diff options
Diffstat (limited to 'OpenSim/Server/Handlers')
-rw-r--r-- | OpenSim/Server/Handlers/Inventory/InventoryServerInConnector.cs | 276 |
1 files changed, 276 insertions, 0 deletions
diff --git a/OpenSim/Server/Handlers/Inventory/InventoryServerInConnector.cs b/OpenSim/Server/Handlers/Inventory/InventoryServerInConnector.cs new file mode 100644 index 0000000..c8d08de --- /dev/null +++ b/OpenSim/Server/Handlers/Inventory/InventoryServerInConnector.cs | |||
@@ -0,0 +1,276 @@ | |||
1 | /* | ||
2 | * Copyright (c) Contributors, http://opensimulator.org/ | ||
3 | * See CONTRIBUTORS.TXT for a full list of copyright holders. | ||
4 | * | ||
5 | * Redistribution and use in source and binary forms, with or without | ||
6 | * modification, are permitted provided that the following conditions are met: | ||
7 | * * Redistributions of source code must retain the above copyright | ||
8 | * notice, this list of conditions and the following disclaimer. | ||
9 | * * Redistributions in binary form must reproduce the above copyright | ||
10 | * notice, this list of conditions and the following disclaimer in the | ||
11 | * documentation and/or other materials provided with the distribution. | ||
12 | * * Neither the name of the OpenSimulator Project nor the | ||
13 | * names of its contributors may be used to endorse or promote products | ||
14 | * derived from this software without specific prior written permission. | ||
15 | * | ||
16 | * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY | ||
17 | * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED | ||
18 | * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE | ||
19 | * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY | ||
20 | * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES | ||
21 | * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
22 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND | ||
23 | * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | ||
24 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS | ||
25 | * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
26 | */ | ||
27 | |||
28 | using System; | ||
29 | using System.Collections; | ||
30 | using System.Collections.Generic; | ||
31 | using System.Net; | ||
32 | using System.Reflection; | ||
33 | using log4net; | ||
34 | using Nini.Config; | ||
35 | using Nwc.XmlRpc; | ||
36 | using OpenSim.Server.Base; | ||
37 | using OpenSim.Services.Interfaces; | ||
38 | using OpenSim.Framework; | ||
39 | using OpenSim.Framework.Servers.HttpServer; | ||
40 | using OpenSim.Server.Handlers.Base; | ||
41 | using OpenMetaverse; | ||
42 | |||
43 | namespace OpenSim.Server.Handlers.Inventory | ||
44 | { | ||
45 | public class InventoryServiceInConnector : ServiceConnector | ||
46 | { | ||
47 | private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); | ||
48 | |||
49 | private IInventoryService m_InventoryService; | ||
50 | |||
51 | private bool m_doLookup = false; | ||
52 | |||
53 | //private static readonly int INVENTORY_DEFAULT_SESSION_TIME = 30; // secs | ||
54 | //private AuthedSessionCache m_session_cache = new AuthedSessionCache(INVENTORY_DEFAULT_SESSION_TIME); | ||
55 | |||
56 | private string m_userserver_url; | ||
57 | |||
58 | public InventoryServiceInConnector(IConfigSource config, IHttpServer server) : | ||
59 | base(config, server) | ||
60 | { | ||
61 | IConfig serverConfig = config.Configs["InventoryService"]; | ||
62 | if (serverConfig == null) | ||
63 | throw new Exception("No section 'InventoryService' in config file"); | ||
64 | |||
65 | string inventoryService = serverConfig.GetString("LocalServiceModule", | ||
66 | String.Empty); | ||
67 | |||
68 | if (inventoryService == String.Empty) | ||
69 | throw new Exception("No InventoryService in config file"); | ||
70 | |||
71 | Object[] args = new Object[] { config }; | ||
72 | m_InventoryService = | ||
73 | ServerUtils.LoadPlugin<IInventoryService>(inventoryService, args); | ||
74 | |||
75 | m_userserver_url = serverConfig.GetString("UserServerURI", String.Empty); | ||
76 | m_doLookup = serverConfig.GetBoolean("SessionAuthentication", false); | ||
77 | |||
78 | AddHttpHandlers(server); | ||
79 | } | ||
80 | |||
81 | protected virtual void AddHttpHandlers(IHttpServer m_httpServer) | ||
82 | { | ||
83 | m_httpServer.AddStreamHandler( | ||
84 | new RestDeserialiseSecureHandler<Guid, InventoryCollection>( | ||
85 | "POST", "/GetInventory/", GetUserInventory, CheckAuthSession)); | ||
86 | |||
87 | m_httpServer.AddStreamHandler( | ||
88 | new RestDeserialiseSecureHandler<InventoryFolderBase, bool>( | ||
89 | "POST", "/UpdateFolder/", m_InventoryService.UpdateFolder, CheckAuthSession)); | ||
90 | |||
91 | m_httpServer.AddStreamHandler( | ||
92 | new RestDeserialiseSecureHandler<InventoryFolderBase, bool>( | ||
93 | "POST", "/MoveFolder/", m_InventoryService.MoveFolder, CheckAuthSession)); | ||
94 | |||
95 | m_httpServer.AddStreamHandler( | ||
96 | new RestDeserialiseSecureHandler<InventoryFolderBase, bool>( | ||
97 | "POST", "/PurgeFolder/", m_InventoryService.PurgeFolder, CheckAuthSession)); | ||
98 | |||
99 | m_httpServer.AddStreamHandler( | ||
100 | new RestDeserialiseSecureHandler<InventoryItemBase, bool>( | ||
101 | "POST", "/DeleteItem/", m_InventoryService.DeleteItem, CheckAuthSession)); | ||
102 | |||
103 | m_httpServer.AddStreamHandler( | ||
104 | new RestDeserialiseSecureHandler<InventoryItemBase, InventoryItemBase>( | ||
105 | "POST", "/QueryItem/", m_InventoryService.QueryItem, CheckAuthSession)); | ||
106 | |||
107 | m_httpServer.AddStreamHandler( | ||
108 | new RestDeserialiseSecureHandler<InventoryFolderBase, InventoryFolderBase>( | ||
109 | "POST", "/QueryFolder/", m_InventoryService.QueryFolder, CheckAuthSession)); | ||
110 | |||
111 | m_httpServer.AddStreamHandler( | ||
112 | new RestDeserialiseTrustedHandler<Guid, bool>( | ||
113 | "POST", "/CreateInventory/", CreateUsersInventory, CheckTrustSource)); | ||
114 | |||
115 | m_httpServer.AddStreamHandler( | ||
116 | new RestDeserialiseSecureHandler<InventoryFolderBase, bool>( | ||
117 | "POST", "/NewFolder/", m_InventoryService.AddFolder, CheckAuthSession)); | ||
118 | |||
119 | m_httpServer.AddStreamHandler( | ||
120 | new RestDeserialiseTrustedHandler<InventoryFolderBase, bool>( | ||
121 | "POST", "/CreateFolder/", m_InventoryService.AddFolder, CheckTrustSource)); | ||
122 | |||
123 | m_httpServer.AddStreamHandler( | ||
124 | new RestDeserialiseSecureHandler<InventoryItemBase, bool>( | ||
125 | "POST", "/NewItem/", m_InventoryService.AddItem, CheckAuthSession)); | ||
126 | |||
127 | m_httpServer.AddStreamHandler( | ||
128 | new RestDeserialiseTrustedHandler<InventoryItemBase, bool>( | ||
129 | "POST", "/AddNewItem/", m_InventoryService.AddItem, CheckTrustSource)); | ||
130 | |||
131 | m_httpServer.AddStreamHandler( | ||
132 | new RestDeserialiseTrustedHandler<Guid, List<InventoryItemBase>>( | ||
133 | "POST", "/GetItems/", GetFolderItems, CheckTrustSource)); | ||
134 | |||
135 | // for persistent active gestures | ||
136 | m_httpServer.AddStreamHandler( | ||
137 | new RestDeserialiseTrustedHandler<Guid, List<InventoryItemBase>> | ||
138 | ("POST", "/ActiveGestures/", GetActiveGestures, CheckTrustSource)); | ||
139 | |||
140 | // WARNING: Root folders no longer just delivers the root and immediate child folders (e.g | ||
141 | // system folders such as Objects, Textures), but it now returns the entire inventory skeleton. | ||
142 | // It would have been better to rename this request, but complexities in the BaseHttpServer | ||
143 | // (e.g. any http request not found is automatically treated as an xmlrpc request) make it easier | ||
144 | // to do this for now. | ||
145 | m_httpServer.AddStreamHandler( | ||
146 | new RestDeserialiseTrustedHandler<Guid, List<InventoryFolderBase>> | ||
147 | ("POST", "/RootFolders/", GetInventorySkeleton, CheckTrustSource)); | ||
148 | } | ||
149 | |||
150 | #region Wrappers for converting the Guid parameter | ||
151 | |||
152 | public InventoryCollection GetUserInventory(Guid guid) | ||
153 | { | ||
154 | UUID userID = new UUID(guid); | ||
155 | return m_InventoryService.GetUserInventory(userID); | ||
156 | } | ||
157 | |||
158 | public List<InventoryItemBase> GetFolderItems(Guid folderID) | ||
159 | { | ||
160 | List<InventoryItemBase> allItems = new List<InventoryItemBase>(); | ||
161 | |||
162 | List<InventoryItemBase> items = m_InventoryService.GetFolderItems(new UUID(folderID)); | ||
163 | |||
164 | if (items != null) | ||
165 | { | ||
166 | allItems.InsertRange(0, items); | ||
167 | } | ||
168 | return allItems; | ||
169 | } | ||
170 | |||
171 | public bool CreateUsersInventory(Guid rawUserID) | ||
172 | { | ||
173 | UUID userID = new UUID(rawUserID); | ||
174 | |||
175 | |||
176 | return m_InventoryService.CreateUserInventory(userID); | ||
177 | } | ||
178 | |||
179 | public List<InventoryItemBase> GetActiveGestures(Guid rawUserID) | ||
180 | { | ||
181 | UUID userID = new UUID(rawUserID); | ||
182 | |||
183 | return m_InventoryService.GetActiveGestures(userID); | ||
184 | } | ||
185 | |||
186 | public List<InventoryFolderBase> GetInventorySkeleton(Guid rawUserID) | ||
187 | { | ||
188 | UUID userID = new UUID(rawUserID); | ||
189 | return m_InventoryService.GetInventorySkeleton(userID); | ||
190 | } | ||
191 | |||
192 | #endregion | ||
193 | |||
194 | /// <summary> | ||
195 | /// Check that the source of an inventory request is one that we trust. | ||
196 | /// </summary> | ||
197 | /// <param name="peer"></param> | ||
198 | /// <returns></returns> | ||
199 | public bool CheckTrustSource(IPEndPoint peer) | ||
200 | { | ||
201 | if (m_doLookup) | ||
202 | { | ||
203 | m_log.InfoFormat("[INVENTORY IN CONNECTOR]: Checking trusted source {0}", peer); | ||
204 | UriBuilder ub = new UriBuilder(m_userserver_url); | ||
205 | IPAddress[] uaddrs = Dns.GetHostAddresses(ub.Host); | ||
206 | foreach (IPAddress uaddr in uaddrs) | ||
207 | { | ||
208 | if (uaddr.Equals(peer.Address)) | ||
209 | { | ||
210 | return true; | ||
211 | } | ||
212 | } | ||
213 | |||
214 | m_log.WarnFormat( | ||
215 | "[INVENTORY IN CONNECTOR]: Rejecting request since source {0} was not in the list of trusted sources", | ||
216 | peer); | ||
217 | |||
218 | return false; | ||
219 | } | ||
220 | else | ||
221 | { | ||
222 | return true; | ||
223 | } | ||
224 | } | ||
225 | |||
226 | /// <summary> | ||
227 | /// Check that the source of an inventory request for a particular agent is a current session belonging to | ||
228 | /// that agent. | ||
229 | /// </summary> | ||
230 | /// <param name="session_id"></param> | ||
231 | /// <param name="avatar_id"></param> | ||
232 | /// <returns></returns> | ||
233 | public bool CheckAuthSession(string session_id, string avatar_id) | ||
234 | { | ||
235 | if (m_doLookup) | ||
236 | { | ||
237 | m_log.InfoFormat("[INVENTORY IN CONNECTOR]: checking authed session {0} {1}", session_id, avatar_id); | ||
238 | |||
239 | //if (m_session_cache.getCachedSession(session_id, avatar_id) == null) | ||
240 | //{ | ||
241 | // cache miss, ask userserver | ||
242 | Hashtable requestData = new Hashtable(); | ||
243 | requestData["avatar_uuid"] = avatar_id; | ||
244 | requestData["session_id"] = session_id; | ||
245 | ArrayList SendParams = new ArrayList(); | ||
246 | SendParams.Add(requestData); | ||
247 | XmlRpcRequest UserReq = new XmlRpcRequest("check_auth_session", SendParams); | ||
248 | XmlRpcResponse UserResp = UserReq.Send(m_userserver_url, 3000); | ||
249 | |||
250 | Hashtable responseData = (Hashtable)UserResp.Value; | ||
251 | if (responseData.ContainsKey("auth_session") && responseData["auth_session"].ToString() == "TRUE") | ||
252 | { | ||
253 | m_log.Info("[INVENTORY IN CONNECTOR]: got authed session from userserver"); | ||
254 | //// add to cache; the session time will be automatically renewed | ||
255 | //m_session_cache.Add(session_id, avatar_id); | ||
256 | return true; | ||
257 | } | ||
258 | //} | ||
259 | //else | ||
260 | //{ | ||
261 | // // cache hits | ||
262 | // m_log.Info("[GRID AGENT INVENTORY]: got authed session from cache"); | ||
263 | // return true; | ||
264 | //} | ||
265 | |||
266 | m_log.Warn("[INVENTORY IN CONNECTOR]: unknown session_id, request rejected"); | ||
267 | return false; | ||
268 | } | ||
269 | else | ||
270 | { | ||
271 | return true; | ||
272 | } | ||
273 | } | ||
274 | |||
275 | } | ||
276 | } | ||