Adding dynamic ossl permission control

Add permission by identifying uuid (owner/creator/group) and function. Revoke
permission in the same manner. Permission adjustments immediately effect
running scripts ability to call os functions.

osGrantScriptPermissions(UUID key,string function) Threat Level Severe
osRevokeScriptPermissions(UUID key,string function) Threat Level Severe

work sponsored by: Rage
inv-download
BlueWall 2015-02-27 11:05:15 -05:00
parent 412dd7dfc5
commit a3681f3052
4 changed files with 119 additions and 0 deletions

View File

@ -170,6 +170,9 @@ namespace OpenSim.Region.Framework.Scenes
} }
private bool m_scripts_enabled; private bool m_scripts_enabled;
// Dynamic ossl function permissions
private Dictionary<string, List<UUID>> m_DynaPerms = new Dictionary<string, List<UUID>>();
public SynchronizeSceneHandler SynchronizeScene; public SynchronizeSceneHandler SynchronizeScene;
/// <summary> /// <summary>
@ -5893,5 +5896,63 @@ namespace OpenSim.Region.Framework.Scenes
m_eventManager.TriggerExtraSettingChanged(this, name, String.Empty); m_eventManager.TriggerExtraSettingChanged(this, name, String.Empty);
} }
public bool AddOsslPerm (UUID key, string function)
{
StackTrace calls = new StackTrace ();
string caller = calls.GetFrame (1).GetMethod ().Name;
if (caller != "osGrantScriptPermissions")
{
m_log.ErrorFormat("[SCENE]: {0} cannot adjust script perms!",caller);
return false;
}
if (string.IsNullOrEmpty(function))
return false;
if (!m_DynaPerms.ContainsKey(function))
{
List<UUID> keys = new List<UUID> ();
keys.Add (key);
m_DynaPerms[function] = keys;
return true;
}
if (!m_DynaPerms[function].Contains(key))
m_DynaPerms[function].Add(key);
return true;
}
public bool GetOsslPerms(UUID avatar, string function)
{
if (m_DynaPerms.ContainsKey(function))
if(m_DynaPerms[function].Contains(avatar))
return true;
return false;
}
public bool RemoveOsslPerm(UUID key, string function)
{
StackTrace calls = new StackTrace ();
string caller = calls.GetFrame (1).GetMethod ().Name;
if (caller != "osRevokeScriptPermissions")
{
m_log.ErrorFormat("[SCENE]: {0} cannot adjust script perms!",caller);
return false;
}
if (m_DynaPerms.ContainsKey (function))
{
if (m_DynaPerms [function].Contains (key))
{
m_DynaPerms [function].Remove (key);
if (m_DynaPerms [function].Count == 0)
m_DynaPerms.Remove (function);
}
}
return true;
}
} }
} }

View File

@ -264,6 +264,9 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
// or a string explaining why this function can't be used. // or a string explaining why this function can't be used.
private string CheckThreatLevelTest(ThreatLevel level, string function) private string CheckThreatLevelTest(ThreatLevel level, string function)
{ {
if(GetDynaPerms(m_item.CreatorID, m_item.OwnerID, m_item.GroupID, function))
return string.Empty;
if (!m_FunctionPerms.ContainsKey(function)) if (!m_FunctionPerms.ContainsKey(function))
{ {
FunctionPerms perms = new FunctionPerms(); FunctionPerms perms = new FunctionPerms();
@ -431,6 +434,47 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api
System.Threading.Thread.Sleep(delay); System.Threading.Thread.Sleep(delay);
} }
private bool GetDynaPerms(UUID owner, UUID creator, UUID group, string function)
{
if (World.GetOsslPerms(owner, function))
return true;
if (World.GetOsslPerms(creator, function))
return true;
if (World.GetOsslPerms(creator, function))
return true;
return false;
}
public void osGrantScriptPermissions(LSL_Key avatar, LSL_List osfunctions)
{
CheckThreatLevel(ThreatLevel.Severe, "osGrantScriptPermissions");
m_host.AddScriptLPS(1);
UUID key;
UUID.TryParse(avatar.m_string, out key);
for (int item = 0; item <= osfunctions.Length - 1; item++)
{
string function = osfunctions.GetLSLStringItem(item);
World.AddOsslPerm(key, function);
}
}
public void osRevokeScriptPermissions (LSL_Key avatar, LSL_List osfunctions)
{
CheckThreatLevel(ThreatLevel.Severe, "osRevokeScriptPermissions");
m_host.AddScriptLPS(1);
UUID key;
UUID.TryParse(avatar.m_string, out key);
for (int item = 0; item <= osfunctions.Length - 1; item++)
{
string function = osfunctions.GetLSLStringItem(item);
World.RemoveOsslPerm(key, function);
}
}
public LSL_Integer osSetTerrainHeight(int x, int y, double val) public LSL_Integer osSetTerrainHeight(int x, int y, double val)
{ {
CheckThreatLevel(ThreatLevel.High, "osSetTerrainHeight"); CheckThreatLevel(ThreatLevel.High, "osSetTerrainHeight");

View File

@ -116,6 +116,10 @@ namespace OpenSim.Region.ScriptEngine.Shared.Api.Interfaces
{ {
void CheckThreatLevel(ThreatLevel level, string function); void CheckThreatLevel(ThreatLevel level, string function);
// Scripted Script Permissions
void osGrantScriptPermissions(LSL_Key avatar, LSL_List functions);
void osRevokeScriptPermissions(LSL_Key avatar, LSL_List functions);
//OpenSim functions //OpenSim functions
string osSetDynamicTextureURL(string dynamicID, string contentType, string url, string extraParams, int timer); string osSetDynamicTextureURL(string dynamicID, string contentType, string url, string extraParams, int timer);
string osSetDynamicTextureURLBlend(string dynamicID, string contentType, string url, string extraParams, string osSetDynamicTextureURLBlend(string dynamicID, string contentType, string url, string extraParams,

View File

@ -61,6 +61,16 @@ namespace OpenSim.Region.ScriptEngine.Shared.ScriptBase
Prim = new OSSLPrim(this); Prim = new OSSLPrim(this);
} }
public void osGrantScriptPermissions (LSL_Key avatar, LSL_List osfunctions)
{
m_OSSL_Functions.osGrantScriptPermissions(avatar, osfunctions);
}
public void osRevokeScriptPermissions (LSL_Key avatar, LSL_List osfunctions)
{
m_OSSL_Functions.osRevokeScriptPermissions(avatar, osfunctions);
}
public void osSetRegionWaterHeight(double height) public void osSetRegionWaterHeight(double height)
{ {
m_OSSL_Functions.osSetRegionWaterHeight(height); m_OSSL_Functions.osSetRegionWaterHeight(height);