aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/OpenSim/Region/Environment/PermissionManager.cs
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--OpenSim/Region/Environment/PermissionManager.cs189
1 files changed, 76 insertions, 113 deletions
diff --git a/OpenSim/Region/Environment/PermissionManager.cs b/OpenSim/Region/Environment/PermissionManager.cs
index 573fc29..37df180 100644
--- a/OpenSim/Region/Environment/PermissionManager.cs
+++ b/OpenSim/Region/Environment/PermissionManager.cs
@@ -35,7 +35,13 @@ namespace OpenSim.Region.Environment
35 public class PermissionManager 35 public class PermissionManager
36 { 36 {
37 protected Scene m_scene; 37 protected Scene m_scene;
38 38
39 // These are here for testing. They will be taken out
40 private uint PERM_ALL = (uint)2147483647;
41 private uint PERM_COPY = (uint)32768;
42 private uint PERM_MODIFY = (uint)16384;
43 private uint PERM_MOVE = (uint)524288;
44 private uint PERM_TRANS = (uint)8192;
39 // Bypasses the permissions engine (always returns OK) 45 // Bypasses the permissions engine (always returns OK)
40 // disable in any production environment 46 // disable in any production environment
41 // TODO: Change this to false when permissions are a desired default 47 // TODO: Change this to false when permissions are a desired default
@@ -136,112 +142,7 @@ namespace OpenSim.Region.Environment
136 #region Object Permissions 142 #region Object Permissions
137 143
138 144
139 public virtual bool AnyoneCanCopyPermission(LLUUID user, LLUUID objId) 145
140 {
141
142 // Default: deny
143 bool permission = false;
144
145 if (!m_scene.Entities.ContainsKey(objId))
146 {
147 return false;
148 }
149
150 // If it's not an object, we cant edit it.
151 if (!(m_scene.Entities[objId] is SceneObjectGroup))
152 {
153 return false;
154 }
155
156 SceneObjectGroup task = (SceneObjectGroup)m_scene.Entities[objId];
157 LLUUID taskOwner = null;
158 // Added this because at this point in time it wouldn't be wise for
159 // the administrator object permissions to take effect.
160 LLUUID objectOwner = task.OwnerID;
161 uint objectflags = task.RootPart.EveryoneMask;
162
163 // Object owners should be able to edit their own content
164 if (user == objectOwner)
165 permission = true;
166
167 // If the 'anybody can move' flag is set then allow anyone to copy it
168 if ((objectflags & (uint)LLObject.ObjectFlags.ObjectCopy ) != 0)
169 permission = true;
170
171 // Users should be able to edit what is over their land.
172 if (m_scene.LandManager.getLandObject(task.AbsolutePosition.X, task.AbsolutePosition.Y).landData.ownerID ==
173 user)
174 permission = true;
175
176 // Estate users should be able to edit anything in the sim
177 if (IsEstateManager(user))
178 permission = true;
179
180 // Admin objects should not be editable by the above
181 if (IsAdministrator(taskOwner))
182 permission = false;
183
184 // Admin should be able to edit anything in the sim (including admin objects)
185 if (IsAdministrator(user))
186 permission = true;
187
188 return permission;
189
190 }
191
192
193 public virtual bool AnyoneCanMovePermission(LLUUID user, LLUUID objId)
194 {
195
196 // Default: deny
197 bool permission = false;
198
199 if (!m_scene.Entities.ContainsKey(objId))
200 {
201 return false;
202 }
203
204 // If it's not an object, we cant edit it.
205 if (!(m_scene.Entities[objId] is SceneObjectGroup))
206 {
207 return false;
208 }
209
210 SceneObjectGroup task = (SceneObjectGroup)m_scene.Entities[objId];
211 LLUUID taskOwner = null;
212 // Added this because at this point in time it wouldn't be wise for
213 // the administrator object permissions to take effect.
214 LLUUID objectOwner = task.OwnerID;
215 uint objectflags = task.RootPart.EveryoneMask;
216
217 // Object owners should be able to edit their own content
218 if (user == objectOwner)
219 permission = true;
220
221 // If the 'anybody can move' flag is set then allow anyone to move it
222 if ((objectflags & (uint)LLObject.ObjectFlags.ObjectMove) != 0)
223 permission = true;
224
225 // Users should be able to edit what is over their land.
226 if (m_scene.LandManager.getLandObject(task.AbsolutePosition.X, task.AbsolutePosition.Y).landData.ownerID ==
227 user)
228 permission = true;
229
230 // Estate users should be able to edit anything in the sim
231 if (IsEstateManager(user))
232 permission = true;
233
234 // Admin objects should not be editable by the above
235 if (IsAdministrator(taskOwner))
236 permission = false;
237
238 // Admin should be able to edit anything in the sim (including admin objects)
239 if (IsAdministrator(user))
240 permission = true;
241
242 return permission;
243
244 }
245 public virtual uint GenerateClientFlags(LLUUID user, LLUUID objID) 146 public virtual uint GenerateClientFlags(LLUUID user, LLUUID objID)
246 { 147 {
247 if (!m_scene.Entities.ContainsKey(objID)) 148 if (!m_scene.Entities.ContainsKey(objID))
@@ -260,6 +161,9 @@ namespace OpenSim.Region.Environment
260 // Added this because at this point in time it wouldn't be wise for 161 // Added this because at this point in time it wouldn't be wise for
261 // the administrator object permissions to take effect. 162 // the administrator object permissions to take effect.
262 LLUUID objectOwner = task.OwnerID; 163 LLUUID objectOwner = task.OwnerID;
164
165 //return task.RootPart.ObjectFlags;task.RootPart.ObjectFlags |
166
263 uint OwnerMask = task.RootPart.ObjectFlags | task.RootPart.OwnerMask; 167 uint OwnerMask = task.RootPart.ObjectFlags | task.RootPart.OwnerMask;
264 uint GroupMask = task.RootPart.ObjectFlags | task.RootPart.GroupMask; 168 uint GroupMask = task.RootPart.ObjectFlags | task.RootPart.GroupMask;
265 uint EveryoneMask = task.RootPart.ObjectFlags | task.RootPart.EveryoneMask; 169 uint EveryoneMask = task.RootPart.ObjectFlags | task.RootPart.EveryoneMask;
@@ -288,7 +192,20 @@ namespace OpenSim.Region.Environment
288 if (IsAdministrator(user)) 192 if (IsAdministrator(user))
289 return OwnerMask; 193 return OwnerMask;
290 194
291 return 0; 195 if (((EveryoneMask & PERM_MOVE) != 0) || ((EveryoneMask & PERM_COPY) != 0))
196 {
197 if ((EveryoneMask & PERM_MOVE) != 0)
198 OwnerMask &= ~PERM_MOVE;
199
200 if ((EveryoneMask & PERM_COPY) != 0)
201 OwnerMask &= ~PERM_COPY;
202
203 OwnerMask &= ~PERM_MODIFY;
204 OwnerMask &= ~PERM_TRANS;
205
206 return OwnerMask;
207 }
208 return EveryoneMask;
292 } 209 }
293 210
294 protected virtual bool GenericObjectPermission(LLUUID user, LLUUID objId) 211 protected virtual bool GenericObjectPermission(LLUUID user, LLUUID objId)
@@ -353,15 +270,61 @@ namespace OpenSim.Region.Environment
353 return GenericObjectPermission(user, obj); 270 return GenericObjectPermission(user, obj);
354 } 271 }
355 272
356 public virtual bool CanReturnObject(LLUUID user, LLUUID obj) 273 public virtual bool CanEditObjectPosition(LLUUID user, LLUUID obj)
357 { 274 {
358 return GenericObjectPermission(user, obj); 275 bool permission = GenericObjectPermission(user,obj);
276 if (!permission)
277 {
278 if (!m_scene.Entities.ContainsKey(obj))
279 {
280 return false;
281 }
282
283 // If it's not an object, we cant edit it.
284 if (!(m_scene.Entities[obj] is SceneObjectGroup))
285 {
286 return false;
287 }
288
289 SceneObjectGroup task = (SceneObjectGroup)m_scene.Entities[obj];
290 LLUUID taskOwner = null;
291 // Added this because at this point in time it wouldn't be wise for
292 // the administrator object permissions to take effect.
293 LLUUID objectOwner = task.OwnerID;
294 if ((task.RootPart.EveryoneMask & PERM_MOVE) != 0)
295 permission = true;
296 }
297 return permission;
359 } 298 }
360
361 public virtual bool CanCopyObject(LLUUID user, LLUUID obj) 299 public virtual bool CanCopyObject(LLUUID user, LLUUID obj)
362 { 300 {
363 return true; 301 bool permission = GenericObjectPermission(user, obj);
364 // return GenericObjectPermission(user, obj); 302 if (!permission)
303 {
304 if (!m_scene.Entities.ContainsKey(obj))
305 {
306 return false;
307 }
308
309 // If it's not an object, we cant edit it.
310 if (!(m_scene.Entities[obj] is SceneObjectGroup))
311 {
312 return false;
313 }
314
315 SceneObjectGroup task = (SceneObjectGroup)m_scene.Entities[obj];
316 LLUUID taskOwner = null;
317 // Added this because at this point in time it wouldn't be wise for
318 // the administrator object permissions to take effect.
319 LLUUID objectOwner = task.OwnerID;
320 if ((task.RootPart.EveryoneMask & PERM_COPY) != 0)
321 permission = true;
322 }
323 return permission;
324 }
325 public virtual bool CanReturnObject(LLUUID user, LLUUID obj)
326 {
327 return GenericObjectPermission(user, obj);
365 } 328 }
366 329
367 #endregion 330 #endregion