Search the Community

Rather than resurrect an old thread from several years ago, I feel that this one has enough merits for a fresh airing. One of those difficult things on Chaos is to manage permissions on each individual mine door, building, boat or anything else that Rolf adds. Some things can be done remotely, some have to be done locally. Especially with mine doors where unless you keep an exhaustive list of locations and the current settings then changing them all when someone needs adding or removing is prohibitive. Even then its painful to go round and visit them all when something changes. Personally I'd like to spend my time playing the game rather than have to focus on access management. The idea of this is similar to firewalls, a simple rule set is attached to whatever needs it and someone who attempts access is tested against the rule. At the first match the action of the matching rule is taken. If there is no rule match then access is denied. For a town writ there would be one list per role specifying who is in the role. The dialogue to manage a rule list needs the following - add a new rule (prepends or appends) - delete a rule - move a rule up or down within the list - test a target against the rule list (response is allow, deny or manage) The format of the rules is simple action target where action can be deny, allow or manage (manage implies allow) and target is of the format player_name@location (not dissimilar to email addy) - if player_name is blank then it means any player - if location is blank then it means any location - players names are a single word which is nicely convenient but locations can be multi-word so everything after the @ is considered location, spaces included - The object owner is a hidden rule which always prepends the list manage player_name@kingdom The kingdom part of the target is fixed as the kingdom the owner was in when they created the object. This means that if they change kingdom they can no longer manage the entity. For boats which are a personal item the prepends rule would be. manage player_name@ I do envisage a few special keywords such as base kingdoms if appropriate, for example on Chaos to exclude all new freedom players from accessing a building you could do deny @FREEDOM That is all the definitions. The other thing to consider is sequence, it is important and some examples are in order. 1. a mine door owned by JK in a war situation deny @MRdeny @HOTSallow @JKthis will explicitly block any MR or HotS player from using but allow any JK player but it could just as easily be written as allow @JKas the fall through action is always deny. 2. as (1) but this time a suspected alt belonging to another kingdom called imnotaspyreally is blocked too allow @JKdeny imnotaspyreally@now this would fail because the allow rule is hit first and it should be deny imnotaspyreally@allow @JKwhich will now block the offending individual. Note that when specifying individuals you only normally need to do player_name@ as names are unique. Also when changing rules always use the test feature. 3. The Hells Kitchen town has made a cave in which are three utmost veins and they want to keep for themselves, but also keep out three noobs in case they unwittingly mine the veins at low skill. deny noob1@deny noob2@deny noob3@allow @hells kitchen 4. MR are at war with a dummy MR town griefersville but they have a spy in there called lolwutme and want him to have access to a gatehouse allow lolwutme@deny @griefersvilleallow @MR5. A player account transporter is used at war deeds and often changes towns for a number of reasons (including right now access issues). We want to allow him into a gatehouse while he is a member of one of two towns, but not at a third. allow transporter@town1allow transporter@town2allow @wardeed6. I've created a mine door in a war situation and want to allow Nadroj and Horton to help manage it manage nadroj@manage horton@allow @MRSummary The use of lists can reduce the management effort on a LOT of writs while mine doors and boats will automatically compensate for player moves between towns and kingdoms. The lists will generally be a lot shorter than than the current tick lists, in fact in a worst case scenario it would only be the same length as the current lists are. They should also be of arbitrary length to avoid the mine door issue we currently have. In terms of converting any existing permissions, any invidual one would become allow player_name@ which could then be pruned down. Where there is a "all in my village" as with boats that would become @my_village. To cope with the optoin of allow friends this would insert the appropriate of name@ into the permissions but it would have to be handled manually there after. If its only friends you are allowing you could easily empty and reinsert that particular permissions list. Comments?