aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/OpenSim/Server/Handlers/Inventory
diff options
context:
space:
mode:
Diffstat (limited to 'OpenSim/Server/Handlers/Inventory')
-rw-r--r--OpenSim/Server/Handlers/Inventory/InventoryServerInConnector.cs276
1 files changed, 276 insertions, 0 deletions
diff --git a/OpenSim/Server/Handlers/Inventory/InventoryServerInConnector.cs b/OpenSim/Server/Handlers/Inventory/InventoryServerInConnector.cs
new file mode 100644
index 0000000..c8d08de
--- /dev/null
+++ b/OpenSim/Server/Handlers/Inventory/InventoryServerInConnector.cs
@@ -0,0 +1,276 @@
1/*
2 * Copyright (c) Contributors, http://opensimulator.org/
3 * See CONTRIBUTORS.TXT for a full list of copyright holders.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions are met:
7 * * Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * * Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 * * Neither the name of the OpenSimulator Project nor the
13 * names of its contributors may be used to endorse or promote products
14 * derived from this software without specific prior written permission.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
17 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
19 * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
20 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
21 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
22 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
23 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
25 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 */
27
28using System;
29using System.Collections;
30using System.Collections.Generic;
31using System.Net;
32using System.Reflection;
33using log4net;
34using Nini.Config;
35using Nwc.XmlRpc;
36using OpenSim.Server.Base;
37using OpenSim.Services.Interfaces;
38using OpenSim.Framework;
39using OpenSim.Framework.Servers.HttpServer;
40using OpenSim.Server.Handlers.Base;
41using OpenMetaverse;
42
43namespace OpenSim.Server.Handlers.Inventory
44{
45 public class InventoryServiceInConnector : ServiceConnector
46 {
47 private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
48
49 private IInventoryService m_InventoryService;
50
51 private bool m_doLookup = false;
52
53 //private static readonly int INVENTORY_DEFAULT_SESSION_TIME = 30; // secs
54 //private AuthedSessionCache m_session_cache = new AuthedSessionCache(INVENTORY_DEFAULT_SESSION_TIME);
55
56 private string m_userserver_url;
57
58 public InventoryServiceInConnector(IConfigSource config, IHttpServer server) :
59 base(config, server)
60 {
61 IConfig serverConfig = config.Configs["InventoryService"];
62 if (serverConfig == null)
63 throw new Exception("No section 'InventoryService' in config file");
64
65 string inventoryService = serverConfig.GetString("LocalServiceModule",
66 String.Empty);
67
68 if (inventoryService == String.Empty)
69 throw new Exception("No InventoryService in config file");
70
71 Object[] args = new Object[] { config };
72 m_InventoryService =
73 ServerUtils.LoadPlugin<IInventoryService>(inventoryService, args);
74
75 m_userserver_url = serverConfig.GetString("UserServerURI", String.Empty);
76 m_doLookup = serverConfig.GetBoolean("SessionAuthentication", false);
77
78 AddHttpHandlers(server);
79 }
80
81 protected virtual void AddHttpHandlers(IHttpServer m_httpServer)
82 {
83 m_httpServer.AddStreamHandler(
84 new RestDeserialiseSecureHandler<Guid, InventoryCollection>(
85 "POST", "/GetInventory/", GetUserInventory, CheckAuthSession));
86
87 m_httpServer.AddStreamHandler(
88 new RestDeserialiseSecureHandler<InventoryFolderBase, bool>(
89 "POST", "/UpdateFolder/", m_InventoryService.UpdateFolder, CheckAuthSession));
90
91 m_httpServer.AddStreamHandler(
92 new RestDeserialiseSecureHandler<InventoryFolderBase, bool>(
93 "POST", "/MoveFolder/", m_InventoryService.MoveFolder, CheckAuthSession));
94
95 m_httpServer.AddStreamHandler(
96 new RestDeserialiseSecureHandler<InventoryFolderBase, bool>(
97 "POST", "/PurgeFolder/", m_InventoryService.PurgeFolder, CheckAuthSession));
98
99 m_httpServer.AddStreamHandler(
100 new RestDeserialiseSecureHandler<InventoryItemBase, bool>(
101 "POST", "/DeleteItem/", m_InventoryService.DeleteItem, CheckAuthSession));
102
103 m_httpServer.AddStreamHandler(
104 new RestDeserialiseSecureHandler<InventoryItemBase, InventoryItemBase>(
105 "POST", "/QueryItem/", m_InventoryService.QueryItem, CheckAuthSession));
106
107 m_httpServer.AddStreamHandler(
108 new RestDeserialiseSecureHandler<InventoryFolderBase, InventoryFolderBase>(
109 "POST", "/QueryFolder/", m_InventoryService.QueryFolder, CheckAuthSession));
110
111 m_httpServer.AddStreamHandler(
112 new RestDeserialiseTrustedHandler<Guid, bool>(
113 "POST", "/CreateInventory/", CreateUsersInventory, CheckTrustSource));
114
115 m_httpServer.AddStreamHandler(
116 new RestDeserialiseSecureHandler<InventoryFolderBase, bool>(
117 "POST", "/NewFolder/", m_InventoryService.AddFolder, CheckAuthSession));
118
119 m_httpServer.AddStreamHandler(
120 new RestDeserialiseTrustedHandler<InventoryFolderBase, bool>(
121 "POST", "/CreateFolder/", m_InventoryService.AddFolder, CheckTrustSource));
122
123 m_httpServer.AddStreamHandler(
124 new RestDeserialiseSecureHandler<InventoryItemBase, bool>(
125 "POST", "/NewItem/", m_InventoryService.AddItem, CheckAuthSession));
126
127 m_httpServer.AddStreamHandler(
128 new RestDeserialiseTrustedHandler<InventoryItemBase, bool>(
129 "POST", "/AddNewItem/", m_InventoryService.AddItem, CheckTrustSource));
130
131 m_httpServer.AddStreamHandler(
132 new RestDeserialiseTrustedHandler<Guid, List<InventoryItemBase>>(
133 "POST", "/GetItems/", GetFolderItems, CheckTrustSource));
134
135 // for persistent active gestures
136 m_httpServer.AddStreamHandler(
137 new RestDeserialiseTrustedHandler<Guid, List<InventoryItemBase>>
138 ("POST", "/ActiveGestures/", GetActiveGestures, CheckTrustSource));
139
140 // WARNING: Root folders no longer just delivers the root and immediate child folders (e.g
141 // system folders such as Objects, Textures), but it now returns the entire inventory skeleton.
142 // It would have been better to rename this request, but complexities in the BaseHttpServer
143 // (e.g. any http request not found is automatically treated as an xmlrpc request) make it easier
144 // to do this for now.
145 m_httpServer.AddStreamHandler(
146 new RestDeserialiseTrustedHandler<Guid, List<InventoryFolderBase>>
147 ("POST", "/RootFolders/", GetInventorySkeleton, CheckTrustSource));
148 }
149
150 #region Wrappers for converting the Guid parameter
151
152 public InventoryCollection GetUserInventory(Guid guid)
153 {
154 UUID userID = new UUID(guid);
155 return m_InventoryService.GetUserInventory(userID);
156 }
157
158 public List<InventoryItemBase> GetFolderItems(Guid folderID)
159 {
160 List<InventoryItemBase> allItems = new List<InventoryItemBase>();
161
162 List<InventoryItemBase> items = m_InventoryService.GetFolderItems(new UUID(folderID));
163
164 if (items != null)
165 {
166 allItems.InsertRange(0, items);
167 }
168 return allItems;
169 }
170
171 public bool CreateUsersInventory(Guid rawUserID)
172 {
173 UUID userID = new UUID(rawUserID);
174
175
176 return m_InventoryService.CreateUserInventory(userID);
177 }
178
179 public List<InventoryItemBase> GetActiveGestures(Guid rawUserID)
180 {
181 UUID userID = new UUID(rawUserID);
182
183 return m_InventoryService.GetActiveGestures(userID);
184 }
185
186 public List<InventoryFolderBase> GetInventorySkeleton(Guid rawUserID)
187 {
188 UUID userID = new UUID(rawUserID);
189 return m_InventoryService.GetInventorySkeleton(userID);
190 }
191
192 #endregion
193
194 /// <summary>
195 /// Check that the source of an inventory request is one that we trust.
196 /// </summary>
197 /// <param name="peer"></param>
198 /// <returns></returns>
199 public bool CheckTrustSource(IPEndPoint peer)
200 {
201 if (m_doLookup)
202 {
203 m_log.InfoFormat("[INVENTORY IN CONNECTOR]: Checking trusted source {0}", peer);
204 UriBuilder ub = new UriBuilder(m_userserver_url);
205 IPAddress[] uaddrs = Dns.GetHostAddresses(ub.Host);
206 foreach (IPAddress uaddr in uaddrs)
207 {
208 if (uaddr.Equals(peer.Address))
209 {
210 return true;
211 }
212 }
213
214 m_log.WarnFormat(
215 "[INVENTORY IN CONNECTOR]: Rejecting request since source {0} was not in the list of trusted sources",
216 peer);
217
218 return false;
219 }
220 else
221 {
222 return true;
223 }
224 }
225
226 /// <summary>
227 /// Check that the source of an inventory request for a particular agent is a current session belonging to
228 /// that agent.
229 /// </summary>
230 /// <param name="session_id"></param>
231 /// <param name="avatar_id"></param>
232 /// <returns></returns>
233 public bool CheckAuthSession(string session_id, string avatar_id)
234 {
235 if (m_doLookup)
236 {
237 m_log.InfoFormat("[INVENTORY IN CONNECTOR]: checking authed session {0} {1}", session_id, avatar_id);
238
239 //if (m_session_cache.getCachedSession(session_id, avatar_id) == null)
240 //{
241 // cache miss, ask userserver
242 Hashtable requestData = new Hashtable();
243 requestData["avatar_uuid"] = avatar_id;
244 requestData["session_id"] = session_id;
245 ArrayList SendParams = new ArrayList();
246 SendParams.Add(requestData);
247 XmlRpcRequest UserReq = new XmlRpcRequest("check_auth_session", SendParams);
248 XmlRpcResponse UserResp = UserReq.Send(m_userserver_url, 3000);
249
250 Hashtable responseData = (Hashtable)UserResp.Value;
251 if (responseData.ContainsKey("auth_session") && responseData["auth_session"].ToString() == "TRUE")
252 {
253 m_log.Info("[INVENTORY IN CONNECTOR]: got authed session from userserver");
254 //// add to cache; the session time will be automatically renewed
255 //m_session_cache.Add(session_id, avatar_id);
256 return true;
257 }
258 //}
259 //else
260 //{
261 // // cache hits
262 // m_log.Info("[GRID AGENT INVENTORY]: got authed session from cache");
263 // return true;
264 //}
265
266 m_log.Warn("[INVENTORY IN CONNECTOR]: unknown session_id, request rejected");
267 return false;
268 }
269 else
270 {
271 return true;
272 }
273 }
274
275 }
276}