Setting Permissions
Understanding ACE Permissions
ACE (Access Control Entry) is the built-in permissions system provided by CFX. It works like a tree structure:
- Aces: The main permission nodes
- Principals: Branches that inherit permissions from aces
Identifier Types
You can use different types of identifiers to assign permissions:
- FiveM ID
- Rockstar license (used by VORP)
- Discord ID
You can find player identifiers in your txAdmin web panel.
Configuration Files
perms.cfg
Located in the server-data folder, this file controls basic server permissions:
cfg
# Default admin permissions
add_ace group.admin command allow # allow all commands
add_ace group.admin command.quit deny # but don't allow quit
# Add admins using their identifiers
#add_principal identifier.discord:xxxx group.admin
#add_principal identifier.steam:11000014 group.admin
#add_principal identifier.steam:xxxxxxxx group.moderatorvorp_perms.cfg
Located in the server-data folder, this file controls VORP-specific permissions:
cfg
# Note: Admins with ACE permissions have all permissions by default
# This file is mainly for staff permissions
# Admin group example
#add_principal identifier.steam:xxxxxxxxx group.admin
# Moderator group example
#add_principal identifier.steam:xxxxxxxxx group.moderatorIn-Game Permission Management
Players with ACE permissions can manage other players' permissions using:
/addGroup [ID] [group]: Assign a group to a player Example:/addGroup 1 adminor/addGroup 1 mod
Best Practices
- Always use comments to document what permissions are for
- Keep a backup of your permission files
- Regularly audit who has admin access
- Test permissions after making changes
- Use the most specific permission level needed