protected virtual bool AuthorizeUser(AgentCircuitData agent, out string reason)
{
reason = String.Empty;
if (!m_strictAccessControl) return true;
if (Permissions.IsGod(agent.AgentID)) return true;
if (AuthorizationService != null)
{
if (!AuthorizationService.IsAuthorizedForRegion(agent.AgentID.ToString(), RegionInfo.RegionID.ToString(),out reason))
{
m_log.WarnFormat("[CONNECTION BEGIN]: Denied access to: {0} ({1} {2}) at {3} because the user does not have access to the region",
agent.AgentID, agent.firstname, agent.lastname, RegionInfo.RegionName);
//reason = String.Format("You are not currently on the access list for {0}",RegionInfo.RegionName);
return false;
}
}
if (m_regInfo.EstateSettings != null)
{
if (m_regInfo.EstateSettings.IsBanned(agent.AgentID))
{
m_log.WarnFormat("[CONNECTION BEGIN]: Denied access to: {0} ({1} {2}) at {3} because the user is on the banlist",
agent.AgentID, agent.firstname, agent.lastname, RegionInfo.RegionName);
reason = String.Format("Denied access to region {0}: You have been banned from that region.",
RegionInfo.RegionName);
return false;
}
}
else
m_log.ErrorFormat("[CONNECTION BEGIN]: Estate Settings is null!");
IGroupsModule groupsModule =
RequestModuleInterface<IGroupsModule>();
List<UUID> agentGroups = new List<UUID>();
if (groupsModule != null)
{
GroupMembershipData[] GroupMembership =
groupsModule.GetMembershipData(agent.AgentID);
if (GroupMembership != null)
{
for (int i = 0; i < GroupMembership.Length; i++)
agentGroups.Add(GroupMembership[i].GroupID);
}
else
m_log.ErrorFormat("[CONNECTION BEGIN]: GroupMembership is null!");
}
bool groupAccess = false;
UUID[] estateGroups = m_regInfo.EstateSettings.EstateGroups;
if (estateGroups != null)
{
foreach (UUID group in estateGroups)
{
if (agentGroups.Contains(group))
{
groupAccess = true;
break;
}
}
}
else
m_log.ErrorFormat("[CONNECTION BEGIN]: EstateGroups is null!");
if (!m_regInfo.EstateSettings.PublicAccess &&
!m_regInfo.EstateSettings.HasAccess(agent.AgentID) &&
!groupAccess)
{
m_log.WarnFormat("[CONNECTION BEGIN]: Denied access to: {0} ({1} {2}) at {3} because the user does not have access to the estate",
agent.AgentID, agent.firstname, agent.lastname, RegionInfo.RegionName);
reason = String.Format("Denied access to private region {0}: You are not on the access list for that region.",
RegionInfo.RegionName);
return false;
}
// TODO: estate/region settings are not properly hooked up
// to ILandObject.isRestrictedFromLand()
// if (null != LandChannel)
// {
// // region seems to have local Id of 1
// ILandObject land = LandChannel.GetLandObject(1);
// if (null != land)
// {
// if (land.isBannedFromLand(agent.AgentID))
// {
// m_log.WarnFormat("[CONNECTION BEGIN]: Denied access to: {0} ({1} {2}) at {3} because the user has been banned from land",
// agent.AgentID, agent.firstname, agent.lastname, RegionInfo.RegionName);
// reason = String.Format("Denied access to private region {0}: You are banned from that region.",
// RegionInfo.RegionName);
// return false;
// }
// if (land.isRestrictedFromLand(agent.AgentID))
// {
// m_log.WarnFormat("[CONNECTION BEGIN]: Denied access to: {0} ({1} {2}) at {3} because the user does not have access to the region",
// agent.AgentID, agent.firstname, agent.lastname, RegionInfo.RegionName);
// reason = String.Format("Denied access to private region {0}: You are not on the access list for that region.",
// RegionInfo.RegionName);
// return false;
// }
// }
// }
return true;
}