Vanilla Permissions
Adds permission checks into vanilla, to allow for full permission customization
Vanilla Permissions
This mod adds permission checks into vanilla, to allow for full permission customization.
- You need to have a permissions mod installed. (e.g. LuckPerms) (Any permission provider mod that supports fabric-permissions-api is also supported.)
Permissions
| Permission | Description |
|---|---|
minecraft.adminbroadcast.receive | Receive command feedback |
minecraft.bypass.spawn-protection | Build inside spawn protection |
minecraft.bypass.force-gamemode | Bypass forced gamemode |
minecraft.bypass.move-speed.player | Bypass "Player moved too fast" |
minecraft.bypass.move-speed.vehicle.<entity> | Bypass "Player moved too fast", while riding an entity (e.g minecraft.boat) |
minecraft.bypass.chat-speed | Bypass chat kick, when sending messages / commands to quick |
minecraft.bypass.whitelist | Bypass server whitelist |
minecraft.bypass.player-limit | Bypass server player limit |
minecraft.command.<command> | Command permissions, see commands for more information |
minecraft.debug_stick.use.<block> | Use debug stick on block (e.g. minecraft.oak_trapdoor) |
minecraft.debug_chart | View debug chart |
minecraft.<query/load>.<entity/block> | Place blocks with nbt data and use debug commands |
minecraft.operator_block.<command_block/jigsaw/structure_block>.<place/view/edit/break> | Place, view, edit and break operator blocks. |
minecraft.selector | Use entity selectors in commands |
minecraft.selector.entity.<selector> | Allow selecting non-player entities using the selector |
minecraft.selector.player.<selector> | Allow selecting nonself players using the selector |
minecraft.selector.self.<selector> | Allow selecting self using the selector |
Meta
Also sometimes referred to as "options" or "variables".
Incorrect types are considered undefined values.
| Meta | Type | Description |
|---|---|---|
minecraft.selector.limit.<selector> | Integer | Limit the maximum number of entities that can be selected using the selector |
minecraft.selector.weight.<selector> | Integer | Selector weight, see selection weight for more infomation |
Commands
This mod uses Brigadier's node-based permission system. Each command is made up of multiple nodes, and each node has its own permission.
For example, the /gamemode command:
- The root command node (
/gamemode) requires minecraft.command.gamemode. - Sub-nodes like
survival,creative, etc., useminecraft.command.gamemode.survival,minecraft.command.gamemode.creative, and so on.
In vanilla Minecraft, only the root node has a permission check (e.g. OP level 2). Once a player has access to that root node, all sub-nodes are considered unlocked by default.
If you want finer control, you can manually restrict sub-nodes by denying their specific permissions.
Example
Allow:
minecraft.command.gamemode
Deny:
minecraft.command.gamemode.creative
minecraft.command.gamemode.spectator
This allows players to use /gamemode but restricts them to only the allowed sub-options
(e.g., survival and adventure).
For other commands, see Syntax section of each command's Minecraft Wiki page.
Selectors
Command blocks and datapacks bypass all selector permission checks.
By default, granting minecraft.selector allows players to use any selector in commands they have access to.
Fine-grained permission control operates as follows. Note that this mod restricts based on selection results, not
raw selector syntax. Using player names, UUIDs, or selectors like @e are equivalent if they produce identical
results.
Value of <selector>
The <selector> string follows the format: <command_name>.<selector_name>.<subsequent_arguments> where:
<command_name>is the root command name<selector_name>matches the argument name in the command's Arguments section on Minecraft Wiki<subsequent_arguments>traces the command's argument hierarchy after the selector
For example, in the /teleport command:
<targets>and<destination>are valid selector names (they areentityselectors)- Subsequent arguments form the remainder of the path
Most selectors are entity selectors, which is supported.
For a complete support list, see below.
Example
| Command | Syntax (See Minecraft Wiki) | Selector to Control | <selector> Construction |
|---|---|---|---|
/teleport @e @s | teleport <targets> <destination> | @e | teleport.targets.targets.destination |
/teleport @e @s | teleport <targets> <destination> | @s | teleport.destination.targets.destination |
/teleport @e ~ ~ ~ | teleport <targets> <location> | @e | teleport.targets.targets.location |
Wildcard Support
Selector permissions can be lengthy. Luckily you can use wildcards, like teleport.* to cover all teleport command
selectors.
However, Luckperms doesn't support wildcard for metadata. You could install this mod to enable it.
Scope Control
Use these permissions to define selector scope:
minecraft.selector.entity.<selector>minecraft.selector.player.<selector>minecraft.selector.self.<selector>
Commands fail if a player attempts to select unauthorized entities. All three scopes (that is, minecraft.selector.*)
are allowed by default.
Simple Example
Allow:
minecraft.command.waypoint
minecraft.selector
Deny:
minecraft.selector.player.waypoint.*
minecraft.selector.entity.waypoint.*
Players modify only their own waypoints.
Complex Example
Allow:
minecraft.command.teleport # /teleport
minecraft.selector # All selectors
minecraft.selector.player.teleport.destination.destination #1
minecraft.selector.entity.teleport.destination.destination #2
minecraft.selector.entity.teleport.targets.targets.destination #3
minecraft.selector.player.teleport.facingEntity.* #4
Deny:
minecraft.selector.player.teleport.* #6
minecraft.selector.entity.* #5
minecraft.selector.self.teleport.facingEntity.* #7
Command Behavior:
| Command | Self | Nonself Players | Non-player Entities | Resulting Behavior |
|---|---|---|---|---|
/teleport <destination> | <destination> allowed by default | <destination> allowed by #𝟏 | <destination> allowed by #𝟐 | Teleport to any entity |
/teleport <targets> <destination> | <targets> allowed by default<destination> allowed by default | <targets> denied by #𝟓<destination> denied by #𝟓 | <targets> allowed by #𝟑<destination> denied by #𝟔 | Only teleport non-player entities to self |
/teleport <location> | (No selectors) | - | - | Unrestricted position teleport |
/teleport <targets> <location> | <targets> allowed by default | <targets> denied by #𝟓 | <targets> denied by #𝟔 | Only teleport self to positions |
/teleport <targets> <location> facing entity <facingEntity> | <targets> allowed by default<facingEntity> denied by #𝟕 | <targets> denied by #𝟓<facingEntity> allowed by #𝟒 | <targets> denied by #𝟔<facingEntity> denied by #𝟔 | Teleport self to positions while facing nonself players |
Entity Limit
Set meta minecraft.selector.limit.<selector> to restrict the maximum number of entities selectable via a
given selector.
No limit is applied if this meta is unset.
Selection Weight
Controlled by meta minecraft.selector.weight.<selector>.
Entities without weight settings can always select any target and be selected by any selector. When both entities have
weight values, a selector can only select targets whose weight is less than or equal to its own.
Example
You need to install this mod first.
# Global permissions
Allow:
minecraft.command.gamemode
minecraft.selector
# Player-specific metadata
Player1: minecraft.selector.weight.gamemode.* = 7
Player2: minecraft.selector.weight.gamemode.* = -1
Player3: minecraft.selector.weight.gamemode.* = 7
Player4: (no weight set)
| Player | Can modify gamemode of | Reason |
|---|---|---|
| Player1 | All players | Weight ($7$) ≥ all others' weights |
| Player2 | Only Player2 and Player4 | Weight ($-1$) < Player1/Player3 ($7$) No weight restriction for Player4 |
| Player3 | All players | Weight ($7$) ≥ all others' weights |
| Player4 | All players | No weight restriction → unrestricted access |
Status
The following list shows which selectors can use fine-grained permissions:
-
/ban-ip: Not supported -
entity: Fully supported -
game_profile: Selection Weight for offline players not supported in Minecraft < 1.21.6. Others fully supported -
message: Not supported -
score_holder: Only Entity Limit supported
Quality of Life
Server Side
If the mod is installed server-side, it will make clients think they're OP. This allows players with appropriate permissions to place operator blocks and access the gamemode switcher menu.
Execute Command
- Includes another condition:
/execute if permission <entity> <permission>to allow datapacks to check permissions (e.g./execute if permission @s group.admin run say I am an admin) -
Modifiers
- The
feedbackmodifier/execute feedback [silent | console]or/execute feedback entity <entity>is used to silence, or redirect command feedback (e.g./execute feedback silent run gamemode creative) - The
oplevelmodifier/execute oplevel <level>or/execute oplevel <targets>can be used to reduce the op permission level of the command source context, this can be useful if you want to run a command as a user (from functions or console), but want bypass permissions to work (e.g./execute as DrexHD oplevel entity @s run rtp, this will use the op level of the playerDrexHDinstead of the actual command executor for checking permissions likertp.bypass)
- The
Client Side
If the mod is installed on the client, the gamemode switcher can also be accessed, if the player has access to the command, but isn't OP (useful for spigot-based servers)!
