From b47c0d7e51bdb4d4bfa34f0952593f94c657d19c Mon Sep 17 00:00:00 2001 From: Justin Clark-Casey (justincc) Date: Thu, 12 Jan 2012 18:14:19 +0000 Subject: refactor: Move existing npc owner checks to NPCModule.CheckPermissions() methods and expose on interface for external calls. --- OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) (limited to 'OpenSim/Region/ScriptEngine/Shared/Api') diff --git a/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs b/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs index e2a045b..1d7a210 100644 --- a/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs +++ b/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs @@ -2152,11 +2152,7 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api if (!UUID.TryParse(npc.m_string, out npcId)) return new LSL_Key(UUID.Zero.ToString()); - if (!npcModule.IsNPC(npcId, m_host.ParentGroup.Scene)) - return new LSL_Key(UUID.Zero.ToString()); - - UUID ownerID = npcModule.GetOwner(npcId); - if (ownerID != UUID.Zero && ownerID != m_host.OwnerID) + if (!npcModule.CheckPermissions(npcId, m_host.OwnerID)) return new LSL_Key(UUID.Zero.ToString()); return SaveAppearanceToNotecard(npcId, notecard); -- cgit v1.1 From ba3491c76e2d7cc7187a025dccd782790929f0b7 Mon Sep 17 00:00:00 2001 From: Justin Clark-Casey (justincc) Date: Thu, 12 Jan 2012 19:06:46 +0000 Subject: Add permissions checks for owned avatars to all other osNpc* functions. This is being done outside the npc module since the check is meaningless for region module callers, who can fake any id that they like. --- .../Shared/Api/Implementation/OSSL_Api.cs | 70 +++++++++++++++------- 1 file changed, 50 insertions(+), 20 deletions(-) (limited to 'OpenSim/Region/ScriptEngine/Shared/Api') diff --git a/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs b/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs index 1d7a210..509bbec 100644 --- a/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs +++ b/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs @@ -2173,6 +2173,9 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api if (!UUID.TryParse(npc.m_string, out npcId)) return; + if (!npcModule.CheckPermissions(npcId, m_host.OwnerID)) + return; + string appearanceSerialized = LoadNotecard(notecard); OSDMap appearanceOsd = (OSDMap)OSDParser.DeserializeLLSDXml(appearanceSerialized); // OSD a = OSDParser.DeserializeLLSDXml(appearanceSerialized); @@ -2196,7 +2199,7 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api if (!UUID.TryParse(npc.m_string, out npcId)) return new LSL_Vector(0, 0, 0); - if (!npcModule.IsNPC(npcId, m_host.ParentGroup.Scene)) + if (!npcModule.CheckPermissions(npcId, m_host.OwnerID)) return new LSL_Vector(0, 0, 0); Vector3 pos = World.GetScenePresence(npcId).AbsolutePosition; @@ -2216,6 +2219,9 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api UUID npcId; if (!UUID.TryParse(npc.m_string, out npcId)) return; + + if (!module.CheckPermissions(npcId, m_host.OwnerID)) + return; Vector3 pos = new Vector3((float) position.x, (float) position.y, (float) position.z); module.MoveToTarget(npcId, World, pos, false, true); @@ -2233,6 +2239,9 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api if (!UUID.TryParse(npc.m_string, out npcId)) return; + if (!module.CheckPermissions(npcId, m_host.OwnerID)) + return; + Vector3 pos = new Vector3((float)target.x, (float)target.y, (float)target.z); module.MoveToTarget( new UUID(npc.m_string), @@ -2254,7 +2263,7 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api if (!UUID.TryParse(npc.m_string, out npcId)) return new LSL_Rotation(Quaternion.Identity.X, Quaternion.Identity.Y, Quaternion.Identity.Z, Quaternion.Identity.W); - if (!npcModule.IsNPC(npcId, m_host.ParentGroup.Scene)) + if (!npcModule.CheckPermissions(npcId, m_host.OwnerID)) return new LSL_Rotation(Quaternion.Identity.X, Quaternion.Identity.Y, Quaternion.Identity.Z, Quaternion.Identity.W); ScenePresence sp = World.GetScenePresence(npcId); @@ -2277,7 +2286,7 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api if (!UUID.TryParse(npc.m_string, out npcId)) return; - if (!npcModule.IsNPC(npcId, m_host.ParentGroup.Scene)) + if (!npcModule.CheckPermissions(npcId, m_host.OwnerID)) return; ScenePresence sp = World.GetScenePresence(npcId); @@ -2291,7 +2300,14 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api INPCModule module = World.RequestModuleInterface(); if (module != null) - module.StopMoveToTarget(new UUID(npc.m_string), World); + { + UUID npcId = new UUID(npc.m_string); + + if (!module.CheckPermissions(npcId, m_host.OwnerID)) + return; + + module.StopMoveToTarget(npcId, World); + } } public void osNpcSay(LSL_Key npc, string message) @@ -2301,7 +2317,12 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api INPCModule module = World.RequestModuleInterface(); if (module != null) { - module.Say(new UUID(npc.m_string), World, message); + UUID npcId = new UUID(npc.m_string); + + if (!module.CheckPermissions(npcId, m_host.OwnerID)) + return; + + module.Say(npcId, World, message); } } @@ -2312,7 +2333,12 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api INPCModule module = World.RequestModuleInterface(); if (module != null) { - module.Sit(new UUID(npc.m_string), new UUID(target.m_string), World); + UUID npcId = new UUID(npc.m_string); + + if (!module.CheckPermissions(npcId, m_host.OwnerID)) + return; + + module.Sit(npcId, new UUID(target.m_string), World); } } @@ -2323,7 +2349,12 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api INPCModule module = World.RequestModuleInterface(); if (module != null) { - module.Stand(new UUID(npc.m_string), World); + UUID npcId = new UUID(npc.m_string); + + if (!module.CheckPermissions(npcId, m_host.OwnerID)) + return; + + module.Stand(npcId, World); } } @@ -2334,7 +2365,12 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api INPCModule module = World.RequestModuleInterface(); if (module != null) { - module.DeleteNPC(new UUID(npc.m_string), m_host.OwnerID, World); + UUID npcId = new UUID(npc.m_string); + + if (!module.CheckPermissions(npcId, m_host.OwnerID)) + return; + + module.DeleteNPC(npcId, World); } } @@ -2346,12 +2382,9 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api if (module != null) { UUID npcID = new UUID(npc.m_string); - if (module.IsNPC(npcID, m_host.ParentGroup.Scene)) - { - UUID ownerID = module.GetOwner(npcID); - if (ownerID == UUID.Zero || ownerID == m_host.OwnerID) - AvatarPlayAnimation(npcID.ToString(), animation); - } + + if (module.CheckPermissions(npcID, m_host.OwnerID)) + AvatarPlayAnimation(npcID.ToString(), animation); } } @@ -2363,12 +2396,9 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api if (module != null) { UUID npcID = new UUID(npc.m_string); - if (module.IsNPC(npcID, m_host.ParentGroup.Scene)) - { - UUID ownerID = module.GetOwner(npcID); - if (ownerID == UUID.Zero || ownerID == m_host.OwnerID) - AvatarStopAnimation(npcID.ToString(), animation); - } + + if (module.CheckPermissions(npcID, m_host.OwnerID)) + AvatarPlayAnimation(npcID.ToString(), animation); } } -- cgit v1.1 From d27dd3714f77aa37db1eeb241401270163cd236d Mon Sep 17 00:00:00 2001 From: Justin Clark-Casey (justincc) Date: Thu, 12 Jan 2012 19:19:34 +0000 Subject: Allow all NPCs to show up on sensors as all osNpc* script methods now check for ownership permission before executing. As per #opensim-dev irc discussion. --- .../Shared/Api/Implementation/Plugins/SensorRepeat.cs | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) (limited to 'OpenSim/Region/ScriptEngine/Shared/Api') diff --git a/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/Plugins/SensorRepeat.cs b/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/Plugins/SensorRepeat.cs index 7d7813d..8356dce 100644 --- a/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/Plugins/SensorRepeat.cs +++ b/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/Plugins/SensorRepeat.cs @@ -463,12 +463,15 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api.Plugins toRegionPos = presence.AbsolutePosition; dis = Math.Abs(Util.GetDistanceTo(toRegionPos, fromRegionPos)); - if (presence.PresenceType == PresenceType.Npc && npcModule != null) - { - UUID npcOwner = npcModule.GetOwner(presence.UUID); - if (npcOwner != UUID.Zero && npcOwner != SensePoint.OwnerID) - return; - } + // Disabled for now since all osNpc* methods check for appropriate ownership permission. + // Perhaps could be re-enabled as an NPC setting at some point since being able to make NPCs not + // sensed might be useful. +// if (presence.PresenceType == PresenceType.Npc && npcModule != null) +// { +// UUID npcOwner = npcModule.GetOwner(presence.UUID); +// if (npcOwner != UUID.Zero && npcOwner != SensePoint.OwnerID) +// return; +// } // are they in range if (dis <= ts.range) -- cgit v1.1 From c4972e773465172d33d72f94d3f5e37cec1b8831 Mon Sep 17 00:00:00 2001 From: Justin Clark-Casey (justincc) Date: Thu, 12 Jan 2012 19:37:30 +0000 Subject: Add osNpcCreate(string firstname, string lastname, LSL_Vector position, string notecard, int options) variant. This will be documented soon. Options can currently be OS_NPC_CREATE_OWNED - creates a 'creator owned' avatar that will only respond to osNpc* functions made by scripts owned by the npc creator OS_NPC_NOT_OWNED - creates an avatar which will respond to any osNpc* functions that a caller has permission to make (through the usual OSSL permission mechanisms). options is being added to provide better scope for future extensibility without having to add more functions The original non-options osNpcCreate() function will continue to exist. --- OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs | 6 ++++++ OpenSim/Region/ScriptEngine/Shared/Api/Interface/IOSSL_Api.cs | 1 + OpenSim/Region/ScriptEngine/Shared/Api/Runtime/LSL_Constants.cs | 3 +++ OpenSim/Region/ScriptEngine/Shared/Api/Runtime/OSSL_Stub.cs | 5 +++++ 4 files changed, 15 insertions(+) (limited to 'OpenSim/Region/ScriptEngine/Shared/Api') diff --git a/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs b/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs index 509bbec..25e4789 100644 --- a/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs +++ b/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs @@ -2089,6 +2089,12 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api return NpcCreate(firstname, lastname, position, notecard, false); } + public LSL_Key osNpcCreate(string firstname, string lastname, LSL_Vector position, string notecard, int options) + { + CheckThreatLevel(ThreatLevel.High, "osNpcCreate"); + return NpcCreate(firstname, lastname, position, notecard, (options & ScriptBaseClass.OS_NPC_NOT_OWNED) == 0); + } + private LSL_Key NpcCreate(string firstname, string lastname, LSL_Vector position, string notecard, bool owned) { INPCModule module = World.RequestModuleInterface(); diff --git a/OpenSim/Region/ScriptEngine/Shared/Api/Interface/IOSSL_Api.cs b/OpenSim/Region/ScriptEngine/Shared/Api/Interface/IOSSL_Api.cs index f92f51f..ddfc20d 100644 --- a/OpenSim/Region/ScriptEngine/Shared/Api/Interface/IOSSL_Api.cs +++ b/OpenSim/Region/ScriptEngine/Shared/Api/Interface/IOSSL_Api.cs @@ -172,6 +172,7 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api.Interfaces LSL_List osGetLinkPrimitiveParams(int linknumber, LSL_List rules); key osNpcCreate(string user, string name, vector position, string notecard); + key osNpcCreate(string user, string name, vector position, string notecard, int options); key osNpcCreateOwned(string user, string name, vector position, string notecard); LSL_Key osNpcSaveAppearance(key npc, string notecard); void osNpcLoadAppearance(key npc, string notecard); diff --git a/OpenSim/Region/ScriptEngine/Shared/Api/Runtime/LSL_Constants.cs b/OpenSim/Region/ScriptEngine/Shared/Api/Runtime/LSL_Constants.cs index b58cf57..176dc56 100644 --- a/OpenSim/Region/ScriptEngine/Shared/Api/Runtime/LSL_Constants.cs +++ b/OpenSim/Region/ScriptEngine/Shared/Api/Runtime/LSL_Constants.cs @@ -606,6 +606,9 @@ namespace OpenSim.Region.ScriptEngine.Shared.ScriptBase public const int OS_NPC_SIT_NOW = 0; + public const int OS_NPC_CREATOR_OWNED = 0x1; + public const int OS_NPC_NOT_OWNED = 0x2; + public const string URL_REQUEST_GRANTED = "URL_REQUEST_GRANTED"; public const string URL_REQUEST_DENIED = "URL_REQUEST_DENIED"; diff --git a/OpenSim/Region/ScriptEngine/Shared/Api/Runtime/OSSL_Stub.cs b/OpenSim/Region/ScriptEngine/Shared/Api/Runtime/OSSL_Stub.cs index a94392a..ceccceb 100644 --- a/OpenSim/Region/ScriptEngine/Shared/Api/Runtime/OSSL_Stub.cs +++ b/OpenSim/Region/ScriptEngine/Shared/Api/Runtime/OSSL_Stub.cs @@ -488,6 +488,11 @@ namespace OpenSim.Region.ScriptEngine.Shared.ScriptBase return m_OSSL_Functions.osNpcCreate(user, name, position, cloneFrom); } + public key osNpcCreate(string user, string name, vector position, key cloneFrom, int options) + { + return m_OSSL_Functions.osNpcCreate(user, name, position, cloneFrom, options); + } + public key osNpcCreateOwned(string user, string name, vector position, key cloneFrom) { return m_OSSL_Functions.osNpcCreateOwned(user, name, position, cloneFrom); -- cgit v1.1 From 6e7154d55c4b5ab8dacd2bcbce3b5408470b7f48 Mon Sep 17 00:00:00 2001 From: Justin Clark-Casey (justincc) Date: Fri, 13 Jan 2012 00:00:18 +0000 Subject: Removing osNpcCreateOwned(). Please use osNpcCreate(string user, string name, vector position, string notecard, int options) instead with option OS_NPC_CREATOR_OWNED Please note that correct option name is OS_NPC_CREATOR_OWNED not OS_NPC_CREATE_OWNED as mistakenly put in a previous commit. --- OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs | 6 ------ OpenSim/Region/ScriptEngine/Shared/Api/Interface/IOSSL_Api.cs | 1 - OpenSim/Region/ScriptEngine/Shared/Api/Runtime/OSSL_Stub.cs | 5 ----- 3 files changed, 12 deletions(-) (limited to 'OpenSim/Region/ScriptEngine/Shared/Api') diff --git a/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs b/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs index 25e4789..2c35f58 100644 --- a/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs +++ b/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs @@ -2077,12 +2077,6 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api return retVal; } - public LSL_Key osNpcCreateOwned(string firstname, string lastname, LSL_Vector position, string notecard) - { - CheckThreatLevel(ThreatLevel.High, "osNpcCreateOwned"); - return NpcCreate(firstname, lastname, position, notecard, true); - } - public LSL_Key osNpcCreate(string firstname, string lastname, LSL_Vector position, string notecard) { CheckThreatLevel(ThreatLevel.High, "osNpcCreate"); diff --git a/OpenSim/Region/ScriptEngine/Shared/Api/Interface/IOSSL_Api.cs b/OpenSim/Region/ScriptEngine/Shared/Api/Interface/IOSSL_Api.cs index ddfc20d..af6be5f 100644 --- a/OpenSim/Region/ScriptEngine/Shared/Api/Interface/IOSSL_Api.cs +++ b/OpenSim/Region/ScriptEngine/Shared/Api/Interface/IOSSL_Api.cs @@ -173,7 +173,6 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api.Interfaces key osNpcCreate(string user, string name, vector position, string notecard); key osNpcCreate(string user, string name, vector position, string notecard, int options); - key osNpcCreateOwned(string user, string name, vector position, string notecard); LSL_Key osNpcSaveAppearance(key npc, string notecard); void osNpcLoadAppearance(key npc, string notecard); vector osNpcGetPos(key npc); diff --git a/OpenSim/Region/ScriptEngine/Shared/Api/Runtime/OSSL_Stub.cs b/OpenSim/Region/ScriptEngine/Shared/Api/Runtime/OSSL_Stub.cs index ceccceb..0c05ea4 100644 --- a/OpenSim/Region/ScriptEngine/Shared/Api/Runtime/OSSL_Stub.cs +++ b/OpenSim/Region/ScriptEngine/Shared/Api/Runtime/OSSL_Stub.cs @@ -493,11 +493,6 @@ namespace OpenSim.Region.ScriptEngine.Shared.ScriptBase return m_OSSL_Functions.osNpcCreate(user, name, position, cloneFrom, options); } - public key osNpcCreateOwned(string user, string name, vector position, key cloneFrom) - { - return m_OSSL_Functions.osNpcCreateOwned(user, name, position, cloneFrom); - } - public key osNpcSaveAppearance(key npc, string notecard) { return m_OSSL_Functions.osNpcSaveAppearance(npc, notecard); -- cgit v1.1 From 3b59af222580e6d6e1a938ab622961285bd6903c Mon Sep 17 00:00:00 2001 From: Justin Clark-Casey (justincc) Date: Fri, 13 Jan 2012 00:03:39 +0000 Subject: Change the default osNpcCreate() to create an 'owned' npc rather than an 'unowned' one. An owned NPC is one that only the original creator can manipulate and delete. An unowned NPC is one that anybody with access to the osNpc* methods and knowledge of the avatar id can manipulate. This is to correct an oversight I made in the original reimplementation where I mistakenly assumed that avatar IDs could be treated as private. I am not anticipating that many people were deliberately making use of unowned npcs due to their insecure nature. If you do need an unowned NPC please call the new overloaded osCreateNpc() function with the option OS_NPC_NOT_OWNED. --- OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'OpenSim/Region/ScriptEngine/Shared/Api') diff --git a/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs b/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs index 2c35f58..40d9d6f 100644 --- a/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs +++ b/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs @@ -2080,7 +2080,7 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api public LSL_Key osNpcCreate(string firstname, string lastname, LSL_Vector position, string notecard) { CheckThreatLevel(ThreatLevel.High, "osNpcCreate"); - return NpcCreate(firstname, lastname, position, notecard, false); + return NpcCreate(firstname, lastname, position, notecard, true); } public LSL_Key osNpcCreate(string firstname, string lastname, LSL_Vector position, string notecard, int options) -- cgit v1.1