Author Topic: How exactly does can_target work?  (Read 13196 times)

0 Members and 1 Guest are viewing this topic.

Offline Stickly Man!

  • Ulysses Team Member
  • Hero Member
  • *****
  • Posts: 1264
  • Karma: 166
  • open(my $file, "<README") or die;
    • XGUI
How exactly does can_target work?
« on: July 22, 2011, 02:11:10 PM »
is there a way to block [players] from using the commands on all higher groups BUT still be able to use it own members in their group?

This is a snippet from a forum post where I helped someone with can_target. Hopefully you will also find it useful!

Say you had the following groups: superadmin, admin, operator, users
If you want each group to target their own group and any groups under them, you'd set their can_target to be this:

superadmin: *  (or leave blank)
admin: !%superadmin
operator: !%admin
user: !%operator

To explain, the ! means not, % means group followed by the group name. So you can really just say it out loud for it to make sense:
'ulx setgroupcantarget operator "!%admin"' means "operator can target NOT group admin"   (This also means they can't target superadmins, because the superadmin group inherits from admin)

So, to solve the problem above, you would do: "ulx setgroupcantarget mod !%mod,^"  This means "mod can target NOT group mod, can target self"  (The comma basically just adds another separate parameter)



Update regarding Inheritance and branching:

With the inheritance system, it is possible to create multiple branches of inheritance. This is a VERY advanced functionality, and the only real benefit it provides is being able to more easily set different sets of permissions for different "branches" of groups. In all reality, there's a 99% chance you don't need to do it this way. You can accomplish a similar thing by creating a linear inheritance branch, then just deny the permissions you don't want the higher groups to have.

If you do decide to go the inheritance branch route, you'll need to set up can_target values manually. I'll quote what I said from a different thread about the subject:

Right now, your tree looks like this (in wonderful ASCII form):

moderator <- donoradmin <- trialstaff <- donormod <- legacy <- trusted <- regular \
                                                                                                                       > user
                                                                                     superadmin <- admin  /

So, when you specify that "donormod" can_target "!%trialstaff", you're saying "donormod can't target trialstaff or any group that inherits from it", meaning donoradmin and moderator. This does NOT say anything about the superadmin and admin groups, which are on a different branch. Unfortunately, due to how the , operator works (as a Union), setting the can_target to "!%trialstaff,!%admin", or even "!%trialstaff,!#superadmin,!#admin" will NOT work like you think it would.

The only benefit branching provides is if you have completely different sets of command accesses you want to give to each branch, say, if you wanted to give moderators something you didn't want to give admins. Still, this can be also solved by using "ulx groupdeny" to prevent a group from inheriting access from a lower command.

So if you want to keep the branching, you'll have to go through each can_target and manually specify the groups you want them to target. donormod's can_target would become: "#legacy,#trusted,#regular,#user" (Needless to say, ULX's targeting system wasn't quite designed to handle this kind of complicated inheritance targeting, Megiddo has mentioned it in other threads.)
« Last Edit: April 28, 2014, 10:22:39 AM by Stickly Man! »
"The stupidity of an individual on the Internet is generally matched only the by size of their ego, unless the individual in question is unaware of both." - Me

Offline JamminR

  • Ulysses Team Member
  • Hero Member
  • *****
  • Posts: 7987
  • Karma: 374
  • Sertafide Ulysses Jenius
    • Team Ulysses [ULib/ULX, other fine releases]
Re: How exactly does can_target work?
« Reply #1 on: August 24, 2013, 06:35:37 PM »
In addition to Stickly Man's great information, I've also always found the following discussion helpful.
Immunity - how it works now, by AtomicSpark
The price one pays for pursuing any profession or calling is an intimate knowledge of its ugly side. - James Baldwin

Offline Sgt.Blue

  • Newbie
  • *
  • Posts: 47
  • Karma: 2
Re: How exactly does can_target work?
« Reply #2 on: April 04, 2014, 02:29:41 AM »
On my server, users have * in their can_target. Does this mean that by default they can target everything?

Offline Decicus

  • Hero Member
  • *****
  • Posts: 551
  • Karma: 80
    • Alex Thomassen
Re: How exactly does can_target work?
« Reply #3 on: April 04, 2014, 04:06:25 AM »
On my server, users have * in their can_target. Does this mean that by default they can target everything?
Yes, absolutely everyone. Although only the commands they have access to.
Contact information:
E-mail: alex@thomassen.xyz.
You can also send a PM.

Offline ShaggySGD

  • Newbie
  • *
  • Posts: 8
  • Karma: 1
Re: How exactly does can_target work?
« Reply #4 on: September 08, 2014, 07:40:40 PM »
I made a group called moderator and I want to make it so they cant kick or jail other moderators.. What would I put into "can target"? I have tried !%moderator already and it didn't work, Any help would be great.