From 504de8bc4792eda165d71a2c7481cb43cb92759a Mon Sep 17 00:00:00 2001 From: Justin Clark-Casey (justincc) Date: Sat, 23 Jul 2011 03:46:55 +0100 Subject: Pass the first name and last name from the agent circuit data to the authorization service rather than from the account. This is to accomodate situations where the authorization service is being used by the hypergrid, where visitors have no user account. See http://opensimulator.org/mantis/view.php?id=5517, this code is somewhat adapted/cleaned up from Michelle's patch I'm a little ambivalent about this since visitors could put anything in firstname/lastname so it's not much of an auth measure. It's up to the auth service to decide which data it actually uses. Possibly we should be passing through other info such as agent circuit ip --- .../LocalAuthorizationServiceConnector.cs | 17 ++++++++------- .../RemoteAuthorizationServiceConnector.cs | 24 ++++++++++++++-------- 2 files changed, 24 insertions(+), 17 deletions(-) (limited to 'OpenSim/Region/CoreModules/ServiceConnectorsOut') diff --git a/OpenSim/Region/CoreModules/ServiceConnectorsOut/Authorization/LocalAuthorizationServiceConnector.cs b/OpenSim/Region/CoreModules/ServiceConnectorsOut/Authorization/LocalAuthorizationServiceConnector.cs index 85a1ac3..18a7177 100644 --- a/OpenSim/Region/CoreModules/ServiceConnectorsOut/Authorization/LocalAuthorizationServiceConnector.cs +++ b/OpenSim/Region/CoreModules/ServiceConnectorsOut/Authorization/LocalAuthorizationServiceConnector.cs @@ -39,8 +39,7 @@ using OpenMetaverse; namespace OpenSim.Region.CoreModules.ServiceConnectorsOut.Authorization { - public class LocalAuthorizationServicesConnector : - ISharedRegionModule, IAuthorizationService + public class LocalAuthorizationServicesConnector : ISharedRegionModule, IAuthorizationService { private static readonly ILog m_log = LogManager.GetLogger( @@ -127,15 +126,15 @@ namespace OpenSim.Region.CoreModules.ServiceConnectorsOut.Authorization if (!m_Enabled) return; - m_log.InfoFormat("[AUTHORIZATION CONNECTOR]: Enabled local authorization for region {0}", scene.RegionInfo.RegionName); - - + m_log.InfoFormat( + "[AUTHORIZATION CONNECTOR]: Enabled local authorization for region {0}", + scene.RegionInfo.RegionName); } - public bool IsAuthorizedForRegion(string userID, string regionID, out string message) + public bool IsAuthorizedForRegion( + string userID, string firstName, string lastName, string regionID, out string message) { - return m_AuthorizationService.IsAuthorizedForRegion(userID, regionID, out message); + return m_AuthorizationService.IsAuthorizedForRegion(userID, firstName, lastName, regionID, out message); } - } -} +} \ No newline at end of file diff --git a/OpenSim/Region/CoreModules/ServiceConnectorsOut/Authorization/RemoteAuthorizationServiceConnector.cs b/OpenSim/Region/CoreModules/ServiceConnectorsOut/Authorization/RemoteAuthorizationServiceConnector.cs index 66994fa..5fa27b8 100644 --- a/OpenSim/Region/CoreModules/ServiceConnectorsOut/Authorization/RemoteAuthorizationServiceConnector.cs +++ b/OpenSim/Region/CoreModules/ServiceConnectorsOut/Authorization/RemoteAuthorizationServiceConnector.cs @@ -117,12 +117,15 @@ namespace OpenSim.Region.CoreModules.ServiceConnectorsOut.Authorization } - public bool IsAuthorizedForRegion(string userID, string regionID, out string message) + public bool IsAuthorizedForRegion( + string userID, string firstName, string lastName, string regionID, out string message) { - m_log.InfoFormat("[REMOTE AUTHORIZATION CONNECTOR]: IsAuthorizedForRegion checking {0} for region {1}", userID, regionID); + m_log.InfoFormat( + "[REMOTE AUTHORIZATION CONNECTOR]: IsAuthorizedForRegion checking {0} for region {1}", userID, regionID); bool isAuthorized = true; message = String.Empty; + string mail = String.Empty; // get the scene this call is being made for Scene scene = null; @@ -140,17 +143,22 @@ namespace OpenSim.Region.CoreModules.ServiceConnectorsOut.Authorization if (scene != null) { UserAccount account = scene.UserAccountService.GetUserAccount(UUID.Zero, new UUID(userID)); - isAuthorized = IsAuthorizedForRegion(userID, account.FirstName, account.LastName, - account.Email, scene.RegionInfo.RegionName, regionID, out message); + + if (account != null) + mail = account.Email; + + isAuthorized + = IsAuthorizedForRegion( + userID, firstName, lastName, account.Email, scene.RegionInfo.RegionName, regionID, out message); } else { - m_log.ErrorFormat("[REMOTE AUTHORIZATION CONNECTOR] IsAuthorizedForRegion, can't find scene to match region id of {0} ",regionID); + m_log.ErrorFormat( + "[REMOTE AUTHORIZATION CONNECTOR] IsAuthorizedForRegion, can't find scene to match region id of {0}", + regionID); } - return isAuthorized; - } } -} +} \ No newline at end of file -- cgit v1.1