question

janne.mononen@vakigames.com avatar image
janne.mononen@vakigames.com asked

Unreal engine UserData vs Entity data

I'm a bit confused on if I should use UserData or Entity data when using unreal engine sdk. Is using ReadOnlyUserData easier way to prevent cheating than using Enity data? ReadOnlyUserData can be easily set on server using the SecretKey, but isn't Entity object data accessible by both server and client? What ways I have to prevent cheating and the client setting the object data?

10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

1 Answer

·
Hernando avatar image
Hernando answered

If you are confused about EntityData and Legacy data, please navigate to this thread Entity Data VS Legacy Data to check the discussion about them, you can choose the one more suits your demand.

>Is using ReadOnlyUserData easier way to prevent cheating than using Enity data? What ways I have to prevent cheating and the client setting the object data?

Entity policies can make EntityData meet your needs, the following sample policy code should meet your requirements – the title entity (server) can read/write it but the title_player_account entity can only be read. You can navigate to the Policy page at [Title Settings] -> [API Features] and add it to ENTITY GLOBAL TITLE POLICY.

{

    "Action": "Write",

    "Effect": "Deny",

    "Resource": "pfrn:data--*![SELF]/Profile/*",

    "Principal": {

    "EntityType": "title_player_account",

    "EntityId": "*"

    },

    "Comment": " deny player entity self-access",

    "Condition": null

}

>ReadOnlyUserData can be easily set on server using the SecretKey, but isn't Entity object data accessible by both server and client?

Usually, the Player Entity Object can be accessed by this Player and Title Entity, but the Title Entity Object can only be accessed by Title Entity Object.

4 comments
10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

janne.mononen@vakigames.com avatar image janne.mononen@vakigames.com commented ·

What determined the role in a policy(self, anyone, title, title player account)? When using unreal sdk and the data API do I need to provide the role when making a request?

0 Likes 0 ·
Hernando avatar image Hernando janne.mononen@vakigames.com commented ·

>What determined the role in a policy(self, anyone, title, title player account)?

"EntityType" principals allow you to restrict a policy to either a specific entity (such as a title) or a specific type of entity. In this code, Entity principals is written as PlayFab defined entity type title_player_account.

>When using unreal sdk and the data API do I need to provide the role when making a request?

No, you don't need. When A Player login Playfab, he will be identified as Title Player entity and will call entityAPI as this entity role.Each calling will check their permissions to ensure they are authorized to perform this operation.

You can check the entity type from the "EntityToken" field in "LoginResult" when the player login successfully.

0 Likes 0 ·
janne.mononen@vakigames.com avatar image janne.mononen@vakigames.com Hernando commented ·

Okay that makes sense. So the "role" is embedded into the EntityToken? Client gets a different role on authentication and when the ServerAPI authenticates user with session token the server gets a EntityToken with different role?

0 Likes 0 ·
Show more comments

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.