1 files changed, 47 insertions, 43 deletions
diff --git a/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs b/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs
index 928755d..12e8fb1 100644
--- a/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs
+++ b/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs
@@ -27,6 +27,7 @@
 using System;
 using System.Collections.Generic;
+using System.Linq;
 using System.Reflection;
 using log4net;
 using Nini.Config;
@@ -160,7 +161,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions
            string permissionModules = Util.GetConfigVarFromSections<string>(config, "permissionmodules",
                new string[] { "Startup", "Permissions" }, "DefaultPermissionsModule");
-            List<string> modules = new List<string>(permissionModules.Split(','));
+            List<string> modules = new List<string>(permissionModules.Split(',').Select(m => m.Trim()));
            if (!modules.Contains("DefaultPermissionsModule"))
                return;
@@ -468,7 +469,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions
            return false;
        }
-            
+         
        /// <summary>
        /// Parse a user set configuration setting
        /// </summary>
@@ -800,8 +801,10 @@ namespace OpenSim.Region.CoreModules.World.Permissions
            // Friends with benefits should be able to edit the objects too
            if (IsFriendWithPerms(currentUser, objectOwner))
+            {
                // Return immediately, so that the administrator can share objects with friends
                return true;
+            }
        
            // Users should be able to edit what is over their land.
            ILandObject parcel = m_scene.LandChannel.GetLandObject(group.AbsolutePosition.X, group.AbsolutePosition.Y);
@@ -900,7 +903,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions
            return permission;
        }
    
-        protected bool GenericParcelOwnerPermission(UUID user, ILandObject parcel, ulong groupPowers)
+        protected bool GenericParcelOwnerPermission(UUID user, ILandObject parcel, ulong groupPowers, bool allowEstateManager)
        {
            if (parcel.LandData.OwnerID == user)
            {
@@ -915,7 +918,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions
                return true;
            }
    
-            if (IsEstateManager(user))
+            if (allowEstateManager && IsEstateManager(user))
            {
                return true;
            }
@@ -942,7 +945,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions
            DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
            if (m_bypassPermissions) return m_bypassPermissionsValue;
        
-            return GenericParcelOwnerPermission(user, parcel, (ulong)GroupPowers.LandRelease);
+            return GenericParcelOwnerPermission(user, parcel, (ulong)GroupPowers.LandRelease, false);
        }
        private bool CanReclaimParcel(UUID user, ILandObject parcel, Scene scene)
@@ -950,7 +953,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions
            DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
            if (m_bypassPermissions) return m_bypassPermissionsValue;
-            return GenericParcelOwnerPermission(user, parcel, 0);
+            return GenericParcelOwnerPermission(user, parcel, 0,true);
        }
        private bool CanDeedParcel(UUID user, ILandObject parcel, Scene scene)
@@ -967,7 +970,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions
            if ((client.GetGroupPowers(parcel.LandData.GroupID) & (ulong)GroupPowers.LandDeed) == 0)
                return false;
-            return GenericParcelOwnerPermission(user, parcel, (ulong)GroupPowers.LandDeed);
+            return GenericParcelOwnerPermission(user, parcel, (ulong)GroupPowers.LandDeed, false);
        }
        private bool CanDeedObject(UUID user, UUID group, Scene scene)
@@ -1008,9 +1011,11 @@ namespace OpenSim.Region.CoreModules.World.Permissions
                return false;
            if (part.OwnerID == owner)
-                return ((part.OwnerMask & PERM_COPY) != 0);
+            {
+                if ((part.OwnerMask & PERM_COPY) == 0)
-            if (part.GroupID != UUID.Zero)
+                    return false;
+            }
+            else if (part.GroupID != UUID.Zero)
            {
                if ((part.OwnerID == part.GroupID) && ((owner != part.LastOwnerID) || ((part.GroupMask & PERM_TRANS) == 0)))
                    return false;
@@ -1052,7 +1057,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions
            DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
            if (m_bypassPermissions) return m_bypassPermissionsValue;
-            return GenericParcelOwnerPermission(user, parcel, (ulong)p);
+            return GenericParcelOwnerPermission(user, parcel, (ulong)p, false);
        }
        /// <summary>
@@ -1451,29 +1456,33 @@ namespace OpenSim.Region.CoreModules.World.Permissions
            DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
            if (m_bypassPermissions) return m_bypassPermissionsValue;
-            bool permission = false;
 //            m_log.DebugFormat("[PERMISSIONS MODULE]: Checking rez object at {0} in {1}", objectPosition, m_scene.Name);
-            ILandObject land = m_scene.LandChannel.GetLandObject(objectPosition.X, objectPosition.Y);
+            ILandObject parcel = m_scene.LandChannel.GetLandObject(objectPosition.X, objectPosition.Y);
-            if (land == null) return false;
+            if (parcel == null)
+                return false;
-            if ((land.LandData.Flags & ((int)ParcelFlags.CreateObjects)) ==
-                (int)ParcelFlags.CreateObjects)
-                permission = true;
-            if (IsAdministrator(owner))
+            if ((parcel.LandData.Flags & (uint)ParcelFlags.CreateObjects) != 0)
            {
-                permission = true;
+                return true;
            }
+            else if ((owner == parcel.LandData.OwnerID) || IsAdministrator(owner))
-        // Powers are zero, because GroupPowers.AllowRez is not a precondition for rezzing objects
-            if (GenericParcelPermission(owner, objectPosition, 0))
            {
-                permission = true;
+                return true;
+            }
+            else if (((parcel.LandData.Flags & (uint)ParcelFlags.CreateGroupObjects) != 0)
+                && (parcel.LandData.GroupID != UUID.Zero) && IsGroupMember(parcel.LandData.GroupID, owner, 0))
+            {
+                return true;
+            }
+            else if (parcel.LandData.GroupID != UUID.Zero && IsGroupMember(parcel.LandData.GroupID, owner, (ulong)GroupPowers.AllowRez))
+            {
+                return true;
+            }
+            else
+            {
+                return false;
            }
-            return permission;
        }
        private bool CanRunConsoleCommand(UUID user, Scene requestFromScene)
@@ -1498,7 +1507,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions
            DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
            if (m_bypassPermissions) return m_bypassPermissionsValue;
-            return GenericParcelOwnerPermission(user, parcel, (ulong)GroupPowers.LandSetSale);
+            return GenericParcelOwnerPermission(user, parcel, (ulong)GroupPowers.LandSetSale, false);
        }
        private bool CanTakeObject(UUID objectID, UUID stealer, Scene scene)
@@ -1515,6 +1524,9 @@ namespace OpenSim.Region.CoreModules.World.Permissions
            if (m_bypassPermissions) return m_bypassPermissionsValue;
            bool permission = GenericObjectPermission(userID, objectID, false);
+            SceneObjectGroup so = (SceneObjectGroup)m_scene.Entities[objectID];
            if (!permission)
            {
                if (!m_scene.Entities.ContainsKey(objectID))
@@ -1528,31 +1540,23 @@ namespace OpenSim.Region.CoreModules.World.Permissions
                    return false;
                }
-                SceneObjectGroup task = (SceneObjectGroup)m_scene.Entities[objectID];
                // UUID taskOwner = null;
                // Added this because at this point in time it wouldn't be wise for
                // the administrator object permissions to take effect.
                // UUID objectOwner = task.OwnerID;
-                if ((task.RootPart.EveryoneMask & PERM_COPY) != 0)
+                if ((so.RootPart.EveryoneMask & PERM_COPY) != 0)
                    permission = true;
+            }
-                if (task.OwnerID != userID)
+            if (so.OwnerID != userID)
-                {
+            {
-                    if ((task.GetEffectivePermissions() & (PERM_COPY | PERM_TRANS)) != (PERM_COPY | PERM_TRANS))
+                if ((so.GetEffectivePermissions() & (PERM_COPY | PERM_TRANS)) != (PERM_COPY | PERM_TRANS))
-                        permission = false;
+                    permission = false;
-                }
-                else
-                {
-                    if ((task.GetEffectivePermissions() & PERM_COPY) != PERM_COPY)
-                        permission = false;
-                }
            }
            else
            {
-                SceneObjectGroup task = (SceneObjectGroup)m_scene.Entities[objectID];
+                if ((so.GetEffectivePermissions() & PERM_COPY) != PERM_COPY)
-                if ((task.GetEffectivePermissions() & (PERM_COPY | PERM_TRANS)) != (PERM_COPY | PERM_TRANS))
                    permission = false;
            }

diff --git a/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs b/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs index 928755d..12e8fb1 100644 --- a/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs +++ b/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs
@@ -27,6 +27,7 @@
27		27
28	using System;	28	using System;
29	using System.Collections.Generic;	29	using System.Collections.Generic;
		30	using System.Linq;
30	using System.Reflection;	31	using System.Reflection;
31	using log4net;	32	using log4net;
32	using Nini.Config;	33	using Nini.Config;
@@ -160,7 +161,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions
160	string permissionModules = Util.GetConfigVarFromSections<string>(config, "permissionmodules",	161	string permissionModules = Util.GetConfigVarFromSections<string>(config, "permissionmodules",
161	new string[] { "Startup", "Permissions" }, "DefaultPermissionsModule");	162	new string[] { "Startup", "Permissions" }, "DefaultPermissionsModule");
162		163
163	List<string> modules = new List<string>(permissionModules.Split(','));	164	List<string> modules = new List<string>(permissionModules.Split(',').Select(m => m.Trim()));
164		165
165	if (!modules.Contains("DefaultPermissionsModule"))	166	if (!modules.Contains("DefaultPermissionsModule"))
166	return;	167	return;
@@ -468,7 +469,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions
468		469
469	return false;	470	return false;
470	}	471	}
471		472
472	/// <summary>	473	/// <summary>
473	/// Parse a user set configuration setting	474	/// Parse a user set configuration setting
474	/// </summary>	475	/// </summary>
@@ -800,8 +801,10 @@ namespace OpenSim.Region.CoreModules.World.Permissions
800		801
801	// Friends with benefits should be able to edit the objects too	802	// Friends with benefits should be able to edit the objects too
802	if (IsFriendWithPerms(currentUser, objectOwner))	803	if (IsFriendWithPerms(currentUser, objectOwner))
		804	{
803	// Return immediately, so that the administrator can share objects with friends	805	// Return immediately, so that the administrator can share objects with friends
804	return true;	806	return true;
		807	}
805		808
806	// Users should be able to edit what is over their land.	809	// Users should be able to edit what is over their land.
807	ILandObject parcel = m_scene.LandChannel.GetLandObject(group.AbsolutePosition.X, group.AbsolutePosition.Y);	810	ILandObject parcel = m_scene.LandChannel.GetLandObject(group.AbsolutePosition.X, group.AbsolutePosition.Y);
@@ -900,7 +903,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions
900	return permission;	903	return permission;
901	}	904	}
902		905
903	protected bool GenericParcelOwnerPermission(UUID user, ILandObject parcel, ulong groupPowers)	906	protected bool GenericParcelOwnerPermission(UUID user, ILandObject parcel, ulong groupPowers, bool allowEstateManager)
904	{	907	{
905	if (parcel.LandData.OwnerID == user)	908	if (parcel.LandData.OwnerID == user)
906	{	909	{
@@ -915,7 +918,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions
915	return true;	918	return true;
916	}	919	}
917		920
918	if (IsEstateManager(user))	921	if (allowEstateManager && IsEstateManager(user))
919	{	922	{
920	return true;	923	return true;
921	}	924	}
@@ -942,7 +945,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions
942	DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);	945	DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
943	if (m_bypassPermissions) return m_bypassPermissionsValue;	946	if (m_bypassPermissions) return m_bypassPermissionsValue;
944		947
945	return GenericParcelOwnerPermission(user, parcel, (ulong)GroupPowers.LandRelease);	948	return GenericParcelOwnerPermission(user, parcel, (ulong)GroupPowers.LandRelease, false);
946	}	949	}
947		950
948	private bool CanReclaimParcel(UUID user, ILandObject parcel, Scene scene)	951	private bool CanReclaimParcel(UUID user, ILandObject parcel, Scene scene)
@@ -950,7 +953,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions
950	DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);	953	DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
951	if (m_bypassPermissions) return m_bypassPermissionsValue;	954	if (m_bypassPermissions) return m_bypassPermissionsValue;
952		955
953	return GenericParcelOwnerPermission(user, parcel, 0);	956	return GenericParcelOwnerPermission(user, parcel, 0,true);
954	}	957	}
955		958
956	private bool CanDeedParcel(UUID user, ILandObject parcel, Scene scene)	959	private bool CanDeedParcel(UUID user, ILandObject parcel, Scene scene)
@@ -967,7 +970,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions
967	if ((client.GetGroupPowers(parcel.LandData.GroupID) & (ulong)GroupPowers.LandDeed) == 0)	970	if ((client.GetGroupPowers(parcel.LandData.GroupID) & (ulong)GroupPowers.LandDeed) == 0)
968	return false;	971	return false;
969		972
970	return GenericParcelOwnerPermission(user, parcel, (ulong)GroupPowers.LandDeed);	973	return GenericParcelOwnerPermission(user, parcel, (ulong)GroupPowers.LandDeed, false);
971	}	974	}
972		975
973	private bool CanDeedObject(UUID user, UUID group, Scene scene)	976	private bool CanDeedObject(UUID user, UUID group, Scene scene)
@@ -1008,9 +1011,11 @@ namespace OpenSim.Region.CoreModules.World.Permissions
1008	return false;	1011	return false;
1009		1012
1010	if (part.OwnerID == owner)	1013	if (part.OwnerID == owner)
1011	return ((part.OwnerMask & PERM_COPY) != 0);	1014	{
1012		1015	if ((part.OwnerMask & PERM_COPY) == 0)
1013	if (part.GroupID != UUID.Zero)	1016	return false;
		1017	}
		1018	else if (part.GroupID != UUID.Zero)
1014	{	1019	{
1015	if ((part.OwnerID == part.GroupID) && ((owner != part.LastOwnerID) \|\| ((part.GroupMask & PERM_TRANS) == 0)))	1020	if ((part.OwnerID == part.GroupID) && ((owner != part.LastOwnerID) \|\| ((part.GroupMask & PERM_TRANS) == 0)))
1016	return false;	1021	return false;
@@ -1052,7 +1057,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions
1052	DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);	1057	DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
1053	if (m_bypassPermissions) return m_bypassPermissionsValue;	1058	if (m_bypassPermissions) return m_bypassPermissionsValue;
1054		1059
1055	return GenericParcelOwnerPermission(user, parcel, (ulong)p);	1060	return GenericParcelOwnerPermission(user, parcel, (ulong)p, false);
1056	}	1061	}
1057		1062
1058	/// <summary>	1063	/// <summary>
@@ -1451,29 +1456,33 @@ namespace OpenSim.Region.CoreModules.World.Permissions
1451	DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);	1456	DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
1452	if (m_bypassPermissions) return m_bypassPermissionsValue;	1457	if (m_bypassPermissions) return m_bypassPermissionsValue;
1453		1458
1454	bool permission = false;
1455
1456	// m_log.DebugFormat("[PERMISSIONS MODULE]: Checking rez object at {0} in {1}", objectPosition, m_scene.Name);	1459	// m_log.DebugFormat("[PERMISSIONS MODULE]: Checking rez object at {0} in {1}", objectPosition, m_scene.Name);
1457		1460
1458	ILandObject land = m_scene.LandChannel.GetLandObject(objectPosition.X, objectPosition.Y);	1461	ILandObject parcel = m_scene.LandChannel.GetLandObject(objectPosition.X, objectPosition.Y);
1459	if (land == null) return false;	1462	if (parcel == null)
1460		1463	return false;
1461	if ((land.LandData.Flags & ((int)ParcelFlags.CreateObjects)) ==
1462	(int)ParcelFlags.CreateObjects)
1463	permission = true;
1464		1464
1465	if (IsAdministrator(owner))	1465	if ((parcel.LandData.Flags & (uint)ParcelFlags.CreateObjects) != 0)
1466	{	1466	{
1467	permission = true;	1467	return true;
1468	}	1468	}
1469		1469	else if ((owner == parcel.LandData.OwnerID) \|\| IsAdministrator(owner))
1470	// Powers are zero, because GroupPowers.AllowRez is not a precondition for rezzing objects
1471	if (GenericParcelPermission(owner, objectPosition, 0))
1472	{	1470	{
1473	permission = true;	1471	return true;
		1472	}
		1473	else if (((parcel.LandData.Flags & (uint)ParcelFlags.CreateGroupObjects) != 0)
		1474	&& (parcel.LandData.GroupID != UUID.Zero) && IsGroupMember(parcel.LandData.GroupID, owner, 0))
		1475	{
		1476	return true;
		1477	}
		1478	else if (parcel.LandData.GroupID != UUID.Zero && IsGroupMember(parcel.LandData.GroupID, owner, (ulong)GroupPowers.AllowRez))
		1479	{
		1480	return true;
		1481	}
		1482	else
		1483	{
		1484	return false;
1474	}	1485	}
1475
1476	return permission;
1477	}	1486	}
1478		1487
1479	private bool CanRunConsoleCommand(UUID user, Scene requestFromScene)	1488	private bool CanRunConsoleCommand(UUID user, Scene requestFromScene)
@@ -1498,7 +1507,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions
1498	DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);	1507	DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
1499	if (m_bypassPermissions) return m_bypassPermissionsValue;	1508	if (m_bypassPermissions) return m_bypassPermissionsValue;
1500		1509
1501	return GenericParcelOwnerPermission(user, parcel, (ulong)GroupPowers.LandSetSale);	1510	return GenericParcelOwnerPermission(user, parcel, (ulong)GroupPowers.LandSetSale, false);
1502	}	1511	}
1503		1512
1504	private bool CanTakeObject(UUID objectID, UUID stealer, Scene scene)	1513	private bool CanTakeObject(UUID objectID, UUID stealer, Scene scene)
@@ -1515,6 +1524,9 @@ namespace OpenSim.Region.CoreModules.World.Permissions
1515	if (m_bypassPermissions) return m_bypassPermissionsValue;	1524	if (m_bypassPermissions) return m_bypassPermissionsValue;
1516		1525
1517	bool permission = GenericObjectPermission(userID, objectID, false);	1526	bool permission = GenericObjectPermission(userID, objectID, false);
		1527
		1528	SceneObjectGroup so = (SceneObjectGroup)m_scene.Entities[objectID];
		1529
1518	if (!permission)	1530	if (!permission)
1519	{	1531	{
1520	if (!m_scene.Entities.ContainsKey(objectID))	1532	if (!m_scene.Entities.ContainsKey(objectID))
@@ -1528,31 +1540,23 @@ namespace OpenSim.Region.CoreModules.World.Permissions
1528	return false;	1540	return false;
1529	}	1541	}
1530		1542
1531	SceneObjectGroup task = (SceneObjectGroup)m_scene.Entities[objectID];
1532	// UUID taskOwner = null;	1543	// UUID taskOwner = null;
1533	// Added this because at this point in time it wouldn't be wise for	1544	// Added this because at this point in time it wouldn't be wise for
1534	// the administrator object permissions to take effect.	1545	// the administrator object permissions to take effect.
1535	// UUID objectOwner = task.OwnerID;	1546	// UUID objectOwner = task.OwnerID;
1536		1547
1537	if ((task.RootPart.EveryoneMask & PERM_COPY) != 0)	1548	if ((so.RootPart.EveryoneMask & PERM_COPY) != 0)
1538	permission = true;	1549	permission = true;
		1550	}
1539		1551
1540	if (task.OwnerID != userID)	1552	if (so.OwnerID != userID)
1541	{	1553	{
1542	if ((task.GetEffectivePermissions() & (PERM_COPY \| PERM_TRANS)) != (PERM_COPY \| PERM_TRANS))	1554	if ((so.GetEffectivePermissions() & (PERM_COPY \| PERM_TRANS)) != (PERM_COPY \| PERM_TRANS))
1543	permission = false;	1555	permission = false;
1544	}
1545	else
1546	{
1547	if ((task.GetEffectivePermissions() & PERM_COPY) != PERM_COPY)
1548	permission = false;
1549	}
1550	}	1556	}
1551	else	1557	else
1552	{	1558	{
1553	SceneObjectGroup task = (SceneObjectGroup)m_scene.Entities[objectID];	1559	if ((so.GetEffectivePermissions() & PERM_COPY) != PERM_COPY)
1554
1555	if ((task.GetEffectivePermissions() & (PERM_COPY \| PERM_TRANS)) != (PERM_COPY \| PERM_TRANS))
1556	permission = false;	1560	permission = false;
1557	}	1561	}
1558		1562