public void CheckThreatLevel(string function, ISceneChildEntity m_host, string API)
{
if (CheckUser(m_host))
{
return;
}
List <UUID> FunctionPerms = new List <UUID>();
if (!m_FunctionPerms.TryGetValue(function, out FunctionPerms))
{
string perm = m_scriptProtectionModule.m_config.GetString("Allow_" + function, "");
if (perm == "")
{
FunctionPerms = null; // a null value is default, which means check against the max threat level
}
else
{
bool allowed;
if (bool.TryParse(perm, out allowed))
{
// Boolean given
FunctionPerms = allowed ? new List <UUID> {
UUID.Zero
} : new List <UUID>();
}
else
{
FunctionPerms = new List <UUID>();
string[] ids = perm.Split(new[] { ',' });
foreach (string current in ids.Select(id => id.Trim()))
{
UUID uuid;
if (UUID.TryParse(current, out uuid))
{
if (uuid != UUID.Zero)
{
FunctionPerms.Add(uuid);
}
}
}
}
m_FunctionPerms[function] = FunctionPerms;
}
}
// If the list is null, then the value was true / undefined
// Threat level governs permissions in this case
//
// If the list is non-null, then it is a list of UUIDs allowed
// to use that particular function. False causes an empty
// list and therefore means "no one"
//
// To allow use by anyone, the list contains UUID.Zero
//
if (FunctionPerms == null) // No list = true
{
if (m_threatLevel > m_scriptProtectionModule.GetThreatLevel().m_threatLevel)
{
m_scriptProtectionModule.Error("Runtime Error: ",
string.Format(
"{0} permission denied. Allowed threat level is {1} but function threat level is {2}.",
function,
m_scriptProtectionModule.GetThreatLevel().m_threatLevel,
m_threatLevel));
}
}
else
{
if (!FunctionPerms.Contains(UUID.Zero))
{
if (!FunctionPerms.Contains(m_host.OwnerID))
{
if (m_allowGroupPermissions)
{
Dictionary <string, bool> cachedFunctions;
//Check to see whether we have already evaluated this function for this user
if (m_knownAllowedGroupFunctionsForAvatars.TryGetValue(m_host.OwnerID,
out cachedFunctions))
{
if (cachedFunctions.ContainsKey(function))
{
if (cachedFunctions[function])
{
return;
}
else
{
m_scriptProtectionModule.Error("Runtime Error: ",
string.Format(
"{0} permission denied. Prim owner is not in the list of users allowed to execute this function.",
function));
}
}
}
else
{
cachedFunctions = new Dictionary <string, bool>();
}
IGroupsModule groupsModule =
m_host.ParentEntity.Scene.RequestModuleInterface <IGroupsModule>();
if (groupsModule != null)
{
bool success = false;
foreach (UUID id in FunctionPerms)
{
if (groupsModule.GroupPermissionCheck(m_host.OwnerID, id, GroupPowers.None))
{
success = true;
break;
}
}
//Cache the success
cachedFunctions[function] = success;
if (!m_knownAllowedGroupFunctionsForAvatars.ContainsKey(m_host.OwnerID))
{
m_knownAllowedGroupFunctionsForAvatars.Add(m_host.OwnerID,
new Dictionary <string, bool>());
}
m_knownAllowedGroupFunctionsForAvatars[m_host.OwnerID] = cachedFunctions;
if (success)
{
return; //All is good
}
}
}
m_scriptProtectionModule.Error("Runtime Error: ",
string.Format(
"{0} permission denied. Prim owner is not in the list of users allowed to execute this function.",
function));
}
}
}
}