OpenSim
/
OpenSimMirror
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

enforce effective perms hierarchy

httptests
UbitUmarov 2017-01-18 21:17:09 +00:00
parent e2c2d92d5a
commit b23ce04a6e
1 changed files with 59 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

101
OpenSim/Region/Framework/Scenes/SceneObjectGroup.Inventory.cs
View File

@ -304,6 +304,7 @@ namespace OpenSim.Region.Framework.Scenes
} }
// aggregates perms scanning parts and their contents // aggregates perms scanning parts and their contents
// AggregatePerms does same using cached parts content perms
public void AggregateDeepPerms() public void AggregateDeepPerms()
{ {
lock(PermissionsLock) lock(PermissionsLock)
@ -313,12 +314,16 @@ namespace OpenSim.Region.Framework.Scenes
const uint movemodmask = (uint)(PermissionMask.Move | PermissionMask.Modify); const uint movemodmask = (uint)(PermissionMask.Move | PermissionMask.Modify);
const uint copytransfermast = (uint)(PermissionMask.Copy | PermissionMask.Transfer); const uint copytransfermast = (uint)(PermissionMask.Copy | PermissionMask.Transfer);
uint baseOwnerPerms = RootPart.OwnerMask; uint basePerms = (RootPart.BaseMask & allmask) | (uint)PermissionMask.Move;
uint owner = baseOwnerPerms; bool noBaseTransfer = (RootPart.OwnerID != RootPart.GroupID &&
uint baseGroupPerms = RootPart.GroupMask; (basePerms & (uint)PermissionMask.Transfer) == 0);
uint group = baseGroupPerms;
uint baseEveryonePerms = RootPart.EveryoneMask; uint rootOwnerPerms = RootPart.OwnerMask;
uint everyone = baseEveryonePerms; uint owner = rootOwnerPerms;
uint rootGroupPerms = RootPart.GroupMask;
uint group = rootGroupPerms;
uint rootEveryonePerms = RootPart.EveryoneMask;
uint everyone = rootEveryonePerms;
SceneObjectPart[] parts = m_parts.GetArray(); SceneObjectPart[] parts = m_parts.GetArray();
for (int i = 0; i < parts.Length; i++) for (int i = 0; i < parts.Length; i++)
@ -330,42 +335,47 @@ namespace OpenSim.Region.Framework.Scenes
everyone &= part.AggregatedInnerEveryonePerms; everyone &= part.AggregatedInnerEveryonePerms;
} }
// recover modify and move // recover modify and move
baseOwnerPerms &= movemodmask; rootOwnerPerms &= movemodmask;
owner |= baseOwnerPerms; owner |= rootOwnerPerms;
if((owner & copytransfermast) == 0) if((owner & copytransfermast) == 0)
owner |= (uint)PermissionMask.Transfer; owner |= (uint)PermissionMask.Transfer;
owner &= allmask;
owner &= basePerms;
m_EffectiveOwnerPerms = owner; m_EffectiveOwnerPerms = owner;
// recover modify and move // recover modify and move
baseGroupPerms &= movemodmask; rootGroupPerms &= movemodmask;
group |= baseGroupPerms; group |= rootGroupPerms;
group &= allmask; if(noBaseTransfer)
group &=~(uint)PermissionMask.Copy;
uint groupOrEveryone = group; uint groupOrEveryone = group;
if((group & copytransfermast) == 0) if((group & copytransfermast) == 0)
group |= (uint)PermissionMask.Transfer; group |= (uint)PermissionMask.Transfer;
m_EffectiveGroupPerms = group; m_EffectiveGroupPerms = group & owner;
// recover move // recover move
baseEveryonePerms &= (uint)PermissionMask.Move; rootEveryonePerms &= (uint)PermissionMask.Move;
everyone |= baseEveryonePerms; everyone |= rootEveryonePerms;
everyone &= allmask; everyone &= ~(uint)PermissionMask.Modify;
if(noBaseTransfer)
everyone &=~(uint)PermissionMask.Copy;
groupOrEveryone |= everyone; groupOrEveryone |= everyone;
if((everyone & copytransfermast) == 0) // not much sense but as sl if((everyone & copytransfermast) == 0)
everyone |= (uint)PermissionMask.Transfer; everyone |= (uint)PermissionMask.Transfer;
m_EffectiveEveryOnePerms = everyone; m_EffectiveEveryOnePerms = everyone & owner;
if((groupOrEveryone & copytransfermast) == 0) // not much sense but as sl if((groupOrEveryone & copytransfermast) == 0)
groupOrEveryone |= (uint)PermissionMask.Transfer; groupOrEveryone |= (uint)PermissionMask.Transfer;
m_EffectiveGroupOrEveryOnePerms = groupOrEveryone; m_EffectiveGroupOrEveryOnePerms = groupOrEveryone & owner;
} }
} }
// aggregates perms scanning parts, assuming their contents was already aggregated // aggregates perms scanning parts, assuming their contents was already aggregated and cached
// ie is AggregateDeepPerms without the part.AggregateInnerPerms() call on parts loop
public void AggregatePerms() public void AggregatePerms()
{ {
lock(PermissionsLock) lock(PermissionsLock)
@ -375,55 +385,62 @@ namespace OpenSim.Region.Framework.Scenes
const uint movemodmask = (uint)(PermissionMask.Move | PermissionMask.Modify); const uint movemodmask = (uint)(PermissionMask.Move | PermissionMask.Modify);
const uint copytransfermast = (uint)(PermissionMask.Copy | PermissionMask.Transfer); const uint copytransfermast = (uint)(PermissionMask.Copy | PermissionMask.Transfer);
uint baseOwnerPerms = RootPart.OwnerMask; uint basePerms = (RootPart.BaseMask & allmask) | (uint)PermissionMask.Move;
uint owner = baseOwnerPerms; bool noBaseTransfer = (RootPart.OwnerID == RootPart.GroupID &&
uint baseGroupPerms = RootPart.GroupMask; (basePerms & (uint)PermissionMask.Transfer) == 0);
uint group = baseGroupPerms;
uint baseEveryonePerms = RootPart.EveryoneMask; uint rootOwnerPerms = RootPart.OwnerMask;
uint everyone = baseEveryonePerms; uint owner = rootOwnerPerms;
uint rootGroupPerms = RootPart.GroupMask;
uint group = rootGroupPerms;
uint rootEveryonePerms = RootPart.EveryoneMask;
uint everyone = rootEveryonePerms;
SceneObjectPart[] parts = m_parts.GetArray(); SceneObjectPart[] parts = m_parts.GetArray();
for (int i = 0; i < parts.Length; i++) for (int i = 0; i < parts.Length; i++)
{ {
SceneObjectPart part = parts[i]; SceneObjectPart part = parts[i];
part.AggregateInnerPerms();
owner &= part.AggregatedInnerOwnerPerms; owner &= part.AggregatedInnerOwnerPerms;
group &= part.AggregatedInnerGroupPerms; group &= part.AggregatedInnerGroupPerms;
everyone &= part.AggregatedInnerEveryonePerms; everyone &= part.AggregatedInnerEveryonePerms;
} }
// recover modify and move // recover modify and move
baseOwnerPerms &= movemodmask; rootOwnerPerms &= movemodmask;
owner |= baseOwnerPerms; owner |= rootOwnerPerms;
if((owner & copytransfermast) == 0) if((owner & copytransfermast) == 0)
owner |= (uint)PermissionMask.Transfer; owner |= (uint)PermissionMask.Transfer;
owner &= allmask;
owner &= basePerms;
m_EffectiveOwnerPerms = owner; m_EffectiveOwnerPerms = owner;
// recover modify and move // recover modify and move
baseGroupPerms &= movemodmask; rootGroupPerms &= movemodmask;
group |= baseGroupPerms; group |= rootGroupPerms;
group &= allmask; if(noBaseTransfer)
group &=~(uint)PermissionMask.Copy;
uint groupOrEveryone = group; uint groupOrEveryone = group;
if((group & copytransfermast) == 0) if((group & copytransfermast) == 0)
group |= (uint)PermissionMask.Transfer; group |= (uint)PermissionMask.Transfer;
m_EffectiveGroupPerms = group; m_EffectiveGroupPerms = group & owner;
// recover move // recover move
baseEveryonePerms &= (uint)PermissionMask.Move; rootEveryonePerms &= (uint)PermissionMask.Move;
everyone |= baseEveryonePerms; everyone |= rootEveryonePerms;
everyone &= allmask; everyone &= ~(uint)PermissionMask.Modify;
if(noBaseTransfer)
everyone &=~(uint)PermissionMask.Copy;
groupOrEveryone |= everyone; groupOrEveryone |= everyone;
if((everyone & copytransfermast) == 0) // not much sense but as sl if((everyone & copytransfermast) == 0)
everyone |= (uint)PermissionMask.Transfer; everyone |= (uint)PermissionMask.Transfer;
m_EffectiveEveryOnePerms = everyone; m_EffectiveEveryOnePerms = everyone & owner;
if((groupOrEveryone & copytransfermast) == 0) // not much sense but as sl if((groupOrEveryone & copytransfermast) == 0)
groupOrEveryone |= (uint)PermissionMask.Transfer; groupOrEveryone |= (uint)PermissionMask.Transfer;
m_EffectiveGroupOrEveryOnePerms = groupOrEveryone; m_EffectiveGroupOrEveryOnePerms = groupOrEveryone & owner;
} }
} }