aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/OpenSim/ApplicationPlugins/Rest/Inventory
diff options
context:
space:
mode:
Diffstat (limited to 'OpenSim/ApplicationPlugins/Rest/Inventory')
-rw-r--r--OpenSim/ApplicationPlugins/Rest/Inventory/RequestData.cs26
-rw-r--r--OpenSim/ApplicationPlugins/Rest/Inventory/Rest.cs18
-rw-r--r--OpenSim/ApplicationPlugins/Rest/Inventory/RestAppearanceServices.cs373
-rw-r--r--OpenSim/ApplicationPlugins/Rest/Inventory/RestInventoryServices.cs398
4 files changed, 413 insertions, 402 deletions
diff --git a/OpenSim/ApplicationPlugins/Rest/Inventory/RequestData.cs b/OpenSim/ApplicationPlugins/Rest/Inventory/RequestData.cs
index d3a7e64..10f1a6e 100644
--- a/OpenSim/ApplicationPlugins/Rest/Inventory/RequestData.cs
+++ b/OpenSim/ApplicationPlugins/Rest/Inventory/RequestData.cs
@@ -35,6 +35,9 @@ using System.Xml;
35using OpenSim.Framework; 35using OpenSim.Framework;
36using OpenSim.Framework.Servers; 36using OpenSim.Framework.Servers;
37using OpenSim.Framework.Servers.HttpServer; 37using OpenSim.Framework.Servers.HttpServer;
38using OpenSim.Services.Interfaces;
39
40using OpenMetaverse;
38 41
39namespace OpenSim.ApplicationPlugins.Rest.Inventory 42namespace OpenSim.ApplicationPlugins.Rest.Inventory
40{ 43{
@@ -658,7 +661,6 @@ namespace OpenSim.ApplicationPlugins.Rest.Inventory
658 { 661 {
659 662
660 int x; 663 int x;
661 string HA1;
662 string first; 664 string first;
663 string last; 665 string last;
664 666
@@ -675,17 +677,13 @@ namespace OpenSim.ApplicationPlugins.Rest.Inventory
675 last = String.Empty; 677 last = String.Empty;
676 } 678 }
677 679
678 UserProfileData udata = Rest.UserServices.GetUserProfile(first, last); 680 UserAccount account = Rest.UserServices.GetUserAccount(UUID.Zero, first, last);
679 681
680 // If we don't recognize the user id, perhaps it is god? 682 // If we don't recognize the user id, perhaps it is god?
681 683 if (account == null)
682 if (udata == null)
683 return pass == Rest.GodKey; 684 return pass == Rest.GodKey;
684 685
685 HA1 = HashToString(pass); 686 return (Rest.AuthServices.Authenticate(account.PrincipalID, pass, 1) != string.Empty);
686 HA1 = HashToString(String.Format("{0}:{1}",HA1,udata.PasswordSalt));
687
688 return (0 == sc.Compare(HA1, udata.PasswordHash));
689 687
690 } 688 }
691 689
@@ -897,11 +895,10 @@ namespace OpenSim.ApplicationPlugins.Rest.Inventory
897 last = String.Empty; 895 last = String.Empty;
898 } 896 }
899 897
900 UserProfileData udata = Rest.UserServices.GetUserProfile(first, last); 898 UserAccount account = Rest.UserServices.GetUserAccount(UUID.Zero, first, last);
901
902 // If we don;t recognize the user id, perhaps it is god? 899 // If we don;t recognize the user id, perhaps it is god?
903 900
904 if (udata == null) 901 if (account == null)
905 { 902 {
906 Rest.Log.DebugFormat("{0} Administrator", MsgId); 903 Rest.Log.DebugFormat("{0} Administrator", MsgId);
907 return Rest.GodKey; 904 return Rest.GodKey;
@@ -909,7 +906,12 @@ namespace OpenSim.ApplicationPlugins.Rest.Inventory
909 else 906 else
910 { 907 {
911 Rest.Log.DebugFormat("{0} Normal User {1}", MsgId, user); 908 Rest.Log.DebugFormat("{0} Normal User {1}", MsgId, user);
912 return udata.PasswordHash; 909
910 // !!! REFACTORING PROBLEM
911 // This is what it was. It doesn't work in 0.7
912 // Nothing retrieves the password from the authentication service, there's only authentication.
913 //return udata.PasswordHash;
914 return string.Empty;
913 } 915 }
914 916
915 } 917 }
diff --git a/OpenSim/ApplicationPlugins/Rest/Inventory/Rest.cs b/OpenSim/ApplicationPlugins/Rest/Inventory/Rest.cs
index 7db705e..9755e73 100644
--- a/OpenSim/ApplicationPlugins/Rest/Inventory/Rest.cs
+++ b/OpenSim/ApplicationPlugins/Rest/Inventory/Rest.cs
@@ -35,7 +35,7 @@ using Nini.Config;
35using OpenSim.Framework; 35using OpenSim.Framework;
36using OpenSim.Framework.Communications; 36using OpenSim.Framework.Communications;
37using OpenSim.Services.Interfaces; 37using OpenSim.Services.Interfaces;
38using IUserService = OpenSim.Framework.Communications.IUserService; 38using IAvatarService = OpenSim.Services.Interfaces.IAvatarService;
39 39
40namespace OpenSim.ApplicationPlugins.Rest.Inventory 40namespace OpenSim.ApplicationPlugins.Rest.Inventory
41{ 41{
@@ -92,24 +92,24 @@ namespace OpenSim.ApplicationPlugins.Rest.Inventory
92 /// initializes. 92 /// initializes.
93 /// </summary> 93 /// </summary>
94 94
95 internal static CommunicationsManager Comms 95 internal static IInventoryService InventoryServices
96 { 96 {
97 get { return main.CommunicationsManager; } 97 get { return main.SceneManager.CurrentOrFirstScene.InventoryService; }
98 } 98 }
99 99
100 internal static IInventoryService InventoryServices 100 internal static IUserAccountService UserServices
101 { 101 {
102 get { return main.SceneManager.CurrentOrFirstScene.InventoryService; } 102 get { return main.SceneManager.CurrentOrFirstScene.UserAccountService; }
103 } 103 }
104 104
105 internal static IUserService UserServices 105 internal static IAuthenticationService AuthServices
106 { 106 {
107 get { return Comms.UserService; } 107 get { return main.SceneManager.CurrentOrFirstScene.AuthenticationService; }
108 } 108 }
109 109
110 internal static IAvatarService AvatarServices 110 internal static IAvatarService AvatarServices
111 { 111 {
112 get { return Comms.AvatarService; } 112 get { return main.SceneManager.CurrentOrFirstScene.AvatarService; }
113 } 113 }
114 114
115 internal static IAssetService AssetServices 115 internal static IAssetService AssetServices
diff --git a/OpenSim/ApplicationPlugins/Rest/Inventory/RestAppearanceServices.cs b/OpenSim/ApplicationPlugins/Rest/Inventory/RestAppearanceServices.cs
index b2b4aa7..b70a511 100644
--- a/OpenSim/ApplicationPlugins/Rest/Inventory/RestAppearanceServices.cs
+++ b/OpenSim/ApplicationPlugins/Rest/Inventory/RestAppearanceServices.cs
@@ -32,6 +32,7 @@ using OpenMetaverse;
32using OpenSim.Framework; 32using OpenSim.Framework;
33using OpenSim.Framework.Servers; 33using OpenSim.Framework.Servers;
34using OpenSim.Framework.Servers.HttpServer; 34using OpenSim.Framework.Servers.HttpServer;
35using OpenSim.Services.Interfaces;
35 36
36namespace OpenSim.ApplicationPlugins.Rest.Inventory 37namespace OpenSim.ApplicationPlugins.Rest.Inventory
37{ 38{
@@ -135,152 +136,153 @@ namespace OpenSim.ApplicationPlugins.Rest.Inventory
135 136
136 private void DoAppearance(RequestData hdata) 137 private void DoAppearance(RequestData hdata)
137 { 138 {
138 139 // !!! REFACTORIMG PROBLEM. This needs rewriting for 0.7
139 AppearanceRequestData rdata = (AppearanceRequestData) hdata; 140
140 141 //AppearanceRequestData rdata = (AppearanceRequestData) hdata;
141 Rest.Log.DebugFormat("{0} DoAppearance ENTRY", MsgId); 142
142 143 //Rest.Log.DebugFormat("{0} DoAppearance ENTRY", MsgId);
143 // If we're disabled, do nothing. 144
144 145 //// If we're disabled, do nothing.
145 if (!enabled) 146
146 { 147 //if (!enabled)
147 return; 148 //{
148 } 149 // return;
149 150 //}
150 // Now that we know this is a serious attempt to 151
151 // access inventory data, we should find out who 152 //// Now that we know this is a serious attempt to
152 // is asking, and make sure they are authorized 153 //// access inventory data, we should find out who
153 // to do so. We need to validate the caller's 154 //// is asking, and make sure they are authorized
154 // identity before revealing anything about the 155 //// to do so. We need to validate the caller's
155 // status quo. Authenticate throws an exception 156 //// identity before revealing anything about the
156 // via Fail if no identity information is present. 157 //// status quo. Authenticate throws an exception
157 // 158 //// via Fail if no identity information is present.
158 // With the present HTTP server we can't use the 159 ////
159 // builtin authentication mechanisms because they 160 //// With the present HTTP server we can't use the
160 // would be enforced for all in-bound requests. 161 //// builtin authentication mechanisms because they
161 // Instead we look at the headers ourselves and 162 //// would be enforced for all in-bound requests.
162 // handle authentication directly. 163 //// Instead we look at the headers ourselves and
163 164 //// handle authentication directly.
164 try 165
165 { 166 //try
166 if (!rdata.IsAuthenticated) 167 //{
167 { 168 // if (!rdata.IsAuthenticated)
168 rdata.Fail(Rest.HttpStatusCodeNotAuthorized,String.Format("user \"{0}\" could not be authenticated", rdata.userName)); 169 // {
169 } 170 // rdata.Fail(Rest.HttpStatusCodeNotAuthorized,String.Format("user \"{0}\" could not be authenticated", rdata.userName));
170 } 171 // }
171 catch (RestException e) 172 //}
172 { 173 //catch (RestException e)
173 if (e.statusCode == Rest.HttpStatusCodeNotAuthorized) 174 //{
174 { 175 // if (e.statusCode == Rest.HttpStatusCodeNotAuthorized)
175 Rest.Log.WarnFormat("{0} User not authenticated", MsgId); 176 // {
176 Rest.Log.DebugFormat("{0} Authorization header: {1}", MsgId, rdata.request.Headers.Get("Authorization")); 177 // Rest.Log.WarnFormat("{0} User not authenticated", MsgId);
177 } 178 // Rest.Log.DebugFormat("{0} Authorization header: {1}", MsgId, rdata.request.Headers.Get("Authorization"));
178 else 179 // }
179 { 180 // else
180 Rest.Log.ErrorFormat("{0} User authentication failed", MsgId); 181 // {
181 Rest.Log.DebugFormat("{0} Authorization header: {1}", MsgId, rdata.request.Headers.Get("Authorization")); 182 // Rest.Log.ErrorFormat("{0} User authentication failed", MsgId);
182 } 183 // Rest.Log.DebugFormat("{0} Authorization header: {1}", MsgId, rdata.request.Headers.Get("Authorization"));
183 throw (e); 184 // }
184 } 185 // throw (e);
185 186 //}
186 Rest.Log.DebugFormat("{0} Authenticated {1}", MsgId, rdata.userName); 187
187 188 //Rest.Log.DebugFormat("{0} Authenticated {1}", MsgId, rdata.userName);
188 // We can only get here if we are authorized 189
189 // 190 //// We can only get here if we are authorized
190 // The requestor may have specified an UUID or 191 ////
191 // a conjoined FirstName LastName string. We'll 192 //// The requestor may have specified an UUID or
192 // try both. If we fail with the first, UUID, 193 //// a conjoined FirstName LastName string. We'll
193 // attempt, we try the other. As an example, the 194 //// try both. If we fail with the first, UUID,
194 // URI for a valid inventory request might be: 195 //// attempt, we try the other. As an example, the
195 // 196 //// URI for a valid inventory request might be:
196 // http://<host>:<port>/admin/inventory/Arthur Dent 197 ////
197 // 198 //// http://<host>:<port>/admin/inventory/Arthur Dent
198 // Indicating that this is an inventory request for 199 ////
199 // an avatar named Arthur Dent. This is ALL that is 200 //// Indicating that this is an inventory request for
200 // required to designate a GET for an entire 201 //// an avatar named Arthur Dent. This is ALL that is
201 // inventory. 202 //// required to designate a GET for an entire
202 // 203 //// inventory.
203 204 ////
204 // Do we have at least a user agent name? 205
205 206 //// Do we have at least a user agent name?
206 if (rdata.Parameters.Length < 1) 207
207 { 208 //if (rdata.Parameters.Length < 1)
208 Rest.Log.WarnFormat("{0} Appearance: No user agent identifier specified", MsgId); 209 //{
209 rdata.Fail(Rest.HttpStatusCodeBadRequest, "no user identity specified"); 210 // Rest.Log.WarnFormat("{0} Appearance: No user agent identifier specified", MsgId);
210 } 211 // rdata.Fail(Rest.HttpStatusCodeBadRequest, "no user identity specified");
211 212 //}
212 // The first parameter MUST be the agent identification, either an UUID 213
213 // or a space-separated First-name Last-Name specification. We check for 214 //// The first parameter MUST be the agent identification, either an UUID
214 // an UUID first, if anyone names their character using a valid UUID 215 //// or a space-separated First-name Last-Name specification. We check for
215 // that identifies another existing avatar will cause this a problem... 216 //// an UUID first, if anyone names their character using a valid UUID
216 217 //// that identifies another existing avatar will cause this a problem...
217 try 218
218 { 219 //try
219 rdata.uuid = new UUID(rdata.Parameters[PARM_USERID]); 220 //{
220 Rest.Log.DebugFormat("{0} UUID supplied", MsgId); 221 // rdata.uuid = new UUID(rdata.Parameters[PARM_USERID]);
221 rdata.userProfile = Rest.UserServices.GetUserProfile(rdata.uuid); 222 // Rest.Log.DebugFormat("{0} UUID supplied", MsgId);
222 } 223 // rdata.userProfile = Rest.UserServices.GetUserProfile(rdata.uuid);
223 catch 224 //}
224 { 225 //catch
225 string[] names = rdata.Parameters[PARM_USERID].Split(Rest.CA_SPACE); 226 //{
226 if (names.Length == 2) 227 // string[] names = rdata.Parameters[PARM_USERID].Split(Rest.CA_SPACE);
227 { 228 // if (names.Length == 2)
228 Rest.Log.DebugFormat("{0} Agent Name supplied [2]", MsgId); 229 // {
229 rdata.userProfile = Rest.UserServices.GetUserProfile(names[0],names[1]); 230 // Rest.Log.DebugFormat("{0} Agent Name supplied [2]", MsgId);
230 } 231 // rdata.userProfile = Rest.UserServices.GetUserProfile(names[0],names[1]);
231 else 232 // }
232 { 233 // else
233 Rest.Log.WarnFormat("{0} A Valid UUID or both first and last names must be specified", MsgId); 234 // {
234 rdata.Fail(Rest.HttpStatusCodeBadRequest, "invalid user identity"); 235 // Rest.Log.WarnFormat("{0} A Valid UUID or both first and last names must be specified", MsgId);
235 } 236 // rdata.Fail(Rest.HttpStatusCodeBadRequest, "invalid user identity");
236 } 237 // }
237 238 //}
238 // If the user profile is null then either the server is broken, or the 239
239 // user is not known. We always assume the latter case. 240 //// If the user profile is null then either the server is broken, or the
240 241 //// user is not known. We always assume the latter case.
241 if (rdata.userProfile != null) 242
242 { 243 //if (rdata.userProfile != null)
243 Rest.Log.DebugFormat("{0} User profile obtained for agent {1} {2}", 244 //{
244 MsgId, rdata.userProfile.FirstName, rdata.userProfile.SurName); 245 // Rest.Log.DebugFormat("{0} User profile obtained for agent {1} {2}",
245 } 246 // MsgId, rdata.userProfile.FirstName, rdata.userProfile.SurName);
246 else 247 //}
247 { 248 //else
248 Rest.Log.WarnFormat("{0} No user profile for {1}", MsgId, rdata.path); 249 //{
249 rdata.Fail(Rest.HttpStatusCodeNotFound, "unrecognized user identity"); 250 // Rest.Log.WarnFormat("{0} No user profile for {1}", MsgId, rdata.path);
250 } 251 // rdata.Fail(Rest.HttpStatusCodeNotFound, "unrecognized user identity");
251 252 //}
252 // If we get to here, then we have effectively validated the user's 253
253 254 //// If we get to here, then we have effectively validated the user's
254 switch (rdata.method) 255
255 { 256 //switch (rdata.method)
256 case Rest.HEAD : // Do the processing, set the status code, suppress entity 257 //{
257 DoGet(rdata); 258 // case Rest.HEAD : // Do the processing, set the status code, suppress entity
258 rdata.buffer = null; 259 // DoGet(rdata);
259 break; 260 // rdata.buffer = null;
260 261 // break;
261 case Rest.GET : // Do the processing, set the status code, return entity 262
262 DoGet(rdata); 263 // case Rest.GET : // Do the processing, set the status code, return entity
263 break; 264 // DoGet(rdata);
264 265 // break;
265 case Rest.PUT : // Update named element 266
266 DoUpdate(rdata); 267 // case Rest.PUT : // Update named element
267 break; 268 // DoUpdate(rdata);
268 269 // break;
269 case Rest.POST : // Add new information to identified context. 270
270 DoExtend(rdata); 271 // case Rest.POST : // Add new information to identified context.
271 break; 272 // DoExtend(rdata);
272 273 // break;
273 case Rest.DELETE : // Delete information 274
274 DoDelete(rdata); 275 // case Rest.DELETE : // Delete information
275 break; 276 // DoDelete(rdata);
276 277 // break;
277 default : 278
278 Rest.Log.WarnFormat("{0} Method {1} not supported for {2}", 279 // default :
279 MsgId, rdata.method, rdata.path); 280 // Rest.Log.WarnFormat("{0} Method {1} not supported for {2}",
280 rdata.Fail(Rest.HttpStatusCodeMethodNotAllowed, 281 // MsgId, rdata.method, rdata.path);
281 String.Format("{0} not supported", rdata.method)); 282 // rdata.Fail(Rest.HttpStatusCodeMethodNotAllowed,
282 break; 283 // String.Format("{0} not supported", rdata.method));
283 } 284 // break;
285 //}
284 } 286 }
285 287
286 #endregion Interface 288 #endregion Interface
@@ -294,15 +296,15 @@ namespace OpenSim.ApplicationPlugins.Rest.Inventory
294 296
295 private void DoGet(AppearanceRequestData rdata) 297 private void DoGet(AppearanceRequestData rdata)
296 { 298 {
299 AvatarData adata = Rest.AvatarServices.GetAvatar(rdata.userProfile.ID);
297 300
298 rdata.userAppearance = Rest.AvatarServices.GetUserAppearance(rdata.userProfile.ID); 301 if (adata == null)
299
300 if (rdata.userAppearance == null)
301 { 302 {
302 rdata.Fail(Rest.HttpStatusCodeNoContent, 303 rdata.Fail(Rest.HttpStatusCodeNoContent,
303 String.Format("appearance data not found for user {0} {1}", 304 String.Format("appearance data not found for user {0} {1}",
304 rdata.userProfile.FirstName, rdata.userProfile.SurName)); 305 rdata.userProfile.FirstName, rdata.userProfile.SurName));
305 } 306 }
307 rdata.userAppearance = adata.ToAvatarAppearance(rdata.userProfile.ID);
306 308
307 rdata.initXmlWriter(); 309 rdata.initXmlWriter();
308 310
@@ -341,18 +343,20 @@ namespace OpenSim.ApplicationPlugins.Rest.Inventory
341 // increasingly doubtful that it is appropriate for REST. If I attempt to 343 // increasingly doubtful that it is appropriate for REST. If I attempt to
342 // add a new record, and it already exists, then it seems to me that the 344 // add a new record, and it already exists, then it seems to me that the
343 // attempt should fail, rather than update the existing record. 345 // attempt should fail, rather than update the existing record.
344 346 AvatarData adata = null;
345 if (GetUserAppearance(rdata)) 347 if (GetUserAppearance(rdata))
346 { 348 {
347 modified = rdata.userAppearance != null; 349 modified = rdata.userAppearance != null;
348 created = !modified; 350 created = !modified;
349 Rest.AvatarServices.UpdateUserAppearance(rdata.userProfile.ID, rdata.userAppearance); 351 adata = new AvatarData(rdata.userAppearance);
352 Rest.AvatarServices.SetAvatar(rdata.userProfile.ID, adata);
350 // Rest.UserServices.UpdateUserProfile(rdata.userProfile); 353 // Rest.UserServices.UpdateUserProfile(rdata.userProfile);
351 } 354 }
352 else 355 else
353 { 356 {
354 created = true; 357 created = true;
355 Rest.AvatarServices.UpdateUserAppearance(rdata.userProfile.ID, rdata.userAppearance); 358 adata = new AvatarData(rdata.userAppearance);
359 Rest.AvatarServices.SetAvatar(rdata.userProfile.ID, adata);
356 // Rest.UserServices.UpdateUserProfile(rdata.userProfile); 360 // Rest.UserServices.UpdateUserProfile(rdata.userProfile);
357 } 361 }
358 362
@@ -391,37 +395,39 @@ namespace OpenSim.ApplicationPlugins.Rest.Inventory
391 private void DoUpdate(AppearanceRequestData rdata) 395 private void DoUpdate(AppearanceRequestData rdata)
392 { 396 {
393 397
394 bool created = false; 398 // REFACTORING PROBLEM This was commented out. It doesn't work for 0.7
395 bool modified = false;
396 399
400 //bool created = false;
401 //bool modified = false;
397 402
398 rdata.userAppearance = Rest.AvatarServices.GetUserAppearance(rdata.userProfile.ID);
399 403
400 // If the user exists then this is considered a modification regardless 404 //rdata.userAppearance = Rest.AvatarServices.GetUserAppearance(rdata.userProfile.ID);
401 // of what may, or may not be, specified in the payload.
402 405
403 if (rdata.userAppearance != null) 406 //// If the user exists then this is considered a modification regardless
404 { 407 //// of what may, or may not be, specified in the payload.
405 modified = true;
406 Rest.AvatarServices.UpdateUserAppearance(rdata.userProfile.ID, rdata.userAppearance);
407 Rest.UserServices.UpdateUserProfile(rdata.userProfile);
408 }
409 408
410 if (created) 409 //if (rdata.userAppearance != null)
411 { 410 //{
412 rdata.Complete(Rest.HttpStatusCodeCreated); 411 // modified = true;
413 } 412 // Rest.AvatarServices.UpdateUserAppearance(rdata.userProfile.ID, rdata.userAppearance);
414 else 413 // Rest.UserServices.UpdateUserProfile(rdata.userProfile);
415 { 414 //}
416 if (modified) 415
417 { 416 //if (created)
418 rdata.Complete(Rest.HttpStatusCodeOK); 417 //{
419 } 418 // rdata.Complete(Rest.HttpStatusCodeCreated);
420 else 419 //}
421 { 420 //else
422 rdata.Complete(Rest.HttpStatusCodeNoContent); 421 //{
423 } 422 // if (modified)
424 } 423 // {
424 // rdata.Complete(Rest.HttpStatusCodeOK);
425 // }
426 // else
427 // {
428 // rdata.Complete(Rest.HttpStatusCodeNoContent);
429 // }
430 //}
425 431
426 rdata.Respond(String.Format("Appearance {0} : Normal completion", rdata.method)); 432 rdata.Respond(String.Format("Appearance {0} : Normal completion", rdata.method));
427 433
@@ -436,21 +442,22 @@ namespace OpenSim.ApplicationPlugins.Rest.Inventory
436 442
437 private void DoDelete(AppearanceRequestData rdata) 443 private void DoDelete(AppearanceRequestData rdata)
438 { 444 {
445 AvatarData adata = Rest.AvatarServices.GetAvatar(rdata.userProfile.ID);
439 446
440 AvatarAppearance old = Rest.AvatarServices.GetUserAppearance(rdata.userProfile.ID); 447 if (adata != null)
441
442 if (old != null)
443 { 448 {
449 AvatarAppearance old = adata.ToAvatarAppearance(rdata.userProfile.ID);
444 rdata.userAppearance = new AvatarAppearance(); 450 rdata.userAppearance = new AvatarAppearance();
445
446 rdata.userAppearance.Owner = old.Owner; 451 rdata.userAppearance.Owner = old.Owner;
452 adata = new AvatarData(rdata.userAppearance);
447 453
448 Rest.AvatarServices.UpdateUserAppearance(rdata.userProfile.ID, rdata.userAppearance); 454 Rest.AvatarServices.SetAvatar(rdata.userProfile.ID, adata);
449 455
450 rdata.Complete(); 456 rdata.Complete();
451 } 457 }
452 else 458 else
453 { 459 {
460
454 rdata.Complete(Rest.HttpStatusCodeNoContent); 461 rdata.Complete(Rest.HttpStatusCodeNoContent);
455 } 462 }
456 463
diff --git a/OpenSim/ApplicationPlugins/Rest/Inventory/RestInventoryServices.cs b/OpenSim/ApplicationPlugins/Rest/Inventory/RestInventoryServices.cs
index 01bfe00..fb1d739 100644
--- a/OpenSim/ApplicationPlugins/Rest/Inventory/RestInventoryServices.cs
+++ b/OpenSim/ApplicationPlugins/Rest/Inventory/RestInventoryServices.cs
@@ -36,7 +36,7 @@ using System.Xml;
36using OpenMetaverse; 36using OpenMetaverse;
37using OpenMetaverse.Imaging; 37using OpenMetaverse.Imaging;
38using OpenSim.Framework; 38using OpenSim.Framework;
39using OpenSim.Framework.Communications.Cache; 39
40using OpenSim.Framework.Servers; 40using OpenSim.Framework.Servers;
41using OpenSim.Framework.Servers.HttpServer; 41using OpenSim.Framework.Servers.HttpServer;
42using Timer=System.Timers.Timer; 42using Timer=System.Timers.Timer;
@@ -143,203 +143,205 @@ namespace OpenSim.ApplicationPlugins.Rest.Inventory
143 143
144 Rest.Log.DebugFormat("{0} DoInventory ENTRY", MsgId); 144 Rest.Log.DebugFormat("{0} DoInventory ENTRY", MsgId);
145 145
146 // If we're disabled, do nothing. 146 // !!! REFACTORING PROBLEM
147 147
148 if (!enabled) 148 //// If we're disabled, do nothing.
149 { 149
150 return; 150 //if (!enabled)
151 } 151 //{
152 152 // return;
153 // Now that we know this is a serious attempt to 153 //}
154 // access inventory data, we should find out who 154
155 // is asking, and make sure they are authorized 155 //// Now that we know this is a serious attempt to
156 // to do so. We need to validate the caller's 156 //// access inventory data, we should find out who
157 // identity before revealing anything about the 157 //// is asking, and make sure they are authorized
158 // status quo. Authenticate throws an exception 158 //// to do so. We need to validate the caller's
159 // via Fail if no identity information is present. 159 //// identity before revealing anything about the
160 // 160 //// status quo. Authenticate throws an exception
161 // With the present HTTP server we can't use the 161 //// via Fail if no identity information is present.
162 // builtin authentication mechanisms because they 162 ////
163 // would be enforced for all in-bound requests. 163 //// With the present HTTP server we can't use the
164 // Instead we look at the headers ourselves and 164 //// builtin authentication mechanisms because they
165 // handle authentication directly. 165 //// would be enforced for all in-bound requests.
166 166 //// Instead we look at the headers ourselves and
167 try 167 //// handle authentication directly.
168 { 168
169 if (!rdata.IsAuthenticated) 169 //try
170 { 170 //{
171 rdata.Fail(Rest.HttpStatusCodeNotAuthorized,String.Format("user \"{0}\" could not be authenticated", rdata.userName)); 171 // if (!rdata.IsAuthenticated)
172 } 172 // {
173 } 173 // rdata.Fail(Rest.HttpStatusCodeNotAuthorized,String.Format("user \"{0}\" could not be authenticated", rdata.userName));
174 catch (RestException e) 174 // }
175 { 175 //}
176 if (e.statusCode == Rest.HttpStatusCodeNotAuthorized) 176 //catch (RestException e)
177 { 177 //{
178 Rest.Log.WarnFormat("{0} User not authenticated", MsgId); 178 // if (e.statusCode == Rest.HttpStatusCodeNotAuthorized)
179 Rest.Log.DebugFormat("{0} Authorization header: {1}", MsgId, rdata.request.Headers.Get("Authorization")); 179 // {
180 } 180 // Rest.Log.WarnFormat("{0} User not authenticated", MsgId);
181 else 181 // Rest.Log.DebugFormat("{0} Authorization header: {1}", MsgId, rdata.request.Headers.Get("Authorization"));
182 { 182 // }
183 Rest.Log.ErrorFormat("{0} User authentication failed", MsgId); 183 // else
184 Rest.Log.DebugFormat("{0} Authorization header: {1}", MsgId, rdata.request.Headers.Get("Authorization")); 184 // {
185 } 185 // Rest.Log.ErrorFormat("{0} User authentication failed", MsgId);
186 throw (e); 186 // Rest.Log.DebugFormat("{0} Authorization header: {1}", MsgId, rdata.request.Headers.Get("Authorization"));
187 } 187 // }
188 188 // throw (e);
189 Rest.Log.DebugFormat("{0} Authenticated {1}", MsgId, rdata.userName); 189 //}
190 190
191 // We can only get here if we are authorized 191 //Rest.Log.DebugFormat("{0} Authenticated {1}", MsgId, rdata.userName);
192 // 192
193 // The requestor may have specified an UUID or 193 //// We can only get here if we are authorized
194 // a conjoined FirstName LastName string. We'll 194 ////
195 // try both. If we fail with the first, UUID, 195 //// The requestor may have specified an UUID or
196 // attempt, we try the other. As an example, the 196 //// a conjoined FirstName LastName string. We'll
197 // URI for a valid inventory request might be: 197 //// try both. If we fail with the first, UUID,
198 // 198 //// attempt, we try the other. As an example, the
199 // http://<host>:<port>/admin/inventory/Arthur Dent 199 //// URI for a valid inventory request might be:
200 // 200 ////
201 // Indicating that this is an inventory request for 201 //// http://<host>:<port>/admin/inventory/Arthur Dent
202 // an avatar named Arthur Dent. This is ALL that is 202 ////
203 // required to designate a GET for an entire 203 //// Indicating that this is an inventory request for
204 // inventory. 204 //// an avatar named Arthur Dent. This is ALL that is
205 // 205 //// required to designate a GET for an entire
206 206 //// inventory.
207 207 ////
208 // Do we have at least a user agent name? 208
209 209
210 if (rdata.Parameters.Length < 1) 210 //// Do we have at least a user agent name?
211 { 211
212 Rest.Log.WarnFormat("{0} Inventory: No user agent identifier specified", MsgId); 212 //if (rdata.Parameters.Length < 1)
213 rdata.Fail(Rest.HttpStatusCodeBadRequest, "no user identity specified"); 213 //{
214 } 214 // Rest.Log.WarnFormat("{0} Inventory: No user agent identifier specified", MsgId);
215 215 // rdata.Fail(Rest.HttpStatusCodeBadRequest, "no user identity specified");
216 // The first parameter MUST be the agent identification, either an UUID 216 //}
217 // or a space-separated First-name Last-Name specification. We check for 217
218 // an UUID first, if anyone names their character using a valid UUID 218 //// The first parameter MUST be the agent identification, either an UUID
219 // that identifies another existing avatar will cause this a problem... 219 //// or a space-separated First-name Last-Name specification. We check for
220 220 //// an UUID first, if anyone names their character using a valid UUID
221 try 221 //// that identifies another existing avatar will cause this a problem...
222 { 222
223 rdata.uuid = new UUID(rdata.Parameters[PARM_USERID]); 223 //try
224 Rest.Log.DebugFormat("{0} UUID supplied", MsgId); 224 //{
225 rdata.userProfile = Rest.UserServices.GetUserProfile(rdata.uuid); 225 // rdata.uuid = new UUID(rdata.Parameters[PARM_USERID]);
226 } 226 // Rest.Log.DebugFormat("{0} UUID supplied", MsgId);
227 catch 227 // rdata.userProfile = Rest.UserServices.GetUserProfile(rdata.uuid);
228 { 228 //}
229 string[] names = rdata.Parameters[PARM_USERID].Split(Rest.CA_SPACE); 229 //catch
230 if (names.Length == 2) 230 //{
231 { 231 // string[] names = rdata.Parameters[PARM_USERID].Split(Rest.CA_SPACE);
232 Rest.Log.DebugFormat("{0} Agent Name supplied [2]", MsgId); 232 // if (names.Length == 2)
233 rdata.userProfile = Rest.UserServices.GetUserProfile(names[0],names[1]); 233 // {
234 } 234 // Rest.Log.DebugFormat("{0} Agent Name supplied [2]", MsgId);
235 else 235 // rdata.userProfile = Rest.UserServices.GetUserProfile(names[0],names[1]);
236 { 236 // }
237 Rest.Log.WarnFormat("{0} A Valid UUID or both first and last names must be specified", MsgId); 237 // else
238 rdata.Fail(Rest.HttpStatusCodeBadRequest, "invalid user identity"); 238 // {
239 } 239 // Rest.Log.WarnFormat("{0} A Valid UUID or both first and last names must be specified", MsgId);
240 } 240 // rdata.Fail(Rest.HttpStatusCodeBadRequest, "invalid user identity");
241 241 // }
242 // If the user profile is null then either the server is broken, or the 242 //}
243 // user is not known. We always assume the latter case. 243
244 244 //// If the user profile is null then either the server is broken, or the
245 if (rdata.userProfile != null) 245 //// user is not known. We always assume the latter case.
246 { 246
247 Rest.Log.DebugFormat("{0} Profile obtained for agent {1} {2}", 247 //if (rdata.userProfile != null)
248 MsgId, rdata.userProfile.FirstName, rdata.userProfile.SurName); 248 //{
249 } 249 // Rest.Log.DebugFormat("{0} Profile obtained for agent {1} {2}",
250 else 250 // MsgId, rdata.userProfile.FirstName, rdata.userProfile.SurName);
251 { 251 //}
252 Rest.Log.WarnFormat("{0} No profile for {1}", MsgId, rdata.path); 252 //else
253 rdata.Fail(Rest.HttpStatusCodeNotFound, "unrecognized user identity"); 253 //{
254 } 254 // Rest.Log.WarnFormat("{0} No profile for {1}", MsgId, rdata.path);
255 255 // rdata.Fail(Rest.HttpStatusCodeNotFound, "unrecognized user identity");
256 // If we get to here, then we have effectively validated the user's 256 //}
257 // identity. Now we need to get the inventory. If the server does not 257
258 // have the inventory, we reject the request with an appropriate explanation. 258 //// If we get to here, then we have effectively validated the user's
259 // 259 //// identity. Now we need to get the inventory. If the server does not
260 // Note that inventory retrieval is an asynchronous event, we use the rdata 260 //// have the inventory, we reject the request with an appropriate explanation.
261 // class instance as the basis for our synchronization. 261 ////
262 // 262 //// Note that inventory retrieval is an asynchronous event, we use the rdata
263 263 //// class instance as the basis for our synchronization.
264 rdata.uuid = rdata.userProfile.ID; 264 ////
265 265
266 if (Rest.InventoryServices.HasInventoryForUser(rdata.uuid)) 266 //rdata.uuid = rdata.userProfile.ID;
267 { 267
268 rdata.root = Rest.InventoryServices.GetRootFolder(rdata.uuid); 268 //if (Rest.InventoryServices.HasInventoryForUser(rdata.uuid))
269 269 //{
270 Rest.Log.DebugFormat("{0} Inventory Root retrieved for {1} {2}", 270 // rdata.root = Rest.InventoryServices.GetRootFolder(rdata.uuid);
271 MsgId, rdata.userProfile.FirstName, rdata.userProfile.SurName); 271
272 272 // Rest.Log.DebugFormat("{0} Inventory Root retrieved for {1} {2}",
273 Rest.InventoryServices.GetUserInventory(rdata.uuid, rdata.GetUserInventory); 273 // MsgId, rdata.userProfile.FirstName, rdata.userProfile.SurName);
274 274
275 Rest.Log.DebugFormat("{0} Inventory catalog requested for {1} {2}", 275 // Rest.InventoryServices.GetUserInventory(rdata.uuid, rdata.GetUserInventory);
276 MsgId, rdata.userProfile.FirstName, rdata.userProfile.SurName); 276
277 277 // Rest.Log.DebugFormat("{0} Inventory catalog requested for {1} {2}",
278 lock (rdata) 278 // MsgId, rdata.userProfile.FirstName, rdata.userProfile.SurName);
279 { 279
280 if (!rdata.HaveInventory) 280 // lock (rdata)
281 { 281 // {
282 rdata.startWD(1000); 282 // if (!rdata.HaveInventory)
283 rdata.timeout = false; 283 // {
284 Monitor.Wait(rdata); 284 // rdata.startWD(1000);
285 } 285 // rdata.timeout = false;
286 } 286 // Monitor.Wait(rdata);
287 287 // }
288 if (rdata.timeout) 288 // }
289 { 289
290 Rest.Log.WarnFormat("{0} Inventory not available for {1} {2}. No response from service.", 290 // if (rdata.timeout)
291 MsgId, rdata.userProfile.FirstName, rdata.userProfile.SurName); 291 // {
292 rdata.Fail(Rest.HttpStatusCodeServerError, "inventory server not responding"); 292 // Rest.Log.WarnFormat("{0} Inventory not available for {1} {2}. No response from service.",
293 } 293 // MsgId, rdata.userProfile.FirstName, rdata.userProfile.SurName);
294 294 // rdata.Fail(Rest.HttpStatusCodeServerError, "inventory server not responding");
295 if (rdata.root == null) 295 // }
296 { 296
297 Rest.Log.WarnFormat("{0} Inventory is not available [1] for agent {1} {2}", 297 // if (rdata.root == null)
298 MsgId, rdata.userProfile.FirstName, rdata.userProfile.SurName); 298 // {
299 rdata.Fail(Rest.HttpStatusCodeServerError, "inventory retrieval failed"); 299 // Rest.Log.WarnFormat("{0} Inventory is not available [1] for agent {1} {2}",
300 } 300 // MsgId, rdata.userProfile.FirstName, rdata.userProfile.SurName);
301 301 // rdata.Fail(Rest.HttpStatusCodeServerError, "inventory retrieval failed");
302 } 302 // }
303 else 303
304 { 304 //}
305 Rest.Log.WarnFormat("{0} Inventory is not locally available for agent {1} {2}", 305 //else
306 MsgId, rdata.userProfile.FirstName, rdata.userProfile.SurName); 306 //{
307 rdata.Fail(Rest.HttpStatusCodeNotFound, "no local inventory for user"); 307 // Rest.Log.WarnFormat("{0} Inventory is not locally available for agent {1} {2}",
308 } 308 // MsgId, rdata.userProfile.FirstName, rdata.userProfile.SurName);
309 309 // rdata.Fail(Rest.HttpStatusCodeNotFound, "no local inventory for user");
310 // If we get here, then we have successfully retrieved the user's information 310 //}
311 // and inventory information is now available locally. 311
312 312 //// If we get here, then we have successfully retrieved the user's information
313 switch (rdata.method) 313 //// and inventory information is now available locally.
314 { 314
315 case Rest.HEAD : // Do the processing, set the status code, suppress entity 315 //switch (rdata.method)
316 DoGet(rdata); 316 //{
317 rdata.buffer = null; 317 // case Rest.HEAD : // Do the processing, set the status code, suppress entity
318 break; 318 // DoGet(rdata);
319 319 // rdata.buffer = null;
320 case Rest.GET : // Do the processing, set the status code, return entity 320 // break;
321 DoGet(rdata); 321
322 break; 322 // case Rest.GET : // Do the processing, set the status code, return entity
323 323 // DoGet(rdata);
324 case Rest.PUT : // Update named element 324 // break;
325 DoUpdate(rdata); 325
326 break; 326 // case Rest.PUT : // Update named element
327 327 // DoUpdate(rdata);
328 case Rest.POST : // Add new information to identified context. 328 // break;
329 DoExtend(rdata); 329
330 break; 330 // case Rest.POST : // Add new information to identified context.
331 331 // DoExtend(rdata);
332 case Rest.DELETE : // Delete information 332 // break;
333 DoDelete(rdata); 333
334 break; 334 // case Rest.DELETE : // Delete information
335 335 // DoDelete(rdata);
336 default : 336 // break;
337 Rest.Log.WarnFormat("{0} Method {1} not supported for {2}", 337
338 MsgId, rdata.method, rdata.path); 338 // default :
339 rdata.Fail(Rest.HttpStatusCodeMethodNotAllowed, 339 // Rest.Log.WarnFormat("{0} Method {1} not supported for {2}",
340 String.Format("{0} not supported", rdata.method)); 340 // MsgId, rdata.method, rdata.path);
341 break; 341 // rdata.Fail(Rest.HttpStatusCodeMethodNotAllowed,
342 } 342 // String.Format("{0} not supported", rdata.method));
343 // break;
344 //}
343 } 345 }
344 346
345 #endregion Interface 347 #endregion Interface
generated by cgit v1.1 at 2024-07-21 04:20:12 +0000