Add permission

domain-server/src/DomainGatekeeper.cpp

@@ -282,6 +282,7 @@ void DomainGatekeeper::updateNodePermissions() {
             userPerms.permissions |= NodePermissions::Permission::canRezTemporaryCertifiedEntities;
             userPerms.permissions |= NodePermissions::Permission::canWriteToAssetServer;
             userPerms.permissions |= NodePermissions::Permission::canReplaceDomainContent;
+            userPerms.permissions |= NodePermissions::Permission::canGetAndSetPrivateUserData;
         } else {
             // at this point we don't have a sending socket for packets from this node - assume it is the active socket
             // or the public socket if we haven't activated a socket for the node yet
@@ -374,6 +375,7 @@ SharedNodePointer DomainGatekeeper::processAssignmentConnectRequest(const NodeCo
     userPerms.permissions |= NodePermissions::Permission::canRezTemporaryCertifiedEntities;
     userPerms.permissions |= NodePermissions::Permission::canWriteToAssetServer;
     userPerms.permissions |= NodePermissions::Permission::canReplaceDomainContent;
+    userPerms.permissions |= NodePermissions::Permission::canGetAndSetPrivateUserData;
     newNode->setPermissions(userPerms);
     return newNode;
 }

domain-server/src/DomainServerSettingsManager.cpp

@@ -441,6 +441,12 @@ void DomainServerSettingsManager::setupConfigMap(const QString& userConfigFilena
             }
         }
 
+        if (oldVersion < 2.3) {
+            unpackPermissions();
+            _standardAgentPermissions[NodePermissions::standardNameLocalhost]->set(NodePermissions::Permission::canGetAndSetPrivateUserData);
+            packPermissions();
+        }
+
 
         // write the current description version to our settings
         *versionVariant = _descriptionVersion;

libraries/networking/src/LimitedNodeList.cpp

@@ -197,6 +197,11 @@ void LimitedNodeList::setPermissions(const NodePermissions& newPermissions) {
         newPermissions.can(NodePermissions::Permission::canReplaceDomainContent)) {
         emit canReplaceContentChanged(_permissions.can(NodePermissions::Permission::canReplaceDomainContent));
     }
+    if (originalPermissions.can(NodePermissions::Permission::canGetAndSetPrivateUserData) !=
+        newPermissions.can(NodePermissions::Permission::canGetAndSetPrivateUserData)) {
+        emit canGetAndSetPrivateUserDataChanged(_permissions.can(NodePermissions::Permission::canGetAndSetPrivateUserData));
+    }
+}
 }
 
 void LimitedNodeList::setSocketLocalPort(quint16 socketLocalPort) {

libraries/networking/src/LimitedNodeList.h

@@ -124,6 +124,7 @@ public:
     bool getThisNodeCanWriteAssets() const { return _permissions.can(NodePermissions::Permission::canWriteToAssetServer); }
     bool getThisNodeCanKick() const { return _permissions.can(NodePermissions::Permission::canKick); }
     bool getThisNodeCanReplaceContent() const { return _permissions.can(NodePermissions::Permission::canReplaceDomainContent); }
+    bool getThisNodeCanGetAndSetPrivateUserData() const { return _permissions.can(NodePermissions::Permission::canGetAndSetPrivateUserData); }
 
     quint16 getSocketLocalPort() const { return _nodeSocket.localPort(); }
     Q_INVOKABLE void setSocketLocalPort(quint16 socketLocalPort);
@@ -368,6 +369,7 @@ signals:
     void canWriteAssetsChanged(bool canWriteAssets);
     void canKickChanged(bool canKick);
     void canReplaceContentChanged(bool canReplaceContent);
+    void canGetAndSetPrivateUserDataChanged(bool canGetAndSetPrivateUserData);
 
 protected slots:
     void connectedForLocalSocketTest();

libraries/networking/src/Node.h

@@ -83,6 +83,7 @@ public:
     bool getCanWriteToAssetServer() const { return _permissions.can(NodePermissions::Permission::canWriteToAssetServer); }
     bool getCanKick() const { return _permissions.can(NodePermissions::Permission::canKick); }
     bool getCanReplaceContent() const { return _permissions.can(NodePermissions::Permission::canReplaceDomainContent); }
+    bool getCanGetAndSetPrivateUserData() const { return _permissions.can(NodePermissions::Permission::canGetAndSetPrivateUserData); }
 
     using NodesIgnoredPair = std::pair<std::vector<QUuid>, bool>;
 

libraries/networking/src/NodePermissions.cpp

@@ -67,6 +67,7 @@ NodePermissions::NodePermissions(QMap<QString, QVariant> perms) {
         Permission::canConnectPastMaxCapacity : Permission::none;
     permissions |= perms["id_can_kick"].toBool() ? Permission::canKick : Permission::none;
     permissions |= perms["id_can_replace_content"].toBool() ? Permission::canReplaceDomainContent : Permission::none;
+    permissions |= perms["id_can_get_and_set_private_user_data"].toBool() ? Permission::canGetAndSetPrivateUserData : Permission::none;
 }
 
 QVariant NodePermissions::toVariant(QHash<QUuid, GroupRank> groupRanks) {
@@ -94,6 +95,7 @@ QVariant NodePermissions::toVariant(QHash<QUuid, GroupRank> groupRanks) {
     values["id_can_connect_past_max_capacity"] = can(Permission::canConnectPastMaxCapacity);
     values["id_can_kick"] = can(Permission::canKick);
     values["id_can_replace_content"] = can(Permission::canReplaceDomainContent);
+    values["id_can_get_and_set_private_user_data"] = can(Permission::canGetAndSetPrivateUserData);
     return QVariant(values);
 }
 
@@ -166,6 +168,9 @@ QDebug operator<<(QDebug debug, const NodePermissions& perms) {
     if (perms.can(NodePermissions::Permission::canReplaceDomainContent)) {
         debug << " can_replace_content";
     }
+    if (perms.can(NodePermissions::Permission::canGetAndSetPrivateUserData)) {
+        debug << " get-and-set-private-user-data";
+    }
     debug.nospace() << "]";
     return debug.nospace();
 }

libraries/networking/src/NodePermissions.h

@@ -75,7 +75,8 @@ public:
         canKick = 64,
         canReplaceDomainContent = 128,
         canRezPermanentCertifiedEntities = 256,
-        canRezTemporaryCertifiedEntities = 512
+        canRezTemporaryCertifiedEntities = 512,
+        canGetAndSetPrivateUserData = 1024
     };
     Q_DECLARE_FLAGS(Permissions, Permission)
     Permissions permissions;