From 70d264ee6cfae6cfe90d38460c4087b9956dab6c Mon Sep 17 00:00:00 2001 From: Melanie Thielker Date: Tue, 23 Sep 2008 03:36:16 +0000 Subject: [PATCH] Update the permissions system to handle scripts and notecards the way it was meant to. No functional changes, just better code --- .../ClientStack/LindenUDP/LLClientView.cs | 1 - .../World/Permissions/PermissionsModule.cs | 66 ++++++++++++++++++- .../Environment/Scenes/Scene.Inventory.cs | 32 ++++++--- .../Common/ScriptEngineBase/ScriptEngine.cs | 2 +- .../Region/ScriptEngine/XEngine/XEngine.cs | 2 +- 5 files changed, 90 insertions(+), 13 deletions(-) diff --git a/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs b/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs index 6915b3aee5..62d6efef35 100644 --- a/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs +++ b/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs @@ -4835,7 +4835,6 @@ namespace OpenSim.Region.ClientStack.LindenUDP case PacketType.TransferRequest: //Console.WriteLine("ClientView.ProcessPackets.cs:ProcessInPacket() - Got transfer request"); TransferRequestPacket transfer = (TransferRequestPacket)Pack; -System.Console.WriteLine("Transfer request, source {0}", transfer.TransferInfo.SourceType); // Validate inventory transfers // Has to be done here, because AssetCache can't do it // diff --git a/OpenSim/Region/Environment/Modules/World/Permissions/PermissionsModule.cs b/OpenSim/Region/Environment/Modules/World/Permissions/PermissionsModule.cs index ff5ba18232..fbdae85d01 100644 --- a/OpenSim/Region/Environment/Modules/World/Permissions/PermissionsModule.cs +++ b/OpenSim/Region/Environment/Modules/World/Permissions/PermissionsModule.cs @@ -631,7 +631,10 @@ namespace OpenSim.Region.Environment.Modules.World.Permissions DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); if (m_bypassPermissions) return m_bypassPermissionsValue; - return false; + // If you can view it, you can edit it + // There is no viewing a no mod script + // + return CanViewScript(script, objectID, user, scene); } private bool CanEditNotecard(UUID notecard, UUID objectID, UUID user, Scene scene) @@ -639,6 +642,67 @@ namespace OpenSim.Region.Environment.Modules.World.Permissions DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); if (m_bypassPermissions) return m_bypassPermissionsValue; + if (objectID == UUID.Zero) // User inventory + { + CachedUserInfo userInfo = + scene.CommsManager.UserProfileCacheService.GetUserDetails(user); + if (userInfo == null) + return false; + + if (userInfo.RootFolder == null) + return false; + + InventoryItemBase assetRequestItem = userInfo.RootFolder.FindItem(notecard); + if (assetRequestItem == null) // Library item + { + assetRequestItem = m_scene.CommsManager.UserProfileCacheService.LibraryRoot.FindItem(notecard); + + if (assetRequestItem != null) // Implicitly readable + return true; + } + + // Notecards must be both mod and copy to be saveable + // This is because of they're not copy, you can't read + // them, and if they're not mod, well, then they're + // not mod. Duh. + // + if ((assetRequestItem.CurrentPermissions & + ((uint)PermissionMask.Modify | + (uint)PermissionMask.Copy)) != + ((uint)PermissionMask.Modify | + (uint)PermissionMask.Copy)) + return false; + } + else // Prim inventory + { + SceneObjectPart part = scene.GetSceneObjectPart(objectID); + + if (part == null) + return false; + + if (part.OwnerID != user) + return false; + + if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0) + return false; + + TaskInventoryItem ti = part.GetInventoryItem(notecard); + + if (ti == null) + return false; + + if (ti.OwnerID != user) + return false; + + // Require full perms + if ((ti.CurrentPermissions & + ((uint)PermissionMask.Modify | + (uint)PermissionMask.Copy)) != + ((uint)PermissionMask.Modify | + (uint)PermissionMask.Copy)) + return false; + } + return true; } diff --git a/OpenSim/Region/Environment/Scenes/Scene.Inventory.cs b/OpenSim/Region/Environment/Scenes/Scene.Inventory.cs index a1c5fe713a..c1c1b6ebbc 100644 --- a/OpenSim/Region/Environment/Scenes/Scene.Inventory.cs +++ b/OpenSim/Region/Environment/Scenes/Scene.Inventory.cs @@ -171,6 +171,23 @@ namespace OpenSim.Region.Environment.Scenes if (item != null) { + if ((InventoryType) item.InvType == InventoryType.Notecard) + { + if (!ExternalChecks.ExternalChecksCanEditNotecard(itemID, UUID.Zero, remoteClient.AgentId)) + { + remoteClient.SendAgentAlertMessage("Insufficient permissions to edit notecard", false); + return UUID.Zero; + } + } + else if ((InventoryType) item.InvType == InventoryType.LSL) + { + if (!ExternalChecks.ExternalChecksCanEditScript(itemID, UUID.Zero, remoteClient.AgentId)) + { + remoteClient.SendAgentAlertMessage("Insufficient permissions to edit script", false); + return UUID.Zero; + } + } + AssetBase asset = CreateAsset(item.Name, item.Description, (sbyte)item.AssetType, data); AssetCache.AddAsset(asset); @@ -179,15 +196,6 @@ namespace OpenSim.Region.Environment.Scenes userInfo.UpdateItem(item); // remoteClient.SendInventoryItemCreateUpdate(item); - if ((InventoryType) item.InvType == InventoryType.Notecard) - { - //do we want to know about updated note cards? - } - else if ((InventoryType) item.InvType == InventoryType.LSL) - { - // do we want to know about updated scripts - } - return (asset.FullID); } } @@ -228,6 +236,12 @@ namespace OpenSim.Region.Environment.Scenes public void CapsUpdateTaskInventoryScriptAsset(IClientAPI remoteClient, UUID itemId, UUID primId, bool isScriptRunning, byte[] data) { + if (!ExternalChecks.ExternalChecksCanEditScript(itemId, primId, remoteClient.AgentId)) + { + remoteClient.SendAgentAlertMessage("Insufficient permissions to edit script", false); + return; + } + // Retrieve group SceneObjectPart part = GetSceneObjectPart(primId); SceneObjectGroup group = part.ParentGroup; diff --git a/OpenSim/Region/ScriptEngine/Common/ScriptEngineBase/ScriptEngine.cs b/OpenSim/Region/ScriptEngine/Common/ScriptEngineBase/ScriptEngine.cs index 26e5ec25f6..af29dc83c8 100644 --- a/OpenSim/Region/ScriptEngine/Common/ScriptEngineBase/ScriptEngine.cs +++ b/OpenSim/Region/ScriptEngine/Common/ScriptEngineBase/ScriptEngine.cs @@ -56,7 +56,7 @@ namespace OpenSim.Region.ScriptEngine.Common.ScriptEngineBase public IConfigSource ConfigSource; public IConfig ScriptConfigSource; public abstract string ScriptEngineName { get; } - private bool m_enabled = true; + private bool m_enabled = false; private bool m_hookUpToServer = false; /// diff --git a/OpenSim/Region/ScriptEngine/XEngine/XEngine.cs b/OpenSim/Region/ScriptEngine/XEngine/XEngine.cs index 9219c13af6..a6416c67eb 100644 --- a/OpenSim/Region/ScriptEngine/XEngine/XEngine.cs +++ b/OpenSim/Region/ScriptEngine/XEngine/XEngine.cs @@ -67,7 +67,7 @@ namespace OpenSim.Region.ScriptEngine.XEngine private int m_SleepTime; private int m_SaveTime; private ThreadPriority m_Prio; - private bool m_Enabled = true; + private bool m_Enabled = false; // disable warning: need to keep a reference to XEngine.EventManager // alive to avoid it being garbage collected