Immunity: How It Works Now

[atomicspark]

A lot of people have been confused recently with the change in how player immunity works. I'll provide a few examples and hopefully it'll be intuitive enough for you to figure out.

Code: (Old Way) [Select]

ulx adduser <player> <group> 1
Immunity was granted per player and blocked every ulx command from any player who did not have "overrideimmunity" access (superadmin by default). Megiddo thought this was silly and removed it completely from ULX.

Now I know many of you would like this feature back for whatever reason. Maybe you have a few immature admins or as a server owner, you really just don't trust other players. Fear not! I have good news for you. You can still have this feature by taking advantage of the new command system and targeting system.

Code: (New Way) [Select]

ulx groupallow <group> <command> "!%group"
As you can see, the new way is more complex, but better fits the whole "access is defined per group and not per player" motto. This is backwards then before. Instead of defining who you want to have immunity, you now define what groups players can not use the command on. In the above command, the "%group" access tag allows the group to use the command only on the specified group. The "!" is not (or reverses it). Now I know it's confusing since I have "group" listed twice, but just remember that the first group is the group the player is in and the second group is the target group that you want to prevent the player form using the command on.

NOTE: Advanced ULX functionality is not for the faint of heart. I recommend that you back up your current ULib folder (in garrysmod/data/ULib) before changing default access tags. If all else fails, you can always delete that folder and have it regenerated at server restart (it probably wont appear until you use a command that changes ULib access).

Simple Example

Code: [Select]

ulx groupallow operator "ulx ban" "!%admin"
This should disallow operators to ban both admins and superadmins. Remember, default ULib groups inherit from each other. The default inheritance is user > operator > admin > superadmin.

Another Example

Code: [Select]

ulx groupallow admin "ulx ban" "!%superadmin"
This prevents admins from banning superadmins. Basically the above command states "allow admins to use ulx ban, but not on super admins". Remember, if you change any of the default access tags, you must allow access to the groups higher up on the group hierarchy if you want them to remain normal. So now allow access to ulx ban to superadmins:

Code: [Select]

ulx groupallow superadmin "ulx ban"
I hope this helps out a little for those who are having trouble with the new command system. Keep in mind that I wrote this from memory at work and without access to my Windows machine that runs my dedicated server. There may be inaccuracies in my post and if there are, please point them out to me and I'll make corrections accordingly.

[Megiddo]

Pretty much spot on!

So just to quickly review, if you execute the following three commands:

Code: [Select]

ulx groupallow superadmin "ulx ban"
ulx groupallow admin "ulx ban" "!%superadmin"
ulx groupallow operator "ulx ban" "!%admin"
It's the same as saying "the groups operator, admin, and superadmin should be able to ban users from their own group or lower, but shouldn't be able to ban anyone in a higher level group than themselves". So, operators can ban everyone but admins and superadmins, admins can ban everyone but superadmins, and superadmins can ban everyone. This is a much better way of handling immunity than a simple on/off like previous versions of ULX had, isn't it?

Atomicspark, how would you feel about writing up the new 'ulx userhelp'?

Edit:
Some more advanced usage would include--

Operators can ban everyone but admins, but only between 1 and 60 minutes:

Code: [Select]

ulx groupallow operator "ulx ban" "!%admin 1~60"
Stickly Man isn't allowed to ban Bob due to a deep hatred:

Code: [Select]

ulx userallow "Stickly Man!" "ulx ban" "!Bob"
Users are allowed to use teleport, goto, and noclip as long as they're using it on themselves (Remember that '^' equates to self):

Code: [Select]

ulx groupallow user "ulx teleport" "^"
ulx groupallow user "ulx goto" "^"
ulx groupallow user "ulx noclip" "^"
Everyone is allowed to kick someone named newbie:

Code: [Select]

ulx groupallow user "ulx kick" "newbie"
Atomicspark, I just realized that you've got the arguments for ulx groupallow switched around.

[Dv2236]

That looks sexy.
Does overcome will work?

[Megiddo]

That looks sexy.
Does overcome will work?

Negative, no point now.

[NaRyan]

Can you use this to stop Admins from using the Physics gun to pick up SuperAdmins?
As my friend who is the other superadmin on the server is getting a ikkle bit niffed off at one of the Admins who keeps moving him about while he is busy with his E2's....

My sanity sure hopes it is. 

[bennie900]

You sure can,

Code: [Select]

ulx groupallow admin "ulx physgunplayer" "!%superadmin" (or what ever that physgun bit is) then admins can physgun anyone BUT super admins.. hope this helps

[JamminR]

one of the Admins who keeps moving him about

Superadmin console] ulx removeuser "Admin"
***[Superadmin] Superadmin removed Admin from group "admin"

Much better than immunity.

[NaRyan]

You sure can,

Code: [Select]

ulx groupallow admin "ulx physgunplayer" "!%superadmin" (or what ever that physgun bit is) then admins can physgun anyone BUT super admins.. hope this helps

Cool thanks
He he JamminR.....don't tempt me......

:EDIT:
Nope it never worked. Admins can still pickup superadmins with physics gun

[DiscoBiscuit]

Is there a way to make a group not able to run commands on admin globally instead of adding tags to all the commands individually?

[JamminR]

DiscoBiscuit, not at this time.
However, Megiddo and I are trying to come up with a feasable way to do it.
I tend to agree with others, not having a mass way to do it, and instead having to groupallow <group> <ulx <high number of commands>> is difficult through console. Though XGUI will make it a bit easier once we get closer to full release, doing it from server console would still be a challenge.
See also http://forums.ulyssesmod.net/index.php/topic,4349.0.html - 4th or 5th post where Megiddo and I post.

[Buggzie]

Can someone help me out, Basically what i want to do is i have these groups here:

Owner
SuperAdmin
Admin
Moderator
Respected
User

I just want a lower rank not to be able to use commands or pickup or anything to that user which is higher rank than them.  If this is possible please tell me

[dpoolas]

is there a way i can make it so admins cannot use commands on each other but admins still can use them on themselves and on people that are lower in rank then them

[Megiddo]

is there a way i can make it so admins cannot use commands on each other but admins still can use them on themselves and on people that are lower in rank then them

Hmm, I'd say change "can_target" for admins to "!%admin" in groups.txt, but I think that would stop them from targeting themselves... I'll go fix that right now.

[Megiddo]

And now it works the way you requested, have fun!

[dpoolas]

wow thank you megiddo

To tell the truth didn't think this would get answered.