Administration Revealed

How does SourceMod handle administration and users?

In Admin-Mod, access checking, user authentication, and user privileges were entirely handled by the DLL. When OLO released AMX Mod, however, core administration/user authentication was done entirely by a plugin. Why? We may never know.

For the purposes of good design, it’s pretty obvious that this is not a good idea. If administration is meant to be a core part of your design, it shouldn’t be a plugin that can be switched off. But then again, what good is a tool that you can’t easily modify?

SourceMod attempts to combine these two areas. First, the actual configuration of SourceMod is stored in a separate DLL, which means it can be swapped for a different solution. For example, the WebGUI of SourceMod will use a different config DLL called webgui_config, and use SQL. Simple_config is the old AMX Mod/X style configuration.

Furthermore, access levels are managed by the config DLL and checked by the Core, not the plugin – so like Admin-Mod, access levels are built in. And unlike Admin-Mod, Plugins no longer hardcode access levels. They’re set in the configuration. That’s big for people who are always complaining about weird access levels – it’s now trivial to change them. It gets better – access levels are abstract. Simple_config uses the “abcde” flag system, but WebGUI_config uses a more advanced system of usergroups and permissions.

There are only three fields absolutely required to be implemented by a Config DLL: Unique usernames, unique steamids, and unique IPs. Don’t confuse usernames with aliases. In Admin-Mod and AMX Mod/X, user accounts were rather sparse, with only three real data types: “auth”, “password”, and “flags”. SourceMod implements true user accounts, where each user must have a unique username and then has sets of properties (such as multiple steamids, aliases, etc), and only two of those properties are requred (steamids, ips). By required, I mean that the Config DLL must support them as options.

Lastly, the actual authentication of a user is very loose. SourceMod doesn’t want to enforce too much, and the base admin plugin only serves to authenticate the server. It doesn’t do anything else, like reading access levels. It simply says “Hey, a user connected. Use the Config API to look them up by SteamID.”

This system is very powerful, allowing developers to implement their own configuration and authentication API for SourceMod — very easily. The idea behind this was letting gaming groups bind servers together and modify administration in virtually any way, without needing to change the plugins at all.

Leave a Reply

You must be logged in to post a comment.