/*
* Copyright (c) Contributors, http://opensimulator.org/
* See CONTRIBUTORS.TXT for a full list of copyright holders.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
* * Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* * Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* * Neither the name of the OpenSimulator Project nor the
* names of its contributors may be used to endorse or promote products
* derived from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
* DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
using System;
using System.Collections.Generic;
using System.Net;
using System.Reflection;
using System.Security.Cryptography;
using log4net;
using Nwc.XmlRpc;
using OpenMetaverse;
using OpenMetaverse.StructuredData;
using OpenSim.Data;
using OpenSim.Framework.Communications;
using OpenSim.Framework.Statistics;
using OpenSim.Services.Interfaces;
namespace OpenSim.Framework.Communications
{
///
/// Base class for user management (create, read, etc)
///
public abstract class UserManagerBase
: IUserService, IUserAdminService, IAvatarService, IMessagingService, IAuthentication
{
private static readonly ILog m_log
= LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
///
/// List of plugins to search for user data
///
private List m_plugins = new List();
protected CommunicationsManager m_commsManager;
protected IInventoryService m_InventoryService;
///
/// Constructor
///
///
public UserManagerBase(CommunicationsManager commsManager)
{
m_commsManager = commsManager;
}
public virtual void SetInventoryService(IInventoryService invService)
{
m_InventoryService = invService;
}
///
/// Add a new user data plugin - plugins will be requested in the order they were added.
///
/// The plugin that will provide user data
public void AddPlugin(IUserDataPlugin plugin)
{
m_plugins.Add(plugin);
}
///
/// Adds a list of user data plugins, as described by `provider' and
/// `connect', to `_plugins'.
///
///
/// The filename of the inventory server plugin DLL.
///
///
/// The connection string for the storage backend.
///
public void AddPlugin(string provider, string connect)
{
m_plugins.AddRange(DataPluginFactory.LoadDataPlugins(provider, connect));
}
#region UserProfile
public virtual void AddTemporaryUserProfile(UserProfileData userProfile)
{
foreach (IUserDataPlugin plugin in m_plugins)
{
plugin.AddTemporaryUserProfile(userProfile);
}
}
public virtual UserProfileData GetUserProfile(string fname, string lname)
{
foreach (IUserDataPlugin plugin in m_plugins)
{
UserProfileData profile = plugin.GetUserByName(fname, lname);
if (profile != null)
{
profile.CurrentAgent = GetUserAgent(profile.ID);
return profile;
}
}
return null;
}
public void LogoutUsers(UUID regionID)
{
foreach (IUserDataPlugin plugin in m_plugins)
{
plugin.LogoutUsers(regionID);
}
}
public void ResetAttachments(UUID userID)
{
foreach (IUserDataPlugin plugin in m_plugins)
{
plugin.ResetAttachments(userID);
}
}
public UserProfileData GetUserProfile(Uri uri)
{
foreach (IUserDataPlugin plugin in m_plugins)
{
UserProfileData profile = plugin.GetUserByUri(uri);
if (null != profile)
return profile;
}
return null;
}
public virtual UserAgentData GetAgentByUUID(UUID userId)
{
foreach (IUserDataPlugin plugin in m_plugins)
{
UserAgentData agent = plugin.GetAgentByUUID(userId);
if (agent != null)
{
return agent;
}
}
return null;
}
public Uri GetUserUri(UserProfileData userProfile)
{
throw new NotImplementedException();
}
// see IUserService
public virtual UserProfileData GetUserProfile(UUID uuid)
{
foreach (IUserDataPlugin plugin in m_plugins)
{
UserProfileData profile = plugin.GetUserByUUID(uuid);
if (null != profile)
{
profile.CurrentAgent = GetUserAgent(profile.ID);
return profile;
}
}
return null;
}
public virtual List GenerateAgentPickerRequestResponse(UUID queryID, string query)
{
List allPickerList = new List();
foreach (IUserDataPlugin plugin in m_plugins)
{
try
{
List pickerList = plugin.GeneratePickerResults(queryID, query);
if (pickerList != null)
allPickerList.AddRange(pickerList);
}
catch (Exception)
{
m_log.Error(
"[USERSTORAGE]: Unable to generate AgentPickerData via " + plugin.Name + "(" + query + ")");
}
}
return allPickerList;
}
public virtual bool UpdateUserProfile(UserProfileData data)
{
bool result = false;
foreach (IUserDataPlugin plugin in m_plugins)
{
try
{
plugin.UpdateUserProfile(data);
result = true;
}
catch (Exception e)
{
m_log.ErrorFormat(
"[USERSTORAGE]: Unable to set user {0} {1} via {2}: {3}",
data.FirstName, data.SurName, plugin.Name, e.ToString());
}
}
return result;
}
#endregion
#region Get UserAgent
///
/// Loads a user agent by uuid (not called directly)
///
/// The agent's UUID
/// Agent profiles
public UserAgentData GetUserAgent(UUID uuid)
{
foreach (IUserDataPlugin plugin in m_plugins)
{
try
{
UserAgentData result = plugin.GetAgentByUUID(uuid);
if (result != null)
return result;
}
catch (Exception e)
{
m_log.Error("[USERSTORAGE]: Unable to find user via " + plugin.Name + "(" + e.ToString() + ")");
}
}
return null;
}
///
/// Loads a user agent by name (not called directly)
///
/// The agent's name
/// A user agent
public UserAgentData GetUserAgent(string name)
{
foreach (IUserDataPlugin plugin in m_plugins)
{
try
{
UserAgentData result = plugin.GetAgentByName(name);
if (result != null)
return result;
}
catch (Exception e)
{
m_log.Error("[USERSTORAGE]: Unable to find user via " + plugin.Name + "(" + e.ToString() + ")");
}
}
return null;
}
///
/// Loads a user agent by name (not called directly)
///
/// The agent's firstname
/// The agent's lastname
/// A user agent
public UserAgentData GetUserAgent(string fname, string lname)
{
foreach (IUserDataPlugin plugin in m_plugins)
{
try
{
UserAgentData result = plugin.GetAgentByName(fname, lname);
if (result != null)
return result;
}
catch (Exception e)
{
m_log.Error("[USERSTORAGE]: Unable to find user via " + plugin.Name + "(" + e.ToString() + ")");
}
}
return null;
}
public virtual List GetUserFriendList(UUID ownerID)
{
List allFriends = new List();
foreach (IUserDataPlugin plugin in m_plugins)
{
try
{
List friends = plugin.GetUserFriendList(ownerID);
if (friends != null)
allFriends.AddRange(friends);
}
catch (Exception e)
{
m_log.Error("[USERSTORAGE]: Unable to GetUserFriendList via " + plugin.Name + "(" + e.ToString() + ")");
}
}
return allFriends;
}
public virtual Dictionary GetFriendRegionInfos (List uuids)
{
//Dictionary allFriendRegions = new Dictionary();
foreach (IUserDataPlugin plugin in m_plugins)
{
try
{
Dictionary friendRegions = plugin.GetFriendRegionInfos(uuids);
if (friendRegions != null)
return friendRegions;
}
catch (Exception e)
{
m_log.Error("[USERSTORAGE]: Unable to GetFriendRegionInfos via " + plugin.Name + "(" + e.ToString() + ")");
}
}
return new Dictionary();
}
public void StoreWebLoginKey(UUID agentID, UUID webLoginKey)
{
foreach (IUserDataPlugin plugin in m_plugins)
{
try
{
plugin.StoreWebLoginKey(agentID, webLoginKey);
}
catch (Exception e)
{
m_log.Error("[USERSTORAGE]: Unable to Store WebLoginKey via " + plugin.Name + "(" + e.ToString() + ")");
}
}
}
public virtual void AddNewUserFriend(UUID friendlistowner, UUID friend, uint perms)
{
foreach (IUserDataPlugin plugin in m_plugins)
{
try
{
plugin.AddNewUserFriend(friendlistowner, friend, perms);
}
catch (Exception e)
{
m_log.Error("[USERSTORAGE]: Unable to AddNewUserFriend via " + plugin.Name + "(" + e.ToString() + ")");
}
}
}
public virtual void RemoveUserFriend(UUID friendlistowner, UUID friend)
{
foreach (IUserDataPlugin plugin in m_plugins)
{
try
{
plugin.RemoveUserFriend(friendlistowner, friend);
}
catch (Exception e)
{
m_log.Error("[USERSTORAGE]: Unable to RemoveUserFriend via " + plugin.Name + "(" + e.ToString() + ")");
}
}
}
public virtual void UpdateUserFriendPerms(UUID friendlistowner, UUID friend, uint perms)
{
foreach (IUserDataPlugin plugin in m_plugins)
{
try
{
plugin.UpdateUserFriendPerms(friendlistowner, friend, perms);
}
catch (Exception e)
{
m_log.Error("[USERSTORAGE]: Unable to UpdateUserFriendPerms via " + plugin.Name + "(" + e.ToString() + ")");
}
}
}
///
/// Resets the currentAgent in the user profile
///
/// The agent's ID
public virtual void ClearUserAgent(UUID agentID)
{
UserProfileData profile = GetUserProfile(agentID);
if (profile == null)
{
return;
}
profile.CurrentAgent = null;
UpdateUserProfile(profile);
}
#endregion
#region CreateAgent
///
/// Creates and initialises a new user agent - make sure to use CommitAgent when done to submit to the DB
///
/// The users profile
/// The users loginrequest
public void CreateAgent(UserProfileData profile, XmlRpcRequest request)
{
//m_log.DebugFormat("[USER MANAGER]: Creating agent {0} {1}", profile.Name, profile.ID);
UserAgentData agent = new UserAgentData();
// User connection
agent.AgentOnline = true;
if (request.Params.Count > 1)
{
if (request.Params[1] != null)
{
IPEndPoint RemoteIPEndPoint = (IPEndPoint)request.Params[1];
agent.AgentIP = RemoteIPEndPoint.Address.ToString();
agent.AgentPort = (uint)RemoteIPEndPoint.Port;
}
}
// Generate sessions
RNGCryptoServiceProvider rand = new RNGCryptoServiceProvider();
byte[] randDataS = new byte[16];
byte[] randDataSS = new byte[16];
rand.GetBytes(randDataS);
rand.GetBytes(randDataSS);
agent.SecureSessionID = new UUID(randDataSS, 0);
agent.SessionID = new UUID(randDataS, 0);
// Profile UUID
agent.ProfileID = profile.ID;
// Current location/position/alignment
if (profile.CurrentAgent != null)
{
agent.Region = profile.CurrentAgent.Region;
agent.Handle = profile.CurrentAgent.Handle;
agent.Position = profile.CurrentAgent.Position;
agent.LookAt = profile.CurrentAgent.LookAt;
}
else
{
agent.Region = profile.HomeRegionID;
agent.Handle = profile.HomeRegion;
agent.Position = profile.HomeLocation;
agent.LookAt = profile.HomeLookAt;
}
// What time did the user login?
agent.LoginTime = Util.UnixTimeSinceEpoch();
agent.LogoutTime = 0;
profile.CurrentAgent = agent;
}
public void CreateAgent(UserProfileData profile, OSD request)
{
//m_log.DebugFormat("[USER MANAGER]: Creating agent {0} {1}", profile.Name, profile.ID);
UserAgentData agent = new UserAgentData();
// User connection
agent.AgentOnline = true;
//if (request.Params.Count > 1)
//{
// IPEndPoint RemoteIPEndPoint = (IPEndPoint)request.Params[1];
// agent.AgentIP = RemoteIPEndPoint.Address.ToString();
// agent.AgentPort = (uint)RemoteIPEndPoint.Port;
//}
// Generate sessions
RNGCryptoServiceProvider rand = new RNGCryptoServiceProvider();
byte[] randDataS = new byte[16];
byte[] randDataSS = new byte[16];
rand.GetBytes(randDataS);
rand.GetBytes(randDataSS);
agent.SecureSessionID = new UUID(randDataSS, 0);
agent.SessionID = new UUID(randDataS, 0);
// Profile UUID
agent.ProfileID = profile.ID;
// Current location/position/alignment
if (profile.CurrentAgent != null)
{
agent.Region = profile.CurrentAgent.Region;
agent.Handle = profile.CurrentAgent.Handle;
agent.Position = profile.CurrentAgent.Position;
agent.LookAt = profile.CurrentAgent.LookAt;
}
else
{
agent.Region = profile.HomeRegionID;
agent.Handle = profile.HomeRegion;
agent.Position = profile.HomeLocation;
agent.LookAt = profile.HomeLookAt;
}
// What time did the user login?
agent.LoginTime = Util.UnixTimeSinceEpoch();
agent.LogoutTime = 0;
profile.CurrentAgent = agent;
}
///
/// Saves a target agent to the database
///
/// The users profile
/// Successful?
public bool CommitAgent(ref UserProfileData profile)
{
//m_log.DebugFormat("[USER MANAGER]: Committing agent {0} {1}", profile.Name, profile.ID);
// TODO: how is this function different from setUserProfile? -> Add AddUserAgent() here and commit both tables "users" and "agents"
// TODO: what is the logic should be?
bool ret = false;
ret = AddUserAgent(profile.CurrentAgent);
ret = ret & UpdateUserProfile(profile);
return ret;
}
///
/// Process a user logoff from OpenSim.
///
///
///
///
///
///
public virtual void LogOffUser(UUID userid, UUID regionid, ulong regionhandle, Vector3 position, Vector3 lookat)
{
if (StatsManager.UserStats != null)
StatsManager.UserStats.AddLogout();
UserProfileData userProfile = GetUserProfile(userid);
if (userProfile != null)
{
UserAgentData userAgent = userProfile.CurrentAgent;
if (userAgent != null)
{
userAgent.AgentOnline = false;
userAgent.LogoutTime = Util.UnixTimeSinceEpoch();
//userAgent.sessionID = UUID.Zero;
if (regionid != UUID.Zero)
{
userAgent.Region = regionid;
}
userAgent.Handle = regionhandle;
userAgent.Position = position;
userAgent.LookAt = lookat;
//userProfile.CurrentAgent = userAgent;
userProfile.LastLogin = userAgent.LogoutTime;
CommitAgent(ref userProfile);
}
else
{
// If currentagent is null, we can't reference it here or the UserServer crashes!
m_log.Info("[LOGOUT]: didn't save logout position: " + userid.ToString());
}
}
else
{
m_log.Warn("[LOGOUT]: Unknown User logged out");
}
}
public void LogOffUser(UUID userid, UUID regionid, ulong regionhandle, float posx, float posy, float posz)
{
LogOffUser(userid, regionid, regionhandle, new Vector3(posx, posy, posz), new Vector3());
}
#endregion
///
/// Add a new user
///
/// first name
/// last name
/// password
/// email
/// location X
/// location Y
/// The UUID of the created user profile. On failure, returns UUID.Zero
public virtual UUID AddUser(string firstName, string lastName, string password, string email, uint regX, uint regY)
{
return AddUser(firstName, lastName, password, email, regX, regY, UUID.Random());
}
///
/// Add a new user
///
/// first name
/// last name
/// password
/// email
/// location X
/// location Y
/// UUID of avatar.
/// The UUID of the created user profile. On failure, returns UUID.Zero
public virtual UUID AddUser(
string firstName, string lastName, string password, string email, uint regX, uint regY, UUID SetUUID)
{
UserProfileData user = new UserProfileData();
user.PasswordSalt = Util.Md5Hash(UUID.Random().ToString());
string md5PasswdHash = Util.Md5Hash(Util.Md5Hash(password) + ":" + user.PasswordSalt);
user.HomeLocation = new Vector3(128, 128, 100);
user.ID = SetUUID;
user.FirstName = firstName;
user.SurName = lastName;
user.PasswordHash = md5PasswdHash;
user.Created = Util.UnixTimeSinceEpoch();
user.HomeLookAt = new Vector3(100, 100, 100);
user.HomeRegionX = regX;
user.HomeRegionY = regY;
user.Email = email;
foreach (IUserDataPlugin plugin in m_plugins)
{
try
{
plugin.AddNewUserProfile(user);
}
catch (Exception e)
{
m_log.Error("[USERSTORAGE]: Unable to add user via " + plugin.Name + "(" + e.ToString() + ")");
}
}
UserProfileData userProf = GetUserProfile(firstName, lastName);
if (userProf == null)
{
return UUID.Zero;
}
else
{
//
// WARNING: This is a horrible hack
// The purpose here is to avoid touching the user server at this point.
// There are dragons there that I can't deal with right now.
// diva 06/09/09
//
if (m_InventoryService != null)
{
// local service (standalone)
m_log.Debug("[USERSTORAGE]: using IInventoryService to create user's inventory");
m_InventoryService.CreateUserInventory(userProf.ID);
}
else if (m_commsManager.InterServiceInventoryService != null)
{
// used by the user server
m_log.Debug("[USERSTORAGE]: using m_commsManager.InterServiceInventoryService to create user's inventory");
m_commsManager.InterServiceInventoryService.CreateNewUserInventory(userProf.ID);
}
return userProf.ID;
}
}
///
/// Reset a user password.
///
///
///
///
/// true if the update was successful, false otherwise
public virtual bool ResetUserPassword(string firstName, string lastName, string newPassword)
{
string md5PasswdHash = Util.Md5Hash(Util.Md5Hash(newPassword) + ":" + String.Empty);
UserProfileData profile = GetUserProfile(firstName, lastName);
if (null == profile)
{
m_log.ErrorFormat("[USERSTORAGE]: Could not find user {0} {1}", firstName, lastName);
return false;
}
profile.PasswordHash = md5PasswdHash;
profile.PasswordSalt = String.Empty;
UpdateUserProfile(profile);
return true;
}
public abstract UserProfileData SetupMasterUser(string firstName, string lastName);
public abstract UserProfileData SetupMasterUser(string firstName, string lastName, string password);
public abstract UserProfileData SetupMasterUser(UUID uuid);
///
/// Add an agent using data plugins.
///
/// The agent data to be added
///
/// true if at least one plugin added the user agent. false if no plugin successfully added the agent
///
public virtual bool AddUserAgent(UserAgentData agentdata)
{
bool result = false;
foreach (IUserDataPlugin plugin in m_plugins)
{
try
{
plugin.AddNewUserAgent(agentdata);
result = true;
}
catch (Exception e)
{
m_log.Error("[USERSTORAGE]: Unable to add agent via " + plugin.Name + "(" + e.ToString() + ")");
}
}
return result;
}
///
/// Get avatar appearance information
///
///
///
public virtual AvatarAppearance GetUserAppearance(UUID user)
{
foreach (IUserDataPlugin plugin in m_plugins)
{
try
{
AvatarAppearance appearance = plugin.GetUserAppearance(user);
if (appearance != null)
return appearance;
}
catch (Exception e)
{
m_log.ErrorFormat("[USERSTORAGE]: Unable to find user appearance {0} via {1} ({2})", user.ToString(), plugin.Name, e.ToString());
}
}
return null;
}
public virtual void UpdateUserAppearance(UUID user, AvatarAppearance appearance)
{
foreach (IUserDataPlugin plugin in m_plugins)
{
try
{
plugin.UpdateUserAppearance(user, appearance);
}
catch (Exception e)
{
m_log.ErrorFormat("[USERSTORAGE]: Unable to update user appearance {0} via {1} ({2})", user.ToString(), plugin.Name, e.ToString());
}
}
}
#region IAuthentication
protected Dictionary> m_userKeys = new Dictionary>();
///
/// This generates authorization keys in the form
/// http://userserver/uuid
/// after verifying that the caller is, indeed, authorized to request a key
///
/// URL of the user server
/// The user ID requesting the new key
/// The original authorization token for that user, obtained during login
///
public string GetNewKey(string url, UUID userID, UUID authToken)
{
UserProfileData profile = GetUserProfile(userID);
string newKey = string.Empty;
if (!url.EndsWith("/"))
url = url + "/";
if (profile != null)
{
// I'm overloading webloginkey for this, so that no changes are needed in the DB
// The uses of webloginkey are fairly mutually exclusive
if (profile.WebLoginKey.Equals(authToken))
{
newKey = UUID.Random().ToString();
List keys;
lock (m_userKeys)
{
if (m_userKeys.ContainsKey(userID))
{
keys = m_userKeys[userID];
}
else
{
keys = new List();
m_userKeys.Add(userID, keys);
}
keys.Add(newKey);
}
m_log.InfoFormat("[USERAUTH]: Successfully generated new auth key for user {0}", userID);
}
else
m_log.Warn("[USERAUTH]: Unauthorized key generation request. Denying new key.");
}
else
m_log.Warn("[USERAUTH]: User not found.");
return url + newKey;
}
///
/// This verifies the uuid portion of the key given out by GenerateKey
///
///
///
///
public bool VerifyKey(UUID userID, string key)
{
lock (m_userKeys)
{
if (m_userKeys.ContainsKey(userID))
{
List keys = m_userKeys[userID];
if (keys.Contains(key))
{
// Keys are one-time only, so remove it
keys.Remove(key);
return true;
}
return false;
}
else
return false;
}
}
public virtual bool VerifySession(UUID userID, UUID sessionID)
{
UserProfileData userProfile = GetUserProfile(userID);
if (userProfile != null && userProfile.CurrentAgent != null)
{
m_log.DebugFormat(
"[USER AUTH]: Verifying session {0} for {1}; current session {2}",
sessionID, userID, userProfile.CurrentAgent.SessionID);
if (userProfile.CurrentAgent.SessionID == sessionID)
{
return true;
}
}
return false;
}
public virtual bool AuthenticateUserByPassword(UUID userID, string password)
{
// m_log.DebugFormat("[USER AUTH]: Authenticating user {0} given password {1}", userID, password);
UserProfileData userProfile = GetUserProfile(userID);
if (null == userProfile)
return false;
string md5PasswordHash = Util.Md5Hash(Util.Md5Hash(password) + ":" + userProfile.PasswordSalt);
// m_log.DebugFormat(
// "[USER AUTH]: Submitted hash {0}, stored hash {1}", md5PasswordHash, userProfile.PasswordHash);
if (md5PasswordHash == userProfile.PasswordHash)
return true;
else
return false;
}
#endregion
}
}