joomla! 2,5 acl- a use case
DESCRIPTION
We have presented this on Joomla! day 2012 Sweden on May 26, 2012, Stockholm. With this slide we have also showed a live demo, so it is difficult to explain all the features of Joomla! 2,5 ACL. Contact us if you need more info on www.actionwave.seTRANSCRIPT
A Joomla 2,5 ACL use case
Ricky D’Cruze & Kenneth Nilsson
@actionwave_ab
www.actionwave.se
Who we are?
ActionWave Development AB, Västerås System and Web Development Providing web-based solutions using
Joomla! 1,5 framework since 2008
Joomla! Community
Joomla! Community Magazine (JCM)
– Web Master- starting from Fall 2011– Editor(Bangla Section)- starting from June
2012– Author- posted 1st Article in May 2012
Founder member of JUG in Västerås Loves to spread the news about Joomla!
Agenda
What is Joomla! ACL Permission Levels Real life Case- customer
requirments Our solutions with demonstration Tips Resources
What is ACL?
-"Access Control List"
- Group permissions, what they can see or do in the frontend and Backend of a Joomla! Site.
Joomla! 2,5 ACL
Source: ActionWave's Design
Permission Settings
ACL Structure
Image Source: http://magazine.joomla.org/issues/Issue-Jan-2012/item/637-Joomla-1-6,-1-7,-and-2-5-ACL-Concepts-Overview
Customer Requirements
A Golf Club Web site with many user- groups login
R1.Groups Page will be a blog (16 group pages)
R2. All group pages has the public access
R3. The Group can only add,edit, can’t delete, publish articles. Can’t do those operations for other groups.
Customer Requirements (Group blog pages)
Public
H35
H55
No
No
Customer Requirements
R4. News editor can add news but the Admin/Manager of the Club will read that first and publish that.
Customer Requirements (News Blog page)
Public
No No
Admin
News Editor
Demo (front-end)
Demo...
Create groups called H35, H55 etc In the Global config (Level 1) give
permissions to site login, create, edit, edit state to Allowed for all the groups.
Make separate Access viewing level for all the groups and connect to specific users.
Now for Level 3: Create categories and give category level permissions where 'H35 cat' will be ony having the create, edit, edit state permissions for H35 group.
Demo...
Create groups called 'News Editor' In the Global config (Level 1) give
permissions to site login, create, edit to Allowed for all the groups.
Make separate Access viewing level for all the groups and connect to specific users.
Now for Level 3: Create category called 'News' and give category level permissions where 'News' will be ony having the create, edit, permissions for 'News Editor' group.
Customer Requirements.. R5. Backend (Manager) can
-add/edit/delete articles,
-full access to module manager, -limited access to media manager, -can take Akeeba Backup and download the backup file.
Demo (Backend)
R5: Backend (Manager)
Create a user grop ’Backend (Manager)’
From the global configuration put the permission to ’Admin Login: Allowed’
Set the access level to ’Special’ for the user group
Connect a user in the group, here ’cpa’
Tips
Make your own users group with non hierarchical structure Name your ACL related to the group Careful about using ’Denied’ in Hierarchal group Structure
'Level 1' config is Enough for groups in simple site Keep It Simple Read the resources to Learn the ACL
Resources
•http://docs.joomla.org/Access_Control_List/1.6-2.5/Tutorial•http://magazine.joomla.org/issues/Issue-Jan-2012/item/637-Joomla-1-6,-1-7,-and-2-5-ACL-Concepts-Overview•http://community.joomla.org/blogs/community/1252-16-acl.html•http://www.joomlatutorials.com/blog/140-joomla-16-acl-video.html•http://www.youtube.com/watch?v=2P4DiFIyc30•http://www.slideshare.net/jen4web/joomla-1617-access-control-lists-acl http://magazine.joomla.org/issues/Issue-May-2012/item/761-Joomla-ACL-Configuring-back-endhttp://vimeo.com/25428348