From 7def786ef4d62c2ffad8cea0cba7db033f8f0d27 Mon Sep 17 00:00:00 2001 From: Dr Scofield Date: Mon, 22 Sep 2008 11:20:09 +0000 Subject: [PATCH] cleanups in inventory REST code. also, disables digest authentications for inventory REST calls for the time being, as firefox, curl, and also python's urllib2 cannot authenticate using digest auth. fix permission checking for prim inventory to be the same as for normal edit ops. --- .../ApplicationPlugins/Rest/Inventory/Rest.cs | 2 +- .../Rest/Inventory/RestAppearanceServices.cs | 35 +++++++++++++++---- .../Rest/Inventory/RestAssetServices.cs | 3 ++ .../Rest/Inventory/RestInventoryServices.cs | 3 ++ .../Rest/Inventory/RestTestServices.cs | 2 +- .../Rest/Inventory/tests/Remote.cs | 2 +- .../ClientStack/LindenUDP/LLClientView.cs | 3 +- .../Environment/Scenes/Scene.Inventory.cs | 30 +++++++++++++--- 8 files changed, 66 insertions(+), 14 deletions(-) diff --git a/OpenSim/ApplicationPlugins/Rest/Inventory/Rest.cs b/OpenSim/ApplicationPlugins/Rest/Inventory/Rest.cs index 21fcf92500..d7935bccfd 100644 --- a/OpenSim/ApplicationPlugins/Rest/Inventory/Rest.cs +++ b/OpenSim/ApplicationPlugins/Rest/Inventory/Rest.cs @@ -392,7 +392,7 @@ namespace OpenSim.ApplicationPlugins.Rest.Inventory /// Supported Digest algorithms - public const string Digest_MD5 = "MD5"; // assumedd efault if omitted + public const string Digest_MD5 = "MD5"; // assumed default if omitted public const string Digest_MD5Sess = "MD5-sess"; public const string Qop_Auth = "auth"; diff --git a/OpenSim/ApplicationPlugins/Rest/Inventory/RestAppearanceServices.cs b/OpenSim/ApplicationPlugins/Rest/Inventory/RestAppearanceServices.cs index 18a0baff46..8db3fde695 100644 --- a/OpenSim/ApplicationPlugins/Rest/Inventory/RestAppearanceServices.cs +++ b/OpenSim/ApplicationPlugins/Rest/Inventory/RestAppearanceServices.cs @@ -45,7 +45,7 @@ namespace OpenSim.ApplicationPlugins.Rest.Inventory public class RestAppearanceServices : IRest { private static readonly int PARM_USERID = 0; - //private static readonly int PARM_PATH = 1; + // private static readonly int PARM_PATH = 1; private bool enabled = false; private string qPrefix = "appearance"; @@ -166,6 +166,9 @@ namespace OpenSim.ApplicationPlugins.Rest.Inventory try { + // digest scheme seems borked: disable it for the time + // being + rdata.scheme = Rest.AS_BASIC; if (!rdata.IsAuthenticated) { rdata.Fail(Rest.HttpStatusCodeNotAuthorized,String.Format("user \"{0}\" could not be authenticated", rdata.userName)); @@ -335,7 +338,8 @@ namespace OpenSim.ApplicationPlugins.Rest.Inventory AvatarAppearance old = Rest.AvatarServices.GetUserAppearance(rdata.userProfile.ID); rdata.userAppearance = new AvatarAppearance(); - rdata.userAppearance.Owner = old.Owner; + rdata.userAppearance.Owner = old.Owner; + rdata.userAppearance.Serial = old.Serial; if (GetUserAppearance(rdata)) { @@ -343,6 +347,11 @@ namespace OpenSim.ApplicationPlugins.Rest.Inventory created = !modified; Rest.AvatarServices.UpdateUserAppearance(rdata.userProfile.ID, rdata.userAppearance); } + else + { + created = true; + Rest.AvatarServices.UpdateUserAppearance(rdata.userProfile.ID, rdata.userAppearance); + } if (created) { @@ -383,11 +392,13 @@ namespace OpenSim.ApplicationPlugins.Rest.Inventory rdata.userAppearance = Rest.AvatarServices.GetUserAppearance(rdata.userProfile.ID); - if (GetUserAppearance(rdata)) + // If the user exists then this is considered a modification regardless + // of what may, or may not be, specified in the payload. + + if (rdata.userAppearance != null) { - modified = rdata.userAppearance != null; - created = !modified; - Rest.AvatarServices.UpdateUserAppearance(rdata.userProfile.ID, rdata.userAppearance); + modified = true; + Rest.AvatarServices.UpdateUserAppearance(rdata.userProfile.ID, rdata.userAppearance); } if (created) @@ -465,6 +476,16 @@ namespace OpenSim.ApplicationPlugins.Rest.Inventory rdata.userAppearance.AvatarHeight = (float) Convert.ToDouble(xml.Value); indata = true; } + if (xml.MoveToAttribute("Owner")) + { + rdata.userAppearance.Owner = xml.Value; + indata = true; + } + if (xml.MoveToAttribute("Serial")) + { + rdata.userAppearance.Serial = Convert.ToInt32(xml.Value); + indata = true; + } break; case "Body" : if (xml.MoveToAttribute("Item")) @@ -687,6 +708,8 @@ namespace OpenSim.ApplicationPlugins.Rest.Inventory rdata.writer.WriteStartElement("Appearance"); rdata.writer.WriteAttributeString("Height", rdata.userAppearance.AvatarHeight.ToString()); + rdata.writer.WriteAttributeString("Owner", rdata.userAppearance.Owner.ToString()); + rdata.writer.WriteAttributeString("Serial", rdata.userAppearance.Serial.ToString()); rdata.writer.WriteStartElement("Body"); rdata.writer.WriteAttributeString("Item",rdata.userAppearance.BodyItem.ToString()); diff --git a/OpenSim/ApplicationPlugins/Rest/Inventory/RestAssetServices.cs b/OpenSim/ApplicationPlugins/Rest/Inventory/RestAssetServices.cs index b67922fb3b..7a6d4af131 100644 --- a/OpenSim/ApplicationPlugins/Rest/Inventory/RestAssetServices.cs +++ b/OpenSim/ApplicationPlugins/Rest/Inventory/RestAssetServices.cs @@ -130,6 +130,9 @@ namespace OpenSim.ApplicationPlugins.Rest.Inventory try { + // digest scheme seems borked: disable it for the time + // being + rdata.scheme = Rest.AS_BASIC; if (!rdata.IsAuthenticated) { rdata.Fail(Rest.HttpStatusCodeNotAuthorized, String.Format("user \"{0}\" could not be authenticated")); diff --git a/OpenSim/ApplicationPlugins/Rest/Inventory/RestInventoryServices.cs b/OpenSim/ApplicationPlugins/Rest/Inventory/RestInventoryServices.cs index 0aad058af4..ab40b5dfac 100644 --- a/OpenSim/ApplicationPlugins/Rest/Inventory/RestInventoryServices.cs +++ b/OpenSim/ApplicationPlugins/Rest/Inventory/RestInventoryServices.cs @@ -167,6 +167,9 @@ namespace OpenSim.ApplicationPlugins.Rest.Inventory try { + // digest scheme seems borked: disable it for the time + // being + rdata.scheme = Rest.AS_BASIC; if (!rdata.IsAuthenticated) { rdata.Fail(Rest.HttpStatusCodeNotAuthorized,String.Format("user \"{0}\" could not be authenticated", rdata.userName)); diff --git a/OpenSim/ApplicationPlugins/Rest/Inventory/RestTestServices.cs b/OpenSim/ApplicationPlugins/Rest/Inventory/RestTestServices.cs index b24b5ede78..b7c9027ba6 100644 --- a/OpenSim/ApplicationPlugins/Rest/Inventory/RestTestServices.cs +++ b/OpenSim/ApplicationPlugins/Rest/Inventory/RestTestServices.cs @@ -235,7 +235,7 @@ namespace OpenSim.ApplicationPlugins.Rest.Inventory ci = t.GetConstructor(parms); ht = ci.Invoke(args); tests.Add((ITest)ht); - Rest.Log.WarnFormat("{0} Test {1} added", MsgId, t); + Rest.Log.InfoFormat("{0} Test {1} added", MsgId, t); } } catch (Exception e) diff --git a/OpenSim/ApplicationPlugins/Rest/Inventory/tests/Remote.cs b/OpenSim/ApplicationPlugins/Rest/Inventory/tests/Remote.cs index 54d847830e..bd4247369f 100644 --- a/OpenSim/ApplicationPlugins/Rest/Inventory/tests/Remote.cs +++ b/OpenSim/ApplicationPlugins/Rest/Inventory/tests/Remote.cs @@ -65,7 +65,7 @@ namespace OpenSim.ApplicationPlugins.Rest.Inventory.Tests public void Initialize() { enabled = true; - Rest.Log.InfoFormat("{0} Remote services initialize", MsgId); + Rest.Log.InfoFormat("{0} Remote services initialized", MsgId); } // Called by the plug-in to halt REST processing. Local processing is diff --git a/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs b/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs index bd67f1ed0a..c649493efd 100644 --- a/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs +++ b/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs @@ -5200,6 +5200,7 @@ namespace OpenSim.Region.ClientStack.LindenUDP } break; case PacketType.UpdateTaskInventory: + m_log.DebugFormat("[AMW] UpdateTaskInventory request"); UpdateTaskInventoryPacket updatetask = (UpdateTaskInventoryPacket)Pack; if (OnUpdateTaskInventory != null) { @@ -5266,7 +5267,7 @@ namespace OpenSim.Region.ClientStack.LindenUDP break; case PacketType.RezScript: - + m_log.DebugFormat("[AMW] RezScript"); //Console.WriteLine(Pack.ToString()); RezScriptPacket rezScriptx = (RezScriptPacket)Pack; diff --git a/OpenSim/Region/Environment/Scenes/Scene.Inventory.cs b/OpenSim/Region/Environment/Scenes/Scene.Inventory.cs index c670076812..a188701f31 100644 --- a/OpenSim/Region/Environment/Scenes/Scene.Inventory.cs +++ b/OpenSim/Region/Environment/Scenes/Scene.Inventory.cs @@ -1186,11 +1186,21 @@ namespace OpenSim.Region.Environment.Scenes if (part != null) { - if (part.OwnerID != remoteClient.AgentId) - return; - if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0) - return; + // replacing the following two checks with the + // ExternalChecks.ExternalChecksCanEditObject(...) + // call + + // if (part.OwnerID != remoteClient.AgentId) + // return; + + // if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0) + // return; + + if (!ExternalChecks.ExternalChecksCanEditObject(part.UUID, remoteClient.AgentId)) + { + return; + } TaskInventoryItem currentItem = part.GetInventoryItem(itemID); @@ -1283,11 +1293,23 @@ System.Console.WriteLine("Item asset {0}, request asset {1}", prevItem.AssetID.T SceneObjectPart part = GetSceneObjectPart(localID); if (part != null) { + + /* if (part.OwnerID != remoteClient.AgentId) + { return; + } if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0) + { return; + } + */ + + if (!ExternalChecks.ExternalChecksCanEditObject(part.UUID, remoteClient.AgentId)) + { + return; + } part.ParentGroup.AddInventoryItem(remoteClient, localID, item, copyID); // TODO: set this to "true" when scripts in inventory have persistent state to fire on_rez