From dd30a29ba07a181d5c8f5773140a7247a0066510 Mon Sep 17 00:00:00 2001
From: Oren Hurvitz
Date: Sun, 18 May 2014 16:10:18 +0300
Subject: Return more specific error messages if an attempt to enter a region
 fails due to permissions (in QueryAccess and IsAuthorizedForRegion)

---
 .../Authorization/AuthorizationService.cs          | 34 +++++++++++++---------
 1 file changed, 21 insertions(+), 13 deletions(-)

(limited to 'OpenSim/Region/CoreModules/ServiceConnectorsOut')

diff --git a/OpenSim/Region/CoreModules/ServiceConnectorsOut/Authorization/AuthorizationService.cs b/OpenSim/Region/CoreModules/ServiceConnectorsOut/Authorization/AuthorizationService.cs
index 4470799..93dff1f 100644
--- a/OpenSim/Region/CoreModules/ServiceConnectorsOut/Authorization/AuthorizationService.cs
+++ b/OpenSim/Region/CoreModules/ServiceConnectorsOut/Authorization/AuthorizationService.cs
@@ -89,35 +89,43 @@ namespace OpenSim.Region.CoreModules.ServiceConnectorsOut.Authorization
         public bool IsAuthorizedForRegion(
             string user, string firstName, string lastName, string regionID, out string message)
         {
-            message = "authorized";
-
             // This should not happen
             if (m_Scene.RegionInfo.RegionID.ToString() != regionID)
             {
                 m_log.WarnFormat("[AuthorizationService]: Service for region {0} received request to authorize for region {1}",
                     m_Scene.RegionInfo.RegionID, regionID);
-                return true;
+                message = string.Format("Region {0} received request to authorize for region {1}", m_Scene.RegionInfo.RegionID, regionID);
+                return false;
             }
 
             if (m_accessValue == AccessFlags.None)
+            {
+                message = "Authorized";
                 return true;
+            }
 
             UUID userID = new UUID(user);
-            bool authorized = true;
-            if ((m_accessValue & AccessFlags.DisallowForeigners) == AccessFlags.DisallowForeigners)
+
+            if ((m_accessValue & AccessFlags.DisallowForeigners) != 0)
             {
-                authorized = m_UserManagement.IsLocalGridUser(userID);
-                if (!authorized)
-                    message = "no foreigner users allowed in this region";
+                if (!m_UserManagement.IsLocalGridUser(userID))
+                {
+                    message = "No foreign users allowed in this region";
+                    return false;
+                }
             }
-            if (authorized && (m_accessValue & AccessFlags.DisallowResidents) == AccessFlags.DisallowResidents)
+
+            if ((m_accessValue & AccessFlags.DisallowResidents) != 0)
             {
-                authorized = m_Scene.Permissions.IsGod(userID) | m_Scene.Permissions.IsAdministrator(userID);
-                if (!authorized)
-                    message = "only Admins and Managers allowed in this region";
+                if (!(m_Scene.Permissions.IsGod(userID) || m_Scene.Permissions.IsAdministrator(userID)))
+                {
+                    message = "Only Admins and Managers allowed in this region";
+                    return false;
+                }
             }
 
-            return authorized;
+            message = "Authorized";
+            return true;
         }
 
     }
-- 
cgit v1.1