From a542871c1590e9d6d42fb3b1e099a8d6204e8e4d Mon Sep 17 00:00:00 2001 From: Melanie Date: Tue, 5 Jan 2010 15:39:53 +0000 Subject: Allow estate managers (if estate_owner_is_god is set) to actually enter god mode. Allow god modification of objects if the object owner is the same god that wants to modify, this allows you to regain perms on your own objects after IAR import messed them up. --- OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'OpenSim/Region/CoreModules/World') diff --git a/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs b/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs index e837e9a..f66f01f 100644 --- a/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs +++ b/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs @@ -596,7 +596,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions return objectOwnerMask; // Estate users should be able to edit anything in the sim - if (IsEstateManager(user) && m_RegionOwnerIsGod && !IsAdministrator(objectOwner)) + if (IsEstateManager(user) && m_RegionOwnerIsGod && (!IsAdministrator(objectOwner)) || objectOwner == user) return objectOwnerMask; // Admin should be able to edit anything in the sim (including admin objects) @@ -888,6 +888,9 @@ namespace OpenSim.Region.CoreModules.World.Permissions DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); if (m_bypassPermissions) return m_bypassPermissionsValue; + if (IsEstateManager(user) && m_RegionOwnerIsGod) + return true; + return IsAdministrator(user); } -- cgit v1.1 From 063f106cbbc2a805dc210fe16c30741ab24876cb Mon Sep 17 00:00:00 2001 From: Melanie Date: Sat, 9 Jan 2010 14:17:44 +0000 Subject: Add functionality to estate "Allowed Users" and "Allowed Groups". Allowed users will be honored now, while allowed groups will not. This requires additional groups module integration work --- .../World/Estate/EstateManagementModule.cs | 244 +++++++++++++-------- 1 file changed, 152 insertions(+), 92 deletions(-) (limited to 'OpenSim/Region/CoreModules/World') diff --git a/OpenSim/Region/CoreModules/World/Estate/EstateManagementModule.cs b/OpenSim/Region/CoreModules/World/Estate/EstateManagementModule.cs index b1dcb14..deade6b 100644 --- a/OpenSim/Region/CoreModules/World/Estate/EstateManagementModule.cs +++ b/OpenSim/Region/CoreModules/World/Estate/EstateManagementModule.cs @@ -75,10 +75,21 @@ namespace OpenSim.Region.CoreModules.World.Estate m_scene.RegionInfo.EstateSettings.AbuseEmail, estateOwner); - remote_client.SendEstateManagersList(invoice, + remote_client.SendEstateList(invoice, + (int)Constants.EstateAccessCodex.EstateManagers, m_scene.RegionInfo.EstateSettings.EstateManagers, m_scene.RegionInfo.EstateSettings.EstateID); + remote_client.SendEstateList(invoice, + (int)Constants.EstateAccessCodex.AccessOptions, + m_scene.RegionInfo.EstateSettings.EstateAccess, + m_scene.RegionInfo.EstateSettings.EstateID); + + remote_client.SendEstateList(invoice, + (int)Constants.EstateAccessCodex.AllowedGroups, + m_scene.RegionInfo.EstateSettings.EstateGroups, + m_scene.RegionInfo.EstateSettings.EstateID); + remote_client.SendBannedUserList(invoice, m_scene.RegionInfo.EstateSettings.EstateBans, m_scene.RegionInfo.EstateSettings.EstateID); @@ -233,127 +244,176 @@ namespace OpenSim.Region.CoreModules.World.Estate if (user == m_scene.RegionInfo.MasterAvatarAssignedUUID) return; // never process owner - switch (estateAccessType) + if ((estateAccessType & 4) != 0) // User add { - case 64: - if (m_scene.Permissions.CanIssueEstateCommand(remote_client.AgentId, false) || m_scene.Permissions.BypassPermissions()) - { - EstateBan[] banlistcheck = m_scene.RegionInfo.EstateSettings.EstateBans; - - bool alreadyInList = false; - - for (int i = 0; i < banlistcheck.Length; i++) - { - if (user == banlistcheck[i].BannedUserID) - { - alreadyInList = true; - break; - } - - } - if (!alreadyInList) - { + if (m_scene.Permissions.CanIssueEstateCommand(remote_client.AgentId, true) || m_scene.Permissions.BypassPermissions()) + { + m_scene.RegionInfo.EstateSettings.AddEstateUser(user); + m_scene.RegionInfo.EstateSettings.Save(); + remote_client.SendEstateList(invoice, (int)Constants.EstateAccessCodex.AccessOptions, m_scene.RegionInfo.EstateSettings.EstateAccess, m_scene.RegionInfo.EstateSettings.EstateID); + } + else + { + remote_client.SendAlertMessage("Method EstateAccessDelta Failed, you don't have permissions"); + } - EstateBan item = new EstateBan(); + } + if ((estateAccessType & 8) != 0) // User remove + { + if (m_scene.Permissions.CanIssueEstateCommand(remote_client.AgentId, true) || m_scene.Permissions.BypassPermissions()) + { + m_scene.RegionInfo.EstateSettings.RemoveEstateUser(user); + m_scene.RegionInfo.EstateSettings.Save(); - item.BannedUserID = user; - item.EstateID = m_scene.RegionInfo.EstateSettings.EstateID; - item.BannedHostAddress = "0.0.0.0"; - item.BannedHostIPMask = "0.0.0.0"; + remote_client.SendEstateList(invoice, (int)Constants.EstateAccessCodex.AccessOptions, m_scene.RegionInfo.EstateSettings.EstateAccess, m_scene.RegionInfo.EstateSettings.EstateID); + } + else + { + remote_client.SendAlertMessage("Method EstateAccessDelta Failed, you don't have permissions"); + } + } + if ((estateAccessType & 16) != 0) // Group add + { + if (m_scene.Permissions.CanIssueEstateCommand(remote_client.AgentId, true) || m_scene.Permissions.BypassPermissions()) + { + m_scene.RegionInfo.EstateSettings.AddEstateGroup(user); + m_scene.RegionInfo.EstateSettings.Save(); + remote_client.SendEstateList(invoice, (int)Constants.EstateAccessCodex.AllowedGroups, m_scene.RegionInfo.EstateSettings.EstateAccess, m_scene.RegionInfo.EstateSettings.EstateID); + } + else + { + remote_client.SendAlertMessage("Method EstateAccessDelta Failed, you don't have permissions"); + } + } + if ((estateAccessType & 32) != 0) // Group remove + { + if (m_scene.Permissions.CanIssueEstateCommand(remote_client.AgentId, true) || m_scene.Permissions.BypassPermissions()) + { + m_scene.RegionInfo.EstateSettings.RemoveEstateGroup(user); + m_scene.RegionInfo.EstateSettings.Save(); - m_scene.RegionInfo.EstateSettings.AddBan(item); - m_scene.RegionInfo.EstateSettings.Save(); + remote_client.SendEstateList(invoice, (int)Constants.EstateAccessCodex.AllowedGroups, m_scene.RegionInfo.EstateSettings.EstateAccess, m_scene.RegionInfo.EstateSettings.EstateID); + } + else + { + remote_client.SendAlertMessage("Method EstateAccessDelta Failed, you don't have permissions"); + } + } + if ((estateAccessType & 64) != 0) // Ban add + { + if (m_scene.Permissions.CanIssueEstateCommand(remote_client.AgentId, false) || m_scene.Permissions.BypassPermissions()) + { + EstateBan[] banlistcheck = m_scene.RegionInfo.EstateSettings.EstateBans; - ScenePresence s = m_scene.GetScenePresence(user); - if (s != null) - { - if (!s.IsChildAgent) - { - s.ControllingClient.SendTeleportLocationStart(); - m_scene.TeleportClientHome(user, s.ControllingClient); - } - } + bool alreadyInList = false; - } - else + for (int i = 0; i < banlistcheck.Length; i++) + { + if (user == banlistcheck[i].BannedUserID) { - remote_client.SendAlertMessage("User is already on the region ban list"); + alreadyInList = true; + break; } - //m_scene.RegionInfo.regionBanlist.Add(Manager(user); - remote_client.SendBannedUserList(invoice, m_scene.RegionInfo.EstateSettings.EstateBans, m_scene.RegionInfo.EstateSettings.EstateID); - } - else - { - remote_client.SendAlertMessage("Method EstateAccessDelta Failed, you don't have permissions"); + } - break; - case 128: - if (m_scene.Permissions.CanIssueEstateCommand(remote_client.AgentId, false) || m_scene.Permissions.BypassPermissions()) + if (!alreadyInList) { - EstateBan[] banlistcheck = m_scene.RegionInfo.EstateSettings.EstateBans; - bool alreadyInList = false; - EstateBan listitem = null; + EstateBan item = new EstateBan(); + + item.BannedUserID = user; + item.EstateID = m_scene.RegionInfo.EstateSettings.EstateID; + item.BannedHostAddress = "0.0.0.0"; + item.BannedHostIPMask = "0.0.0.0"; - for (int i = 0; i < banlistcheck.Length; i++) + m_scene.RegionInfo.EstateSettings.AddBan(item); + m_scene.RegionInfo.EstateSettings.Save(); + + ScenePresence s = m_scene.GetScenePresence(user); + if (s != null) { - if (user == banlistcheck[i].BannedUserID) + if (!s.IsChildAgent) { - alreadyInList = true; - listitem = banlistcheck[i]; - break; + s.ControllingClient.SendTeleportLocationStart(); + m_scene.TeleportClientHome(user, s.ControllingClient); } - } - if (alreadyInList && listitem != null) - { - m_scene.RegionInfo.EstateSettings.RemoveBan(listitem.BannedUserID); - m_scene.RegionInfo.EstateSettings.Save(); - } - else - { - remote_client.SendAlertMessage("User is not on the region ban list"); - } - //m_scene.RegionInfo.regionBanlist.Add(Manager(user); - remote_client.SendBannedUserList(invoice, m_scene.RegionInfo.EstateSettings.EstateBans, m_scene.RegionInfo.EstateSettings.EstateID); + } else { - remote_client.SendAlertMessage("Method EstateAccessDelta Failed, you don't have permissions"); + remote_client.SendAlertMessage("User is already on the region ban list"); } - break; - case 256: + //m_scene.RegionInfo.regionBanlist.Add(Manager(user); + remote_client.SendBannedUserList(invoice, m_scene.RegionInfo.EstateSettings.EstateBans, m_scene.RegionInfo.EstateSettings.EstateID); + } + else + { + remote_client.SendAlertMessage("Method EstateAccessDelta Failed, you don't have permissions"); + } + } + if ((estateAccessType & 128) != 0) // Ban remove + { + if (m_scene.Permissions.CanIssueEstateCommand(remote_client.AgentId, false) || m_scene.Permissions.BypassPermissions()) + { + EstateBan[] banlistcheck = m_scene.RegionInfo.EstateSettings.EstateBans; - if (m_scene.Permissions.CanIssueEstateCommand(remote_client.AgentId, true) || m_scene.Permissions.BypassPermissions()) - { - m_scene.RegionInfo.EstateSettings.AddEstateManager(user); - m_scene.RegionInfo.EstateSettings.Save(); - remote_client.SendEstateManagersList(invoice, m_scene.RegionInfo.EstateSettings.EstateManagers, m_scene.RegionInfo.EstateSettings.EstateID); - } - else + bool alreadyInList = false; + EstateBan listitem = null; + + for (int i = 0; i < banlistcheck.Length; i++) { - remote_client.SendAlertMessage("Method EstateAccessDelta Failed, you don't have permissions"); - } + if (user == banlistcheck[i].BannedUserID) + { + alreadyInList = true; + listitem = banlistcheck[i]; + break; + } - break; - case 512: - if (m_scene.Permissions.CanIssueEstateCommand(remote_client.AgentId, true) || m_scene.Permissions.BypassPermissions()) + } + if (alreadyInList && listitem != null) { - m_scene.RegionInfo.EstateSettings.RemoveEstateManager(user); + m_scene.RegionInfo.EstateSettings.RemoveBan(listitem.BannedUserID); m_scene.RegionInfo.EstateSettings.Save(); - - remote_client.SendEstateManagersList(invoice, m_scene.RegionInfo.EstateSettings.EstateManagers, m_scene.RegionInfo.EstateSettings.EstateID); } else { - remote_client.SendAlertMessage("Method EstateAccessDelta Failed, you don't have permissions"); + remote_client.SendAlertMessage("User is not on the region ban list"); } - break; - - default: + //m_scene.RegionInfo.regionBanlist.Add(Manager(user); + remote_client.SendBannedUserList(invoice, m_scene.RegionInfo.EstateSettings.EstateBans, m_scene.RegionInfo.EstateSettings.EstateID); + } + else + { + remote_client.SendAlertMessage("Method EstateAccessDelta Failed, you don't have permissions"); + } + } + if ((estateAccessType & 256) != 0) // Manager add + { + if (m_scene.Permissions.CanIssueEstateCommand(remote_client.AgentId, true) || m_scene.Permissions.BypassPermissions()) + { + m_scene.RegionInfo.EstateSettings.AddEstateManager(user); + m_scene.RegionInfo.EstateSettings.Save(); + remote_client.SendEstateList(invoice, (int)Constants.EstateAccessCodex.EstateManagers, m_scene.RegionInfo.EstateSettings.EstateManagers, m_scene.RegionInfo.EstateSettings.EstateID); + } + else + { + remote_client.SendAlertMessage("Method EstateAccessDelta Failed, you don't have permissions"); + } + } + if ((estateAccessType & 512) != 0) // Manager remove + { + if (m_scene.Permissions.CanIssueEstateCommand(remote_client.AgentId, true) || m_scene.Permissions.BypassPermissions()) + { + m_scene.RegionInfo.EstateSettings.RemoveEstateManager(user); + m_scene.RegionInfo.EstateSettings.Save(); - m_log.ErrorFormat("EstateOwnerMessage: Unknown EstateAccessType requested in estateAccessDelta: {0}", estateAccessType.ToString()); - break; + remote_client.SendEstateList(invoice, (int)Constants.EstateAccessCodex.EstateManagers, m_scene.RegionInfo.EstateSettings.EstateManagers, m_scene.RegionInfo.EstateSettings.EstateID); + } + else + { + remote_client.SendAlertMessage("Method EstateAccessDelta Failed, you don't have permissions"); + } } } -- cgit v1.1 From bc558788c2b52b6ec9143b1697806624b9fb7977 Mon Sep 17 00:00:00 2001 From: Melanie Date: Sat, 9 Jan 2010 16:32:14 +0000 Subject: A last fix for estate access by group. One should send the correct list. --- OpenSim/Region/CoreModules/World/Estate/EstateManagementModule.cs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'OpenSim/Region/CoreModules/World') diff --git a/OpenSim/Region/CoreModules/World/Estate/EstateManagementModule.cs b/OpenSim/Region/CoreModules/World/Estate/EstateManagementModule.cs index deade6b..695cced 100644 --- a/OpenSim/Region/CoreModules/World/Estate/EstateManagementModule.cs +++ b/OpenSim/Region/CoreModules/World/Estate/EstateManagementModule.cs @@ -278,7 +278,7 @@ namespace OpenSim.Region.CoreModules.World.Estate { m_scene.RegionInfo.EstateSettings.AddEstateGroup(user); m_scene.RegionInfo.EstateSettings.Save(); - remote_client.SendEstateList(invoice, (int)Constants.EstateAccessCodex.AllowedGroups, m_scene.RegionInfo.EstateSettings.EstateAccess, m_scene.RegionInfo.EstateSettings.EstateID); + remote_client.SendEstateList(invoice, (int)Constants.EstateAccessCodex.AllowedGroups, m_scene.RegionInfo.EstateSettings.EstateGroups, m_scene.RegionInfo.EstateSettings.EstateID); } else { @@ -292,7 +292,7 @@ namespace OpenSim.Region.CoreModules.World.Estate m_scene.RegionInfo.EstateSettings.RemoveEstateGroup(user); m_scene.RegionInfo.EstateSettings.Save(); - remote_client.SendEstateList(invoice, (int)Constants.EstateAccessCodex.AllowedGroups, m_scene.RegionInfo.EstateSettings.EstateAccess, m_scene.RegionInfo.EstateSettings.EstateID); + remote_client.SendEstateList(invoice, (int)Constants.EstateAccessCodex.AllowedGroups, m_scene.RegionInfo.EstateSettings.EstateGroups, m_scene.RegionInfo.EstateSettings.EstateID); } else { -- cgit v1.1 From b0a7bcb2c814554dff4fc6dcdcd45ccf700601e9 Mon Sep 17 00:00:00 2001 From: Melanie Date: Sun, 10 Jan 2010 03:17:40 +0000 Subject: Add "StartDisabled" to [Startup] to make all regions start up with logins disabled until enabled from the console. Add the AccessModule (WIP) --- .../CoreModules/World/Access/AccessModule.cs | 82 ++++++++++++++++++++++ 1 file changed, 82 insertions(+) create mode 100644 OpenSim/Region/CoreModules/World/Access/AccessModule.cs (limited to 'OpenSim/Region/CoreModules/World') diff --git a/OpenSim/Region/CoreModules/World/Access/AccessModule.cs b/OpenSim/Region/CoreModules/World/Access/AccessModule.cs new file mode 100644 index 0000000..108dcfb --- /dev/null +++ b/OpenSim/Region/CoreModules/World/Access/AccessModule.cs @@ -0,0 +1,82 @@ +/* + * Copyright (c) Contributors, http://opensimulator.org/ + * See CONTRIBUTORS.TXT for a full list of copyright holders. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * * Neither the name of the OpenSimulator Project nor the + * names of its contributors may be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY + * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY + * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND + * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +using System; +using System.Collections.Generic; +using System.Reflection; +using log4net; +using Nini.Config; +using OpenMetaverse; +using OpenSim.Framework; +using OpenSim.Framework.Communications.Cache; +using OpenSim.Region.Framework.Interfaces; +using OpenSim.Region.Framework.Scenes; +using OpenSim.Services.Interfaces; + +namespace OpenSim.Region.CoreModules.World +{ + public class AccessModule : ISharedRegionModule + { + private static readonly ILog m_log = + LogManager.GetLogger( + MethodBase.GetCurrentMethod().DeclaringType); + + public void Initialise(IConfigSource config) + { + } + + public void PostInitialise() + { + } + + public void Close() + { + } + + public string Name + { + get { return "AccessModule"; } + } + + public Type ReplaceableInterface + { + get { return null; } + } + + public void AddRegion(Scene scene) + { + } + + public void RemoveRegion(Scene scene) + { + } + + public void RegionLoaded(Scene scene) + { + } + } +} -- cgit v1.1 From b9e6f4583cbfc10f566f702f70cecb5348fec023 Mon Sep 17 00:00:00 2001 From: Melanie Date: Sun, 10 Jan 2010 03:48:10 +0000 Subject: Implement access module commands --- .../CoreModules/World/Access/AccessModule.cs | 76 ++++++++++++++++++++++ 1 file changed, 76 insertions(+) (limited to 'OpenSim/Region/CoreModules/World') diff --git a/OpenSim/Region/CoreModules/World/Access/AccessModule.cs b/OpenSim/Region/CoreModules/World/Access/AccessModule.cs index 108dcfb..dfa8df6 100644 --- a/OpenSim/Region/CoreModules/World/Access/AccessModule.cs +++ b/OpenSim/Region/CoreModules/World/Access/AccessModule.cs @@ -32,6 +32,7 @@ using log4net; using Nini.Config; using OpenMetaverse; using OpenSim.Framework; +using OpenSim.Framework.Console; using OpenSim.Framework.Communications.Cache; using OpenSim.Region.Framework.Interfaces; using OpenSim.Region.Framework.Scenes; @@ -45,8 +46,30 @@ namespace OpenSim.Region.CoreModules.World LogManager.GetLogger( MethodBase.GetCurrentMethod().DeclaringType); + private List m_SceneList = new List(); + public void Initialise(IConfigSource config) { + MainConsole.Instance.Commands.AddCommand("access", true, + "login enable", + "login enable", + "Enable simulator logins", + String.Empty, + HandleLoginCommand); + + MainConsole.Instance.Commands.AddCommand("access", true, + "login disable", + "login disable", + "Disable simulator logins", + String.Empty, + HandleLoginCommand); + + MainConsole.Instance.Commands.AddCommand("access", true, + "login status", + "login status", + "Show login status", + String.Empty, + HandleLoginCommand); } public void PostInitialise() @@ -69,14 +92,67 @@ namespace OpenSim.Region.CoreModules.World public void AddRegion(Scene scene) { + if (!m_SceneList.Contains(scene)) + m_SceneList.Add(scene); } public void RemoveRegion(Scene scene) { + m_SceneList.Remove(scene); } public void RegionLoaded(Scene scene) { } + + public void HandleLoginCommand(string module, string[] cmd) + { + if ((Scene)MainConsole.Instance.ConsoleScene == null) + { + foreach (Scene s in m_SceneList) + { + if(!ProcessCommand(s, cmd)) + break; + } + } + else + { + ProcessCommand((Scene)MainConsole.Instance.ConsoleScene, cmd); + } + } + + bool ProcessCommand(Scene scene, string[] cmd) + { + if (cmd.Length < 2) + { + MainConsole.Instance.Output("Syntax: login enable|disable|status"); + return false; + } + + switch (cmd[1]) + { + case "enable": + if (scene.LoginsDisabled) + MainConsole.Instance.Output(String.Format("Enabling logins for region {0}", scene.RegionInfo.RegionName)); + scene.LoginsDisabled = false; + break; + case "disable": + if (!scene.LoginsDisabled) + MainConsole.Instance.Output(String.Format("Disabling logins for region {0}", scene.RegionInfo.RegionName)); + scene.LoginsDisabled = true; + break; + case "status": + if (scene.LoginsDisabled) + MainConsole.Instance.Output(String.Format("Login in {0} are disabled", scene.RegionInfo.RegionName)); + else + MainConsole.Instance.Output(String.Format("Login in {0} are enabled", scene.RegionInfo.RegionName)); + break; + default: + MainConsole.Instance.Output("Syntax: login enable|disable|status"); + return false; + } + + return true; + } } } -- cgit v1.1