From eaec7cf39ce134b4da0622f67ee6037843f6eb29 Mon Sep 17 00:00:00 2001 From: Rob Smart Date: Fri, 11 Sep 2009 12:28:48 +0100 Subject: Changed RemoteAuthorizationServiceConnector so that it implements the IAuthorization interface method isAuthorizedForRegion looks up user and region data and delegates the remote authorization check to the AuthorizationServiceConnector This keeps the IAuthorization as clean as possible and moves the dependency of using a UserProfileData object out to the connector from the scene. --- OpenSim/Framework/AuthorizationRequest.cs | 36 +++++++++++++++- .../RemoteAuthorizationServiceConnector.cs | 49 ++++++++++++++++++++-- .../Authorization/AuthorizationServiceConnector.cs | 7 ++-- 3 files changed, 83 insertions(+), 9 deletions(-) (limited to 'OpenSim') diff --git a/OpenSim/Framework/AuthorizationRequest.cs b/OpenSim/Framework/AuthorizationRequest.cs index 3280c65..ef99d3a 100644 --- a/OpenSim/Framework/AuthorizationRequest.cs +++ b/OpenSim/Framework/AuthorizationRequest.cs @@ -46,12 +46,46 @@ namespace OpenSim.Framework m_regionID = RegionID; } + public AuthorizationRequest(string ID,string FirstName, string SurName, string Email, string RegionName, string RegionID) + { + m_userID = ID; + m_firstname = FirstName; + m_surname = SurName; + m_email = Email; + m_regionName = RegionName; + m_regionID = RegionID; + } + public string ID { get { return m_userID; } set { m_userID = value; } } - + + public string FirstName + { + get { return m_firstname; } + set { m_firstname = value; } + } + + public string SurName + { + get { return m_surname; } + set { m_surname = value; } + } + + public string Email + { + get { return m_email; } + set { m_email = value; } + } + + public string RegionName + { + get { return m_regionName; } + set { m_regionName = value; } + } + public string RegionID { get { return m_regionID; } diff --git a/OpenSim/Region/CoreModules/ServiceConnectorsOut/Authorization/RemoteAuthorizationServiceConnector.cs b/OpenSim/Region/CoreModules/ServiceConnectorsOut/Authorization/RemoteAuthorizationServiceConnector.cs index b0d8baa..88e6ee2 100644 --- a/OpenSim/Region/CoreModules/ServiceConnectorsOut/Authorization/RemoteAuthorizationServiceConnector.cs +++ b/OpenSim/Region/CoreModules/ServiceConnectorsOut/Authorization/RemoteAuthorizationServiceConnector.cs @@ -35,6 +35,7 @@ using OpenSim.Services.Connectors; using OpenSim.Region.Framework.Interfaces; using OpenSim.Region.Framework.Scenes; using OpenSim.Services.Interfaces; +using OpenMetaverse; namespace OpenSim.Region.CoreModules.ServiceConnectorsOut.Authorization { @@ -46,6 +47,7 @@ namespace OpenSim.Region.CoreModules.ServiceConnectorsOut.Authorization MethodBase.GetCurrentMethod().DeclaringType); private bool m_Enabled = false; + private List m_scenes = new List(); public Type ReplaceableInterface { @@ -68,7 +70,7 @@ namespace OpenSim.Region.CoreModules.ServiceConnectorsOut.Authorization IConfig authorizationConfig = source.Configs["AuthorizationService"]; if (authorizationConfig == null) { - m_log.Error("[AUTHORIZATION CONNECTOR]: AuthorizationService missing from OpenSim.ini"); + m_log.Error("[REMOTE AUTHORIZATION CONNECTOR]: AuthorizationService missing from OpenSim.ini"); return; } @@ -76,7 +78,7 @@ namespace OpenSim.Region.CoreModules.ServiceConnectorsOut.Authorization base.Initialise(source); - m_log.Info("[AUTHORIZATION CONNECTOR]: Remote authorization enabled"); + m_log.Info("[REMOTE AUTHORIZATION CONNECTOR]: Remote authorization enabled"); } } } @@ -94,7 +96,12 @@ namespace OpenSim.Region.CoreModules.ServiceConnectorsOut.Authorization if (!m_Enabled) return; - scene.RegisterModuleInterface(this); + if (!m_scenes.Contains(scene)) + { + m_scenes.Add(scene); + scene.RegisterModuleInterface(this); + } + } public void RemoveRegion(Scene scene) @@ -106,8 +113,42 @@ namespace OpenSim.Region.CoreModules.ServiceConnectorsOut.Authorization if (!m_Enabled) return; - m_log.InfoFormat("[AUTHORIZATION CONNECTOR]: Enabled remote authorization for region {0}", scene.RegionInfo.RegionName); + m_log.InfoFormat("[REMOTE AUTHORIZATION CONNECTOR]: Enabled remote authorization for region {0}", scene.RegionInfo.RegionName); } + + public bool IsAuthorizedForRegion(string userID, string regionID) + { + m_log.InfoFormat("[REMOTE AUTHORIZATION CONNECTOR]: IsAuthorizedForRegion checking {0} for region {1}", userID, regionID); + + bool isAuthorized = true; + + // get the scene this call is being made for + Scene scene = null; + lock (m_scenes) + { + foreach (Scene nextScene in m_scenes) + { + if (nextScene.RegionInfo.RegionID.ToString() == regionID) + { + scene = nextScene; + } + } + } + + if(scene!=null) + { + UserProfileData profile = scene.CommsManager.UserService.GetUserProfile(new UUID(userID)); + isAuthorized = IsAuthorizedForRegion(userID, profile.FirstName, profile.SurName,profile.Email,scene.RegionInfo.RegionName,regionID); + } + else + { + m_log.ErrorFormat("[REMOTE AUTHORIZATION CONNECTOR] IsAuthorizedForRegion, can't find scene to match region id of {0} ",regionID); + } + + + return isAuthorized; + + } } } diff --git a/OpenSim/Services/Connectors/Authorization/AuthorizationServiceConnector.cs b/OpenSim/Services/Connectors/Authorization/AuthorizationServiceConnector.cs index d50a6ed..bc4daad 100644 --- a/OpenSim/Services/Connectors/Authorization/AuthorizationServiceConnector.cs +++ b/OpenSim/Services/Connectors/Authorization/AuthorizationServiceConnector.cs @@ -39,7 +39,7 @@ using OpenMetaverse; namespace OpenSim.Services.Connectors { - public class AuthorizationServicesConnector : IAuthorizationService + public class AuthorizationServicesConnector { private static readonly ILog m_log = LogManager.GetLogger( @@ -88,14 +88,14 @@ namespace OpenSim.Services.Connectors m_ResponseOnFailure = responseOnFailure; } - public bool IsAuthorizedForRegion(string userID, string regionID) + public bool IsAuthorizedForRegion(string userID,string firstname, string surname, string email, string regionName, string regionID) { // do a remote call to the authorization server specified in the AuthorizationServerURI m_log.InfoFormat("[AUTHORIZATION CONNECTOR]: IsAuthorizedForRegion checking {0} at remote server {1}", userID, m_ServerURI); string uri = m_ServerURI; - AuthorizationRequest req = new AuthorizationRequest(userID, regionID); + AuthorizationRequest req = new AuthorizationRequest(userID, firstname, surname, email, regionName, regionID); AuthorizationResponse response; try @@ -105,7 +105,6 @@ namespace OpenSim.Services.Connectors catch (Exception e) { m_log.WarnFormat("[AUTHORIZATION CONNECTOR]: Unable to send authorize {0} for region {1} error thrown during comms with remote server. Reason: {2}", userID, regionID, e.Message); - m_log.WarnFormat("Inner Exception is {0}",e.InnerException); return m_ResponseOnFailure; } -- cgit v1.1