[Help] RBAC Permissions Setup

I’m new to developing with Trinity Core and could really use some help setting up RBAC. Any takers? I can give you my Skype and we can work it out there. I would be really, really grateful!

You usually don’t need to touch default RBAC permissions, if you need http://www.trinitycore.org/f/topic/9339-rbac-manager/

Usually no, but I’m opening a server where I want players to have certain commands, and remove some default commands. That looks nice but I have no idea how to set it up. /emoticons/default_sad.png

Then you shouldn’t be running a server, which we don’t support, by the way…

Server isn’t public, only a place for me to learn how to develop.

And everyone has to learn at some point?

Then, what players do you expect to have where you want the permissions to be different? Friends and/or family, perhaps? Assuming that you aren’t opening a public server, why would you have a player where you wish to remove certain commands from their access? I think it is questions like that which keeps others form offering further assistance.

Assuming that you are keeping the server private, for personal use, the rbac tables are really quite simple to understand (for me, anyway). Which part is confusing to you? Maybe I can explain it in a way that helps you to understand how to change what you want.

This is generally for my own learning. I’ve seen it done before and I’m curious how it’s done - but I’ll also have my brother on it and a few of his friends, but other than that it will be 2 or 3 players if at all.

Could you perhaps explain through a tutorial how to do it? A friend of mine tried, but it was awfully confusing. Basically the steps I need to do to get it to work.

Well, I don’t know that I’ll make it look like a guide or “tutorial”, but I’ll try to break it down and explain the relation of little. It’s all in the auth database, of course.

rbac_permissions table is just the permission id to the command association. You likely won’t need to change anything in there.

rbac_linked_permissions is where most people seem to get lost. The default configuration works this way:

[ul][li]id values of 192 to 199 are split into 2 groups[/li][ol]196-199 are the base permission groups for the 4 access levels
[li]192-195 are the GM Rank to permissions “groups”[/li][/ul]
In #2, you’ll notice how those are linked to the appropriate group or groups from #1, with some additional commands listed that were not categorized.

rbac_default_permissions is the table that maps the GM Rank to the appropriate group from the above group #2.

Assuming that you wanted to scrap the current design and create more than the 4 GM Ranks, I would scrap the 192-199 definitions and create similar groups of commands. There is plenty of room left in the 100-199 range for a good number of security ranks. Of course, doing that would also require new GM Rank mappings to be created in the rbac_default_permissions table. As I am unsure of the capabilities of the processing for that table, similar to the current 192-195 definitions, you will want to create new groups that link all the appropriate base groups (i.e. level 1 has all the access of level 0 plus the additional level 1 access, and so on).

If you look at the contents of the rbac_linked_permissions table, you’ll see how the higher access groups chain into the next lower access group. You could say that the entries of that table can literally refer to each other. It does look like a complete mess at first, but once you understand how they relate to each other, it becomes much easier to understand.

If you need to make better sense of the current rbac structure, you could make 5 text files (or grab 5 sheets of paper). Write the 4 base groups (196-199), 1 group per page/document, and use the 5th page/document to list the secondary groups (192-195) and GM Rank mappings to those groups. Then, you might be able to see the interaction of the groups.

Any clearer, or was I just as confusing as your friend?

That was definitely a lot more helpful than when my friend explained it to me, but I still don’t understand completely.

I mainly only want to remove/add commands, so is there any table which I can literally go in, add a row to add a command, and remove a row to remove one? If you want, I can give you my Skype. It may be easier to talk over there than the forums.

Thank you very much for your help so far.

The rbac_linked_permissions is the one you want to alter, I think. Are you simply wanting to move it from one GM Rank to the next higher? If so, use the rbac_permissions table to verify the permission id that you want to change, then find that id in the rbac_linked_permissions table (linkedId column) and change the id column to the appropriate group id (typically, that would be a simple subtraction of 1). Example: to take a command from normal players and moving it to the moderator level would either be changing 199 to 198 or 195 to 194, depending on which id it was assigned to. GM Rank 0 points to 195, and 195 chains into 199. If you look at the entries for id 195, you should see linkedId of 199 as the last entry.

As far as Skype versus the forums, this discussion could be helpful to other users, too. As such, it might be better in the long run to keep it here.

I managed to fix this due to the help of a friend. Thank you all for your support, it definitely helped me figure it out. /emoticons/default_smile.png