Skip to content
Razvan Deaconescu edited this page Aug 23, 2014 · 1 revision

Roles define what actions may be run by users. Roles aggregate permissions, allowing the user with that particular role to execute actions according to those permissions.

There are predefined roles, that may be altered from the Control Panel. The Control Panel also allows adding new roles.

Implementing Roles

There should be a Role top-level class/model that would instanced for each role (be it predefined or added at runtime). This class would define what a role should look like.

Attributes would be:

  • name: a unique name/identifier for the role as shown to users
  • description: a description of the role and its purpose in the game
  • list of permissions: what are the permissions attached to the role

Methods for the class would be:

  • check_permission: check that permission given as argument is part of the list of permissions attached to the role

Permissions

Permissions are tokens of authority. Once a player has a role that has attached a given permission, he may run an action enabled by that permissions.

Permissions are predefined as a list of string identifiers inside the implementation. In various places in the source code there is a check for a given permission (the user has a role that has attached the permission); if that check is passed, then the following action may be done.

Permissions are defined as a list of tuples (name, description). Sample tuples are:

  • ("can-play-challenge-game", "User may play challenge game")
  • ("can-manage-spell-scrolls", "User may manage spell scrolls")
  • ("can-manage-users", "User can create and manage users")
  • ("can-manage-roles", "User can create and manage roles")
  • ("can-manage-groups", "User can create and manage groups")
  • ("can-manage-quest", "User can create and manage quests")
  • ("can-view-users", "User can view all users")

Within the Control Panel, a privileged user may view the list of permissions. These are to be used when editing or creating a role.

Actions on Roles

The most common action on roles is giving a user a specific role. This action is part of user actions. However, roles may be added, removed, changed or used during the game. The actions are listed below and may only be done by privileged users.

No action is possible on the predefined Administrator role.

  1. Add role

    When adding a role, the user will provide

    • the role name/identifier
    • the role description
    • list of permissions attached to the role
  2. Edit role

    Editing a role points the user to a screen that allows him to update any of the above attributes. He may remove or add certain permissions.

  3. Remove role

    When a role is removed it will no longer be available in the game. A role can only be removed if there are no players using that role.

  4. View roles

    Show a listing of all roles currently defined in the platform: show name, description and permissions attached to the role.

Predefined Roles

The roles below are predefined in the game and are available after installing.

  1. Guest

    Guest is defined for users that are not considered active inside the platform. In case the content is public, this is somewhat of a role for any non-authenticated connection. Otherwise, it would be the default role for any new user.

    A Guest role may only be used to view existing content and game statistics.

  2. Player

    The Player role is probably the most common role, being available to users that are using the games in the platform. Users with Player role may play any game. Users with Player role have no access to the Control Panel interface.

    A Player rol may receive modifiers, may send messages, may play games and see statistics and leaderboards inside the game.

  3. Editor

    The Editor role is for content creators (for games). The Editor role may create new games, may reply to user questions and approve user proposed content.

  4. Manager

    The Manager role is able to control all aspects related to the game. A Manager role may create users, groups, modifiers, may enable or disable content.

  5. Administrator

    The Administrative role is similar to the Manager role, with the addition of any platform-specific permissions (such as disabling authentication for a given time period, setting up game start date etc.). This role can not be changed inside the platform to prevent the accidental cut off of privileges.