Permissions

Corrade permissions are an ACL system to limit groups to a subset of Corrade's functionality. In other words, they are meant to protect Corrade from its configured groups. For example, you may not want that a group be able to change the bot's profile description or modify its picks and in that case, you would not give the grooming permission to a configured group. Most Corrade commands are sorted to require certain permissions and by looking-up the command on the API page, you can determine what permissions are required for a set of commands. In the table below we explain in general terms what a permission is meant for.

Permissions	Description	Commands
bridge	The `bridge` permission is required in order to perform outbound calls such as HTTP requests or subscribe to an MQTT server.	http, mqtt
directory	Any group that is able to search directory services (land sales, scheduled events, people and group search, etc…) needs the `directory` permission enabled.	directoryquery, directorysearch
economy	Granted the `economy` permission, groups will have the ability to use Corrade's L$ balance which includes, paying other avatars and buying items.	addclassified, creategroup, getbalance, importxml, parcelbuy, pay, primitivebuy, replytogroupinvite, replytoscriptpermissionrequest, upload
execute	In order to be able to execute commands on the machine that Corrade is hosted on, groups need the `execute` permission. Note that this command is dangerous because it would allow any group to execute any command on the host machine with the same privileges as the account that Corrade runs under.	execute
friendship	All the commands that deal with friendship requests, either received, being sent by the bot or generally querying the friends list require the `friendship` permission.	getfrienddata, getfriendshiprequests, getfriendslist, grantfriendrights, mapfriend, offerfriendship, replytofriendshiprequest, terminatefriendship
grooming	The `grooming` permission can be granted to groups that are allowed to change the in-world profile or appearance of Corrade.	activate, addclassified, addpick, addtorole, agentaccess, animation, attach, avatarzoffset, away, batchanimation, busy, changeappearance, deactivate, deanimate, deleteclassified, deletepick, detach, displayname, getanimations, getattachments, getattachmentspath, getcameradata, getheartbeatdata, getmovementdata, getselfdata, gettemproaryattachments, getwearables, getwearablespath, look, playgesture, rebake, replytoscriptpermissionrequest, setcameradata, sethome, setmovementdata, setprofiledata, tag, typing, unwear, wear
group	All the commands that deal with group operations, such as inviting people to groups, creating group roles, ejecting group members, banning group members from a group, and so on require the `group` permission to be set.	ban, batchaddtorole, batchdeletefromrole, batcheject, batchinvite, creategroup, createrole, deletefromrole, deleterole, eject, getavatargroupdata, getavatargroupsdata, getcurrentgroups, getcurrentgroupsdata, getgroupaccountsummarydata, getgroupdata, getgroupinvites, getgrouplandinfodata, getgroupmemberdata, getgroupmembersdata, getgroupsdata, getmemberroles, getmembers, getmembersoffline, getmembersonline, getrolemembers, getrolepowers, getroles, getrolesmembers, gettitles, invite, join, leave, moderate, notice, replytogroupinvite, setgroupdata, setrolepowers, softban, startproposal
interact	`interact` is a permission that, when granted, gives the right to groups to interact with in-world assets such as primitives.	avatarnotes, batchavatarkeytoname, batchavatarnametokey, batchgetavatarappearancedata, batchgetavatardisplayname, batchgetavatarseat, batchgetprofiledata, batchgroupkeytoname, batchgroupnametokey, batchsetobjectgroup, batchsetobjectpermissions, batchsetobjectpositions, batchsetobjectrotations, batchsetprimitivedescriptions, batchsetprimitivenames, batchsetprimitivepositions, batchsetprimitiverotations, batchupdateprimitiveinventory, changeprimitivelink, click, creategrass, createprimitive, createtree, deleteviewereffect, download, exportdae, exportoar, exportxml, getavatarappearancedata, getavatarclassifieddata, getavatarclassifieds, getavatardata, getavatardisplayname, getavatarpickdata, getavatarpicks, getavatarpositions, getavatarsappearancedata, getavatarsdata, getavatarseat, getavatarsseats, geteventinfodata, getmapavatarpositions, getobjectdata, getobjectlink, getobjectmediadata, getobjectpermissions, getobjectsdata, getparticlesystem, getprimitivebodytypes, getprimitivedata, getprimitiveflexibledata, getprimitiveinventory, getprimitiveinventorydata, getprimitivelightdata, getprimitivepayprices, getprimitivephysicsdata, getprimitivepropertiesdata, getprimitivescripttext, getprimitivesculptdata, getprimitivesdata, getprimitiveshapedata, getprimitivetexturedata, getprofiledata, getprofilesdata, getscriptdialogs, getscriptpermissionrequests, getscriptrunning, getviewereffects, grab, importxml, objectdeed, playsound, primitivebuy, recompilescript, replytoscriptdialog, replytoscriptpermissionrequest, setobjectgroup, setobjectmediadata, setobjectpermissions, setobjectposition, setobjectrotation, setobjectsaleinfo, setobjectscale, setprimitivedescription, setprimitiveflags, setprimitiveflexibledata, setprimitiveinventorydata, setprimitivelightdata, setprimitivematerial, setprimitivename, setprimitiveposition, setprimitiverotation, setprimitivescale, setprimitivesculptdata, setprimitiveshapedata, setprimitivetexturedata, setscriptrunning, setviewereffect, shoot, touch, updatenotecard, updateprimitiveinventory, updatescript
inventory	Commands that deal with Corrade's inventory are protected by the `inventory` permission. Searching Corrade's inventory, handing out objects from Corrade's inventory and so on are all restricted by the inventory permission.	attachobject, batchattachobject, batchderez, batchdropobject, batchgive, batchsetinventorydata, compilescript, copynotecardasset, createlandmark, createnotecard, derez, download, dropobject, emptytrash, getassetdata, getinventorydata, getinventoryoffers, getinventorypath, getprimitivescripttext, give, inventory, recompilescript, removeitem, renameitem, replytoinventoryoffer, replytoscriptpermissionrequest, rez, scriptreset, searchinventory, setinventorydata, trashitem, updatenotecard, updatescript, upload
land	Most commands that deal with in-world land assets such as changing parcel descriptions, querying data for a region, and so on, need the `land` permission.	batchsetparcellist, estateteleportusershome, getconnectedregions, getestatebanlist, getestatecovenant, getestateinfodata, getestatelist, getgridregiondata, getnetworkdata, getparceldata, getparceldwell, getparcelinfodata, getparcellist, getparcelobjectresourcedetaildata, getparcelobjectsresourcedetaildata, getprimitiveowners, getregiondata, getregionparcellocations, getregionparcelsboundingbox, getregionterrainheights, getregionterraintextures, getregiontop, getremoteparcelinfodata, getterrainheight, parcelbuy, parceldeed, parceldivide, parceleject, parcelfreeze, parceljoin, parcelreclaim, parcelrelease, restartregion, returnprimitives, setestatecovenant, setestatelist, setparceldata, setparcellist, setregiondebug, setregioninfo, setregionterrainheights, setregionterraintextures, setregionterrainvariables, simulatorpause, simulatorresume, terrain, toggleparcelflags
movement	The `movement` permission governs all the Corrade commands that are meant to move Corrade. This includes nudging the bot, teleporting the bot and other commands that would allow Corrade to move around.	autopilot, batchlure, crouch, fly, flyto, getteleportlures, gohome, jump, lure, nudge, relax, replytoteleportlure, requestlure, run, setmovementdata, sit, stand, teleport, turn, turnto, walkto
mute	The `mute` permission restricts commands that are able to modify and query Corrade's mute list.	batchmute, getmutes, mute, softban
notifications	In order to be able to install notifications via the notify command groups need the `notifications` permission.	notify
system	Commands that change Corrade's functionality need the `system` permission. Note that this permission can be considered very dangerous since it allows a group to reconfigure and poll Corrade's entire configuration file.	addconfigurationgroup, configuration, download, exportoar, exportxml, getconfigurationdata, login, logout, readfile, removeconfigurationgroup, setconfigurationdata, writefile
talk	Corrade's talking ability - whether it is in a group, in local chat, or sending private messages to agents is restricted by the `talk` permission.	batchtell, conference, getconferencememberdata, getconferencemembersdata, logs, tell