This function returns whether or not the given object has access to perform the given action.

Scripts frequently wish to limit access to features to particular users. The naïve way to do this would be to check if the player who is attempting to perform an action is in a particular group (usually the Admin group). The main issue with doing this is that the Admin group is not guaranteed to exist. It also doesn't give the server admin any flexibility. He might want to allow his 'moderators' access to the function you're limiting access to, or he may want it disabled entirely.

OOP Syntax Help! I don't understand this!

• Method: ACL.hasObjectPermissionTo(...)

Syntax

bool hasObjectPermissionTo ( string|element theObject, string theRight, [ bool defaultPermission = true ] )

Required Arguments

• theObject: The object to test if has permission to. This can be a client element (ie. a player), a resource or a string in the form user.name or resource.name.
• theRight: The action to test if the given object has access to. Ie. function.kickPlayer.

Optional Arguments

NOTE: When using optional arguments, you might need to supply all arguments before the one you wish to use.

• defaultPermission (default: true): The default permission if none is specified in either of the groups the given object is a member of. If this is left to true, the given object will have permissions to perform the action unless the opposite is explicitly specified in the ACL. If false, the action will be denied by default unless explicitly approved by the Access Control List.

Returns

• bool: result

Returns true if the given object has permission to perform the given action, false otherwise. Returns nil if the function failed because of bad arguments.

Code Examples

Example 1 Example 2 (OOP)

server

This example kicks a player if the user using it has access to the kickPlayer function.

-- Kick command
local function onKickCommandHandler(playerSource, commandName, playerToKick, stringReason)
    -- Does the calling user have permission to kick the player? Default
    -- to false for safety reasons. We do this so any user can't use us to
    -- kick players.
    if (hasObjectPermissionTo(playerSource, "function.kickPlayer", false)) then
        -- Do we have permission to kick the player? We do this so we can fail
        -- nicely if this resource doesn't have access to call that function.
        if (hasObjectPermissionTo(resource, "function.kickPlayer", true)) then
            -- Kick him
            local target = getPlayerFromName(playerToKick)
            if (target) then
                kickPlayer(target, playerSource, stringReason)
            else
                outputChatBox("Player "..playerToKick.." not found.", playerSource)
            end
        else
            -- Resource doesn't have any permissions, sorry
            outputChatBox( "kick: The admin resource is not able to kick players. Please give this resource access to 'function.kickPlayer' in the ACL to use this function.", playerSource)
        end
    else
        -- User doesn't have any permissions
        outputChatBox("kick: You don't have permissions to use this command.", playerSource)
    end
end
addCommandHandler("kickplayer", onKickCommandHandler)

server

OOP Required

This example kicks a player if the user using it has access to the kickPlayer function.

-- Kick command
local function onKickCommandHandler(playerSource, commandName, playerToKick, stringReason)
    -- Does the calling user have permission to kick the player? Default
    -- to false for safety reasons. We do this so any user can't use us to
    -- kick players.
    if (ACL.hasObjectPermissionTo(playerSource, "function.kickPlayer", false)) then
        -- Do we have permission to kick the player? We do this so we can fail
        -- nicely if this resource doesn't have access to call that function.
        if (ACL.hasObjectPermissionTo(resource, "function.kickPlayer", true)) then
            -- Kick him
            local target = getPlayerFromName(playerToKick)
            if (target) then
                target:kick(playerSource, stringReason)
            else
                playerSource:outputChat("Player "..playerToKick.." not found.")
            end
        else
            -- Resource doesn't have any permissions, sorry
            playerSource:outputChat( "kick: The admin resource is not able to kick players. Please give this resource access to 'function.kickPlayer' in the ACL to use this function.")
        end
    else
        -- User doesn't have any permissions
        playerSource:outputChat("kick: You don't have permissions to use this command.")
    end
end
addCommandHandler("kickplayer", onKickCommandHandler)

See Also

ACL Functions

• aclCreate
• aclCreateGroup
• aclDestroy
• aclDestroyGroup
• aclGet
• aclGetName
• aclGetRight
• aclGetGroup
• aclGroupAddACL
• aclGroupAddObject
• aclGroupGetName
• aclGroupList
• aclGroupListObjects
• aclGroupListACL
• aclGroupRemoveACL
• aclGroupRemoveObject
• aclList
• aclListRights
• aclObjectGetGroups
• aclReload
• aclRemoveRight
• aclSave
• aclSetRight
• hasObjectPermissionTo
• isObjectInACLGroup

ACL Elements

• acl
• aclgroup

Reference

• Scripting Functions