From 31cec30aa0a589f622635c689b08c2e026898556 Mon Sep 17 00:00:00 2001 From: Teravus Ovares Date: Fri, 30 Nov 2007 04:54:15 +0000 Subject: [PATCH] * Extended our semi-stupid implementation of in world object permissions to show a user's client that it can't edit a prim if it doesn't have permission. * Permissions is due for a big revamp. The current way it's done is a hack at best. --- OpenSim/Region/Application/OpenSimMain.cs | 2 +- .../ClientStack/RegionApplicationBase.cs | 5 +- .../Region/Environment/PermissionManager.cs | 108 ++++++++++++++++++ OpenSim/Region/Environment/Scenes/Scene.cs | 19 ++- .../Environment/Scenes/SceneObjectPart.cs | 83 ++++++++++++-- OpenSim/Region/Examples/SimpleApp/Program.cs | 2 +- 6 files changed, 206 insertions(+), 13 deletions(-) diff --git a/OpenSim/Region/Application/OpenSimMain.cs b/OpenSim/Region/Application/OpenSimMain.cs index 5877aa651d..4ebe207883 100644 --- a/OpenSim/Region/Application/OpenSimMain.cs +++ b/OpenSim/Region/Application/OpenSimMain.cs @@ -344,7 +344,7 @@ namespace OpenSim public UDPServer CreateRegion(RegionInfo regionInfo) { UDPServer udpServer; - Scene scene = SetupScene(regionInfo, out udpServer); + Scene scene = SetupScene(regionInfo, out udpServer, m_permissions); MainLog.Instance.Verbose("MODULES", "Loading Region's Modules"); diff --git a/OpenSim/Region/ClientStack/RegionApplicationBase.cs b/OpenSim/Region/ClientStack/RegionApplicationBase.cs index 251601ff79..4c0c02dcc6 100644 --- a/OpenSim/Region/ClientStack/RegionApplicationBase.cs +++ b/OpenSim/Region/ClientStack/RegionApplicationBase.cs @@ -103,7 +103,7 @@ namespace OpenSim.Region.ClientStack return physicsPluginManager.GetPhysicsScene(engine, meshEngine); } - protected Scene SetupScene(RegionInfo regionInfo, out UDPServer udpServer) + protected Scene SetupScene(RegionInfo regionInfo, out UDPServer udpServer, bool m_permissions) { AgentCircuitManager circuitManager = new AgentCircuitManager(); udpServer = new UDPServer(regionInfo.InternalEndPoint.Port, m_assetCache, m_log, circuitManager); @@ -146,7 +146,8 @@ namespace OpenSim.Region.ClientStack } scene.LandManager.resetSimLandObjects(); - scene.LoadPrimsFromStorage(); + + scene.LoadPrimsFromStorage(m_permissions); scene.performParcelPrimCountUpdate(); scene.StartTimer(); diff --git a/OpenSim/Region/Environment/PermissionManager.cs b/OpenSim/Region/Environment/PermissionManager.cs index bcaa1bfd0f..9911792680 100644 --- a/OpenSim/Region/Environment/PermissionManager.cs +++ b/OpenSim/Region/Environment/PermissionManager.cs @@ -135,6 +135,114 @@ namespace OpenSim.Region.Environment #region Object Permissions + + public virtual bool AnyoneCanCopyPermission(LLUUID user, LLUUID objId) + { + + // Default: deny + bool permission = false; + + if (!m_scene.Entities.ContainsKey(objId)) + { + return false; + } + + // If it's not an object, we cant edit it. + if (!(m_scene.Entities[objId] is SceneObjectGroup)) + { + return false; + } + + SceneObjectGroup task = (SceneObjectGroup)m_scene.Entities[objId]; + LLUUID taskOwner = null; + // Added this because at this point in time it wouldn't be wise for + // the administrator object permissions to take effect. + LLUUID objectOwner = task.OwnerID; + uint objectflags = task.RootPart.EveryoneMask; + + // Object owners should be able to edit their own content + if (user == objectOwner) + permission = true; + + // If the 'anybody can move' flag is set then allow anyone to move it + if ((objectflags & (uint)LLObject.ObjectFlags.ObjectCopy ) != 0) + permission = true; + + // Users should be able to edit what is over their land. + if (m_scene.LandManager.getLandObject(task.AbsolutePosition.X, task.AbsolutePosition.Y).landData.ownerID == + user) + permission = true; + + // Estate users should be able to edit anything in the sim + if (IsEstateManager(user)) + permission = true; + + // Admin objects should not be editable by the above + if (IsAdministrator(taskOwner)) + permission = false; + + // Admin should be able to edit anything in the sim (including admin objects) + if (IsAdministrator(user)) + permission = true; + + return permission; + + } + + + public virtual bool AnyoneCanMovePermission(LLUUID user, LLUUID objId) + { + + // Default: deny + bool permission = false; + + if (!m_scene.Entities.ContainsKey(objId)) + { + return false; + } + + // If it's not an object, we cant edit it. + if (!(m_scene.Entities[objId] is SceneObjectGroup)) + { + return false; + } + + SceneObjectGroup task = (SceneObjectGroup)m_scene.Entities[objId]; + LLUUID taskOwner = null; + // Added this because at this point in time it wouldn't be wise for + // the administrator object permissions to take effect. + LLUUID objectOwner = task.OwnerID; + uint objectflags = task.RootPart.ObjectFlags; + + // Object owners should be able to edit their own content + if (user == objectOwner) + permission = true; + + // If the 'anybody can move' flag is set then allow anyone to move it + if ((objectflags & (uint)LLObject.ObjectFlags.ObjectMove) != 0) + permission = true; + + // Users should be able to edit what is over their land. + if (m_scene.LandManager.getLandObject(task.AbsolutePosition.X, task.AbsolutePosition.Y).landData.ownerID == + user) + permission = true; + + // Estate users should be able to edit anything in the sim + if (IsEstateManager(user)) + permission = true; + + // Admin objects should not be editable by the above + if (IsAdministrator(taskOwner)) + permission = false; + + // Admin should be able to edit anything in the sim (including admin objects) + if (IsAdministrator(user)) + permission = true; + + return permission; + + } + protected virtual bool GenericObjectPermission(LLUUID user, LLUUID objId) { // Default: deny diff --git a/OpenSim/Region/Environment/Scenes/Scene.cs b/OpenSim/Region/Environment/Scenes/Scene.cs index 2d74913972..cc0f3e15f9 100644 --- a/OpenSim/Region/Environment/Scenes/Scene.cs +++ b/OpenSim/Region/Environment/Scenes/Scene.cs @@ -733,7 +733,7 @@ namespace OpenSim.Region.Environment.Scenes /// /// Loads the World's objects /// - public virtual void LoadPrimsFromStorage() + public virtual void LoadPrimsFromStorage(bool m_permissions) { MainLog.Instance.Verbose("Loading objects from datastore"); List PrimsFromDB = m_storageManager.DataStore.LoadObjects(m_regInfo.RegionID); @@ -741,6 +741,20 @@ namespace OpenSim.Region.Environment.Scenes { AddEntityFromStorage(prim); SceneObjectPart rootPart = prim.GetChildPart(prim.UUID); + if (m_permissions) + { + rootPart.EveryoneMask = rootPart.ObjectFlags; + rootPart.EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectYouOwner; + rootPart.EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectTransfer; + rootPart.EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectModify; + rootPart.EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectMove; + rootPart.EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectAnyOwner; + rootPart.EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectYouOfficer; + } + else + { + rootPart.EveryoneMask = rootPart.ObjectFlags; + } bool UsePhysics = (((rootPart.ObjectFlags & (uint)LLObject.ObjectFlags.Physics) > 0) && m_physicalPrim); if ((rootPart.ObjectFlags & (uint)LLObject.ObjectFlags.Phantom) == 0) rootPart.PhysActor = PhysicsScene.AddPrimShape( @@ -839,7 +853,8 @@ namespace OpenSim.Region.Environment.Scenes // if grass or tree, make phantom if ((rootPart.Shape.PCode == 95) || (rootPart.Shape.PCode == 255)) { - rootPart.ObjectFlags += (uint)LLObject.ObjectFlags.Phantom; + rootPart.AddFlag(LLObject.ObjectFlags.Phantom); + //rootPart.ObjectFlags += (uint)LLObject.ObjectFlags.Phantom; } // if not phantom, add to physics bool UsePhysics = (((rootPart.ObjectFlags & (uint)LLObject.ObjectFlags.Physics) > 0) && m_physicalPrim); diff --git a/OpenSim/Region/Environment/Scenes/SceneObjectPart.cs b/OpenSim/Region/Environment/Scenes/SceneObjectPart.cs index c94bfd9f7f..d8e21434fd 100644 --- a/OpenSim/Region/Environment/Scenes/SceneObjectPart.cs +++ b/OpenSim/Region/Environment/Scenes/SceneObjectPart.cs @@ -466,6 +466,18 @@ namespace OpenSim.Region.Environment.Scenes LLObject.ObjectFlags.CreateSelected | LLObject.ObjectFlags.ObjectOwnerModify; + if (!ParentGroup.m_scene.PermissionsMngr.BypassPermissions) + { + EveryoneMask = (uint)m_flags; + EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectYouOwner; + EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectTransfer; + EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectCopy; + EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectModify; + EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectMove; + EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectAnyOwner; + EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectYouOfficer; + } + ScheduleFullUpdate(); } @@ -503,6 +515,23 @@ namespace OpenSim.Region.Environment.Scenes OffsetPosition = position; RotationOffset = rotation; ObjectFlags = flags; + + if (!ParentGroup.m_scene.PermissionsMngr.BypassPermissions) + { + EveryoneMask = (uint)m_flags; + EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectYouOwner; + EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectTransfer; + EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectCopy; + EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectModify; + EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectMove; + EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectAnyOwner; + EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectYouOfficer; + } + else + { + EveryoneMask = ObjectFlags; + } + bool UsePhysics = ((ObjectFlags & (uint)LLObject.ObjectFlags.Physics) != 0); doPhysicsPropertyUpdate(UsePhysics, true); ScheduleFullUpdate(); @@ -519,6 +548,23 @@ namespace OpenSim.Region.Environment.Scenes { XmlSerializer serializer = new XmlSerializer(typeof (SceneObjectPart)); SceneObjectPart newobject = (SceneObjectPart) serializer.Deserialize(xmlReader); + + if (!newobject.ParentGroup.m_scene.PermissionsMngr.BypassPermissions) + { + newobject.EveryoneMask = newobject.ObjectFlags; + newobject.EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectYouOwner; + newobject.EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectTransfer; + newobject.EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectCopy; + newobject.EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectModify; + newobject.EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectMove; + newobject.EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectAnyOwner; + newobject.EveryoneMask &= ~(uint)LLObject.ObjectFlags.ObjectYouOfficer; + } + else + { + newobject.EveryoneMask = newobject.ObjectFlags; + } + bool UsePhysics = ((newobject.ObjectFlags & (uint)LLObject.ObjectFlags.Physics) != 0); newobject.doPhysicsPropertyUpdate(UsePhysics, true); @@ -711,6 +757,9 @@ namespace OpenSim.Region.Environment.Scenes { //Console.WriteLine("Adding flag: " + ((LLObject.ObjectFlags) flag).ToString()); m_flags |= flag; + BaseMask |= (uint)flag; + GroupMask |= (uint)flag; + EveryoneMask |= (uint)flag; } uint currflag = (uint) m_flags; //System.Console.WriteLine("Aprev: " + prevflag.ToString() + " curr: " + m_flags.ToString()); @@ -724,6 +773,9 @@ namespace OpenSim.Region.Environment.Scenes { //Console.WriteLine("Removing flag: " + ((LLObject.ObjectFlags)flag).ToString()); m_flags &= ~flag; + BaseMask &= ~(uint)flag; + GroupMask &= ~(uint)flag; + EveryoneMask &= ~(uint)flag; } //System.Console.WriteLine("prev: " + prevflag.ToString() + " curr: " + m_flags.ToString()); //ScheduleFullUpdate(); @@ -1201,19 +1253,36 @@ namespace OpenSim.Region.Environment.Scenes } break; } + } + // If you can't edit it, send the base permissions minus the flag to edit + if (!ParentGroup.m_scene.PermissionsMngr.BypassPermissions) + { + if (ParentGroup.m_scene.PermissionsMngr.CanEditObject(remoteClient.AgentId, this.ParentGroup.UUID)) + { + //clientFlags = ObjectFlags &= ~(uint)LLObject.ObjectFlags.ObjectModify; + //clientFlags = clientFlags &= ~(uint)LLObject.ObjectFlags.ObjectMove; + //clientFlags = clientFlags &= ~(uint)LLObject.ObjectFlags.AllowInventoryDrop; + //clientFlags = clientFlags &= ~(uint)LLObject.ObjectFlags.ObjectTransfer; + // Send EveryoneMask + clientFlags = ObjectFlags; + + } else { - // If you can't edit it, send the base permissions minus the flag to edit - if (!ParentGroup.m_scene.PermissionsMngr.CanEditObject(remoteClient.AgentId, this.ParentGroup.UUID)) - { - clientFlags = ObjectFlags &= ~(uint)LLObject.ObjectFlags.ObjectModify; + clientFlags = ObjectFlags; + if (!ParentGroup.m_scene.PermissionsMngr.AnyoneCanCopyPermission(remoteClient.AgentId, this.ParentGroup.UUID)) + clientFlags = clientFlags &= ~(uint)LLObject.ObjectFlags.ObjectCopy; + if (!ParentGroup.m_scene.PermissionsMngr.AnyoneCanMovePermission(remoteClient.AgentId, this.ParentGroup.UUID)) clientFlags = clientFlags &= ~(uint)LLObject.ObjectFlags.ObjectMove; - clientFlags = clientFlags &= ~(uint)LLObject.ObjectFlags.AllowInventoryDrop; - clientFlags = clientFlags &= ~(uint)LLObject.ObjectFlags.ObjectTransfer; - } + + clientFlags = clientFlags &= ~(uint)LLObject.ObjectFlags.ObjectModify; + clientFlags = clientFlags &= ~(uint)LLObject.ObjectFlags.AllowInventoryDrop; + clientFlags = clientFlags &= ~(uint)LLObject.ObjectFlags.ObjectTransfer; + clientFlags = EveryoneMask; } } + byte[] color = new byte[] { m_color.R, m_color.G, m_color.B, m_color.A }; remoteClient.SendPrimitiveToClient(m_regionHandle, 64096, LocalID, m_shape, lPos, clientFlags, m_uuid, OwnerID, diff --git a/OpenSim/Region/Examples/SimpleApp/Program.cs b/OpenSim/Region/Examples/SimpleApp/Program.cs index 7ed58f5baf..372d951e56 100644 --- a/OpenSim/Region/Examples/SimpleApp/Program.cs +++ b/OpenSim/Region/Examples/SimpleApp/Program.cs @@ -98,7 +98,7 @@ namespace SimpleApp m_moduleLoader = new ModuleLoader(m_log, m_config); m_moduleLoader.LoadDefaultSharedModules(); - Scene scene = SetupScene(regionInfo, out udpServer); + Scene scene = SetupScene(regionInfo, out udpServer, false); m_moduleLoader.InitialiseSharedModules(scene);