Get SpatialOS

Sites

Menu

Worker permissions

You can configure which types of worker are permitted to create and delete entities. There is also a permission for entity queries (Unity, C++, C#, Java).

This configuration is set for each worker type in the launch configuration file, in the permissions field:

...
"workers": [
  {
    "worker_type": "my_worker",
    "permissions": [{
       // permissions go here
    }]
  }
]
...

All of the permissions described below are optional - if a permission is not included, it defaults to disallowed.

On this page:

Entity creation

This permission enables a worker to create new entities.

"permissions": [{
  ...
  "entity_creation": {
    "allow": true
  }
  ...
}]

If omitted entirely, the permission defaults to disallowed, but you can also set the allow field to false to be explicit.

Entity deletion

This permission enables a worker to delete existing entities.

"permissions": [{
  ...
  "entity_deletion": {
    "allow": true
  }
  ...
}]

If omitted entirely, the permission defaults to disallowed, but you can also set the allow field to false to be explicit.

Entity queries

This permission controls what components can be returned from entity queries performed by the worker. If an entity query specifies other components to be returned then the query will fail.

"permissions": [{
  ...
  "entity_query": {
    "allow": true,
    "components": [
      ...
    ]
  }
  ...
}]

If omitted entirely, the permission defaults to disallowed, but you can also set the allow field to false to be explicit.

The components array specifies which components can be returned in the query result:

  • if it consists of the single value "*", any set of components can be requested. This is the only way to allow entity queries that request a full snapshot of all components

    "components": [
      "*"
    ]
    
  • if it is either empty or omitted entirely, the worker can only request the entity IDs or the total count of entities

    "components": []
    
  • otherwise, it consists of a list of fully qualified component names, and only those components appearing in the list can be requested

    "components": [
    "your.project.SomeComponent",
    "your.project.OtherComponent"
    ]
    

All permissions

This was the only permission available in version 9, and continues to work. It is equivalent to allowing all other permissions (and in the case of entity queries, allowing all components).

"permissions": [{
  "all": {}
}]

You can also include the other permissions described above in conjunction with the all permission to disallow them on a case-by-case basis.

Complete example

"permissions": [{
    "entity_creation": {
        "allow": true
    },
    "entity_deletion": {
        "allow": true
    },
    "entity_query": {
        "allow": true,
        "components": [
            "your.project.SomeComponent",
            "your.project.OtherComponent"
        ]
    }
}]

Was this page helpful?

Thanks for letting us know!

Thanks for your feedback

Need more help? Ask on the forums