* Moved some checks around
* Added RBAC Permission for Email, last login and last ip (group 3 and 4) -- If missing RBAC permission, then it displays "Unauthorized (RBAC)"
* Changed totalmail output from uint64 to uint32
* Level either puts Max level, or a list of information necessary
* Only queries guild if the current xp query also detects guild membership
* Incorporated recent changes into code
* Commander requires higher than target to get sensitive data beside RBAC permission.
(Missing change from previous commit)
To enable any of the removed config option you should now add the proper role to the proper groups
IE:
AllowTwoSide.Interaction.Mail = 1 --> Add role 19 to group 1 (Add it to players)
- 'Skips character creation team mask check'
- 'Skips character creation class mask check'
- 'Skips character creation race mask check'
- 'Skips character creation reserved name check'
- 'Skips character creation heroic min level check'
- 'Creation of two side faction characters in same account' (Affected by global config option)
If you have an OLD database (auth), and RBAC SQL-alterations, make SURE that it's InnoDB, otherwise run this (it can be run multiple times anyway)
(The only change added is to alter the table to explicitly be an InnoDB-table)
- This system will give more control of actions an account can perform.
System defines:
- Permissions to perform some action
- Roles: a set of permissions that have some relation
- Groups: a set of roles that have some relation
Operations:
- Grant: Assign and allow
- Deny: Assign and do not allow
- Revoke: Remove
Precedence to know if something can be done: Grant, Deny. That means, if you are granted some action by a role but you have denied the permission, the action can not be done.
Some Rules:
- Groups can only have roles
- Roles can only have permissions
- An account can be assigned granted and denied roles. Permissions inherited from roles are granted if roles is granted and denied if roles is denied
- An account can be assigned granted and denied permissions
- An account can have multiple groups, roles and permissions
- An account can not have same role granted and denied at same time
- An acconnt can not have same permission granted and denied at same time
- Id 0 can not be used to define a group, role or permission
Added some permissions as a sample of use (Instant Logout, Skip Queue, Join BGs, Join DF) and some permissions as a workaround to commands till command system is modified to use RBAC
