[Opensim-dev] [Opensim-commits] r6426 - in trunk/OpenSim: ApplicationPlugins/Rest/Inventory ApplicationPlugins/Rest/Inventory/tests Region/ClientStack/LindenUDP Region/Environment/Scenes
Melanie
melanie at t-data.com
Mon Sep 22 11:57:25 UTC 2008
Hi DrSco,
the concept of having that check in the perms module is good. However,
it needs it's own method, since the permission to edit inventory is
independent from permission to edit the object.
There are a number of conditions that would cause an object to be
editable, yet the inventory to be uneditable, and unfortunately, they
are enforced by the viewer.
So, we need to match the viewer policies to avoid unexpected results. I
will update it in a bit.
So, I'll just add a CanEditObjectInventory method in a bit.
Melanie
Dr Scofield wrote:
> justin,
>
> could you check the Scene.Inventory patch that i just applied? the
> problem we encountered and which this patch fixes is that while it was
> possible for avatars to edit an object (with the appropriate permissions
> enabled), like change the texture, etc, they could not add object to the
> inventory of that object which was a bit confusing and counterintuitive.
>
> cheers,
> dr scofield
>
> drscofield at opensimulator.org wrote:
>> Author: drscofield
>> Date: 2008-09-22 04:20:09 -0700 (Mon, 22 Sep 2008)
>> New Revision: 6426
>>
>> Modified:
>> trunk/OpenSim/ApplicationPlugins/Rest/Inventory/Rest.cs
>> trunk/OpenSim/ApplicationPlugins/Rest/Inventory/RestAppearanceServices.cs
>> trunk/OpenSim/ApplicationPlugins/Rest/Inventory/RestAssetServices.cs
>> trunk/OpenSim/ApplicationPlugins/Rest/Inventory/RestInventoryServices.cs
>> trunk/OpenSim/ApplicationPlugins/Rest/Inventory/RestTestServices.cs
>> trunk/OpenSim/ApplicationPlugins/Rest/Inventory/tests/Remote.cs
>> trunk/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs
>> trunk/OpenSim/Region/Environment/Scenes/Scene.Inventory.cs
>> Log:
>> cleanups in inventory REST code. also, disables digest authentications
>> for inventory REST calls for the time being, as firefox, curl, and
>> also python's urllib2 cannot authenticate using digest auth.
>>
>> fix permission checking for prim inventory to be the same as for
>> normal edit ops.
>>
>>
>>
>> Modified: trunk/OpenSim/ApplicationPlugins/Rest/Inventory/Rest.cs
>> ===================================================================
>> --- trunk/OpenSim/ApplicationPlugins/Rest/Inventory/Rest.cs 2008-09-22 11:18:49 UTC (rev 6425)
>> +++ trunk/OpenSim/ApplicationPlugins/Rest/Inventory/Rest.cs 2008-09-22 11:20:09 UTC (rev 6426)
>> @@ -392,7 +392,7 @@
>>
>> /// Supported Digest algorithms
>>
>> - public const string Digest_MD5 = "MD5"; // assumedd efault if omitted
>> + public const string Digest_MD5 = "MD5"; // assumed default if omitted
>> public const string Digest_MD5Sess = "MD5-sess";
>>
>> public const string Qop_Auth = "auth";
>>
>> Modified: trunk/OpenSim/ApplicationPlugins/Rest/Inventory/RestAppearanceServices.cs
>> ===================================================================
>> --- trunk/OpenSim/ApplicationPlugins/Rest/Inventory/RestAppearanceServices.cs 2008-09-22 11:18:49 UTC (rev 6425)
>> +++ trunk/OpenSim/ApplicationPlugins/Rest/Inventory/RestAppearanceServices.cs 2008-09-22 11:20:09 UTC (rev 6426)
>> @@ -45,7 +45,7 @@
>> public class RestAppearanceServices : IRest
>> {
>> private static readonly int PARM_USERID = 0;
>> - //private static readonly int PARM_PATH = 1;
>> + // private static readonly int PARM_PATH = 1;
>>
>> private bool enabled = false;
>> private string qPrefix = "appearance";
>> @@ -166,6 +166,9 @@
>>
>> try
>> {
>> + // digest scheme seems borked: disable it for the time
>> + // being
>> + rdata.scheme = Rest.AS_BASIC;
>> if (!rdata.IsAuthenticated)
>> {
>> rdata.Fail(Rest.HttpStatusCodeNotAuthorized,String.Format("user \"{0}\" could not be authenticated", rdata.userName));
>> @@ -335,7 +338,8 @@
>> AvatarAppearance old = Rest.AvatarServices.GetUserAppearance(rdata.userProfile.ID);
>> rdata.userAppearance = new AvatarAppearance();
>>
>> - rdata.userAppearance.Owner = old.Owner;
>> + rdata.userAppearance.Owner = old.Owner;
>> + rdata.userAppearance.Serial = old.Serial;
>>
>> if (GetUserAppearance(rdata))
>> {
>> @@ -343,6 +347,11 @@
>> created = !modified;
>> Rest.AvatarServices.UpdateUserAppearance(rdata.userProfile.ID, rdata.userAppearance);
>> }
>> + else
>> + {
>> + created = true;
>> + Rest.AvatarServices.UpdateUserAppearance(rdata.userProfile.ID, rdata.userAppearance);
>> + }
>>
>> if (created)
>> {
>> @@ -383,11 +392,13 @@
>>
>> rdata.userAppearance = Rest.AvatarServices.GetUserAppearance(rdata.userProfile.ID);
>>
>> - if (GetUserAppearance(rdata))
>> + // If the user exists then this is considered a modification regardless
>> + // of what may, or may not be, specified in the payload.
>> +
>> + if (rdata.userAppearance != null)
>> {
>> - modified = rdata.userAppearance != null;
>> - created = !modified;
>> - Rest.AvatarServices.UpdateUserAppearance(rdata.userProfile.ID, rdata.userAppearance);
>> + modified = true;
>> + Rest.AvatarServices.UpdateUserAppearance(rdata.userProfile.ID, rdata.userAppearance);
>> }
>>
>> if (created)
>> @@ -465,6 +476,16 @@
>> rdata.userAppearance.AvatarHeight = (float) Convert.ToDouble(xml.Value);
>> indata = true;
>> }
>> + if (xml.MoveToAttribute("Owner"))
>> + {
>> + rdata.userAppearance.Owner = xml.Value;
>> + indata = true;
>> + }
>> + if (xml.MoveToAttribute("Serial"))
>> + {
>> + rdata.userAppearance.Serial = Convert.ToInt32(xml.Value);
>> + indata = true;
>> + }
>> break;
>> case "Body" :
>> if (xml.MoveToAttribute("Item"))
>> @@ -687,6 +708,8 @@
>>
>> rdata.writer.WriteStartElement("Appearance");
>> rdata.writer.WriteAttributeString("Height", rdata.userAppearance.AvatarHeight.ToString());
>> + rdata.writer.WriteAttributeString("Owner", rdata.userAppearance.Owner.ToString());
>> + rdata.writer.WriteAttributeString("Serial", rdata.userAppearance.Serial.ToString());
>>
>> rdata.writer.WriteStartElement("Body");
>> rdata.writer.WriteAttributeString("Item",rdata.userAppearance.BodyItem.ToString());
>>
>> Modified: trunk/OpenSim/ApplicationPlugins/Rest/Inventory/RestAssetServices.cs
>> ===================================================================
>> --- trunk/OpenSim/ApplicationPlugins/Rest/Inventory/RestAssetServices.cs 2008-09-22 11:18:49 UTC (rev 6425)
>> +++ trunk/OpenSim/ApplicationPlugins/Rest/Inventory/RestAssetServices.cs 2008-09-22 11:20:09 UTC (rev 6426)
>> @@ -130,6 +130,9 @@
>>
>> try
>> {
>> + // digest scheme seems borked: disable it for the time
>> + // being
>> + rdata.scheme = Rest.AS_BASIC;
>> if (!rdata.IsAuthenticated)
>> {
>> rdata.Fail(Rest.HttpStatusCodeNotAuthorized, String.Format("user \"{0}\" could not be authenticated"));
>>
>> Modified: trunk/OpenSim/ApplicationPlugins/Rest/Inventory/RestInventoryServices.cs
>> ===================================================================
>> --- trunk/OpenSim/ApplicationPlugins/Rest/Inventory/RestInventoryServices.cs 2008-09-22 11:18:49 UTC (rev 6425)
>> +++ trunk/OpenSim/ApplicationPlugins/Rest/Inventory/RestInventoryServices.cs 2008-09-22 11:20:09 UTC (rev 6426)
>> @@ -167,6 +167,9 @@
>>
>> try
>> {
>> + // digest scheme seems borked: disable it for the time
>> + // being
>> + rdata.scheme = Rest.AS_BASIC;
>> if (!rdata.IsAuthenticated)
>> {
>> rdata.Fail(Rest.HttpStatusCodeNotAuthorized,String.Format("user \"{0}\" could not be authenticated", rdata.userName));
>>
>> Modified: trunk/OpenSim/ApplicationPlugins/Rest/Inventory/RestTestServices.cs
>> ===================================================================
>> --- trunk/OpenSim/ApplicationPlugins/Rest/Inventory/RestTestServices.cs 2008-09-22 11:18:49 UTC (rev 6425)
>> +++ trunk/OpenSim/ApplicationPlugins/Rest/Inventory/RestTestServices.cs 2008-09-22 11:20:09 UTC (rev 6426)
>> @@ -235,7 +235,7 @@
>> ci = t.GetConstructor(parms);
>> ht = ci.Invoke(args);
>> tests.Add((ITest)ht);
>> - Rest.Log.WarnFormat("{0} Test {1} added", MsgId, t);
>> + Rest.Log.InfoFormat("{0} Test {1} added", MsgId, t);
>> }
>> }
>> catch (Exception e)
>>
>> Modified: trunk/OpenSim/ApplicationPlugins/Rest/Inventory/tests/Remote.cs
>> ===================================================================
>> --- trunk/OpenSim/ApplicationPlugins/Rest/Inventory/tests/Remote.cs 2008-09-22 11:18:49 UTC (rev 6425)
>> +++ trunk/OpenSim/ApplicationPlugins/Rest/Inventory/tests/Remote.cs 2008-09-22 11:20:09 UTC (rev 6426)
>> @@ -65,7 +65,7 @@
>> public void Initialize()
>> {
>> enabled = true;
>> - Rest.Log.InfoFormat("{0} Remote services initialize", MsgId);
>> + Rest.Log.InfoFormat("{0} Remote services initialized", MsgId);
>> }
>>
>> // Called by the plug-in to halt REST processing. Local processing is
>>
>> Modified: trunk/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs
>> ===================================================================
>> --- trunk/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs 2008-09-22 11:18:49 UTC (rev 6425)
>> +++ trunk/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs 2008-09-22 11:20:09 UTC (rev 6426)
>> @@ -5200,6 +5200,7 @@
>> }
>> break;
>> case PacketType.UpdateTaskInventory:
>> + m_log.DebugFormat("[AMW] UpdateTaskInventory request");
>> UpdateTaskInventoryPacket updatetask = (UpdateTaskInventoryPacket)Pack;
>> if (OnUpdateTaskInventory != null)
>> {
>> @@ -5266,7 +5267,7 @@
>> break;
>>
>> case PacketType.RezScript:
>> -
>> + m_log.DebugFormat("[AMW] RezScript");
>> //Console.WriteLine(Pack.ToString());
>> RezScriptPacket rezScriptx = (RezScriptPacket)Pack;
>>
>>
>> Modified: trunk/OpenSim/Region/Environment/Scenes/Scene.Inventory.cs
>> ===================================================================
>> --- trunk/OpenSim/Region/Environment/Scenes/Scene.Inventory.cs 2008-09-22 11:18:49 UTC (rev 6425)
>> +++ trunk/OpenSim/Region/Environment/Scenes/Scene.Inventory.cs 2008-09-22 11:20:09 UTC (rev 6426)
>> @@ -1186,12 +1186,22 @@
>>
>> if (part != null)
>> {
>> - if (part.OwnerID != remoteClient.AgentId)
>> - return;
>>
>> - if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0)
>> - return;
>> + // replacing the following two checks with the
>> + // ExternalChecks.ExternalChecksCanEditObject(...)
>> + // call
>>
>> + // if (part.OwnerID != remoteClient.AgentId)
>> + // return;
>> +
>> + // if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0)
>> + // return;
>> +
>> + if (!ExternalChecks.ExternalChecksCanEditObject(part.UUID, remoteClient.AgentId))
>> + {
>> + return;
>> + }
>> +
>> TaskInventoryItem currentItem = part.GetInventoryItem(itemID);
>>
>> if (currentItem == null)
>> @@ -1283,12 +1293,24 @@
>> SceneObjectPart part = GetSceneObjectPart(localID);
>> if (part != null)
>> {
>> +
>> + /*
>> if (part.OwnerID != remoteClient.AgentId)
>> + {
>> return;
>> + }
>>
>> if ((part.OwnerMask & (uint)PermissionMask.Modify) == 0)
>> + {
>> return;
>> + }
>> + */
>>
>> + if (!ExternalChecks.ExternalChecksCanEditObject(part.UUID, remoteClient.AgentId))
>> + {
>> + return;
>> + }
>> +
>> part.ParentGroup.AddInventoryItem(remoteClient, localID, item, copyID);
>> // TODO: set this to "true" when scripts in inventory have persistent state to fire on_rez
>> part.CreateScriptInstance(copyID, 0, false, DefaultScriptEngine);
>>
>> _______________________________________________
>> Opensim-commits mailing list
>> Opensim-commits at lists.berlios.de
>> https://lists.berlios.de/mailman/listinfo/opensim-commits
>>
>>
>
>
More information about the Opensim-dev
mailing list