Group auth

From EventScripts Community Encyclopedia

group_auth is a semi-advanced AuthorizationService provider that ships with EventScripts. It allows for multiple groups to be created for your users with different permissions.

Contents

[edit]

Overview

group_auth is useful if you want to assign permissions to named groups of users instead of just one user at a time. It allows lots of flexibility to give powers to clan members, super admins, friends, etc. If you so desire you can mix and match powers and immunities as much as you want.

By default, whenever a script registers a new power/capability, it remembers the recommended-level provided by the script. It then temporarily grants permission to use that power to every group which originally marked itself as part of that recommended-level or higher.

Once a power has been assigned to one group, though, it loses any of its 'default' association with other groups. Since you took time to assign it to one group, you now need to be sure every group has that power that needs it.

[edit]

Example Usage

For now, here's an example of what you could add to your autoexec.cfg:

es_load examples/auth/group_auth
 
// EVERYTHING BELOW here is persistent. It doesn't need to be rerun after running once, 
// because group_auth stores all your powers/groups/users in a database.
//
// There's no harm in rerunning it, though, other than console spam. So you can include it
//  in autoexec.cfg if you want, in case you decide to clear your DB sometime.
 
// you need at least one group, we'll call it Admins here
es gauth group create "Admins" server_var(AUTHSERVICE_ADMIN)
 
// some example "powers" you might want to pre-create so you can assign them
es gauth power create "ban_user" server_var(AUTHSERVICE_ADMIN)
es gauth power create "admin_say" server_var(AUTHSERVICE_ADMIN)
es gauth power create "popup_admin" server_var(AUTHSERVICE_ADMIN)
 
// grant those powers to the Admins group
gauth power give "ban_user" "Admins"
gauth power give "admin_say" "Admins"
gauth power give "popup_admin" "Admins"
 
// now add some users to the admins by steamid
gauth user create "Mattie" "STEAM_0:0:571273322"
gauth user join "Mattie" "Admins"
 
gauth user create "LAN_USER" "STEAM_ID_LAN"
gauth user join "LAN_USER" "Admins"
 
gauth user create "HelenAngel" "STEAM_0:1:86277512"
gauth user join "HelenAngel" "Admins"
 
gauth user create "Shro" "STEAM_0:0:637864112"
gauth user join "Shro" "Admins"
 
gauth user create "Bueller" "STEAM_0:1:9639812"
gauth user join "Bueller" "Admins"
 
gauth user create "JMAN OWNS" "STEAM_0:0:73313112"
gauth user join "JMAN OWNS" "Admins"
 
gauth user create "Venjax" "STEAM_0:0:114663112"
gauth user join "Venjax" "Admins"
 
gauth user create "Big Daddy" "STEAM_0:0:53680812"
gauth user join "Big Daddy" "Admins"
 
gauth user create "AfterShock" "STEAM_0:0:65344912"
gauth user join "AfterShock" "Admins"
[edit]

Commands

[edit]

Explanations

  • [admin level] seems to be the admin level at which a power is automatically available to a group
  • [default admin level] seems to be the admin level given by default to a member of a group
  • [group name] the name of a group to which users are assigned
  • [power name] the name of a power that can be assigned to a person or group
  • [unique id] a steam id or ip address used to identify a user
  • [user id] and user identification convertible to a steam id by es_getplayersteamid
  • [user name] the display name of a user
[edit]

Command list

gauth group create [group name] [default admin level]

Creates a group -- usually used with a 'es' prefix since the default admin levels are often provided via a server variable like server_var(AUTHSERVICE_ADMIN)

gauth group delete [group name]

Deletes a group

gauth power create [power name] [admin level]

Creates a power. This is usually done by scripts through :auth registerCapability, but you can do this directly if you so desire.

gauth power give [power name] [group name]

Gives a power to a group

gauth power revoke [power name] [group name]

Revokes a power from a group

gauth power delete [power name]

Deletes a power

gauth user create [user name] [unique id]

Creates a new user

gauth user join [user name] [group name]

Adds a user to a group

gauth user leave [user name] [group name]

Removes a user from a group

gauth user delete [user name]

Deletes a user

es :auth registerCapability [power name] [admin level]

(internal command) registers a capability with the system, basically gauth power create simply calls this

es :auth isUseridAuthorized [return variable] [user id] [pwer name]

[return variable]=[1/0] if user [is/is not] authorized

es :auth getOfflineIdentifier [return variable] [user id]

(internal command) [return variable]=return of es_getplayersteamid([user id])

es :auth isIdAuthorized [return variable] [steam id] [pwer name]

called from isUseridAUthorized; [return variable]=[1/0] if user [is/is not] authorized
[edit]

Notes

Since the system uses mysql, the % wildcard might be usable in some of these commands, but proceed with caution

[edit]

See Also

  • Authorization FAQ - A FAQ about ES authorization providers.
  • basic_auth -- A simple authorization provider.
  • ini_tree_auth -- An intermediate authorization provider that relies on an ini-based tree file for permissions. This authorization provider can also import Mani's clients.txt.
  • mani_basic_auth -- A simple authorization provider that imports admins and capabilities from Mani's clients.txt.
Retrieved from "http://www.eventscripts.com/pages/Group_auth"
blog comments powered by Disqus