From 7def786ef4d62c2ffad8cea0cba7db033f8f0d27 Mon Sep 17 00:00:00 2001 From: Dr Scofield Date: Mon, 22 Sep 2008 11:20:09 +0000 Subject: cleanups in inventory REST code. also, disables digest authentications for inventory REST calls for the time being, as firefox, curl, and also python's urllib2 cannot authenticate using digest auth. fix permission checking for prim inventory to be the same as for normal edit ops. --- OpenSim/ApplicationPlugins/Rest/Inventory/Rest.cs | 2 +- .../Rest/Inventory/RestAppearanceServices.cs | 35 ++++++++++++++++++---- .../Rest/Inventory/RestAssetServices.cs | 3 ++ .../Rest/Inventory/RestInventoryServices.cs | 3 ++ .../Rest/Inventory/RestTestServices.cs | 2 +- .../Rest/Inventory/tests/Remote.cs | 2 +- .../Region/ClientStack/LindenUDP/LLClientView.cs | 3 +- .../Region/Environment/Scenes/Scene.Inventory.cs | 30 ++++++++++++++++--- 8 files changed, 66 insertions(+), 14 deletions(-) diff --git a/OpenSim/ApplicationPlugins/Rest/Inventory/Rest.cs b/OpenSim/ApplicationPlugins/Rest/Inventory/Rest.cs index 21fcf92..d7935bc 100644 --- a/OpenSim/ApplicationPlugins/Rest/Inventory/Rest.cs +++ b/OpenSim/ApplicationPlugins/Rest/Inventory/Rest.cs @@ -392,7 +392,7 @@ namespace OpenSim.ApplicationPlugins.Rest.Inventory /// Supported Digest algorithms - public const string Digest_MD5 = "MD5"; // assumedd efault if omitted + public const string Digest_MD5 = "MD5"; // assumed default if omitted public const string Digest_MD5Sess = "MD5-sess"; public const string Qop_Auth = "auth"; diff --git a/OpenSim/ApplicationPlugins/Rest/Inventory/RestAppearanceServices.cs b/OpenSim/ApplicationPlugins/Rest/Inventory/RestAppearanceServices.cs index 18a0baf..8db3fde 100644 --- a/OpenSim/ApplicationPlugins/Rest/Inventory/RestAppearanceServices.cs +++ b/OpenSim/ApplicationPlugins/Rest/Inventory/RestAppearanceServices.cs @@ -45,7 +45,7 @@ namespace OpenSim.ApplicationPlugins.Rest.Inventory public class RestAppearanceServices : IRest { private static readonly int PARM_USERID = 0; - //private static readonly int PARM_PATH = 1; + // private static readonly int PARM_PATH = 1; private bool enabled = false; private string qPrefix = "appearance"; @@ -166,6 +166,9 @@ namespace OpenSim.ApplicationPlugins.Rest.Inventory try { + // digest scheme seems borked: disable it for the time + // being + rdata.scheme = Rest.AS_BASIC; if (!rdata.IsAuthenticated) { rdata.Fail(Rest.HttpStatusCodeNotAuthorized,String.Format("user \"{0}\" could not be authenticated", rdata.userName)); @@ -335,7 +338,8 @@ namespace OpenSim.ApplicationPlugins.Rest.Inventory AvatarAppearance old = Rest.AvatarServices.GetUserAppearance(rdata.userProfile.ID); rdata.userAppearance = new AvatarAppearance(); - rdata.userAppearance.Owner = old.Owner; + rdata.userAppearance.Owner = old.Owner; + rdata.userAppearance.Serial = old.Serial; if (GetUserAppearance(rdata)) { @@ -343,6 +347,11 @@ namespace OpenSim.ApplicationPlugins.Rest.Inventory created = !modified; Rest.AvatarServices.UpdateUserAppearance(rdata.userProfile.ID, rdata.userAppearance); } + else + { + created = true; + Rest.AvatarServices.UpdateUserAppearance(rdata.userProfile.ID, rdata.userAppearance); + } if (created) { @@ -383,11 +392,13 @@ namespace OpenSim.ApplicationPlugins.Rest.Inventory rdata.userAppearance = Rest.AvatarServices.GetUserAppearance(rdata.userProfile.ID); - if (GetUserAppearance(rdata)) + // If the user exists then this is considered a modification regardless + // of what may, or may not be, specified in the payload. + + if (rdata.userAppearance != null) { - modified = rdata.userAppearance != null; - created = !modified; - Rest.AvatarServices.UpdateUserAppearance(rdata.userProfile.ID, rdata.userAppearance); + modified = true; + Rest.AvatarServices.UpdateUserAppearance(rdata.userProfile.ID, rdata.userAppearance); } if (created) @@ -465,6 +476,16 @@ namespace OpenSim.ApplicationPlugins.Rest.Inventory rdata.userAppearance.AvatarHeight = (float) Convert.ToDouble(xml.Value); indata = true; } + if (xml.MoveToAttribute("Owner")) + { + rdata.userAppearance.Owner = xml.Value; + indata = true; + } + if (xml.MoveToAttribute("Serial")) + { + rdata.userAppearance.Serial = Convert.ToInt32(xml.Value); + indata = true; + } break; case "Body" : if (xml.MoveToAttribute("Item")) @@ -687,6 +708,8 @@ namespace OpenSim.ApplicationPlugins.Rest.Inventory rdata.writer.WriteStartElement("Appearance"); rdata.writer.WriteAttributeString("Height", rdata.userAppearance.AvatarHeight.ToString()); + rdata.writer.WriteAttributeString("Owner", rdata.userAppearance.Owner.ToString()); + rdata.writer.WriteAttributeString("Serial", rdata.userAppearance.Serial.ToString()); rdata.writer.WriteStartElement("Body"); rdata.writer.WriteAttributeString("Item",rdata.userAppearance.BodyItem.ToString()); diff --git a/OpenSim/ApplicationPlugins/Rest/Inventory/RestAssetServices.cs b/OpenSim/ApplicationPlugins/Rest/Inventory/RestAssetServices.cs index b67922f..7a6d4af 100644 --- a/OpenSim/ApplicationPlugins/Rest/Inventory/RestAssetServices.cs +++ b/OpenSim/ApplicationPlugins/Rest/Inventory/RestAssetServices.cs @@ -130,6 +130,9 @@ namespace OpenSim.ApplicationPlugins.Rest.Inventory try { + // digest scheme seems borked: disable it for the time + // being + rdata.scheme = Rest.AS_BASIC; if (!rdata.IsAuthenticated) { rdata.Fail(Rest.HttpStatusCodeNotAuthorized, String.Format("user \"{0}\" could not be authenticated")); diff --git a/OpenSim/ApplicationPlugins/Rest/Inventory/RestInventoryServices.cs b/OpenSim/ApplicationPlugins/Rest/Inventory/RestInventoryServices.cs index 0aad058..ab40b5d 100644 --- a/OpenSim/ApplicationPlugins/Rest/Inventory/RestInventoryServices.cs +++ b/OpenSim/ApplicationPlugins/Rest/Inventory/RestInventoryServices.cs @@ -167,6 +167,9 @@ namespace OpenSim.ApplicationPlugins.Rest.Inventory try { + // digest scheme seems borked: disable it for the time + // being + rdata.scheme = Rest.AS_BASIC; if (!rdata.IsAuthenticated) { rdata.Fail(Rest.HttpStatusCodeNotAuthorized,String.Format("user \"{0}\" could not be authenticated", rdata.userName)); diff --git a/OpenSim/ApplicationPlugins/Rest/Inventory/RestTestServices.cs b/OpenSim/ApplicationPlugins/Rest/Inventory/RestTestServices.cs index b24b5ed..b7c9027 100644 --- a/OpenSim/ApplicationPlugins/Rest/Inventory/RestTestServices.cs +++ b/OpenSim/ApplicationPlugins/Rest/Inventory/RestTestServices.cs @@ -235,7 +235,7 @@ namespace OpenSim.ApplicationPlugins.Rest.Inventory ci = t.GetConstructor(parms); ht = ci.Invoke(args); tests.Add((ITest)ht); - Rest.Log.WarnFormat("{0} Test {1} added", MsgId, t); + Rest.Log.InfoFormat("{0} Test {1} added", MsgId, t); } } catch (Exception e) diff --git a/OpenSim/ApplicationPlugins/Rest/Inventory/tests/Remote.cs b/OpenSim/ApplicationPlugins/Rest/Inventory/tests/Remote.cs index 54d8478..bd42473 100644 --- a/OpenSim/ApplicationPlugins/Rest/Inventory/tests/Remote.cs +++ b/OpenSim/ApplicationPlugins/Rest/Inventory/tests/Remote.cs @@ -65,7 +65,7 @@ namespace OpenSim.ApplicationPlugins.Rest.Inventory.Tests public void Initialize() { enabled = true; - Rest.Log.InfoFormat("{0} Remote services initialize", MsgId); + Rest.Log.InfoFormat("{0} Remote services initialized", MsgId); } // Called by the plug-in to halt REST processing. Local processing is diff --git a/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs b/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs index bd67f1e..c649493 100644 --- a/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs +++ b/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs @@ -5200,6 +5200,7 @@ namespace OpenSim.Region.ClientStack.LindenUDP } break; case PacketType.UpdateTaskInventory: + m_log.DebugFormat("[AMW] UpdateTaskInventory request"); UpdateTaskInventoryPacket updatetask = (UpdateTaskInventoryPacket)Pack; if (OnUpdateTaskInventory != null) { @@ -5266,7 +5267,7 @@ namespace OpenSim.Region.ClientStack.LindenUDP break; case PacketType.RezScript: - + m_log.DebugFormat("[AMW] RezScript"); //Console.WriteLine(Pack.ToString()); RezScriptPacket rezScriptx = (RezScriptPacket)Pack; diff --git a/OpenSim/Region/Environment/Scenes/Scene.Inventory.cs b/OpenSim/Region/Environment/Scenes/Scene.Inventory.cs index c670076..a188701 100644 --- a/OpenSim/Region/Environment/Scenes/Scene.Inventory.cs +++ b/OpenSim/Region/Environment/Scenes/Scene.Inventory.cs @@ -1186,11 +1186,21 @@ namespace OpenSim.Region.Environment.Scenes if (part != null) { - if (part.OwnerID != remoteClient.AgentId) - return; - if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0) - return; + // replacing the following two checks with the + // ExternalChecks.ExternalChecksCanEditObject(...) + // call + + // if (part.OwnerID != remoteClient.AgentId) + // return; + + // if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0) + // return; + + if (!ExternalChecks.ExternalChecksCanEditObject(part.UUID, remoteClient.AgentId)) + { + return; + } TaskInventoryItem currentItem = part.GetInventoryItem(itemID); @@ -1283,11 +1293,23 @@ System.Console.WriteLine("Item asset {0}, request asset {1}", prevItem.AssetID.T SceneObjectPart part = GetSceneObjectPart(localID); if (part != null) { + + /* if (part.OwnerID != remoteClient.AgentId) + { return; + } if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0) + { return; + } + */ + + if (!ExternalChecks.ExternalChecksCanEditObject(part.UUID, remoteClient.AgentId)) + { + return; + } part.ParentGroup.AddInventoryItem(remoteClient, localID, item, copyID); // TODO: set this to "true" when scripts in inventory have persistent state to fire on_rez -- cgit v1.1