From b63405c1a796b44b58081857d01f726372467628 Mon Sep 17 00:00:00 2001 From: Diva Canto Date: Fri, 8 Jan 2010 10:43:34 -0800 Subject: Inching ahead... This compiles, but very likely does not run. --- .../Rest/Inventory/RequestData.cs | 26 +- OpenSim/ApplicationPlugins/Rest/Inventory/Rest.cs | 11 +- .../Rest/Inventory/RestAppearanceServices.cs | 347 +++++++++--------- .../Rest/Inventory/RestInventoryServices.cs | 396 +++++++++++---------- 4 files changed, 396 insertions(+), 384 deletions(-) (limited to 'OpenSim/ApplicationPlugins/Rest') diff --git a/OpenSim/ApplicationPlugins/Rest/Inventory/RequestData.cs b/OpenSim/ApplicationPlugins/Rest/Inventory/RequestData.cs index d3a7e64..10f1a6e 100644 --- a/OpenSim/ApplicationPlugins/Rest/Inventory/RequestData.cs +++ b/OpenSim/ApplicationPlugins/Rest/Inventory/RequestData.cs @@ -35,6 +35,9 @@ using System.Xml; using OpenSim.Framework; using OpenSim.Framework.Servers; using OpenSim.Framework.Servers.HttpServer; +using OpenSim.Services.Interfaces; + +using OpenMetaverse; namespace OpenSim.ApplicationPlugins.Rest.Inventory { @@ -658,7 +661,6 @@ namespace OpenSim.ApplicationPlugins.Rest.Inventory { int x; - string HA1; string first; string last; @@ -675,17 +677,13 @@ namespace OpenSim.ApplicationPlugins.Rest.Inventory last = String.Empty; } - UserProfileData udata = Rest.UserServices.GetUserProfile(first, last); + UserAccount account = Rest.UserServices.GetUserAccount(UUID.Zero, first, last); // If we don't recognize the user id, perhaps it is god? - - if (udata == null) + if (account == null) return pass == Rest.GodKey; - HA1 = HashToString(pass); - HA1 = HashToString(String.Format("{0}:{1}",HA1,udata.PasswordSalt)); - - return (0 == sc.Compare(HA1, udata.PasswordHash)); + return (Rest.AuthServices.Authenticate(account.PrincipalID, pass, 1) != string.Empty); } @@ -897,11 +895,10 @@ namespace OpenSim.ApplicationPlugins.Rest.Inventory last = String.Empty; } - UserProfileData udata = Rest.UserServices.GetUserProfile(first, last); - + UserAccount account = Rest.UserServices.GetUserAccount(UUID.Zero, first, last); // If we don;t recognize the user id, perhaps it is god? - if (udata == null) + if (account == null) { Rest.Log.DebugFormat("{0} Administrator", MsgId); return Rest.GodKey; @@ -909,7 +906,12 @@ namespace OpenSim.ApplicationPlugins.Rest.Inventory else { Rest.Log.DebugFormat("{0} Normal User {1}", MsgId, user); - return udata.PasswordHash; + + // !!! REFACTORING PROBLEM + // This is what it was. It doesn't work in 0.7 + // Nothing retrieves the password from the authentication service, there's only authentication. + //return udata.PasswordHash; + return string.Empty; } } diff --git a/OpenSim/ApplicationPlugins/Rest/Inventory/Rest.cs b/OpenSim/ApplicationPlugins/Rest/Inventory/Rest.cs index 8d62423..791cfcd 100644 --- a/OpenSim/ApplicationPlugins/Rest/Inventory/Rest.cs +++ b/OpenSim/ApplicationPlugins/Rest/Inventory/Rest.cs @@ -103,11 +103,16 @@ namespace OpenSim.ApplicationPlugins.Rest.Inventory get { return main.SceneManager.CurrentOrFirstScene.InventoryService; } } - internal static IUserService UserServices + internal static IUserAccountService UserServices { - get { return Comms.UserService; } + get { return main.SceneManager.CurrentOrFirstScene.UserAccountService; } } - + + internal static IAuthenticationService AuthServices + { + get { return main.SceneManager.CurrentOrFirstScene.AuthenticationService; } + } + internal static IAvatarService AvatarServices { get { return Comms.AvatarService; } diff --git a/OpenSim/ApplicationPlugins/Rest/Inventory/RestAppearanceServices.cs b/OpenSim/ApplicationPlugins/Rest/Inventory/RestAppearanceServices.cs index b2b4aa7..0a45eff 100644 --- a/OpenSim/ApplicationPlugins/Rest/Inventory/RestAppearanceServices.cs +++ b/OpenSim/ApplicationPlugins/Rest/Inventory/RestAppearanceServices.cs @@ -135,152 +135,153 @@ namespace OpenSim.ApplicationPlugins.Rest.Inventory private void DoAppearance(RequestData hdata) { - - AppearanceRequestData rdata = (AppearanceRequestData) hdata; - - Rest.Log.DebugFormat("{0} DoAppearance ENTRY", MsgId); - - // If we're disabled, do nothing. - - if (!enabled) - { - return; - } - - // Now that we know this is a serious attempt to - // access inventory data, we should find out who - // is asking, and make sure they are authorized - // to do so. We need to validate the caller's - // identity before revealing anything about the - // status quo. Authenticate throws an exception - // via Fail if no identity information is present. - // - // With the present HTTP server we can't use the - // builtin authentication mechanisms because they - // would be enforced for all in-bound requests. - // Instead we look at the headers ourselves and - // handle authentication directly. - - try - { - if (!rdata.IsAuthenticated) - { - rdata.Fail(Rest.HttpStatusCodeNotAuthorized,String.Format("user \"{0}\" could not be authenticated", rdata.userName)); - } - } - catch (RestException e) - { - if (e.statusCode == Rest.HttpStatusCodeNotAuthorized) - { - Rest.Log.WarnFormat("{0} User not authenticated", MsgId); - Rest.Log.DebugFormat("{0} Authorization header: {1}", MsgId, rdata.request.Headers.Get("Authorization")); - } - else - { - Rest.Log.ErrorFormat("{0} User authentication failed", MsgId); - Rest.Log.DebugFormat("{0} Authorization header: {1}", MsgId, rdata.request.Headers.Get("Authorization")); - } - throw (e); - } - - Rest.Log.DebugFormat("{0} Authenticated {1}", MsgId, rdata.userName); - - // We can only get here if we are authorized - // - // The requestor may have specified an UUID or - // a conjoined FirstName LastName string. We'll - // try both. If we fail with the first, UUID, - // attempt, we try the other. As an example, the - // URI for a valid inventory request might be: - // - // http://:/admin/inventory/Arthur Dent - // - // Indicating that this is an inventory request for - // an avatar named Arthur Dent. This is ALL that is - // required to designate a GET for an entire - // inventory. - // - - // Do we have at least a user agent name? - - if (rdata.Parameters.Length < 1) - { - Rest.Log.WarnFormat("{0} Appearance: No user agent identifier specified", MsgId); - rdata.Fail(Rest.HttpStatusCodeBadRequest, "no user identity specified"); - } - - // The first parameter MUST be the agent identification, either an UUID - // or a space-separated First-name Last-Name specification. We check for - // an UUID first, if anyone names their character using a valid UUID - // that identifies another existing avatar will cause this a problem... - - try - { - rdata.uuid = new UUID(rdata.Parameters[PARM_USERID]); - Rest.Log.DebugFormat("{0} UUID supplied", MsgId); - rdata.userProfile = Rest.UserServices.GetUserProfile(rdata.uuid); - } - catch - { - string[] names = rdata.Parameters[PARM_USERID].Split(Rest.CA_SPACE); - if (names.Length == 2) - { - Rest.Log.DebugFormat("{0} Agent Name supplied [2]", MsgId); - rdata.userProfile = Rest.UserServices.GetUserProfile(names[0],names[1]); - } - else - { - Rest.Log.WarnFormat("{0} A Valid UUID or both first and last names must be specified", MsgId); - rdata.Fail(Rest.HttpStatusCodeBadRequest, "invalid user identity"); - } - } - - // If the user profile is null then either the server is broken, or the - // user is not known. We always assume the latter case. - - if (rdata.userProfile != null) - { - Rest.Log.DebugFormat("{0} User profile obtained for agent {1} {2}", - MsgId, rdata.userProfile.FirstName, rdata.userProfile.SurName); - } - else - { - Rest.Log.WarnFormat("{0} No user profile for {1}", MsgId, rdata.path); - rdata.Fail(Rest.HttpStatusCodeNotFound, "unrecognized user identity"); - } - - // If we get to here, then we have effectively validated the user's - - switch (rdata.method) - { - case Rest.HEAD : // Do the processing, set the status code, suppress entity - DoGet(rdata); - rdata.buffer = null; - break; - - case Rest.GET : // Do the processing, set the status code, return entity - DoGet(rdata); - break; - - case Rest.PUT : // Update named element - DoUpdate(rdata); - break; - - case Rest.POST : // Add new information to identified context. - DoExtend(rdata); - break; - - case Rest.DELETE : // Delete information - DoDelete(rdata); - break; - - default : - Rest.Log.WarnFormat("{0} Method {1} not supported for {2}", - MsgId, rdata.method, rdata.path); - rdata.Fail(Rest.HttpStatusCodeMethodNotAllowed, - String.Format("{0} not supported", rdata.method)); - break; - } + // !!! REFACTORIMG PROBLEM. This needs rewriting for 0.7 + + //AppearanceRequestData rdata = (AppearanceRequestData) hdata; + + //Rest.Log.DebugFormat("{0} DoAppearance ENTRY", MsgId); + + //// If we're disabled, do nothing. + + //if (!enabled) + //{ + // return; + //} + + //// Now that we know this is a serious attempt to + //// access inventory data, we should find out who + //// is asking, and make sure they are authorized + //// to do so. We need to validate the caller's + //// identity before revealing anything about the + //// status quo. Authenticate throws an exception + //// via Fail if no identity information is present. + //// + //// With the present HTTP server we can't use the + //// builtin authentication mechanisms because they + //// would be enforced for all in-bound requests. + //// Instead we look at the headers ourselves and + //// handle authentication directly. + + //try + //{ + // if (!rdata.IsAuthenticated) + // { + // rdata.Fail(Rest.HttpStatusCodeNotAuthorized,String.Format("user \"{0}\" could not be authenticated", rdata.userName)); + // } + //} + //catch (RestException e) + //{ + // if (e.statusCode == Rest.HttpStatusCodeNotAuthorized) + // { + // Rest.Log.WarnFormat("{0} User not authenticated", MsgId); + // Rest.Log.DebugFormat("{0} Authorization header: {1}", MsgId, rdata.request.Headers.Get("Authorization")); + // } + // else + // { + // Rest.Log.ErrorFormat("{0} User authentication failed", MsgId); + // Rest.Log.DebugFormat("{0} Authorization header: {1}", MsgId, rdata.request.Headers.Get("Authorization")); + // } + // throw (e); + //} + + //Rest.Log.DebugFormat("{0} Authenticated {1}", MsgId, rdata.userName); + + //// We can only get here if we are authorized + //// + //// The requestor may have specified an UUID or + //// a conjoined FirstName LastName string. We'll + //// try both. If we fail with the first, UUID, + //// attempt, we try the other. As an example, the + //// URI for a valid inventory request might be: + //// + //// http://:/admin/inventory/Arthur Dent + //// + //// Indicating that this is an inventory request for + //// an avatar named Arthur Dent. This is ALL that is + //// required to designate a GET for an entire + //// inventory. + //// + + //// Do we have at least a user agent name? + + //if (rdata.Parameters.Length < 1) + //{ + // Rest.Log.WarnFormat("{0} Appearance: No user agent identifier specified", MsgId); + // rdata.Fail(Rest.HttpStatusCodeBadRequest, "no user identity specified"); + //} + + //// The first parameter MUST be the agent identification, either an UUID + //// or a space-separated First-name Last-Name specification. We check for + //// an UUID first, if anyone names their character using a valid UUID + //// that identifies another existing avatar will cause this a problem... + + //try + //{ + // rdata.uuid = new UUID(rdata.Parameters[PARM_USERID]); + // Rest.Log.DebugFormat("{0} UUID supplied", MsgId); + // rdata.userProfile = Rest.UserServices.GetUserProfile(rdata.uuid); + //} + //catch + //{ + // string[] names = rdata.Parameters[PARM_USERID].Split(Rest.CA_SPACE); + // if (names.Length == 2) + // { + // Rest.Log.DebugFormat("{0} Agent Name supplied [2]", MsgId); + // rdata.userProfile = Rest.UserServices.GetUserProfile(names[0],names[1]); + // } + // else + // { + // Rest.Log.WarnFormat("{0} A Valid UUID or both first and last names must be specified", MsgId); + // rdata.Fail(Rest.HttpStatusCodeBadRequest, "invalid user identity"); + // } + //} + + //// If the user profile is null then either the server is broken, or the + //// user is not known. We always assume the latter case. + + //if (rdata.userProfile != null) + //{ + // Rest.Log.DebugFormat("{0} User profile obtained for agent {1} {2}", + // MsgId, rdata.userProfile.FirstName, rdata.userProfile.SurName); + //} + //else + //{ + // Rest.Log.WarnFormat("{0} No user profile for {1}", MsgId, rdata.path); + // rdata.Fail(Rest.HttpStatusCodeNotFound, "unrecognized user identity"); + //} + + //// If we get to here, then we have effectively validated the user's + + //switch (rdata.method) + //{ + // case Rest.HEAD : // Do the processing, set the status code, suppress entity + // DoGet(rdata); + // rdata.buffer = null; + // break; + + // case Rest.GET : // Do the processing, set the status code, return entity + // DoGet(rdata); + // break; + + // case Rest.PUT : // Update named element + // DoUpdate(rdata); + // break; + + // case Rest.POST : // Add new information to identified context. + // DoExtend(rdata); + // break; + + // case Rest.DELETE : // Delete information + // DoDelete(rdata); + // break; + + // default : + // Rest.Log.WarnFormat("{0} Method {1} not supported for {2}", + // MsgId, rdata.method, rdata.path); + // rdata.Fail(Rest.HttpStatusCodeMethodNotAllowed, + // String.Format("{0} not supported", rdata.method)); + // break; + //} } #endregion Interface @@ -391,37 +392,39 @@ namespace OpenSim.ApplicationPlugins.Rest.Inventory private void DoUpdate(AppearanceRequestData rdata) { - bool created = false; - bool modified = false; + // REFACTORING PROBLEM This was commented out. It doesn't work for 0.7 + //bool created = false; + //bool modified = false; - rdata.userAppearance = Rest.AvatarServices.GetUserAppearance(rdata.userProfile.ID); - // If the user exists then this is considered a modification regardless - // of what may, or may not be, specified in the payload. + //rdata.userAppearance = Rest.AvatarServices.GetUserAppearance(rdata.userProfile.ID); - if (rdata.userAppearance != null) - { - modified = true; - Rest.AvatarServices.UpdateUserAppearance(rdata.userProfile.ID, rdata.userAppearance); - Rest.UserServices.UpdateUserProfile(rdata.userProfile); - } + //// If the user exists then this is considered a modification regardless + //// of what may, or may not be, specified in the payload. - if (created) - { - rdata.Complete(Rest.HttpStatusCodeCreated); - } - else - { - if (modified) - { - rdata.Complete(Rest.HttpStatusCodeOK); - } - else - { - rdata.Complete(Rest.HttpStatusCodeNoContent); - } - } + //if (rdata.userAppearance != null) + //{ + // modified = true; + // Rest.AvatarServices.UpdateUserAppearance(rdata.userProfile.ID, rdata.userAppearance); + // Rest.UserServices.UpdateUserProfile(rdata.userProfile); + //} + + //if (created) + //{ + // rdata.Complete(Rest.HttpStatusCodeCreated); + //} + //else + //{ + // if (modified) + // { + // rdata.Complete(Rest.HttpStatusCodeOK); + // } + // else + // { + // rdata.Complete(Rest.HttpStatusCodeNoContent); + // } + //} rdata.Respond(String.Format("Appearance {0} : Normal completion", rdata.method)); diff --git a/OpenSim/ApplicationPlugins/Rest/Inventory/RestInventoryServices.cs b/OpenSim/ApplicationPlugins/Rest/Inventory/RestInventoryServices.cs index 01bfe00..098c54d 100644 --- a/OpenSim/ApplicationPlugins/Rest/Inventory/RestInventoryServices.cs +++ b/OpenSim/ApplicationPlugins/Rest/Inventory/RestInventoryServices.cs @@ -143,203 +143,205 @@ namespace OpenSim.ApplicationPlugins.Rest.Inventory Rest.Log.DebugFormat("{0} DoInventory ENTRY", MsgId); - // If we're disabled, do nothing. - - if (!enabled) - { - return; - } - - // Now that we know this is a serious attempt to - // access inventory data, we should find out who - // is asking, and make sure they are authorized - // to do so. We need to validate the caller's - // identity before revealing anything about the - // status quo. Authenticate throws an exception - // via Fail if no identity information is present. - // - // With the present HTTP server we can't use the - // builtin authentication mechanisms because they - // would be enforced for all in-bound requests. - // Instead we look at the headers ourselves and - // handle authentication directly. - - try - { - if (!rdata.IsAuthenticated) - { - rdata.Fail(Rest.HttpStatusCodeNotAuthorized,String.Format("user \"{0}\" could not be authenticated", rdata.userName)); - } - } - catch (RestException e) - { - if (e.statusCode == Rest.HttpStatusCodeNotAuthorized) - { - Rest.Log.WarnFormat("{0} User not authenticated", MsgId); - Rest.Log.DebugFormat("{0} Authorization header: {1}", MsgId, rdata.request.Headers.Get("Authorization")); - } - else - { - Rest.Log.ErrorFormat("{0} User authentication failed", MsgId); - Rest.Log.DebugFormat("{0} Authorization header: {1}", MsgId, rdata.request.Headers.Get("Authorization")); - } - throw (e); - } - - Rest.Log.DebugFormat("{0} Authenticated {1}", MsgId, rdata.userName); - - // We can only get here if we are authorized - // - // The requestor may have specified an UUID or - // a conjoined FirstName LastName string. We'll - // try both. If we fail with the first, UUID, - // attempt, we try the other. As an example, the - // URI for a valid inventory request might be: - // - // http://:/admin/inventory/Arthur Dent - // - // Indicating that this is an inventory request for - // an avatar named Arthur Dent. This is ALL that is - // required to designate a GET for an entire - // inventory. - // - - - // Do we have at least a user agent name? - - if (rdata.Parameters.Length < 1) - { - Rest.Log.WarnFormat("{0} Inventory: No user agent identifier specified", MsgId); - rdata.Fail(Rest.HttpStatusCodeBadRequest, "no user identity specified"); - } - - // The first parameter MUST be the agent identification, either an UUID - // or a space-separated First-name Last-Name specification. We check for - // an UUID first, if anyone names their character using a valid UUID - // that identifies another existing avatar will cause this a problem... - - try - { - rdata.uuid = new UUID(rdata.Parameters[PARM_USERID]); - Rest.Log.DebugFormat("{0} UUID supplied", MsgId); - rdata.userProfile = Rest.UserServices.GetUserProfile(rdata.uuid); - } - catch - { - string[] names = rdata.Parameters[PARM_USERID].Split(Rest.CA_SPACE); - if (names.Length == 2) - { - Rest.Log.DebugFormat("{0} Agent Name supplied [2]", MsgId); - rdata.userProfile = Rest.UserServices.GetUserProfile(names[0],names[1]); - } - else - { - Rest.Log.WarnFormat("{0} A Valid UUID or both first and last names must be specified", MsgId); - rdata.Fail(Rest.HttpStatusCodeBadRequest, "invalid user identity"); - } - } - - // If the user profile is null then either the server is broken, or the - // user is not known. We always assume the latter case. - - if (rdata.userProfile != null) - { - Rest.Log.DebugFormat("{0} Profile obtained for agent {1} {2}", - MsgId, rdata.userProfile.FirstName, rdata.userProfile.SurName); - } - else - { - Rest.Log.WarnFormat("{0} No profile for {1}", MsgId, rdata.path); - rdata.Fail(Rest.HttpStatusCodeNotFound, "unrecognized user identity"); - } - - // If we get to here, then we have effectively validated the user's - // identity. Now we need to get the inventory. If the server does not - // have the inventory, we reject the request with an appropriate explanation. - // - // Note that inventory retrieval is an asynchronous event, we use the rdata - // class instance as the basis for our synchronization. - // - - rdata.uuid = rdata.userProfile.ID; - - if (Rest.InventoryServices.HasInventoryForUser(rdata.uuid)) - { - rdata.root = Rest.InventoryServices.GetRootFolder(rdata.uuid); - - Rest.Log.DebugFormat("{0} Inventory Root retrieved for {1} {2}", - MsgId, rdata.userProfile.FirstName, rdata.userProfile.SurName); - - Rest.InventoryServices.GetUserInventory(rdata.uuid, rdata.GetUserInventory); - - Rest.Log.DebugFormat("{0} Inventory catalog requested for {1} {2}", - MsgId, rdata.userProfile.FirstName, rdata.userProfile.SurName); - - lock (rdata) - { - if (!rdata.HaveInventory) - { - rdata.startWD(1000); - rdata.timeout = false; - Monitor.Wait(rdata); - } - } - - if (rdata.timeout) - { - Rest.Log.WarnFormat("{0} Inventory not available for {1} {2}. No response from service.", - MsgId, rdata.userProfile.FirstName, rdata.userProfile.SurName); - rdata.Fail(Rest.HttpStatusCodeServerError, "inventory server not responding"); - } - - if (rdata.root == null) - { - Rest.Log.WarnFormat("{0} Inventory is not available [1] for agent {1} {2}", - MsgId, rdata.userProfile.FirstName, rdata.userProfile.SurName); - rdata.Fail(Rest.HttpStatusCodeServerError, "inventory retrieval failed"); - } - - } - else - { - Rest.Log.WarnFormat("{0} Inventory is not locally available for agent {1} {2}", - MsgId, rdata.userProfile.FirstName, rdata.userProfile.SurName); - rdata.Fail(Rest.HttpStatusCodeNotFound, "no local inventory for user"); - } - - // If we get here, then we have successfully retrieved the user's information - // and inventory information is now available locally. - - switch (rdata.method) - { - case Rest.HEAD : // Do the processing, set the status code, suppress entity - DoGet(rdata); - rdata.buffer = null; - break; - - case Rest.GET : // Do the processing, set the status code, return entity - DoGet(rdata); - break; - - case Rest.PUT : // Update named element - DoUpdate(rdata); - break; - - case Rest.POST : // Add new information to identified context. - DoExtend(rdata); - break; - - case Rest.DELETE : // Delete information - DoDelete(rdata); - break; - - default : - Rest.Log.WarnFormat("{0} Method {1} not supported for {2}", - MsgId, rdata.method, rdata.path); - rdata.Fail(Rest.HttpStatusCodeMethodNotAllowed, - String.Format("{0} not supported", rdata.method)); - break; - } + // !!! REFACTORING PROBLEM + + //// If we're disabled, do nothing. + + //if (!enabled) + //{ + // return; + //} + + //// Now that we know this is a serious attempt to + //// access inventory data, we should find out who + //// is asking, and make sure they are authorized + //// to do so. We need to validate the caller's + //// identity before revealing anything about the + //// status quo. Authenticate throws an exception + //// via Fail if no identity information is present. + //// + //// With the present HTTP server we can't use the + //// builtin authentication mechanisms because they + //// would be enforced for all in-bound requests. + //// Instead we look at the headers ourselves and + //// handle authentication directly. + + //try + //{ + // if (!rdata.IsAuthenticated) + // { + // rdata.Fail(Rest.HttpStatusCodeNotAuthorized,String.Format("user \"{0}\" could not be authenticated", rdata.userName)); + // } + //} + //catch (RestException e) + //{ + // if (e.statusCode == Rest.HttpStatusCodeNotAuthorized) + // { + // Rest.Log.WarnFormat("{0} User not authenticated", MsgId); + // Rest.Log.DebugFormat("{0} Authorization header: {1}", MsgId, rdata.request.Headers.Get("Authorization")); + // } + // else + // { + // Rest.Log.ErrorFormat("{0} User authentication failed", MsgId); + // Rest.Log.DebugFormat("{0} Authorization header: {1}", MsgId, rdata.request.Headers.Get("Authorization")); + // } + // throw (e); + //} + + //Rest.Log.DebugFormat("{0} Authenticated {1}", MsgId, rdata.userName); + + //// We can only get here if we are authorized + //// + //// The requestor may have specified an UUID or + //// a conjoined FirstName LastName string. We'll + //// try both. If we fail with the first, UUID, + //// attempt, we try the other. As an example, the + //// URI for a valid inventory request might be: + //// + //// http://:/admin/inventory/Arthur Dent + //// + //// Indicating that this is an inventory request for + //// an avatar named Arthur Dent. This is ALL that is + //// required to designate a GET for an entire + //// inventory. + //// + + + //// Do we have at least a user agent name? + + //if (rdata.Parameters.Length < 1) + //{ + // Rest.Log.WarnFormat("{0} Inventory: No user agent identifier specified", MsgId); + // rdata.Fail(Rest.HttpStatusCodeBadRequest, "no user identity specified"); + //} + + //// The first parameter MUST be the agent identification, either an UUID + //// or a space-separated First-name Last-Name specification. We check for + //// an UUID first, if anyone names their character using a valid UUID + //// that identifies another existing avatar will cause this a problem... + + //try + //{ + // rdata.uuid = new UUID(rdata.Parameters[PARM_USERID]); + // Rest.Log.DebugFormat("{0} UUID supplied", MsgId); + // rdata.userProfile = Rest.UserServices.GetUserProfile(rdata.uuid); + //} + //catch + //{ + // string[] names = rdata.Parameters[PARM_USERID].Split(Rest.CA_SPACE); + // if (names.Length == 2) + // { + // Rest.Log.DebugFormat("{0} Agent Name supplied [2]", MsgId); + // rdata.userProfile = Rest.UserServices.GetUserProfile(names[0],names[1]); + // } + // else + // { + // Rest.Log.WarnFormat("{0} A Valid UUID or both first and last names must be specified", MsgId); + // rdata.Fail(Rest.HttpStatusCodeBadRequest, "invalid user identity"); + // } + //} + + //// If the user profile is null then either the server is broken, or the + //// user is not known. We always assume the latter case. + + //if (rdata.userProfile != null) + //{ + // Rest.Log.DebugFormat("{0} Profile obtained for agent {1} {2}", + // MsgId, rdata.userProfile.FirstName, rdata.userProfile.SurName); + //} + //else + //{ + // Rest.Log.WarnFormat("{0} No profile for {1}", MsgId, rdata.path); + // rdata.Fail(Rest.HttpStatusCodeNotFound, "unrecognized user identity"); + //} + + //// If we get to here, then we have effectively validated the user's + //// identity. Now we need to get the inventory. If the server does not + //// have the inventory, we reject the request with an appropriate explanation. + //// + //// Note that inventory retrieval is an asynchronous event, we use the rdata + //// class instance as the basis for our synchronization. + //// + + //rdata.uuid = rdata.userProfile.ID; + + //if (Rest.InventoryServices.HasInventoryForUser(rdata.uuid)) + //{ + // rdata.root = Rest.InventoryServices.GetRootFolder(rdata.uuid); + + // Rest.Log.DebugFormat("{0} Inventory Root retrieved for {1} {2}", + // MsgId, rdata.userProfile.FirstName, rdata.userProfile.SurName); + + // Rest.InventoryServices.GetUserInventory(rdata.uuid, rdata.GetUserInventory); + + // Rest.Log.DebugFormat("{0} Inventory catalog requested for {1} {2}", + // MsgId, rdata.userProfile.FirstName, rdata.userProfile.SurName); + + // lock (rdata) + // { + // if (!rdata.HaveInventory) + // { + // rdata.startWD(1000); + // rdata.timeout = false; + // Monitor.Wait(rdata); + // } + // } + + // if (rdata.timeout) + // { + // Rest.Log.WarnFormat("{0} Inventory not available for {1} {2}. No response from service.", + // MsgId, rdata.userProfile.FirstName, rdata.userProfile.SurName); + // rdata.Fail(Rest.HttpStatusCodeServerError, "inventory server not responding"); + // } + + // if (rdata.root == null) + // { + // Rest.Log.WarnFormat("{0} Inventory is not available [1] for agent {1} {2}", + // MsgId, rdata.userProfile.FirstName, rdata.userProfile.SurName); + // rdata.Fail(Rest.HttpStatusCodeServerError, "inventory retrieval failed"); + // } + + //} + //else + //{ + // Rest.Log.WarnFormat("{0} Inventory is not locally available for agent {1} {2}", + // MsgId, rdata.userProfile.FirstName, rdata.userProfile.SurName); + // rdata.Fail(Rest.HttpStatusCodeNotFound, "no local inventory for user"); + //} + + //// If we get here, then we have successfully retrieved the user's information + //// and inventory information is now available locally. + + //switch (rdata.method) + //{ + // case Rest.HEAD : // Do the processing, set the status code, suppress entity + // DoGet(rdata); + // rdata.buffer = null; + // break; + + // case Rest.GET : // Do the processing, set the status code, return entity + // DoGet(rdata); + // break; + + // case Rest.PUT : // Update named element + // DoUpdate(rdata); + // break; + + // case Rest.POST : // Add new information to identified context. + // DoExtend(rdata); + // break; + + // case Rest.DELETE : // Delete information + // DoDelete(rdata); + // break; + + // default : + // Rest.Log.WarnFormat("{0} Method {1} not supported for {2}", + // MsgId, rdata.method, rdata.path); + // rdata.Fail(Rest.HttpStatusCodeMethodNotAllowed, + // String.Format("{0} not supported", rdata.method)); + // break; + //} } #endregion Interface -- cgit v1.1