<title>Access Condition System (ACS) | ENiGMA½ BBS Software</title>
<metaname="generator"content="Jekyll v4.2.1"/>
<metaproperty="og:title"content="Access Condition System (ACS)"/>
<metaproperty="og:locale"content="en_US"/>
<metaname="description"content="Access Condition System (ACS) ENiGMA½ uses an Access Condition System (ACS) that is both familiar to oldschool BBS operators and has it’s own style. With ACS, SysOp’s are able to control access to various areas of the system based on various conditions such as group membership, connection type, etc. Various touch points in the system are configured to allow for acs checks. In some cases ACS is a simple boolean check while others (via ACS blocks) allow to define what conditions must be true for certain rights such as read and write (though others exist as well)."/>
<metaproperty="og:description"content="Access Condition System (ACS) ENiGMA½ uses an Access Condition System (ACS) that is both familiar to oldschool BBS operators and has it’s own style. With ACS, SysOp’s are able to control access to various areas of the system based on various conditions such as group membership, connection type, etc. Various touch points in the system are configured to allow for acs checks. In some cases ACS is a simple boolean check while others (via ACS blocks) allow to define what conditions must be true for certain rights such as read and write (though others exist as well)."/>
{"datePublished":"2022-09-21T14:27:23+00:00","description":"Access Condition System (ACS) ENiGMA½ uses an Access Condition System (ACS) that is both familiar to oldschool BBS operators and has it’s own style. With ACS, SysOp’s are able to control access to various areas of the system based on various conditions such as group membership, connection type, etc. Various touch points in the system are configured to allow for acs checks. In some cases ACS is a simple boolean check while others (via ACS blocks) allow to define what conditions must be true for certain rights such as read and write (though others exist as well).","mainEntityOfPage":{"@type":"WebPage","@id":"/enigma-bbs/configuration/acs.html"},"url":"/enigma-bbs/configuration/acs.html","@type":"BlogPosting","publisher":{"@type":"Organization","logo":{"@type":"ImageObject","url":"/enigma-bbs/assets/images/enigma-logo.png"}},"headline":"Access Condition System (ACS)","dateModified":"2022-09-21T14:27:23+00:00","@context":"https://schema.org"}</script>
<h1class="page-title">Access Condition System (ACS)</h1>
<h2id="access-condition-system-acs">Access Condition System (ACS)</h2>
<p>ENiGMA½ uses an Access Condition System (ACS) that is both familiar to oldschool BBS operators and has it’s own style. With ACS, SysOp’s are able to control access to various areas of the system based on various conditions such as group membership, connection type, etc. Various touch points in the system are configured to allow for <codeclass="language-plaintext highlighter-rouge">acs</code> checks. In some cases ACS is a simple boolean check while others (via ACS blocks) allow to define what conditions must be true for certain <em>rights</em> such as <codeclass="language-plaintext highlighter-rouge">read</code> and <codeclass="language-plaintext highlighter-rouge">write</code> (though others exist as well).</p>
<h2id="acs-codes">ACS Codes</h2>
<p>The following are ACS codes available as of this writing:</p>
<table>
<thead>
<tr>
<th>Code</th>
<th>Condition</th>
</tr>
</thead>
<tbody>
<tr>
<td>LC</td>
<td>Connection is local</td>
</tr>
<tr>
<td>AG<i>age</i></td>
<td>User’s age is >= <em>age</em></td>
</tr>
<tr>
<td>AS<i>status</i>, AS[<em>status</em>,…]</td>
<td>User’s account status is <em>group</em> or one of [<em>group</em>,…]</td>
</tr>
<tr>
<td>EC<i>encoding</i></td>
<td>Terminal encoding is set to <em>encoding</em> where <codeclass="language-plaintext highlighter-rouge">0</code> is <codeclass="language-plaintext highlighter-rouge">CP437</code> and <codeclass="language-plaintext highlighter-rouge">1</code> is <codeclass="language-plaintext highlighter-rouge">UTF-8</code></td>
</tr>
<tr>
<td>GM[<em>group</em>,…]</td>
<td>User belongs to one of [<em>group</em>,…]</td>
</tr>
<tr>
<td>NN<i>node</i>, NN[<em>node</em>,…]</td>
<td>Current node is <em>node</em> or one of [<em>node</em>,…]</td>
</tr>
<tr>
<td>NP<i>posts</i></td>
<td>User’s number of message posts is >= <em>posts</em></td>
</tr>
<tr>
<td>NC<i>calls</i></td>
<td>User’s number of calls is >= <em>calls</em></td>
</tr>
<tr>
<td>SC</td>
<td>Connection is considered secure (SSL, secure WebSockets, etc.)</td>
</tr>
<tr>
<td>TH<i>height</i></td>
<td>Terminal height is >= <em>height</em></td>
</tr>
<tr>
<td>TW<i>width</i></td>
<td>Terminal width is >= <em>width</em></td>
</tr>
<tr>
<td>TM[<em>themeId</em>,…]</td>
<td>User’s current theme ID is one of [<em>themeId</em>,…] (e.g. <codeclass="language-plaintext highlighter-rouge">luciano_blocktronics</code>)</td>
</tr>
<tr>
<td>TT[<em>termType</em>,…]</td>
<td>User’s current terminal type is one of [<em>termType</em>,…] (<codeclass="language-plaintext highlighter-rouge">ANSI-BBS</code>, <codeclass="language-plaintext highlighter-rouge">utf8</code>, <codeclass="language-plaintext highlighter-rouge">xterm</code>, etc.)</td>
</tr>
<tr>
<td>ID<i>id</i>, ID[<em>id</em>,…]</td>
<td>User’s ID is <em>id</em> or oen of [<em>id</em>,…]</td>
</tr>
<tr>
<td>WD<i>weekDay</i>, WD[<em>weekDay</em>,…]</td>
<td>Current day of week is <em>weekDay</em> or one of [<em>weekDay</em>,…] where <codeclass="language-plaintext highlighter-rouge">0</code> is Sunday, <codeclass="language-plaintext highlighter-rouge">1</code> is Monday, and so on.</td>
</tr>
<tr>
<td>AA<i>days</i></td>
<td>Account is >= <em>days</em> old</td>
</tr>
<tr>
<td>BU<i>bytes</i></td>
<td>User has uploaded >= <em>bytes</em></td>
</tr>
<tr>
<td>UP<i>uploads</i></td>
<td>User has uploaded >= <em>uploads</em> files</td>
</tr>
<tr>
<td>BD<i>bytes</i></td>
<td>User has downloaded >= <em>bytes</em></td>
</tr>
<tr>
<td>DL<i>downloads</i></td>
<td>User has downloaded >= <em>downloads</em> files</td>
</tr>
<tr>
<td>NR<i>ratio</i></td>
<td>User has upload/download count ratio >= <em>ratio</em></td>
</tr>
<tr>
<td>KR<i>ratio</i></td>
<td>User has a upload/download byte ratio >= <em>ratio</em></td>
</tr>
<tr>
<td>PC<i>ratio</i></td>
<td>User has a post/call ratio >= <em>ratio</em></td>
</tr>
<tr>
<td>MM<i>minutes</i></td>
<td>It is currently >= <em>minutes</em> past midnight (system time)</td>
</tr>
<tr>
<td>AC<i>achievementCount</i></td>
<td>User has >= <em>achievementCount</em> achievements</td>
</tr>
<tr>
<td>AP<i>achievementPoints</i></td>
<td>User has >= <em>achievementPoints</em> achievement points</td>
</tr>
<tr>
<td>AF<i>authFactor</i></td>
<td>User’s current <em>Authentication Factor</em> is >= <em>authFactor</em>. Authentication factor 1 refers to username + password (or PubKey) while factor 2 refers to 2FA such as One-Time-Password authentication.</td>
</tr>
<tr>
<td>AR<i>authFactorReq</i></td>
<td>Current user <strong>requires</strong> an Authentication Factor >= <em>authFactorReq</em></td>
</tr>
<tr>
<td>PV[<em>name,_value</em>]</td>
<td>Checks that the property by <em>name</em> for the current user is exactly <em>value</em>. This ACS allows arbitrary user property values to be checked. For example, <codeclass="language-plaintext highlighter-rouge">PV[message_conf,local]</code> checks that the user is currently in the “local” message conference.</td>
</tr>
</tbody>
</table>
<h2id="acs-strings">ACS Strings</h2>
<p>ACS strings are one or more ACS codes in addition to some basic language semantics.</p>
<p>The following logical operators are supported:</p>
<li><codeclass="language-plaintext highlighter-rouge">&</code> AND (this is the default)</li>
</ul>
<p>ENiGMA½ also supports groupings using <codeclass="language-plaintext highlighter-rouge">(</code> and <codeclass="language-plaintext highlighter-rouge">)</code>. Lastly, some ACS codes allow for lists of acceptable values using <codeclass="language-plaintext highlighter-rouge">[</code> and <codeclass="language-plaintext highlighter-rouge">]</code> — for example, <codeclass="language-plaintext highlighter-rouge">GM[users,sysops]</code>.</p>
<li><codeclass="language-plaintext highlighter-rouge">NC2</code>: User must have called two more more times for the check to return true (to pass)</li>
<li><codeclass="language-plaintext highlighter-rouge">ID1</code>: User must be ID 1 (the +op)</li>
<li><codeclass="language-plaintext highlighter-rouge">GM[elite,power]</code>: User must be a member of the <codeclass="language-plaintext highlighter-rouge">elite</code> or <codeclass="language-plaintext highlighter-rouge">power</code> user group (they could be both)</li>
<li><codeclass="language-plaintext highlighter-rouge">ID1|GM[co-op]</code>: User must be ID 1 (SysOp!) or belong to the <codeclass="language-plaintext highlighter-rouge">co-op</code> group</li>
<li><codeclass="language-plaintext highlighter-rouge">!TH24</code>: Terminal height must NOT be 24</li>
</ul>
<h2id="acs-blocks">ACS Blocks</h2>
<p>Some areas of the system require more than a single ACS string. In these situations an <em>ACS block</em> is used to allow for finer grain control. As an example, consider the following file area <codeclass="language-plaintext highlighter-rouge">acs</code> block:</p>
<pre><codeclass="language-hjson">acs: {
read: GM[users]
write: GM[sysops,co-ops]
download: GM[elite-users]
}
</code></pre>
<p>All <codeclass="language-plaintext highlighter-rouge">users</code> can read (see) the area, <codeclass="language-plaintext highlighter-rouge">sysops</code> and <codeclass="language-plaintext highlighter-rouge">co-ops</code> can write (upload), and only members of the <codeclass="language-plaintext highlighter-rouge">elite-users</code> group can download.</p>
<h2id="acs-touch-points">ACS Touch Points</h2>
<p>The following touch points exist in the system. Many more are planned:</p>
<ul>
<li><ahref="/enigma-bbs/messageareas/configuring-a-message-area.html">Message conferences and areas</a></li>
<li><ahref="/enigma-bbs/filebase/first-file-area.html">File base areas</a> and <ahref="/enigma-bbs/filebase/uploads.html">Uploads</a></li>
<li>Menus within <ahref="/enigma-bbs/configuration/menu-hjson.html">Menu HJSON (menu.hjson)</a></li>
</ul>
<p>See the specific areas documentation for information on available ACS checks.</p>