Microsoft Azure PlayFab logo
    • Multiplayer
    • LiveOps
    • Data & Analytics
    • Add-ons
    • For Any Role

      • Engineer
      • Designer
      • Executive
      • Marketer
    • For Any Stage

      • Build
      • Improve
      • Grow
    • For Any Size

      • Solo
      • Indie
      • AAA
  • Runs on PlayFab
  • Pricing
    • Blog
    • Forums
    • Contact us
  • Sign up
  • Sign in
  • Ask a question
  • Spaces
    • PlayStream
    • Feature Requests
    • Add-on Marketplace
    • Bugs
    • API and SDK Questions
    • General Discussion
    • LiveOps
    • Topics
    • Questions
    • Articles
    • Ideas
    • Users
    • Badges
  • Home /
  • API and SDK Questions /
avatar image
Question by Luis Saenz · Mar 07, 2020 at 02:09 AM · apisdocumentation

Group policy for invitations and applications

Hi,

I'm trying to implement policies to limit who can send group invitations and who can accept group applications. Currently I have the following


{

"Action": "*", "Effect": "Allow", "Resource": "pfrn:group--group!*/Invitations/*", "Principal": { "MemberOf": { "RoleId": "admins" }, "ChildOf": { "EntityType": "title", "EntityId": "7AB" } }, "Comment": "Only Admins can access invitations",
"Condition": null }, { "Action": "*", "Effect": "Allow", "Resource": "pfrn:group--group!*/Applications/*", "Principal": { "MemberOf": { "RoleId": "admins" }, "ChildOf": { "EntityType": "title", "EntityId": "7AB" } }, "Comment": "Only Admins can access applications", "Condition": null }

I am not sure whether it is correct or event if it makes sense.

I have not tried the invite flow, but for applications, non-admin members are able to accept applications.

The application flow is not much of a concern, as I can pipe it through CloudScript and validate the user doing the acceptance. Invitations are a different issue, as sending an invitation from CloudScript sets the title entity as the inviting entity

Comment

People who like this

0 Show 1
10 |1200 characters needed characters left characters exceeded
▼
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users
avatar image Luis Saenz · Mar 07, 2020 at 02:13 AM 0
Share
  {
    "Action": "*",
    "Effect": "Allow",
    "Resource": "pfrn:group--group!*/Invitations/*",
    "Principal": {
      "MemberOf": {
        "RoleId": "admins"
      },
      "ChildOf": {
        "EntityType": "title",
        "EntityId": "7AB"
      }
    },
    "Comment": "Admins access to invitations",
    "Condition": null
  },

  {
    "Action": "*",
    "Effect": "Allow",
    "Resource": "pfrn:group--group!*/Applications/*",
    "Principal": {
      "MemberOf": {
        "RoleId": "admins"
      },
      "ChildOf": {
        "EntityType": "title",
        "EntityId": "7AB"
      }
    },
    "Comment": "Admins access to applications",
    "Condition": null
  }

formatting policy edit

1 Reply

· Add your reply
  • Sort: 
avatar image
Best Answer

Answer by Citrus Yan · Mar 09, 2020 at 07:43 AM

I think the default Group Policy works just fine for your use case: Only members of the group admins role can send invitations and accept group applications. This is done using the following statement (actually it permits the admin player to do anything with the group):

  {
    "Action": "*",
    "Effect": "Allow",
    "Resource": "pfrn:group--*!*/*",
    "Principal": {
      "MemberOf": {
        "RoleId": "admins"
      }
    },
    "Comment": "Allow members of the group administrator role to do anything with the group",
    "Condition": null
  }

You were saying that non-admin members are able to accept applications, however, my test result shows the opposite. Would you please share your current group policy in [Game Manager] -> [Groups] -> [One_of_your_groups] -> [Policy] for us to investigate further?

Comment

People who like this

0 Show 0 · Share
10 |1200 characters needed characters left characters exceeded
▼
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users

Your answer

Hint: You can notify a user about this post by typing @username

Up to 2 attachments (including images) can be used with a maximum of 524.3 kB each and 1.0 MB total.

Navigation

Spaces
  • General Discussion
  • API and SDK Questions
  • Feature Requests
  • PlayStream
  • Bugs
  • Add-on Marketplace
  • LiveOps
  • Follow this Question

    Answers Answers and Comments

    3 People are following this question.

    avatar image avatar image avatar image

    Related Questions

    Windows 10 UWP on PC and Xbox One 1 Answer

    Admin calls? 1 Answer

    Leaderboard bucket support a la Clash of Clans 1 Answer

    Logging In and Authenticating users, to later call for things like IAP and Leaderboards 1 Answer

    Multiplayer tutorial for unity 1 Answer

    PlayFab

    • Multiplayer
    • LiveOps
    • Data & Analytics
    • Runs on PlayFab
    • Pricing

    Solutions

    • For Any Role

      • Engineer
      • Designer
      • Executive
      • Marketer
    • For Any Stage

      • Build
      • Improve
      • Grow
    • For Any Size

      • Solo
      • Indie
      • AAA

    Engineers

    • Documentation
    • Quickstarts
    • API Reference
    • SDKs
    • Usage Limits

    Resources

    • Forums
    • Contact us
    • Blog
    • Service Health
    • Terms of Service
    • Attribution

    Follow us

    • Facebook
    • Twitter
    • LinkedIn
    • YouTube
    • Sitemap
    • Contact Microsoft
    • Privacy & cookies
    • Terms of use
    • Trademarks
    • Safety & eco
    • About our ads
    • © Microsoft 2020
    • Anonymous
    • Sign in
    • Create
    • Ask a question
    • Create an article
    • Post an idea
    • Spaces
    • PlayStream
    • Feature Requests
    • Add-on Marketplace
    • Bugs
    • API and SDK Questions
    • General Discussion
    • LiveOps
    • Explore
    • Topics
    • Questions
    • Articles
    • Ideas
    • Users
    • Badges