Also check user authorization if looking to upgrade from a child to a root agent.

Relevant if a child agent has been allowed into the region which should not be upgraded to a root agent.
2013-08-27 00:35:33 +01:00 · 2013-08-27 00:35:33 +01:00 · 2e7f7c41a7
parent ed0ffae151
commit 2e7f7c41a7
1 changed files with 13 additions and 0 deletions
--- a/OpenSim/Region/Framework/Scenes/Scene.cs
+++ b/OpenSim/Region/Framework/Scenes/Scene.cs
@ -3855,6 +3855,19 @@ namespace OpenSim.Region.Framework.Scenes
                    // Let the SP know how we got here. This has a lot of interesting
                    // uses down the line.
                    sp.TeleportFlags = (TPFlags)teleportFlags;
+
+                    // We must carry out a further authorization check if there's an 
+                    // attempt to make a child agent into a root agent, since SeeIntoRegion may have allowed a child
+                    // agent to login to a region where a full avatar would not be allowed.
+                    //
+                    // We determine whether this is a CreateAgent for a future non-child agent by inspecting 
+                    // TeleportFlags, which will be default for a child connection.  This relies on input from the source
+                    // region.
+                    if (sp.TeleportFlags != TPFlags.Default)
+                    {
+                        if (!AuthorizeUser(acd, false, out reason))
+                            return false;
+                    }
    
                    if (sp.IsChildAgent)
                    {