From 41395d544386fbee2d26909a590d4fa9720fdf5f Mon Sep 17 00:00:00 2001 From: Michelle Argus Date: Wed, 26 Oct 2011 15:03:10 +0200 Subject: Added optional owner classes to existing OSSL agent Permissions PARCEL_GROUP, PARCEL_OWNER, ESTATE_MANAGER and REGION_OWNER can be combined with the existing agent uuid option to limit ossl functions to agents and owner classes. Signed-off-by: BlueWall --- .../Shared/Api/Implementation/OSSL_Api.cs | 67 ++++++++++++++++++++-- 1 file changed, 61 insertions(+), 6 deletions(-) (limited to 'OpenSim') diff --git a/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs b/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs index 52d787d..3cfc3c9 100644 --- a/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs +++ b/OpenSim/Region/ScriptEngine/Shared/Api/Implementation/OSSL_Api.cs @@ -113,11 +113,13 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api { public List AllowedCreators; public List AllowedOwners; + public List AllowedOwnerClasses; public FunctionPerms() { AllowedCreators = new List(); AllowedOwners = new List(); + AllowedOwnerClasses = new List(); } } @@ -245,6 +247,7 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api // Default behavior perms.AllowedOwners = null; perms.AllowedCreators = null; + perms.AllowedOwnerClasses = null; } else { @@ -265,12 +268,20 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api foreach (string id in ids) { string current = id.Trim(); - UUID uuid; - - if (UUID.TryParse(current, out uuid)) + if (current.ToUpper() == "PARCEL_GROUP_MEMBER" || current.ToUpper() == "PARCEL_OWNER" || current.ToUpper() == "ESTATE_MANAGER" || current.ToUpper() == "ESTATE_OWNER") { - if (uuid != UUID.Zero) - perms.AllowedOwners.Add(uuid); + if (!perms.AllowedOwnerClasses.Contains(current)) + perms.AllowedOwnerClasses.Add(current.ToUpper()); + } + else + { + UUID uuid; + + if (UUID.TryParse(current, out uuid)) + { + if (uuid != UUID.Zero) + perms.AllowedOwners.Add(uuid); + } } } @@ -326,11 +337,55 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api String.Format("{0} permission error. Can't find script in prim inventory.", function)); } + + UUID ownerID = ti.OwnerID; + + //OSSL only may be used if objet is in the same group as the parcel + if (m_FunctionPerms[function].AllowedOwnerClasses.Contains("PARCEL_GROUP_MEMBER")) + { + ILandObject land = World.LandChannel.GetLandObject(m_host.AbsolutePosition.X, m_host.AbsolutePosition.Y); + + if (land.LandData.GroupID == ti.GroupID && land.LandData.GroupID != UUID.Zero) + { + return; + } + } + + //Only Parcelowners may use the function + if (m_FunctionPerms[function].AllowedOwnerClasses.Contains("PARCEL_OWNER")) + { + ILandObject land = World.LandChannel.GetLandObject(m_host.AbsolutePosition.X, m_host.AbsolutePosition.Y); + + if (land.LandData.OwnerID == ownerID) + { + return; + } + } + + //Only Estate Managers may use the function + if (m_FunctionPerms[function].AllowedOwnerClasses.Contains("ESTATE_MANAGER")) + { + //Only Estate Managers may use the function + if (World.RegionInfo.EstateSettings.IsEstateManager(ownerID) && World.RegionInfo.EstateSettings.EstateOwner != ownerID) + { + return; + } + } + + //Only regionowners may use the function + if (m_FunctionPerms[function].AllowedOwnerClasses.Contains("ESTATE_OWNER")) + { + if (World.RegionInfo.EstateSettings.EstateOwner == ownerID) + { + return; + } + } + if (!m_FunctionPerms[function].AllowedCreators.Contains(ti.CreatorID)) OSSLError( String.Format("{0} permission denied. Script creator is not in the list of users allowed to execute this function and prim owner also has no permission.", function)); - if (ti.CreatorID != ti.OwnerID) + if (ti.CreatorID != ownerID) { if ((ti.CurrentPermissions & (uint)PermissionMask.Modify) != 0) OSSLError( -- cgit v1.1