Created Web ui login support and permissions (markdown)

mikeprimm 2012-04-16 21:47:57 -07:00
parent 8225ebfc23
commit 63c7943b73

@ -0,0 +1,33 @@
# Web UI Login Support and Permissions
Dynmap offers the option of limiting the availability of the information that can be access through the web user interface. To enable login support, the following setting must be configured in _configuration.txt_:
login-enabled: true
Once enabled, user accounts can be registered. Registration can be done by users themselves (using the /dynmap webregister command), if the users have the `dynmap.webregister` permissions. Alternately, registration can be done by administrators on behalf of users using the `/dynmap webregister <userid>` (which requires the `dynmap.webregister.other` permission). In either case, the user is supplied with a passcode, which can then be used on the web interface login panel to create a web user account.
Once defined, the web user account will use the permissions associated with the Minecraft user account to control access through the web interface.
If desired, the web interface can be restricted to only logged in users. To do this, set the setting:
login-required: true
Otherwise, guest access to the interface is permitted - which will only allow access to unprotected features.
## Web Interface Restriction Options
### World Protection
If the operator wants to restrict access to all map data on a specific world, this can be done by setting the 'protected' attribute on the world in worlds.txt (or, equivalently, by setting it using the command `/dmap worldset <world-id> protected:true`). Once set, only logged in users that also have the permission `dynmap.world.<world-id>` will be able to see any of the maps for the world <world-id>.
### Map Protection
If the operator wants to restrict access to specific maps on specific worlds, this can be done by setting the 'protected' attribute on the map in worlds.txt (or, equivalently, by setting it using the command `/dmap mapset <world-id>:<map-id> protected:true`). Once set, only logged in users that also have the permissions `dynmap.map.<world-id>.<map-id>` will be able to see the protected map. Note: if the map and the world are both protected, both permissions are needed.
### Chat Protection
If the operator wants to restrict access for sending messages from the web interface, this can be done by setting the 'webchat-permissions' setting on the ClientUpdateComponent. Once set to 'true', only logged in users that have the `dynmap.webchat` permission are allowed to send chat messages from the web interface.
### Player Positions and Information
If the operator wants to restrict visibility of the position and status of players, this can be done by setting the 'protected-player-info' setting on the ClientUpdateComponent. Once set to 'true', only logged in users that have the `dynmap.playermarkers.seeall` permission will be able to see the position and/or health information of all visible players. Logged-in players without the permission will only see their own position, while guests will see no players.