diff options
| author | Spp <spp@jorge.gr> | 2013-02-04 08:21:25 +0100 |
|---|---|---|
| committer | Spp <spp@jorge.gr> | 2013-02-04 09:04:33 +0100 |
| commit | b980aff83e214bab60f141c879c2a392789a4d16 (patch) | |
| tree | 0f9695e62bf2027574655766970cbe6ee0a50f43 /src/server/worldserver | |
| parent | db9b0875500da077be1d0aa808999f59ed0663bc (diff) | |
Core: Implement Role based Access Control
- This system will give more control of actions an account can perform.
System defines:
- Permissions to perform some action
- Roles: a set of permissions that have some relation
- Groups: a set of roles that have some relation
Operations:
- Grant: Assign and allow
- Deny: Assign and do not allow
- Revoke: Remove
Precedence to know if something can be done: Grant, Deny. That means, if you are granted some action by a role but you have denied the permission, the action can not be done.
Some Rules:
- Groups can only have roles
- Roles can only have permissions
- An account can be assigned granted and denied roles. Permissions inherited from roles are granted if roles is granted and denied if roles is denied
- An account can be assigned granted and denied permissions
- An account can have multiple groups, roles and permissions
- An account can not have same role granted and denied at same time
- An acconnt can not have same permission granted and denied at same time
- Id 0 can not be used to define a group, role or permission
Added some permissions as a sample of use (Instant Logout, Skip Queue, Join BGs, Join DF) and some permissions as a workaround to commands till command system is modified to use RBAC
Diffstat (limited to 'src/server/worldserver')
| -rw-r--r-- | src/server/worldserver/worldserver.conf.dist | 20 |
1 files changed, 0 insertions, 20 deletions
diff --git a/src/server/worldserver/worldserver.conf.dist b/src/server/worldserver/worldserver.conf.dist index 641fe1ebb62..f6a09667dda 100644 --- a/src/server/worldserver/worldserver.conf.dist +++ b/src/server/worldserver/worldserver.conf.dist @@ -814,18 +814,6 @@ RecruitAFriend.MaxLevel = 60 RecruitAFriend.MaxDifference = 4 # -# InstantLogout -# Description: Required security level for instantly logging out everywhere. -# Does not work while in combat, dueling or falling. -# Default: 1 - (Enabled, Mods/GMs/Admins) -# 0 - (Enabled, Everyone) -# 2 - (Enabled, GMs/Admins) -# 3 - (Enabled, Admins) -# 4 - (Disabled) - -InstantLogout = 1 - -# # DisableWaterBreath # Description: Required security level for water breathing. # Default: 4 - (Disabled) @@ -1568,14 +1556,6 @@ ChatLevelReq.Whisper = 1 ChatLevelReq.Say = 1 # -# AllowPlayerCommands -# Description: Allow players to use commands. -# Default: 1 - (Enabled) -# 0 - (Disabled) - -AllowPlayerCommands = 1 - -# # PreserveCustomChannels # Description: Store custom chat channel settings like password, automatic ownership handout # or ban list in the database. Needs to be enabled to save custom |