There are two structures here, and we’ve been evolving the permission designs as we continue to talk about them and test implementations. We want to do this right. And to do it right, we have to separate what one might call permission nodes, from what one could call groups.
Permission nodes are typically conceptualized as a tree. For instance:
town
|
|-mayor
| |-rename
| |-sell
| |-tax
|
|-citizen
| |-ownland
| |-vote
In this case, one might prefer to grant all their users town.citizen
(town.citizen.*
in bukkit), which would in turn imply town.citizen.ownland
and town.citizen.vote
. So in one sense, town.citizen
is a collection of permissions. But that’s not what we mean by buckets.
What you might call groups is a whole different story. This is the conceptual and experimental hotspot in permissions right now, and where the term “bucket” comes from in this usage.
w[FreeForAll] : { build }
w[Creative] : {}
guest : {}
member: { economy, town.citizen }
member > guest
pixel: {}
pixel & w[Creative] : { build }
So we have a number of bucket directives on display here. (and yes, it is appropriate to call them groups, I will do so from here on for simplicity’s sake)
w[FreeForAll]
is a world. These are implicit, synthetic groups which Subjects are members of as long as they’re an Entity which is in that World. Same thing for w[Creative]
.
guest
and member
are traditional groups, with a traditional inheritance relationship defined between them, member > guest
. You could read this as either “member inherits from guest,” or, in terms of set theory, “member is a superset of guest” (it has all the permissions guest does, plus more)
pixel
is a more “bucket”-y, behavior-focused group. It describes a role or an activity on the server, in this case pixel artists which should be able to build on the “Creative” world. But wait… this group has no permissions! How are we doing that?
pixel & w[Creative]
is what we call an indefinite group. It’s an intersection set between pixel
players and players who are in the creative world. In this case, we say that people who meet both conditions should be able to build.
I hope this clears up some of the confusion, and helps express how the permission system has been evolving and its vocabulary and grammar is formalizing. Note that this is still under heavy focus and subject to change.
Edit: and just like that, it changed! Updated for the new “superset” grammar.