OpenSim/Region/Environment/PermissionManager.cs


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108

using System.Collections.Generic;
using OpenSim.Framework;
using OpenSim.Framework.Types;
using OpenSim.Framework.Communications;
using OpenSim.Framework.Servers;
using OpenSim.Region.Capabilities;
using OpenSim.Region.Environment.Scenes;
using OpenSim.Region.Environment.LandManagement;

using libsecondlife;

namespace OpenSim.Region.Environment
{
    public class PermissionManager
    {
        protected Scene m_scene;

        public PermissionManager(Scene world)
        {
            m_scene = world;
        }

        protected virtual bool IsAdministrator(LLUUID user)
        {
            return m_scene.RegionInfo.MasterAvatarAssignedUUID == user;
        }

        protected virtual bool IsEstateManager(LLUUID user)
        {
            return false;
        }

        public virtual bool CanRezObject(LLUUID user, LLVector3 position)
        {
            return true;
        }

        /// <summary>
        /// Permissions check - can user delete an object?
        /// </summary>
        /// <param name="user">User attempting the delete</param>
        /// <param name="obj">Target object</param>
        /// <returns>Has permission?</returns>
        public virtual bool CanDeRezObject(LLUUID user, LLUUID obj)
        {
            // Default: deny
            bool canDeRez = false;

            // If it's not an object, we cant derez it.
            if (!(m_scene.Entities[obj] is SceneObject))
                return false;

            SceneObject task = (SceneObject)m_scene.Entities[obj];
            LLUUID taskOwner = null; // Since we dont have a 'owner' property on task yet

            // Object owners should be able to delete their own content
            if (user == taskOwner)
                canDeRez = true;

            // Users should be able to delete what is over their land.
            if (m_scene.LandManager.getLandObject(task.Pos.X, task.Pos.Y).landData.ownerID == user)
                canDeRez = true;

            // Estate users should be able to delete anything in the sim
            if (IsEstateManager(user))
                canDeRez = true;

            // Admin objects should not be deletable by the above
            if (IsAdministrator(taskOwner))
                canDeRez = false;

            // Admin should be able to delete anything in the sim (including admin objects)
            if (IsAdministrator(user))
                canDeRez = true;

            return canDeRez;
        }

        public virtual bool CanEditObject(LLUUID user, LLUUID obj)
        {
            // Permissions for editing fall into the same category as deleting
            // May need to add check for "no-mod" items.
            return CanDeRezObject(user, obj);
        }

        public virtual bool CanEditScript(LLUUID user, LLUUID script)
        {
            return false;
        }

        public virtual bool CanRunScript(LLUUID user, LLUUID script)
        {
            return false;
        }

        public virtual bool CanReturnObject(LLUUID user, LLUUID obj)
        {
            // Same category as deleting, but eventually will need seperate check
            // as sometimes it's better to allow returning only.
            return CanDeRezObject(user, obj);
        }

        public virtual bool CanTerraform(LLUUID user, LLUUID position)
        {
            return false;
        }
    }
}