From 48d2e8309a4b16843687a37b5458d00535e139d8 Mon Sep 17 00:00:00 2001 From: "Justin Clark-Casey (justincc)" Date: Mon, 5 Apr 2010 20:42:20 +0100 Subject: [PATCH] check group membership and powers with the groups module rather than just the client's active group id this resolves the earlier issue where notecards/scripts shared with group could only be edited if the user had that group active --- .../World/Permissions/PermissionsModule.cs | 39 +++++++++++++------ 1 file changed, 27 insertions(+), 12 deletions(-) diff --git a/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs b/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs index 0f830e12a1..d9405649b5 100644 --- a/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs +++ b/OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs @@ -162,7 +162,8 @@ namespace OpenSim.Region.CoreModules.World.Permissions private Dictionary GrantVB = new Dictionary(); private Dictionary GrantJS = new Dictionary(); private Dictionary GrantYP = new Dictionary(); - private IFriendsModule m_friendsModule = null; + private IFriendsModule m_friendsModule; + private IGroupsModule m_groupsModule; #endregion @@ -386,9 +387,12 @@ namespace OpenSim.Region.CoreModules.World.Permissions m_friendsModule = m_scene.RequestModuleInterface(); if (m_friendsModule == null) - m_log.Error("[PERMISSIONS]: Friends module not found, friend permissions will not work"); - else - m_log.Info("[PERMISSIONS]: Friends module found, friend permissions enabled"); + m_log.Warn("[PERMISSIONS]: Friends module not found, friend permissions will not work"); + + m_groupsModule = m_scene.RequestModuleInterface(); + + if (m_groupsModule == null) + m_log.Warn("[PERMISSIONS]: Groups module not found, group permissions will not work"); } public void Close() @@ -423,14 +427,17 @@ namespace OpenSim.Region.CoreModules.World.Permissions // with the powers requested (powers = 0 for no powers check) protected bool IsGroupMember(UUID groupID, UUID userID, ulong powers) { - ScenePresence sp = m_scene.GetScenePresence(userID); - if (sp != null) - { - IClientAPI client = sp.ControllingClient; + if (null == m_groupsModule) + return false; - return ((groupID == client.ActiveGroupId) && (client.ActiveGroupPowers != 0) && - ((powers == 0) || ((client.ActiveGroupPowers & powers) == powers))); + GroupMembershipData gmd = m_groupsModule.GetMembershipData(groupID, userID); + + if (gmd != null) + { + if (((gmd.GroupPowers != 0) && powers == 0) || (gmd.GroupPowers & powers) == powers) + return true; } + return false; } @@ -721,8 +728,17 @@ namespace OpenSim.Region.CoreModules.World.Permissions permission = false; } +// m_log.DebugFormat( +// "[PERMISSIONS]: group.GroupID = {0}, part.GroupMask = {1}, isGroupMember = {2} for {3}", +// group.GroupID, +// m_scene.GetSceneObjectPart(objId).GroupMask, +// IsGroupMember(group.GroupID, currentUser, 0), +// currentUser); + // Group members should be able to edit group objects - if ((group.GroupID != UUID.Zero) && ((m_scene.GetSceneObjectPart(objId).GroupMask & (uint)PermissionMask.Modify) != 0) && IsGroupMember(group.GroupID, currentUser, 0)) + if ((group.GroupID != UUID.Zero) + && ((m_scene.GetSceneObjectPart(objId).GroupMask & (uint)PermissionMask.Modify) != 0) + && IsGroupMember(group.GroupID, currentUser, 0)) { // Return immediately, so that the administrator can shares group objects return true; @@ -957,7 +973,6 @@ namespace OpenSim.Region.CoreModules.World.Permissions DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); if (m_bypassPermissions) return m_bypassPermissionsValue; - return GenericObjectPermission(editorID, objectID, false); }