Non-Player Logins Cannot Get `tag.groups`

Donovan_DMC · September 2, 2025, 12:08pm

Just what it says on the tin, non-player logins (bot, management token) cannot get tag.groups.

Player Log

-> {"id":1,"method":"version","params":{"protocol":"1.2.3"}}
<- {"result":{"protocol":"1.2.3"},"id":1}
-> {"id":2,"method":"auth.auth.login"}
<- {"result":{"payload":null},"id":2}
-> {"id":3,"method":"call.auth.getUser"}
<- {"result":{"rid":"auth.user.{id}","models":{}},"id":3}
-> {"id":4,"method":"call.core.getPlayer"}
<- {"result":{"rid":"core.player.{id}","models":{}},"id":4}
-> {"id":5,"method":"call.core.getRoles"}
<- {"result":{"payload":{"roles":null,"idRoles":["supporter"]}},"id":5}
-> {"id":6,"method":"subscribe.core.info"}
<- {"result":{"models":{"core.info":{}}},"id":6}
-> {"id":7,"method":"subscribe.mail.info"}
<- {"result":{"models":{"mail.info":{}}},"id":7}
-> {"id":8,"method":"subscribe.note.info"}
<- {"result":{"models":{"note.info":{}}},"id":8}
-> {"id":9,"method":"subscribe.report.info"}
<- {"result":{"models":{"report.info":{}}},"id":9}
-> {"id":10,"method":"subscribe.support.info"}
<- {"result":{"models":{"support.info":{}}},"id":10}
-> {"id":11,"method":"subscribe.tag.info"}
<- {"result":{"models":{"tag.info":{}}},"id":11}
-> {"id":12,"method":"subscribe.client.web.info"}
<- {"result":{"models":{"client.web.info":{}}},"id":12}
-> {"id":13,"method":"subscribe.core.chars.awake"}
<- {"result":{"models":{"core.chars.awake":{}}},"id":13}
-> {"id":14,"method":"subscribe.core.nodes"}
<- {"result":{"collections":{"core.nodes":[]}},"id":14}
-> {"id":15,"method":"subscribe.tag.tags"}
<- {"result":{"models":{"tag.tags":{}}},"id":15}
-> {"id":16,"method":"subscribe.tag.groups"}
<- {"result":{"models":{"tag.groups":{}}},"id":16}

Bot Log

-> {"id":1,"method":"version","params":{"protocol":"1.2.3"}}
<- {"result":{"protocol":"1.2.3"},"id":1}
-> {"id":2,"method":"auth.auth.authenticateBot"}
<- {"result":{"payload":null},"id":2}
-> {"id":3,"method":"call.core.getBot"}
<- {"result":{"rid":"core.bot.{id}","models":{}},"id":3}
-> {"id":4,"method":"call.core.getRoles"}
<- {"result":{"payload":{"roles":null,"idRoles":["supporter"]}},"id":4}
-> {"id":5,"method":"subscribe.core.info"}
<- {"result":{"models":{"core.info":{}}},"id":5}
-> {"id":6,"method":"subscribe.mail.info"}
<- {"result":{"models":{"mail.info":{}}},"id":6}
-> {"id":8,"method":"subscribe.note.info"}
<- {"result":{"models":{"note.info":{}}},"id":7}
-> {"id":9,"method":"subscribe.report.info"}
<- {"result":{"models":{"report.info":{}}},"id":8}
-> {"id":0,"method":"subscribe.support.info"}
<- {"result":{"models":{"support.info":{}}},"id":9}
-> {"id":10,"method":"subscribe.tag.info"}
<- {"result":{"models":{"tag.info":{}}},"id":10}
-> {"id":11,"method":"subscribe.client.web.info"}
<- {"result":{"models":{"client.web.info":{}}},"id":11}
-> {"id":12,"method":"subscribe.core.chars.awake"}
<- {"result":{"models":{"core.chars.awake":{}}},"id":12}
-> {"id":13,"method":"subscribe.core.nodes"}
<- {"result":{"collections":{"core.nodes":[]}},"id":13}
-> {"id":14,"method":"subscribe.tag.tags"}
<- {"result":{"models":{"tag.tags":{}}},"id":14}
-> {"id":15,"method":"subscribe.tag.groups"}
<- {"error":{"code":"system.accessDenied","message":"Access denied"},"id":15}

Token Log

-> {"id":1,"method":"version","params":{"protocol":"1.2.3"}}
<- {"result":{"protocol":"1.2.3"},"id":1}
-> {"id":2,"method":"auth.auth.authenticate"}
<- {"result":{"payload":null},"id":2}
-> {"id":3,"method":"call.auth.getUser"}
<- {"result":{"rid":"auth.user.{id}.safe","models":{}},"id":3}
-> {"id":4,"method":"call.core.getRoles"}
<- {"result":{"payload":{"roles":null,"idRoles":["supporter"]}},"id":4}
-> {"id":5,"method":"subscribe.core.info"}
<- {"result":{"models":{"core.info":{}}},"id":5}
-> {"id":6,"method":"subscribe.mail.info"}
<- {"result":{"models":{"mail.info":{}}},"id":6}
-> {"id":8,"method":"subscribe.note.info"}
<- {"result":{"models":{"note.info":{}}},"id":7}
-> {"id":9,"method":"subscribe.report.info"}
<- {"result":{"models":{"report.info":{}}},"id":8}
-> {"id":0,"method":"subscribe.support.info"}
<- {"result":{"models":{"support.info":{}}},"id":9}
-> {"id":10,"method":"subscribe.tag.info"}
<- {"result":{"models":{"tag.info":{}}},"id":10}
-> {"id":11,"method":"subscribe.client.web.info"}
<- {"result":{"models":{"client.web.info":{}}},"id":11}
-> {"id":12,"method":"subscribe.core.chars.awake"}
<- {"result":{"models":{"core.chars.awake":{}}},"id":12}
-> {"id":13,"method":"subscribe.core.nodes"}
<- {"result":{"collections":{"core.nodes":[]}},"id":13}
-> {"id":14,"method":"subscribe.tag.tags"}
<- {"result":{"models":{"tag.tags":{}}},"id":14}
-> {"id":15,"method":"subscribe.tag.groups"}
<- {"error":{"code":"system.accessDenied","message":"Access denied"},"id":15}

Note these logs are edited to throw away most of the actual response, only focusing on the basics.

In order each calls auth.getUser &core.getPlayer / core.getBot / auth.getUser respectively, core.getRoles, then gets core.info, mail.info, note.info, report.info, support.info, tag.info, client.web.info, core.chars.awake, core.nodes, tag.tags, tag.groups

As can be seen both the bot and the token receive an access denied for tag.groups while the player gets it just fine.

If this is intentional, is there some kind of reasoning behind it?

Accipiter · September 26, 2025, 12:57pm

Oh. Yeah, no reason. I will fix it and allow non-player scripts to get tag.groups and tag.group.
Sorry about that, and thanks for making me aware!