From 31cec30aa0a589f622635c689b08c2e026898556 Mon Sep 17 00:00:00 2001
From: Teravus Ovares
Date: Fri, 30 Nov 2007 04:54:15 +0000
Subject: * Extended our semi-stupid implementation of in world object
permissions to show a user's client that it can't edit a prim if it doesn't
have permission. * Permissions is due for a big revamp. The current way it's
done is a hack at best.
---
OpenSim/Region/Application/OpenSimMain.cs | 2 +-
.../Region/ClientStack/RegionApplicationBase.cs | 5 +-
OpenSim/Region/Environment/PermissionManager.cs | 108 +++++++++++++++++++++
OpenSim/Region/Environment/Scenes/Scene.cs | 19 +++-
.../Region/Environment/Scenes/SceneObjectPart.cs | 83 ++++++++++++++--
OpenSim/Region/Examples/SimpleApp/Program.cs | 2 +-
6 files changed, 206 insertions(+), 13 deletions(-)
diff --git a/OpenSim/Region/Application/OpenSimMain.cs b/OpenSim/Region/Application/OpenSimMain.cs
index 5877aa6..4ebe207 100644
--- a/OpenSim/Region/Application/OpenSimMain.cs
+++ b/OpenSim/Region/Application/OpenSimMain.cs
@@ -344,7 +344,7 @@ namespace OpenSim
public UDPServer CreateRegion(RegionInfo regionInfo)
{
UDPServer udpServer;
- Scene scene = SetupScene(regionInfo, out udpServer);
+ Scene scene = SetupScene(regionInfo, out udpServer, m_permissions);
MainLog.Instance.Verbose("MODULES", "Loading Region's Modules");
diff --git a/OpenSim/Region/ClientStack/RegionApplicationBase.cs b/OpenSim/Region/ClientStack/RegionApplicationBase.cs
index 251601f..4c0c02d 100644
--- a/OpenSim/Region/ClientStack/RegionApplicationBase.cs
+++ b/OpenSim/Region/ClientStack/RegionApplicationBase.cs
@@ -103,7 +103,7 @@ namespace OpenSim.Region.ClientStack
return physicsPluginManager.GetPhysicsScene(engine, meshEngine);
}
- protected Scene SetupScene(RegionInfo regionInfo, out UDPServer udpServer)
+ protected Scene SetupScene(RegionInfo regionInfo, out UDPServer udpServer, bool m_permissions)
{
AgentCircuitManager circuitManager = new AgentCircuitManager();
udpServer = new UDPServer(regionInfo.InternalEndPoint.Port, m_assetCache, m_log, circuitManager);
@@ -146,7 +146,8 @@ namespace OpenSim.Region.ClientStack
}
scene.LandManager.resetSimLandObjects();
- scene.LoadPrimsFromStorage();
+
+ scene.LoadPrimsFromStorage(m_permissions);
scene.performParcelPrimCountUpdate();
scene.StartTimer();
diff --git a/OpenSim/Region/Environment/PermissionManager.cs b/OpenSim/Region/Environment/PermissionManager.cs
index bcaa1bf..9911792 100644
--- a/OpenSim/Region/Environment/PermissionManager.cs
+++ b/OpenSim/Region/Environment/PermissionManager.cs
@@ -135,6 +135,114 @@ namespace OpenSim.Region.Environment
#region Object Permissions
+
+ public virtual bool AnyoneCanCopyPermission(LLUUID user, LLUUID objId)
+ {
+
+ // Default: deny
+ bool permission = false;
+
+ if (!m_scene.Entities.ContainsKey(objId))
+ {
+ return false;
+ }
+
+ // If it's not an object, we cant edit it.
+ if (!(m_scene.Entities[objId] is SceneObjectGroup))
+ {
+ return false;
+ }
+
+ SceneObjectGroup task = (SceneObjectGroup)m_scene.Entities[objId];
+ LLUUID taskOwner = null;
+ // Added this because at this point in time it wouldn't be wise for
+ // the administrator object permissions to take effect.
+ LLUUID objectOwner = task.OwnerID;
+ uint objectflags = task.RootPart.EveryoneMask;
+
+ // Object owners should be able to edit their own content
+ if (user == objectOwner)
+ permission = true;
+
+ // If the 'anybody can move' flag is set then allow anyone to move it
+ if ((objectflags & (uint)LLObject.ObjectFlags.ObjectCopy ) != 0)
+ permission = true;
+
+ // Users should be able to edit what is over their land.
+ if (m_scene.LandManager.getLandObject(task.AbsolutePosition.X, task.AbsolutePosition.Y).landData.ownerID ==
+ user)
+ permission = true;
+
+ // Estate users should be able to edit anything in the sim
+ if (IsEstateManager(user))
+ permission = true;
+
+ // Admin objects should not be editable by the above
+ if (IsAdministrator(taskOwner))
+ permission = false;
+
+ // Admin should be able to edit anything in the sim (including admin objects)
+ if (IsAdministrator(user))
+ permission = true;
+
+ return permission;
+
+ }
+
+
+ public virtual bool AnyoneCanMovePermission(LLUUID user, LLUUID objId)
+ {
+
+ // Default: deny
+ bool permission = false;
+
+ if (!m_scene.Entities.ContainsKey(objId))
+ {
+ return false;
+ }
+
+ // If it's not an object, we cant edit it.
+ if (!(m_scene.Entities[objId] is SceneObjectGroup))
+ {
+ return false;
+ }
+
+ SceneObjectGroup task = (SceneObjectGroup)m_scene.Entities[objId];
+ LLUUID taskOwner = null;
+ // Added this because at this point in time it wouldn't be wise for
+ // the administrator object permissions to take effect.
+ LLUUID objectOwner = task.OwnerID;
+ uint objectflags = task.RootPart.ObjectFlags;
+
+ // Object owners should be able to edit their own content
+ if (user == objectOwner)
+ permission = true;
+
+ // If the 'anybody can move' flag is set then allow anyone to move it
+ if ((objectflags & (uint)LLObject.ObjectFlags.ObjectMove) != 0)
+ permission = true;
+
+ // Users should be able to edit what is over their land.
+ if (m_scene.LandManager.getLandObject(task.AbsolutePosition.X, task.AbsolutePosition.Y).landData.ownerID ==
+ user)
+ permission = true;
+
+ // Estate users should be able to edit anything in the sim
+ if (IsEstateManager(user))
+ permission = true;
+
+ // Admin objects should not be editable by the above
+ if (IsAdministrator(taskOwner))
+ permission = false;
+
+ // Admin should be able to edit anything in the sim (including admin objects)
+ if (IsAdministrator(user))
+ permission = true;
+
+ return permission;
+
+ }
+
protected virtual bool GenericObjectPermission(LLUUID user, LLUUID objId)
{
// Default: deny
diff --git a/OpenSim/Region/Environment/Scenes/Scene.cs b/OpenSim/Region/Environment/Scenes/Scene.cs
index 2d74913..cc0f3e1 100644
--- a/OpenSim/Region/Environment/Scenes/Scene.cs
+++ b/OpenSim/Region/Environment/Scenes/Scene.cs
@@ -733,7 +733,7 @@ namespace OpenSim.Region.Environment.Scenes
///
/// Loads the World's objects
///
- public virtual void LoadPrimsFromStorage()
+ public virtual void LoadPrimsFromStorage(bool m_permissions)
{
MainLog.Instance.Verbose("Loading objects from datastore");
List PrimsFromDB = m_storageManager.DataStore.LoadObjects(m_regInfo.RegionID);
@@ -741,6 +741,20 @@ namespace OpenSim.Region.Environment.Scenes
{
AddEntityFromStorage(prim);
SceneObjectPart rootPart = prim.GetChildPart(prim.UUID);
+ if (m_permissions)
+ {
+ rootPart.EveryoneMask = rootPart.ObjectFlags;
+ rootPart.EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectYouOwner;
+ rootPart.EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectTransfer;
+ rootPart.EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectModify;
+ rootPart.EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectMove;
+ rootPart.EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectAnyOwner;
+ rootPart.EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectYouOfficer;
+ }
+ else
+ {
+ rootPart.EveryoneMask = rootPart.ObjectFlags;
+ }
bool UsePhysics = (((rootPart.ObjectFlags & (uint)LLObject.ObjectFlags.Physics) > 0) && m_physicalPrim);
if ((rootPart.ObjectFlags & (uint)LLObject.ObjectFlags.Phantom) == 0)
rootPart.PhysActor = PhysicsScene.AddPrimShape(
@@ -839,7 +853,8 @@ namespace OpenSim.Region.Environment.Scenes
// if grass or tree, make phantom
if ((rootPart.Shape.PCode == 95) || (rootPart.Shape.PCode == 255))
{
- rootPart.ObjectFlags += (uint)LLObject.ObjectFlags.Phantom;
+ rootPart.AddFlag(LLObject.ObjectFlags.Phantom);
+ //rootPart.ObjectFlags += (uint)LLObject.ObjectFlags.Phantom;
}
// if not phantom, add to physics
bool UsePhysics = (((rootPart.ObjectFlags & (uint)LLObject.ObjectFlags.Physics) > 0) && m_physicalPrim);
diff --git a/OpenSim/Region/Environment/Scenes/SceneObjectPart.cs b/OpenSim/Region/Environment/Scenes/SceneObjectPart.cs
index c94bfd9..d8e2143 100644
--- a/OpenSim/Region/Environment/Scenes/SceneObjectPart.cs
+++ b/OpenSim/Region/Environment/Scenes/SceneObjectPart.cs
@@ -466,6 +466,18 @@ namespace OpenSim.Region.Environment.Scenes
LLObject.ObjectFlags.CreateSelected |
LLObject.ObjectFlags.ObjectOwnerModify;
+ if (!ParentGroup.m_scene.PermissionsMngr.BypassPermissions)
+ {
+ EveryoneMask = (uint)m_flags;
+ EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectYouOwner;
+ EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectTransfer;
+ EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectCopy;
+ EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectModify;
+ EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectMove;
+ EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectAnyOwner;
+ EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectYouOfficer;
+ }
+
ScheduleFullUpdate();
}
@@ -503,6 +515,23 @@ namespace OpenSim.Region.Environment.Scenes
OffsetPosition = position;
RotationOffset = rotation;
ObjectFlags = flags;
+
+ if (!ParentGroup.m_scene.PermissionsMngr.BypassPermissions)
+ {
+ EveryoneMask = (uint)m_flags;
+ EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectYouOwner;
+ EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectTransfer;
+ EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectCopy;
+ EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectModify;
+ EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectMove;
+ EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectAnyOwner;
+ EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectYouOfficer;
+ }
+ else
+ {
+ EveryoneMask = ObjectFlags;
+ }
+
bool UsePhysics = ((ObjectFlags & (uint)LLObject.ObjectFlags.Physics) != 0);
doPhysicsPropertyUpdate(UsePhysics, true);
ScheduleFullUpdate();
@@ -519,6 +548,23 @@ namespace OpenSim.Region.Environment.Scenes
{
XmlSerializer serializer = new XmlSerializer(typeof (SceneObjectPart));
SceneObjectPart newobject = (SceneObjectPart) serializer.Deserialize(xmlReader);
+
+ if (!newobject.ParentGroup.m_scene.PermissionsMngr.BypassPermissions)
+ {
+ newobject.EveryoneMask = newobject.ObjectFlags;
+ newobject.EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectYouOwner;
+ newobject.EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectTransfer;
+ newobject.EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectCopy;
+ newobject.EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectModify;
+ newobject.EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectMove;
+ newobject.EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectAnyOwner;
+ newobject.EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectYouOfficer;
+ }
+ else
+ {
+ newobject.EveryoneMask = newobject.ObjectFlags;
+ }
+
bool UsePhysics = ((newobject.ObjectFlags & (uint)LLObject.ObjectFlags.Physics) != 0);
newobject.doPhysicsPropertyUpdate(UsePhysics, true);
@@ -711,6 +757,9 @@ namespace OpenSim.Region.Environment.Scenes
{
//Console.WriteLine("Adding flag: " + ((LLObject.ObjectFlags) flag).ToString());
m_flags |= flag;
+ BaseMask |= (uint)flag;
+ GroupMask |= (uint)flag;
+ EveryoneMask |= (uint)flag;
}
uint currflag = (uint) m_flags;
//System.Console.WriteLine("Aprev: " + prevflag.ToString() + " curr: " + m_flags.ToString());
@@ -724,6 +773,9 @@ namespace OpenSim.Region.Environment.Scenes
{
//Console.WriteLine("Removing flag: " + ((LLObject.ObjectFlags)flag).ToString());
m_flags &= ~flag;
+ BaseMask &= ~(uint)flag;
+ GroupMask &= ~(uint)flag;
+ EveryoneMask &= ~(uint)flag;
}
//System.Console.WriteLine("prev: " + prevflag.ToString() + " curr: " + m_flags.ToString());
//ScheduleFullUpdate();
@@ -1201,19 +1253,36 @@ namespace OpenSim.Region.Environment.Scenes
}
break;
}
+ }
+ // If you can't edit it, send the base permissions minus the flag to edit
+ if (!ParentGroup.m_scene.PermissionsMngr.BypassPermissions)
+ {
+ if (ParentGroup.m_scene.PermissionsMngr.CanEditObject(remoteClient.AgentId, this.ParentGroup.UUID))
+ {
+ //clientFlags = ObjectFlags &= ~(uint)LLObject.ObjectFlags.ObjectModify;
+ //clientFlags = clientFlags &= ~(uint)LLObject.ObjectFlags.ObjectMove;
+ //clientFlags = clientFlags &= ~(uint)LLObject.ObjectFlags.AllowInventoryDrop;
+ //clientFlags = clientFlags &= ~(uint)LLObject.ObjectFlags.ObjectTransfer;
+ // Send EveryoneMask
+ clientFlags = ObjectFlags;
+
+ }
else
{
- // If you can't edit it, send the base permissions minus the flag to edit
- if (!ParentGroup.m_scene.PermissionsMngr.CanEditObject(remoteClient.AgentId, this.ParentGroup.UUID))
- {
- clientFlags = ObjectFlags &= ~(uint)LLObject.ObjectFlags.ObjectModify;
+ clientFlags = ObjectFlags;
+ if (!ParentGroup.m_scene.PermissionsMngr.AnyoneCanCopyPermission(remoteClient.AgentId, this.ParentGroup.UUID))
+ clientFlags = clientFlags &= ~(uint)LLObject.ObjectFlags.ObjectCopy;
+ if (!ParentGroup.m_scene.PermissionsMngr.AnyoneCanMovePermission(remoteClient.AgentId, this.ParentGroup.UUID))
clientFlags = clientFlags &= ~(uint)LLObject.ObjectFlags.ObjectMove;
- clientFlags = clientFlags &= ~(uint)LLObject.ObjectFlags.AllowInventoryDrop;
- clientFlags = clientFlags &= ~(uint)LLObject.ObjectFlags.ObjectTransfer;
- }
+
+ clientFlags = clientFlags &= ~(uint)LLObject.ObjectFlags.ObjectModify;
+ clientFlags = clientFlags &= ~(uint)LLObject.ObjectFlags.AllowInventoryDrop;
+ clientFlags = clientFlags &= ~(uint)LLObject.ObjectFlags.ObjectTransfer;
+ clientFlags = EveryoneMask;
}
}
+
byte[] color = new byte[] { m_color.R, m_color.G, m_color.B, m_color.A };
remoteClient.SendPrimitiveToClient(m_regionHandle, 64096, LocalID, m_shape, lPos, clientFlags, m_uuid,
OwnerID,
diff --git a/OpenSim/Region/Examples/SimpleApp/Program.cs b/OpenSim/Region/Examples/SimpleApp/Program.cs
index 7ed58f5..372d951 100644
--- a/OpenSim/Region/Examples/SimpleApp/Program.cs
+++ b/OpenSim/Region/Examples/SimpleApp/Program.cs
@@ -98,7 +98,7 @@ namespace SimpleApp
m_moduleLoader = new ModuleLoader(m_log, m_config);
m_moduleLoader.LoadDefaultSharedModules();
- Scene scene = SetupScene(regionInfo, out udpServer);
+ Scene scene = SetupScene(regionInfo, out udpServer, false);
m_moduleLoader.InitialiseSharedModules(scene);
--
cgit v1.1