Nucleus, as an Essentials like plugin for Sponge, contains a lot of commands and as a result, a lot of permissions that can seem daunting on the first run of a server. To help you get up and running quickly, Nucleus provides two ways to set up permissions using your favourite permissions plugin.
If you want to set all permissions yourself, you can find a comprehensive list on our commands and permissions pages. You can also look on our specific module pages, or use any verbose logging tool that your permissions plugin may provide.
Nucleus is not a permissions plugin in its own right. While it provides commands to interact with permissions plugins, Nucleus does not manage permissions by itself. If no permissions plugin is installed, Nucleus will fall back to the Sponge default of OP based permissions. Players will either have all commands (if opped) or no commands (if not opped). We strongly recommend that you use a permissions plugin.
* if possibleWhile the * permission is a temooting prospect, it does not work the same way as it did on Bukkit
and Essentials. It will grant you everything, even things you may not be expecting, unlike on these
legacy platforms. For example:
* makes them vanish on loginnucleus.afk.exempt.toggle, activated by *nucleus.connectionmessages.disable - give yourself * and you won’t be broadcasted to the serverFor more information on why * is a bad idea, click here.
Every permission in Nucleus is internally assigned one of five roles, from the user role, permissions that are typically given to all players, through to staff roles all the way up to a role that contains permissions that are specialised and may do something that you may not expect if you granted the wildcard. These roles are:
USER - permissions that servers will generally grant to all playersMOD - permissions for actions that are used by moderation staff for server orderADMIN - permissions that allow setting gameplay altering mechanics or server managementOWNER - permissions that can cause severe server damage and generally should only be used by those with ultimate authorityNONE - permissions that are highly specialised, such as vanish on login, that should be decided on a case by case basisNucleus provides two ways to set up our suggested permission sets based on these roles in conjunction with your permissions plugin.
/nucleus setuppermsThe /nucleus setupperms subcommand allows server owners to grant the suggested permissions to groups, allowing for a quick
setup of a server. This will grant permissions based on the version of the plugin you are running at the time and does not
automatically update permissions when Nucleus is upgraded.
In general, you will already have the permission groups created in your permission plugin. To add the suggested permissions to the group, run:
/nucleus setupperms <ROLE> <group>
where <ROLE> is one of the roles mentioned above, and <group> is the name of the group in your permissions plugin. So,
to grant the USER rights to the default group, you would run:
/nucleus setupperms USER default
Similarly, to add ADMIN permissions to your administrators group:
/nucleus setupperms ADMIN administrators
However, note that this command does not grant permissions of lower roles by default. To do so, add the
-i flag. So, to add ADMIN, MOD and USER permissions to the administrators group, run:
/nucleus setupperms -i ADMIN administrators
We recommend that you use permission group inheritance rather than this method, however.
Note that running this command will NOT overwrite any Nucleus permissions you have already set, so running
this command when you have updated Nucleus is safe. If you wish to overwrite any Nucleus permissions that
conflict, use the -r flag.
If you have set up a brand new server and have not yet created permission groups, you can ask Nucleus to do so for you:
/nucleus setupperms -g
This will create a default, mod, admin and owner group with your Nucleus permissions ready to go.
nucleus.<role> permissions (for Nucleus 1.6 and above only)In Nucleus 1.6, the following permissions that automatically grants defaults:
nucleus.user that acts as a “super permission” for any permission labelled as USER in the permission tablesnucleus.mod that acts as a “super permission” for any permission labelled as MOD in the permission tablesnucleus.admin that acts as a “super permission” for any permission labelled as ADMIN in the permission tablesnucleus.owner that acts as a “super permission” for any permission labelled as OWNER in the permission tablesThese do not, and will never, override any explicit permission that has been set.
As an example, you give your moderators the nucleus.mod permission. This, for example, gives them permission to enter staff chat. However, maybe you don’t want them to access this. If you set nucleus.staffchat.base as false, this will override nucleus.mod. The same can be said for parent permissions, if you set nucleus.staffchat to false, a check to nucleus.staffchat.base will return false, regardless of whether nucleus.mod is set.
While this is cleaner than using /nucleus setupperms, you must be aware of the following:
setupperms./nucleus setupperms will continue to exist, and will not grant new permissions automatically if they are added in new releases (but will if
you re-run the setupperms commands).If you want to use our suggested template and do not mind following our recommendations, use the role permissions. If you want to use our suggested template but DO want full control over what permissions you have, remain with /nucleus setupperms.
If you do not want to use the role permissions, this can be turned off in the config by setting core.enable-parent-perms to false and reloading.