HttpStatusCodeNotFound, "unrecognized user identity"); | 253 | //{ |
| 254 | } | 254 | // Rest.Log.WarnFormat("{0} No profile for {1}", MsgId, rdata.path); |
| 255 | 255 | // rdata.Fail(Rest.HttpStatusCodeNotFound, "unrecognized user identity"); | |
| 256 | // If we get to here, then we have effectively validated the user's | 256 | //} |
| 257 | // identity. Now we need to get the inventory. If the server does not | 257 | |
| 258 | // have the inventory, we reject the request with an appropriate explanation. | 258 | //// If we get to here, then we have effectively validated the user's |
| 259 | // | 259 | //// identity. Now we need to get the inventory. If the server does not |
| 260 | // Note that inventory retrieval is an asynchronous event, we use the rdata | 260 | //// have the inventory, we reject the request with an appropriate explanation. |
| 261 | // class instance as the basis for our synchronization. | 261 | //// |
| 262 | // | 262 | //// Note that inventory retrieval is an asynchronous event, we use the rdata |
| 263 | 263 | //// class instance as the basis for our synchronization. | |
| 264 | rdata.uuid = rdata.userProfile.ID; | 264 | //// |
| 265 | 265 | ||
| 266 | if (Rest.InventoryServices.HasInventoryForUser(rdata.uuid)) | 266 | //rdata.uuid = rdata.userProfile.ID; |
| 267 | { | 267 | |
| 268 | rdata.root = Rest.InventoryServices.GetRootFolder(rdata.uuid); | 268 | //if (Rest.InventoryServices.HasInventoryForUser(rdata.uuid)) |
| 269 | 269 | //{ | |
| 270 | Rest.Log.DebugFormat("{0} Inventory Root retrieved for {1} {2}", | 270 | // rdata.root = Rest.InventoryServices.GetRootFolder(rdata.uuid); |
| 271 | MsgId, rdata.userProfile.FirstName, rdata.userProfile.SurName); | 271 | |
| 272 | 272 | // Rest.Log.DebugFormat("{0} Inventory Root retrieved for {1} {2}", | |
| 273 | Rest.InventoryServices.GetUserInventory(rdata.uuid, rdata.GetUserInventory); | 273 | // MsgId, rdata.userProfile.FirstName, rdata.userProfile.SurName); |
| 274 | 274 | ||
| 275 | Rest.Log.DebugFormat("{0} Inventory catalog requested for {1} {2}", | 275 | // Rest.InventoryServices.GetUserInventory(rdata.uuid, rdata.GetUserInventory); |
| 276 | MsgId, rdata.userProfile.FirstName, rdata.userProfile.SurName); | 276 | |
| 277 | 277 | // Rest.Log.DebugFormat("{0} Inventory catalog requested for {1} {2}", | |
| 278 | lock (rdata) | 278 | // MsgId, rdata.userProfile.FirstName, rdata.userProfile.SurName); |
| 279 | { | 279 | |
| 280 | if (!rdata.HaveInventory) | 280 | // lock (rdata) |
| 281 | { | 281 | // { |
| 282 | rdata.startWD(1000); | 282 | // if (!rdata.HaveInventory) |
| 283 | rdata.timeout = false; | 283 | // { |
| 284 | Monitor.Wait(rdata); | 284 | // rdata.startWD(1000); |
| 285 | } | 285 | // rdata.timeout = false; |
| 286 | } | 286 | // Monitor.Wait(rdata); |
| 287 | 287 | // } | |
| 288 | if (rdata.timeout) | 288 | // } |
| 289 | { | 289 | |
| 290 | Rest.Log.WarnFormat("{0} Inventory not available for {1} {2}. No response from service.", | 290 | // if (rdata.timeout) |
| 291 | MsgId, rdata.userProfile.FirstName, rdata.userProfile.SurName); | 291 | // { |
| 292 | rdata.Fail(Rest.HttpStatusCodeServerError, "inventory server not responding"); | 292 | // Rest.Log.WarnFormat("{0} Inventory not available for {1} {2}. No response from service.", |
| 293 | } | 293 | // MsgId, rdata.userProfile.FirstName, rdata.userProfile.SurName); |
| 294 | 294 | // rdata.Fail(Rest.HttpStatusCodeServerError, "inventory server not responding"); | |
| 295 | if (rdata.root == null) | 295 | // } |
| 296 | { | 296 | |
| 297 | Rest.Log.WarnFormat("{0} Inventory is not available [1] for agent {1} {2}", | 297 | // if (rdata.root == null) |
| 298 | MsgId, rdata.userProfile.FirstName, rdata.userProfile.SurName); | 298 | // { |
| 299 | rdata.Fail(Rest.HttpStatusCodeServerError, "inventory retrieval failed"); | 299 | // Rest.Log.WarnFormat("{0} Inventory is not available [1] for agent {1} {2}", |
| 300 | } | 300 | // MsgId, rdata.userProfile.FirstName, rdata.userProfile.SurName); |
| 301 | 301 | // rdata.Fail(Rest.HttpStatusCodeServerError, "inventory retrieval failed"); | |
| 302 | } | 302 | // } |
| 303 | else | 303 | |
| 304 | { | 304 | //} |
| 305 | Rest.Log.WarnFormat("{0} Inventory is not locally available for agent {1} {2}", | 305 | //else |
| 306 | MsgId, rdata.userProfile.FirstName, rdata.userProfile.SurName); | 306 | //{ |
| 307 | rdata.Fail(Rest.HttpStatusCodeNotFound, "no local inventory for user"); | 307 | // Rest.Log.WarnFormat("{0} Inventory is not locally available for agent {1} {2}", |
| 308 | } | 308 | // MsgId, rdata.userProfile.FirstName, rdata.userProfile.SurName); |
| 309 | 309 | // rdata.Fail(Rest.HttpStatusCodeNotFound, "no local inventory for user"); | |
| 310 | // If we get here, then we have successfully retrieved the user's information | 310 | //} |
| 311 | // and inventory information is now available locally. | 311 | |
| 312 | 312 | //// If we get here, then we have successfully retrieved the user's information | |
| 313 | switch (rdata.method) | 313 | //// and inventory information is now available locally. |
| 314 | { | 314 | |
| 315 | case Rest.HEAD : // Do the processing, set the status code, suppress entity | 315 | //switch (rdata.method) |
| 316 | DoGet(rdata); | 316 | //{ |
| 317 | rdata.buffer = null; | 317 | // case Rest.HEAD : // Do the processing, set the status code, suppress entity |
| 318 | break; | 318 | // DoGet(rdata); |
| 319 | 319 | // rdata.buffer = null; | |
| 320 | case Rest.GET : // Do the processing, set the status code, return entity | 320 | // break; |
| 321 | DoGet(rdata); | 321 | |
| 322 | break; | 322 | // case Rest.GET : // Do the processing, set the status code, return entity |
| 323 | 323 | // DoGet(rdata); | |
| 324 | case Rest.PUT : // Update named element | 324 | // break; |
| 325 | DoUpdate(rdata); | 325 | |
| 326 | break; | 326 | // case Rest.PUT : // Update named element |
| 327 | 327 | // DoUpdate(rdata); | |
| 328 | case Rest.POST : // Add new information to identified context. | 328 | // break; |
| 329 | DoExtend(rdata); | 329 | |
| 330 | break; | 330 | // case Rest.POST : // Add new information to identified context. |
| 331 | 331 | // DoExtend(rdata); | |
| 332 | case Rest.DELETE : // Delete information | 332 | // break; |
| 333 | DoDelete(rdata); | 333 | |
| 334 | break; | 334 | // case Rest.DELETE : // Delete information |
| 335 | 335 | // DoDelete(rdata); | |
| 336 | default : | 336 | // break; |
| 337 | Rest.Log.WarnFormat("{0} Method {1} not supported for {2}", | 337 | |
| 338 | MsgId, rdata.method, rdata.path); | 338 | // default : |
| 339 | rdata.Fail(Rest.HttpStatusCodeMethodNotAllowed, | 339 | // Rest.Log.WarnFormat("{0} Method {1} not supported for {2}", |
| 340 | String.Format("{0} not supported", rdata.method)); | 340 | // MsgId, rdata.method, rdata.path); |
| 341 | break; | 341 | // rdata.Fail(Rest.HttpStatusCodeMethodNotAllowed, |
| 342 | } | 342 | // String.Format("{0} not supported", rdata.method)); |
| 343 | // break; | ||
| 344 | //} | ||
| 343 | } | 345 | } |
| 344 | 346 | ||
| 345 | #endregion Interface | 347 | #endregion Interface |
| @@ -1869,7 +1871,7 @@ namespace OpenSim.ApplicationPlugins.Rest.Inventory | |||
| 1869 | 1871 | ||
| 1870 | // Create AssetBase entity to hold the inlined asset | 1872 | // Create AssetBase entity to hold the inlined asset |
| 1871 | 1873 | ||
| 1872 | asset = new AssetBase(uuid, name, type); | 1874 | asset = new AssetBase(uuid, name, type, UUID.Zero.ToString()); |
| 1873 | 1875 | ||
| 1874 | asset.Description = desc; | 1876 | asset.Description = desc; |
| 1875 | asset.Local = local; | 1877 | asset.Local = local; |