/* * Copyright (c) Contributors, http://opensimulator.org/ * See CONTRIBUTORS.TXT for a full list of copyright holders. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are met: * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * Neither the name of the OpenSimulator Project nor the * names of its contributors may be used to endorse or promote products * derived from this software without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ using System; using System.Collections.Generic; using System.Net; using System.Reflection; using System.Security.Cryptography; using log4net; using Nwc.XmlRpc; using OpenMetaverse; using OpenMetaverse.StructuredData; using OpenSim.Data; using OpenSim.Framework.Communications; using OpenSim.Framework.Statistics; using OpenSim.Services.Interfaces; namespace OpenSim.Framework.Communications { /// /// Base class for user management (create, read, etc) /// public abstract class UserManagerBase : IUserService, IUserAdminService, IAvatarService, IMessagingService, IAuthentication { private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); /// /// List of plugins to search for user data /// private List m_plugins = new List(); protected CommunicationsManager m_commsManager; protected IInventoryService m_InventoryService; /// /// Constructor /// /// public UserManagerBase(CommunicationsManager commsManager) { m_commsManager = commsManager; } public virtual void SetInventoryService(IInventoryService invService) { m_InventoryService = invService; } /// /// Add a new user data plugin - plugins will be requested in the order they were added. /// /// The plugin that will provide user data public void AddPlugin(IUserDataPlugin plugin) { m_plugins.Add(plugin); } /// /// Adds a list of user data plugins, as described by `provider' and /// `connect', to `_plugins'. /// /// /// The filename of the inventory server plugin DLL. /// /// /// The connection string for the storage backend. /// public void AddPlugin(string provider, string connect) { m_plugins.AddRange(DataPluginFactory.LoadDataPlugins(provider, connect)); } #region UserProfile public virtual void AddTemporaryUserProfile(UserProfileData userProfile) { foreach (IUserDataPlugin plugin in m_plugins) { plugin.AddTemporaryUserProfile(userProfile); } } public virtual UserProfileData GetUserProfile(string fname, string lname) { foreach (IUserDataPlugin plugin in m_plugins) { UserProfileData profile = plugin.GetUserByName(fname, lname); if (profile != null) { profile.CurrentAgent = GetUserAgent(profile.ID); return profile; } } return null; } public void LogoutUsers(UUID regionID) { foreach (IUserDataPlugin plugin in m_plugins) { plugin.LogoutUsers(regionID); } } public void ResetAttachments(UUID userID) { foreach (IUserDataPlugin plugin in m_plugins) { plugin.ResetAttachments(userID); } } public UserProfileData GetUserProfile(Uri uri) { foreach (IUserDataPlugin plugin in m_plugins) { UserProfileData profile = plugin.GetUserByUri(uri); if (null != profile) return profile; } return null; } public virtual UserAgentData GetAgentByUUID(UUID userId) { foreach (IUserDataPlugin plugin in m_plugins) { UserAgentData agent = plugin.GetAgentByUUID(userId); if (agent != null) { return agent; } } return null; } public Uri GetUserUri(UserProfileData userProfile) { throw new NotImplementedException(); } // see IUserService public virtual UserProfileData GetUserProfile(UUID uuid) { foreach (IUserDataPlugin plugin in m_plugins) { UserProfileData profile = plugin.GetUserByUUID(uuid); if (null != profile) { profile.CurrentAgent = GetUserAgent(profile.ID); return profile; } } return null; } public virtual List GenerateAgentPickerRequestResponse(UUID queryID, string query) { List allPickerList = new List(); foreach (IUserDataPlugin plugin in m_plugins) { try { List pickerList = plugin.GeneratePickerResults(queryID, query); if (pickerList != null) allPickerList.AddRange(pickerList); } catch (Exception) { m_log.Error( "[USERSTORAGE]: Unable to generate AgentPickerData via " + plugin.Name + "(" + query + ")"); } } return allPickerList; } public virtual bool UpdateUserProfile(UserProfileData data) { bool result = false; foreach (IUserDataPlugin plugin in m_plugins) { try { plugin.UpdateUserProfile(data); result = true; } catch (Exception e) { m_log.ErrorFormat( "[USERSTORAGE]: Unable to set user {0} {1} via {2}: {3}", data.FirstName, data.SurName, plugin.Name, e.ToString()); } } return result; } #endregion #region Get UserAgent /// /// Loads a user agent by uuid (not called directly) /// /// The agent's UUID /// Agent profiles public UserAgentData GetUserAgent(UUID uuid) { foreach (IUserDataPlugin plugin in m_plugins) { try { UserAgentData result = plugin.GetAgentByUUID(uuid); if (result != null) return result; } catch (Exception e) { m_log.Error("[USERSTORAGE]: Unable to find user via " + plugin.Name + "(" + e.ToString() + ")"); } } return null; } /// /// Loads a user agent by name (not called directly) /// /// The agent's name /// A user agent public UserAgentData GetUserAgent(string name) { foreach (IUserDataPlugin plugin in m_plugins) { try { UserAgentData result = plugin.GetAgentByName(name); if (result != null) return result; } catch (Exception e) { m_log.Error("[USERSTORAGE]: Unable to find user via " + plugin.Name + "(" + e.ToString() + ")"); } } return null; } /// /// Loads a user agent by name (not called directly) /// /// The agent's firstname /// The agent's lastname /// A user agent public UserAgentData GetUserAgent(string fname, string lname) { foreach (IUserDataPlugin plugin in m_plugins) { try { UserAgentData result = plugin.GetAgentByName(fname, lname); if (result != null) return result; } catch (Exception e) { m_log.Error("[USERSTORAGE]: Unable to find user via " + plugin.Name + "(" + e.ToString() + ")"); } } return null; } public virtual List GetUserFriendList(UUID ownerID) { List allFriends = new List(); foreach (IUserDataPlugin plugin in m_plugins) { try { List friends = plugin.GetUserFriendList(ownerID); if (friends != null) allFriends.AddRange(friends); } catch (Exception e) { m_log.Error("[USERSTORAGE]: Unable to GetUserFriendList via " + plugin.Name + "(" + e.ToString() + ")"); } } return allFriends; } public virtual Dictionary GetFriendRegionInfos (List uuids) { //Dictionary allFriendRegions = new Dictionary(); foreach (IUserDataPlugin plugin in m_plugins) { try { Dictionary friendRegions = plugin.GetFriendRegionInfos(uuids); if (friendRegions != null) return friendRegions; } catch (Exception e) { m_log.Error("[USERSTORAGE]: Unable to GetFriendRegionInfos via " + plugin.Name + "(" + e.ToString() + ")"); } } return new Dictionary(); } public void StoreWebLoginKey(UUID agentID, UUID webLoginKey) { foreach (IUserDataPlugin plugin in m_plugins) { try { plugin.StoreWebLoginKey(agentID, webLoginKey); } catch (Exception e) { m_log.Error("[USERSTORAGE]: Unable to Store WebLoginKey via " + plugin.Name + "(" + e.ToString() + ")"); } } } public virtual void AddNewUserFriend(UUID friendlistowner, UUID friend, uint perms) { foreach (IUserDataPlugin plugin in m_plugins) { try { plugin.AddNewUserFriend(friendlistowner, friend, perms); } catch (Exception e) { m_log.Error("[USERSTORAGE]: Unable to AddNewUserFriend via " + plugin.Name + "(" + e.ToString() + ")"); } } } public virtual void RemoveUserFriend(UUID friendlistowner, UUID friend) { foreach (IUserDataPlugin plugin in m_plugins) { try { plugin.RemoveUserFriend(friendlistowner, friend); } catch (Exception e) { m_log.Error("[USERSTORAGE]: Unable to RemoveUserFriend via " + plugin.Name + "(" + e.ToString() + ")"); } } } public virtual void UpdateUserFriendPerms(UUID friendlistowner, UUID friend, uint perms) { foreach (IUserDataPlugin plugin in m_plugins) { try { plugin.UpdateUserFriendPerms(friendlistowner, friend, perms); } catch (Exception e) { m_log.Error("[USERSTORAGE]: Unable to UpdateUserFriendPerms via " + plugin.Name + "(" + e.ToString() + ")"); } } } /// /// Resets the currentAgent in the user profile /// /// The agent's ID public virtual void ClearUserAgent(UUID agentID) { UserProfileData profile = GetUserProfile(agentID); if (profile == null) { return; } profile.CurrentAgent = null; UpdateUserProfile(profile); } #endregion #region CreateAgent /// /// Creates and initialises a new user agent - make sure to use CommitAgent when done to submit to the DB /// /// The users profile /// The users loginrequest public void CreateAgent(UserProfileData profile, XmlRpcRequest request) { //m_log.DebugFormat("[USER MANAGER]: Creating agent {0} {1}", profile.Name, profile.ID); UserAgentData agent = new UserAgentData(); // User connection agent.AgentOnline = true; if (request.Params.Count > 1) { if (request.Params[1] != null) { IPEndPoint RemoteIPEndPoint = (IPEndPoint)request.Params[1]; agent.AgentIP = RemoteIPEndPoint.Address.ToString(); agent.AgentPort = (uint)RemoteIPEndPoint.Port; } } // Generate sessions RNGCryptoServiceProvider rand = new RNGCryptoServiceProvider(); byte[] randDataS = new byte[16]; byte[] randDataSS = new byte[16]; rand.GetBytes(randDataS); rand.GetBytes(randDataSS); agent.SecureSessionID = new UUID(randDataSS, 0); agent.SessionID = new UUID(randDataS, 0); // Profile UUID agent.ProfileID = profile.ID; // Current location/position/alignment if (profile.CurrentAgent != null) { agent.Region = profile.CurrentAgent.Region; agent.Handle = profile.CurrentAgent.Handle; agent.Position = profile.CurrentAgent.Position; agent.LookAt = profile.CurrentAgent.LookAt; } else { agent.Region = profile.HomeRegionID; agent.Handle = profile.HomeRegion; agent.Position = profile.HomeLocation; agent.LookAt = profile.HomeLookAt; } // What time did the user login? agent.LoginTime = Util.UnixTimeSinceEpoch(); agent.LogoutTime = 0; profile.CurrentAgent = agent; } public void CreateAgent(UserProfileData profile, OSD request) { //m_log.DebugFormat("[USER MANAGER]: Creating agent {0} {1}", profile.Name, profile.ID); UserAgentData agent = new UserAgentData(); // User connection agent.AgentOnline = true; //if (request.Params.Count > 1) //{ // IPEndPoint RemoteIPEndPoint = (IPEndPoint)request.Params[1]; // agent.AgentIP = RemoteIPEndPoint.Address.ToString(); // agent.AgentPort = (uint)RemoteIPEndPoint.Port; //} // Generate sessions RNGCryptoServiceProvider rand = new RNGCryptoServiceProvider(); byte[] randDataS = new byte[16]; byte[] randDataSS = new byte[16]; rand.GetBytes(randDataS); rand.GetBytes(randDataSS); agent.SecureSessionID = new UUID(randDataSS, 0); agent.SessionID = new UUID(randDataS, 0); // Profile UUID agent.ProfileID = profile.ID; // Current location/position/alignment if (profile.CurrentAgent != null) { agent.Region = profile.CurrentAgent.Region; agent.Handle = profile.CurrentAgent.Handle; agent.Position = profile.CurrentAgent.Position; agent.LookAt = profile.CurrentAgent.LookAt; } else { agent.Region = profile.HomeRegionID; agent.Handle = profile.HomeRegion; agent.Position = profile.HomeLocation; agent.LookAt = profile.HomeLookAt; } // What time did the user login? agent.LoginTime = Util.UnixTimeSinceEpoch(); agent.LogoutTime = 0; profile.CurrentAgent = agent; } /// /// Saves a target agent to the database /// /// The users profile /// Successful? public bool CommitAgent(ref UserProfileData profile) { //m_log.DebugFormat("[USER MANAGER]: Committing agent {0} {1}", profile.Name, profile.ID); // TODO: how is this function different from setUserProfile? -> Add AddUserAgent() here and commit both tables "users" and "agents" // TODO: what is the logic should be? bool ret = false; ret = AddUserAgent(profile.CurrentAgent); ret = ret & UpdateUserProfile(profile); return ret; } /// /// Process a user logoff from OpenSim. /// /// /// /// /// /// public virtual void LogOffUser(UUID userid, UUID regionid, ulong regionhandle, Vector3 position, Vector3 lookat) { if (StatsManager.UserStats != null) StatsManager.UserStats.AddLogout(); UserProfileData userProfile = GetUserProfile(userid); if (userProfile != null) { UserAgentData userAgent = userProfile.CurrentAgent; if (userAgent != null) { userAgent.AgentOnline = false; userAgent.LogoutTime = Util.UnixTimeSinceEpoch(); //userAgent.sessionID = UUID.Zero; if (regionid != UUID.Zero) { userAgent.Region = regionid; } userAgent.Handle = regionhandle; userAgent.Position = position; userAgent.LookAt = lookat; //userProfile.CurrentAgent = userAgent; userProfile.LastLogin = userAgent.LogoutTime; CommitAgent(ref userProfile); } else { // If currentagent is null, we can't reference it here or the UserServer crashes! m_log.Info("[LOGOUT]: didn't save logout position: " + userid.ToString()); } } else { m_log.Warn("[LOGOUT]: Unknown User logged out"); } } public void LogOffUser(UUID userid, UUID regionid, ulong regionhandle, float posx, float posy, float posz) { LogOffUser(userid, regionid, regionhandle, new Vector3(posx, posy, posz), new Vector3()); } #endregion /// /// Add a new user /// /// first name /// last name /// password /// email /// location X /// location Y /// The UUID of the created user profile. On failure, returns UUID.Zero public virtual UUID AddUser(string firstName, string lastName, string password, string email, uint regX, uint regY) { return AddUser(firstName, lastName, password, email, regX, regY, UUID.Random()); } /// /// Add a new user /// /// first name /// last name /// password /// email /// location X /// location Y /// UUID of avatar. /// The UUID of the created user profile. On failure, returns UUID.Zero public virtual UUID AddUser( string firstName, string lastName, string password, string email, uint regX, uint regY, UUID SetUUID) { string md5PasswdHash = Util.Md5Hash(Util.Md5Hash(password) + ":" + String.Empty); UserProfileData user = new UserProfileData(); user.HomeLocation = new Vector3(128, 128, 100); user.ID = SetUUID; user.FirstName = firstName; user.SurName = lastName; user.PasswordHash = md5PasswdHash; user.PasswordSalt = String.Empty; user.Created = Util.UnixTimeSinceEpoch(); user.HomeLookAt = new Vector3(100, 100, 100); user.HomeRegionX = regX; user.HomeRegionY = regY; user.Email = email; foreach (IUserDataPlugin plugin in m_plugins) { try { plugin.AddNewUserProfile(user); } catch (Exception e) { m_log.Error("[USERSTORAGE]: Unable to add user via " + plugin.Name + "(" + e.ToString() + ")"); } } UserProfileData userProf = GetUserProfile(firstName, lastName); if (userProf == null) { return UUID.Zero; } else { // // WARNING: This is a horrible hack // The purpose here is to avoid touching the user server at this point. // There are dragons there that I can't deal with right now. // diva 06/09/09 // if (m_InventoryService != null) { // local service (standalone) m_log.Debug("[USERSTORAGE]: using IInventoryService to create user's inventory"); m_InventoryService.CreateUserInventory(userProf.ID); InventoryFolderBase rootfolder = m_InventoryService.GetRootFolder(userProf.ID); if (rootfolder != null) userProf.RootInventoryFolderID = rootfolder.ID; } else { // used by the user server m_log.Debug("[USERSTORAGE]: using m_commsManager.InterServiceInventoryService to create user's inventory"); m_commsManager.InterServiceInventoryService.CreateNewUserInventory(userProf.ID); } return userProf.ID; } } /// /// Reset a user password. /// /// /// /// /// true if the update was successful, false otherwise public virtual bool ResetUserPassword(string firstName, string lastName, string newPassword) { string md5PasswdHash = Util.Md5Hash(Util.Md5Hash(newPassword) + ":" + String.Empty); UserProfileData profile = GetUserProfile(firstName, lastName); if (null == profile) { m_log.ErrorFormat("[USERSTORAGE]: Could not find user {0} {1}", firstName, lastName); return false; } profile.PasswordHash = md5PasswdHash; profile.PasswordSalt = String.Empty; UpdateUserProfile(profile); return true; } public abstract UserProfileData SetupMasterUser(string firstName, string lastName); public abstract UserProfileData SetupMasterUser(string firstName, string lastName, string password); public abstract UserProfileData SetupMasterUser(UUID uuid); /// /// Add an agent using data plugins. /// /// The agent data to be added /// /// true if at least one plugin added the user agent. false if no plugin successfully added the agent /// public virtual bool AddUserAgent(UserAgentData agentdata) { bool result = false; foreach (IUserDataPlugin plugin in m_plugins) { try { plugin.AddNewUserAgent(agentdata); result = true; } catch (Exception e) { m_log.Error("[USERSTORAGE]: Unable to add agent via " + plugin.Name + "(" + e.ToString() + ")"); } } return result; } /// /// Get avatar appearance information /// /// /// public virtual AvatarAppearance GetUserAppearance(UUID user) { foreach (IUserDataPlugin plugin in m_plugins) { try { AvatarAppearance appearance = plugin.GetUserAppearance(user); if (appearance != null) return appearance; } catch (Exception e) { m_log.ErrorFormat("[USERSTORAGE]: Unable to find user appearance {0} via {1} ({2})", user.ToString(), plugin.Name, e.ToString()); } } return null; } public virtual void UpdateUserAppearance(UUID user, AvatarAppearance appearance) { foreach (IUserDataPlugin plugin in m_plugins) { try { plugin.UpdateUserAppearance(user, appearance); } catch (Exception e) { m_log.ErrorFormat("[USERSTORAGE]: Unable to update user appearance {0} via {1} ({2})", user.ToString(), plugin.Name, e.ToString()); } } } #region IAuthentication protected Dictionary> m_userKeys = new Dictionary>(); /// /// This generates authorization keys in the form /// http://userserver/uuid /// after verifying that the caller is, indeed, authorized to request a key /// /// URL of the user server /// The user ID requesting the new key /// The original authorization token for that user, obtained during login /// public string GetNewKey(string url, UUID userID, UUID authToken) { UserProfileData profile = GetUserProfile(userID); string newKey = string.Empty; if (!url.EndsWith("/")) url = url + "/"; if (profile != null) { // I'm overloading webloginkey for this, so that no changes are needed in the DB // The uses of webloginkey are fairly mutually exclusive if (profile.WebLoginKey.Equals(authToken)) { newKey = UUID.Random().ToString(); List keys; lock (m_userKeys) { if (m_userKeys.ContainsKey(userID)) { keys = m_userKeys[userID]; } else { keys = new List(); m_userKeys.Add(userID, keys); } keys.Add(newKey); } m_log.InfoFormat("[USERAUTH]: Successfully generated new auth key for user {0}", userID); } else m_log.Warn("[USERAUTH]: Unauthorized key generation request. Denying new key."); } else m_log.Warn("[USERAUTH]: User not found."); return url + newKey; } /// /// This verifies the uuid portion of the key given out by GenerateKey /// /// /// /// public bool VerifyKey(UUID userID, string key) { lock (m_userKeys) { if (m_userKeys.ContainsKey(userID)) { List keys = m_userKeys[userID]; if (keys.Contains(key)) { // Keys are one-time only, so remove it keys.Remove(key); return true; } return false; } else return false; } } public virtual bool VerifySession(UUID userID, UUID sessionID) { UserProfileData userProfile = GetUserProfile(userID); if (userProfile != null && userProfile.CurrentAgent != null) { m_log.DebugFormat("[USER AUTH]: Verifying session {0} for {1}; current session {2}", sessionID, userID, userProfile.CurrentAgent.SessionID); if (userProfile.CurrentAgent.SessionID == sessionID) { return true; } } return false; } #endregion } }