Added optional owner classes to existing OSSL agent Permissions
PARCEL_GROUP, PARCEL_OWNER, ESTATE_MANAGER and REGION_OWNER can be combined with the existing agent uuid option to limit ossl functions to agents and owner classes. Signed-off-by: BlueWall <jamesh@bluewallgroup.com>remove-scene-viewer
Michelle Argus
BlueWall
parent
9a28e7a4e0
commit
41395d5443
|
|
@ -113,11 +113,13 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
|
||||||
{
|
{
|
||||||
public List<UUID> AllowedCreators;
|
public List<UUID> AllowedCreators;
|
||||||
public List<UUID> AllowedOwners;
|
public List<UUID> AllowedOwners;
|
||||||
|
public List<string> AllowedOwnerClasses;
|
||||||
|
|
||||||
public FunctionPerms()
|
public FunctionPerms()
|
||||||
{
|
{
|
||||||
AllowedCreators = new List<UUID>();
|
AllowedCreators = new List<UUID>();
|
||||||
AllowedOwners = new List<UUID>();
|
AllowedOwners = new List<UUID>();
|
||||||
|
AllowedOwnerClasses = new List<string>();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -245,6 +247,7 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
|
||||||
// Default behavior
|
// Default behavior
|
||||||
perms.AllowedOwners = null;
|
perms.AllowedOwners = null;
|
||||||
perms.AllowedCreators = null;
|
perms.AllowedCreators = null;
|
||||||
|
perms.AllowedOwnerClasses = null;
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
|
|
@ -265,6 +268,13 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
|
||||||
foreach (string id in ids)
|
foreach (string id in ids)
|
||||||
{
|
{
|
||||||
string current = id.Trim();
|
string current = id.Trim();
|
||||||
|
if (current.ToUpper() == "PARCEL_GROUP_MEMBER" || current.ToUpper() == "PARCEL_OWNER" || current.ToUpper() == "ESTATE_MANAGER" || current.ToUpper() == "ESTATE_OWNER")
|
||||||
|
{
|
||||||
|
if (!perms.AllowedOwnerClasses.Contains(current))
|
||||||
|
perms.AllowedOwnerClasses.Add(current.ToUpper());
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
UUID uuid;
|
UUID uuid;
|
||||||
|
|
||||||
if (UUID.TryParse(current, out uuid))
|
if (UUID.TryParse(current, out uuid))
|
||||||
|
|
@ -273,6 +283,7 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
|
||||||
perms.AllowedOwners.Add(uuid);
|
perms.AllowedOwners.Add(uuid);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
ids = creatorPerm.Split(new char[] {','});
|
ids = creatorPerm.Split(new char[] {','});
|
||||||
foreach (string id in ids)
|
foreach (string id in ids)
|
||||||
|
|
@ -326,11 +337,55 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
|
||||||
String.Format("{0} permission error. Can't find script in prim inventory.",
|
String.Format("{0} permission error. Can't find script in prim inventory.",
|
||||||
function));
|
function));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
UUID ownerID = ti.OwnerID;
|
||||||
|
|
||||||
|
//OSSL only may be used if objet is in the same group as the parcel
|
||||||
|
if (m_FunctionPerms[function].AllowedOwnerClasses.Contains("PARCEL_GROUP_MEMBER"))
|
||||||
|
{
|
||||||
|
ILandObject land = World.LandChannel.GetLandObject(m_host.AbsolutePosition.X, m_host.AbsolutePosition.Y);
|
||||||
|
|
||||||
|
if (land.LandData.GroupID == ti.GroupID && land.LandData.GroupID != UUID.Zero)
|
||||||
|
{
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
//Only Parcelowners may use the function
|
||||||
|
if (m_FunctionPerms[function].AllowedOwnerClasses.Contains("PARCEL_OWNER"))
|
||||||
|
{
|
||||||
|
ILandObject land = World.LandChannel.GetLandObject(m_host.AbsolutePosition.X, m_host.AbsolutePosition.Y);
|
||||||
|
|
||||||
|
if (land.LandData.OwnerID == ownerID)
|
||||||
|
{
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
//Only Estate Managers may use the function
|
||||||
|
if (m_FunctionPerms[function].AllowedOwnerClasses.Contains("ESTATE_MANAGER"))
|
||||||
|
{
|
||||||
|
//Only Estate Managers may use the function
|
||||||
|
if (World.RegionInfo.EstateSettings.IsEstateManager(ownerID) && World.RegionInfo.EstateSettings.EstateOwner != ownerID)
|
||||||
|
{
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
//Only regionowners may use the function
|
||||||
|
if (m_FunctionPerms[function].AllowedOwnerClasses.Contains("ESTATE_OWNER"))
|
||||||
|
{
|
||||||
|
if (World.RegionInfo.EstateSettings.EstateOwner == ownerID)
|
||||||
|
{
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if (!m_FunctionPerms[function].AllowedCreators.Contains(ti.CreatorID))
|
if (!m_FunctionPerms[function].AllowedCreators.Contains(ti.CreatorID))
|
||||||
OSSLError(
|
OSSLError(
|
||||||
String.Format("{0} permission denied. Script creator is not in the list of users allowed to execute this function and prim owner also has no permission.",
|
String.Format("{0} permission denied. Script creator is not in the list of users allowed to execute this function and prim owner also has no permission.",
|
||||||
function));
|
function));
|
||||||
if (ti.CreatorID != ti.OwnerID)
|
if (ti.CreatorID != ownerID)
|
||||||
{
|
{
|
||||||
if ((ti.CurrentPermissions & (uint)PermissionMask.Modify) != 0)
|
if ((ti.CurrentPermissions & (uint)PermissionMask.Modify) != 0)
|
||||||
OSSLError(
|
OSSLError(
|
||||||
|
|
|
||||||
|
|
@ -618,6 +618,13 @@
|
||||||
; Comma separated list of UUIDS allows the function for that list of UUIDS
|
; Comma separated list of UUIDS allows the function for that list of UUIDS
|
||||||
; Allow_osSetRegionWaterHeight = 888760cb-a3cf-43ac-8ea4-8732fd3ee2bb
|
; Allow_osSetRegionWaterHeight = 888760cb-a3cf-43ac-8ea4-8732fd3ee2bb
|
||||||
|
|
||||||
|
; Comma separated list of owner classes that allow the function for a particular class of owners. Choices are
|
||||||
|
; - PARCEL_GROUP_MEMBER: allow if objectgroup is the same group as the parcel
|
||||||
|
; - PARCEL_OWNER: allow if the objectowner is parcelowner
|
||||||
|
; - ESTATE_MANAGER: allow if the object owner is a estate manager
|
||||||
|
; - ESTATE_OWNER: allow if objectowner is estateowner
|
||||||
|
; Allow_osSetRegionWaterHeight = 888760cb-a3cf-43ac-8ea4-8732fd3ee2bb, PARCEL_OWNER, ESTATE_OWNER>, ...
|
||||||
|
|
||||||
; You can also use script creators as the uuid
|
; You can also use script creators as the uuid
|
||||||
; Creators_osSetRegionWaterHeight = <uuid>, ...
|
; Creators_osSetRegionWaterHeight = <uuid>, ...
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1197,6 +1197,13 @@
|
||||||
; Comma separated list of UUIDS allows the function for that list of UUIDS
|
; Comma separated list of UUIDS allows the function for that list of UUIDS
|
||||||
; Allow_osSetRegionWaterHeight = 888760cb-a3cf-43ac-8ea4-8732fd3ee2bb
|
; Allow_osSetRegionWaterHeight = 888760cb-a3cf-43ac-8ea4-8732fd3ee2bb
|
||||||
|
|
||||||
|
; Comma separated list of owner classes that allow the function for a particular class of owners. Choices are
|
||||||
|
; - PARCEL_GROUP_MEMBER: allow if objectgroup is the same group as the parcel
|
||||||
|
; - PARCEL_OWNER: allow if the objectowner is parcelowner
|
||||||
|
; - ESTATE_MANAGER: allow if the object owner is a estate manager
|
||||||
|
; - ESTATE_OWNER: allow if objectowner is estateowner
|
||||||
|
; Allow_osSetRegionWaterHeight = 888760cb-a3cf-43ac-8ea4-8732fd3ee2bb, PARCEL_OWNER, ESTATE_OWNER>, ...
|
||||||
|
|
||||||
; You can also use script creators as the uuid
|
; You can also use script creators as the uuid
|
||||||
; Creators_osSetRegionWaterHeight = <uuid>, ...
|
; Creators_osSetRegionWaterHeight = <uuid>, ...
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue