Sorata_Kanda Posted December 23, 2018 Share Posted December 23, 2018 Hey everyone, while working on my project again, I stumbled upon ACL. Seems like a good thing, but I'm not sure whether to really use it or like use a custom-made permission system. (Especially as certain actions are tied to admin ranks which are stored in MySQL) What can you recommend? Thanks in advance! Link to comment
Investor Posted December 23, 2018 Share Posted December 23, 2018 ACLs are uniform and convenient - and integrate very well between multiple resources (especially community resources), while custom permissions would likely require exports, and thus can become broken if the permissions resource isn't turned on in time, for example. If you use the default MTA account system, there's no reason not to use ACLs. If you have your own accounts system, it's entirely up to you, but ACL integration is useful, especially due to being separate from the database -- if someone makes unauthorised database changes, ACLs are unaffected, and vice versa, when ACLs are changed, the database remains unaffected. 1 Link to comment
Sorata_Kanda Posted December 24, 2018 Author Share Posted December 24, 2018 Gonna take a look at that. Thanks for your response! Link to comment
Moderators IIYAMA Posted December 25, 2018 Moderators Share Posted December 25, 2018 In my opinion it is far more (beginner) user friendly. If you were to use a database as basis: - Everybody has to learn how to work with table relations. - Everybody needs a database edit tool before anybody in the server can be admin. I understand that you want more, but the [end user] is... Link to comment
Sorata_Kanda Posted December 26, 2018 Author Share Posted December 26, 2018 On 25/12/2018 at 19:50, IIYAMA said: In my opinion it is far more (beginner) user friendly. If you were to use a database as basis: - Everybody has to learn how to work with table relations. - Everybody needs a database edit tool before anybody in the server can be admin. I understand that you want more, but the [end user] is... My problem is that I probably have to rely on MTA's account system if I really want to use ACL. It seems practical, but I don't know if it's ideal to stick to MTA's account system. Something that I don't know is if I'm able to sync them to my database. Link to comment
Moderators IIYAMA Posted December 26, 2018 Moderators Share Posted December 26, 2018 (edited) 1 hour ago, Sorata_Kanda said: My problem is that I probably have to rely on MTA's account system if I really want to use ACL. It seems practical, but I don't know if it's ideal to stick to MTA's account system. Something that I don't know is if I'm able to sync them to my database. I am also not using the MTA account system for players. As I want my database to be 100% complete + portable. If you are going to switch server, you need to move 2 databases. So I decided not do that. There were some unhappy staff players about it, as they had to login double... even so it felt like a valid decision. If you want to make use of the MTA's account system, the username is most of the time used as the primary key for both databases. Do you need the account system and ACL? The account system is useful for registering staff. The ACL is useful for setting the rights of for staff. The account system is making use of the ACL. Yes, unless you want to build up a whole `staff rights system` by yourself. Do you need it for players? No, unless you want players to use the /login and /register commands. Edited December 26, 2018 by IIYAMA Link to comment
Dimos7 Posted December 27, 2018 Share Posted December 27, 2018 You can use costum login system that register account both database and mta Link to comment
Sorata_Kanda Posted December 27, 2018 Author Share Posted December 27, 2018 9 hours ago, IIYAMA said: I am also not using the MTA account system for players. As I want my database to be 100% complete + portable. If you are going to switch server, you need to move 2 databases. So I decided not do that. There were some unhappy staff players about it, as they had to login double... even so it felt like a valid decision. If you want to make use of the MTA's account system, the username is most of the time used as the primary key for both databases. Do you need the account system and ACL? The account system is useful for registering staff. The ACL is useful for setting the rights of for staff. The account system is making use of the ACL. Yes, unless you want to build up a whole `staff rights system` by yourself. Do you need it for players? No, unless you want players to use the /login and /register commands. I sort of made my own 'staff system', but I'm a little bit unhappy with it, as I have to export all functions I need to in order check if a player is an admin or not. Furthermore, I'm not sure if having MTA account + ACL would create a security risk as the permissions are rather tied to a MTA account instead of my custom account system, thus making it possible for someone to steal credentials of the MTA account without having them additionally logged in into the account that is associated with the MTA account to be stolen. Guess I need to take a look at ACL. Maybe you can revoke permissions for normal players to log in into MTA accounts, as they don't need to do it. Link to comment
Dimos7 Posted December 27, 2018 Share Posted December 27, 2018 (edited) You can do that all you need to do is go acl everyone and do that <acl right="command.login" access="false" /> <acl right="command.register" access="false"/> Edited December 27, 2018 by Dimos7 Link to comment
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now