OpenSim
/
OpenSimMirror
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

* Permissions! - You can now only perform certain functions (such as editing other peoples objects) if you have permission to do so. 

* Moved OnPermissionError to EventManager - now triggers a standard blue alert.
* Terraforming now requires permission via the permissions manager. [Defaults to admin-only]
* Permissions manager is now substantiated in Scene
* Buttload of new permissions added.
* Estate manager operations now require various levels of permission to operate
* OGS1 now produces 'summary reports' for a commsManager of each scene it maintains connections for. Reduces grid network traffic for ping checks.
* Added new "permissions true" / "permissions false" console command to enable or disable permissions.
afrisby
Adam Frisby 2007-08-15 14:10:26 +00:00
parent a4fc02d790
commit 5699bb2e64
7 changed files with 208 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
OpenSim/Region/Application/OpenSimMain.cs
View File

@ -320,6 +320,17 @@ namespace OpenSim
}
break;
case "permissions":
// Treats each user as a super-admin when disabled
foreach (Scene scene in m_localScenes)
{
if (Convert.ToBoolean(cmdparams[0]))
scene.PermissionsMngr.EnablePermissions();
else
scene.PermissionsMngr.DisablePermissions();
}
break;
case "backup":
foreach (Scene scene in m_localScenes)
{

10
OpenSim/Region/Communications/OGS1/OGS1GridServices.cs
View File

@ -260,6 +260,16 @@ namespace OpenSim.Region.Communications.OGS1
Hashtable respData = new Hashtable();
respData["online"] = "true";
foreach (ulong region in this.listeners.Keys)
{
Hashtable regData = new Hashtable();
RegionInfo reg = regions[region];
regData["status"] = "active";
regData["handle"] = region.ToString();
respData[reg.SimUUID.ToStringHyphenated()] = regData;
}
response.Value = respData;
return response;

48
OpenSim/Region/Environment/EstateManager.cs
View File

@ -147,35 +147,37 @@ namespace OpenSim.Region.Environment
public void handleEstateOwnerMessage(EstateOwnerMessagePacket packet, IClientAPI remote_client)
{
if (remote_client.AgentId == m_regInfo.MasterAvatarAssignedUUID)
switch (Helpers.FieldToUTF8String(packet.MethodData.Method))
{
switch (Helpers.FieldToUTF8String(packet.MethodData.Method))
{
case "getinfo":
this.sendRegionInfoPacketToAll();
break;
case "setregioninfo":
case "getinfo":
this.sendRegionInfoPacketToAll();
break;
case "setregioninfo":
if (m_scene.PermissionsMngr.CanEditEstateTerrain(remote_client.AgentId))
estateSetRegionInfoHandler(packet);
break;
case "texturebase":
break;
case "texturebase":
if (m_scene.PermissionsMngr.CanEditEstateTerrain(remote_client.AgentId))
estateTextureBaseHandler(packet);
break;
case "texturedetail":
break;
case "texturedetail":
if (m_scene.PermissionsMngr.CanEditEstateTerrain(remote_client.AgentId))
estateTextureDetailHandler(packet);
break;
case "textureheights":
break;
case "textureheights":
if (m_scene.PermissionsMngr.CanEditEstateTerrain(remote_client.AgentId))
estateTextureHeightsHandler(packet);
break;
case "texturecommit":
sendRegionHandshakeToAll();
break;
case "setregionterrain":
break;
case "texturecommit":
sendRegionHandshakeToAll();
break;
case "setregionterrain":
if (m_scene.PermissionsMngr.CanEditEstateTerrain(remote_client.AgentId))
estateSetRegionTerrainHandler(packet);
break;
default:
MainLog.Instance.Error("EstateOwnerMessage: Unknown method requested\n" + packet.ToString());
break;
}
break;
default:
MainLog.Instance.Error("EstateOwnerMessage: Unknown method requested\n" + packet.ToString());
break;
}
}

119
OpenSim/Region/Environment/PermissionManager.cs
View File

@ -15,36 +15,80 @@ namespace OpenSim.Region.Environment
{
protected Scene m_scene;
// Bypasses the permissions engine (always returns OK)
// disable in any production environment
// TODO: Change this to false when permissions are a desired default
// TODO: Move to configuration option.
private bool bypassPermissions = true;
public PermissionManager(Scene scene)
{
m_scene = scene;
}
public delegate void OnPermissionErrorDelegate(LLUUID user, string reason);
public event OnPermissionErrorDelegate OnPermissionError;
public void DisablePermissions()
{
bypassPermissions = true;
}
public void EnablePermissions()
{
bypassPermissions = false;
}
protected virtual void SendPermissionError(LLUUID user, string reason)
{
if (OnPermissionError != null)
OnPermissionError(user, reason);
m_scene.EventManager.TriggerPermissionError(user, reason);
}
protected virtual bool IsAdministrator(LLUUID user)
{
if (bypassPermissions)
return bypassPermissions;
return m_scene.RegionInfo.MasterAvatarAssignedUUID == user;
}
protected virtual bool IsEstateManager(LLUUID user)
{
if (bypassPermissions)
return bypassPermissions;
return false;
}
protected virtual bool IsGridUser(LLUUID user)
{
return true;
}
protected virtual bool IsGuest(LLUUID user)
{
return false;
}
public virtual bool CanRezObject(LLUUID user, LLVector3 position)
{
bool permission = false;
string reason = "Insufficient permission";
if (IsAdministrator(user))
permission = true;
else
reason = "Not an administrator";
if (GenericParcelPermission(user, position))
permission = true;
else
reason = "Not the parcel owner";
if (!permission)
SendPermissionError(user, reason);
return true;
}
#region Object Permissions
protected virtual bool GenericObjectPermission(LLUUID user, LLUUID obj)
@ -105,19 +149,71 @@ namespace OpenSim.Region.Environment
#endregion
#region Communication Permissions
public virtual bool GenericCommunicationPermission(LLUUID user, LLUUID target)
{
bool permission = false;
string reason = "Only registered users may communicate with another account.";
if (IsGridUser(user))
permission = true;
if (!IsGridUser(user))
{
permission = false;
reason = "The person that you are messaging is not a registered user.";
}
if (IsAdministrator(user))
permission = true;
if (IsEstateManager(user))
permission = true;
if (!permission)
SendPermissionError(user, reason);
return permission;
}
public virtual bool CanInstantMessage(LLUUID user, LLUUID target)
{
return GenericCommunicationPermission(user, target);
}
public virtual bool CanInventoryTransfer(LLUUID user, LLUUID target)
{
return GenericCommunicationPermission(user, target);
}
#endregion
public virtual bool CanEditScript(LLUUID user, LLUUID script)
{
return false;
return IsAdministrator(user);
}
public virtual bool CanRunScript(LLUUID user, LLUUID script)
{
return false;
return IsAdministrator(user);
}
public virtual bool CanTerraform(LLUUID user, LLUUID position)
public virtual bool CanTerraform(LLUUID user, LLVector3 position)
{
return false;
bool permission = false;
// Estate override
if (GenericEstatePermission(user))
permission = true;
// Land owner can terraform too
if (GenericParcelPermission(user, m_scene.LandManager.getLandObject(position.X, position.Y)))
permission = true;
if (!permission)
SendPermissionError(user, "Not authorized to terraform at this location.");
return permission;
}
#region Estate Permissions
@ -168,6 +264,11 @@ namespace OpenSim.Region.Environment
return permission;
}
protected virtual bool GenericParcelPermission(LLUUID user, LLVector3 pos)
{
return GenericParcelPermission(user, m_scene.LandManager.getLandObject(pos.X, pos.Y));
}
public virtual bool CanEditParcel(LLUUID user, Land parcel)
{
return GenericParcelPermission(user, parcel);

42
OpenSim/Region/Environment/Scenes/Scene.PacketHandlers.cs
View File

@ -50,6 +50,12 @@ namespace OpenSim.Region.Environment.Scenes
/// <param name="west">Distance from the west border where the cursor is located</param>
public void ModifyTerrain(float height, float seconds, byte brushsize, byte action, float north, float west, IClientAPI remoteUser)
{
// Do a permissions check before allowing terraforming.
// random users are now no longer allowed to terraform
// if permissions are enabled.
if (!PermissionsMngr.CanTerraform(remoteUser.AgentId, new LLVector3(north, west, 0)))
return;
// Shiny.
double size = (double)(1 << brushsize);
@ -240,15 +246,18 @@ namespace OpenSim.Region.Environment.Scenes
}
if (selectedEnt != null)
{
List<ScenePresence> avatars = this.RequestAvatarList();
foreach (ScenePresence avatar in avatars)
if (PermissionsMngr.CanDeRezObject(simClient.AgentId, selectedEnt.m_uuid))
{
avatar.ControllingClient.SendKillObject(this.m_regionHandle, selectedEnt.LocalId);
}
lock (Entities)
{
Entities.Remove(selectedEnt.m_uuid);
List<ScenePresence> avatars = this.RequestAvatarList();
foreach (ScenePresence avatar in avatars)
{
avatar.ControllingClient.SendKillObject(this.m_regionHandle, selectedEnt.LocalId);
}
lock (Entities)
{
Entities.Remove(selectedEnt.m_uuid);
}
}
}
}
@ -501,16 +510,19 @@ namespace OpenSim.Region.Environment.Scenes
public void MoveObject(LLUUID objectID, LLVector3 offset, LLVector3 pos, IClientAPI remoteClient)
{
bool hasPrim = false;
foreach (EntityBase ent in Entities.Values)
if (PermissionsMngr.CanEditObject(remoteClient.AgentId, objectID))
{
if (ent is SceneObjectGroup)
bool hasPrim = false;
foreach (EntityBase ent in Entities.Values)
{
hasPrim = ((SceneObjectGroup)ent).HasChildPrim(objectID);
if (hasPrim != false)
if (ent is SceneObjectGroup)
{
((SceneObjectGroup)ent).GrabMovement(offset, pos, remoteClient);
break;
hasPrim = ((SceneObjectGroup)ent).HasChildPrim(objectID);
if (hasPrim != false)
{
((SceneObjectGroup)ent).GrabMovement(offset, pos, remoteClient);
break;
}
}
}
}

16
OpenSim/Region/Environment/Scenes/Scene.cs
View File

@ -110,6 +110,13 @@ namespace OpenSim.Region.Environment.Scenes
get { return m_scriptManager; }
}
private PermissionManager m_permissionManager;
public PermissionManager PermissionsMngr
{
get { return m_permissionManager; }
}
public Dictionary<LLUUID, SceneObjectGroup> Objects
{
get { return Prims; }
@ -143,10 +150,13 @@ namespace OpenSim.Region.Environment.Scenes
m_estateManager = new EstateManager(this, m_regInfo);
m_scriptManager = new ScriptManager(this);
m_eventManager = new EventManager();
m_permissionManager = new PermissionManager(this);
m_eventManager.OnParcelPrimCountAdd +=
m_LandManager.addPrimToLandPrimCounts;
m_eventManager.OnPermissionError += SendPermissionAlert;
MainLog.Instance.Verbose("Creating new entitities instance");
Entities = new Dictionary<LLUUID, EntityBase>();
Avatars = new Dictionary<LLUUID, ScenePresence>();
@ -966,6 +976,12 @@ namespace OpenSim.Region.Environment.Scenes
#endregion
#region Alert Methods
void SendPermissionAlert(LLUUID user, string reason)
{
SendAlertToUser(user, reason, false);
}
public void SendGeneralAlert(string message)
{
foreach (ScenePresence presence in this.Avatars.Values)

9
OpenSim/Region/Environment/Scenes/SceneEvents.cs
View File

@ -33,7 +33,16 @@ namespace OpenSim.Region.Environment.Scenes
public event OnShutdownDelegate OnShutdown;
public delegate void ObjectGrabDelegate(uint localID, LLVector3 offsetPos, IClientAPI remoteClient);
public delegate void OnPermissionErrorDelegate(LLUUID user, string reason);
public event ObjectGrabDelegate OnObjectGrab;
public event OnPermissionErrorDelegate OnPermissionError;
public void TriggerPermissionError(LLUUID user, string reason)
{
if (OnPermissionError != null)
OnPermissionError(user, reason);
}
public void TriggerOnScriptConsole(string[] args)
{