From c3ee451325893df8f102c52f05f791289b7c61f6 Mon Sep 17 00:00:00 2001 From: Justin Clark-Casey (justincc) Date: Wed, 14 Jul 2010 23:26:24 +0100 Subject: fix previous media interact serverside checking. perform very basic serverside url whitelist checks at the moment, only checking for the exact name prefix is implemented for some reason, whitelists are not persisting this commit also fixes a very recent problem where setting any media texture parameters after the initial configuration would not work --- .../CoreModules/World/Media/Moap/MoapModule.cs | 71 ++++++++++++++++++++-- .../World/Permissions/PermissionsModule.cs | 30 +++++++-- 2 files changed, 91 insertions(+), 10 deletions(-) diff --git a/OpenSim/Region/CoreModules/World/Media/Moap/MoapModule.cs b/OpenSim/Region/CoreModules/World/Media/Moap/MoapModule.cs index ce4e921..3c546c4 100644 --- a/OpenSim/Region/CoreModules/World/Media/Moap/MoapModule.cs +++ b/OpenSim/Region/CoreModules/World/Media/Moap/MoapModule.cs @@ -91,6 +91,7 @@ namespace OpenSim.Region.CoreModules.Media.Moap public void AddRegion(Scene scene) { m_scene = scene; + m_scene.RegisterModuleInterface(this); } public void RemoveRegion(Scene scene) {} @@ -156,20 +157,28 @@ namespace OpenSim.Region.CoreModules.Media.Moap public MediaEntry GetMediaEntry(SceneObjectPart part, int face) { + MediaEntry me = null; + CheckFaceParam(part, face); List media = part.Shape.Media; if (null == media) { - return null; + me = null; } else - { + { + me = media[face]; + // TODO: Really need a proper copy constructor down in libopenmetaverse - MediaEntry me = media[face]; - return (null == me ? null : MediaEntry.FromOSD(me.GetOSD())); + if (me != null) + me = MediaEntry.FromOSD(me.GetOSD()); } + +// m_log.DebugFormat("[MOAP]: GetMediaEntry for {0} face {1} found {2}", part.Name, face, me); + + return me; } public void SetMediaEntry(SceneObjectPart part, int face, MediaEntry me) @@ -295,6 +304,7 @@ namespace OpenSim.Region.CoreModules.Media.Moap if (null == media) { + m_log.DebugFormat("[MOAP]: Setting all new media list for {0}", part.Name); part.Shape.Media = new List(omu.FaceMedia); } else @@ -309,7 +319,10 @@ namespace OpenSim.Region.CoreModules.Media.Moap for (int i = 0; i < media.Count; i++) { if (m_scene.Permissions.CanControlPrimMedia(agentId, part.UUID, i)) + { media[i] = omu.FaceMedia[i]; +// m_log.DebugFormat("[MOAP]: Set media entry for face {0} on {1}", i, part.Name); + } } } @@ -362,10 +375,31 @@ namespace OpenSim.Region.CoreModules.Media.Moap return string.Empty; m_log.DebugFormat( - "[MOAP]: Updating media entry for face {0} on prim {1} {2} to {3}", + "[MOAP]: Received request to update media entry for face {0} on prim {1} {2} to {3}", omn.Face, part.Name, part.UUID, omn.URL); + // If media has never been set for this prim, then just return. + if (null == part.Shape.Media) + return string.Empty; + MediaEntry me = part.Shape.Media[omn.Face]; + + // Do the same if media has not been set up for a specific face + if (null == me) + return string.Empty; + + if (me.EnableWhiteList) + { + if (!CheckUrlAgainstWhitelist(omn.URL, me.WhiteList)) + { + m_log.DebugFormat( + "[MOAP]: Blocking change of face {0} on prim {1} {2} to {3} since it's not on the enabled whitelist", + omn.Face, part.Name, part.UUID, omn.URL); + + return string.Empty; + } + } + me.CurrentURL = omn.URL; UpdateMediaUrl(part); @@ -413,5 +447,32 @@ namespace OpenSim.Region.CoreModules.Media.Moap m_log.DebugFormat("[MOAP]: Storing media url [{0}] in prim {1} {2}", part.MediaUrl, part.Name, part.UUID); } + + /// + /// Check the given url against the given whitelist. + /// + /// + /// + /// true if the url matches an entry on the whitelist, false otherwise + protected bool CheckUrlAgainstWhitelist(string url, string[] whitelist) + { + foreach (string rawWlUrl in whitelist) + { + string wlUrl = rawWlUrl; + + if (!wlUrl.StartsWith("http://")) + wlUrl = "http://" + wlUrl; + + m_log.DebugFormat("[MOAP]: Checking whitelist URL {0}", wlUrl); + + if (url.StartsWith(wlUrl)) + { + m_log.DebugFormat("[MOAP]: Whitelist url {0} matches requested url {1}", wlUrl, url); + return true; + } + } + + return false; + } } } \ No newline at end of file diff --git a/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs b/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs index 3a690af..7f6f851 100644 --- a/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs +++ b/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs @@ -178,7 +178,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions string permissionModules = myConfig.GetString("permissionmodules", "DefaultPermissionsModule"); - List modules=new List(permissionModules.Split(',')); + List modules = new List(permissionModules.Split(',')); if (!modules.Contains("DefaultPermissionsModule")) return; @@ -399,6 +399,10 @@ namespace OpenSim.Region.CoreModules.World.Permissions m_log.Warn("[PERMISSIONS]: Groups module not found, group permissions will not work"); m_moapModule = m_scene.RequestModuleInterface(); + + // This log line will be commented out when no longer required for debugging + if (m_moapModule == null) + m_log.Warn("[PERMISSIONS]: Media on a prim module not found, media on a prim permissions will not work"); } public void Close() @@ -1901,7 +1905,11 @@ namespace OpenSim.Region.CoreModules.World.Permissions } private bool CanControlPrimMedia(UUID agentID, UUID primID, int face) - { + { +// m_log.DebugFormat( +// "[PERMISSONS]: Performing CanControlPrimMedia check with agentID {0}, primID {1}, face {2}", +// agentID, primID, face); + if (null == m_moapModule) return false; @@ -1909,17 +1917,25 @@ namespace OpenSim.Region.CoreModules.World.Permissions if (null == part) return false; - MediaEntry me = m_moapModule.GetMediaEntry(part, face); + MediaEntry me = m_moapModule.GetMediaEntry(part, face); // If there is no existing media entry then it can be controlled (in this context, created). if (null == me) return true; + m_log.DebugFormat( + "[PERMISSIONS]: Checking CanControlPrimMedia for {0} on {1} face {2} with control permissions {3}", + agentID, primID, face, me.ControlPermissions); + return GenericPrimMediaPermission(part, agentID, me.ControlPermissions); } private bool CanInteractWithPrimMedia(UUID agentID, UUID primID, int face) { +// m_log.DebugFormat( +// "[PERMISSONS]: Performing CanInteractWithPrimMedia check with agentID {0}, primID {1}, face {2}", +// agentID, primID, face); + if (null == m_moapModule) return false; @@ -1933,13 +1949,17 @@ namespace OpenSim.Region.CoreModules.World.Permissions if (null == me) return true; + m_log.DebugFormat( + "[PERMISSIONS]: Checking CanInteractWithPrimMedia for {0} on {1} face {2} with interact permissions {3}", + agentID, primID, face, me.InteractPermissions); + return GenericPrimMediaPermission(part, agentID, me.InteractPermissions); } private bool GenericPrimMediaPermission(SceneObjectPart part, UUID agentID, MediaPermission perms) { - if (IsAdministrator(agentID)) - return true; +// if (IsAdministrator(agentID)) +// return true; if ((perms & MediaPermission.Anyone) == MediaPermission.Anyone) return true; -- cgit v1.1