OpenSim
/
OpenSimMirror
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Thank you Snoopy, for a patch that implements group permissions. 

Applied with changes:
- removed spammy debug message
- corrected tab formatting
0.6.6-post-fixes
Melanie Thielker 2009-06-09 08:15:34 +00:00
parent 759636f37e
commit 9c726fb178
2 changed files with 264 additions and 140 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

357
OpenSim/Region/CoreModules/World/Permissions/PermissionsModule.cs
View File

@ -36,6 +36,56 @@ using OpenSim.Framework.Communications.Cache;
using OpenSim.Region.Framework.Interfaces; using OpenSim.Region.Framework.Interfaces;
using OpenSim.Region.Framework.Scenes; using OpenSim.Region.Framework.Scenes;
// Temporary fix of wrong GroupPowers constants in OpenMetaverse library
enum GroupPowers : long
{
None = 0,
LandEjectAndFreeze = 1,
Invite = 2,
ReturnGroupSet = 2,
Eject = 4,
ReturnNonGroup = 4,
ChangeOptions = 8,
LandGardening = 8,
CreateRole = 16,
DeedObject = 16,
ModerateChat = 32,
DeleteRole = 32,
RoleProperties = 64,
ObjectManipulate = 64,
ObjectSetForSale = 128,
AssignMemberLimited = 128,
AssignMember = 256,
Accountable = 256,
RemoveMember = 512,
SendNotices = 1024,
ChangeActions = 1024,
ChangeIdentity = 2048,
ReceiveNotices = 2048,
StartProposal = 4096,
LandDeed = 4096,
VoteOnProposal = 8192,
LandRelease = 8192,
LandSetSale = 16384,
LandDivideJoin = 32768,
ReturnGroupOwned = 65536,
JoinChat = 65536,
FindPlaces = 131072,
LandChangeIdentity = 262144,
SetLandingPoint = 524288,
ChangeMedia = 1048576,
LandEdit = 2097152,
LandOptions = 4194304,
AllowEditLand = 8388608,
AllowFly = 16777216,
AllowRez = 33554432,
AllowLandmark = 67108864,
AllowVoiceChat = 134217728,
AllowSetHome = 268435456,
LandManageAllowed = 536870912,
LandManageBanned = 1073741824
}
namespace OpenSim.Region.CoreModules.World.Permissions namespace OpenSim.Region.CoreModules.World.Permissions
{ {
public class PermissionsModule : IRegionModule public class PermissionsModule : IRegionModule
@ -192,36 +242,36 @@ namespace OpenSim.Region.CoreModules.World.Permissions
HandleDebugPermissions); HandleDebugPermissions);
string grant = myConfig.GetString("GrantLSL",""); string grant = myConfig.GetString("GrantLSL","");
if(grant.Length > 0) { if(grant.Length > 0) {
foreach (string uuidl in grant.Split(',')) { foreach (string uuidl in grant.Split(',')) {
string uuid = uuidl.Trim(" \t".ToCharArray()); string uuid = uuidl.Trim(" \t".ToCharArray());
GrantLSL.Add(uuid, true); GrantLSL.Add(uuid, true);
} }
} }
grant = myConfig.GetString("GrantCS",""); grant = myConfig.GetString("GrantCS","");
if(grant.Length > 0) { if(grant.Length > 0) {
foreach (string uuidl in grant.Split(',')) { foreach (string uuidl in grant.Split(',')) {
string uuid = uuidl.Trim(" \t".ToCharArray()); string uuid = uuidl.Trim(" \t".ToCharArray());
GrantCS.Add(uuid, true); GrantCS.Add(uuid, true);
} }
} }
grant = myConfig.GetString("GrantVB",""); grant = myConfig.GetString("GrantVB","");
if(grant.Length > 0) { if(grant.Length > 0) {
foreach (string uuidl in grant.Split(',')) { foreach (string uuidl in grant.Split(',')) {
string uuid = uuidl.Trim(" \t".ToCharArray()); string uuid = uuidl.Trim(" \t".ToCharArray());
GrantVB.Add(uuid, true); GrantVB.Add(uuid, true);
} }
} }
grant = myConfig.GetString("GrantJS",""); grant = myConfig.GetString("GrantJS","");
if(grant.Length > 0) { if(grant.Length > 0) {
foreach (string uuidl in grant.Split(',')) { foreach (string uuidl in grant.Split(',')) {
string uuid = uuidl.Trim(" \t".ToCharArray()); string uuid = uuidl.Trim(" \t".ToCharArray());
GrantJS.Add(uuid, true); GrantJS.Add(uuid, true);
} }
} }
} }
@ -329,6 +379,16 @@ namespace OpenSim.Region.CoreModules.World.Permissions
m_log.Debug("[PERMISSIONS]: " + permissionCalled + " was called from " + m_scene.RegionInfo.RegionName); m_log.Debug("[PERMISSIONS]: " + permissionCalled + " was called from " + m_scene.RegionInfo.RegionName);
} }
// Checks if the given group is active and if the user is a group member
// with the powers requested (powers = 0 for no powers check)
protected bool IsGroupMember(UUID groupID, UUID userID, ulong powers)
{
IClientAPI client = m_scene.GetScenePresence(userID).ControllingClient;
return ((groupID == client.ActiveGroupId) && (client.ActiveGroupPowers != 0) &&
((powers == 0) || ((client.ActiveGroupPowers & powers) == powers)));
}
/// <summary> /// <summary>
/// Parse a user set configuration setting /// Parse a user set configuration setting
/// </summary> /// </summary>
@ -371,6 +431,8 @@ namespace OpenSim.Region.CoreModules.World.Permissions
/// <returns></returns> /// <returns></returns>
protected bool IsAdministrator(UUID user) protected bool IsAdministrator(UUID user)
{ {
if (user == UUID.Zero) return false;
if (m_scene.RegionInfo.MasterAvatarAssignedUUID != UUID.Zero) if (m_scene.RegionInfo.MasterAvatarAssignedUUID != UUID.Zero)
{ {
if (m_RegionOwnerIsGod && (m_scene.RegionInfo.MasterAvatarAssignedUUID == user)) if (m_RegionOwnerIsGod && (m_scene.RegionInfo.MasterAvatarAssignedUUID == user))
@ -391,10 +453,6 @@ namespace OpenSim.Region.CoreModules.World.Permissions
if (profile.UserProfile.GodLevel >= 200) if (profile.UserProfile.GodLevel >= 200)
return true; return true;
} }
//else
//{
// m_log.ErrorFormat("[PERMISSIONS]: Could not find user {0} for administrator check", user);
//}
} }
return false; return false;
@ -402,6 +460,8 @@ namespace OpenSim.Region.CoreModules.World.Permissions
protected bool IsEstateManager(UUID user) protected bool IsEstateManager(UUID user)
{ {
if (user == UUID.Zero) return false;
return m_scene.RegionInfo.EstateSettings.IsEstateManager(user); return m_scene.RegionInfo.EstateSettings.IsEstateManager(user);
} }
#endregion #endregion
@ -473,36 +533,20 @@ namespace OpenSim.Region.CoreModules.World.Permissions
objectOwnerMask |= (uint)PrimFlags.ObjectYouOwner | (uint)PrimFlags.ObjectAnyOwner | (uint)PrimFlags.ObjectOwnerModify; objectOwnerMask |= (uint)PrimFlags.ObjectYouOwner | (uint)PrimFlags.ObjectAnyOwner | (uint)PrimFlags.ObjectOwnerModify;
// Customize the GroupMask // Customize the GroupMask
// uint objectGroupMask = ApplyObjectModifyMasks(task.GroupMask, objflags); uint objectGroupMask = ApplyObjectModifyMasks(task.GroupMask, objflags);
// Customize the EveryoneMask // Customize the EveryoneMask
uint objectEveryoneMask = ApplyObjectModifyMasks(task.EveryoneMask, objflags); uint objectEveryoneMask = ApplyObjectModifyMasks(task.EveryoneMask, objflags);
// Hack to allow collaboration until Groups and Group Permissions are implemented
if ((objectEveryoneMask & (uint)PrimFlags.ObjectMove) != 0)
objectEveryoneMask |= (uint)PrimFlags.ObjectModify;
if (m_bypassPermissions) if (m_bypassPermissions)
return objectOwnerMask; return objectOwnerMask;
// Object owners should be able to edit their own content // Object owners should be able to edit their own content
if (user == objectOwner) if (user == objectOwner)
{
return objectOwnerMask; return objectOwnerMask;
}
//// Users should be able to edit what is over their land.
//ILandObject parcel = m_scene.LandChannel.GetLandObject(task.AbsolutePosition.X, task.AbsolutePosition.Y);
//if (parcel != null && parcel.landData.OwnerID == user && m_ParcelOwnerIsGod)
// return objectOwnerMask;
//// Admin objects should not be editable by the above
//if (IsAdministrator(objectOwner))
// return objectEveryoneMask;
// Estate users should be able to edit anything in the sim // Estate users should be able to edit anything in the sim
if (IsEstateManager(user) && m_RegionOwnerIsGod && (!IsAdministrator(objectOwner))) if (IsEstateManager(user) && m_RegionOwnerIsGod && !IsAdministrator(objectOwner))
return objectOwnerMask; return objectOwnerMask;
// Admin should be able to edit anything in the sim (including admin objects) // Admin should be able to edit anything in the sim (including admin objects)
@ -513,17 +557,15 @@ namespace OpenSim.Region.CoreModules.World.Permissions
ILandObject parcel = m_scene.LandChannel.GetLandObject(task.AbsolutePosition.X, task.AbsolutePosition.Y); ILandObject parcel = m_scene.LandChannel.GetLandObject(task.AbsolutePosition.X, task.AbsolutePosition.Y);
if (parcel != null && parcel.landData.OwnerID == user && m_ParcelOwnerIsGod) if (parcel != null && parcel.landData.OwnerID == user && m_ParcelOwnerIsGod)
{ {
uint responseMask = objectOwnerMask;
// Admin objects should not be editable by the above // Admin objects should not be editable by the above
if (IsAdministrator(objectOwner)) if (!IsAdministrator(objectOwner))
{ return objectOwnerMask;
responseMask = objectEveryoneMask;
}
return responseMask;
} }
// Group permissions
if ( ( task.GroupID != UUID.Zero) && IsGroupMember(task.GroupID, user, 0) )
return objectGroupMask;
return objectEveryoneMask; return objectEveryoneMask;
} }
@ -607,6 +649,13 @@ namespace OpenSim.Region.CoreModules.World.Permissions
permission = false; permission = false;
} }
// Group members should be able to edit group objects
if ( (group.GroupID != UUID.Zero) && ((m_scene.GetSceneObjectPart(objId).GroupMask & (uint)PermissionMask.Modify) != 0) && IsGroupMember(group.GroupID, currentUser, 0) )
{
// Return immediately, so that the administrator can shares group objects
return true;
}
// Users should be able to edit what is over their land. // Users should be able to edit what is over their land.
ILandObject parcel = m_scene.LandChannel.GetLandObject(group.AbsolutePosition.X, group.AbsolutePosition.Y); ILandObject parcel = m_scene.LandChannel.GetLandObject(group.AbsolutePosition.X, group.AbsolutePosition.Y);
if ((parcel != null) && (parcel.landData.OwnerID == currentUser)) if ((parcel != null) && (parcel.landData.OwnerID == currentUser))
@ -673,7 +722,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions
return permission; return permission;
} }
protected bool GenericParcelPermission(UUID user, ILandObject parcel) protected bool GenericParcelPermission(UUID user, ILandObject parcel, ulong groupPowers)
{ {
bool permission = false; bool permission = false;
@ -682,9 +731,9 @@ namespace OpenSim.Region.CoreModules.World.Permissions
permission = true; permission = true;
} }
if (parcel.landData.IsGroupOwned) if( ( parcel.landData.GroupID != UUID.Zero) && IsGroupMember(parcel.landData.GroupID, user, groupPowers) )
{ {
// TODO: Need to do some extra checks here. Requires group code. permission = true;
} }
if (IsEstateManager(user)) if (IsEstateManager(user))
@ -700,11 +749,38 @@ namespace OpenSim.Region.CoreModules.World.Permissions
return permission; return permission;
} }
protected bool GenericParcelPermission(UUID user, Vector3 pos) protected bool GenericParcelOwnerPermission(UUID user, ILandObject parcel, ulong groupPowers)
{
bool permission = false;
if (parcel.landData.OwnerID == user)
{
permission = true;
}
if( parcel.landData.IsGroupOwned && IsGroupMember(parcel.landData.GroupID, user, groupPowers) )
{
permission = true;
}
if (IsEstateManager(user))
{
permission = true;
}
if (IsAdministrator(user))
{
permission = true;
}
return permission;
}
protected bool GenericParcelPermission(UUID user, Vector3 pos, ulong groupPowers)
{ {
ILandObject parcel = m_scene.LandChannel.GetLandObject(pos.X, pos.Y); ILandObject parcel = m_scene.LandChannel.GetLandObject(pos.X, pos.Y);
if (parcel == null) return false; if (parcel == null) return false;
return GenericParcelPermission(user, parcel); return GenericParcelPermission(user, parcel, groupPowers);
} }
#endregion #endregion
@ -714,7 +790,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions
DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
if (m_bypassPermissions) return m_bypassPermissionsValue; if (m_bypassPermissions) return m_bypassPermissionsValue;
return GenericParcelPermission(user, parcel); return GenericParcelOwnerPermission(user, parcel, (ulong)GroupPowers.LandRelease);
} }
private bool CanReclaimParcel(UUID user, ILandObject parcel, Scene scene) private bool CanReclaimParcel(UUID user, ILandObject parcel, Scene scene)
@ -722,7 +798,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions
DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
if (m_bypassPermissions) return m_bypassPermissionsValue; if (m_bypassPermissions) return m_bypassPermissionsValue;
return GenericParcelPermission(user, parcel); return GenericParcelOwnerPermission(user, parcel, 0);
} }
private bool CanDeedParcel(UUID user, ILandObject parcel, Scene scene) private bool CanDeedParcel(UUID user, ILandObject parcel, Scene scene)
@ -736,10 +812,10 @@ namespace OpenSim.Region.CoreModules.World.Permissions
ScenePresence sp = scene.GetScenePresence(user); ScenePresence sp = scene.GetScenePresence(user);
IClientAPI client = sp.ControllingClient; IClientAPI client = sp.ControllingClient;
if ((client.GetGroupPowers(parcel.landData.GroupID) & (long)GroupPowers.LandDeed) == 0) if ((client.GetGroupPowers(parcel.landData.GroupID) & (ulong)GroupPowers.LandDeed) == 0)
return false; return false;
return GenericParcelPermission(user, parcel); return GenericParcelOwnerPermission(user, parcel, (ulong)GroupPowers.LandDeed);
} }
private bool IsGod(UUID user, Scene scene) private bool IsGod(UUID user, Scene scene)
@ -765,11 +841,17 @@ namespace OpenSim.Region.CoreModules.World.Permissions
if (part == null) if (part == null)
return false; return false;
if ((part.OwnerMask & PERM_COPY) == 0) if (part.OwnerID == owner)
return false; return ((part.OwnerMask & PERM_COPY) != 0);
if ((part.ParentGroup.GetEffectivePermissions() & PERM_COPY) == 0) if (part.GroupID != UUID.Zero)
return false; {
if ((part.OwnerID == UUID.Zero) && ((owner != part.LastOwnerID) || ((part.GroupMask & PERM_TRANS) == 0)))
return false;
if ((part.GroupMask & PERM_COPY) == 0)
return false;
}
//If they can rez, they can duplicate //If they can rez, they can duplicate
return CanRezObject(objectCount, owner, objectPosition, scene); return CanRezObject(objectCount, owner, objectPosition, scene);
@ -807,11 +889,6 @@ namespace OpenSim.Region.CoreModules.World.Permissions
part = m_scene.GetSceneObjectPart(objectID); part = m_scene.GetSceneObjectPart(objectID);
} }
// TODO: add group support!
//
if (part.OwnerID != editorID)
return false;
return GenericObjectPermission(editorID, objectID, false); return GenericObjectPermission(editorID, objectID, false);
} }
@ -820,7 +897,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions
DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
if (m_bypassPermissions) return m_bypassPermissionsValue; if (m_bypassPermissions) return m_bypassPermissionsValue;
return GenericParcelPermission(user, parcel); return GenericParcelOwnerPermission(user, parcel, (ulong)GroupPowers.LandDivideJoin);
} }
/// <summary> /// <summary>
@ -901,10 +978,19 @@ namespace OpenSim.Region.CoreModules.World.Permissions
return false; return false;
if (part.OwnerID != user) if (part.OwnerID != user)
return false; {
if (part.GroupID == UUID.Zero)
return false;
if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0) if( !IsGroupMember(part.GroupID, user, 0) )
return false;
if ((part.GroupMask & (uint)PermissionMask.Modify) == 0)
return false;
} else {
if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0)
return false; return false;
}
TaskInventoryItem ti = part.Inventory.GetInventoryItem(notecard); TaskInventoryItem ti = part.Inventory.GetInventoryItem(notecard);
@ -912,7 +998,13 @@ namespace OpenSim.Region.CoreModules.World.Permissions
return false; return false;
if (ti.OwnerID != user) if (ti.OwnerID != user)
{
if (ti.GroupID == UUID.Zero)
return false;
if( !IsGroupMember(ti.GroupID, user, 0) )
return false; return false;
}
// Require full perms // Require full perms
if ((ti.CurrentPermissions & if ((ti.CurrentPermissions &
@ -1084,8 +1176,6 @@ namespace OpenSim.Region.CoreModules.World.Permissions
return true; return true;
} }
//TODO: check for group rights
if (!m_scene.Entities.ContainsKey(objectID)) if (!m_scene.Entities.ContainsKey(objectID))
{ {
return false; return false;
@ -1098,7 +1188,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions
} }
if (GenericParcelPermission(task.OwnerID, newPoint)) if (GenericParcelPermission(task.OwnerID, newPoint, 0))
{ {
return true; return true;
} }
@ -1129,14 +1219,13 @@ namespace OpenSim.Region.CoreModules.World.Permissions
(int)Parcel.ParcelFlags.CreateObjects) (int)Parcel.ParcelFlags.CreateObjects)
permission = true; permission = true;
//TODO: check for group rights
if (IsAdministrator(owner)) if (IsAdministrator(owner))
{ {
permission = true; permission = true;
} }
if (GenericParcelPermission(owner, objectPosition)) // Powers are zero, because GroupPowers.AllowRez is not a precondition for rezzing objects
if (GenericParcelPermission(owner, objectPosition, 0))
{ {
permission = true; permission = true;
} }
@ -1166,7 +1255,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions
DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
if (m_bypassPermissions) return m_bypassPermissionsValue; if (m_bypassPermissions) return m_bypassPermissionsValue;
return GenericParcelPermission(user, parcel); return GenericParcelOwnerPermission(user, parcel, (ulong)GroupPowers.LandSetSale);
} }
private bool CanTakeObject(UUID objectID, UUID stealer, Scene scene) private bool CanTakeObject(UUID objectID, UUID stealer, Scene scene)
@ -1182,7 +1271,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions
DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name); DebugPermissionInformation(MethodInfo.GetCurrentMethod().Name);
if (m_bypassPermissions) return m_bypassPermissionsValue; if (m_bypassPermissions) return m_bypassPermissionsValue;
bool permission = GenericObjectPermission(userID, objectID,false); bool permission = GenericObjectPermission(userID, objectID, false);
if (!permission) if (!permission)
{ {
if (!m_scene.Entities.ContainsKey(objectID)) if (!m_scene.Entities.ContainsKey(objectID))
@ -1249,7 +1338,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions
return true; return true;
// Land owner can terraform too // Land owner can terraform too
if (parcel != null && GenericParcelPermission(user, parcel)) if (parcel != null && GenericParcelPermission(user, parcel, (ulong)GroupPowers.AllowEditLand))
return true; return true;
return false; return false;
@ -1318,10 +1407,19 @@ namespace OpenSim.Region.CoreModules.World.Permissions
return false; return false;
if (part.OwnerID != user) if (part.OwnerID != user)
{
if (part.GroupID == UUID.Zero)
return false; return false;
if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0) if( !IsGroupMember(part.GroupID, user, 0) )
return false; return false;
if ((part.GroupMask & (uint)PermissionMask.Modify) == 0)
return false;
} else {
if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0)
return false;
}
TaskInventoryItem ti = part.Inventory.GetInventoryItem(script); TaskInventoryItem ti = part.Inventory.GetInventoryItem(script);
@ -1329,7 +1427,13 @@ namespace OpenSim.Region.CoreModules.World.Permissions
return false; return false;
if (ti.OwnerID != user) if (ti.OwnerID != user)
return false; {
if (ti.GroupID == UUID.Zero)
return false;
if( !IsGroupMember(ti.GroupID, user, 0) )
return false;
}
// Require full perms // Require full perms
if ((ti.CurrentPermissions & if ((ti.CurrentPermissions &
@ -1396,7 +1500,13 @@ namespace OpenSim.Region.CoreModules.World.Permissions
return false; return false;
if (part.OwnerID != user) if (part.OwnerID != user)
return false; {
if (part.GroupID == UUID.Zero)
return false;
if( !IsGroupMember(part.GroupID, user, 0) )
return false;
}
if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0) if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0)
return false; return false;
@ -1407,7 +1517,13 @@ namespace OpenSim.Region.CoreModules.World.Permissions
return false; return false;
if (ti.OwnerID != user) if (ti.OwnerID != user)
return false; {
if (ti.GroupID == UUID.Zero)
return false;
if( !IsGroupMember(ti.GroupID, user, 0) )
return false;
}
// Notecards are always readable unless no copy // Notecards are always readable unless no copy
// //
@ -1420,7 +1536,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions
return true; return true;
} }
#endregion #endregion
private bool CanLinkObject(UUID userID, UUID objectID) private bool CanLinkObject(UUID userID, UUID objectID)
{ {
@ -1589,7 +1705,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions
if (parcel.landData.OwnerID != client.AgentId) if (parcel.landData.OwnerID != client.AgentId)
return false; return false;
} }
break; return GenericParcelOwnerPermission(client.AgentId, parcel, (ulong)GroupPowers.ReturnGroupOwned);
case (uint)ObjectReturnType.Group: case (uint)ObjectReturnType.Group:
if (parcel.landData.OwnerID != client.AgentId) if (parcel.landData.OwnerID != client.AgentId)
{ {
@ -1613,45 +1729,44 @@ namespace OpenSim.Region.CoreModules.World.Permissions
return true; return true;
} }
} }
break; return GenericParcelOwnerPermission(client.AgentId, parcel, (ulong)GroupPowers.ReturnGroupSet);
case (uint)ObjectReturnType.Other: case (uint)ObjectReturnType.Other:
if ((powers & (long)GroupPowers.ReturnNonGroup) != 0) if ((powers & (long)GroupPowers.ReturnNonGroup) != 0)
return true; return true;
break; return GenericParcelOwnerPermission(client.AgentId, parcel, (ulong)GroupPowers.ReturnNonGroup);
case (uint)ObjectReturnType.List: case (uint)ObjectReturnType.List:
break; break;
} }
return GenericParcelPermission(client.AgentId, parcel); return GenericParcelOwnerPermission(client.AgentId, parcel, 0);
// Is it correct to be less restrictive for lists of objects to be returned?
} }
private bool CanCompileScript(UUID ownerUUID, int scriptType, Scene scene) { private bool CanCompileScript(UUID ownerUUID, int scriptType, Scene scene) {
//m_log.DebugFormat("check if {0} is allowed to compile {1}", ownerUUID, scriptType); //m_log.DebugFormat("check if {0} is allowed to compile {1}", ownerUUID, scriptType);
switch(scriptType) { switch(scriptType) {
case 0: case 0:
if(GrantLSL.Count == 0 || GrantLSL.ContainsKey(ownerUUID.ToString())) { if(GrantLSL.Count == 0 || GrantLSL.ContainsKey(ownerUUID.ToString())) {
return(true); return(true);
} }
break; break;
case 1: case 1:
if(GrantCS.Count == 0 || GrantCS.ContainsKey(ownerUUID.ToString())) { if(GrantCS.Count == 0 || GrantCS.ContainsKey(ownerUUID.ToString())) {
return(true); return(true);
} }
break; break;
case 2: case 2:
if(GrantVB.Count == 0 || GrantVB.ContainsKey(ownerUUID.ToString())) { if(GrantVB.Count == 0 || GrantVB.ContainsKey(ownerUUID.ToString())) {
return(true); return(true);
} }
break; break;
case 3: case 3:
if(GrantJS.Count == 0 || GrantJS.ContainsKey(ownerUUID.ToString())) { if(GrantJS.Count == 0 || GrantJS.ContainsKey(ownerUUID.ToString())) {
return(true); return(true);
} }
break; break;
} }
return(false); return(false);
} }
} }
} }

25
OpenSim/Region/Framework/Scenes/Scene.Inventory.cs
View File

@ -1526,10 +1526,14 @@ namespace OpenSim.Region.Framework.Scenes
return; return;
if (part.OwnerID != remoteClient.AgentId) if (part.OwnerID != remoteClient.AgentId)
return; {
// Group permissions
if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0) if ( (part.GroupID == UUID.Zero) || (remoteClient.GetGroupPowers(part.GroupID) == 0) || ((part.GroupMask & (uint)PermissionMask.Modify) == 0) )
return; return;
} else {
if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0)
return;
}
if (!Permissions.CanCreateObjectInventory( if (!Permissions.CanCreateObjectInventory(
itemBase.InvType, part.UUID, remoteClient.AgentId)) itemBase.InvType, part.UUID, remoteClient.AgentId))
@ -1601,10 +1605,15 @@ namespace OpenSim.Region.Framework.Scenes
// Must own the object, and have modify rights // Must own the object, and have modify rights
if (srcPart.OwnerID != destPart.OwnerID) if (srcPart.OwnerID != destPart.OwnerID)
return; {
// Group permissions
if ((destPart.OwnerMask & (uint)PermissionMask.Modify) == 0) if ( (destPart.GroupID == UUID.Zero) || (destPart.GroupID != srcPart.GroupID) ||
return; ((destPart.GroupMask & (uint)PermissionMask.Modify) == 0) )
return;
} else {
if ((destPart.OwnerMask & (uint)PermissionMask.Modify) == 0)
return;
}
if (destPart.ScriptAccessPin != pin) if (destPart.ScriptAccessPin != pin)
{ {