Annotation of /trunk/AssetServer/Extensions/AuthorizeWhitelist.cs
Parent Directory
| 
Revision Log
Revision 73 - (view) (download)
| 1 : | jhurliman | 73 | /* |
| 2 : | * Copyright (c) 2008 Intel Corporation | ||
| 3 : | * All rights reserved. | ||
| 4 : | * Redistribution and use in source and binary forms, with or without | ||
| 5 : | * modification, are permitted provided that the following conditions | ||
| 6 : | * are met: | ||
| 7 : | * | ||
| 8 : | * -- Redistributions of source code must retain the above copyright | ||
| 9 : | * notice, this list of conditions and the following disclaimer. | ||
| 10 : | * -- Redistributions in binary form must reproduce the above copyright | ||
| 11 : | * notice, this list of conditions and the following disclaimer in the | ||
| 12 : | * documentation and/or other materials provided with the distribution. | ||
| 13 : | * -- Neither the name of the Intel Corporation nor the names of its | ||
| 14 : | * contributors may be used to endorse or promote products derived from | ||
| 15 : | * this software without specific prior written permission. | ||
| 16 : | * | ||
| 17 : | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS | ||
| 18 : | * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT | ||
| 19 : | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A | ||
| 20 : | * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE INTEL OR ITS | ||
| 21 : | * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, | ||
| 22 : | * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, | ||
| 23 : | * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR | ||
| 24 : | * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF | ||
| 25 : | * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING | ||
| 26 : | * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS | ||
| 27 : | * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 28 : | */ | ||
| 29 : | |||
| 30 : | using System; | ||
| 31 : | using System.Collections.Generic; | ||
| 32 : | using ExtensionLoader; | ||
| 33 : | using ExtensionLoader.Config; | ||
| 34 : | using OpenMetaverse; | ||
| 35 : | |||
| 36 : | namespace AssetServer.Extensions | ||
| 37 : | { | ||
| 38 : | [Flags] | ||
| 39 : | enum Permissions | ||
| 40 : | { | ||
| 41 : | Read = 1, | ||
| 42 : | Write = 2, | ||
| 43 : | } | ||
| 44 : | |||
| 45 : | public class AuthorizeWhitelist : IExtension<AssetServer>, IAuthorizationProvider | ||
| 46 : | { | ||
| 47 : | AssetServer server; | ||
| 48 : | Dictionary<Uri, Permissions> whitelist = new Dictionary<Uri, Permissions>(); | ||
| 49 : | |||
| 50 : | public AuthorizeWhitelist() | ||
| 51 : | { | ||
| 52 : | } | ||
| 53 : | |||
| 54 : | public void Start(AssetServer server) | ||
| 55 : | { | ||
| 56 : | this.server = server; | ||
| 57 : | |||
| 58 : | whitelist = new Dictionary<Uri, Permissions>(); | ||
| 59 : | |||
| 60 : | try | ||
| 61 : | { | ||
| 62 : | IConfig whitelistConfig = server.ConfigFile.Configs["AuthorizeWhitelist"]; | ||
| 63 : | string[] entries = whitelistConfig.GetKeys(); | ||
| 64 : | |||
| 65 : | for (int i = 0; i < entries.Length; i++) | ||
| 66 : | { | ||
| 67 : | string entry = entries[i]; | ||
| 68 : | string permString = whitelistConfig.GetString(entry); | ||
| 69 : | |||
| 70 : | Permissions perms = 0; | ||
| 71 : | if (permString.Contains("R")) | ||
| 72 : | perms |= Permissions.Read; | ||
| 73 : | if (permString.Contains("W")) | ||
| 74 : | perms |= Permissions.Write; | ||
| 75 : | |||
| 76 : | whitelist[new Uri(entry)] = perms; | ||
| 77 : | } | ||
| 78 : | } | ||
| 79 : | catch (Exception) | ||
| 80 : | { | ||
| 81 : | Logger.Log.Error("Failed to load [AuthorizeWhitelist] section from config file " + AssetServer.CONFIG_FILE); | ||
| 82 : | } | ||
| 83 : | } | ||
| 84 : | |||
| 85 : | public void Stop() | ||
| 86 : | { | ||
| 87 : | } | ||
| 88 : | |||
| 89 : | public bool IsMetadataAuthorized(UUID authToken, UUID assetID) | ||
| 90 : | { | ||
| 91 : | Uri identifier; | ||
| 92 : | if (server.AuthenticationProvider.TryGetIdentifier(authToken, out identifier)) | ||
| 93 : | { | ||
| 94 : | foreach (KeyValuePair<Uri, Permissions> kvp in whitelist) | ||
| 95 : | { | ||
| 96 : | if (Match(identifier, kvp.Key) && (kvp.Value & Permissions.Read) != 0) | ||
| 97 : | return true; | ||
| 98 : | } | ||
| 99 : | } | ||
| 100 : | |||
| 101 : | return false; | ||
| 102 : | } | ||
| 103 : | |||
| 104 : | public bool IsDataAuthorized(UUID authToken, UUID assetID) | ||
| 105 : | { | ||
| 106 : | Uri identifier; | ||
| 107 : | if (server.AuthenticationProvider.TryGetIdentifier(authToken, out identifier)) | ||
| 108 : | { | ||
| 109 : | foreach (KeyValuePair<Uri, Permissions> kvp in whitelist) | ||
| 110 : | { | ||
| 111 : | if (Match(identifier, kvp.Key) && (kvp.Value & Permissions.Read) != 0) | ||
| 112 : | return true; | ||
| 113 : | } | ||
| 114 : | } | ||
| 115 : | |||
| 116 : | return false; | ||
| 117 : | } | ||
| 118 : | |||
| 119 : | public bool IsCreateAuthorized(UUID authToken) | ||
| 120 : | { | ||
| 121 : | Uri identifier; | ||
| 122 : | if (server.AuthenticationProvider.TryGetIdentifier(authToken, out identifier)) | ||
| 123 : | { | ||
| 124 : | foreach (KeyValuePair<Uri, Permissions> kvp in whitelist) | ||
| 125 : | { | ||
| 126 : | if (Match(identifier, kvp.Key) && (kvp.Value & Permissions.Write) != 0) | ||
| 127 : | return true; | ||
| 128 : | } | ||
| 129 : | } | ||
| 130 : | |||
| 131 : | return false; | ||
| 132 : | } | ||
| 133 : | |||
| 134 : | public bool IsInventoryReadAuthorized(UUID authToken, Uri owner) | ||
| 135 : | { | ||
| 136 : | Uri identifier; | ||
| 137 : | if (server.AuthenticationProvider.TryGetIdentifier(authToken, out identifier)) | ||
| 138 : | { | ||
| 139 : | foreach (KeyValuePair<Uri, Permissions> kvp in whitelist) | ||
| 140 : | { | ||
| 141 : | if (Match(identifier, kvp.Key) && (kvp.Value & Permissions.Read) != 0) | ||
| 142 : | return true; | ||
| 143 : | } | ||
| 144 : | } | ||
| 145 : | |||
| 146 : | return false; | ||
| 147 : | } | ||
| 148 : | |||
| 149 : | public bool IsInventoryWriteAuthorized(UUID authToken, Uri owner) | ||
| 150 : | { | ||
| 151 : | Uri identifier; | ||
| 152 : | if (server.AuthenticationProvider.TryGetIdentifier(authToken, out identifier)) | ||
| 153 : | { | ||
| 154 : | foreach (KeyValuePair<Uri, Permissions> kvp in whitelist) | ||
| 155 : | { | ||
| 156 : | if (Match(identifier, kvp.Key) && (kvp.Value & Permissions.Write) != 0) | ||
| 157 : | return true; | ||
| 158 : | } | ||
| 159 : | } | ||
| 160 : | |||
| 161 : | return false; | ||
| 162 : | } | ||
| 163 : | |||
| 164 : | bool Match(Uri identifier, Uri comparer) | ||
| 165 : | { | ||
| 166 : | return ((comparer.PathAndQuery == "/" || comparer.PathAndQuery == identifier.PathAndQuery) && comparer.Host == identifier.Host); | ||
| 167 : | } | ||
| 168 : | } | ||
| 169 : | } |
| ViewVC Help | |
| Powered by ViewVC 1.0.0 |
