• 欢迎来到Minecraft插件百科!
  • 对百科编辑一脸懵逼?帮助:快速入门带您快速熟悉百科编辑!
  • 因近日遭受攻击,百科现已限制编辑,有意编辑请加入插件百科企鹅群:223812289

PermissionsEX

来自Minecraft插件百科
Zhw留言 | 贡献2015年2月1日 (日) 12:05的版本 →‎Preparations
跳转到导航 跳转到搜索
本页面已存在其他语言的内容,请协助翻译为本地化的中文。
  • 点击此处开始翻译。
  • 如本模板出现在原文存档页面,请注意更新主页面后,仍需要去除此处该模板。
  • 如当前页面已经没有需要翻译的内容,请删去待翻译模板。
  • 有标题的大篇幅文章,如果短时间内无法全部翻译,请先把所有的标题翻译出来,以便之后的贡献者选择与翻译章节内容。
PermissonEX(PEX)
外文名PermissonEX(PEX)
插件类型Spigot / CraftBukkit
最新版本v1.23.1
兼容服务端1.8.1
前置插件
源地址http://dev.bukkit.org/bukkit-plugins/PermissionsEX

概述

介绍

PermissionsEx (PEX) 是一个新的权限(组), 基于权限组和它的所有功能. 但是PEX插件能做到更多! 它提供了各式各样有力的后台和游戏内管理方式, 很好的限制了一些玩家对于服务器的修改.

现有特性

Support for UUIDs as of version 1.21 Several backend support. Currently bundled backends is File (YAML) and SQL (MySQL, SQLite). Also it's possible to add your own. YAML backend, with new, fully rethinked, config schema. Now all user, groups and their permissions are stored in one file - permission.yml. File name can also be adjusted. SQL backend, most delicious. Currently MySQL and SQLite supported, but other DB (like Postgre) are possible too. PEX deploys the DB scheme (tables and initial data) automatically. This means, that you only need to provide data on how to connect to the db, everything else PEX will handle by itself. Flexible architecture and API - you can change a lot programmatically. Rich chat/console command interface. You can do almost everything ingame. Command list below. Modifyworld - Permission-based restrictions mechanism (we call it "modifyworld"), which provides the possibility to control players abilities, such as destroying/placing blocks, riding carts/boats or even getting spotted by mobs and much more. Available from its project page Multigroup inheritance. User, as well as Group, can be member of several groups. And inherit their permissions, options and prefix/suffix. Permissions based upon Regular Expressions. This mean you can use regular expressions. Example: modifyworld.blocks.(destroy|place).(3|12) - this permission allow place or destroy only sand (12) or dirt (3) blocks. There is still limitation on dot usage in your regexps - dots are escaped by default. Raw regex flag is also available and explained on the wiki. Multiworld permissions. Just don't specify world and permission would work in any world. Multiworld inheritance. You can inherit different groups in different worlds. Perfomance friendly. Low-level caching helps a lot when you have 100+ online users Promotional/Demotional system. You can assign ranks to groups and promote/demote users to higher/lower ranked group. NEW: new you can make serveral ranking ladders. World-inheritance - permissions/option of one world can be inherited by another world. Timed Permissions - you can give user permission only for some amount of time. As of version 1.21.1, PermissionsEx automatically updates to keep you up to date with the latest bugfixes and new features. The automatic update functionality will only perform updates between minor releases (for example only 1.21.1->1.21.2, not 1.21.3->1.22). To disable it, set the updater option to false in plugins/PermissionsEx/config.yml. Bukkit Permissions (SuperPerms) compatible. To disable error reporting, create a file called `report-disable` in the plugins/PermissionsEx folder. Note that enabling this option means you WILL NOT get any support for errors because the information published (permissions file, configuration, and versions) is essential to resolving issues.

进阶权限管理

权限的继承

很多服务器配置了多个权限组, 添加权限要各组分别添加. 权限继承允许服务器管理最大限度地减少每一组重复的节点数量.

这里假定您已经完成了基本教程,如还没有,请看基础权限知识,不然的话不能保证您能明白这里的每一步.

实际上,使用了基本教程中的案例,你会发现Member, VIP 和Moderator组都有共同的节点 , modifyworld.* .这里不需要使用继承.

Permissions Inheritance Rules

When dealing with inheritance, PEX follows a few rules:

Player specific settings (prefix, suffix, permission nodes, etc) are evaluated before group level settings Settings that are part of the group the player is a member of are evaluated before inherited settings Permission nodes are evaluated in order of the inheritance tree (see The Inheritance Tree for details) A group set to inherit from another group will inherit everything (this includes other inheritance directives!) from the source group, not just permissions. For example, if you have group B inheriting from group A, and group A is set to inherit from group B, PEX will follow the inheritance chain on group A, which is set to inherit from B, which inherits from A, and so on. Watch for this, it will cause a loop that will crash PEX.

Converting Existing Groups To Use Inheritance

Converting an existing group to use inheritance is easy with the pex group parents set command.

Convert the VIP and Moderator groups

pex group VIP parents set Member
pex group Moderator parents set VIP
Remove the redundant nodes
pex group VIP remove modifyworld.*
pex group Moderator remove modifyworld.*

At this point, the VIP and Moderator groups still have the same access as before as the VIP group inherits the modifyworld.* node from the Member group while adding the -modifyworld.mobtarget.monster.creeper node, and the Moderator group inherits it's nodes from the VIP group (including the nodes it inherited from the Member group) while adding the -modifyworld.mobtarget.* node.

The relevant portion of the permissions file now looks like this:

   Member:
       prefix: '&0(&8M&7ember&0)&7 '
       permissions:
       - modifyworld.*
       options:
           rank: '900'
   VIP:
       prefix: '&0(&eVIP&0)&7 '
       inheritance:
       - Member
       permissions:
       - -modifyworld.mobtarget.monster.creeper
       options:
           rank: '800'
   Moderator:
       prefix: '&0(&1Moderator&0)&7 '
       inheritance:
       - VIP
       permissions:
       - -modifyworld.mobtarget.*
       options:
           rank: '100'

It's not a large reduction with this example, but if a server has multiple groups with a dozen or more nodes in common with the groups, the file size savings can be considerable.

This inheritance can also be applied at a world level for servers with multiple worlds. See the Multiworld inheritance section page for more.

The Inheritance Tree

(Thanks goes to aviator14 for use of these nodes)

Due to the way PEX deals with file backends, it may help to view inheritance as a tree. For example, we have the following permission nodes:

 Guest:
   prefix: '&7'
   default: true
   permissions: []
 Player:
   prefix: '&f'
   default: false
   permissions:
   - generic.user.permissions
   - -multiverse.access.world_creative
   - -multiverse.portal.access.end
   - multiverse.access.*
   - multiverse.core.coord
   - multiverse.core.info
   - multiverse.core.list.who
   - multiverse.portal.access.*
   inheritance:
   - Guest
 Donator:
   prefix: '&5'
   permissions:
   - generic.donor.permissions
   - multiverse.access.world_creative
   inheritance:
   - Player
 Supporter:
   prefix: '&6'
   permissions:
   - more.generic.donor.permissons
   - multiverse.portal.access.end
   inheritance:
   - Donator
 Moderator:
   prefix: '&d'
   permissions:
   - generic.moderator.permissions
   inheritance:
   - Player
 ModD:
   prefix: '&d'
   permissions: []
   inheritance:
   - Moderator
   - Donator
 ModS:
   prefix: '&d'
   permissions: []
   inheritance:
   - Moderator
   - Supporter

The original forum post these nodes came from was asking why the ModD group was not getting the multiverse.portal.access.end node it was inheriting from the Donator group. Well, the reason for this is because of the way PEX evaluates nodes in a file backend and the inheritance tree.

An abbreviated version of the tree for the ModD group is this:

ModD permissions (none) Moderator (generic.moderator.permissions) which inherits from Player Player (which has -multiverse.access.world_creative among others) and inherits from Guest Guest (no permissions) Donator (generic.donor.permissions, multiverse portal access node) which inherits from Player Player (which has -multiverse.access.world_creative among others) and inherits from Guest Guest (no permissions) In this case, the issue was due to the Moderator tree being evaluated first, which finds the negation node for multiverse and stops looking. If the Donator tree was listed first (which was the suggested fix), PEX would follow that inheritance tree first, which has the multiverse permissions, and allow access to that node.

Regular Expressions (regex)

Regular Expressions, also known as regex or regexp, is a way to 'match' strings of text, such as particular characters, words, or patterns of characters. PEX supports a subset of regex in it's permission node checks.

PEX supports open and closed parentheses ( ) for grouping, curly braces { } for pattern matching, a pipe | for "or", and a dash - for through (as in numbers 1 through 5).

WARNING: If you have any nodes that use these characters then you MUST either put the line in quotes or escape with a backslash the character. If you do not, PEX may mistake the character as an attempt to use a regex, causing a Java error and rendering your permissions useless!

To use it, place the conditions/keywords and/or id numbers in a group, separated by a pipe or a dash if wanting to cover multiple numbers in a sequence.

If this is confusing, worry not. There is a reason why several technical book publishers sell books dedicated to regular expressions. Fortunately, for the purposes of PEX and permission nodes, it's much simpler to deal with, especially with examples of it in action.

Assume that you have a group that you don't want opening the following:

Dispensers ('dispenser', or 23)
Chests ('chest', or 54)
Furnaces ('furnace', or 61 unlit and 'burning_furnance', or 62 lit)
Jukeboxes ('jukebox', or 84)
Remember to check your use-material-names node setting.

You could have a set of nodes like this:

- -modifyworld.blocks.interact.dispenser
- -modifyworld.blocks.interact.chest
- -modifyworld.blocks.interact.furnace
- -modifyworld.blocks.interact.burning_furnace
- -modifyworld.blocks.interact.jukebox

However, this is unnecessary. Using the regex support in PEX, you can combine the nodes into a single line: - -modifyworld.blocks.interact.(dispenser|chest|burning_furnace|furnace|jukebox) - -modifyworld.blocks.interact.(23|54|61|62|84) (for use-material-names: false)

If you wanted to keep a group from destroying stone (1), grass (2), dirt (3), and cobblestone (4), you can use modifyworld.blocks.destroy.(1-4)

You can also use 'or' on other parts of the node.

Keeping with the previous example, adding the ability to place the blocks looks like modifyworld.blocks.(destroy|place).(1-4) Adding sand (12) to this example, you could use modifyworld.blocks.(destroy|place).(1-4|12)

Adding this to a group, such as the default group, is as simple as using the pex group <group> add <node> command.

pex group default add modifyworld.blocks.(destroy|place).(1-4|12) Any extra nodes can be removed with the pex group <group> remove <node> command. See Commands for more on the add/remove commands.

For advanced users, users can place a $ character directly in front of the node (after any other flag characters) to prevent PEX from performing regex escaping of . and *, so that they behave as normal regex characters rather than their function as delimiters in permissions nodes (escaped by default for backwards compatibility and user sanity)

As you can see, the ability to use regex in permissions can save a lot of typing.

File Back-end Example

In the interest of completeness, this is the full permissions file after the inheritance and regex commands listed above. This example assume use-material-names: false in your plugins/Modifyworld/config.yml file.

groups:

   default:
       default: true
       options:
           rank: '1000'
       permissions:
       - modifyworld.chat
       - modifyworld.blocks.(destroy|place).(1-4|12)
   Member:
       prefix: '&0(&8M&7ember&0)&7 '
       permissions:
       - modifyworld.*
       options:
           rank: '900'
   VIP:
       prefix: '&0(&eVIP&0)&7 '
       inheritance:
       - Member
       permissions:
       - -modifyworld.mobtarget.monster.creeper
       options:
           rank: '800'
   Moderator:
       prefix: '&0(&1Moderator&0)&7 '
       inheritance:
       - VIP
       permissions:
       - -modifyworld.mobtarget.*
       options:
           rank: '100'
   Admins:
       prefix: '&0(&4Admins&0)&7 '
       permissions:
       - -modifyworld.mobtarget.*
       - modifyworld.*
       - permissions.*
       options:
           rank: '1'

users:

   AnotherPlayer:
       group:
       - default
   YourPlayerName:
       group:
       - Admins

===Multiworld===Multiworld

Having several maps (or worlds) on a server is a common way to offer more than one game play experience. However, not all commands are suitable for all worlds. You wouldn't want a hardcore survival world to have access to the give command, but it may be perfectly fine, if not required, in a world intended for free building. Fortunately, limiting a permission node to a specific world is easy with PEX by specifying the world when adding the permission node.

Assume the following server setup:

A survival world with Nether and End worlds (named survival, survival_nether, and survival_the_end respectively)
A free build world (named freebuild)
A group (pvp) that has the ability to build in the survival world only (modifyworld.*)
A group (build) that has the ability to build in the survival and free build world (modifyworld.*)

See Modifyworld page for details on block placement permission nodes.

The commands to set this up are:

/pex group pvp add modifyworld.* survival (add build permissions to the survival world for the pvp group)
/pex group build add modifyworld.* freebuild (add build permissions to the freebuild world for the build group)
/pex group build parents set pvp (Set the build group to inherit the permission to build in the survival world)

Keep in mind that if you edit/add the multiworld lines into the permissions file by hand, make sure the name you use matches the one used in the bukkit configs and what is on the server, capitalization matters here!

The resulting permissions will look like this in the file back-end:

groups:

   pvp:
       permissions:
       worlds:
           survival:
               permissions:
               - modifyworld.*
   build:
       inheritance:
       - pvp
       permissions:
       worlds:
           freebuild:
               permissions:
               - modifyworld.*

Multiworld inheritance

You may have noticed the flaw in this setup, which is neither group had permission to build in the Nether and End worlds. This can be corrected in two ways:

Add the modifyworld.* node to each world individually Set up world-level inheritance using /pex world <world> inherit <parentWorlds> /pex world pvp_nether inherit pvp /pex world pvp_the_end inherit pvp These commands look like the following in the file back-end:

worlds:

   pvp_nether:
       inheritance:
       - pvp
   pvp_the_end:
       inheritance:
       - pvp

Backends

原帖是这么说的 PermissionsEx provides several backends to store permissions data. This page (will explain) explains them all. (PEX插件提供了一些用于保存权限数据的后台,这个页面会解释所有) 但其实这个页面只有这一句话(或许是服务器问题) 所以请等待更新。

基础的权限设定

权限节点的基本添加和否定

PEX插件有一个普遍原则,就是权限运行命令是不允许的,除非这个权限节点是具体列出的(非白即黑原则). 对于那些可以被默认(default)操作的事件和命令, PEX插件可以拒绝访问那些被否定的节点.

使用一个可以拒绝访问节点就像用 pex group <group> add <node>(最基本的权限给予命令) 命令那样简单. 使用同样的命令,只在权限节点前加一个负号(-)即可.

举个例子 /give 和 /plugins 命令是水桶客户端的一部分(基本命令)

/give 命令有一个权限节点 command.give 这个命令一般限制在ops.txt列出的人使用(管理员命令)
/plugins 命令也有个权限节点 command.plugins 它可以被服务器中任何人使用。

我们可以试试对于某个权限组增加和否定这两个节点:

如果允许某个权限组使用/give, 就可以输入命令 pex group 组别名 add bukkit.command.give
不允许某个权限组使用 /plugins, 这时候的命令就为 pex group 组别名 add -bukkit.command.plugins

重要的关于*的信息

PEX插件允许使用XXX*来给予XXX下的所有的分权限节点,但是呢,在使用这个前,你必须要明白它怎么工作以及会造成什么效果。一开始浏览的时候,这看上去很简单,给一个权限组“*”使它可以访问所有的权限节点,但是这也可能会导致你给了你不想要给这个权限组的权限。例如,在插件VanishNoPacket(简称VNP)中,它提供了一个权限vanish.silentjoin,使得所有的用户在登入时都不会显示加入公告,这是大多数服务器主人都不想要的效果。实际上这也可以用否定节点来简单解决(否定节点优先),任何给默认组使用的权限节点都能被否定以“关闭功能”

重要的后台文件

如果你要在后台修改编辑权限的话,请阅读并遵守以下规则: 权限必须以一个空格或者负号开始 - modifyworld.chat 和 - -modifyworld.mobtarget.*是在后台文件中有效的(格式正确)。 modifyworld.chat 和 -modifyworld.mobtarget.* 在后台文件中无效(格式不正确,无空格或负号)。 所有在YAML文件中的格式规则在PEX插件基本文件中必须被遵守,错误的文件会使得PEX插件无法启动,然后把log文件塞满错误信息。 PEX插件用自上而下的方式来检查用户和组别的权限节点,就像网络防火墙一样,如果它找到了一个与它想找的匹配的节点,它就会停止寻找,这就意味着在现实中,如果一个权限给了主要组别和它所有的子组别,它在看到允许的权限后就会停止寻找而忽略否定节点。 我们举个错误的例子

default:

 options:
   default: true
 permissions:
 - modifyworld.*
 - -modifyworld.blocks.interact.23

用这样的权限节点文件,如果一个玩家想要打开一个发射器(ID 23),它第一个会匹配到modifyworld.*节点然后停止,以至于允许玩家打开!(实际上第二个权限节点是不允许这样的事情发生的。)

不过,如果把这两行互换,-modifyworld.blocks.interact.23在modifyworld.*之前,玩家会被拒绝访问发射器(插件先检测到-modifyworld.blocks.interact.23节点)如果一个玩家想要打开一个熔炉(ID 61)插件就会检测到modifyworld.*节点,然后认为是modifyworld.blocks.interact.61节点,使得玩家可以打开。

教程实例

先来试试基本的权限指令和插件基本功能(以下作为教程实例并且推荐各服务器使用。) 创建五个组别个组别:Default,Member,VIP,Mod,Admin。

"Default" 可以聊天但是不可以改动任何东西,没有称号
"Member"信任的玩家组别,可以改动世界,拥有称号 ("&0(&8M&7ember&0)&7 ")
"VIP" 可以改动世界还可以不受到苦力怕的烦恼(这个VIP棒)! 并且拥有称号"&0(&eVIP&0)&7 ".
A "Mod"  可以不受到任何怪物的困扰(万岁!).
An "Admin" (管理员) 是超级用户,可以使用这个插件的所有功能并且拥有炫酷的称号比如 "&0(&4Admin&0)&7 ".

可选: 去除 modifyworld.* 权限从 "Default" 权限组中 可选: 添加 modifyworld.chat 权限到 "Default" 权限组里 结束后,测试环境

准备

安装PEX插件(放在插件目录下)

开启服务器.

打开浏览器控制台(租借,后台服务器的话)

在浏览器中打开PEX插件的配置文件


开始基础及基本权限

这些命令必须在控制台输入

创建一个Admin权限组(pex group admin create命令)

把 permissions.* 权限加入到组别中(pex group Admin add pressions.*命令) 把你自己加入组中 (pex user 你的游戏名 group set Admin), 其中你的游戏名是你在游戏内的ID名. 可选的:给自己所有权限不管自己是不是在拥有permissions.*权限的权限组里

如果你不想(不能)在控制台输入

创建一个permissions.yml文件输入以下文字,并上传(放置)到PEX插件的目录,请确保你的格式是正确的!看上面的YAML后台信息的帮助。

groups:
Default:
  options:
    default: true
  permissions:
 modifyworld.* Admin: options: prefix: '&0(&4Admin&0)&7 ' permissions:
 permissions.* users:你的用户名: group:
 Admin permissions:
 permissions.*

是时候创建其他组别了

创建其他组别: Member, VIP, Mod

使用这个命令创建Member组 /pex group Member create
使用这个命令创建VIP组 /pex group VIP create
使用这个命令创建Mod组 /pex group Mod create

接下来我们要标注这几个组别的阶级使得符合这样的顺序 Member -> VIP -> Mod -> Admin.看阶级页面以知道更多

Set rank order

输入以下命令

/pex group default set rank 1000
/pex group Member set rank 900
/pex group VIP set rank 800
/pex group Mod set rank 100
/pex group Admin set rank 1

阶级100是最高提升的阶级数。

升级和降级命令都会在游戏内收到限制 (但在控制台不会). 在游戏中,你不可以:

把一个低于你阶级的升到你的阶级 (Mod到Admin, 用前面的例子) 把一个阶级高于你的降到低于你的阶级(Admin到Mod,用前面的例子) 不能对于你同样阶级的升降级 (Mob不能对Mob操作,Admin不能对Admin操作。) 如果你在游戏内(只是举个例子)是Admin,想要把一个玩家提高到你一样的阶级必须使用/pex user PlayerName group set Admin.

在控制台,你很自由可以不受以上限制。

炫酷的滑板鞋!(好吧只是称号吗)

使用以下命令

/pex group Member prefix "&0(&8M&7ember&0)&7 "
/pex group VIP prefix "&0(&eVIP&0)&7 "
/pex group Mod prefix "&0(&1Mod&0)&7 "
/pex group Admin prefix "&0(&4Admin&0)&7 "

确保在每个称号后面都加上了个空格,这可以阻止称号和用户名混在一起在聊天中。实际上,后缀前也是因为同样的理由加一个空格为好。还有一种可以显示前缀后缀的方法就是前缀后缀相同(只需把prefix变成suffix就行)。

给每个组别添加权限

NOTE: If you have not enabled ModifyWorld, the modifyworld.* lines can be skipped.

OPTIONAL: /pex group default remove modifyworld.* OPTIONAL: /pex group default add modifyworld.chat (Only needed if modifyworld.* has been removed)

/pex group Member add modifyworld.*
/pex group VIP add modifyworld.*
/pex group VIP add -modifyworld.mobtarget.monster.creeper
/pex group Mod add modifyworld.*
/pex group Mod add -modifyworld.mobtarget.*
/pex group Admin add permissions.*
/pex group Admin add modifyworld.*
/pex group Admin add -modifyworld.mobtarget.*

Now it's time to test your setup

Testing your environment(top)

For each section, change your group to the specified group with /pex user YourPlayerName group set GroupName

Default

Verify that you can chat
Verify that the right prefix is shown in the chat window
Verify that you can modify the world by breaking a block outside of the spawn area

NOTE: If modifyworld was enabled and the modifyworld.* node was removed, you should not be able to If you have enabled modifyworld and the modifyworld.* node was removed, find and run into a creeper! (Don't be afraid, it will not be able to target you, nor can you harm it) Member

Verify that you can chat
Verify that the right prefix is shown in chat window
Verify that you can modify the world by breaking a block outside of the spawn area

VIP

Verify that you can chat
Verify that the right prefix is shown in chat window
Verify that you can modify the world by breaking a block outside of the spawn area

If you have enabled modifyworld and the modifyworld.* node was removed, find and run into a creeper! (Don't be afraid, it will not be able to target you, but should be able to hurt it) Admin

Verify that you can chat
Verify that the right prefix is shown in chat window
Verify that you can modify the world by breaking a block outside of the spawn area (if you have put your player name in the ops.txt and set allowOps to true in the PEX Configuration File, you will be able to break blocks in the spawn area).
Verify that you have access to all PEX commands (Run /pex reload as a test, it should respond with "Permissions Reloaded")
Verify that you are not targeted by any mobs

For the next step, you will be creating a "virtual" user. Alternately, have a friend join the server and use them as the test subject (It's for Science!)

Test the ranks

/pex user AnotherPlayer group set default

Verify that the promotion/demotion queue is working by using /pex promote AnotherPlayer. You should see "User AnotherPlayer promoted to NextGroup" Keep doing this until you see "Promotion error: User is not promotable". Running /pex user AnotherPlayer should show the following: playername are member of:

Mod (rank 100 @ default)

playername's permissions:

-modifyworld.mobtarget.* (from Mod)

modifyworld.* (from Mod) playername's options:

Demotion is the same as promotion, just change the word promote with demote

If the player was virtual, remove them afterwards with /pex user AnotherPlayer delete if you want If the player was real, check every group to verify that it is working as it should (see the Goals list)

File Backend Example

For reference, following the example above will result in the following permissions.yml file. If you use this as an example for making your permissions file, make note of the indenting and capitalization of the various header names:

groups:

 default:
   options:
     rank: '1000'
     default: true
   permissions:
   - modifyworld.chat
 Member:
   permissions:
   - modifyworld.*
   options:
     rank: '900'
     prefix: '&0(&8M&7ember&0)&7 '
 VIP:
   permissions:
   - -modifyworld.mobtarget.monster.creeper
   - modifyworld.*
   options:
     rank: '800'
     prefix: '&0(&eVIP&0)&7 '
 Mod:
   permissions:
   - -modifyworld.mobtarget.*
   - modifyworld.*
   options:
     rank: '100'
     prefix: '&0(&1Mod&0)&7 '
 Admin:
   permissions:
   - -modifyworld.mobtarget.*
   - modifyworld.*
   - permissions.*
   options:
     rank: '1'
     prefix: '&0(&4Admin&0)&7 '

users:

 AnotherPlayer:
   group:
   - default
 YourPlayerName:
   group:
   - Admin

And this is how the file looks to PEX after being parsed. Use an on-line YAML checker to verify your permissions file looks similar. If it does not, PEX will not work as expected and may throw all kinds of errors!

{

 "users": {
   "AnotherPlayer": {
     "group": [
       "default"
     ]
   }, 
   "YourPlayerName": {
     "group": [
       "Admin"
     ]
   }
 }, 
 "groups": {
   "default": {
     "options": {
       "default": true, 
       "rank": "1000"
     }, 
     "permissions": [
       "modifyworld.chat"
     ]
   }, 
   "Member": {
     "options": {
       "prefix": "&0(&8M&7ember&0)&7 ", 
       "rank": "900"
     }, 
     "permissions": [
       "modifyworld.*"
     ]
   }, 
   "VIP": {
     "options": {
       "prefix": "&0(&eVIP&0)&7 ", 
       "rank": "800"
     }, 
     "permissions": [
       "-modifyworld.mobtarget.monster.creeper", 
       "modifyworld.*"
     ]
   }, 
   "Mod": {
     "options": {
       "prefix": "&0(&1Mod&0)&7 ", 
       "rank": "100"
     }, 
     "permissions": [
       "-modifyworld.mobtarget.*", 
       "modifyworld.*"
     ]
   }, 
   "Admin": {
     "options": {
       "prefix": "&0(&4Admin&0)&7 ", 
       "rank": "1"
     }, 
     "permissions": [
       "-modifyworld.mobtarget.*", 
       "modifyworld.*", 
       "permissions.*"
     ]
   }
 }

}

Chat Manager

Commands

Utility commands

由于原帖格式原因,搬运过来后作如下解释 格式为: 命令(省略斜杠) 权限 作用

pex	permissions.manage	Display help
pex toggle debug	permissions.debug	Enable/disable debug mode (Caution: This will produce a lot of entries in your server.log file. Use this only  for debugging!)
pex user <玩家名> toggle debug	permissions.manage.<玩家名>	Enable/disable debug mode on a specific user (Caution: This only enables logging for a single user, but can still generate lots of entries in your server.log file)
pex user <玩家名> check <权限>	permissions.manage.<玩家名>	Checks 1 specific permission against 1 specific user
pex reload	permissions.manage.reload	Reload the pex environment
pex config <节点> [value]	permissions.manage.config	Print <node> value from plugin configuration. Specify [value] to set a new value
pex backend	permissions.manage.backend	Print the currently used backend
pex backend <backend>	permissions.manage.backend	Change the permissions backend on-the-fly (Use with caution!) Note that this will only change the backend on-the-fly, it will not save the change in the config file, nor will it convert anything. This is for testing only.)
pex hierarchy	permissions.manage.users	Print the complete user/group hierarchy
pex import <backend>	permissions.manage.dump	Import users/groups from selected format
pex users cleanup <权限组> [threshold]	permissions.manage.users.cleanup	Remove "dead" users from the file. [threshold] is in days and defaults to 30

World Inheritance Management

pex worlds	permissions.manage.worlds	Print the worlds PEX and the server know of
pex world <world>	permissions.manage.worlds	Print the <world> inheritance info
pex world <world> inherit <parentWorlds>	permissions.manage.worlds.inheritance	Set the parent worlds for <world>. <parentWorlds> can be just one world, or a comma-separated list of worlds.

User commands

pex users list	permissions.manage.users	List all users defined in the permissions file
pex users	permissions.manage.users	List all users defined in the permissions file (alias to users list)
pex user	permissions.manage.users	List all users defined in the permissions file (alias to users)

User's permission management

pex user	permissions.manage.users	List the registered users
pex user <玩家名>	permissions.manage.users.permissions.<玩家名>	List the permissions for <玩家名> (alias to user <玩家名> list)
pex user <玩家名> prefix [newprefix]	permissions.manage.users.prefix.<玩家名>	Get or set the prefix for <玩家名>
pex user <玩家名> suffix [newsuffix]	permissions.manage.users.suffix.<玩家名>	Get or set the suffix for <玩家名>
pex user <玩家名> delete	permissions.manage.users.<玩家名>	Remove <user> from the permissions file
pex user <玩家名> list [世界名]	permissions.manage.users.permissions.<玩家名>	List the permissions for <user> . Shows the permissions assigned to the user directly as well as those assigned via the group the user is a member of.
Specify [world] to list the users permission for a single world
pex user <玩家名> add <权限> [世界名]	permissions.manage.users.permissions.<用户>	Add <permission> to <user>. Specify [world] to grant/deny  permission only in [world]
pex user <玩家名> remove <权限> [世界名]	permissions.manage.users.permissions.<用户>	Remove <permission> from <user>. Specify [world] to remove permission only from [world]
pex user <玩家名> timed add <权限> <限制时间> [world]	permissions.manage.users.permissions.timed.<玩家名>	Add timed <permission> to <玩家名> for <lifetime in seconds> in [world]
pex user <玩家名> timed remove <权限> <lifetime in seconds> [world]	permissions.manage.users.permissions.timed.<玩家名>	Remove timed <permission> from <用户> for <lifetime in seconds> in [世界名]
pex user <玩家名> set <option> <value> [世界名]	permissions.manage.users.permissions.<用户>	Set <option> to <value>. Set value to "" (two double-quotes) if you want to remove the <option>. Specify [world] to set <option> only in [world]

User's group management

pex user <玩家名> group list	permissions.manage.membership.<玩家名>	List all groups the <user> is currently in
pex user <玩家名> group add <权限组> [世界名] [限制时间]	permissions.manage.membership.<权限组>	Add <user> to <group>. Optional param lifetime (in seconds) is used to make timed membership. You can replace world by "" if the group of the user is applied for all worlds and you want applied a lifetime.
pex user <玩家名> group set <权限组> [世界名]	permissions.manage.membership.<权限组>	Set <user> group to <group>. Note that this command removes the user from any other groups they are a member of.
pex user <玩家名> group remove <权限组> [世界名]	permissions.manage.membership.<权限组>	Remove <user> from <group>

missing: /pex group weight [weight] print or set group weight

Default groups management

pex default group [world]	permissions.manage.groups.inheritance	Print the default groups for specified world. If [world] is not specified, it will apply to the global config.
pex set default group <权限组> <value> [world]	permissions.manage.groups.inheritance	Set the default flag of <group> in [world]. Any number of groups can have this flag set. If [world] is not specified, it will apply to the global config. <value> is boolean 'true' or 'false'.

Group commands

pex group	permissions.manage.groups.list	List all registered groups (alias to groups list)
pex groups	permissions.manage.groups.list	List all registered groups (alias to groups list)
pex groups list	permissions.manage.groups.list	List all registered groups
pex group <权限组> prefix [newprefix]	permissions.manage.groups.prefix.<权限组>	Get or set the prefix for <group>
pex group <权限组> suffix [newsuffix]	permissions.manage.groups.suffix.<权限组>	Get or set the suffix for <group>
pex group <权限组> create [parents]	permissions.manage.groups.create.<权限组>	Create <group>. Specify [parents] to set the groups it inherits from
pex group <权限组> delete	permissions.manage.groups.remove.<权限组>	Remove <group>
pex group <权限组> parents list	permissions.manage.groups.inheritance.<权限组>	List the parents for <group>
pex group <权限组> parents set <parents>	permissions.manage.groups.inheritance.<权限组>	Set the parent(s) for <group> (single or comma-separated list)
pex group <权限组>	permissions.manage.groups.permissions.<group>	List all <权限组> permissions (alias to group <group> list)
pex group <权限组> list [world]	permissions.manage.groups.permissions.<权限组>	List all permissions for <group>. Specify [world] to list the group's permissions for [world]
pex group <权限组> add <权限> [世界名]	permissions.manage.groups.permissions.<权限组>	Add <permission> to <group>
pex group <权限组> remove <permission> [world]	permissions.manage.groups.permissions.<权限组>	Remove <permission> from <group>. Specify [world] if this permission should be removed only in [world]
pex group <权限组> timed add <权限> [lifetime] [world]	permissions.manage.groups.permissions.timed.<权限组>	Add timed <permission> to <group> with [lifetime] in [world]
pex group <权限组> timed remove <权限> [世界名]permissions.manage.groups.permissions.timed.<权限组>	Remove timed <permission> for <group> in [world]

pex group <权限组> set <option> <value> [世界名]permissions.manage.groups.permissions.<权限组> Set <option> <value> for <group>. Set value to "" (two double-quotes) if you want to remove the <option>. Specify [world] if the option should be set only in [world]

Group's user management

pex group <权限组> users	permissions.manage.membership.<group>	List all users in <group>
pex group <权限组> user add <玩家名>	permissions.manage.membership.<group>	Add <用户> to <group> (single or comma-separated list)
pex group <权限组> user remove <玩家名>	permissions.manage.membership.<group>	Remove <用户> from <group> (single or comma-separated list)
pex promote <玩家名> <ladder>	permissions.user.promote.<ladder> (if there is only one ladder, it will be named default)	Promote <玩家名> on <ladder>. If <ladder> is not specified, the default ladder (named default) will be used.
pex demote <玩家名> <ladder>	permissions.user.demote.<ladder> (if there is only one ladder, it will be named default)	Demote <玩家名> on <ladder>. If <ladder> is not specified, the default ladder (named default) will be used.

FAQ

Features

Integrating with PEX

Migration

Migration and UUIDs

Modifyworld

Modifyworld Notes

This section requires that you have a permissions plugin installed, which includes a basic structured group layout that allows the default group to only chat.

By default, users are not restricted. This is by design. Set specific nodes on this list to false to restrict users from performing actions, or set modifyworld.* to false to block a user from doing anything.

By default, modifyworld uses block names instead of block ID's. To use ID's, change or add the use-material-names: false line to the config. Negate a node (-, set its value to false) to disallow a feature to a user/group. Use the wildcard symbol * to include all subnodes. When using PermissionsEx, per the Regex section on the Advanced Permissions Setup page, you can specify multiple items within a single line. To do this, put the item codes/names in parentheses, separated by a pipe character (a shift-backslash on most US keyboard layouts). For example, (260|296|297) will match apples, wheat, and bread if use-material-names is false.

IMPORTANT NOTICES

Thanks to Bukkit user @Tahg we were notified about one issue with the modifyworld.blocks.place.* node: If you remove modifyworld.* from a group, for the group to place blocks, you will need to specify what blocks the group is allowed to place other blocks on using the modifyworld.blocks.interact.* (alternately you can use a wildcard for the block ID with modifyworld.blocks.interact.*) in addition to the modifyworld.blocks.place.* for the blocks the group is allowed to place. This is because Bukkit checks first for onPlayerInteract() then for onBlockPlace(). For example, when trying to place a sand block on a grass block, the permission node checks are modifyworld.blocks.interact.grass then modifyworld.blocks.place.sand. Consider the block being targeted with this action - the interact permission is required for the block that is targeted with right-click, and thus could be to the side or above the placed block. Metadata can appear on a lot of blocks and items that you might not expect, please make sure you read the section on Metadata and check the debug output before posting in the forums!

Configuration

Modifyworld configuration is stored in plugins/Modifyworld/config.yml

An example ModifyWorld config file:

informPlayers: true
itemRestrictions: true
whitelist: false
messages:
   prohibitedItem: You have prohibited item "%s".
   whitelist: You are not allowed to join this server. Goodbye!
   permissionDenied: Sorry, you don't have enough permissions
use-material-names: true
drop-restricted-item: false
item-use-check: false

Configuration Properties

由于搬运,格式有些耽误此处格式为:

权限/实体...名 (默认是否开启) 简介

informPlayers	false	Informs players if/when their permissions change
itemRestrictions	false	Enable/disable item restrictions. If this is enabled, items not configured to be allowed will be removed from the player's inventory if it's found.
messages.prohibitedItem	You have prohibited item "%s".	Message sent to players who have disallowed item(s)
messages.whitelist	You are not allowed to join this server. Goodbye!	Message sent to clients not on the whitelist
messages.permissionDenied	Sorry, you don't have enough permissions	What is sent to players trying to do something they are not allowed to
whitelist	false	Enable/disable the whitelisting feature
drop-restricted-item	false	If true, restricted items will be "ejected" from the player as if they dropped the items. If false, the items will just dissappear.
use-material-names	true	If true, modifyworld will use item names (dirt) instead of item numbers (3) when checking the permission nodes
check-metadata (REMOVED AS OF VERSION 1.19.1)	false	If true, modifyworld will use the meta-data for blocks and items in the permissions checks. This means that your nodes may need a :* or .* added to the end of them!
item-use-check	false	If true, modifyworld will enable the modifyworld.item.use.<itemid>.on.block.<blockid> node and check for rights to use <itemid> on <blockid>. Note that this basically replaces the modifyworld.interact.<entityName> checks.

Metadata Notes

Starting with release 1.19.1, metadata handling has been changed a bit.

There is no longer a need to specifically turn on metadata handling for modifyworld. However, a lot of blocks and items have metadata that one might not expect, or now has metadata due to changes in minecraft and bukkit.

A few examples are leaf blocks (each type has it's own value), planks (for the different colours), and sandstone (the different designs).

For item ID's that have metadata, using :* will cover all possible values for the metadata. For nodes that cover multiple items/blocks where some have metadata and others do not, the regex value of :?* will cover ID's that have metadata and ID's that do not.

Many blocks that you might not expect can have metadata, such as chests and doors that are freshly placed but have not been opened yet. When in doubt and you can't get a permission node, turning on debug will show what is being looked for. Please do this before posting in the forums, I can't stress this enough. Metadata is a very large stumbling block for many new users to PEX.

Generic Nodes

modifyworld.login	Allow/disallow a user/group to join your server. You need whitelist: true to make it work.
modifyworld.chat	Allow a player to write messages in public chat
modifyworld.sneak	Player can crouch (check your Minecraft client config for the key) NOTE: Per https://github.com/PEXPlugins/PermissionsEx/issues/78, the node is here but it doesn't work due to a lack of support in Bukkit
modifyworld.sprint	Player can sprint (double tap your forward key) NOTE: Per http://github.com/t3hk0d3/PermissionsEx/issues/78, the node is here but it doesn't work due to a lack of support in Bukkit
modifyworld.chat.private	Player can send private messages (using /tell)
modifyworld.usebeds	Player can use beds
modifyworld.bucket.empty.<fluid>	Player can empty buckets.

<fluid> can be water or lava

modifyworld.bucket.fill.<fluid>	Player can fill buckets

<fluid> could be: water, lava or milk (earlier versions of PEX and bukkit used air for milk)

modifyworld.digestion	Allows players' energy bar to deplete. A popular application of this would be to do -modifyworld.digestion to disable energy consumption whilst still enabling modifyworld.*

Block Nodes

See Materials for <blockid> values.


modifyworld.blocks.destroy.<blockid>	Player can break <blockid>. It's also possible to specify <blockid> by name. Example: modifyworld.blocks.destroy.stone
modifyworld.blocks.place.<blockid>	Player can place <blockid>. NOTICE: This permission requires modifyworld.blocks.interact.<blockid> to work properly.
modifyworld.blocks.interact.<blockid>	Player can interact with <blockid> (use levers, press buttons, etc.)

Item Nodes

See Materials for <itemid> values.


modifyworld.items.craft.<itemid>	Player can craft <itemid>.
modifyworld.items.drop.<itemid>	Player can drop <itemid>.
modifyworld.items.enchant.<itemid>	Player can enchant <itemid>.
modifyworld.items.have.<itemid>	Player can have <itemid> in their inventory. itemRestrictions: true need to be set for this to work.
modifyworld.items.hold.<itemid>	Player can have <itemid> in their hand. itemRestrictions: true need to be set for this to work.
modifyworld.items.pickup.<itemid>	Player can pickup <itemid>. Also it's possible to specify <itemid> by name, example:  、modifyworld.items.pickup.diamondpickaxe
modifyworld.item.use.<itemid>.on.block.<blockid>	Player can use <itemid> on block <blockid>. item-use-check: true need to be set for this to work and is check in addition to the modifyworld.interact.<entityName> checks

As of 1.19.3

modifyworld.items.use.<itemid>.on.block.<blockid>	Player can use <itemid> on block <blockid>. item-use-check: true need to be set for this to work and is check in addition to the modifyworld.interact.<entityName> checks
modifyworld.items.throw.<itemid>	Player may throw eggs, snowballs, splash potions or experience bottles. Potion metadata excludes splash flag: potion:34 will match a Splash Potion of Swiftness II.

As of 1.19.4

modifyworld.items.take.<itemid>.of.<container>	Player may take items from containers, such as chests.
modifyworld.items.put.<itemid>.of.<container>	Player may take put items in containers, such as chests.

Entity Nodes

modifyworld.damage.deal.<entityName>	Player can deal damage to <entityName> (e.g. skeleton, spider, creeper, cow, pig, minecart, etc)
modifyworld.damage.take.<entityName>	Player can take damage from <entityName>
modifyworld.mobtarget.<entityName>	Player can be targeted by <entityName>
modifyworld.interact.<entityName>	Player can interact with <entityName>
modifyworld.tame.<entityName>	Player can tame <entityName>. This permission won't give you ability to tame animals or mobs that are not normally tameable (no pet creepers). Currently, only animal.wolf and animal.ocelot are applicable.

Possible <entityName> values

Players and Wolves

player.<playerName>	Player called <playerName>. (Example: player.t3hk0d3)
group.<groupName>	Any member of <groupName> group. (Example: group.admins)
animal.wolf	Wild wolf
animal.wolf.<playerName>	Wolf tamed by <playerName> (Example: wolf.t3hk0d3)
animal.ocelot	Wild ocelot (cat)
animal.ocelot.<playerName>	Tamed cat (ocelot)
Example: animal.ocelot.t3hk0d3
npc.villager	Not related to Bert
snowman	Not related Frosty
irongolem	Defenders of the Villagers

Animals

animal.chicken	cluck-cluck
animal.cow	Mooo
animal.mushroomcow	Mooshroom
animal.pig	Pig
animal.sheep	Sheep
animal.squid	Squid

Monsters

monster.blaze	Pyros, every one...
monster.cavespider	Worse than spiders
monster.creeper	SssssSSSssss
monster.enderman	Don't look at them directly
monster.ghast	AWWWWWWW
monster.giant	Giant Zombie
monster.pigzombie	Pig Zombie, omg
monster.silverfish	Beware the horde
monster.skeleton	Them bones, them dry bones...
monster.slime	Covers regular slimes and magma cubes
monster.spider	Yep, this is Spider, he is annoying.
monster.zombie	Brainzzzz...

Environment

starvation	Num nums, or lack there of
fire	Initial fire damage
lava	Lava damage. Add firetick too for full protection.
firetick	Damage from touching fire (or after stepping into lava) over time.
blockexplosion	Damage from TNT explosion.
projectile.arrow	Arrows shot at player
drowning	Failing to grab a breath of fresh air
fall	Jumping without a parachute
suicide	Committing Seppuku
poison	Poison potions

Vehicle Nodes

NOTE: If you want to have permission to enter or exit a vehicle, you will also need modifyworld.interact.*


modifyworld.vehicle.destroy.<vehicleName>	Player can damage vehicles (minecarts for example)
modifyworld.vehicle.enter.<vehicleName>	Player can enter vehicles
modifyworld.vehicle.collide.<vehicleName>	Player can collide with a vehicle

Possible <vehicleName> values

Boat
boat	Not related to the Love Boat
Minecart
minecart	Indiana Jones rides in one of these

Material Names

If use-material-names is false use the ID column value. Otherwise use the Name value.

You can find more detail, including metadata information, at Minecraft Wiki.

Pex basics

Permissions and Server Terminology

Server Console (AKA Console); The window that appears when the server is started. Displays server and plugin startup information, as well as server and plugin errors. Global Permissions: Permissions that are applied to all worlds on a server. World Specific Permissions: Permissions that are applied only to specified worlds. Users: Your players. Group: A name given to a set of permission nodes, often used to designate various levels of support on a server. Groups can have global and world specific permissions, as well as other information used by other plugins. Node: A line of text that represents a command, action or ability. For example, the /give command in bukkit has the node of bukkit.command.give Negation: Mark a node as not available. Generally used only in certain specific situations. Inheritance: The ability of a group to have the permissions from another group automatically apply. PEX supports group and world level Inheritance. Metadata: (Also know as damage value) Metadata is another value added to an item ID number for various things, such as the different colours of wool blocks, the position of a switch, if a door is open or not, and so on. Primary used with Modifyworld.

Permissions Hierarchy

PEX supports both a file based and SQL permissions hierarchy. For the purposes of explanation and ease of visualization, the following example will use a file based permissions hierarchy.

users: <- Users Section

   t3hk0d3:                                      <- Player Name
       group:                                    <- Player Group(s) Section
       - default                                 <- Player Group Name
       permissions:                              <- Player Specific Permissions Section
       - permissions.*                           <- Permissions node
       worlds:                                   <- World Specific Permission Section
           world:                                <- World designator
               permissions:                      <- World Specific Permission Group
               - test.*                          <- World Specific Permission
               group:                            <- World Specific Group Section
               - testers                         <- World Specific Group
               prefix: '&5[YARR]&f'              <- World Specific Prefix

groups: <- Group Section

   default:                                      <- Group Name
       default: true                             <- Default Group Setting
       permissions:                              <- Group Permissions Section
       - -modifyworld.blocks.interact.23         <- Negated Permission Node
       - modifyworld.*                           <- Permission Node
   admins:
       inheritance:                              <- Group Inheritance Section
       - default                                 <- Groups) To Inherit From
       permissions:
       - example.permission
       - -punish.noobs
       options:                                  <- Group Options Section
           test.test: '100500'                   <- Extra Data
           rank: '1'                             <- Rank Designator
       worlds:
           nether:
               permissions:
               - nocheat.fly
               prefix: '&7[ADMIN FROM HELL]'
   testers:
       inheritance:
       - admins
       options:
           test.test: '9000'

worlds: <- World Specific Section

   nether:                                       <- World Name
       inheritance:                              <- World Inheritance Section
       - world                                   <- World To Inherit From

PEX File Format (YAML)

PEX, like many other plugins, uses a format for it's files called YAML (YAML Ain't Markup Language, see http://yaml.org/ if you want to know more). YAML, unlike some other file formats, is very picky about the formatting and characters used. Config files used by PEX, including the permissions file, must be indented correctly! Capitalization matters as well!

The rules for YAML as they apply to PEX are:

Certain characters are reserved for use by YAML. Some of the characters are ' - : # and %. If the data for an entry is going to use one of those characters, it must be in quotes. %prefix%player%suffix> &e%message is invalid. "%prefix%player%suffix> &e%message" is valid Any entries that are made of numbers only must be in quotes. rank: 1000 or 45625: is invalid. rank: '1000' or '45625': is valid. Tabs are not allowed to be in the file anywhere, unless it is in quotes. Any place where you would use a tab must use exactly two spaces. Each group must start at the very beginning of the line, and each section contained within that section must be indented. Due to the regex support in PEX, there are other characters that one has to be aware of. Characters such as } { ) ( ? and * must be quoted or escaped (a backslash works well). This isn't a YAML limitation, but is a similar situation to the reserved characters in YAML.

PEXML

Plugin Configuration

Ranks (Promotion and Demotion)

Troubleshooting and FAQ