diff --git a/OpenSim/Region/CoreModules/Framework/EntityTransfer/EntityTransferModule.cs b/OpenSim/Region/CoreModules/Framework/EntityTransfer/EntityTransferModule.cs
index eb150d9d3f..4bf2477aa6 100644
--- a/OpenSim/Region/CoreModules/Framework/EntityTransfer/EntityTransferModule.cs
+++ b/OpenSim/Region/CoreModules/Framework/EntityTransfer/EntityTransferModule.cs
@@ -281,6 +281,12 @@ namespace OpenSim.Region.CoreModules.Framework.EntityTransfer
return;
}
+ if (!m_aScene.SimulationService.QueryAccess(finalDestination, sp.ControllingClient.AgentId))
+ {
+ sp.ControllingClient.SendTeleportFailed("The destination region has refused access");
+ return;
+ }
+
sp.ControllingClient.SendTeleportStart(teleportFlags);
// the avatar.Close below will clear the child region list. We need this below for (possibly)
diff --git a/OpenSim/Region/CoreModules/ServiceConnectorsOut/Simulation/LocalSimulationConnector.cs b/OpenSim/Region/CoreModules/ServiceConnectorsOut/Simulation/LocalSimulationConnector.cs
index 5be6486751..aaf7bf3331 100644
--- a/OpenSim/Region/CoreModules/ServiceConnectorsOut/Simulation/LocalSimulationConnector.cs
+++ b/OpenSim/Region/CoreModules/ServiceConnectorsOut/Simulation/LocalSimulationConnector.cs
@@ -264,13 +264,9 @@ namespace OpenSim.Region.CoreModules.ServiceConnectorsOut.Simulation
foreach (Scene s in m_sceneList)
{
- if (s.RegionInfo.RegionHandle == destination.RegionHandle)
- {
- //m_log.Debug("[LOCAL COMMS]: Found region to send QueryAccess");
+ if (s.RegionInfo.RegionID == destination.RegionID)
return s.QueryAccess(id);
- }
}
- //m_log.Debug("[LOCAL COMMS]: region not found for QueryAccess");
return false;
}
diff --git a/OpenSim/Region/Framework/Scenes/Scene.cs b/OpenSim/Region/Framework/Scenes/Scene.cs
index a4f630ab9d..fc4110b41e 100644
--- a/OpenSim/Region/Framework/Scenes/Scene.cs
+++ b/OpenSim/Region/Framework/Scenes/Scene.cs
@@ -3387,12 +3387,11 @@ namespace OpenSim.Region.Framework.Scenes
sp = null;
}
- ILandObject land = LandChannel.GetLandObject(agent.startpos.X, agent.startpos.Y);
//On login test land permisions
if (vialogin)
{
- if (land != null && !TestLandRestrictions(agent, land, out reason))
+ if (!TestLandRestrictions(agent.AgentID, out reason, ref agent.startpos.X, ref agent.startpos.Y))
{
m_log.DebugFormat("[CONNECTION BEGIN]: Denying access to {0} due to no land access", agent.AgentID.ToString());
return false;
@@ -3417,8 +3416,13 @@ namespace OpenSim.Region.Framework.Scenes
try
{
- if (!AuthorizeUser(agent, out reason))
- return false;
+ // Always check estate if this is a login. Always
+ // check if banned regions are to be blacked out.
+ if (vialogin || (!m_seeIntoBannedRegion))
+ {
+ if (!AuthorizeUser(agent.AgentID, out reason))
+ return false;
+ }
}
catch (Exception e)
{
@@ -3527,21 +3531,26 @@ namespace OpenSim.Region.Framework.Scenes
return true;
}
- private bool TestLandRestrictions(AgentCircuitData agent, ILandObject land, out string reason)
+ private bool TestLandRestrictions(UUID agentID, out string reason, ref float posX, ref float posY)
{
-
- bool banned = land.IsBannedFromLand(agent.AgentID);
- bool restricted = land.IsRestrictedFromLand(agent.AgentID);
+ reason = String.Empty;
+
+ ILandObject land = LandChannel.GetLandObject(posX, posY);
+ if (land == null)
+ return false;
+
+ bool banned = land.IsBannedFromLand(agentID);
+ bool restricted = land.IsRestrictedFromLand(agentID);
if (banned || restricted)
{
- ILandObject nearestParcel = GetNearestAllowedParcel(agent.AgentID, agent.startpos.X, agent.startpos.Y);
+ ILandObject nearestParcel = GetNearestAllowedParcel(agentID, posX, posY);
if (nearestParcel != null)
{
//Move agent to nearest allowed
Vector3 newPosition = GetParcelCenterAtGround(nearestParcel);
- agent.startpos.X = newPosition.X;
- agent.startpos.Y = newPosition.Y;
+ posX = newPosition.X;
+ posY = newPosition.Y;
}
else
{
@@ -3597,19 +3606,19 @@ namespace OpenSim.Region.Framework.Scenes
/// outputs the reason to this string
/// True if the region accepts this agent. False if it does not. False will
/// also return a reason.
- protected virtual bool AuthorizeUser(AgentCircuitData agent, out string reason)
+ protected virtual bool AuthorizeUser(UUID agentID, out string reason)
{
reason = String.Empty;
if (!m_strictAccessControl) return true;
- if (Permissions.IsGod(agent.AgentID)) return true;
+ if (Permissions.IsGod(agentID)) return true;
if (AuthorizationService != null)
{
- if (!AuthorizationService.IsAuthorizedForRegion(agent.AgentID.ToString(), RegionInfo.RegionID.ToString(),out reason))
+ if (!AuthorizationService.IsAuthorizedForRegion(agentID.ToString(), RegionInfo.RegionID.ToString(),out reason))
{
- m_log.WarnFormat("[CONNECTION BEGIN]: Denied access to: {0} ({1} {2}) at {3} because the user does not have access to the region",
- agent.AgentID, agent.firstname, agent.lastname, RegionInfo.RegionName);
+ m_log.WarnFormat("[CONNECTION BEGIN]: Denied access to: {0} at {1} because the user does not have access to the region",
+ agentID, RegionInfo.RegionName);
//reason = String.Format("You are not currently on the access list for {0}",RegionInfo.RegionName);
return false;
}
@@ -3617,10 +3626,10 @@ namespace OpenSim.Region.Framework.Scenes
if (m_regInfo.EstateSettings != null)
{
- if ((!m_seeIntoBannedRegion) && m_regInfo.EstateSettings.IsBanned(agent.AgentID))
+ if (m_regInfo.EstateSettings.IsBanned(agentID))
{
- m_log.WarnFormat("[CONNECTION BEGIN]: Denied access to: {0} ({1} {2}) at {3} because the user is on the banlist",
- agent.AgentID, agent.firstname, agent.lastname, RegionInfo.RegionName);
+ m_log.WarnFormat("[CONNECTION BEGIN]: Denied access to: {0} at {1} because the user is on the banlist",
+ agentID, RegionInfo.RegionName);
reason = String.Format("Denied access to region {0}: You have been banned from that region.",
RegionInfo.RegionName);
return false;
@@ -3637,7 +3646,7 @@ namespace OpenSim.Region.Framework.Scenes
if (groupsModule != null)
{
GroupMembershipData[] GroupMembership =
- groupsModule.GetMembershipData(agent.AgentID);
+ groupsModule.GetMembershipData(agentID);
if (GroupMembership != null)
{
@@ -3666,44 +3675,16 @@ namespace OpenSim.Region.Framework.Scenes
m_log.ErrorFormat("[CONNECTION BEGIN]: EstateGroups is null!");
if (!m_regInfo.EstateSettings.PublicAccess &&
- !m_regInfo.EstateSettings.HasAccess(agent.AgentID) &&
+ !m_regInfo.EstateSettings.HasAccess(agentID) &&
!groupAccess)
{
- m_log.WarnFormat("[CONNECTION BEGIN]: Denied access to: {0} ({1} {2}) at {3} because the user does not have access to the estate",
- agent.AgentID, agent.firstname, agent.lastname, RegionInfo.RegionName);
+ m_log.WarnFormat("[CONNECTION BEGIN]: Denied access to: {0} at {1} because the user does not have access to the estate",
+ agentID, RegionInfo.RegionName);
reason = String.Format("Denied access to private region {0}: You are not on the access list for that region.",
RegionInfo.RegionName);
return false;
}
- // TODO: estate/region settings are not properly hooked up
- // to ILandObject.isRestrictedFromLand()
- // if (null != LandChannel)
- // {
- // // region seems to have local Id of 1
- // ILandObject land = LandChannel.GetLandObject(1);
- // if (null != land)
- // {
- // if (land.isBannedFromLand(agent.AgentID))
- // {
- // m_log.WarnFormat("[CONNECTION BEGIN]: Denied access to: {0} ({1} {2}) at {3} because the user has been banned from land",
- // agent.AgentID, agent.firstname, agent.lastname, RegionInfo.RegionName);
- // reason = String.Format("Denied access to private region {0}: You are banned from that region.",
- // RegionInfo.RegionName);
- // return false;
- // }
-
- // if (land.isRestrictedFromLand(agent.AgentID))
- // {
- // m_log.WarnFormat("[CONNECTION BEGIN]: Denied access to: {0} ({1} {2}) at {3} because the user does not have access to the region",
- // agent.AgentID, agent.firstname, agent.lastname, RegionInfo.RegionName);
- // reason = String.Format("Denied access to private region {0}: You are not on the access list for that region.",
- // RegionInfo.RegionName);
- // return false;
- // }
- // }
- // }
-
return true;
}
@@ -5173,6 +5154,22 @@ namespace OpenSim.Region.Framework.Scenes
// child agent creation, thereby emulating the SL behavior.
public bool QueryAccess(UUID agentID)
{
+ string reason;
+
+ if (!AuthorizeUser(agentID, out reason))
+ {
+ m_log.DebugFormat("[SCENE]: Denying access for {0}", agentID);
+ return false;
+ }
+
+ float posX = 128.0f;
+ float posY = 128.0f;
+
+ if (!TestLandRestrictions(agentID, out reason, ref posX, ref posY))
+ {
+ m_log.DebugFormat("[SCENE]: Denying {0} because they are banned on all parcels", agentID);
+ return false;
+ }
return true;
}
}
diff --git a/OpenSim/Server/Handlers/Simulation/AgentHandlers.cs b/OpenSim/Server/Handlers/Simulation/AgentHandlers.cs
index 6d01f80418..89832f4354 100644
--- a/OpenSim/Server/Handlers/Simulation/AgentHandlers.cs
+++ b/OpenSim/Server/Handlers/Simulation/AgentHandlers.cs
@@ -115,7 +115,7 @@ namespace OpenSim.Server.Handlers.Simulation
DoChildAgentDelete(request, responsedata, agentID, action, regionID);
return responsedata;
}
- else if (method.Equals("QUERYACCESSS"))
+ else if (method.Equals("QUERYACCESS"))
{
DoQueryAccess(request, responsedata, agentID, regionID);
return responsedata;