Added optional owner classes to existing OSSL agent Permissions
PARCEL_GROUP, PARCEL_OWNER, ESTATE_MANAGER and REGION_OWNER can be combined with the existing agent uuid option to limit ossl functions to agents and owner classes. Signed-off-by: BlueWall <jamesh@bluewallgroup.com>remove-scene-viewer
parent
9a28e7a4e0
commit
41395d5443
|
@ -113,11 +113,13 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
|
|||
{
|
||||
public List<UUID> AllowedCreators;
|
||||
public List<UUID> AllowedOwners;
|
||||
public List<string> AllowedOwnerClasses;
|
||||
|
||||
public FunctionPerms()
|
||||
{
|
||||
AllowedCreators = new List<UUID>();
|
||||
AllowedOwners = new List<UUID>();
|
||||
AllowedOwnerClasses = new List<string>();
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -245,6 +247,7 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
|
|||
// Default behavior
|
||||
perms.AllowedOwners = null;
|
||||
perms.AllowedCreators = null;
|
||||
perms.AllowedOwnerClasses = null;
|
||||
}
|
||||
else
|
||||
{
|
||||
|
@ -265,12 +268,20 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
|
|||
foreach (string id in ids)
|
||||
{
|
||||
string current = id.Trim();
|
||||
UUID uuid;
|
||||
|
||||
if (UUID.TryParse(current, out uuid))
|
||||
if (current.ToUpper() == "PARCEL_GROUP_MEMBER" || current.ToUpper() == "PARCEL_OWNER" || current.ToUpper() == "ESTATE_MANAGER" || current.ToUpper() == "ESTATE_OWNER")
|
||||
{
|
||||
if (uuid != UUID.Zero)
|
||||
perms.AllowedOwners.Add(uuid);
|
||||
if (!perms.AllowedOwnerClasses.Contains(current))
|
||||
perms.AllowedOwnerClasses.Add(current.ToUpper());
|
||||
}
|
||||
else
|
||||
{
|
||||
UUID uuid;
|
||||
|
||||
if (UUID.TryParse(current, out uuid))
|
||||
{
|
||||
if (uuid != UUID.Zero)
|
||||
perms.AllowedOwners.Add(uuid);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -326,11 +337,55 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
|
|||
String.Format("{0} permission error. Can't find script in prim inventory.",
|
||||
function));
|
||||
}
|
||||
|
||||
UUID ownerID = ti.OwnerID;
|
||||
|
||||
//OSSL only may be used if objet is in the same group as the parcel
|
||||
if (m_FunctionPerms[function].AllowedOwnerClasses.Contains("PARCEL_GROUP_MEMBER"))
|
||||
{
|
||||
ILandObject land = World.LandChannel.GetLandObject(m_host.AbsolutePosition.X, m_host.AbsolutePosition.Y);
|
||||
|
||||
if (land.LandData.GroupID == ti.GroupID && land.LandData.GroupID != UUID.Zero)
|
||||
{
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
//Only Parcelowners may use the function
|
||||
if (m_FunctionPerms[function].AllowedOwnerClasses.Contains("PARCEL_OWNER"))
|
||||
{
|
||||
ILandObject land = World.LandChannel.GetLandObject(m_host.AbsolutePosition.X, m_host.AbsolutePosition.Y);
|
||||
|
||||
if (land.LandData.OwnerID == ownerID)
|
||||
{
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
//Only Estate Managers may use the function
|
||||
if (m_FunctionPerms[function].AllowedOwnerClasses.Contains("ESTATE_MANAGER"))
|
||||
{
|
||||
//Only Estate Managers may use the function
|
||||
if (World.RegionInfo.EstateSettings.IsEstateManager(ownerID) && World.RegionInfo.EstateSettings.EstateOwner != ownerID)
|
||||
{
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
//Only regionowners may use the function
|
||||
if (m_FunctionPerms[function].AllowedOwnerClasses.Contains("ESTATE_OWNER"))
|
||||
{
|
||||
if (World.RegionInfo.EstateSettings.EstateOwner == ownerID)
|
||||
{
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
if (!m_FunctionPerms[function].AllowedCreators.Contains(ti.CreatorID))
|
||||
OSSLError(
|
||||
String.Format("{0} permission denied. Script creator is not in the list of users allowed to execute this function and prim owner also has no permission.",
|
||||
function));
|
||||
if (ti.CreatorID != ti.OwnerID)
|
||||
if (ti.CreatorID != ownerID)
|
||||
{
|
||||
if ((ti.CurrentPermissions & (uint)PermissionMask.Modify) != 0)
|
||||
OSSLError(
|
||||
|
|
|
@ -617,6 +617,13 @@
|
|||
|
||||
; Comma separated list of UUIDS allows the function for that list of UUIDS
|
||||
; Allow_osSetRegionWaterHeight = 888760cb-a3cf-43ac-8ea4-8732fd3ee2bb
|
||||
|
||||
; Comma separated list of owner classes that allow the function for a particular class of owners. Choices are
|
||||
; - PARCEL_GROUP_MEMBER: allow if objectgroup is the same group as the parcel
|
||||
; - PARCEL_OWNER: allow if the objectowner is parcelowner
|
||||
; - ESTATE_MANAGER: allow if the object owner is a estate manager
|
||||
; - ESTATE_OWNER: allow if objectowner is estateowner
|
||||
; Allow_osSetRegionWaterHeight = 888760cb-a3cf-43ac-8ea4-8732fd3ee2bb, PARCEL_OWNER, ESTATE_OWNER>, ...
|
||||
|
||||
; You can also use script creators as the uuid
|
||||
; Creators_osSetRegionWaterHeight = <uuid>, ...
|
||||
|
|
|
@ -1196,6 +1196,13 @@
|
|||
|
||||
; Comma separated list of UUIDS allows the function for that list of UUIDS
|
||||
; Allow_osSetRegionWaterHeight = 888760cb-a3cf-43ac-8ea4-8732fd3ee2bb
|
||||
|
||||
; Comma separated list of owner classes that allow the function for a particular class of owners. Choices are
|
||||
; - PARCEL_GROUP_MEMBER: allow if objectgroup is the same group as the parcel
|
||||
; - PARCEL_OWNER: allow if the objectowner is parcelowner
|
||||
; - ESTATE_MANAGER: allow if the object owner is a estate manager
|
||||
; - ESTATE_OWNER: allow if objectowner is estateowner
|
||||
; Allow_osSetRegionWaterHeight = 888760cb-a3cf-43ac-8ea4-8732fd3ee2bb, PARCEL_OWNER, ESTATE_OWNER>, ...
|
||||
|
||||
; You can also use script creators as the uuid
|
||||
; Creators_osSetRegionWaterHeight = <uuid>, ...
|
||||
|
|
Loading…
Reference in New Issue