opensim – Rev 1
?pathlinks?
/*
* Copyright (c) Contributors, http://opensimulator.org/
* See CONTRIBUTORS.TXT for a full list of copyright holders.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
* * Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* * Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* * Neither the name of the OpenSimulator Project nor the
* names of its contributors may be used to endorse or promote products
* derived from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
* DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
using System;
using System.Collections;
using System.Collections.Generic;
using System.Net;
using System.Reflection;
using log4net;
using Nini.Config;
using Nwc.XmlRpc;
using OpenSim.Server.Base;
using OpenSim.Services.Interfaces;
using OpenSim.Framework;
using OpenSim.Framework.Servers.HttpServer;
using OpenSim.Server.Handlers.Base;
using OpenMetaverse;
namespace OpenSim.Server.Handlers.Inventory
{
public class InventoryServiceInConnector : ServiceConnector
{
private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
protected IInventoryService m_InventoryService;
private bool m_doLookup = false;
//private static readonly int INVENTORY_DEFAULT_SESSION_TIME = 30; // secs
//private AuthedSessionCache m_session_cache = new AuthedSessionCache(INVENTORY_DEFAULT_SESSION_TIME);
private string m_userserver_url;
protected string m_ConfigName = "InventoryService";
public InventoryServiceInConnector(IConfigSource config, IHttpServer server, string configName) :
base(config, server, configName)
{
if (configName != string.Empty)
m_ConfigName = configName;
IConfig serverConfig = config.Configs[m_ConfigName];
if (serverConfig == null)
throw new Exception(String.Format("No section '{0}' in config file", m_ConfigName));
string inventoryService = serverConfig.GetString("LocalServiceModule",
String.Empty);
if (inventoryService == String.Empty)
throw new Exception("No LocalServiceModule in config file");
Object[] args = new Object[] { config };
m_InventoryService =
ServerUtils.LoadPlugin<IInventoryService>(inventoryService, args);
m_userserver_url = serverConfig.GetString("UserServerURI", String.Empty);
m_doLookup = serverConfig.GetBoolean("SessionAuthentication", false);
AddHttpHandlers(server);
m_log.Debug("[INVENTORY HANDLER]: handlers initialized");
}
protected virtual void AddHttpHandlers(IHttpServer m_httpServer)
{
m_httpServer.AddStreamHandler(
new RestDeserialiseSecureHandler<Guid, InventoryCollection>(
"POST", "/GetInventory/", GetUserInventory, CheckAuthSession));
m_httpServer.AddStreamHandler(
new RestDeserialiseSecureHandler<Guid, List<InventoryFolderBase>>(
"POST", "/SystemFolders/", GetSystemFolders, CheckAuthSession));
m_httpServer.AddStreamHandler(
new RestDeserialiseSecureHandler<Guid, InventoryCollection>(
"POST", "/GetFolderContent/", GetFolderContent, CheckAuthSession));
m_httpServer.AddStreamHandler(
new RestDeserialiseSecureHandler<InventoryFolderBase, bool>(
"POST", "/UpdateFolder/", m_InventoryService.UpdateFolder, CheckAuthSession));
m_httpServer.AddStreamHandler(
new RestDeserialiseSecureHandler<InventoryFolderBase, bool>(
"POST", "/MoveFolder/", m_InventoryService.MoveFolder, CheckAuthSession));
m_httpServer.AddStreamHandler(
new RestDeserialiseSecureHandler<InventoryFolderBase, bool>(
"POST", "/PurgeFolder/", m_InventoryService.PurgeFolder, CheckAuthSession));
m_httpServer.AddStreamHandler(
new RestDeserialiseSecureHandler<List<Guid>, bool>(
"POST", "/DeleteFolders/", DeleteFolders, CheckAuthSession));
m_httpServer.AddStreamHandler(
new RestDeserialiseSecureHandler<List<Guid>, bool>(
"POST", "/DeleteItem/", DeleteItems, CheckAuthSession));
m_httpServer.AddStreamHandler(
new RestDeserialiseSecureHandler<InventoryItemBase, InventoryItemBase>(
"POST", "/QueryItem/", m_InventoryService.GetItem, CheckAuthSession));
m_httpServer.AddStreamHandler(
new RestDeserialiseSecureHandler<InventoryFolderBase, InventoryFolderBase>(
"POST", "/QueryFolder/", m_InventoryService.GetFolder, CheckAuthSession));
m_httpServer.AddStreamHandler(
new RestDeserialiseTrustedHandler<Guid, bool>(
"POST", "/CreateInventory/", CreateUsersInventory, CheckTrustSource));
m_httpServer.AddStreamHandler(
new RestDeserialiseSecureHandler<InventoryFolderBase, bool>(
"POST", "/NewFolder/", m_InventoryService.AddFolder, CheckAuthSession));
m_httpServer.AddStreamHandler(
new RestDeserialiseSecureHandler<InventoryFolderBase, bool>(
"POST", "/CreateFolder/", m_InventoryService.AddFolder, CheckAuthSession));
m_httpServer.AddStreamHandler(
new RestDeserialiseSecureHandler<InventoryItemBase, bool>(
"POST", "/NewItem/", m_InventoryService.AddItem, CheckAuthSession));
m_httpServer.AddStreamHandler(
new RestDeserialiseTrustedHandler<InventoryItemBase, bool>(
"POST", "/AddNewItem/", m_InventoryService.AddItem, CheckTrustSource));
m_httpServer.AddStreamHandler(
new RestDeserialiseSecureHandler<Guid, List<InventoryItemBase>>(
"POST", "/GetItems/", GetFolderItems, CheckAuthSession));
m_httpServer.AddStreamHandler(
new RestDeserialiseSecureHandler<List<InventoryItemBase>, bool>(
"POST", "/MoveItems/", MoveItems, CheckAuthSession));
m_httpServer.AddStreamHandler(new InventoryServerMoveItemsHandler(m_InventoryService));
// for persistent active gestures
m_httpServer.AddStreamHandler(
new RestDeserialiseTrustedHandler<Guid, List<InventoryItemBase>>
("POST", "/ActiveGestures/", GetActiveGestures, CheckTrustSource));
// WARNING: Root folders no longer just delivers the root and immediate child folders (e.g
// system folders such as Objects, Textures), but it now returns the entire inventory skeleton.
// It would have been better to rename this request, but complexities in the BaseHttpServer
// (e.g. any http request not found is automatically treated as an xmlrpc request) make it easier
// to do this for now.
m_httpServer.AddStreamHandler(
new RestDeserialiseTrustedHandler<Guid, List<InventoryFolderBase>>
("POST", "/RootFolders/", GetInventorySkeleton, CheckTrustSource));
m_httpServer.AddStreamHandler(
new RestDeserialiseTrustedHandler<InventoryItemBase, int>
("POST", "/AssetPermissions/", GetAssetPermissions, CheckTrustSource));
}
#region Wrappers for converting the Guid parameter
public InventoryCollection GetUserInventory(Guid guid)
{
UUID userID = new UUID(guid);
return m_InventoryService.GetUserInventory(userID);
}
public List<InventoryFolderBase> GetSystemFolders(Guid guid)
{
UUID userID = new UUID(guid);
return new List<InventoryFolderBase>(GetSystemFolders(userID).Values);
}
// This shouldn't be here, it should be in the inventory service.
// But I don't want to deal with types and dependencies for now.
private Dictionary<AssetType, InventoryFolderBase> GetSystemFolders(UUID userID)
{
InventoryFolderBase root = m_InventoryService.GetRootFolder(userID);
if (root != null)
{
InventoryCollection content = m_InventoryService.GetFolderContent(userID, root.ID);
if (content != null)
{
Dictionary<AssetType, InventoryFolderBase> folders = new Dictionary<AssetType, InventoryFolderBase>();
foreach (InventoryFolderBase folder in content.Folders)
{
if ((folder.Type != (short)AssetType.Folder) && (folder.Type != (short)AssetType.Unknown))
folders[(AssetType)folder.Type] = folder;
}
// Put the root folder there, as type Folder
folders[AssetType.Folder] = root;
return folders;
}
}
m_log.WarnFormat("[INVENTORY SERVICE]: System folders for {0} not found", userID);
return new Dictionary<AssetType, InventoryFolderBase>();
}
public InventoryCollection GetFolderContent(Guid guid)
{
return m_InventoryService.GetFolderContent(UUID.Zero, new UUID(guid));
}
public List<InventoryItemBase> GetFolderItems(Guid folderID)
{
List<InventoryItemBase> allItems = new List<InventoryItemBase>();
// TODO: UUID.Zero is passed as the userID here, making the old assumption that the OpenSim
// inventory server only has a single inventory database and not per-user inventory databases.
// This could be changed but it requirs a bit of hackery to pass another parameter into this
// callback
List<InventoryItemBase> items = m_InventoryService.GetFolderItems(UUID.Zero, new UUID(folderID));
if (items != null)
{
allItems.InsertRange(0, items);
}
return allItems;
}
public bool CreateUsersInventory(Guid rawUserID)
{
UUID userID = new UUID(rawUserID);
return m_InventoryService.CreateUserInventory(userID);
}
public List<InventoryItemBase> GetActiveGestures(Guid rawUserID)
{
UUID userID = new UUID(rawUserID);
return m_InventoryService.GetActiveGestures(userID);
}
public List<InventoryFolderBase> GetInventorySkeleton(Guid rawUserID)
{
UUID userID = new UUID(rawUserID);
return m_InventoryService.GetInventorySkeleton(userID);
}
public int GetAssetPermissions(InventoryItemBase item)
{
return m_InventoryService.GetAssetPermissions(item.Owner, item.AssetID);
}
public bool DeleteFolders(List<Guid> items)
{
List<UUID> uuids = new List<UUID>();
foreach (Guid g in items)
uuids.Add(new UUID(g));
// oops we lost the user info here. Bad bad handlers
return m_InventoryService.DeleteFolders(UUID.Zero, uuids);
}
public bool DeleteItems(List<Guid> items)
{
List<UUID> uuids = new List<UUID>();
foreach (Guid g in items)
uuids.Add(new UUID(g));
// oops we lost the user info here. Bad bad handlers
return m_InventoryService.DeleteItems(UUID.Zero, uuids);
}
public bool MoveItems(List<InventoryItemBase> items)
{
// oops we lost the user info here. Bad bad handlers
// let's peek at one item
UUID ownerID = UUID.Zero;
if (items.Count > 0)
ownerID = items[0].Owner;
return m_InventoryService.MoveItems(ownerID, items);
}
#endregion
/// <summary>
/// Check that the source of an inventory request is one that we trust.
/// </summary>
/// <param name="peer"></param>
/// <returns></returns>
public bool CheckTrustSource(IPEndPoint peer)
{
if (m_doLookup)
{
m_log.InfoFormat("[INVENTORY IN CONNECTOR]: Checking trusted source {0}", peer);
UriBuilder ub = new UriBuilder(m_userserver_url);
IPAddress[] uaddrs = Dns.GetHostAddresses(ub.Host);
foreach (IPAddress uaddr in uaddrs)
{
if (uaddr.Equals(peer.Address))
{
return true;
}
}
m_log.WarnFormat(
"[INVENTORY IN CONNECTOR]: Rejecting request since source {0} was not in the list of trusted sources",
peer);
return false;
}
else
{
return true;
}
}
/// <summary>
/// Check that the source of an inventory request for a particular agent is a current session belonging to
/// that agent.
/// </summary>
/// <param name="session_id"></param>
/// <param name="avatar_id"></param>
/// <returns></returns>
public virtual bool CheckAuthSession(string session_id, string avatar_id)
{
return true;
}
}
}