zPermissions — A Superperms plugin for Bukkit

zPermissions is primarily an SQL database-backed Superperms (aka Bukkit permissions) implementation. It also supports flat-file storage. Notable features are: multi-world support, ranks with multiple tracks/ladders, group inheritance of arbitrary depth (within reason), and optional region-specific permissions using WorldGuard regions, Residence residences, or Factions territories.

There is no built-in build protection (I rely on other plugins for that). zPermissions focuses on permissions and only permissions.

I aim to keep zPermissions a simple, yet feature-rich, Superperms provider.

Please post bugs and/or feature requests as dev.bukkit.org tickets. But before doing so, please check the known issues as well as the FAQ.

[ Quick start documentation | For Server Admins | FAQ | More documentation below! ]

zPermissions currently does not support UUIDs. However, support is planned for the 1.3 release. Testers wanted! See this comment for details.


  • A variety of storage options, from SQL to flat-file. Uses Bukkit database to store permissions (i.e. settings in bukkit.yml). Should work with most databases supported by Avaje Ebean — I've specifically tested with PostgreSQL, MySQL, and H2. The default Bukkit database, SQLite, is not supported. zPermissions will automatically fall back to flat-file storage if it is used.

  • Group inheritance. Groups may inherit permissions from a multiple parent groups.

  • Players may be members of more than one group. The order of which group permissions are applied is well defined and based on group weight (which is configurable, of course).

  • Multi-world support. Permissions granted to players and groups may be associated with a specific world.

  • Optional region support. Permissions may also be associated with WorldGuard regions or Residence residences.

  • Multiple promotion tracks! Using permissions, you can also limit who can promote/demote others and which tracks they may use. In addition, each player may be promoted/demoted along multiple tracks.

  • Short-term temporary permissions. Give a player a permission node that lasts anywhere from a few seconds to a few minutes.

  • Temporary group assignments. Assign a group to a player and have their membership expire after 1 day... a few months... or a year! Whatever duration you want.

  • Players and groups can be assigned chat prefixes and suffixes. A Vault-compatible chat-formatting plugin is still required, like Herochat, zChat, etc.

  • API. zPermissions offers a comprehensive read-only API that other plugins can use. (Though I would recommend coding against Vault instead.)

  • Metadata support. Players and groups may have arbitrary metadata associated with them. Metadata values may be strings, integers, reals (floating point), and booleans. Metadata may be queried via the native API or Vault Chat API.

  • Automatic group permissions. With the advent of Superperms/Bukkit permissions, the recommended way of testing group membership is by using permissions. zPermissions can automatically set a permission based on the group's name for each group. By default, this configurable permission is group.<groupname> (compatible out-of-the-box with WorldEdit and WorldGuard!).

  • Re-assignable default group. The default group (the group assigned to players who have not been explicitly placed into any groups) is named default. This may be changed.


  • Groups are "universal" — across all worlds. There are no plans to introduce world-specific groups.

  • However, players and groups may have world-specific and/or region-specific permissions. These permissions are only in effect when the player is in that particular world and/or region.

  • There are 4 "levels" of permissions: universal, world-specific, region-specific, and finally region- and world-specific. The most general permissions are applied first, with all group permissions applied first finally followed by player permissions:

    1. Universal group permissions
    2. World-specific group permissions
    3. Region-specific group permissions
    4. Region- and world-specific group permissions
    5. Universal player permissions
    6. World-specific player permissions
    7. Region-specific player permissions
    8. Region- and world-specific player permissions
  • Players may be members of multiple groups. Groups may be assigned a weight — a higher weight means the group is applied later so it overrides earlier groups. Groups with the same weight are applied alphabetically.

  • Groups may inherit from one or more parent groups. A group's parents are applied in reverse order so that a group's first parent overrides all subsequent parents.

Installation & Usage

Put zPermissions.jar in your server's plugins directory. Start up your server. This will create the file config.yml in your server's plugins/zPermissions directory. You may want to edit this file to set your default group and default track. You may also want to create your tracks.

Type /permissions to get started. (/perm or /p may also work, if those aliases are available.)

The permission nodes in the get, set, and unset sub-commands may be specified as:

  • <permission> — An unqualified permission node applies to all worlds and all regions.
  • <world>:<permission> — To make a permission world-specific, prefix it with the world name followed by a colon.
  • <region>/<permission> — To make a permission region-specific, prefix it with the region name followed by a slash.
  • <region>/<world>:<permission> — You may also make a permission both region- and world-specific by combining the two qualifiers. For now, the region qualifier must always come first.

The rank commands are /promote, /demote, /setrank, and /unsetrank and will normally broadcast changes to all admins. The rank commands have an option -q to operate silently, e.g. when being called by automated processes. They will, however, still log their actions to the server log for security audit purposes. Opposite of -q, they will also take -Q which causes the rank commands to broadcast changes to all users.

More Documentation

License & Source

zPermissions is released under the Apache License, Version 2.0.

Sources may be found on GitHub:

Development builds of this project can be acquired at the provided continuous integration server.
These builds have not been approved by the BukkitDev staff. Use them at your own risk.

To Do

  • More extensive unit tests, especially on the service interface.
  • Better organized docs.

You must login to post a comment. Don't have an account? Register to get one!

  • Avatar of KingOfHunting KingOfHunting Apr 15, 2014 at 22:39 UTC - 0 likes

    @ZerothAngel: Go

    I hope nothings goes wrong with this.. Thank you for being so active in this plugin.

  • Avatar of ZerothAngel ZerothAngel Apr 15, 2014 at 14:39 UTC - 0 likes

    @KingOfHunting: Go

    Definitely before Mojang enables renaming, which they've said won't happen until after they release 1.8 at the earliest. Otherwise you'll have to deal with renamed users manually (e.g. the player..rename command) and hope that your privileged users that do change their name don't get their old name swiped. (Might or might not be possible, haven't heard details from Mojang yet.)

    I plan to submit a 1.3 beta version in a week or two. I'm waiting for Mojang & Bukkit's side to stabilize a bit more. (Mojang changed things up less than 24 hours ago...)

    Last edited Apr 15, 2014 by ZerothAngel


  • Avatar of KingOfHunting KingOfHunting Apr 15, 2014 at 13:47 UTC - 0 likes

    @ZerothAngel: Go

    When will normal users need to update to these UUID builds? Will we need to do it before Bukkit / Spigot updates to 1.8?

  • Avatar of ZerothAngel ZerothAngel Apr 15, 2014 at 02:59 UTC - 0 likes

    For those testing (or wanting to test) the UUID build: Mojang updated their profiles web API. I recommend you move to zPermissions-standalone build #513+, otherwise you might see many migration failures.

  • Avatar of Iwitrag Iwitrag Apr 14, 2014 at 08:45 UTC - 0 likes

    I have an important question:

    Is it possible to auto-add group to a player when in specified world(s) ??

    Why do I need it?

    Well, actually it's not possible to enable faction prefix only in certain world(s) - only globaly. But with that feature it would be possible!

    I'm using essentials chat and it's possible to set chat-format per group, which means, that if I assign new group called "Factions" with high priority to all players in factions world, it would give them faction prefixes when in this world!

  • Avatar of Zombieghost_391 Zombieghost_391 Apr 14, 2014 at 04:58 UTC - 0 likes

    Im Having trouble with prefixs help they are not showing up for players or groups and i have zchat and vault

  • Avatar of ZerothAngel ZerothAngel Apr 14, 2014 at 01:55 UTC - 0 likes

    @DanSpedey: Go

    It just the /perm group..set and /perm player..set commands like usual, but with a special format for the permission node. See the "Installation & Usage" section above.

  • Avatar of DanSpedey DanSpedey Apr 14, 2014 at 00:22 UTC - 0 likes

    Whats the command to allow users to have certain permissions in certain worlds?


  • Avatar of KingOfHunting KingOfHunting Apr 13, 2014 at 22:52 UTC - 0 likes

    @ZerothAngel: Go

    Ok, thanks for your help. For the rankup thing, I decided to leave those plugins that do not work with multiple tracks but instead I am now using "Command Signs" plugin that allows you to set commands and a lot of other things to a sign.

    Sorry for the time I made you spend.

  • Avatar of ZerothAngel ZerothAngel Apr 13, 2014 at 20:28 UTC - 0 likes

    @KingOfHunting: Go

    For your first question: If you mean change the default-group option in config.yml, then yes that should happen automatically for any player who hasn't been explicitly assigned a group (including 'Member'). Note, not sure if a /perm reload is enough to recognize the option or if a full restart is needed.

    2nd question: If they don't switch over automatically, then deleting the 'Member' group should work. Alternatively, you could /perm group Member purge -m - the "-m" option means to only purge memberships.

    Anyway, if you have any more issues, please open a ticket. We've spammed the general comments quite a bit now and my UUID testing comment is now on the 2nd page. ;)


Date created
Sep 13, 2011
Last update
Apr 08, 2014
Development stage
  • enUS
Apache License version 2.0
Curse link
Recent files
  • R: 1.2a for CB 1.7.2-R0.3 Apr 08, 2014
  • R: 1.1.1 for CB 1.7.2-R0.2 Jan 09, 2014
  • R: 1.1 for 1.6.4 Oct 06, 2013
  • R: 1.0.1a for 1.6.2 Jul 29, 2013
  • R: 1.0 for 1.6.1 Jun 15, 2013



Optional dependency