void permission_object_t::test<3>() { LLPermissions permissions; U32 base = PERM_ALL; U32 owner = PERM_ITEM_UNRESTRICTED; //PERM_ITEM_UNRESTRICTED = PERM_MODIFY | PERM_COPY | PERM_TRANSFER; U32 group = PERM_TRANSFER | PERM_MOVE | PERM_COPY|PERM_MODIFY; U32 everyone = PERM_TRANSFER | PERM_MOVE | PERM_MODIFY; U32 next = PERM_NONE; U32 fixedbase = base; U32 fixedowner = PERM_ITEM_UNRESTRICTED; //owner & fixedbase U32 fixedgroup = PERM_ITEM_UNRESTRICTED; // no PERM_MOVE as owner does not have that perm either U32 fixedeveryone = PERM_TRANSFER; // no PERM_MOVE. Everyone can never modify. U32 fixednext = PERM_NONE; permissions.initMasks(base, owner, everyone, group, next); // will fix perms if not allowed. ensure_equals("initMasks/getMaskBase():failed to return the MaskBase ", fixedbase, permissions.getMaskBase()); ensure_equals("initMasks/getMaskOwner():failed to return the MaskOwner ", fixedowner, permissions.getMaskOwner()); ensure_equals("initMasks/getMaskEveryone():failed to return the MaskGroup ", fixedgroup, permissions.getMaskGroup()); ensure_equals("initMasks/getMaskEveryone():failed to return the MaskEveryone ", fixedeveryone, permissions.getMaskEveryone()); ensure_equals("initMasks/getMaskNextOwner():failed to return the MaskNext ", fixednext, permissions.getMaskNextOwner()); // explictly set should maintain the values permissions.setMaskBase(base); //no fixing ensure_equals("setMaskBase/getMaskBase():failed to return the MaskBase ", base, permissions.getMaskBase()); permissions.setMaskOwner(owner); ensure_equals("setMaskOwner/getMaskOwner():failed to return the MaskOwner ", owner, permissions.getMaskOwner()); permissions.setMaskEveryone(everyone); ensure_equals("setMaskEveryone/getMaskEveryone():failed to return the MaskEveryone ", everyone, permissions.getMaskEveryone()); permissions.setMaskGroup(group); ensure_equals("setMaskGroup/getMaskEveryone():failed to return the MaskGroup ", group, permissions.getMaskGroup()); permissions.setMaskNext(next); ensure_equals("setMaskNext/getMaskNextOwner():failed to return the MaskNext ", next, permissions.getMaskNextOwner()); // further tests can be added to ensure perms for owner/group/everyone etc. get properly fixed. // code however suggests that there is no explict check if the perms are correct and the user of this // class is expected to know how to use them correctly. skipping further test cases for now for various // perm combinations. }
bool FSExportPermsCheck::canExportAsset(LLUUID asset_id, std::string* name, std::string* description) { bool exportable = false; LLViewerInventoryCategory::cat_array_t cats; LLViewerInventoryItem::item_array_t items; LLAssetIDMatches asset_id_matches(asset_id); gInventory.collectDescendentsIf(LLUUID::null, cats, items, LLInventoryModel::INCLUDE_TRASH, asset_id_matches); if (items.size()) { // use the name of the first match (*name) = items[0]->getName(); (*description) = items[0]->getDescription(); for (S32 i = 0; i < items.size(); ++i) { if (!exportable) { LLPermissions perms = items[i]->getPermissions(); #ifdef OPENSIM if (LLGridManager::getInstance()->isInOpenSim()) { switch (LFSimFeatureHandler::instance().exportPolicy()) { case EXPORT_ALLOWED: exportable = (perms.getMaskOwner() & PERM_EXPORT) == PERM_EXPORT; break; /// TODO: Once enough grids adopt a version supporting exports, get consensus /// on whether we should allow full perm exports anymore. case EXPORT_UNDEFINED: exportable = (perms.getMaskBase() & PERM_ITEM_UNRESTRICTED) == PERM_ITEM_UNRESTRICTED; break; case EXPORT_DENIED: default: exportable = perms.getCreator() == gAgentID; break; } } #endif if (LLGridManager::getInstance()->isInSecondLife() && (perms.getCreator() == gAgentID)) { exportable = true; } } } } return exportable; }
S32 LLInventoryItem::packBinaryBucket(U8* bin_bucket, LLPermissions* perm_override) const { // Figure out which permissions to use. LLPermissions perm; if (perm_override) { // Use the permissions override. perm = *perm_override; } else { // Use the current permissions. perm = getPermissions(); } // describe the inventory item char* buffer = (char*) bin_bucket; std::string creator_id_str; perm.getCreator().toString(creator_id_str); std::string owner_id_str; perm.getOwner().toString(owner_id_str); std::string last_owner_id_str; perm.getLastOwner().toString(last_owner_id_str); std::string group_id_str; perm.getGroup().toString(group_id_str); std::string asset_id_str; getAssetUUID().toString(asset_id_str); S32 size = sprintf(buffer, /* Flawfinder: ignore */ "%d|%d|%s|%s|%s|%s|%s|%x|%x|%x|%x|%x|%s|%s|%d|%d|%x", getType(), getInventoryType(), getName().c_str(), creator_id_str.c_str(), owner_id_str.c_str(), last_owner_id_str.c_str(), group_id_str.c_str(), perm.getMaskBase(), perm.getMaskOwner(), perm.getMaskGroup(), perm.getMaskEveryone(), perm.getMaskNextOwner(), asset_id_str.c_str(), getDescription().c_str(), getSaleInfo().getSaleType(), getSaleInfo().getSalePrice(), getFlags()) + 1; return size; }
void permission_object_t::test<1>() { LLPermissions permissions; LLUUID uuid = permissions.getCreator(); LLUUID uuid1 = permissions.getOwner(); LLUUID uuid2 = permissions.getGroup(); LLUUID uuid3 = permissions.getLastOwner(); ensure("LLPermission Get Functions failed", (uuid == LLUUID::null && uuid1 == LLUUID::null && uuid2 == LLUUID::null && uuid3 == LLUUID::null)); ensure("LLPermission Get Functions failed", (permissions.getMaskBase() == PERM_ALL && permissions.getMaskOwner() == PERM_ALL && permissions.getMaskGroup() == PERM_ALL && permissions.getMaskEveryone() == PERM_ALL && permissions.getMaskNextOwner() == PERM_ALL)); ensure("Ownership functions failed", (permissions.isGroupOwned() == FALSE && permissions.isOwned() == FALSE)); }
LLSD ll_create_sd_from_permissions(const LLPermissions& perm) { LLSD rv; rv[PERM_CREATOR_ID_LABEL] = perm.getCreator(); rv[PERM_OWNER_ID_LABEL] = perm.getOwner(); rv[PERM_LAST_OWNER_ID_LABEL] = perm.getLastOwner(); rv[PERM_GROUP_ID_LABEL] = perm.getGroup(); rv[PERM_IS_OWNER_GROUP_LABEL] = perm.isGroupOwned(); rv[PERM_BASE_MASK_LABEL] = (S32)perm.getMaskBase(); rv[PERM_OWNER_MASK_LABEL] = (S32)perm.getMaskOwner(); rv[PERM_GROUP_MASK_LABEL] = (S32)perm.getMaskGroup(); rv[PERM_EVERYONE_MASK_LABEL] = (S32)perm.getMaskEveryone(); rv[PERM_NEXT_OWNER_MASK_LABEL] = (S32)perm.getMaskNextOwner(); return rv; }
bool LLIsTypeWithPermissions::operator()(LLInventoryCategory* cat, LLInventoryItem* item) { if(mType == LLAssetType::AT_CATEGORY) { if(cat) { return TRUE; } } if(item) { if(item->getType() == mType) { LLPermissions perm = item->getPermissions(); if ((perm.getMaskBase() & mPerm) == mPerm) { return TRUE; } } } return FALSE; }
// virtual BOOL LLPreviewGesture::handleDragAndDrop(S32 x, S32 y, MASK mask, BOOL drop, EDragAndDropType cargo_type, void* cargo_data, EAcceptance* accept, LLString& tooltip_msg) { BOOL handled = TRUE; switch(cargo_type) { case DAD_ANIMATION: case DAD_SOUND: { // TODO: Don't allow this if you can't transfer the sound/animation // make a script step LLInventoryItem* item = (LLInventoryItem*)cargo_data; if (item && gInventory.getItem(item->getUUID())) { LLPermissions perm = item->getPermissions(); if (!((perm.getMaskBase() & PERM_ITEM_UNRESTRICTED) == PERM_ITEM_UNRESTRICTED)) { *accept = ACCEPT_NO; if (tooltip_msg.empty()) { tooltip_msg.assign("Only animations and sounds\n" "with unrestricted permissions\n" "can be added to a gesture."); } break; } else if (drop) { LLScrollListItem* line = NULL; if (cargo_type == DAD_ANIMATION) { line = addStep("Animation"); LLGestureStepAnimation* anim = (LLGestureStepAnimation*)line->getUserdata(); anim->mAnimAssetID = item->getAssetUUID(); anim->mAnimName = item->getName(); } else if (cargo_type == DAD_SOUND) { line = addStep("Sound"); LLGestureStepSound* sound = (LLGestureStepSound*)line->getUserdata(); sound->mSoundAssetID = item->getAssetUUID(); sound->mSoundName = item->getName(); } updateLabel(line); mDirty = TRUE; refresh(); } *accept = ACCEPT_YES_COPY_MULTI; } else { // Not in user's inventory means it was in object inventory *accept = ACCEPT_NO; } break; } default: *accept = ACCEPT_NO; if (tooltip_msg.empty()) { tooltip_msg.assign("Only animations and sounds\n" "can be added to a gesture."); } break; } return handled; }
bool perms_allow_export(const LLPermissions& perms) { return perms.getMaskBase() & PERM_EXPORT && perms.getMaskEveryone() & PERM_EXPORT; }
bool FSExportPermsCheck::canExportNode(LLSelectNode* node, bool dae) { if (!node) { LL_WARNS("export") << "No node, bailing!" << LL_ENDL; return false; } bool exportable = false; LLViewerObject* object = node->getObject(); if (LLGridManager::getInstance()->isInSecondLife()) { LLUUID creator(node->mPermissions->getCreator()); exportable = (object->permYouOwner() && gAgentID == creator); if (!exportable) { // Megaprim check F32 max_object_size = LLWorld::getInstance()->getRegionMaxPrimScale(); LLVector3 vec = object->getScale(); if (vec.mV[VX] > max_object_size || vec.mV[VY] > max_object_size || vec.mV[VZ] > max_object_size) exportable = (creator == LLUUID("7ffd02d0-12f4-48b4-9640-695708fd4ae4") // Zwagoth Klaar || creator == gAgentID); } } #ifdef OPENSIM else if (LLGridManager::getInstance()->isInOpenSim()) { switch (LFSimFeatureHandler::instance().exportPolicy()) { case EXPORT_ALLOWED: { exportable = node->mPermissions->allowExportBy(gAgent.getID()); break; } /// TODO: Once enough grids adopt a version supporting exports, get consensus /// on whether we should allow full perm exports anymore. case EXPORT_UNDEFINED: { exportable = (object->permYouOwner() && object->permModify() && object->permCopy() && object->permTransfer()); break; } case EXPORT_DENIED: default: exportable = (object->permYouOwner() && gAgentID == node->mPermissions->getCreator()); } } #endif // OPENSIM // We've got perms on the object itself, let's check for sculptmaps and meshes! if (exportable) { LLVOVolume *volobjp = NULL; if (object->getPCode() == LL_PCODE_VOLUME) { volobjp = (LLVOVolume *)object; } if (volobjp && volobjp->isSculpted()) { const LLSculptParams *sculpt_params = (const LLSculptParams *)object->getParameterEntry(LLNetworkData::PARAMS_SCULPT); if (LLGridManager::getInstance()->isInSecondLife()) { if(volobjp->isMesh()) { if (dae) { LLSD mesh_header = gMeshRepo.getMeshHeader(sculpt_params->getSculptTexture()); exportable = mesh_header["creator"].asUUID() == gAgentID; } else { // can not export mesh to oxp LL_INFOS("export") << "Mesh can not be exported to oxp." << LL_ENDL; return false; } } else if (sculpt_params) { LLViewerFetchedTexture* imagep = LLViewerTextureManager::getFetchedTexture(sculpt_params->getSculptTexture()); if (imagep->mComment.find("a") != imagep->mComment.end()) { exportable = (LLUUID(imagep->mComment["a"]) == gAgentID); } if (!exportable) { LLUUID asset_id = sculpt_params->getSculptTexture(); LLViewerInventoryCategory::cat_array_t cats; LLViewerInventoryItem::item_array_t items; LLAssetIDMatches asset_id_matches(asset_id); gInventory.collectDescendentsIf(LLUUID::null, cats, items, LLInventoryModel::INCLUDE_TRASH, asset_id_matches); for (S32 i = 0; i < items.size(); ++i) { const LLPermissions perms = items[i]->getPermissions(); exportable = perms.getCreator() == gAgentID; } } if (!exportable) LL_INFOS("export") << "Sculpt map has failed permissions check." << LL_ENDL; } } #ifdef OPENSIM else if (LLGridManager::getInstance()->isInOpenSim()) { if (sculpt_params && !volobjp->isMesh()) { LLUUID asset_id = sculpt_params->getSculptTexture(); LLViewerInventoryCategory::cat_array_t cats; LLViewerInventoryItem::item_array_t items; LLAssetIDMatches asset_id_matches(asset_id); gInventory.collectDescendentsIf(LLUUID::null, cats, items, LLInventoryModel::INCLUDE_TRASH, asset_id_matches); for (S32 i = 0; i < items.size(); ++i) { const LLPermissions perms = items[i]->getPermissions(); switch (LFSimFeatureHandler::instance().exportPolicy()) { case EXPORT_ALLOWED: exportable = (perms.getMaskOwner() & PERM_EXPORT) == PERM_EXPORT; break; /// TODO: Once enough grids adopt a version supporting exports, get consensus /// on whether we should allow full perm exports anymore. case EXPORT_UNDEFINED: exportable = (perms.getMaskBase() & PERM_ITEM_UNRESTRICTED) == PERM_ITEM_UNRESTRICTED; break; case EXPORT_DENIED: default: exportable = perms.getCreator() == gAgentID; } if (!exportable) LL_INFOS("export") << "Sculpt map has failed permissions check." << LL_ENDL; } } else { exportable = true; } } #endif // OPENSIM } else { exportable = true; } } return exportable; }