Access Control Lists (ACLs) feature for hosted games
Disabled by default, the hoster of a multiplayer game can enable an ACL feature that controls access to features by network users, specifically the features of joining, chatting, map flaring, and joining as an observer after the game has started.
The hoster creates groups of users and assigns permissions to those groups with ACL rules. The rules are processed in numerical order, and higher-numbered rules override lower-numbered rules. This allows use of broad rules followed by progressively more detailed rules.
If the host enables ACLs and password protection of the server then clients must pass both checks, in that order. The host's IP is not given to any client that does not pass the required checks.
Example ACL configuration
Note: for now, use the console command Engine.ConfigDB_CreateAndSaveValue to configure ACLs, or edit user.cfg while 0ad is not running. Replace the value of group2.members with a comma-separated list of users that will be denied access.
acls.server.acl1.group = "@all"
acls.server.acl1.rule = "allow allunprivperms"
acls.server.acl2.group = "group2"
acls.groups.group2.members = "[INSERT USERNAMES HERE]"
acls.server.acl2.rule = "deny join chat mapflare observerlate"
(then click Options, Networking/Lobby, and enable the ACLs checkbox.)
(then host a game, and enable ACLs during configuration of the network port, etc.)
Example console command to configure one of the variables:
Engine.ConfigDB_CreateAndSaveValue ("user", "acls.server.acl2.rule", "deny join chat mapflare observerlate");
This diff would benefit from CModerationResponse from D4871, especially for client-side translation of notification to a user that their chat messages or map flares were blocked due to ACLs. This diff is not currently designed to apply cleanly at the same time as D4871.
Based on svn r27624