See also: Detailed explanation of the permission system and Permission command-reference

Use the following commands to setup a members group and deny access basic features for guests:

/p global spawn here

/p group members create
/p group members prefix &r[&2MEMBER&r]

/p group _GUESTS_ prefix &r[&2GUEST&r]
/p group _GUESTS_ denydefault
/p group _GUESTS_ deny fe.commands.* fe.protection.break.* fe.protection.place.* fe.protection.interact.*
/p group _GUESTS_ allow fe.protection.interact.minecraft.stone_button.* fe.protection.interact.minecraft.wooden_button.* fe.protection.interact.minecraft.wooden_door.* fe.protection.interact.minecraft.lever.* fe.protection.interact.minecraft.trapdoor.*

/p user MyTestUser group set members

You can use minecraft formatting codes, just replace § with &.

/p global spawn here sets the global spawn.

/p group members create creates a server-group.

/p group members prefix &f[&2MEMBER&f] sets the chat prefix for our group with some color codes for formatting.

/p group _GUESTS_ prefix &f[&2GUEST&f] sets the chat prefix for the system-group _GUESTS_, which contains all players without any group.

/p group _GUESTS_ denydefault explicitly sets all default permissions for a GUESTS group. In detail, it means this: Every allowed active permission, inherited or othervise applicable, is explicitly allowed for the group. Every equally denied permission is explicitly denied. Everything else is denied. The permissions will be saved to the group config, i.e. after /feperm save or a server shutdown, and you will be able to edit them by hands. Do note that manual editing is not recommended, but sometimes necessary, when you make bulk changes. Don't forget to ensure that your backups are complete and ready to deploy.

/p group _GUESTS_ deny fe.commands.* fe.protection.break.* fe.protection.place.* fe.protection.interact.* denies default access to most destructive permissions to a group.

/p group _GUESTS_ allow fe.protection.interact.minecraft.stone_button.* fe.protection.interact.minecraft.wooden_button.* fe.protection.interact.minecraft.wooden_door.* fe.protection.interact.minecraft.lever.* fe.protection.interact.minecraft.trapdoor.* allows group interaction with buttons, levers and doors.

/p user MyTestUser group set members sets MyTestUser's group to members

• Command still says permission denied after giving it the correct permission node.
  • Check that you have FTBU installed and if so follow the FTBU comparability guide here

Permissions consist of nodes.
For example let's take the following permissions from FE:

fe.perm.group            # Allow basic access to groups (displays infos)
fe.perm.group.fix        # Allow setting group prefix / suffix
fe.perm.group.perms      # Allow modifying group permissions
fe.perm.group.spawn      # Allow setting group spawn

You can control access to all these permissions separately. Another way is to use the asterix wildcard on any parent node to control access to all child permissions.

To allow access to fe.perm.group, fe.perm.group.fix, fe.perm.group.perms and fe.perm.group.spawn you can use the permission fe.perm.group.*.

After starting the server, all known permissions are saved in the ./ForgeEssentials/ directory.

1. PermissionsList.txt contains all non-item, non-block permissions, such as those controlling access to various commands, server and mod facilities, as well as those affecting server behavior, such as mob spawn rules.
2. PermissionList_Items.txt contains all item-related pemissions, such as crafting, using, obtaining and the very existence of the items.
3. PermissionList_Blocks.txt is very much identical to PermissionList_Items.txt but contains block-related permissions, such as break, place and interact.

These files are updated each time the server starts and contain comments describing some of the permissions. If you have trouble providing or denying access to a particular function, first take a look at these files and see if you can find the permission you want to use there.

Permission-rules are always stored either player-based or group-based. To set permissions use the command
/p user <USER> allow|deny|clear <PERMISSON> for players or
/p group <GROUP> allow|deny|clear <PERMISSON> for groups or
/p global allow|deny|clear <PERMISSON> for global permissions (same as /p group _ALL_)

IMPORTANT NOTE:
The permission command fully supports TAB-completion - even for permission names.
For example you can type /p group _ALL_ allow fe.p, press TAB - and it will complete either fe.perm or fe.protection for you. After that you can type . and press TAB again, to get the sub-nodes of the node you selected.

Some permissions can also be set values.
That can be done with /p user|group <USER|GROUP> value <PERMISSION> <VALUE>.

You can set up rules that determine the prefix and suffix a player has on the server. This means the prefix/suffix of a player can change depending on where he currently is in the server. Example: /p group _GUEST_ prefix [GUEST] gives all guests (players in no other group) the prefix "[GUEST]"

For example you can create an area at spawn with /area define spawn and then set a prefix for all players in that region with /p group _ALL_ zone spawn value fe.internal.prefix [SPAWN].

Groups allow you to make management of permissions for many users easier. Players can belong to multiple groups at once. Groups with higher priority are checked first for permissions.

There exist three internal groups, that always exist:

• _ALL_ is the global group applying to all players (default priority 0)
• _GUEST_ is the group applying to all players that are in no group (default priority 10)
• _OPS_ is the group applying to all OPs on a server (default priority 50)

You can create new groups with /p group <GROUPNAME> create

You can use /p user <USER> group set|add|remove <group_name> to add or remove players from groups. You can view a player's current groups with /p user <USER> group.

You can include one groups permissions into another group.
To do this, use the /p group <GROUP> include add <GROUP> command.

If you include a group into another one, it's the same as if the player were added to the included group, too. That way you can also make any group the default group, for example members:

/p group _GUESTS_ include add members

That will make any permissions applied to members also apply to _GUESTS_.

Permission inheritance works recursively too. You could take this members group, and include it into a veterans group, and veterans would receive the permissions from both members and _GUESTS_, like so:

/p group _GUESTS_ include add members
/p group members include add veterans

You can check which groups a user has gained strictly without includes through /p user <player> group, and you can check their total group inheritance through /p user <player>

There exist three types of zones that can be used on a server:

• Server zone:
  The default zone that is used if no [ZONE] parameter is specified.
  Rules in this zone apply to all players on the whole server.
• World zone:
  World zones are automatically created for each world.
  Rules in this zone apply to players that are in the specified world (dimension).
• Area zone:
  Area are regions that can be created with /area define <NAME>.
  Rules in this zone apply only to players that are currently in the specified area.

All permission modification commands work on the server zone by default.
To change permissions for a specific zone only, you need to add a zone <zone> argument after the group or username.

/p user <user> <PERM-COMMAND>
/p user <user> zone <zone> <PERM-COMMAND>

/p group <group> <PERM-COMMAND>
/p group <group> zone <zone> <PERM-COMMAND>

For example /p group _ALL_ spawn here becomes /p group _ALL_ zone city spawn here to make the spawn-setting only affect players in the area named "city". Here is an example of area based spawning:
https://www.youtube.com/watch?v=rAxvH0OoE9E

You can find zones for your current position with /p list zones

It is possible to have FE deny all permissions by default by adding a rule * = false. However this WILL cause many other problems so we highly recommend you not to do that (and we will provide no support for people who do that).

Instead there is a new command which allows to automatically configure a group / user to deny permissions by default. This can be done with /p group _GUESTS_ denydefault or /p user dev denydefault for example.

This command will add the rule * = false, but at the same time adds all default granted permissions as well. This will prevent most possible problems and still provide the desired result.

After using the command (and using /p save) you should take a look at the permission file (e.g., world/FEData/permissions/groups/_GUESTS_.txt) and remove all permissions you don't want players of the group to have access to. After adjusting the permissions, you can load the new permissions with /p reload.

Areas are managed with the /area command. You can list areas with /area list [PAGE].

First you need to make a selection for the region. This can be done with worldedit if installed, or //fewand.

After that you can define an area with /area define <NAME> where <NAME> can be any identifier, that has not been used yet.

Areas can be changed with /area redefine <NAME> or deleted with /area delete <NAME>

You can set messages that are displayed for players that are entering or leaving any area with /area entry <AREA> <MESSAGE...> or /area exit <AREA> <MESSAGE...>.

Create a group "Members" and allow them to use the afk command and to be able to break / interact with blocks and entitys. After that add a player to the "Members" group.
Also assign a colored prefix to "Members" (see Minecraft Color Codes).

The root permission for the Protection module is fe.protection, and there are four subnodes: allowEdits, allowBlockInteractions, allowEntityInteractions and overrideProtection.

/p group Members create`  
/p group Members prefix set &f[&2Member&f]
/p group Members priority set 10
/p group Members allow fe.protection.allowEdits
/p group Members allow fe.protection.allowBlockInteractions
/p group Members allow fe.protection.allowEntityInteractions
/p group Members allow fe.commands.afk
/p group Members spawn here
/p user MyTestUser group set Members

To set Default Group Use The include Function.

/p group my_guest create
/p group GUESTS include add my_guest