I am interested in learning more about the permissions system in TS2. Specifically, how do the different permissions stack.

For example, if a registered user has persmission to create a registered channel, and an anon user does not, How does the channel admin access affect the user? if the channel admin does not have permission to create a registered channel, does the "no" disable a registered users ability to create a registered channel? or does "no" mean it defaults to what they have as their normal status?

Or, so the permisions stack at all?

I'd like to set up my server so that registered users can do more than anon users, and I'm aware that as a user creates a channel, they become CA for that channel only. So, I'm under the impression that the permissions system stacks, and I'm guessing that permissions set to NO actually pass through to the lower permission, but I haven't tested it.

The permission tree is confusing. Also, what is the technical difference between an operator, and a channel admin? What are their expected roles?

I understand that it is a good idea to set it so that Server admins cannot grant server admin status to other users, so that only the Superadmin can set a user as a server admin. When that is set, can server admin only be set from the web console?

Thanks for any answers...

Permissions do not stack, you specify permissions for each group individually. If you were to give channel admins permissions to promote server admins it would work. Likewise if you were to remove all permissions from server admins then they would not be able to do anything.

Well, what I mean is this...

Let's say an anon user connects, and joins a channel. The channel admin grants that user operator status.

Anon user does not have privledge for "Send text to own channel"
Registered user does have privledge for "Send text to own channel"
Operator does not have privledge for "Send text to own channel"

Obviously, the anon user who becomes an op will not have "Send text to own channel".

Now, let's say a registered user connects, and joins the channel. He does have "Send text to own channel", since he's a registered user. When the CA makes him an OP, does he loose his privledge to send to own channel? or does the privledge pass-through and he still has the privledge because he's still a registered user?

Now, is operator status did have "Send text to own channel", then I would expect that either an anon user or a registered user would have "Send text to own channel" privledge after being given Operator rights.

So, that's what my question was - do the rights stack/pass-through? or do they replace?


Also, I notice that alot of privledges aren't listed for certain statuses. For example, a Registered user can have privledge to "Send text to All channels", but a CA doesn't have that privledge at all. Does that mean that those stack/pass-through? Does a registered user who is a channel admin (in their own channel) still have the privledge to "Send text to all channels"?

They replace in that respect. Each group has their own set of permissions within the teamspeak server. It all depends on what you set in the Admin console.

So, then, in the above example, if a registered user has "Send text to own channel", and then they are granted OP status, they can no longer send text to own channel...

ok, at least i know how it behaves.

Privileges "stack" in a manner of speaking. There are group-based privileges that you attain for being unregistered or registered (R, U). Then there are per-user attributes that are server-wide (SA) or channel-wide (CA, OP, V and sticky which has no visible flag in the client).

The basic privileges of a user are determined by his group-based privileges. Then channel-wide privileges are taken into account and lastly server-wide privileges.
I'm not quite sure what happens with clashing privileges (for example SendTextToChannel for SA and Registered), but I think later privileges overwrite, meaning if Registered has SendTextToChannel and SA doesn't then people who have SA can't send text to the channel they're in.

Well, whatever, I think that should be sufficient information so you can just try it out.