From 11c742a5a8b1edd97923cc445aa43e0ba92f1bce Mon Sep 17 00:00:00 2001
From: Melanie
Date: Thu, 27 Jan 2011 02:16:41 +0100
Subject: Make bans work for teleport. Now teleport will complete block if the
user is not allowed on the estate. If the user is allowed on no parcel, the
teleport will also be blocked. If the user is allowed on a parcel, but not
the desired one, the user will be shifted to the closest allowed location.
---
.../EntityTransfer/EntityTransferModule.cs | 6 ++
.../Simulation/LocalSimulationConnector.cs | 6 +-
OpenSim/Region/Framework/Scenes/Scene.cs | 99 +++++++++++-----------
.../Server/Handlers/Simulation/AgentHandlers.cs | 2 +-
4 files changed, 56 insertions(+), 57 deletions(-)
diff --git a/OpenSim/Region/CoreModules/Framework/EntityTransfer/EntityTransferModule.cs b/OpenSim/Region/CoreModules/Framework/EntityTransfer/EntityTransferModule.cs
index eb150d9..4bf2477 100644
--- a/OpenSim/Region/CoreModules/Framework/EntityTransfer/EntityTransferModule.cs
+++ b/OpenSim/Region/CoreModules/Framework/EntityTransfer/EntityTransferModule.cs
@@ -281,6 +281,12 @@ namespace OpenSim.Region.CoreModules.Framework.EntityTransfer
return;
}
+ if (!m_aScene.SimulationService.QueryAccess(finalDestination, sp.ControllingClient.AgentId))
+ {
+ sp.ControllingClient.SendTeleportFailed("The destination region has refused access");
+ return;
+ }
+
sp.ControllingClient.SendTeleportStart(teleportFlags);
// the avatar.Close below will clear the child region list. We need this below for (possibly)
diff --git a/OpenSim/Region/CoreModules/ServiceConnectorsOut/Simulation/LocalSimulationConnector.cs b/OpenSim/Region/CoreModules/ServiceConnectorsOut/Simulation/LocalSimulationConnector.cs
index 5be6486..aaf7bf3 100644
--- a/OpenSim/Region/CoreModules/ServiceConnectorsOut/Simulation/LocalSimulationConnector.cs
+++ b/OpenSim/Region/CoreModules/ServiceConnectorsOut/Simulation/LocalSimulationConnector.cs
@@ -264,13 +264,9 @@ namespace OpenSim.Region.CoreModules.ServiceConnectorsOut.Simulation
foreach (Scene s in m_sceneList)
{
- if (s.RegionInfo.RegionHandle == destination.RegionHandle)
- {
- //m_log.Debug("[LOCAL COMMS]: Found region to send QueryAccess");
+ if (s.RegionInfo.RegionID == destination.RegionID)
return s.QueryAccess(id);
- }
}
- //m_log.Debug("[LOCAL COMMS]: region not found for QueryAccess");
return false;
}
diff --git a/OpenSim/Region/Framework/Scenes/Scene.cs b/OpenSim/Region/Framework/Scenes/Scene.cs
index a4f630a..fc4110b 100644
--- a/OpenSim/Region/Framework/Scenes/Scene.cs
+++ b/OpenSim/Region/Framework/Scenes/Scene.cs
@@ -3387,12 +3387,11 @@ namespace OpenSim.Region.Framework.Scenes
sp = null;
}
- ILandObject land = LandChannel.GetLandObject(agent.startpos.X, agent.startpos.Y);
//On login test land permisions
if (vialogin)
{
- if (land != null && !TestLandRestrictions(agent, land, out reason))
+ if (!TestLandRestrictions(agent.AgentID, out reason, ref agent.startpos.X, ref agent.startpos.Y))
{
m_log.DebugFormat("[CONNECTION BEGIN]: Denying access to {0} due to no land access", agent.AgentID.ToString());
return false;
@@ -3417,8 +3416,13 @@ namespace OpenSim.Region.Framework.Scenes
try
{
- if (!AuthorizeUser(agent, out reason))
- return false;
+ // Always check estate if this is a login. Always
+ // check if banned regions are to be blacked out.
+ if (vialogin || (!m_seeIntoBannedRegion))
+ {
+ if (!AuthorizeUser(agent.AgentID, out reason))
+ return false;
+ }
}
catch (Exception e)
{
@@ -3527,21 +3531,26 @@ namespace OpenSim.Region.Framework.Scenes
return true;
}
- private bool TestLandRestrictions(AgentCircuitData agent, ILandObject land, out string reason)
+ private bool TestLandRestrictions(UUID agentID, out string reason, ref float posX, ref float posY)
{
-
- bool banned = land.IsBannedFromLand(agent.AgentID);
- bool restricted = land.IsRestrictedFromLand(agent.AgentID);
+ reason = String.Empty;
+
+ ILandObject land = LandChannel.GetLandObject(posX, posY);
+ if (land == null)
+ return false;
+
+ bool banned = land.IsBannedFromLand(agentID);
+ bool restricted = land.IsRestrictedFromLand(agentID);
if (banned || restricted)
{
- ILandObject nearestParcel = GetNearestAllowedParcel(agent.AgentID, agent.startpos.X, agent.startpos.Y);
+ ILandObject nearestParcel = GetNearestAllowedParcel(agentID, posX, posY);
if (nearestParcel != null)
{
//Move agent to nearest allowed
Vector3 newPosition = GetParcelCenterAtGround(nearestParcel);
- agent.startpos.X = newPosition.X;
- agent.startpos.Y = newPosition.Y;
+ posX = newPosition.X;
+ posY = newPosition.Y;
}
else
{
@@ -3597,19 +3606,19 @@ namespace OpenSim.Region.Framework.Scenes
/// outputs the reason to this string
/// True if the region accepts this agent. False if it does not. False will
/// also return a reason.
- protected virtual bool AuthorizeUser(AgentCircuitData agent, out string reason)
+ protected virtual bool AuthorizeUser(UUID agentID, out string reason)
{
reason = String.Empty;
if (!m_strictAccessControl) return true;
- if (Permissions.IsGod(agent.AgentID)) return true;
+ if (Permissions.IsGod(agentID)) return true;
if (AuthorizationService != null)
{
- if (!AuthorizationService.IsAuthorizedForRegion(agent.AgentID.ToString(), RegionInfo.RegionID.ToString(),out reason))
+ if (!AuthorizationService.IsAuthorizedForRegion(agentID.ToString(), RegionInfo.RegionID.ToString(),out reason))
{
- m_log.WarnFormat("[CONNECTION BEGIN]: Denied access to: {0} ({1} {2}) at {3} because the user does not have access to the region",
- agent.AgentID, agent.firstname, agent.lastname, RegionInfo.RegionName);
+ m_log.WarnFormat("[CONNECTION BEGIN]: Denied access to: {0} at {1} because the user does not have access to the region",
+ agentID, RegionInfo.RegionName);
//reason = String.Format("You are not currently on the access list for {0}",RegionInfo.RegionName);
return false;
}
@@ -3617,10 +3626,10 @@ namespace OpenSim.Region.Framework.Scenes
if (m_regInfo.EstateSettings != null)
{
- if ((!m_seeIntoBannedRegion) && m_regInfo.EstateSettings.IsBanned(agent.AgentID))
+ if (m_regInfo.EstateSettings.IsBanned(agentID))
{
- m_log.WarnFormat("[CONNECTION BEGIN]: Denied access to: {0} ({1} {2}) at {3} because the user is on the banlist",
- agent.AgentID, agent.firstname, agent.lastname, RegionInfo.RegionName);
+ m_log.WarnFormat("[CONNECTION BEGIN]: Denied access to: {0} at {1} because the user is on the banlist",
+ agentID, RegionInfo.RegionName);
reason = String.Format("Denied access to region {0}: You have been banned from that region.",
RegionInfo.RegionName);
return false;
@@ -3637,7 +3646,7 @@ namespace OpenSim.Region.Framework.Scenes
if (groupsModule != null)
{
GroupMembershipData[] GroupMembership =
- groupsModule.GetMembershipData(agent.AgentID);
+ groupsModule.GetMembershipData(agentID);
if (GroupMembership != null)
{
@@ -3666,44 +3675,16 @@ namespace OpenSim.Region.Framework.Scenes
m_log.ErrorFormat("[CONNECTION BEGIN]: EstateGroups is null!");
if (!m_regInfo.EstateSettings.PublicAccess &&
- !m_regInfo.EstateSettings.HasAccess(agent.AgentID) &&
+ !m_regInfo.EstateSettings.HasAccess(agentID) &&
!groupAccess)
{
- m_log.WarnFormat("[CONNECTION BEGIN]: Denied access to: {0} ({1} {2}) at {3} because the user does not have access to the estate",
- agent.AgentID, agent.firstname, agent.lastname, RegionInfo.RegionName);
+ m_log.WarnFormat("[CONNECTION BEGIN]: Denied access to: {0} at {1} because the user does not have access to the estate",
+ agentID, RegionInfo.RegionName);
reason = String.Format("Denied access to private region {0}: You are not on the access list for that region.",
RegionInfo.RegionName);
return false;
}
- // TODO: estate/region settings are not properly hooked up
- // to ILandObject.isRestrictedFromLand()
- // if (null != LandChannel)
- // {
- // // region seems to have local Id of 1
- // ILandObject land = LandChannel.GetLandObject(1);
- // if (null != land)
- // {
- // if (land.isBannedFromLand(agent.AgentID))
- // {
- // m_log.WarnFormat("[CONNECTION BEGIN]: Denied access to: {0} ({1} {2}) at {3} because the user has been banned from land",
- // agent.AgentID, agent.firstname, agent.lastname, RegionInfo.RegionName);
- // reason = String.Format("Denied access to private region {0}: You are banned from that region.",
- // RegionInfo.RegionName);
- // return false;
- // }
-
- // if (land.isRestrictedFromLand(agent.AgentID))
- // {
- // m_log.WarnFormat("[CONNECTION BEGIN]: Denied access to: {0} ({1} {2}) at {3} because the user does not have access to the region",
- // agent.AgentID, agent.firstname, agent.lastname, RegionInfo.RegionName);
- // reason = String.Format("Denied access to private region {0}: You are not on the access list for that region.",
- // RegionInfo.RegionName);
- // return false;
- // }
- // }
- // }
-
return true;
}
@@ -5173,6 +5154,22 @@ namespace OpenSim.Region.Framework.Scenes
// child agent creation, thereby emulating the SL behavior.
public bool QueryAccess(UUID agentID)
{
+ string reason;
+
+ if (!AuthorizeUser(agentID, out reason))
+ {
+ m_log.DebugFormat("[SCENE]: Denying access for {0}", agentID);
+ return false;
+ }
+
+ float posX = 128.0f;
+ float posY = 128.0f;
+
+ if (!TestLandRestrictions(agentID, out reason, ref posX, ref posY))
+ {
+ m_log.DebugFormat("[SCENE]: Denying {0} because they are banned on all parcels", agentID);
+ return false;
+ }
return true;
}
}
diff --git a/OpenSim/Server/Handlers/Simulation/AgentHandlers.cs b/OpenSim/Server/Handlers/Simulation/AgentHandlers.cs
index 6d01f80..89832f4 100644
--- a/OpenSim/Server/Handlers/Simulation/AgentHandlers.cs
+++ b/OpenSim/Server/Handlers/Simulation/AgentHandlers.cs
@@ -115,7 +115,7 @@ namespace OpenSim.Server.Handlers.Simulation
DoChildAgentDelete(request, responsedata, agentID, action, regionID);
return responsedata;
}
- else if (method.Equals("QUERYACCESSS"))
+ else if (method.Equals("QUERYACCESS"))
{
DoQueryAccess(request, responsedata, agentID, regionID);
return responsedata;
--
cgit v1.1