From 4cbf963354128f6d30e28ea68fe06a85ba5790c5 Mon Sep 17 00:00:00 2001
From: diva
Date: Mon, 30 Mar 2009 19:26:25 +0000
Subject: HGInventoryService now uses the actual authority portion of the
user's key to verify the key.
---
.../Communications/Services/HGInventoryService.cs | 1429 ++++++++++----------
1 file changed, 714 insertions(+), 715 deletions(-)
(limited to 'OpenSim/Framework/Communications/Services/HGInventoryService.cs')
diff --git a/OpenSim/Framework/Communications/Services/HGInventoryService.cs b/OpenSim/Framework/Communications/Services/HGInventoryService.cs
index b01c30e..7eaed89 100644
--- a/OpenSim/Framework/Communications/Services/HGInventoryService.cs
+++ b/OpenSim/Framework/Communications/Services/HGInventoryService.cs
@@ -1,715 +1,714 @@
-/**
- * Copyright (c) 2008, Contributors. All rights reserved.
- * See CONTRIBUTORS.TXT for a full list of copyright holders.
- *
- * Redistribution and use in source and binary forms, with or without modification,
- * are permitted provided that the following conditions are met:
- *
- * * Redistributions of source code must retain the above copyright notice,
- * this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright notice,
- * this list of conditions and the following disclaimer in the documentation
- * and/or other materials provided with the distribution.
- * * Neither the name of the Organizations nor the names of Individual
- * Contributors may be used to endorse or promote products derived from
- * this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
- * THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
- * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
- * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
- * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
- * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-using System;
-using System.Collections;
-using System.Collections.Generic;
-using System.Reflection;
-using log4net;
-using Nini.Config;
-using OpenMetaverse;
-using OpenSim.Data;
-using OpenSim.Framework;
-using OpenSim.Framework.Communications.Clients;
-using OpenSim.Framework.Communications.Cache;
-using Caps = OpenSim.Framework.Communications.Capabilities.Caps;
-using LLSDHelpers = OpenSim.Framework.Communications.Capabilities.LLSDHelpers;
-using OpenSim.Framework.Servers;
-using OpenSim.Framework.Servers.Interfaces;
-
-using OpenMetaverse.StructuredData;
-
-namespace OpenSim.Framework.Communications.Services
-{
- public class HGInventoryService
- {
- private static readonly ILog m_log
- = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
-
- private InventoryServiceBase m_inventoryService;
- IHttpServer httpServer;
- private string m_thisInventoryUrl = "http://localhost:9000";
- private string m_thisHostname = "127.0.0.1";
- private uint m_thisPort = 9000;
-
- // These two used for local access, standalone mode
- private UserManagerBase m_userService = null;
- IAssetDataPlugin m_assetProvider = null;
-
- // These two used for remote access
- string m_UserServerURL = string.Empty;
- string m_AssetServerURL = string.Empty;
- SynchronousGridAssetClient m_AssetClient = null;
-
- // Constructor for grid inventory server
- public HGInventoryService(InventoryServiceBase invService, string assetServiceURL, string userServiceURL, IHttpServer httpserver, string thisurl)
- {
- m_UserServerURL = userServiceURL;
- m_AssetServerURL = assetServiceURL;
-
- m_AssetClient = new SynchronousGridAssetClient(m_AssetServerURL);
-
- Init(invService, thisurl, httpserver);
- }
-
- // Constructor for standalone mode
- public HGInventoryService(InventoryServiceBase invService, IAssetDataPlugin assetService, UserManagerBase userService, IHttpServer httpserver, string thisurl)
- {
- m_userService = userService;
- m_assetProvider = assetService;
-
- Init(invService, thisurl, httpserver);
- }
-
- private void Init(InventoryServiceBase invService, string thisurl, IHttpServer httpserver)
- {
- m_inventoryService = invService;
- m_thisInventoryUrl = thisurl;
- if (!m_thisInventoryUrl.EndsWith("/"))
- m_thisInventoryUrl += "/";
-
- Uri uri = new Uri(m_thisInventoryUrl);
- if (uri != null)
- {
- m_thisHostname = uri.Host;
- m_thisPort = (uint)uri.Port;
- }
-
- httpServer = httpserver;
-
- AddHttpHandlers();
- }
-
- public virtual void AddHttpHandlers()
- {
- httpServer.AddHTTPHandler("/InvCap/", CapHandler);
- }
-
- public bool CheckAuthSession(string session_id, string avatar_id)
- {
- return true;
- }
-
-
- // In truth, this is not called from the outside, for standalones. I'm just making it
- // a handler already so that this can be reused for the InventoryServer.
- public string CreateCapUrl(Guid _userid)
- {
- UUID userID = new UUID(_userid);
- UUID random = UUID.Random();
- string url = m_thisInventoryUrl + random.ToString() + "/";
- m_log.InfoFormat("[HGStandaloneInvService] Creating Cap URL {0} for user {1}", url, userID.ToString());
- return url;
- }
-
- ///
- /// Return a user's entire inventory
- ///
- ///
- /// The user's inventory. If an inventory cannot be found then an empty collection is returned.
- public InventoryCollection GetUserInventory(Guid rawUserID)
- {
- UUID userID = new UUID(rawUserID);
-
- m_log.Info("[HGStandaloneInvModule]: Processing request for inventory of " + userID);
-
- // Uncomment me to simulate a slow responding inventory server
- //Thread.Sleep(16000);
-
- InventoryCollection invCollection = new InventoryCollection();
-
- List allFolders = m_inventoryService.GetInventorySkeleton(userID);
-
- if (null == allFolders)
- {
- m_log.WarnFormat("[HGStandaloneInvModule]: No inventory found for user {0}", rawUserID);
-
- return invCollection;
- }
-
- List allItems = new List();
-
- foreach (InventoryFolderBase folder in allFolders)
- {
- List items = m_inventoryService.RequestFolderItems(folder.ID);
-
- if (items != null)
- {
- allItems.InsertRange(0, items);
- }
- }
-
- invCollection.UserID = userID;
- invCollection.Folders = allFolders;
- invCollection.Items = allItems;
-
- // foreach (InventoryFolderBase folder in invCollection.Folders)
- // {
- // m_log.DebugFormat("[GRID AGENT INVENTORY]: Sending back folder {0} {1}", folder.Name, folder.ID);
- // }
- //
- // foreach (InventoryItemBase item in invCollection.Items)
- // {
- // m_log.DebugFormat("[GRID AGENT INVENTORY]: Sending back item {0} {1}, folder {2}", item.Name, item.ID, item.Folder);
- // }
-
- m_log.InfoFormat(
- "[HGStandaloneInvModule]: Sending back inventory response to user {0} containing {1} folders and {2} items",
- invCollection.UserID, invCollection.Folders.Count, invCollection.Items.Count);
-
- return invCollection;
- }
-
- public InventoryCollection FetchDescendants(InventoryFolderBase fb)
- {
- m_log.Info("[HGStandaloneInvService]: Processing request for folder " + fb.ID);
-
- // Uncomment me to simulate a slow responding inventory server
- //Thread.Sleep(16000);
-
- InventoryCollection invCollection = new InventoryCollection();
-
- List items = m_inventoryService.RequestFolderItems(fb.ID);
- List folders = m_inventoryService.RequestSubFolders(fb.ID);
-
- invCollection.UserID = fb.Owner;
- invCollection.Folders = folders;
- invCollection.Items = items;
-
- m_log.DebugFormat("[HGStandaloneInvService]: Found {0} items and {1} folders", items.Count, folders.Count);
-
- return invCollection;
- }
-
- public bool RemoveFolder(InventoryFolderBase folder)
- {
- m_log.Debug("[HGStandaloneInvService]: Removefolder: Operation not implemented yet.");
- return false;
- }
-
- public InventoryItemBase GetInventoryItem(InventoryItemBase item)
- {
- m_log.Info("[HGStandaloneInvService]: Get item " + item.ID);
-
- item = m_inventoryService.GetInventoryItem(item.ID);
- if (item == null)
- m_log.Debug("[HGStandaloneInvService]: null item");
- return item;
- }
-
- public InventoryItemBase AddItem(InventoryItemBase item)
- {
- m_log.DebugFormat("[HGStandaloneInvService]: Add item {0} from {1}", item.ID, item.Owner);
- if (m_inventoryService.AddItem(item))
- return item;
- else
- {
- item.ID = UUID.Zero;
- return item;
- }
- }
-
- public InventoryItemBase UpdateItem(InventoryItemBase item)
- {
- m_log.DebugFormat("[HGStandaloneInvService]: Update item {0} from {1}", item.ID, item.Owner);
- InventoryItemBase it = m_inventoryService.GetInventoryItem(item.ID);
- item.CurrentPermissions = it.CurrentPermissions;
- item.AssetID = it.AssetID;
- if (m_inventoryService.UpdateItem(item))
- return item;
- else
- {
- item.ID = UUID.Zero;
- return item;
- }
- }
-
- public InventoryItemBase MoveItem(InventoryItemBase newitem)
- {
- m_log.DebugFormat("[HGStandaloneInvService]: Move item {0} from {1}", newitem.ID, newitem.Owner);
- InventoryItemBase Item = m_inventoryService.GetInventoryItem(newitem.ID);
- if (Item != null)
- {
- if (newitem.Name != String.Empty)
- {
- Item.Name = newitem.Name;
- }
- Item.Folder = newitem.Folder;
- m_inventoryService.UpdateItem(Item);
- return Item;
- }
- else
- {
- m_log.Debug("[HGStandaloneInvService]: Failed to find item " + newitem.ID);
- newitem.ID = UUID.Zero;
- return newitem;
- }
-
- }
-
- public InventoryItemBase DeleteItem(InventoryItemBase item)
- {
- item = m_inventoryService.GetInventoryItem(item.ID);
- if (m_inventoryService.DeleteItem(item))
- return item;
- else
- {
- item.ID = UUID.Zero;
- return item;
- }
- }
-
- public InventoryItemBase CopyItem(InventoryItemBase olditem)
- {
- m_log.DebugFormat("[HGStandaloneInvService]: Copy item {0} from {1}", olditem.ID, olditem.Owner);
- InventoryItemBase Item = m_inventoryService.GetInventoryItem(olditem.ID); // this is the old item id
- // BIG HACK here
- UUID newID = olditem.AssetID;
- if (Item != null)
- {
- if (olditem.Name != String.Empty)
- {
- Item.Name = olditem.Name;
- }
- Item.ID = newID;
- Item.Folder = olditem.Folder;
- Item.Owner = olditem.Owner;
- // There should be some tests here about the owner, etc but I'm going to ignore that
- // because I'm not sure it makes any sense
- // Also I should probably clone the asset...
- m_inventoryService.AddItem(Item);
- return Item;
- }
- else
- {
- m_log.Debug("[HGStandaloneInvService]: Failed to find item " + olditem.ID);
- olditem.ID = UUID.Zero;
- return olditem;
- }
-
- }
-
- ///
- /// Guid to UUID wrapper for same name IInventoryServices method
- ///
- ///
- ///
- public List GetInventorySkeleton(Guid rawUserID)
- {
- UUID userID = new UUID(rawUserID);
- return m_inventoryService.GetInventorySkeleton(userID);
- }
-
- public List GetActiveGestures(Guid rawUserID)
- {
- UUID userID = new UUID(rawUserID);
-
- m_log.InfoFormat("[HGStandaloneInvService]: fetching active gestures for user {0}", userID);
-
- return m_inventoryService.GetActiveGestures(userID);
- }
-
- public AssetBase GetAsset(InventoryItemBase item)
- {
- m_log.Info("[HGStandaloneInvService]: Get asset " + item.AssetID + " for item " + item.ID);
- AssetBase asset = new AssetBase(item.AssetID, "NULL"); // send an asset with no data
- InventoryItemBase item2 = m_inventoryService.GetInventoryItem(item.ID);
- if (item2 == null)
- {
- m_log.Debug("[HGStandaloneInvService]: null item");
- return asset;
- }
- if (item2.Owner != item.Owner)
- {
- m_log.DebugFormat("[HGStandaloneInvService]: client with uuid {0} is trying to get an item of owner {1}", item.Owner, item2.Owner);
- return asset;
- }
-
- // All good, get the asset
- //AssetBase theasset = m_assetProvider.FetchAsset(item.AssetID);
- AssetBase theasset = FetchAsset(item.AssetID, (item.InvType == (int)InventoryType.Texture));
-
- m_log.Debug("[HGStandaloneInvService] Found asset " + ((theasset == null) ? "NULL" : "Not Null"));
- if (theasset != null)
- {
- asset = theasset;
- //m_log.Debug(" >> Sending assetID " + item.AssetID);
- }
- return asset;
- }
-
- public bool PostAsset(AssetBase asset)
- {
- m_log.Info("[HGStandaloneInvService]: Post asset " + asset.FullID);
- //m_assetProvider.CreateAsset(asset);
- StoreAsset(asset);
-
- return true;
- }
-
- ///
- /// CapsUpdatedInventoryItemAsset(IClientAPI, UUID, byte[])
- ///
- public UUID UpdateInventoryItemAsset(UUID userID, UUID itemID, byte[] data)
- {
- m_log.Debug("[HGStandaloneInvService]: UpdateInventoryitemAsset for user " + userID + " item " + itemID);
- InventoryItemBase item = m_inventoryService.GetInventoryItem(itemID);
-
- if (item != null)
- {
- // We're still not dealing with permissions
- //if ((InventoryType)item.InvType == InventoryType.Notecard)
- //{
- // if (!Permissions.CanEditNotecard(itemID, UUID.Zero, userID))
- // {
- // //remoteClient.SendAgentAlertMessage("Insufficient permissions to edit notecard", false);
- // return UUID.Zero;
- // }
-
- // //remoteClient.SendAgentAlertMessage("Notecard saved", false);
- //}
- //else if ((InventoryType)item.InvType == InventoryType.LSL)
- //{
- // if (!Permissions.CanEditScript(itemID, UUID.Zero, remoteClient.AgentId))
- // {
- // //remoteClient.SendAgentAlertMessage("Insufficient permissions to edit script", false);
- // return UUID.Zero;
- // }
-
- // //remoteClient.SendAgentAlertMessage("Script saved", false);
- //}
-
- AssetBase asset = CreateAsset(item.Name, item.Description, (sbyte)item.AssetType, data);
- PostAsset(asset);
-
- item.AssetID = asset.FullID;
- item.Owner = userID;
- m_inventoryService.UpdateItem(item);
-
- return (asset.FullID);
- }
- return UUID.Zero;
- }
-
- private AssetBase CreateAsset(string name, string description, sbyte assetType, byte[] data)
- {
- AssetBase asset = new AssetBase();
- asset.Name = name;
- asset.Description = description;
- asset.Type = assetType;
- asset.FullID = UUID.Random();
- asset.Data = (data == null) ? new byte[1] : data;
-
- return asset;
- }
-
- #region Caps
-
- Dictionary invCaps = new Dictionary();
-
- public Hashtable CapHandler(Hashtable request)
- {
- m_log.Debug("[CONNECTION DEBUGGING]: InvCapHandler Called");
-
- m_log.Debug("---------------------------");
- m_log.Debug(" >> uri=" + request["uri"]);
- m_log.Debug(" >> content-type=" + request["content-type"]);
- m_log.Debug(" >> http-method=" + request["http-method"]);
- m_log.Debug("---------------------------\n");
-
- // these are requests if the type
- // http://inventoryserver/InvCap/uuuuuuuu-uuuu-uuuu-uuuu-uuuuuuuuuuuu/kkkkkkkk-kkkk-kkkk-kkkk-kkkkkkkkkkkk/
-
- Hashtable responsedata = new Hashtable();
- responsedata["content_type"] = "text/plain";
-
- UUID userID;
- string authToken = string.Empty;
- string authority = string.Empty;
- if (!GetParams(request, out userID, out authority, out authToken))
- {
- m_log.InfoFormat("[HGStandaloneInvService]: Invalid parameters for InvCap message {0}", request["uri"]);
- responsedata["int_response_code"] = 404;
- responsedata["str_response_string"] = "Not found";
-
- return responsedata;
- }
-
- // Next, let's parse the verb
- string method = (string)request["http-method"];
- if (method.Equals("GET"))
- {
- DoInvCapPost(request, responsedata, userID, authToken);
- return responsedata;
- }
- //else if (method.Equals("DELETE"))
- //{
- // DoAgentDelete(request, responsedata, agentID, action, regionHandle);
-
- // return responsedata;
- //}
- else
- {
- m_log.InfoFormat("[HGStandaloneInvService]: method {0} not supported in agent message", method);
- responsedata["int_response_code"] = 405;
- responsedata["str_response_string"] = "Method not allowed";
-
- return responsedata;
- }
-
- }
-
- public virtual void DoInvCapPost(Hashtable request, Hashtable responsedata, UUID userID, string authToken)
- {
-
- // This is the meaning of POST agent
-
- // Check Auth Token
- if ((m_userService != null) && !(m_userService is IAuthentication))
- {
- m_log.Debug("[HGStandaloneInvService]: UserService is not IAuthentication. Denying access to inventory.");
- responsedata["int_response_code"] = 501;
- responsedata["str_response_string"] = "Not implemented";
- return;
- }
-
- bool success = VerifyKey(userID, authToken);
- m_log.Debug("[HGStandaloneInvService]: Key verification returned " + success);
-
- if (success)
- {
-
- m_log.DebugFormat("[HGStandaloneInvService]: User has been authorized. Creating service handlers.");
-
- // Then establish secret service handlers
-
- Hashtable usercaps = RegisterCaps(userID, authToken);
-
- responsedata["int_response_code"] = 200;
- //responsedata["str_response_string"] = "OK";
- responsedata["str_response_string"] = SerializeHashtable(usercaps);
- }
- else
- {
- m_log.DebugFormat("[HGStandaloneInvService]: User has is unauthorized. Denying service handlers.");
- responsedata["int_response_code"] = 403;
- responsedata["str_response_string"] = "Forbidden";
- }
- }
-
-
- ///
- /// Extract the params from a request.
- ///
- public static bool GetParams(Hashtable request, out UUID uuid, out string authority, out string authKey)
- {
- uuid = UUID.Zero;
- authority = string.Empty;
- authKey = string.Empty;
-
- string uri = (string)request["uri"];
- uri = uri.Trim(new char[] { '/' });
- string[] parts = uri.Split('/');
- if (parts.Length <= 1)
- {
- return false;
- }
- else
- {
- if (!UUID.TryParse(parts[1], out uuid))
- return false;
-
- if (parts.Length >= 3)
- {
- authKey = parts[2];
- return true;
- }
- }
-
- Uri authUri;
- Hashtable headers = (Hashtable)request["headers"];
-
- // Authorization keys look like this:
- // http://orgrid.org:8002/
- if (headers.ContainsKey("authorization"))
- {
- if (Uri.TryCreate((string)headers["authorization"], UriKind.Absolute, out authUri))
- {
- authority = authUri.Authority;
- authKey = authUri.PathAndQuery.Trim('/');
- m_log.DebugFormat("[HGStandaloneInvService]: Got authority {0} and key {1}", authority, authKey);
- return true;
- }
- else
- m_log.Debug("[HGStandaloneInvService]: Wrong format for Authorization header: " + (string)headers["authorization"]);
- }
- else
- m_log.Debug("[HGStandaloneInvService]: Authorization header not found");
-
- return false;
- }
-
- string SerializeHashtable(Hashtable hash)
- {
- string result = string.Empty;
- foreach (object key in hash.Keys)
- {
- result += key.ToString() + "," + hash[key].ToString() + ";";
- }
- return result;
- }
-
- Hashtable RegisterCaps(UUID userID, string authToken)
- {
- lock (invCaps)
- {
- if (invCaps.ContainsKey(userID))
- {
- // Remove the old ones
- DeregisterCaps(httpServer, invCaps[userID]);
- invCaps.Remove(userID);
- }
- }
-
- Caps caps = new Caps(null, httpServer, m_thisHostname, m_thisPort, authToken, userID, false, "Inventory");
- caps.RegisterInventoryServiceHandlers("/" + authToken + "/InventoryCap/");
- caps.ItemUpdatedCall = UpdateInventoryItemAsset;
- Hashtable capsHandlers = caps.CapsHandlers.CapsDetails;
-
- httpServer.AddStreamHandler(new RestDeserialiseSecureHandler(
- "POST", AddAndGetCapUrl(authToken, "GetInventory", capsHandlers), GetUserInventory, CheckAuthSession));
-
- httpServer.AddStreamHandler(new RestDeserialiseSecureHandler(
- "POST", AddAndGetCapUrl(authToken, "FetchDescendants", capsHandlers), FetchDescendants, CheckAuthSession));
- httpServer.AddStreamHandler(new RestDeserialiseSecureHandler(
- "POST", AddAndGetCapUrl(authToken, "NewFolder", capsHandlers), m_inventoryService.AddFolder, CheckAuthSession));
- httpServer.AddStreamHandler(new RestDeserialiseSecureHandler(
- "POST", AddAndGetCapUrl(authToken, "UpdateFolder", capsHandlers), m_inventoryService.UpdateFolder, CheckAuthSession));
- httpServer.AddStreamHandler(new RestDeserialiseSecureHandler(
- "POST", AddAndGetCapUrl(authToken, "MoveFolder", capsHandlers), m_inventoryService.MoveFolder, CheckAuthSession));
- httpServer.AddStreamHandler(new RestDeserialiseSecureHandler(
- "POST", AddAndGetCapUrl(authToken, "PurgeFolder", capsHandlers), m_inventoryService.PurgeFolder, CheckAuthSession));
- httpServer.AddStreamHandler(new RestDeserialiseSecureHandler(
- "POST", AddAndGetCapUrl(authToken, "RemoveFolder", capsHandlers), RemoveFolder, CheckAuthSession));
-
- httpServer.AddStreamHandler(new RestDeserialiseSecureHandler(
- "POST", AddAndGetCapUrl(authToken, "GetItem", capsHandlers), GetInventoryItem, CheckAuthSession));
- httpServer.AddStreamHandler(new RestDeserialiseSecureHandler(
- "POST", AddAndGetCapUrl(authToken, "NewItem", capsHandlers), AddItem, CheckAuthSession));
- httpServer.AddStreamHandler(new RestDeserialiseSecureHandler(
- "POST", AddAndGetCapUrl(authToken, "UpdateItem", capsHandlers), UpdateItem, CheckAuthSession));
- httpServer.AddStreamHandler(new RestDeserialiseSecureHandler(
- "POST", AddAndGetCapUrl(authToken, "MoveItem", capsHandlers), MoveItem, CheckAuthSession));
- httpServer.AddStreamHandler(new RestDeserialiseSecureHandler(
- "POST", AddAndGetCapUrl(authToken, "DeleteItem", capsHandlers), DeleteItem, CheckAuthSession));
- httpServer.AddStreamHandler(new RestDeserialiseSecureHandler(
- "POST", AddAndGetCapUrl(authToken, "CopyItem", capsHandlers), CopyItem, CheckAuthSession));
-
- httpServer.AddStreamHandler(new RestDeserialiseSecureHandler(
- "POST", AddAndGetCapUrl(authToken, "GetAsset", capsHandlers), GetAsset, CheckAuthSession));
- httpServer.AddStreamHandler(new RestDeserialiseSecureHandler(
- "POST", AddAndGetCapUrl(authToken, "PostAsset", capsHandlers), PostAsset, CheckAuthSession));
-
- lock (invCaps)
- invCaps.Add(userID, capsHandlers);
-
- return capsHandlers;
- }
-
- string AddAndGetCapUrl(string authToken, string capType, Hashtable caps)
- {
- string capUrl = "/" + authToken + "/" + capType + "/";
-
- m_log.Debug("[HGStandaloneInvService] Adding inventory cap " + capUrl);
- caps.Add(capType, capUrl);
- return capUrl;
- }
-
- void DeregisterCaps(IHttpServer httpServer, Hashtable caps)
- {
- foreach (string capUrl in caps.Values)
- {
- m_log.Debug("[HGStandaloneInvService] Removing inventory cap " + capUrl);
- httpServer.RemoveStreamHandler("POST", capUrl);
- }
- }
-
- #endregion Caps
-
- #region Local vs Remote
-
- bool VerifyKey(UUID userID, string key)
- {
- // Remote call to the Authorization server
- if (m_userService == null)
- return AuthClient.VerifyKey(m_UserServerURL, userID, key);
- // local call
- else
- return ((IAuthentication)m_userService).VerifyKey(userID, key);
- }
-
- AssetBase FetchAsset(UUID assetID, bool isTexture)
- {
- // Remote call to the Asset server
- if (m_assetProvider == null)
- return m_AssetClient.SyncGetAsset(assetID, isTexture);
- // local call
- else
- return m_assetProvider.FetchAsset(assetID);
- }
-
- void StoreAsset(AssetBase asset)
- {
- // Remote call to the Asset server
- if (m_assetProvider == null)
- m_AssetClient.StoreAsset(asset);
- // local call
- else
- m_assetProvider.CreateAsset(asset);
- }
-
- #endregion Local vs Remote
- }
-
- class SynchronousGridAssetClient : GridAssetClient
- {
- public SynchronousGridAssetClient(string url)
- : base(url)
- {
- }
-
- public AssetBase SyncGetAsset(UUID assetID, bool isTexture)
- {
- AssetRequest assReq = new AssetRequest();
- assReq.AssetID = assetID;
- assReq.IsTexture = isTexture;
- return base.GetAsset(assReq);
- }
-
- }
-}
+/**
+ * Copyright (c) 2008, Contributors. All rights reserved.
+ * See CONTRIBUTORS.TXT for a full list of copyright holders.
+ *
+ * Redistribution and use in source and binary forms, with or without modification,
+ * are permitted provided that the following conditions are met:
+ *
+ * * Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ * * Neither the name of the Organizations nor the names of Individual
+ * Contributors may be used to endorse or promote products derived from
+ * this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
+ * THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+ * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+using System;
+using System.Collections;
+using System.Collections.Generic;
+using System.Reflection;
+using log4net;
+using Nini.Config;
+using OpenMetaverse;
+using OpenSim.Data;
+using OpenSim.Framework;
+using OpenSim.Framework.Communications.Clients;
+using OpenSim.Framework.Communications.Cache;
+using Caps = OpenSim.Framework.Communications.Capabilities.Caps;
+using LLSDHelpers = OpenSim.Framework.Communications.Capabilities.LLSDHelpers;
+using OpenSim.Framework.Servers;
+using OpenSim.Framework.Servers.Interfaces;
+
+using OpenMetaverse.StructuredData;
+
+namespace OpenSim.Framework.Communications.Services
+{
+ public class HGInventoryService
+ {
+ private static readonly ILog m_log
+ = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
+
+ private InventoryServiceBase m_inventoryService;
+ IHttpServer httpServer;
+ private string m_thisInventoryUrl = "http://localhost:9000";
+ private string m_thisHostname = "127.0.0.1";
+ private uint m_thisPort = 9000;
+
+ // These two used for local access, standalone mode
+ private UserManagerBase m_userService = null;
+ IAssetDataPlugin m_assetProvider = null;
+
+ // These two used for remote access
+ string m_UserServerURL = string.Empty;
+ string m_AssetServerURL = string.Empty;
+ SynchronousGridAssetClient m_AssetClient = null;
+
+ // Constructor for grid inventory server
+ public HGInventoryService(InventoryServiceBase invService, string assetServiceURL, string userServiceURL, IHttpServer httpserver, string thisurl)
+ {
+ m_UserServerURL = userServiceURL;
+ m_AssetServerURL = assetServiceURL;
+
+ m_AssetClient = new SynchronousGridAssetClient(m_AssetServerURL);
+
+ Init(invService, thisurl, httpserver);
+ }
+
+ // Constructor for standalone mode
+ public HGInventoryService(InventoryServiceBase invService, IAssetDataPlugin assetService, UserManagerBase userService, IHttpServer httpserver, string thisurl)
+ {
+ m_userService = userService;
+ m_assetProvider = assetService;
+
+ Init(invService, thisurl, httpserver);
+ }
+
+ private void Init(InventoryServiceBase invService, string thisurl, IHttpServer httpserver)
+ {
+ m_inventoryService = invService;
+ m_thisInventoryUrl = thisurl;
+ if (!m_thisInventoryUrl.EndsWith("/"))
+ m_thisInventoryUrl += "/";
+
+ Uri uri = new Uri(m_thisInventoryUrl);
+ if (uri != null)
+ {
+ m_thisHostname = uri.Host;
+ m_thisPort = (uint)uri.Port;
+ }
+
+ httpServer = httpserver;
+
+ AddHttpHandlers();
+ }
+
+ public virtual void AddHttpHandlers()
+ {
+ httpServer.AddHTTPHandler("/InvCap/", CapHandler);
+ }
+
+ public bool CheckAuthSession(string session_id, string avatar_id)
+ {
+ return true;
+ }
+
+
+ // In truth, this is not called from the outside, for standalones. I'm just making it
+ // a handler already so that this can be reused for the InventoryServer.
+ public string CreateCapUrl(Guid _userid)
+ {
+ UUID userID = new UUID(_userid);
+ UUID random = UUID.Random();
+ string url = m_thisInventoryUrl + random.ToString() + "/";
+ m_log.InfoFormat("[HGStandaloneInvService] Creating Cap URL {0} for user {1}", url, userID.ToString());
+ return url;
+ }
+
+ ///
+ /// Return a user's entire inventory
+ ///
+ ///
+ /// The user's inventory. If an inventory cannot be found then an empty collection is returned.
+ public InventoryCollection GetUserInventory(Guid rawUserID)
+ {
+ UUID userID = new UUID(rawUserID);
+
+ m_log.Info("[HGStandaloneInvModule]: Processing request for inventory of " + userID);
+
+ // Uncomment me to simulate a slow responding inventory server
+ //Thread.Sleep(16000);
+
+ InventoryCollection invCollection = new InventoryCollection();
+
+ List allFolders = m_inventoryService.GetInventorySkeleton(userID);
+
+ if (null == allFolders)
+ {
+ m_log.WarnFormat("[HGStandaloneInvModule]: No inventory found for user {0}", rawUserID);
+
+ return invCollection;
+ }
+
+ List allItems = new List();
+
+ foreach (InventoryFolderBase folder in allFolders)
+ {
+ List items = m_inventoryService.RequestFolderItems(folder.ID);
+
+ if (items != null)
+ {
+ allItems.InsertRange(0, items);
+ }
+ }
+
+ invCollection.UserID = userID;
+ invCollection.Folders = allFolders;
+ invCollection.Items = allItems;
+
+ // foreach (InventoryFolderBase folder in invCollection.Folders)
+ // {
+ // m_log.DebugFormat("[GRID AGENT INVENTORY]: Sending back folder {0} {1}", folder.Name, folder.ID);
+ // }
+ //
+ // foreach (InventoryItemBase item in invCollection.Items)
+ // {
+ // m_log.DebugFormat("[GRID AGENT INVENTORY]: Sending back item {0} {1}, folder {2}", item.Name, item.ID, item.Folder);
+ // }
+
+ m_log.InfoFormat(
+ "[HGStandaloneInvModule]: Sending back inventory response to user {0} containing {1} folders and {2} items",
+ invCollection.UserID, invCollection.Folders.Count, invCollection.Items.Count);
+
+ return invCollection;
+ }
+
+ public InventoryCollection FetchDescendants(InventoryFolderBase fb)
+ {
+ m_log.Info("[HGStandaloneInvService]: Processing request for folder " + fb.ID);
+
+ // Uncomment me to simulate a slow responding inventory server
+ //Thread.Sleep(16000);
+
+ InventoryCollection invCollection = new InventoryCollection();
+
+ List items = m_inventoryService.RequestFolderItems(fb.ID);
+ List folders = m_inventoryService.RequestSubFolders(fb.ID);
+
+ invCollection.UserID = fb.Owner;
+ invCollection.Folders = folders;
+ invCollection.Items = items;
+
+ m_log.DebugFormat("[HGStandaloneInvService]: Found {0} items and {1} folders", items.Count, folders.Count);
+
+ return invCollection;
+ }
+
+ public bool RemoveFolder(InventoryFolderBase folder)
+ {
+ m_log.Debug("[HGStandaloneInvService]: Removefolder: Operation not implemented yet.");
+ return false;
+ }
+
+ public InventoryItemBase GetInventoryItem(InventoryItemBase item)
+ {
+ m_log.Info("[HGStandaloneInvService]: Get item " + item.ID);
+
+ item = m_inventoryService.GetInventoryItem(item.ID);
+ if (item == null)
+ m_log.Debug("[HGStandaloneInvService]: null item");
+ return item;
+ }
+
+ public InventoryItemBase AddItem(InventoryItemBase item)
+ {
+ m_log.DebugFormat("[HGStandaloneInvService]: Add item {0} from {1}", item.ID, item.Owner);
+ if (m_inventoryService.AddItem(item))
+ return item;
+ else
+ {
+ item.ID = UUID.Zero;
+ return item;
+ }
+ }
+
+ public InventoryItemBase UpdateItem(InventoryItemBase item)
+ {
+ m_log.DebugFormat("[HGStandaloneInvService]: Update item {0} from {1}", item.ID, item.Owner);
+ InventoryItemBase it = m_inventoryService.GetInventoryItem(item.ID);
+ item.CurrentPermissions = it.CurrentPermissions;
+ item.AssetID = it.AssetID;
+ if (m_inventoryService.UpdateItem(item))
+ return item;
+ else
+ {
+ item.ID = UUID.Zero;
+ return item;
+ }
+ }
+
+ public InventoryItemBase MoveItem(InventoryItemBase newitem)
+ {
+ m_log.DebugFormat("[HGStandaloneInvService]: Move item {0} from {1}", newitem.ID, newitem.Owner);
+ InventoryItemBase Item = m_inventoryService.GetInventoryItem(newitem.ID);
+ if (Item != null)
+ {
+ if (newitem.Name != String.Empty)
+ {
+ Item.Name = newitem.Name;
+ }
+ Item.Folder = newitem.Folder;
+ m_inventoryService.UpdateItem(Item);
+ return Item;
+ }
+ else
+ {
+ m_log.Debug("[HGStandaloneInvService]: Failed to find item " + newitem.ID);
+ newitem.ID = UUID.Zero;
+ return newitem;
+ }
+
+ }
+
+ public InventoryItemBase DeleteItem(InventoryItemBase item)
+ {
+ item = m_inventoryService.GetInventoryItem(item.ID);
+ if (m_inventoryService.DeleteItem(item))
+ return item;
+ else
+ {
+ item.ID = UUID.Zero;
+ return item;
+ }
+ }
+
+ public InventoryItemBase CopyItem(InventoryItemBase olditem)
+ {
+ m_log.DebugFormat("[HGStandaloneInvService]: Copy item {0} from {1}", olditem.ID, olditem.Owner);
+ InventoryItemBase Item = m_inventoryService.GetInventoryItem(olditem.ID); // this is the old item id
+ // BIG HACK here
+ UUID newID = olditem.AssetID;
+ if (Item != null)
+ {
+ if (olditem.Name != String.Empty)
+ {
+ Item.Name = olditem.Name;
+ }
+ Item.ID = newID;
+ Item.Folder = olditem.Folder;
+ Item.Owner = olditem.Owner;
+ // There should be some tests here about the owner, etc but I'm going to ignore that
+ // because I'm not sure it makes any sense
+ // Also I should probably clone the asset...
+ m_inventoryService.AddItem(Item);
+ return Item;
+ }
+ else
+ {
+ m_log.Debug("[HGStandaloneInvService]: Failed to find item " + olditem.ID);
+ olditem.ID = UUID.Zero;
+ return olditem;
+ }
+
+ }
+
+ ///
+ /// Guid to UUID wrapper for same name IInventoryServices method
+ ///
+ ///
+ ///
+ public List GetInventorySkeleton(Guid rawUserID)
+ {
+ UUID userID = new UUID(rawUserID);
+ return m_inventoryService.GetInventorySkeleton(userID);
+ }
+
+ public List GetActiveGestures(Guid rawUserID)
+ {
+ UUID userID = new UUID(rawUserID);
+
+ m_log.InfoFormat("[HGStandaloneInvService]: fetching active gestures for user {0}", userID);
+
+ return m_inventoryService.GetActiveGestures(userID);
+ }
+
+ public AssetBase GetAsset(InventoryItemBase item)
+ {
+ m_log.Info("[HGStandaloneInvService]: Get asset " + item.AssetID + " for item " + item.ID);
+ AssetBase asset = new AssetBase(item.AssetID, "NULL"); // send an asset with no data
+ InventoryItemBase item2 = m_inventoryService.GetInventoryItem(item.ID);
+ if (item2 == null)
+ {
+ m_log.Debug("[HGStandaloneInvService]: null item");
+ return asset;
+ }
+ if (item2.Owner != item.Owner)
+ {
+ m_log.DebugFormat("[HGStandaloneInvService]: client with uuid {0} is trying to get an item of owner {1}", item.Owner, item2.Owner);
+ return asset;
+ }
+
+ // All good, get the asset
+ //AssetBase theasset = m_assetProvider.FetchAsset(item.AssetID);
+ AssetBase theasset = FetchAsset(item.AssetID, (item.InvType == (int)InventoryType.Texture));
+
+ m_log.Debug("[HGStandaloneInvService] Found asset " + ((theasset == null) ? "NULL" : "Not Null"));
+ if (theasset != null)
+ {
+ asset = theasset;
+ //m_log.Debug(" >> Sending assetID " + item.AssetID);
+ }
+ return asset;
+ }
+
+ public bool PostAsset(AssetBase asset)
+ {
+ m_log.Info("[HGStandaloneInvService]: Post asset " + asset.FullID);
+ //m_assetProvider.CreateAsset(asset);
+ StoreAsset(asset);
+
+ return true;
+ }
+
+ ///
+ /// CapsUpdatedInventoryItemAsset(IClientAPI, UUID, byte[])
+ ///
+ public UUID UpdateInventoryItemAsset(UUID userID, UUID itemID, byte[] data)
+ {
+ m_log.Debug("[HGStandaloneInvService]: UpdateInventoryitemAsset for user " + userID + " item " + itemID);
+ InventoryItemBase item = m_inventoryService.GetInventoryItem(itemID);
+
+ if (item != null)
+ {
+ // We're still not dealing with permissions
+ //if ((InventoryType)item.InvType == InventoryType.Notecard)
+ //{
+ // if (!Permissions.CanEditNotecard(itemID, UUID.Zero, userID))
+ // {
+ // //remoteClient.SendAgentAlertMessage("Insufficient permissions to edit notecard", false);
+ // return UUID.Zero;
+ // }
+
+ // //remoteClient.SendAgentAlertMessage("Notecard saved", false);
+ //}
+ //else if ((InventoryType)item.InvType == InventoryType.LSL)
+ //{
+ // if (!Permissions.CanEditScript(itemID, UUID.Zero, remoteClient.AgentId))
+ // {
+ // //remoteClient.SendAgentAlertMessage("Insufficient permissions to edit script", false);
+ // return UUID.Zero;
+ // }
+
+ // //remoteClient.SendAgentAlertMessage("Script saved", false);
+ //}
+
+ AssetBase asset = CreateAsset(item.Name, item.Description, (sbyte)item.AssetType, data);
+ PostAsset(asset);
+
+ item.AssetID = asset.FullID;
+ item.Owner = userID;
+ m_inventoryService.UpdateItem(item);
+
+ return (asset.FullID);
+ }
+ return UUID.Zero;
+ }
+
+ private AssetBase CreateAsset(string name, string description, sbyte assetType, byte[] data)
+ {
+ AssetBase asset = new AssetBase();
+ asset.Name = name;
+ asset.Description = description;
+ asset.Type = assetType;
+ asset.FullID = UUID.Random();
+ asset.Data = (data == null) ? new byte[1] : data;
+
+ return asset;
+ }
+
+ #region Caps
+
+ Dictionary invCaps = new Dictionary();
+
+ public Hashtable CapHandler(Hashtable request)
+ {
+ m_log.Debug("[CONNECTION DEBUGGING]: InvCapHandler Called");
+
+ m_log.Debug("---------------------------");
+ m_log.Debug(" >> uri=" + request["uri"]);
+ m_log.Debug(" >> content-type=" + request["content-type"]);
+ m_log.Debug(" >> http-method=" + request["http-method"]);
+ m_log.Debug("---------------------------\n");
+
+ // these are requests if the type
+ // http://inventoryserver/InvCap/uuuuuuuu-uuuu-uuuu-uuuu-uuuuuuuuuuuu/kkkkkkkk-kkkk-kkkk-kkkk-kkkkkkkkkkkk/
+
+ Hashtable responsedata = new Hashtable();
+ responsedata["content_type"] = "text/plain";
+
+ UUID userID;
+ string authToken = string.Empty;
+ string authority = string.Empty;
+ if (!GetParams(request, out userID, out authority, out authToken))
+ {
+ m_log.InfoFormat("[HGStandaloneInvService]: Invalid parameters for InvCap message {0}", request["uri"]);
+ responsedata["int_response_code"] = 404;
+ responsedata["str_response_string"] = "Not found";
+
+ return responsedata;
+ }
+
+ // Next, let's parse the verb
+ string method = (string)request["http-method"];
+ if (method.Equals("GET"))
+ {
+ DoInvCapPost(request, responsedata, userID, authority, authToken);
+ return responsedata;
+ }
+ //else if (method.Equals("DELETE"))
+ //{
+ // DoAgentDelete(request, responsedata, agentID, action, regionHandle);
+
+ // return responsedata;
+ //}
+ else
+ {
+ m_log.InfoFormat("[HGStandaloneInvService]: method {0} not supported in agent message", method);
+ responsedata["int_response_code"] = 405;
+ responsedata["str_response_string"] = "Method not allowed";
+
+ return responsedata;
+ }
+
+ }
+
+ public virtual void DoInvCapPost(Hashtable request, Hashtable responsedata, UUID userID, string authority, string authToken)
+ {
+
+ // This is the meaning of POST agent
+
+ // Check Auth Token
+ if ((m_userService != null) && !(m_userService is IAuthentication))
+ {
+ m_log.Debug("[HGStandaloneInvService]: UserService is not IAuthentication. Denying access to inventory.");
+ responsedata["int_response_code"] = 501;
+ responsedata["str_response_string"] = "Not implemented";
+ return;
+ }
+
+ bool success = VerifyKey(userID, authority, authToken);
+
+ if (success)
+ {
+
+ m_log.DebugFormat("[HGStandaloneInvService]: User has been authorized. Creating service handlers.");
+
+ // Then establish secret service handlers
+
+ Hashtable usercaps = RegisterCaps(userID, authToken);
+
+ responsedata["int_response_code"] = 200;
+ //responsedata["str_response_string"] = "OK";
+ responsedata["str_response_string"] = SerializeHashtable(usercaps);
+ }
+ else
+ {
+ m_log.DebugFormat("[HGStandaloneInvService]: User has is unauthorized. Denying service handlers.");
+ responsedata["int_response_code"] = 403;
+ responsedata["str_response_string"] = "Forbidden";
+ }
+ }
+
+
+ ///
+ /// Extract the params from a request.
+ ///
+ public static bool GetParams(Hashtable request, out UUID uuid, out string authority, out string authKey)
+ {
+ uuid = UUID.Zero;
+ authority = string.Empty;
+ authKey = string.Empty;
+
+ string uri = (string)request["uri"];
+ uri = uri.Trim(new char[] { '/' });
+ string[] parts = uri.Split('/');
+ if (parts.Length <= 1)
+ {
+ return false;
+ }
+ else
+ {
+ if (!UUID.TryParse(parts[1], out uuid))
+ return false;
+
+ if (parts.Length >= 3)
+ {
+ authKey = parts[2];
+ return true;
+ }
+ }
+
+ Uri authUri;
+ Hashtable headers = (Hashtable)request["headers"];
+
+ // Authorization keys look like this:
+ // http://orgrid.org:8002/
+ if (headers.ContainsKey("authorization"))
+ {
+ if (Uri.TryCreate((string)headers["authorization"], UriKind.Absolute, out authUri))
+ {
+ authority = authUri.Authority;
+ authKey = authUri.PathAndQuery.Trim('/');
+ m_log.DebugFormat("[HGStandaloneInvService]: Got authority {0} and key {1}", authority, authKey);
+ return true;
+ }
+ else
+ m_log.Debug("[HGStandaloneInvService]: Wrong format for Authorization header: " + (string)headers["authorization"]);
+ }
+ else
+ m_log.Debug("[HGStandaloneInvService]: Authorization header not found");
+
+ return false;
+ }
+
+ string SerializeHashtable(Hashtable hash)
+ {
+ string result = string.Empty;
+ foreach (object key in hash.Keys)
+ {
+ result += key.ToString() + "," + hash[key].ToString() + ";";
+ }
+ return result;
+ }
+
+ Hashtable RegisterCaps(UUID userID, string authToken)
+ {
+ lock (invCaps)
+ {
+ if (invCaps.ContainsKey(userID))
+ {
+ // Remove the old ones
+ DeregisterCaps(httpServer, invCaps[userID]);
+ invCaps.Remove(userID);
+ }
+ }
+
+ Caps caps = new Caps(null, httpServer, m_thisHostname, m_thisPort, authToken, userID, false, "Inventory");
+ caps.RegisterInventoryServiceHandlers("/" + authToken + "/InventoryCap/");
+ caps.ItemUpdatedCall = UpdateInventoryItemAsset;
+ Hashtable capsHandlers = caps.CapsHandlers.CapsDetails;
+
+ httpServer.AddStreamHandler(new RestDeserialiseSecureHandler(
+ "POST", AddAndGetCapUrl(authToken, "GetInventory", capsHandlers), GetUserInventory, CheckAuthSession));
+
+ httpServer.AddStreamHandler(new RestDeserialiseSecureHandler(
+ "POST", AddAndGetCapUrl(authToken, "FetchDescendants", capsHandlers), FetchDescendants, CheckAuthSession));
+ httpServer.AddStreamHandler(new RestDeserialiseSecureHandler(
+ "POST", AddAndGetCapUrl(authToken, "NewFolder", capsHandlers), m_inventoryService.AddFolder, CheckAuthSession));
+ httpServer.AddStreamHandler(new RestDeserialiseSecureHandler(
+ "POST", AddAndGetCapUrl(authToken, "UpdateFolder", capsHandlers), m_inventoryService.UpdateFolder, CheckAuthSession));
+ httpServer.AddStreamHandler(new RestDeserialiseSecureHandler(
+ "POST", AddAndGetCapUrl(authToken, "MoveFolder", capsHandlers), m_inventoryService.MoveFolder, CheckAuthSession));
+ httpServer.AddStreamHandler(new RestDeserialiseSecureHandler(
+ "POST", AddAndGetCapUrl(authToken, "PurgeFolder", capsHandlers), m_inventoryService.PurgeFolder, CheckAuthSession));
+ httpServer.AddStreamHandler(new RestDeserialiseSecureHandler(
+ "POST", AddAndGetCapUrl(authToken, "RemoveFolder", capsHandlers), RemoveFolder, CheckAuthSession));
+
+ httpServer.AddStreamHandler(new RestDeserialiseSecureHandler(
+ "POST", AddAndGetCapUrl(authToken, "GetItem", capsHandlers), GetInventoryItem, CheckAuthSession));
+ httpServer.AddStreamHandler(new RestDeserialiseSecureHandler(
+ "POST", AddAndGetCapUrl(authToken, "NewItem", capsHandlers), AddItem, CheckAuthSession));
+ httpServer.AddStreamHandler(new RestDeserialiseSecureHandler(
+ "POST", AddAndGetCapUrl(authToken, "UpdateItem", capsHandlers), UpdateItem, CheckAuthSession));
+ httpServer.AddStreamHandler(new RestDeserialiseSecureHandler(
+ "POST", AddAndGetCapUrl(authToken, "MoveItem", capsHandlers), MoveItem, CheckAuthSession));
+ httpServer.AddStreamHandler(new RestDeserialiseSecureHandler(
+ "POST", AddAndGetCapUrl(authToken, "DeleteItem", capsHandlers), DeleteItem, CheckAuthSession));
+ httpServer.AddStreamHandler(new RestDeserialiseSecureHandler(
+ "POST", AddAndGetCapUrl(authToken, "CopyItem", capsHandlers), CopyItem, CheckAuthSession));
+
+ httpServer.AddStreamHandler(new RestDeserialiseSecureHandler(
+ "POST", AddAndGetCapUrl(authToken, "GetAsset", capsHandlers), GetAsset, CheckAuthSession));
+ httpServer.AddStreamHandler(new RestDeserialiseSecureHandler(
+ "POST", AddAndGetCapUrl(authToken, "PostAsset", capsHandlers), PostAsset, CheckAuthSession));
+
+ lock (invCaps)
+ invCaps.Add(userID, capsHandlers);
+
+ return capsHandlers;
+ }
+
+ string AddAndGetCapUrl(string authToken, string capType, Hashtable caps)
+ {
+ string capUrl = "/" + authToken + "/" + capType + "/";
+
+ m_log.Debug("[HGStandaloneInvService] Adding inventory cap " + capUrl);
+ caps.Add(capType, capUrl);
+ return capUrl;
+ }
+
+ void DeregisterCaps(IHttpServer httpServer, Hashtable caps)
+ {
+ foreach (string capUrl in caps.Values)
+ {
+ m_log.Debug("[HGStandaloneInvService] Removing inventory cap " + capUrl);
+ httpServer.RemoveStreamHandler("POST", capUrl);
+ }
+ }
+
+ #endregion Caps
+
+ #region Local vs Remote
+
+ bool VerifyKey(UUID userID, string authority, string key)
+ {
+ // Remote call to the Authorization server
+ if (m_userService == null)
+ return AuthClient.VerifyKey("http://" + authority, userID, key);
+ // local call
+ else
+ return ((IAuthentication)m_userService).VerifyKey(userID, key);
+ }
+
+ AssetBase FetchAsset(UUID assetID, bool isTexture)
+ {
+ // Remote call to the Asset server
+ if (m_assetProvider == null)
+ return m_AssetClient.SyncGetAsset(assetID, isTexture);
+ // local call
+ else
+ return m_assetProvider.FetchAsset(assetID);
+ }
+
+ void StoreAsset(AssetBase asset)
+ {
+ // Remote call to the Asset server
+ if (m_assetProvider == null)
+ m_AssetClient.StoreAsset(asset);
+ // local call
+ else
+ m_assetProvider.CreateAsset(asset);
+ }
+
+ #endregion Local vs Remote
+ }
+
+ class SynchronousGridAssetClient : GridAssetClient
+ {
+ public SynchronousGridAssetClient(string url)
+ : base(url)
+ {
+ }
+
+ public AssetBase SyncGetAsset(UUID assetID, bool isTexture)
+ {
+ AssetRequest assReq = new AssetRequest();
+ assReq.AssetID = assetID;
+ assReq.IsTexture = isTexture;
+ return base.GetAsset(assReq);
+ }
+
+ }
+}
--
cgit v1.1