HG: If OutboundPermission is set to false, let's enforce stricter permissions by not allowing objects to be taken to inventory.

2013-08-03 20:13:44 -07:00 · 2013-08-03 20:13:44 -07:00 · dcfeb95e98
parent b857353fc9
commit dcfeb95e98
2 changed files with 34 additions and 0 deletions
--- a/OpenSim/Region/CoreModules/Framework/InventoryAccess/HGInventoryAccessModule.cs
+++ b/OpenSim/Region/CoreModules/Framework/InventoryAccess/HGInventoryAccessModule.cs
@ -62,6 +62,8 @@ namespace OpenSim.Region.CoreModules.Framework.InventoryAccess
        private string m_ThisGatekeeper;
        private bool m_RestrictInventoryAccessAbroad;

+        private bool m_bypassPermissions = true;
+
 //        private bool m_Initialized = false;

        #region INonSharedRegionModule
@ -100,6 +102,10 @@ namespace OpenSim.Region.CoreModules.Framework.InventoryAccess
                    }
                    else
                        m_log.Warn("[HG INVENTORY ACCESS MODULE]: HGInventoryAccessModule configs not found. ProfileServerURI not set!");
+
+                    m_bypassPermissions = !Util.GetConfigVarFromSections<bool>(source, "serverside_object_permissions",
+                                            new string[] { "Startup", "Permissions" }, true); 
+
                }
            }
        }
@ -114,6 +120,11 @@ namespace OpenSim.Region.CoreModules.Framework.InventoryAccess
            scene.EventManager.OnNewInventoryItemUploadComplete += UploadInventoryItem;
            scene.EventManager.OnTeleportStart += TeleportStart;
            scene.EventManager.OnTeleportFail += TeleportFail;
+
+            // We're fgoing to enforce some stricter permissions if Outbound is false
+            scene.Permissions.OnTakeObject += CanTakeObject;
+            scene.Permissions.OnTakeCopyObject += CanTakeObject;
+
        }

        #endregion
@ -417,5 +428,25 @@ namespace OpenSim.Region.CoreModules.Framework.InventoryAccess
        }

        #endregion
+
+        #region Permissions
+
+        private bool CanTakeObject(UUID objectID, UUID stealer, Scene scene)
+        {
+            if (m_bypassPermissions) return true;
+
+            if (!m_OutboundPermission && !UserManagementModule.IsLocalGridUser(stealer))
+            {
+                SceneObjectGroup sog = null;
+                if (m_Scene.TryGetSceneObjectGroup(objectID, out sog) && sog.OwnerID == stealer)
+                    return true;
+
+                return false;
+            }
+
+            return true;
+        }
+
+        #endregion
    }
 }
--- a/OpenSim/Region/Framework/Scenes/Scene.Inventory.cs
+++ b/OpenSim/Region/Framework/Scenes/Scene.Inventory.cs
@ -2068,7 +2068,10 @@ namespace OpenSim.Region.Framework.Scenes
            {
                // If we don't have permission, stop right here
                if (!permissionToTakeCopy)
+                {
+                    remoteClient.SendAlertMessage("You don't have permission to take the object");
                    return;
+                }

                permissionToTake = true;
                // Don't delete