From c7ded0618c303f8c24a91c83c2129292beebe466 Mon Sep 17 00:00:00 2001 From: Justin Clark-Casey (justincc) Date: Tue, 27 Aug 2013 00:35:33 +0100 Subject: Also check user authorization if looking to upgrade from a child to a root agent. Relevant if a child agent has been allowed into the region which should not be upgraded to a root agent. --- OpenSim/Region/Framework/Scenes/Scene.cs | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'OpenSim/Region') diff --git a/OpenSim/Region/Framework/Scenes/Scene.cs b/OpenSim/Region/Framework/Scenes/Scene.cs index 8754024..3eaa8fd 100644 --- a/OpenSim/Region/Framework/Scenes/Scene.cs +++ b/OpenSim/Region/Framework/Scenes/Scene.cs @@ -3860,6 +3860,19 @@ namespace OpenSim.Region.Framework.Scenes // Let the SP know how we got here. This has a lot of interesting // uses down the line. sp.TeleportFlags = (TPFlags)teleportFlags; + + // We must carry out a further authorization check if there's an + // attempt to make a child agent into a root agent, since SeeIntoRegion may have allowed a child + // agent to login to a region where a full avatar would not be allowed. + // + // We determine whether this is a CreateAgent for a future non-child agent by inspecting + // TeleportFlags, which will be default for a child connection. This relies on input from the source + // region. + if (sp.TeleportFlags != TPFlags.Default) + { + if (!AuthorizeUser(acd, false, out reason)) + return false; + } if (sp.IsChildAgent) { -- cgit v1.1