Make acessible all the info about current realm (e.g name) anywhere, not only realm id
Reduce the number of differences between the two branches
Original changes by Shauren
Partial port of bacc90b6ba and 63def8aa32
Implemented:
ca83e14f8bee1c1b97be18e4ab6911bf37446b3ccb854a2b7b
* This adds separate (per map) guid sequences depending on object type
* Ported map object container from cmangos/mangos-wotlk@a2d396e
* Added type container visitor for TypeUnorderedMapContainer
* Implemented helper function to erase unique pairs from multimap containers
* Moved object storage of all objects except players and transports to map level
* Added containers linking database spawn id with creature/gameobject in world
* Renamed DBTableGuid to spawnId
* Added a separate spawn id sequence generator for creatures and gameobjects - this will be used in db tables
* Moved building SMSG_UPDATE_OBJECT - updatefields changes broadcast to map update
* Added new function to return but not increment guid
* Adjusted .debug loadcells to show low guid in map before/after load
* Added debug messages for creature spawn/destroy, for map guid debugging
* Store all Gameobjects and Creatures added to OutdoorPvP, so the callback script can be removed when OutdoorPvP instance is destroyed.
Fix packets not being sent to players on loading screen even if the system supports these packets to be queued and sent till the player is in world.
There might be additional cases where this applies, please report back if you find any.
Fixes#11339
* Fix some codestyle, fix some typos
* Change CMakeLists for: Custom (can be uncommented), Events, World
** Custom is theoretically unchanged. You can, however, uncomment the glob_recurse that initializes every file within. This might be easier for beginners.
* Introducing the IP Based Action Log System:
** On several different actions, e.g. Login, Character Login, etc., a new entry is added
** Can be logged on and off in worldserver config
*** Disabled by default to prevent increased log db size for unknowing users.
* Add a new row to account table called 'last_attempt_ip'
** Lists the last ip trying to connect to the account
* Add a new type of HookScripts: AccountScript
** Includes: OnAccountLogin, OnFailedAccountLogin, OnEmailChange, OnFailedChange, OnPasswordChange, OnFailedPasswordChange
* Added new Hook to PlayerScripts: OnFailedPlayerDelete
* Added new variables to PlayerScripts: OnPlayerDelete
- Drop groups (roles than can have inherited roles) and roles (set of
permissions)
- Permissions can now have inherited permissions (those act as roles)
RBAC DB structure is now limited to four tables
- rbac_permissions: Contains permissions and roles
- rbac_linked_permissions: Contains the relation between permissions and
linked permissions (those permissions that have linked permissions are
called roles)
- rbac_default_permissions: Contains the list of permissions to be granted
to each security level [Added to maintain compatibility in an easy way]
- rbac_account_permissions: Contains the list of permissions granted or
denied for a particular account.
NOTE: IF YOU ARE USING CUSTOM PERMISSIONS, ROLES OR GROUPS CHECK THE SQL
BEFORE APPLYING...
- Removed config option RBAC.DefaultGroups
Use the table rbac_security_level_groups to configure the groups to be added to the account at load time.
Note: Those groups are only used at run time, never saved to DB
Change DatabaseWorkerPool<T>::DirectExecute() to handle PreparedStatement disposal in the same way of DatabaseWorkerPool<T>::Query() , thanks Joschiwald for patch.
Fix .account create command not deleting a MySql PreparedStatement .
Valgrind log:
254 (40 direct, 214 indirect) bytes in 1 blocks are definitely lost in loss record 6 of 8
at 0x4C24DFA: operator new(unsigned long) (vg_replace_malloc.c:261)
by 0x998EC2: DatabaseWorkerPool<LoginDatabaseConnection>::GetPreparedStatement(unsigned int) (DatabaseWorkerPool.h:437)
by 0x99599B: AccountMgr::CreateAccount(std::string, std::string, std::string) (AccountMgr.cpp:49)
by 0xF3ABAC: account_commandscript::HandleAccountCreateCommand(ChatHandler*, char const*)
Settings within worldserver.conf:
Three settings for secruity level:
0 - None - No change to current system
1 - Email - Always requires the email entered on registration for confirming.
2 - RBAC - Groups applied with the RBAC role always require the email entered on registration for confirming.
RBAC default to every group. Changed some logs to make it more clear what is going on at all.
Emails may now no longer exceed 64 chars. Current email is used as regmail.
On account creation, two emails are saved. Registration email and normal email. Normal email is relevant afterwards. Registration email can be changed by console ONLY.
Includes new commands and changes to existing ones:
.account fulfills several new functions:
* Still prints GM Level.
* If account has permission, it displays the current email. This is not defaulted to any group.
* Security level is displayed. Also displays if user has RBAC perm if RBAC security mode is selected
.account email allows user to change email with sufficient confirmation
.account set sec email allows higher sec with higher sec than account to change the normal email. Registrationemail remains untouched here.
.account set sec regmail allows console to change registration email.
.pinfo now displays the registration and normal mail.
Also fixes .learn all crafts.
Closes#10558
- This system will give more control of actions an account can perform.
System defines:
- Permissions to perform some action
- Roles: a set of permissions that have some relation
- Groups: a set of roles that have some relation
Operations:
- Grant: Assign and allow
- Deny: Assign and do not allow
- Revoke: Remove
Precedence to know if something can be done: Grant, Deny. That means, if you are granted some action by a role but you have denied the permission, the action can not be done.
Some Rules:
- Groups can only have roles
- Roles can only have permissions
- An account can be assigned granted and denied roles. Permissions inherited from roles are granted if roles is granted and denied if roles is denied
- An account can be assigned granted and denied permissions
- An account can have multiple groups, roles and permissions
- An account can not have same role granted and denied at same time
- An acconnt can not have same permission granted and denied at same time
- Id 0 can not be used to define a group, role or permission
Added some permissions as a sample of use (Instant Logout, Skip Queue, Join BGs, Join DF) and some permissions as a workaround to commands till command system is modified to use RBAC
