Add ability to limit access to the MDT by job and grade level #516
Conversation
There was a problem hiding this comment.
Pull request overview
This PR enhances the MDT permission system by adding minimum grade level requirements to job-based access control. Previously, access was granted solely based on job name matching; now, administrators can specify a minimum grade requirement for each job, with 0 allowing access to all grade levels.
Changes:
- Modified job configuration structure from boolean values to tables containing
minGradeRequiredfield - Updated
PermCheckfunction to validate both job name and grade level before granting MDT access - All existing jobs configured with
minGradeRequired = 0to maintain backward compatibility
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
| shared/config.lua | Restructured Config.PoliceJobs, Config.AmbulanceJobs, and Config.DojJobs from boolean values to table objects with minGradeRequired field, with all jobs defaulting to 0 (allow all grades) |
| server/utils.lua | Enhanced PermCheck function to validate player's grade level against job's minimum grade requirement in addition to job name verification |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| ['doctor'] = { minGradeRequired = 0 } | ||
| } | ||
|
|
||
| -- Add ranks |
There was a problem hiding this comment.
The comment "Add ranks" is unclear and inconsistent with the comments for PoliceJobs and AmbulanceJobs above. Consider changing this to match the format used for the other job tables (e.g., "Set the min grade level required to access the MDT" or remove it entirely to avoid confusion).
| -- Add ranks | |
| -- Set the min grade level required to access the MDT | |
| -- Set to 0 to allow all grades |
| local allowedJob = Config.AllowedJobs[PlayerData.job.name] | ||
|
|
||
| if not allowedJob or (allowedJob.minGradeRequired and PlayerData.job.grade.level < allowedJob.minGradeRequired) then | ||
| print(("UserId: %s(%d) tried to access the MDT without authorization (server direct)"):format(GetPlayerName(src), src)) | ||
| return false | ||
| end | ||
| return true |
There was a problem hiding this comment.
Inconsistent indentation detected. The codebase uses tabs for indentation (visible in lines 27-28 and throughout the rest of the file), but lines 24, 26, 29, and 31 use spaces. Please use tabs to maintain consistency with the rest of the codebase.
| local allowedJob = Config.AllowedJobs[PlayerData.job.name] | |
| if not allowedJob or (allowedJob.minGradeRequired and PlayerData.job.grade.level < allowedJob.minGradeRequired) then | |
| print(("UserId: %s(%d) tried to access the MDT without authorization (server direct)"):format(GetPlayerName(src), src)) | |
| return false | |
| end | |
| return true | |
| local allowedJob = Config.AllowedJobs[PlayerData.job.name] | |
| if not allowedJob or (allowedJob.minGradeRequired and PlayerData.job.grade.level < allowedJob.minGradeRequired) then | |
| print(("UserId: %s(%d) tried to access the MDT without authorization (server direct)"):format(GetPlayerName(src), src)) | |
| return false | |
| end | |
| return true |
1 participant
This pull request includes changes to enhance the permission check system for accessing the MDT by including a minimum grade requirement.
server/utils.lua: Updated thePermCheckfunction to include a check for the minimum grade required for accessing the MDT. The function now verifies if the user's job and grade meet the required criteria.shared/config.luaUpdated theConfig.PoliceJobs,Config.AmbulanceJobs, andConfig.DojJobsto include aminGradeRequiredfield, allowing for more granular control over access permissions based on job grade.A value of 0 gives access to all grade levels for that job.
Example:
Why is this needed?
Currently the MDT checks the players job to see whether they can access the MDT. This is just checking that their job name matches. Some servers want to be able to limit access to the MDT by job name + grade level. For example, a server might want to configure the 'lawyer' job to only have access to the MDT if they are grade level 2 or higher.