question

chorustempo avatar image
chorustempo asked

Really confused over different access policies

Sorry if this is a really basic question, but I've spent ages reading through the documentation and still can't get my head around access policies.

I'm creating a turn based card game where players can create up to 3 characters and play different games with them with a group of up to 4 other people. I'm using the Objects in the player's account to store their character information (so object 'Character1', object 'Character2', object 'Character3'). Then when they join a game, they will temporarily join a game Group as either a player or a host (if no other players have joined yet) where all group members can access stored group information about the game (updated on each turn).

I want all players to be able to read information stored on the player's character objects (so everyone can view things like their name, level, basic info). But I only want the player to be able to update that information.

The group policies I think I understand, so I'm ok with those. But how do I set the object policies? Am I right in thinking it's Players > Player ID > Policy > then add a policy for each character object to allow Read access by anyone? Does this set the same policy for all players who have those objects (which they are all assigned when they create an account)? Or is it only for the character objects of that specific player? If it's the latter, where do I set a policy for the whole game that states that any player can view information on any 'character1' object owned by any player?

unreal
4 comments
10 |1200

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

chorustempo avatar image chorustempo commented ·

Or if I add a global policy like the below:

{
                   
"Action": "Write", "Effect": "Allow", "Resource": "pfrn:data--*!*/Profile/Objects/Char1Info", "Principal": { "ChildOf": { "EntityType": "title", "EntityId": "(the game id)" } }, "Comment": "Only allow player to update info in their own object Char1Info", "Condition": null },
0 Likes 0 ·
chorustempo avatar image chorustempo commented ·

But then what do I write to allow players to update the information in object Char1Info... ?

0 Likes 0 ·
chorustempo avatar image chorustempo commented ·

It won't let me edit / delete the above comments!

It should have read 'if I add a global policy like the below, how do I allow players to update the information in in their own objects.

  {
    "Action": "Read",
    "Effect": "Allow",
    "Resource": "pfrn:data--*!*/Profile/Objects/Char1Info",
    "Principal": {
      "ChildOf": {
        "EntityType": "title",
        "EntityId": "(the game id)"
      }
    },
    "Comment": "Allow players to read info in object Char1Info for all players",
    "Condition": null
  },
0 Likes 0 ·
chorustempo avatar image chorustempo commented ·

Does the below policy look right (to allow players to edit their own object data)? Not sure where I need to add the 'SELF' bit.

  {
    "Action": "Write",
    "Effect": "Allow",
    "Resource": "pfrn:data--*!*/Profile/Objects/Char1Info/[SELF]",
    "Principal": {
      "ChildOf": {
        "EntityType": "title",
        "EntityId": "(my game id)",
      }
    },
    "Comment": "Allow player to update info in their own object Char1Info",
    "Condition": null
  },
0 Likes 0 ·
Gosen Gao avatar image
Gosen Gao answered

Your Policy to allow other players Read Objects is correct. But players have the permissions to Read and Write their own Objects by default, you don’t need to add a Policy for it.

10 |1200

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

chorustempo avatar image
chorustempo answered
@Gosen Gao

Does that apply to all data that the player has (so the client can write data to any object, item, key value that is their own)?

2 comments
10 |1200

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Gosen Gao avatar image Gosen Gao commented ·

By default, client doesn't have the permission to Write some key values such as Item, Statistic and Virtual Currency. Client also has limited access to Player Data, you can refer to Player Data - PlayFab | Microsoft Learn.

0 Likes 0 ·
chorustempo avatar image chorustempo Gosen Gao commented ·

ok, thank you :)

0 Likes 0 ·

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.