Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

better descriptions for Permission Calculation #132

Open
RedstoneFuture opened this issue Jan 22, 2022 · 2 comments
Open

better descriptions for Permission Calculation #132

RedstoneFuture opened this issue Jan 22, 2022 · 2 comments

Comments

@RedstoneFuture
Copy link

RedstoneFuture commented Jan 22, 2022
edited
Loading

Thanks for the already good documentation. It helps with the most common administration tasks for this plugin. It should be enough for most users, but for more advanced users it lacks documentation of the permission prioritization and what effects the priority calculation.

Example

For permission debugging it's very important to understand which permissions are higher weighted than others.

For example: What is the priority list here for Testuser1 at Server1 in World1:

USER: Testuser1

  • test.a with TRUE for GLOBAL ⁽¹⁾
  • test.* with FALSE for Server1.World1 ⁽²⁾
  • test{a-c} with TRUE for Server1 ⁽³⁾
  • group.rang1 (PRIMARY GROUP) [LEVEL: 30] ⁽⁴⁾
  • group.rang2 [LEVEL: 10] ⁽⁵⁾

RANG: group.rang1

  • weight.30
  • test.a with TRUE for GLOBAL ⁽⁶⁾
  • * with FALSE for Server1.(World1|World2) ⁽⁷⁾
  • test{b-c} with TRUE for Server1 ⁽⁸⁾

RANG: group.rang2

  • weight.10
  • test.(a|d) with TRUE for (Server1|Server2) ⁽⁹⁾
  • test.* with TRUE for GLOBAL ⁽¹⁰⁾
  • group.rang3 [LEVEL: 20] ⁽¹¹⁾

RANG: group.rang3

  • weight.20
  • test.* with TRUE for Server1.World1 ⁽¹²⁾
  • test.a with FALSE for GLOBAL ⁽¹³⁾
  • test with FALSE for GLOBAL ⁽¹⁴⁾

It's hard (or for me: impossible) to say how the plugin would apply the permissions in the current context, without testing it out first. Of course, that is an extreme example, but it helps to understand how hard the analysis of permission problems can be, especially with the amount of different configuration settings, player contexts and everything else that can affect the calculation.

In this case, I defined the following configuration options:

  • Usage of BungeeCord: Yes
  • primary-group-calculation: parents-by-weight
  • inheritance-traversal-algorithm: depth-first-pre-order (I'm not sure if it's important. Does it only have a performance impact?)
  • include-global: true
  • include-global-world: true
  • apply-global-groups: true
  • apply-global-world-groups: true
  • meta-value-selection-default: inheritance (I'm not sure how it affects the result.)
  • apply-wildcards: true
  • apply-regex: true
  • apply-shorthand: true
  • apply-bukkit-child-permissions: true (It may be only important for the plugin.yml of a plugin. So it has no effect in this case.)
  • apply-bukkit-default-permissions: true (It may be only important for the plugin.yml of a plugin. So it has no effect in this case.)

Priority (what we know)

So basically, I know the follow priorities, based on the configuration and the wiki article on https://luckperms.net/wiki/Advanced-Setup as well as my own experience with Minecraft permission systems, especially with LuckPerms:

  • PLAYER permission > GROUP permission
  • GLOBAL > SERVER > WORLD
  • test.* > test (because it is more detailed)
  • test.a > test.* (because it is more detailed)
  • test.a.* > test.* (because it is more detailed)
  • positive permission [TRUE] > negative permission [FALSE] (older version of LP had an option for this apply-default-negated-permissions-before-wildcards)
  • group wights: weight.30 > weight.20 > weight.10
  • temporary permission > non-temporary permission
  • temporary permission for 1 hour > non-temporary permission for 1 day

The article https://luckperms.net/wiki/Advanced-Setup is a good documentation, but it doesn't describe the order of the checks. What happens if I combine two or more of these points (for example: temporary GLOBAL permission for 1 hour vs. temporary PLAYER permission for 1 day)?

Some suggestions for existing wiki articles

https://luckperms.net/wiki/Configuration#meta-value-selection-default and https://luckperms.net/wiki/Configuration#meta-value-selection

I think they need improved descriptions: Is max-homes an example-permission like max-homes.<number> or a meta value like a prefix / expiration time? Maybe first write a definition of meta value and a link to https://luckperms.net/wiki/Meta-Commands or similar would be useful.

https://luckperms.net/wiki/Configuration#apply-bukkit-attachment-permissions

I think you should reference the player.addAttachment(); method in the description to make it more clear what you mean with "are able to add their own »permission attachment« to players".

Ideas for the wiki articles

  • A documentation of the calculation process as text or diagram.
  • Splitting the https://luckperms.net/wiki/Advanced-Setup article in two sites: Advanced-Setup (= Shorthand Permissions, Regex, Wildcards) and Permission Calculation and sort both to "Features".
@RedstoneFuture RedstoneFuture mentioned this issue Jan 23, 2022
Closed
@lucko
Copy link
Member

lucko commented Mar 20, 2022

This all sounds good, PR would be appreciated!

@RedstoneFuture
Copy link
Author

RedstoneFuture commented Mar 20, 2022
edited
Loading

The documentation of the calculation process / the priorities should be done by one of the LuckPerms core team members. It should be really accurate and precise.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@RedstoneFuture @lucko