fix previous media interact serverside checking. perform very basic serverside url whitelist checks

at the moment, only checking for the exact name prefix is implemented
for some reason, whitelists are not persisting
this commit also fixes a very recent problem where setting any media texture parameters after the initial configuration would not work
prebuild-update
Justin Clark-Casey (justincc) 2010-07-14 23:26:24 +01:00
parent e44e1ccbd3
commit c3ee451325
2 changed files with 91 additions and 10 deletions

View File

@ -91,6 +91,7 @@ namespace OpenSim.Region.CoreModules.Media.Moap
public void AddRegion(Scene scene) public void AddRegion(Scene scene)
{ {
m_scene = scene; m_scene = scene;
m_scene.RegisterModuleInterface<IMoapModule>(this);
} }
public void RemoveRegion(Scene scene) {} public void RemoveRegion(Scene scene) {}
@ -156,20 +157,28 @@ namespace OpenSim.Region.CoreModules.Media.Moap
public MediaEntry GetMediaEntry(SceneObjectPart part, int face) public MediaEntry GetMediaEntry(SceneObjectPart part, int face)
{ {
MediaEntry me = null;
CheckFaceParam(part, face); CheckFaceParam(part, face);
List<MediaEntry> media = part.Shape.Media; List<MediaEntry> media = part.Shape.Media;
if (null == media) if (null == media)
{ {
return null; me = null;
} }
else else
{ {
me = media[face];
// TODO: Really need a proper copy constructor down in libopenmetaverse // TODO: Really need a proper copy constructor down in libopenmetaverse
MediaEntry me = media[face]; if (me != null)
return (null == me ? null : MediaEntry.FromOSD(me.GetOSD())); me = MediaEntry.FromOSD(me.GetOSD());
} }
// m_log.DebugFormat("[MOAP]: GetMediaEntry for {0} face {1} found {2}", part.Name, face, me);
return me;
} }
public void SetMediaEntry(SceneObjectPart part, int face, MediaEntry me) public void SetMediaEntry(SceneObjectPart part, int face, MediaEntry me)
@ -295,6 +304,7 @@ namespace OpenSim.Region.CoreModules.Media.Moap
if (null == media) if (null == media)
{ {
m_log.DebugFormat("[MOAP]: Setting all new media list for {0}", part.Name);
part.Shape.Media = new List<MediaEntry>(omu.FaceMedia); part.Shape.Media = new List<MediaEntry>(omu.FaceMedia);
} }
else else
@ -309,7 +319,10 @@ namespace OpenSim.Region.CoreModules.Media.Moap
for (int i = 0; i < media.Count; i++) for (int i = 0; i < media.Count; i++)
{ {
if (m_scene.Permissions.CanControlPrimMedia(agentId, part.UUID, i)) if (m_scene.Permissions.CanControlPrimMedia(agentId, part.UUID, i))
{
media[i] = omu.FaceMedia[i]; media[i] = omu.FaceMedia[i];
// m_log.DebugFormat("[MOAP]: Set media entry for face {0} on {1}", i, part.Name);
}
} }
} }
@ -362,10 +375,31 @@ namespace OpenSim.Region.CoreModules.Media.Moap
return string.Empty; return string.Empty;
m_log.DebugFormat( m_log.DebugFormat(
"[MOAP]: Updating media entry for face {0} on prim {1} {2} to {3}", "[MOAP]: Received request to update media entry for face {0} on prim {1} {2} to {3}",
omn.Face, part.Name, part.UUID, omn.URL); omn.Face, part.Name, part.UUID, omn.URL);
// If media has never been set for this prim, then just return.
if (null == part.Shape.Media)
return string.Empty;
MediaEntry me = part.Shape.Media[omn.Face]; MediaEntry me = part.Shape.Media[omn.Face];
// Do the same if media has not been set up for a specific face
if (null == me)
return string.Empty;
if (me.EnableWhiteList)
{
if (!CheckUrlAgainstWhitelist(omn.URL, me.WhiteList))
{
m_log.DebugFormat(
"[MOAP]: Blocking change of face {0} on prim {1} {2} to {3} since it's not on the enabled whitelist",
omn.Face, part.Name, part.UUID, omn.URL);
return string.Empty;
}
}
me.CurrentURL = omn.URL; me.CurrentURL = omn.URL;
UpdateMediaUrl(part); UpdateMediaUrl(part);
@ -413,5 +447,32 @@ namespace OpenSim.Region.CoreModules.Media.Moap
m_log.DebugFormat("[MOAP]: Storing media url [{0}] in prim {1} {2}", part.MediaUrl, part.Name, part.UUID); m_log.DebugFormat("[MOAP]: Storing media url [{0}] in prim {1} {2}", part.MediaUrl, part.Name, part.UUID);
} }
/// <summary>
/// Check the given url against the given whitelist.
/// </summary>
/// <param name="url"></param>
/// <param name="whitelist"></param>
/// <returns>true if the url matches an entry on the whitelist, false otherwise</returns>
protected bool CheckUrlAgainstWhitelist(string url, string[] whitelist)
{
foreach (string rawWlUrl in whitelist)
{
string wlUrl = rawWlUrl;
if (!wlUrl.StartsWith("http://"))
wlUrl = "http://" + wlUrl;
m_log.DebugFormat("[MOAP]: Checking whitelist URL {0}", wlUrl);
if (url.StartsWith(wlUrl))
{
m_log.DebugFormat("[MOAP]: Whitelist url {0} matches requested url {1}", wlUrl, url);
return true;
}
}
return false;
}
} }
} }

View File

@ -178,7 +178,7 @@ namespace OpenSim.Region.CoreModules.World.Permissions
string permissionModules = myConfig.GetString("permissionmodules", "DefaultPermissionsModule"); string permissionModules = myConfig.GetString("permissionmodules", "DefaultPermissionsModule");
List<string> modules=new List<string>(permissionModules.Split(',')); List<string> modules = new List<string>(permissionModules.Split(','));
if (!modules.Contains("DefaultPermissionsModule")) if (!modules.Contains("DefaultPermissionsModule"))
return; return;
@ -399,6 +399,10 @@ namespace OpenSim.Region.CoreModules.World.Permissions
m_log.Warn("[PERMISSIONS]: Groups module not found, group permissions will not work"); m_log.Warn("[PERMISSIONS]: Groups module not found, group permissions will not work");
m_moapModule = m_scene.RequestModuleInterface<IMoapModule>(); m_moapModule = m_scene.RequestModuleInterface<IMoapModule>();
// This log line will be commented out when no longer required for debugging
if (m_moapModule == null)
m_log.Warn("[PERMISSIONS]: Media on a prim module not found, media on a prim permissions will not work");
} }
public void Close() public void Close()
@ -1901,7 +1905,11 @@ namespace OpenSim.Region.CoreModules.World.Permissions
} }
private bool CanControlPrimMedia(UUID agentID, UUID primID, int face) private bool CanControlPrimMedia(UUID agentID, UUID primID, int face)
{ {
// m_log.DebugFormat(
// "[PERMISSONS]: Performing CanControlPrimMedia check with agentID {0}, primID {1}, face {2}",
// agentID, primID, face);
if (null == m_moapModule) if (null == m_moapModule)
return false; return false;
@ -1909,17 +1917,25 @@ namespace OpenSim.Region.CoreModules.World.Permissions
if (null == part) if (null == part)
return false; return false;
MediaEntry me = m_moapModule.GetMediaEntry(part, face); MediaEntry me = m_moapModule.GetMediaEntry(part, face);
// If there is no existing media entry then it can be controlled (in this context, created). // If there is no existing media entry then it can be controlled (in this context, created).
if (null == me) if (null == me)
return true; return true;
m_log.DebugFormat(
"[PERMISSIONS]: Checking CanControlPrimMedia for {0} on {1} face {2} with control permissions {3}",
agentID, primID, face, me.ControlPermissions);
return GenericPrimMediaPermission(part, agentID, me.ControlPermissions); return GenericPrimMediaPermission(part, agentID, me.ControlPermissions);
} }
private bool CanInteractWithPrimMedia(UUID agentID, UUID primID, int face) private bool CanInteractWithPrimMedia(UUID agentID, UUID primID, int face)
{ {
// m_log.DebugFormat(
// "[PERMISSONS]: Performing CanInteractWithPrimMedia check with agentID {0}, primID {1}, face {2}",
// agentID, primID, face);
if (null == m_moapModule) if (null == m_moapModule)
return false; return false;
@ -1933,13 +1949,17 @@ namespace OpenSim.Region.CoreModules.World.Permissions
if (null == me) if (null == me)
return true; return true;
m_log.DebugFormat(
"[PERMISSIONS]: Checking CanInteractWithPrimMedia for {0} on {1} face {2} with interact permissions {3}",
agentID, primID, face, me.InteractPermissions);
return GenericPrimMediaPermission(part, agentID, me.InteractPermissions); return GenericPrimMediaPermission(part, agentID, me.InteractPermissions);
} }
private bool GenericPrimMediaPermission(SceneObjectPart part, UUID agentID, MediaPermission perms) private bool GenericPrimMediaPermission(SceneObjectPart part, UUID agentID, MediaPermission perms)
{ {
if (IsAdministrator(agentID)) // if (IsAdministrator(agentID))
return true; // return true;
if ((perms & MediaPermission.Anyone) == MediaPermission.Anyone) if ((perms & MediaPermission.Anyone) == MediaPermission.Anyone)
return true; return true;