From 9090a907692e7deaafd79150bf6482507be86d55 Mon Sep 17 00:00:00 2001 From: Adam Frisby Date: Sun, 16 Aug 2009 03:48:16 +1000 Subject: * Beginnings of a Security Credential system in MRM. This will eventually lead to trusted execution of untrusted MRMs. --- .../Scripting/Minimodule/ISecurityCredential.cs | 7 +++++++ .../Scripting/Minimodule/MRMModule.cs | 10 ++++++++-- .../Scripting/Minimodule/ObjectAccessor.cs | 22 +++++++++++++--------- .../Scripting/Minimodule/SOPObject.cs | 9 +++++++++ .../Scripting/Minimodule/SecurityCredential.cs | 21 +++++++++++++++++++++ .../OptionalModules/Scripting/Minimodule/World.cs | 6 ++++-- 6 files changed, 62 insertions(+), 13 deletions(-) create mode 100644 OpenSim/Region/OptionalModules/Scripting/Minimodule/ISecurityCredential.cs create mode 100644 OpenSim/Region/OptionalModules/Scripting/Minimodule/SecurityCredential.cs (limited to 'OpenSim/Region/OptionalModules') diff --git a/OpenSim/Region/OptionalModules/Scripting/Minimodule/ISecurityCredential.cs b/OpenSim/Region/OptionalModules/Scripting/Minimodule/ISecurityCredential.cs new file mode 100644 index 0000000..464723e --- /dev/null +++ b/OpenSim/Region/OptionalModules/Scripting/Minimodule/ISecurityCredential.cs @@ -0,0 +1,7 @@ +namespace OpenSim.Region.OptionalModules.Scripting.Minimodule +{ + public interface ISecurityCredential + { + ISocialEntity owner { get; } + } +} \ No newline at end of file diff --git a/OpenSim/Region/OptionalModules/Scripting/Minimodule/MRMModule.cs b/OpenSim/Region/OptionalModules/Scripting/Minimodule/MRMModule.cs index 5ed9af3..0cc7930 100644 --- a/OpenSim/Region/OptionalModules/Scripting/Minimodule/MRMModule.cs +++ b/OpenSim/Region/OptionalModules/Scripting/Minimodule/MRMModule.cs @@ -166,8 +166,14 @@ namespace OpenSim.Region.OptionalModules.Scripting.Minimodule public void GetGlobalEnvironment(uint localID, out IWorld world, out IHost host) { - world = new World(m_scene); - host = new Host(new SOPObject(m_scene, localID), m_scene, new ExtensionHandler(m_extensions), m_microthreads); + // UUID should be changed to object owner. + UUID owner = m_scene.RegionInfo.MasterAvatarAssignedUUID; + SEUser securityUser = new SEUser(owner, "Name Unassigned"); + SecurityCredential creds = new SecurityCredential(securityUser); + + world = new World(m_scene, creds); + host = new Host(new SOPObject(m_scene, localID, creds), m_scene, new ExtensionHandler(m_extensions), + m_microthreads); } public void InitializeMRM(MRMBase mmb, uint localID, UUID itemID) diff --git a/OpenSim/Region/OptionalModules/Scripting/Minimodule/ObjectAccessor.cs b/OpenSim/Region/OptionalModules/Scripting/Minimodule/ObjectAccessor.cs index 4638ad0..6ba5ccf 100644 --- a/OpenSim/Region/OptionalModules/Scripting/Minimodule/ObjectAccessor.cs +++ b/OpenSim/Region/OptionalModules/Scripting/Minimodule/ObjectAccessor.cs @@ -40,10 +40,12 @@ namespace OpenSim.Region.OptionalModules.Scripting.Minimodule { private readonly Scene m_scene; private readonly IEnumerator m_sogEnum; + private readonly ISecurityCredential m_security; - public IObjEnum(Scene scene) + public IObjEnum(Scene scene, ISecurityCredential security) { m_scene = scene; + m_security = security; m_sogEnum = m_scene.Entities.GetAllByType().GetEnumerator(); } @@ -66,7 +68,7 @@ namespace OpenSim.Region.OptionalModules.Scripting.Minimodule { get { - return new SOPObject(m_scene, m_sogEnum.Current.LocalId); + return new SOPObject(m_scene, m_sogEnum.Current.LocalId, m_security); } } @@ -79,17 +81,19 @@ namespace OpenSim.Region.OptionalModules.Scripting.Minimodule public class ObjectAccessor : System.MarshalByRefObject, IObjectAccessor { private readonly Scene m_scene; + private readonly ISecurityCredential m_security; - public ObjectAccessor(Scene scene) + public ObjectAccessor(Scene scene, ISecurityCredential security) { m_scene = scene; + m_security = security; } public IObject this[int index] { get { - return new SOPObject(m_scene, m_scene.Entities[(uint)index].LocalId); + return new SOPObject(m_scene, m_scene.Entities[(uint)index].LocalId, m_security); } } @@ -97,7 +101,7 @@ namespace OpenSim.Region.OptionalModules.Scripting.Minimodule { get { - return new SOPObject(m_scene, m_scene.Entities[index].LocalId); + return new SOPObject(m_scene, m_scene.Entities[index].LocalId, m_security); } } @@ -105,7 +109,7 @@ namespace OpenSim.Region.OptionalModules.Scripting.Minimodule { get { - return new SOPObject(m_scene, m_scene.Entities[index].LocalId); + return new SOPObject(m_scene, m_scene.Entities[index].LocalId, m_security); } } @@ -117,20 +121,20 @@ namespace OpenSim.Region.OptionalModules.Scripting.Minimodule public IObject Create(Vector3 position, Quaternion rotation) { - SceneObjectGroup sog = m_scene.AddNewPrim(m_scene.RegionInfo.MasterAvatarAssignedUUID, + SceneObjectGroup sog = m_scene.AddNewPrim(m_security.owner.GlobalID, UUID.Zero, position, rotation, PrimitiveBaseShape.CreateBox()); - IObject ret = new SOPObject(m_scene, sog.LocalId); + IObject ret = new SOPObject(m_scene, sog.LocalId, m_security); return ret; } public IEnumerator GetEnumerator() { - return new IObjEnum(m_scene); + return new IObjEnum(m_scene, m_security); } IEnumerator IEnumerable.GetEnumerator() diff --git a/OpenSim/Region/OptionalModules/Scripting/Minimodule/SOPObject.cs b/OpenSim/Region/OptionalModules/Scripting/Minimodule/SOPObject.cs index bc26389..fa9ef53 100644 --- a/OpenSim/Region/OptionalModules/Scripting/Minimodule/SOPObject.cs +++ b/OpenSim/Region/OptionalModules/Scripting/Minimodule/SOPObject.cs @@ -42,13 +42,22 @@ namespace OpenSim.Region.OptionalModules.Scripting.Minimodule { private readonly Scene m_rootScene; private readonly uint m_localID; + private readonly ISecurityCredential m_security; + [Obsolete("Replace with 'credential' constructor [security]")] public SOPObject(Scene rootScene, uint localID) { m_rootScene = rootScene; m_localID = localID; } + public SOPObject(Scene rootScene, uint localID, ISecurityCredential credential) + { + m_rootScene = rootScene; + m_localID = localID; + m_security = credential; + } + /// /// This needs to run very, very quickly. /// It is utilized in nearly every property and method. diff --git a/OpenSim/Region/OptionalModules/Scripting/Minimodule/SecurityCredential.cs b/OpenSim/Region/OptionalModules/Scripting/Minimodule/SecurityCredential.cs new file mode 100644 index 0000000..bd4440c --- /dev/null +++ b/OpenSim/Region/OptionalModules/Scripting/Minimodule/SecurityCredential.cs @@ -0,0 +1,21 @@ +using System; +using System.Collections.Generic; +using System.Text; + +namespace OpenSim.Region.OptionalModules.Scripting.Minimodule +{ + class SecurityCredential : ISecurityCredential + { + private readonly ISocialEntity m_owner; + + public SecurityCredential(ISocialEntity m_owner) + { + this.m_owner = m_owner; + } + + public ISocialEntity owner + { + get { return m_owner; } + } + } +} diff --git a/OpenSim/Region/OptionalModules/Scripting/Minimodule/World.cs b/OpenSim/Region/OptionalModules/Scripting/Minimodule/World.cs index 1ec4a33..a34684f 100644 --- a/OpenSim/Region/OptionalModules/Scripting/Minimodule/World.cs +++ b/OpenSim/Region/OptionalModules/Scripting/Minimodule/World.cs @@ -37,15 +37,17 @@ namespace OpenSim.Region.OptionalModules.Scripting.Minimodule public class World : System.MarshalByRefObject, IWorld, IWorldAudio { private readonly Scene m_internalScene; + private readonly ISecurityCredential m_security; private readonly Heightmap m_heights; private readonly ObjectAccessor m_objs; - public World(Scene internalScene) + public World(Scene internalScene, ISecurityCredential securityCredential) { + m_security = securityCredential; m_internalScene = internalScene; m_heights = new Heightmap(m_internalScene); - m_objs = new ObjectAccessor(m_internalScene); + m_objs = new ObjectAccessor(m_internalScene, securityCredential); } #region Events -- cgit v1.1 From a42569d89675430087d32332e168429d4185311c Mon Sep 17 00:00:00 2001 From: Adam Johnson Date: Sun, 16 Aug 2009 15:06:06 +0900 Subject: Thanks dmiles for a patch that adds PacketType.RequestMultipleObjects Packet Handler - ref mantis #4010 --- .../Agent/InternetRelayClientView/Server/IRCClientView.cs | 1 + OpenSim/Region/OptionalModules/World/NPC/NPCAvatar.cs | 1 + 2 files changed, 2 insertions(+) (limited to 'OpenSim/Region/OptionalModules') diff --git a/OpenSim/Region/OptionalModules/Agent/InternetRelayClientView/Server/IRCClientView.cs b/OpenSim/Region/OptionalModules/Agent/InternetRelayClientView/Server/IRCClientView.cs index 08fc61f..a3be181 100644 --- a/OpenSim/Region/OptionalModules/Agent/InternetRelayClientView/Server/IRCClientView.cs +++ b/OpenSim/Region/OptionalModules/Agent/InternetRelayClientView/Server/IRCClientView.cs @@ -686,6 +686,7 @@ namespace OpenSim.Region.OptionalModules.Agent.InternetRelayClientView.Server public event SpinStop OnSpinStop; public event UpdateShape OnUpdatePrimShape; public event ObjectExtraParams OnUpdateExtraParams; + public event ObjectRequest OnObjectRequest; public event ObjectSelect OnObjectSelect; public event ObjectDeselect OnObjectDeselect; public event GenericCall7 OnObjectDescription; diff --git a/OpenSim/Region/OptionalModules/World/NPC/NPCAvatar.cs b/OpenSim/Region/OptionalModules/World/NPC/NPCAvatar.cs index 4a8ba8c..f0bdf3b 100644 --- a/OpenSim/Region/OptionalModules/World/NPC/NPCAvatar.cs +++ b/OpenSim/Region/OptionalModules/World/NPC/NPCAvatar.cs @@ -213,6 +213,7 @@ namespace OpenSim.Region.OptionalModules.World.NPC public event UpdateShape OnUpdatePrimShape; public event ObjectExtraParams OnUpdateExtraParams; public event RequestObjectPropertiesFamily OnRequestObjectPropertiesFamily; + public event ObjectRequest OnObjectRequest; public event ObjectSelect OnObjectSelect; public event GenericCall7 OnObjectDescription; public event GenericCall7 OnObjectName; -- cgit v1.1 From 9d9fcac0386ba6adc7a1f6c08f82bd5c0b6cd1d2 Mon Sep 17 00:00:00 2001 From: Jeff Ames Date: Fri, 14 Aug 2009 17:16:41 +0900 Subject: Misc cleanup. --- .../Region/OptionalModules/Scripting/Minimodule/Interfaces/IObject.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'OpenSim/Region/OptionalModules') diff --git a/OpenSim/Region/OptionalModules/Scripting/Minimodule/Interfaces/IObject.cs b/OpenSim/Region/OptionalModules/Scripting/Minimodule/Interfaces/IObject.cs index 6415250..19f7210 100644 --- a/OpenSim/Region/OptionalModules/Scripting/Minimodule/Interfaces/IObject.cs +++ b/OpenSim/Region/OptionalModules/Scripting/Minimodule/Interfaces/IObject.cs @@ -212,6 +212,6 @@ namespace OpenSim.Region.OptionalModules.Scripting.Minimodule bool Bright { get; set; } // SetPrimParms(FULLBRIGHT) double Bloom { get; set; } // SetPrimParms(GLOW) bool Shiny { get; set; } // SetPrimParms(SHINY) - bool BumpMap { get; set; } // SetPrimParms(BUMPMAP) [DEPRECIATE IN FAVOUR OF UUID?] + bool BumpMap { get; set; } // SetPrimParms(BUMPMAP) [DEPRECATE IN FAVOUR OF UUID?] } } -- cgit v1.1 From 2b630470b064bc4d0fe84210839409f3c7bf5823 Mon Sep 17 00:00:00 2001 From: Jeff Ames Date: Sun, 16 Aug 2009 17:30:13 +0900 Subject: Add copyright headers. Formatting cleanup. --- .../Scripting/Minimodule/ISecurityCredential.cs | 27 ++++++++++++++++++++ .../Scripting/Minimodule/SecurityCredential.cs | 29 +++++++++++++++++++++- 2 files changed, 55 insertions(+), 1 deletion(-) (limited to 'OpenSim/Region/OptionalModules') diff --git a/OpenSim/Region/OptionalModules/Scripting/Minimodule/ISecurityCredential.cs b/OpenSim/Region/OptionalModules/Scripting/Minimodule/ISecurityCredential.cs index 464723e..7e084d8 100644 --- a/OpenSim/Region/OptionalModules/Scripting/Minimodule/ISecurityCredential.cs +++ b/OpenSim/Region/OptionalModules/Scripting/Minimodule/ISecurityCredential.cs @@ -1,3 +1,30 @@ +/* + * Copyright (c) Contributors, http://opensimulator.org/ + * See CONTRIBUTORS.TXT for a full list of copyright holders. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * * Neither the name of the OpenSimulator Project nor the + * names of its contributors may be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY + * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY + * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND + * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + namespace OpenSim.Region.OptionalModules.Scripting.Minimodule { public interface ISecurityCredential diff --git a/OpenSim/Region/OptionalModules/Scripting/Minimodule/SecurityCredential.cs b/OpenSim/Region/OptionalModules/Scripting/Minimodule/SecurityCredential.cs index bd4440c..cbcd137 100644 --- a/OpenSim/Region/OptionalModules/Scripting/Minimodule/SecurityCredential.cs +++ b/OpenSim/Region/OptionalModules/Scripting/Minimodule/SecurityCredential.cs @@ -1,4 +1,31 @@ -using System; +/* + * Copyright (c) Contributors, http://opensimulator.org/ + * See CONTRIBUTORS.TXT for a full list of copyright holders. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * * Neither the name of the OpenSimulator Project nor the + * names of its contributors may be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY + * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY + * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND + * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +using System; using System.Collections.Generic; using System.Text; -- cgit v1.1 From 975c49a399d2822b93496d7abea8587c9f8c7af4 Mon Sep 17 00:00:00 2001 From: Adam Frisby Date: Sun, 16 Aug 2009 21:20:45 +1000 Subject: * [MRM] Implements permission checks on IObject implementations in SOPObject.cs. Does not implement security on IObjectInventory yet. --- .../Scripting/Minimodule/ISecurityCredential.cs | 2 + .../Scripting/Minimodule/SOPObject.cs | 86 +++++++++++++++++++--- .../Scripting/Minimodule/SecurityCredential.cs | 13 ++++ 3 files changed, 92 insertions(+), 9 deletions(-) (limited to 'OpenSim/Region/OptionalModules') diff --git a/OpenSim/Region/OptionalModules/Scripting/Minimodule/ISecurityCredential.cs b/OpenSim/Region/OptionalModules/Scripting/Minimodule/ISecurityCredential.cs index 464723e..e6878d1 100644 --- a/OpenSim/Region/OptionalModules/Scripting/Minimodule/ISecurityCredential.cs +++ b/OpenSim/Region/OptionalModules/Scripting/Minimodule/ISecurityCredential.cs @@ -3,5 +3,7 @@ namespace OpenSim.Region.OptionalModules.Scripting.Minimodule public interface ISecurityCredential { ISocialEntity owner { get; } + bool CanEditObject(IObject target); + bool CanEditTerrain(int x, int y); } } \ No newline at end of file diff --git a/OpenSim/Region/OptionalModules/Scripting/Minimodule/SOPObject.cs b/OpenSim/Region/OptionalModules/Scripting/Minimodule/SOPObject.cs index fa9ef53..674c9e0 100644 --- a/OpenSim/Region/OptionalModules/Scripting/Minimodule/SOPObject.cs +++ b/OpenSim/Region/OptionalModules/Scripting/Minimodule/SOPObject.cs @@ -27,6 +27,7 @@ using System; using System.Collections.Generic; +using System.Security; using OpenMetaverse; using OpenMetaverse.Packets; using OpenSim.Framework; @@ -68,6 +69,15 @@ namespace OpenSim.Region.OptionalModules.Scripting.Minimodule return m_rootScene.GetSceneObjectPart(m_localID); } + private bool CanEdit() + { + if(!m_security.CanEditObject(this)) + { + throw new SecurityException("Insufficient Permission to edit object with UUID [" + GetSOP().UUID + "]"); + } + return true; + } + #region OnTouch private event OnTouchDelegate _OnTouch; @@ -139,13 +149,21 @@ namespace OpenSim.Region.OptionalModules.Scripting.Minimodule public string Name { get { return GetSOP().Name; } - set { GetSOP().Name = value; } + set + { + if (CanEdit()) + GetSOP().Name = value; + } } public string Description { get { return GetSOP().Description; } - set { GetSOP().Description = value; } + set + { + if (CanEdit()) + GetSOP().Description = value; + } } public IObject[] Children @@ -169,7 +187,7 @@ namespace OpenSim.Region.OptionalModules.Scripting.Minimodule public IObject Root { - get { return new SOPObject(m_rootScene, GetSOP().ParentGroup.RootPart.LocalId); } + get { return new SOPObject(m_rootScene, GetSOP().ParentGroup.RootPart.LocalId, m_security); } } public IObjectMaterial[] Materials @@ -191,7 +209,11 @@ namespace OpenSim.Region.OptionalModules.Scripting.Minimodule public Vector3 Scale { get { return GetSOP().Scale; } - set { GetSOP().Scale = value; } + set + { + if (CanEdit()) + GetSOP().Scale = value; + } } public Quaternion WorldRotation @@ -211,15 +233,24 @@ namespace OpenSim.Region.OptionalModules.Scripting.Minimodule get { return GetSOP().AbsolutePosition; } set { - SceneObjectPart pos = GetSOP(); - pos.UpdateOffSet(value - pos.AbsolutePosition); + if (CanEdit()) + { + SceneObjectPart pos = GetSOP(); + pos.UpdateOffSet(value - pos.AbsolutePosition); + } } } public Vector3 OffsetPosition { get { return GetSOP().OffsetPosition; } - set { GetSOP().OffsetPosition = value; } + set + { + if (CanEdit()) + { + GetSOP().OffsetPosition = value; + } + } } public Vector3 SitTarget @@ -319,8 +350,10 @@ namespace OpenSim.Region.OptionalModules.Scripting.Minimodule public void Say(string msg) { - SceneObjectPart sop = GetSOP(); + if (!CanEdit()) + return; + SceneObjectPart sop = GetSOP(); m_rootScene.SimChat(msg, ChatTypeEnum.Say, sop.AbsolutePosition, sop.Name, sop.UUID, false); } @@ -512,6 +545,9 @@ namespace OpenSim.Region.OptionalModules.Scripting.Minimodule } set { + if (!CanEdit()) + return; + GetSOP().PhysActor.RotationalVelocity = new PhysicsVector(value.X, value.Y, value.Z); } } @@ -525,6 +561,9 @@ namespace OpenSim.Region.OptionalModules.Scripting.Minimodule } set { + if (!CanEdit()) + return; + GetSOP().PhysActor.Velocity = new PhysicsVector(value.X, value.Y, value.Z); } } @@ -538,6 +577,9 @@ namespace OpenSim.Region.OptionalModules.Scripting.Minimodule } set { + if (!CanEdit()) + return; + GetSOP().PhysActor.Torque = new PhysicsVector(value.X, value.Y, value.Z); } } @@ -560,27 +602,44 @@ namespace OpenSim.Region.OptionalModules.Scripting.Minimodule } set { + if (!CanEdit()) + return; + GetSOP().PhysActor.Force = new PhysicsVector(value.X, value.Y, value.Z); } } public bool FloatOnWater { - set { GetSOP().PhysActor.FloatOnWater = value; } + set + { + if (!CanEdit()) + return; + GetSOP().PhysActor.FloatOnWater = value; + } } public void AddForce(Vector3 force, bool pushforce) { + if (!CanEdit()) + return; + GetSOP().PhysActor.AddForce(new PhysicsVector(force.X, force.Y, force.Z), pushforce); } public void AddAngularForce(Vector3 force, bool pushforce) { + if (!CanEdit()) + return; + GetSOP().PhysActor.AddAngularForce(new PhysicsVector(force.X, force.Y, force.Z), pushforce); } public void SetMomentum(Vector3 momentum) { + if (!CanEdit()) + return; + GetSOP().PhysActor.SetMomentum(new PhysicsVector(momentum.X, momentum.Y, momentum.Z)); } @@ -595,6 +654,9 @@ namespace OpenSim.Region.OptionalModules.Scripting.Minimodule get { return m_sculptMap; } set { + if (!CanEdit()) + return; + m_sculptMap = value; SetPrimitiveSculpted(SculptMap, (byte) SculptType); } @@ -607,6 +669,9 @@ namespace OpenSim.Region.OptionalModules.Scripting.Minimodule get { return m_sculptType; } set { + if(!CanEdit()) + return; + m_sculptType = value; SetPrimitiveSculpted(SculptMap, (byte) SculptType); } @@ -663,6 +728,9 @@ namespace OpenSim.Region.OptionalModules.Scripting.Minimodule public void Play(UUID asset, double volume) { + if (!CanEdit()) + return; + GetSOP().SendSound(asset.ToString(), volume, true, 0); } diff --git a/OpenSim/Region/OptionalModules/Scripting/Minimodule/SecurityCredential.cs b/OpenSim/Region/OptionalModules/Scripting/Minimodule/SecurityCredential.cs index bd4440c..771bc8b 100644 --- a/OpenSim/Region/OptionalModules/Scripting/Minimodule/SecurityCredential.cs +++ b/OpenSim/Region/OptionalModules/Scripting/Minimodule/SecurityCredential.cs @@ -1,12 +1,15 @@ using System; using System.Collections.Generic; using System.Text; +using OpenMetaverse; +using OpenSim.Region.Framework.Scenes; namespace OpenSim.Region.OptionalModules.Scripting.Minimodule { class SecurityCredential : ISecurityCredential { private readonly ISocialEntity m_owner; + private readonly Scene m_scene; public SecurityCredential(ISocialEntity m_owner) { @@ -17,5 +20,15 @@ namespace OpenSim.Region.OptionalModules.Scripting.Minimodule { get { return m_owner; } } + + public bool CanEditObject(IObject target) + { + return m_scene.Permissions.CanEditObject(target.GlobalID, m_owner.GlobalID); + } + + public bool CanEditTerrain(int x, int y) + { + return m_scene.Permissions.CanTerraformLand(m_owner.GlobalID, new Vector3(x, y, 0)); + } } } -- cgit v1.1 From 8621dc405e2f0f1ea81baa52ec124d8b362a2abf Mon Sep 17 00:00:00 2001 From: Adam Frisby Date: Sun, 16 Aug 2009 21:23:39 +1000 Subject: * Fixes potential NulRef in MRM Security Checks. --- OpenSim/Region/OptionalModules/Scripting/Minimodule/MRMModule.cs | 2 +- .../OptionalModules/Scripting/Minimodule/SecurityCredential.cs | 5 +++-- 2 files changed, 4 insertions(+), 3 deletions(-) (limited to 'OpenSim/Region/OptionalModules') diff --git a/OpenSim/Region/OptionalModules/Scripting/Minimodule/MRMModule.cs b/OpenSim/Region/OptionalModules/Scripting/Minimodule/MRMModule.cs index 0cc7930..6daae29 100644 --- a/OpenSim/Region/OptionalModules/Scripting/Minimodule/MRMModule.cs +++ b/OpenSim/Region/OptionalModules/Scripting/Minimodule/MRMModule.cs @@ -169,7 +169,7 @@ namespace OpenSim.Region.OptionalModules.Scripting.Minimodule // UUID should be changed to object owner. UUID owner = m_scene.RegionInfo.MasterAvatarAssignedUUID; SEUser securityUser = new SEUser(owner, "Name Unassigned"); - SecurityCredential creds = new SecurityCredential(securityUser); + SecurityCredential creds = new SecurityCredential(securityUser, m_scene); world = new World(m_scene, creds); host = new Host(new SOPObject(m_scene, localID, creds), m_scene, new ExtensionHandler(m_extensions), diff --git a/OpenSim/Region/OptionalModules/Scripting/Minimodule/SecurityCredential.cs b/OpenSim/Region/OptionalModules/Scripting/Minimodule/SecurityCredential.cs index 6e350b9..bc7f6cb 100644 --- a/OpenSim/Region/OptionalModules/Scripting/Minimodule/SecurityCredential.cs +++ b/OpenSim/Region/OptionalModules/Scripting/Minimodule/SecurityCredential.cs @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) Contributors, http://opensimulator.org/ * See CONTRIBUTORS.TXT for a full list of copyright holders. * @@ -38,9 +38,10 @@ namespace OpenSim.Region.OptionalModules.Scripting.Minimodule private readonly ISocialEntity m_owner; private readonly Scene m_scene; - public SecurityCredential(ISocialEntity m_owner) + public SecurityCredential(ISocialEntity m_owner, Scene m_scene) { this.m_owner = m_owner; + this.m_scene = m_scene; } public ISocialEntity owner -- cgit v1.1 From adae13cd185b17b4644f2d939b1970aab309097a Mon Sep 17 00:00:00 2001 From: Adam Frisby Date: Sun, 16 Aug 2009 21:36:33 +1000 Subject: * [MRM] Added permission checks to MRM Events (ie, requires edit permission to bind to OnTouch) --- .../OptionalModules/Scripting/Minimodule/SOPObject.cs | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) (limited to 'OpenSim/Region/OptionalModules') diff --git a/OpenSim/Region/OptionalModules/Scripting/Minimodule/SOPObject.cs b/OpenSim/Region/OptionalModules/Scripting/Minimodule/SOPObject.cs index 674c9e0..2e3ed3c 100644 --- a/OpenSim/Region/OptionalModules/Scripting/Minimodule/SOPObject.cs +++ b/OpenSim/Region/OptionalModules/Scripting/Minimodule/SOPObject.cs @@ -87,14 +87,17 @@ namespace OpenSim.Region.OptionalModules.Scripting.Minimodule { add { - if (!_OnTouchActive) + if (CanEdit()) { - GetSOP().Flags |= PrimFlags.Touch; - _OnTouchActive = true; - m_rootScene.EventManager.OnObjectGrab += EventManager_OnObjectGrab; + if (!_OnTouchActive) + { + GetSOP().Flags |= PrimFlags.Touch; + _OnTouchActive = true; + m_rootScene.EventManager.OnObjectGrab += EventManager_OnObjectGrab; + } + + _OnTouch += value; } - - _OnTouch += value; } remove { -- cgit v1.1 From b28e82654150edd0ef21fc8361c023a99186d658 Mon Sep 17 00:00:00 2001 From: Adam Frisby Date: Sun, 16 Aug 2009 21:41:57 +1000 Subject: * Implements ISecurityCredential on all uses of SOPObject.cs except Avatar Attachments. --- OpenSim/Region/OptionalModules/Scripting/Minimodule/SOPObject.cs | 2 +- OpenSim/Region/OptionalModules/Scripting/Minimodule/World.cs | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'OpenSim/Region/OptionalModules') diff --git a/OpenSim/Region/OptionalModules/Scripting/Minimodule/SOPObject.cs b/OpenSim/Region/OptionalModules/Scripting/Minimodule/SOPObject.cs index 2e3ed3c..bdc7a15 100644 --- a/OpenSim/Region/OptionalModules/Scripting/Minimodule/SOPObject.cs +++ b/OpenSim/Region/OptionalModules/Scripting/Minimodule/SOPObject.cs @@ -181,7 +181,7 @@ namespace OpenSim.Region.OptionalModules.Scripting.Minimodule int i = 0; foreach (KeyValuePair pair in my.ParentGroup.Children) { - rets[i++] = new SOPObject(m_rootScene, pair.Value.LocalId); + rets[i++] = new SOPObject(m_rootScene, pair.Value.LocalId, m_security); } return rets; diff --git a/OpenSim/Region/OptionalModules/Scripting/Minimodule/World.cs b/OpenSim/Region/OptionalModules/Scripting/Minimodule/World.cs index a34684f..497ca39 100644 --- a/OpenSim/Region/OptionalModules/Scripting/Minimodule/World.cs +++ b/OpenSim/Region/OptionalModules/Scripting/Minimodule/World.cs @@ -146,7 +146,7 @@ namespace OpenSim.Region.OptionalModules.Scripting.Minimodule if (chat.Sender == null && chat.SenderObject != null) { ChatEventArgs e = new ChatEventArgs(); - e.Sender = new SOPObject(m_internalScene, ((SceneObjectPart) chat.SenderObject).LocalId); + e.Sender = new SOPObject(m_internalScene, ((SceneObjectPart) chat.SenderObject).LocalId, m_security); e.Text = chat.Message; _OnChat(this, e); -- cgit v1.1 From c2be3edd2d8cb2aabb5040d14167c2bed7c4635c Mon Sep 17 00:00:00 2001 From: Adam Frisby Date: Sun, 16 Aug 2009 21:49:53 +1000 Subject: * Refactor: Moves IAvatarAttachment into IAvatarAttachment.cs instead of IAvatar.cs --- .../Scripting/Minimodule/Interfaces/IAvatar.cs | 13 ------------- .../Scripting/Minimodule/Interfaces/IAvatarAttachment.cs | 15 +++++++++++++++ 2 files changed, 15 insertions(+), 13 deletions(-) create mode 100644 OpenSim/Region/OptionalModules/Scripting/Minimodule/Interfaces/IAvatarAttachment.cs (limited to 'OpenSim/Region/OptionalModules') diff --git a/OpenSim/Region/OptionalModules/Scripting/Minimodule/Interfaces/IAvatar.cs b/OpenSim/Region/OptionalModules/Scripting/Minimodule/Interfaces/IAvatar.cs index 849e3ca..03c1e95 100644 --- a/OpenSim/Region/OptionalModules/Scripting/Minimodule/Interfaces/IAvatar.cs +++ b/OpenSim/Region/OptionalModules/Scripting/Minimodule/Interfaces/IAvatar.cs @@ -32,19 +32,6 @@ using OpenMetaverse; namespace OpenSim.Region.OptionalModules.Scripting.Minimodule { - public interface IAvatarAttachment - { - //// - /// Describes where on the avatar the attachment is located - /// - int Location { get ; } - - //// - /// Accessor to the rez'ed asset, representing the attachment - /// - IObject Asset { get; } - } - public interface IAvatar : IEntity { //// diff --git a/OpenSim/Region/OptionalModules/Scripting/Minimodule/Interfaces/IAvatarAttachment.cs b/OpenSim/Region/OptionalModules/Scripting/Minimodule/Interfaces/IAvatarAttachment.cs new file mode 100644 index 0000000..22b4605 --- /dev/null +++ b/OpenSim/Region/OptionalModules/Scripting/Minimodule/Interfaces/IAvatarAttachment.cs @@ -0,0 +1,15 @@ +namespace OpenSim.Region.OptionalModules.Scripting.Minimodule +{ + public interface IAvatarAttachment + { + //// + /// Describes where on the avatar the attachment is located + /// + int Location { get ; } + + //// + /// Accessor to the rez'ed asset, representing the attachment + /// + IObject Asset { get; } + } +} \ No newline at end of file -- cgit v1.1 From cbd454d69231598daf6748070fb5f0baace61c59 Mon Sep 17 00:00:00 2001 From: Adam Frisby Date: Sun, 16 Aug 2009 22:01:18 +1000 Subject: * Implements ISecurityCredential member on SPAvatar, SPAvatarAttachment * Disables 'event not used' warning for IRCClientView; cuts OpenSim total warnings back. --- .../Agent/InternetRelayClientView/Server/IRCClientView.cs | 3 ++- OpenSim/Region/OptionalModules/Scripting/Minimodule/SOPObject.cs | 2 +- OpenSim/Region/OptionalModules/Scripting/Minimodule/SPAvatar.cs | 8 ++++++-- .../OptionalModules/Scripting/Minimodule/SPAvatarAttachment.cs | 7 +++++-- OpenSim/Region/OptionalModules/Scripting/Minimodule/World.cs | 6 +++--- 5 files changed, 17 insertions(+), 9 deletions(-) (limited to 'OpenSim/Region/OptionalModules') diff --git a/OpenSim/Region/OptionalModules/Agent/InternetRelayClientView/Server/IRCClientView.cs b/OpenSim/Region/OptionalModules/Agent/InternetRelayClientView/Server/IRCClientView.cs index a3be181..4a2d7b5 100644 --- a/OpenSim/Region/OptionalModules/Agent/InternetRelayClientView/Server/IRCClientView.cs +++ b/OpenSim/Region/OptionalModules/Agent/InternetRelayClientView/Server/IRCClientView.cs @@ -634,7 +634,7 @@ namespace OpenSim.Region.OptionalModules.Agent.InternetRelayClientView.Server { get { return (uint)Util.RandomClass.Next(0,int.MaxValue); } } - +#pragma warning disable 67 public event GenericMessage OnGenericMessage; public event ImprovedInstantMessage OnInstantMessage; public event ChatMessage OnChatFromClient; @@ -826,6 +826,7 @@ namespace OpenSim.Region.OptionalModules.Agent.InternetRelayClientView.Server public event AvatarNotesUpdate OnAvatarNotesUpdate; public event MuteListRequest OnMuteListRequest; public event PlacesQuery OnPlacesQuery; +#pragma warning restore 67 public void SetDebugPacketLevel(int newDebug) { diff --git a/OpenSim/Region/OptionalModules/Scripting/Minimodule/SOPObject.cs b/OpenSim/Region/OptionalModules/Scripting/Minimodule/SOPObject.cs index bdc7a15..35b0a0f 100644 --- a/OpenSim/Region/OptionalModules/Scripting/Minimodule/SOPObject.cs +++ b/OpenSim/Region/OptionalModules/Scripting/Minimodule/SOPObject.cs @@ -117,7 +117,7 @@ namespace OpenSim.Region.OptionalModules.Scripting.Minimodule if (_OnTouchActive && m_localID == localID) { TouchEventArgs e = new TouchEventArgs(); - e.Avatar = new SPAvatar(m_rootScene, remoteClient.AgentId); + e.Avatar = new SPAvatar(m_rootScene, remoteClient.AgentId, m_security); e.TouchBiNormal = surfaceArgs.Binormal; e.TouchMaterialIndex = surfaceArgs.FaceIndex; e.TouchNormal = surfaceArgs.Normal; diff --git a/OpenSim/Region/OptionalModules/Scripting/Minimodule/SPAvatar.cs b/OpenSim/Region/OptionalModules/Scripting/Minimodule/SPAvatar.cs index ce2d339..4600836 100644 --- a/OpenSim/Region/OptionalModules/Scripting/Minimodule/SPAvatar.cs +++ b/OpenSim/Region/OptionalModules/Scripting/Minimodule/SPAvatar.cs @@ -42,11 +42,13 @@ namespace OpenSim.Region.OptionalModules.Scripting.Minimodule { private readonly Scene m_rootScene; private readonly UUID m_ID; + private readonly ISecurityCredential m_security; //private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); - public SPAvatar(Scene scene, UUID ID) + public SPAvatar(Scene scene, UUID ID, ISecurityCredential security) { m_rootScene = scene; + m_security = security; m_ID = ID; } @@ -84,7 +86,9 @@ namespace OpenSim.Region.OptionalModules.Scripting.Minimodule foreach (DictionaryEntry element in internalAttachments) { Hashtable attachInfo = (Hashtable)element.Value; - attachments.Add(new SPAvatarAttachment(m_rootScene, this, (int)element.Key, new UUID((string)attachInfo["item"]), new UUID((string)attachInfo["asset"]))); + attachments.Add(new SPAvatarAttachment(m_rootScene, this, (int) element.Key, + new UUID((string) attachInfo["item"]), + new UUID((string) attachInfo["asset"]), m_security)); } } diff --git a/OpenSim/Region/OptionalModules/Scripting/Minimodule/SPAvatarAttachment.cs b/OpenSim/Region/OptionalModules/Scripting/Minimodule/SPAvatarAttachment.cs index 9b684fe..570459a 100644 --- a/OpenSim/Region/OptionalModules/Scripting/Minimodule/SPAvatarAttachment.cs +++ b/OpenSim/Region/OptionalModules/Scripting/Minimodule/SPAvatarAttachment.cs @@ -39,10 +39,13 @@ namespace OpenSim.Region.OptionalModules.Scripting.Minimodule private readonly int m_location; //private readonly UUID m_itemId; private readonly UUID m_assetId; + + private readonly ISecurityCredential m_security; - public SPAvatarAttachment(Scene rootScene, IAvatar self, int location, UUID itemId, UUID assetId) + public SPAvatarAttachment(Scene rootScene, IAvatar self, int location, UUID itemId, UUID assetId, ISecurityCredential security) { m_rootScene = rootScene; + m_security = security; //m_parent = self; m_location = location; //m_itemId = itemId; @@ -55,7 +58,7 @@ namespace OpenSim.Region.OptionalModules.Scripting.Minimodule { get { - return new SOPObject(m_rootScene, m_rootScene.GetSceneObjectPart(m_assetId).LocalId); + return new SOPObject(m_rootScene, m_rootScene.GetSceneObjectPart(m_assetId).LocalId, m_security); } } } diff --git a/OpenSim/Region/OptionalModules/Scripting/Minimodule/World.cs b/OpenSim/Region/OptionalModules/Scripting/Minimodule/World.cs index 497ca39..da5ea0d 100644 --- a/OpenSim/Region/OptionalModules/Scripting/Minimodule/World.cs +++ b/OpenSim/Region/OptionalModules/Scripting/Minimodule/World.cs @@ -86,7 +86,7 @@ namespace OpenSim.Region.OptionalModules.Scripting.Minimodule if (_OnNewUser != null) { NewUserEventArgs e = new NewUserEventArgs(); - e.Avatar = new SPAvatar(m_internalScene, presence.UUID); + e.Avatar = new SPAvatar(m_internalScene, presence.UUID, m_security); _OnNewUser(this, e); } } @@ -156,7 +156,7 @@ namespace OpenSim.Region.OptionalModules.Scripting.Minimodule if (chat.Sender != null && chat.SenderObject == null) { ChatEventArgs e = new ChatEventArgs(); - e.Sender = new SPAvatar(m_internalScene, chat.SenderUUID); + e.Sender = new SPAvatar(m_internalScene, chat.SenderUUID, m_security); e.Text = chat.Message; _OnChat(this, e); @@ -209,7 +209,7 @@ namespace OpenSim.Region.OptionalModules.Scripting.Minimodule for (int i = 0; i < ents.Count; i++) { EntityBase ent = ents[i]; - rets[i] = new SPAvatar(m_internalScene, ent.UUID); + rets[i] = new SPAvatar(m_internalScene, ent.UUID, m_security); } return rets; -- cgit v1.1