// Check to see if function is allowed. Returns an empty string if function permitted
// or a string explaining why this function can't be used.
private string CheckThreatLevelTest(ThreatLevel level, string function)
{
if (!m_FunctionPerms.ContainsKey(function))
{
FunctionPerms perms = new FunctionPerms();
m_FunctionPerms[function] = perms;
string ownerPerm = m_ScriptEngine.Config.GetString("Allow_" + function, "");
string creatorPerm = m_ScriptEngine.Config.GetString("Creators_" + function, "");
if (ownerPerm == "" && creatorPerm == "")
{
// Default behavior
perms.AllowedOwners = null;
perms.AllowedCreators = null;
perms.AllowedOwnerClasses = null;
}
else
{
bool allowed;
if (bool.TryParse(ownerPerm, out allowed))
{
// Boolean given
if (allowed)
{
// Allow globally
perms.AllowedOwners.Add(UUID.Zero);
}
}
else
{
string[] ids = ownerPerm.Split(new char[] {','});
foreach (string id in ids)
{
string current = id.Trim();
if (current.ToUpper() == "PARCEL_GROUP_MEMBER" || current.ToUpper() == "PARCEL_OWNER" || current.ToUpper() == "ESTATE_MANAGER" || current.ToUpper() == "ESTATE_OWNER" || current.ToUpper() == "GOD" || current.ToUpper() == "GRID_GOD")
{
if (!perms.AllowedOwnerClasses.Contains(current))
perms.AllowedOwnerClasses.Add(current.ToUpper());
}
else
{
UUID uuid;
if (UUID.TryParse(current, out uuid))
{
if (uuid != UUID.Zero)
perms.AllowedOwners.Add(uuid);
}
}
}
ids = creatorPerm.Split(new char[] {','});
foreach (string id in ids)
{
string current = id.Trim();
UUID uuid;
if (UUID.TryParse(current, out uuid))
{
if (uuid != UUID.Zero)
perms.AllowedCreators.Add(uuid);
}
}
}
}
}
// If the list is null, then the value was true / undefined
// Threat level governs permissions in this case
//
// If the list is non-null, then it is a list of UUIDs allowed
// to use that particular function. False causes an empty
// list and therefore means "no one"
//
// To allow use by anyone, the list contains UUID.Zero
//
if (m_FunctionPerms[function].AllowedOwners == null)
{
// Allow / disallow by threat level
if (level > m_MaxThreatLevel)
return
String.Format(
"{0} permission denied. Allowed threat level is {1} but function threat level is {2}.",
function, m_MaxThreatLevel, level);
}
else
{
if (!m_FunctionPerms[function].AllowedOwners.Contains(UUID.Zero))
{
// Not anyone. Do detailed checks
if (m_FunctionPerms[function].AllowedOwners.Contains(m_host.OwnerID))
{
// prim owner is in the list of allowed owners
return String.Empty;
}
UUID ownerID = m_item.OwnerID;
//OSSL only may be used if object is in the same group as the parcel
if (m_FunctionPerms[function].AllowedOwnerClasses.Contains("PARCEL_GROUP_MEMBER"))
{
ILandObject land = World.LandChannel.GetLandObject(m_host.AbsolutePosition);
if (land.LandData.GroupID == m_item.GroupID && land.LandData.GroupID != UUID.Zero)
{
return String.Empty;
}
}
//Only Parcelowners may use the function
if (m_FunctionPerms[function].AllowedOwnerClasses.Contains("PARCEL_OWNER"))
{
ILandObject land = World.LandChannel.GetLandObject(m_host.AbsolutePosition);
if (land.LandData.OwnerID == ownerID)
{
return String.Empty;
}
}
//Only Estate Managers may use the function
if (m_FunctionPerms[function].AllowedOwnerClasses.Contains("ESTATE_MANAGER"))
{
//Only Estate Managers may use the function
if (World.RegionInfo.EstateSettings.IsEstateManagerOrOwner(ownerID) && World.RegionInfo.EstateSettings.EstateOwner != ownerID)
{
return String.Empty;
}
}
//Only regionowners may use the function
if (m_FunctionPerms[function].AllowedOwnerClasses.Contains("ESTATE_OWNER"))
{
if (World.RegionInfo.EstateSettings.EstateOwner == ownerID)
{
return String.Empty;
}
}
//Only gods may use the function
if (m_FunctionPerms[function].AllowedOwnerClasses.Contains("GOD"))
{
if (World.Permissions.IsGod(ownerID))
{
return String.Empty;
}
}
//Only grid gods may use the function
if (m_FunctionPerms[function].AllowedOwnerClasses.Contains("GRID_GOD"))
{
if (World.Permissions.IsGridGod(ownerID))
{
return String.Empty;
}
}
if (!m_FunctionPerms[function].AllowedCreators.Contains(m_item.CreatorID))
return(
String.Format("{0} permission denied. Script creator is not in the list of users allowed to execute this function and prim owner also has no permission.",
function));
if (m_item.CreatorID != ownerID)
{
if ((m_item.CurrentPermissions & (uint)PermissionMask.Modify) != 0)
return String.Format("{0} permission denied. Script permissions error.", function);
}
}
}
return String.Empty;
}
public void CheckThreatLevel(ThreatLevel level, string function)
{
if (!m_OSFunctionsEnabled)
OSSLError(String.Format("{0} permission denied. All OS functions are disabled.", function)); // throws
if (!m_FunctionPerms.ContainsKey(function))
{
FunctionPerms perms = new FunctionPerms();
m_FunctionPerms[function] = perms;
string ownerPerm = m_ScriptEngine.Config.GetString("Allow_" + function, "");
string creatorPerm = m_ScriptEngine.Config.GetString("Creators_" + function, "");
if (ownerPerm == "" && creatorPerm == "")
{
// Default behavior
perms.AllowedOwners = null;
perms.AllowedCreators = null;
}
else
{
bool allowed;
if (bool.TryParse(ownerPerm, out allowed))
{
// Boolean given
if (allowed)
{
// Allow globally
perms.AllowedOwners.Add(UUID.Zero);
}
}
else
{
string[] ids = ownerPerm.Split(new char[] {','});
foreach (string id in ids)
{
string current = id.Trim();
UUID uuid;
if (UUID.TryParse(current, out uuid))
{
if (uuid != UUID.Zero)
perms.AllowedOwners.Add(uuid);
}
}
ids = creatorPerm.Split(new char[] {','});
foreach (string id in ids)
{
string current = id.Trim();
UUID uuid;
if (UUID.TryParse(current, out uuid))
{
if (uuid != UUID.Zero)
perms.AllowedCreators.Add(uuid);
}
}
}
}
}
// If the list is null, then the value was true / undefined
// Threat level governs permissions in this case
//
// If the list is non-null, then it is a list of UUIDs allowed
// to use that particular function. False causes an empty
// list and therefore means "no one"
//
// To allow use by anyone, the list contains UUID.Zero
//
if (m_FunctionPerms[function].AllowedOwners == null)
{
// Allow / disallow by threat level
if (level > m_MaxThreatLevel)
OSSLError(
String.Format(
"{0} permission denied. Allowed threat level is {1} but function threat level is {2}.",
function, m_MaxThreatLevel, level));
}
else
{
if (!m_FunctionPerms[function].AllowedOwners.Contains(UUID.Zero))
{
// Not anyone. Do detailed checks
if (m_FunctionPerms[function].AllowedOwners.Contains(m_host.OwnerID))
{
// prim owner is in the list of allowed owners
return;
}
TaskInventoryItem ti = m_host.Inventory.GetInventoryItem(m_itemID);
if (ti == null)
{
OSSLError(
String.Format("{0} permission error. Can't find script in prim inventory.",
function));
}
if (!m_FunctionPerms[function].AllowedCreators.Contains(ti.CreatorID))
OSSLError(
String.Format("{0} permission denied. Script creator is not in the list of users allowed to execute this function and prim owner also has no permission.",
function));
if (ti.CreatorID != ti.OwnerID)
{
if ((ti.CurrentPermissions & (uint)PermissionMask.Modify) != 0)
OSSLError(
String.Format("{0} permission denied. Script permissions error.",
function));
}
}
}
}