1.16.5 What exactly is permission?

Discussion in 'Spigot Plugin Development' started by Peepersoak, Jun 21, 2021.

  1. Hey, so I was wondering, what exactly is permission? I mean all I know is that they give player permission to use something, from commands, item use and other stuff, is that all?

    What is the difference between this and just using a list inside a config file? like if a player run a command, then just check if they are in the list inside the config or not. Won't they function the same?

    What are the pros and cons of adding permission compare to just using a list inside the config file?
     
  2. if names are stored in List in config, then your plugin is the only one which can use it, no other plugin will be able to use... so for example, if "example.example" is the permission for using an item, then any plugin can use the same for any other purpose... also, you can limit, almost everything in the game using this.... wondering what power can it have?? so that's for you:
    Code (Java):
    @EventHandler
    public void onMove(PlayerMoveEvent event){
    Player player = event.getPlayer();
    if(!player.hasPermission("server.move"))even.setCancelled(true);
    }
    BTW not on IDE code can be wrong!!
    you get the point no?
    PROS:
    1. don't have to do- getConfig().getString() or any other way. just do player.hasPerm bla bla.... very short!!
    2 List can be used by other plugins too, so easy to use ... for everyone
    3. very easy to add to your code, as you don't have to add an extra command in your plugin for giving a player a specific perm.
    4. user friendly maybe-- if every plugin has separate command to add perms, then there's high chance of command being same for two plugins, then you know what will happen!!
    Cons:
    1. i don't think it is possible to give players perms separately without the use of other plugin.. so that means, you will need vault, any perm plugin.
    2. very rare but in case you want that no one (that includes owners of other servers) can give the required perms required then, you can't do it... JK no one does this XD.
    3. perms can be same of two plugins so you know what will happen(very rare case).
     
    #2 Rudraksha007, Jun 21, 2021
    Last edited: Jun 21, 2021
  3. Yeah I get the point of using permission, it's like a security check to see if player can do stuff or not.

    But what is the difference between this
    Code (Text):
        @EventHandler
        public void onMove(PlayerMoveEvent event) {
            Player player = event.getPlayer();
            String uuid = player.getUniqueId().toString();
            if (!config.getStringList("server.move").contains(uuid)) event.setCancelled(true);
        }

    and this
    Code (Text):
        @EventHandler
        public void onMove(PlayerMoveEvent event) {
            Player player = event.getPlayer();
            if(!player.hasPermission("server.move")) event.setCancelled(true);
        }

    Won't they function the same?

    Not sure what you mean by,
    Why would other plugin use my config?
     
  4. But I'm pretty sure that most of the plugin will already store the config somewhere along the code for other purposes, so it's just a matter of using DI, to pass this config and just a do a simple get string list, so technically both of them are just 1 line of code, but instead of Player#hasPermission, it just a config#getStringList()

    I think this won't likely to happen, I mean IFAIK most plugin command starts with the plugin name, like a Freeze plugin will have a command of /freeze, won't they? the only time I got problem with commands is when I use Server Restorer plugin and the Skin Restorer, since both of them have the same /sr command, this is way before I started developing.

    and this is what I'm trying to avoid, so that small server will no longer need to use other plugins just to add those perms.
     
  5. work the same but.. in some case you get null pointers no?but i have not got any error due to that,
     
  6. i was talking about permission, not config... in case many people make addons with them, that's why
     
  7. The end result may seem similar, but they achieve this in completely different ways. People often misunderstand how the permission system works, as it's much more than a "check if the player is in the list".

    Permissions are essentially nodes, in which you can either set two possible values: true or false; or leave it unset. This system gives server administrators a lot more flexibility in the way they set their permissions, something that can't be accomplished through a list-based check. Some of the pros of the permission system includes:
    1. Permissions can have default values. Given a certain command or feature, you may want to define by default if a player is allowed to use it, even if the server administrator didn't set them.
    2. Permissions not only allow you to give access, but also take it. A good portion of the default server commands can be used by anyone, and I've lost count of how many plugins to "disable commands" I've seem floating around. That is something that can already be achieved by the current system in place.
    3. Permissions are server-wide. As mentioned by @Rudraksha007, permissions are considered in a server-wide scale, and can even be queried by other plugins. This gives other developers more flexibility when integrating with your plugin, and is something hardly achievable if you choose a plugin-specific configuration file.
    4. Permissions allow inheritance. This is not a very commonly used feature anymore, with people tending to use wildcards for everything, but permissions allow inheritance. Given a parent permissions, you can specify child permission nodes, that will automatically be given when the parent permission is set. This gives you a more fine-grained control, if you ever need it.
     
    • Winner Winner x 1
    • Useful Useful x 1
  8. now at the end of the... That's what we call perfect answer!!
     
  9. Additionally to that, permission plugins usually implement permission groups and then giving players different groups of permissions rather than individual permissions.

    Permission plugins also handle player name changes by using their uuid internally and not their name.

    Looking up player names in a List is also quite slow with a huge List. Better data structures for contain checks like HashSets/HashMaps are used by popular permission plugins.

    The last reason to use permissions is that the Bukkit API has permissions integrated:
    • player.hasPermission("yourpluginname.abcd") and other methods
    • /op-people gain all permissions by default
    • Commands are automatically hidden / inaccessible if the player doesn't have the permission you set for the command in your plugin.yml
     
    • Agree Agree x 1