Custom GM levels

Hello guys

I’ve added a custom security levels in common.h

enum AccountTypes { SEC_PLAYER = 0, SEC_MODERATOR = 1, SEC_GAMEMASTER = 2, SEC_HGAMEMASTER = 3, SEC_DEVELOPER = 4, SEC_HDEVELOPER = 5, SEC_MANAGER = 6, SEC_ADMINISTRATOR = 7, SEC_CONSOLE = 8 // must be always last in list, accounts must have less security level always also

and edited rbac permissions through database http://prntscr.com/en1ib4

the first 2 GM levels works fine, the 3rd one which is custom .commands command doesn’t show the available commands, but if i wrote a command like .gm on …etc it works.

so if I’ve X commands, when i write .commands to see what commands available for me, nothing happens, it should show me available commands.

Thanks in advance.

use simply rbac and don’t touch account levels.

I can add a new security id without defining it into common.h? @Aokromes

you don’t need to touch c++/h to have custom permisions, rbac was made to avoid the need of that.

Well if i made, it will work fine and .command will show me available commands? @Aokromes

INSERT INTO `rbac_default_permissions` (`secId`, `permissionId`, `realmId`) VALUES (7, 903, -1); INSERT INTO `rbac_permissions` (`id`, `name`) VALUES (907, 'Role: CustomRank Commands'); INSERT INTO `rbac_permissions` (`id`, `name`) VALUES (903, 'Role: Sec Level CustomRank'); INSERT INTO `rbac_linked_permissions` (`id`, `linkedId`) VALUES (903, 907);

Yes, you can customize permissions for each security and have visible commands for each of those players with diff permissions.

@CDawg alright bud, i will try and tell you.

@CDawg I removed all the C++ edits i’ve done and did it through DB and still doesn’t show the available commands

https://trinitycore.atlassian.net/wiki/display/tc/RBAC%3A+Role+based+Access+Control

https://trinitycore.atlassian.net/wiki/display/tc/command

https://trinitycore.atlassian.net/wiki/display/tc/account_access

@CDawg The link of command table is outdated because this is how command work right now http://prntscr.com/enb7e3

Yes, but you understand the concept, even though the column name was updated, you are on the right track that you can set rbac for different levels of administration and the commands that they can operate.

@CDawg

You misunderstood, for example a command like .summon it has permission id 528 which is the id of the command in RBAC.h

RBAC_PERM_COMMAND_SUMMON = 528,

it has nothing related with GM level id

No, I understand correctly. It has everything related to GM levels. You are trying to re-invent the wheel.

You are trying to make different levels of GMs/Admins and you are hard coding what’s already in the rbac system

Fwiw as a sidebar, I have dealt with this situation a few times with customers IRL and often it can have unexpected issues (data loss or intrusion), especially with upgrades, feature enhancements, or changes in the role schema.

I would urge you to follow Aokromes advice and follow the RBAC process. If there is something missing conceptually, google 'rbac' and any of the major app vendors work through how and why this is laid out as it is.

Some of the forum threads elsewhere "how do i remove rbac" seem to dovetail to this request. I can see some forum posts elsewhere which are "How to RBAC", but I am not sure they are up to the current version. But they layout how to make a custom access level, "player", "youtubereviewer", "eliteplayer", "moderator", "gm", "admin", etc.

Obviously some servers give "players" access to commands that are not normally available, this is done through rbac, there isn't code change or a patch.

https://trinitycore.atlassian.net/wiki/display/tc/RBAC%3A+Role+based+Access+Control

cheers

Well guys, i made 4 more custom ranks through rbac_permissions

INSERT INTO rbac_permissions (id, name) VALUES (900, ‘Role: Sec Level Developer’);
INSERT INTO rbac_permissions (id, name) VALUES (901, ‘Role: Sec Level Head Developer’);
INSERT INTO rbac_permissions (id, name) VALUES (902, ‘Role: Sec Level Manager’);
INSERT INTO rbac_permissions (id, name) VALUES (903, ‘Role: Sec Level Administrator’);
INSERT INTO rbac_permissions (id, name) VALUES (904, ‘Role: Developer Commands’);
INSERT INTO rbac_permissions (id, name) VALUES (905, ‘Role: Head Developer Commands’);
INSERT INTO rbac_permissions (id, name) VALUES (906, ‘Role: Manager Commands’);
INSERT INTO rbac_permissions (id, name) VALUES (907, ‘Role: Administrator Commands’);

and linked them to rbac_default_permissions

INSERT INTO rbac_default_permissions (secId, permissionId, realmId) VALUES (4, 900, -1);
INSERT INTO rbac_default_permissions (secId, permissionId, realmId) VALUES (5, 901, -1);
INSERT INTO rbac_default_permissions (secId, permissionId, realmId) VALUES (6, 902, -1);
INSERT INTO rbac_default_permissions (secId, permissionId, realmId) VALUES (7, 903, -1);

and managed the permission that each security level have through rbac_linked_permissions

I’ve done all of that without editing the source as @Aokromes said but still nothing work.

Can i know what is the mistake i’ve done?

@CDawg @Ibeatdungeon