Page 1 of 1

Plug-in request

Posted: Sun Mar 19, 2017 12:17 am
by Zehra
Hi all,

I'm not sure if this is the proper place to ask, but it seems this is the best match for topic.
I'm not a coder and unable to write my own plug-ins.
So if someone would be willing, I'd like to ask that they could make it for me.
It would need a few specifications like the ones listed below.
1.Custom slash commands
2.Custom commands which can be altered by a configuration file.
3.Needs to be able to run both on Linux, Windows and macOS.

If this is something you could do and are willing to do it, please send a forum pm and I'll send more details on the concept. :wink:

-Zehra

Re: Plug-in request

Posted: Sun Mar 19, 2017 7:42 pm
by trpted
While I am not a coder also, for your helpers to better help you it would be better to provide more info about your concept.

Then users who can help you write the code, can provide a PM/IM to you with the code to do what you want to do if desired. For example if for some reason you do not want the code public...

Re: Plug-in request

Posted: Sun Mar 19, 2017 9:42 pm
by Zehra
I'm basically trying to get a local authentication system in place and not to have to use the /password command.
So basically perms would be given via a slash command and they could be altered via a configuration file.
(Someone wants to change their password and the code wouldn't need to be changed and recompiled to get it to work again.)
Getting it to work on Linux, Windows and macOS is also part of the idea. (This way it can work on a few systems and doesn't need to be system specific to run.)

-Zehra

Re: Plug-in request

Posted: Sun Mar 19, 2017 9:53 pm
by macsforme
They're called local groups.

Re: Plug-in request

Posted: Sun Mar 19, 2017 10:51 pm
by Zehra
How do the local groups work without global authentication?

-Zehra

Re: Plug-in request

Posted: Sun Mar 19, 2017 11:59 pm
by blast
Are you wanting a permission system for private or LAN servers? It is possible to have a private server that still makes use of global authentication. It would be set up the same way as a public server, but would have "-advertise NONE" so it would not show up on the list. For a LAN server, you generally don't need a full permission system.

Re: Plug-in request

Posted: Mon Mar 20, 2017 12:07 am
by Zehra
I'm thinking of a system with local type authentication, but is still publicly available, but not on list server and does not require global authentication to work.
(Basically a more complex version of /password, but much simpler than running private list and authentication server.)
I still want a full permission system, but one which can be loaded as a plug-in and not a password and does not require global authentication or list to work.

-Zehra

Re: Plug-in request

Posted: Mon Mar 20, 2017 9:52 am
by blast
So you want people to send their passwords to your game server?

Re: Plug-in request

Posted: Mon Mar 20, 2017 3:06 pm
by Zehra
Yes, but it would not be Global Registration passwords, but a local one.
The idea is that it would be like a /password command, but wouldn't provide the same amount of perms and wouldn't authenticate with any callsign, except the one which is specified to authenticate with, this would be specified and be part of a configuration file loaded by the plug-in.

-Zehra

Re: Plug-in request

Posted: Mon Mar 20, 2017 4:09 pm
by JeffM
I specifically disabled the fetures that did that (We had this exact feature) before, because it allowed for password harvesting and the transport to BZFS is not secure. Basically you will be gathering passwords and saving them in an insecure way. Users tend to be lazy and reuse passwords, there were a lot of problems with "hacked" accounts back then.

This is a truly bad idea.

What problem are you trying to solve?

Re: Plug-in request

Posted: Mon Mar 20, 2017 4:22 pm
by Zehra
I'm thinking it might provide a way of authenticating players without requiring global list and authentication and it would be much simpler than trying to run a private list and authentication as a way of providing authentication, but it seems this isn't a good idea as I thought it was.

-Zehra

Re: Plug-in request

Posted: Mon Mar 20, 2017 5:17 pm
by JeffM
why do you need to provide offline/private authentication?

What problem are you trying to solve? why is global authentication not good enough?

Re: Plug-in request

Posted: Mon Mar 20, 2017 6:20 pm
by Zehra
I'm trying to get a server set-up for a few things. (tests, game modes, settings, configs etc...)
JeffM wrote:why do you need to provide offline/private authentication?
I'm also currently unable to run a server with global authentication. So I'm thinking private authentication is the next best thing.
JeffM wrote:What problem are you trying to solve? why is global authentication not good enough?
I'm probably too concerned with details of not being able to verify things like that players are who they say they are on a private server without any form of authentication.
Global authentication would work, but I'm currently unable to run a server with global authentication and it probably isn't the best idea since it would be a test server.
Also I'm thinking of running a few plug-ins and don't want to give every user the same permissions to it, like I might want to let some players start a game mode, but not allow them to cancel or change settings while allowing others to be able to cancel or finish certain things without having to give the /password to them.
It also would be much simpler than trying to run private authentication and list.

-Zehra

Re: Plug-in request

Posted: Tue Mar 21, 2017 6:14 pm
by alfa1
I understand what you mean because I was trying to do so too. As blast says in Creating Groups, it seems that we can have 3 kinds of configurations for servers, in a summarized way:

(A) Public servers using global groups.
(B) Private servers using global groups.
(C) Private servers using local groups.


Blast said that all these 3 kinds of servers still need global authentication, and that (C) will use names, instead of BZIDs, which is not recommended. superUser plugin can be used to solve this.

Now, I have discovered recently that one can use local groups without global authentication only in the case that you want to give permissions to all players (it is the only way I can see for now). Then, there would be 2 kinds of players:

(A) Admin.
(B) All the other players.


In example, I made a "groupdb.cfg" file containing:

Code: Select all

EVERYONE: REPORT COUNTDOWN ENDGAME
And, then, set into the config file:

Code: Select all

-groupdb <path>/groupdb.cfg
Blast said, also, though, that a plugin could assign permissions as it sees fit based on any criteria but he is not sure any exist that are designed for offline/decentralized use. Then, maybe, there could be a good way to assign permissions, though I have not thought about it still.

Maybe I am missing something but, in the other hand, the documentation is not updated about this topic and it's something complex to understand too. What I did worked, at least. Hope it helps.

Re: Plug-in request

Posted: Tue Mar 21, 2017 6:18 pm
by JeffM
it is trivial to make bzfs authenticate users globally even if it is not publicly listed. I made a branch with the changes.

https://github.com/JeffM2501/bzflag/tree/2.4_TokenAPI

this means you can check authentications with out needing a public hosting key.

Re: Plug-in request

Posted: Tue Mar 21, 2017 7:23 pm
by Zehra
alpha1 wrote: Now, I have discovered recently that one can use local groups without global authentication only in the case that you want to give permissions to all players (it is the only way I can see for now). Then, there would be 2 kinds of players:

(A) Admin.
(B) All the other players.


Blast said, also, though, that a plugin could assign permissions as it sees fit based on any criteria but he is not sure any exist that are designed for offline/decentralized use. Then, maybe, there could be a good way to assign permissions, though I have not thought about it still.

Maybe I am missing something but, in the other hand, the documentation is not updated about this topic and it's something complex to understand too. What I did worked, at least. Hope it helps.
I was thinking of this basically, but wanted 1 or two extra groups and a better way of granting permissions and a way to "verify" players too.
Also getting rid of the /password command which would have made the server more secure too.(when running as local.)
Private list and authentication was another idea, but would be complicated to start and run it as it wouldn't be a long term thing, so it wouldn't make much sense to do.
Probably a few other players want to run test servers and to assign permissions too, but not give full perms as well so it was partly behind the idea of the plug-in too.

-Zehra

Re: Plug-in request

Posted: Tue Mar 21, 2017 7:28 pm
by Zehra
Ty JeffM,

I like the changes to BZFS.

I'll try to get a server running soon. :D

So if I'm understanding this correctly.
It's possible to run a server and get Global Authentication without list key, but it won't be public. (with the changes to BZFS.)

-Zehra

Re: Plug-in request

Posted: Tue Mar 21, 2017 7:54 pm
by JeffM
yes, the list key is only needed for the ADD action (to show up in the public list).

the CHECKTOKEN action does not need a key and can be done by any host that isn't banned at the IP level (this is how websites use global login).

the change I made was to call CHECKTOKEN instead of ADD if the server isn't public.

So all the normal global groups and stuff will work, the server just won't add itself to the list.

Re: Plug-in request

Posted: Wed Mar 22, 2017 2:38 am
by alfa1
Zehra wrote:I was thinking of this basically, but wanted 1 or two extra groups and a better way of granting permissions and a way to "verify" players too.
Also getting rid of the /password command which would have made the server more secure too.(when running as local.)
Private list and authentication was another idea, but would be complicated to start and run it as it wouldn't be a long term thing, so it wouldn't make much sense to do.
Probably a few other players want to run test servers and to assign permissions too, but not give full perms as well so it was partly behind the idea of the plug-in too.
I don't understand you very well now. I know that having more than 2 kinds of players is impossible for now (AFAIK), but why would you need so? It is only for testing (tho would work also for playing scenarios): just give players some perms and retain all the others as an admin, like in my example. Don't get too complicated. If you have a clear example where you need more than 2 groups, give it.
I neither see much problem with /password; specially in a local server.
I would recommend you just testing and trying a lot.

Re: Plug-in request

Posted: Wed Mar 22, 2017 3:02 am
by Zehra
alpha1 wrote: I don't understand you very well now. I know that having more than 2 kinds of players is impossible for now (AFAIK), but why would you need so? It is only for testing (tho would work also for playing scenarios): just give players some perms and retain all the others as an admin, like in my example. Don't get too complicated. If you have a clear example where you need more than 2 groups, give it.
I neither see much problem with /password; specially in a local server.
I would recommend you just testing and trying a lot.
Because it's impossible I was thinking of using the plug-in to get around it.(On the issue of more than 2 groups on a local server besides admin and cop.)
Also the /password option isn't too secure and I wanted to verify players too.(Some form of telling who is who and granting some perms to them when authenticated.)
I might want some to have the shortban permission, but don't want them to have the "set" permission too and I wouldn't give everyone the shortban permission too.
Most servers tend to have an admin, cop and player group, and some just have admin and player. (So it's basically a normal idea to have a cop group too.)
The idea is to run a public non-listed server and to provide some way of authentication for users. (Every user and not just the admin would have to verify.)
Testing is yet to be done and the server is meant to be a test too. :wink:

-Zehra