A Joomla 2,5 ACL use case

Ricky D’Cruze & Kenneth Nilsson

@actionwave_ab

www.actionwave.se

Who we are?

ActionWave Development AB, Västerås System and Web Development Providing web-based solutions using

Joomla! 1,5 framework since 2008

Joomla! Community

Joomla! Community Magazine (JCM)

– Web Master- starting from Fall 2011– Editor(Bangla Section)- starting from June

2012– Author- posted 1st Article in May 2012

Founder member of JUG in Västerås Loves to spread the news about Joomla!

Agenda

What is Joomla! ACL Permission Levels Real life Case- customer

requirments Our solutions with demonstration Tips Resources

What is ACL?

-"Access Control List"

- Group permissions, what they can see or do in the frontend and Backend of a Joomla! Site.

Joomla! 2,5 ACL

Source: ActionWave's Design

Permission Settings

ACL Structure

Image Source: http://magazine.joomla.org/issues/Issue-Jan-2012/item/637-Joomla-1-6,-1-7,-and-2-5-ACL-Concepts-Overview

Customer Requirements

A Golf Club Web site with many user- groups login

R1.Groups Page will be a blog (16 group pages)

R2. All group pages has the public access

R3. The Group can only add,edit, can’t delete, publish articles. Can’t do those operations for other groups.

Customer Requirements (Group blog pages)

Public

H35

H55

No

No

Customer Requirements

R4. News editor can add news but the Admin/Manager of the Club will read that first and publish that.

Customer Requirements (News Blog page)

Public

No No

Admin

News Editor

Demo (front-end)

Demo...

Create groups called H35, H55 etc In the Global config (Level 1) give

permissions to site login, create, edit, edit state to Allowed for all the groups.

Make separate Access viewing level for all the groups and connect to specific users.

Now for Level 3: Create categories and give category level permissions where 'H35 cat' will be ony having the create, edit, edit state permissions for H35 group.

Demo...

Create groups called 'News Editor' In the Global config (Level 1) give

permissions to site login, create, edit to Allowed for all the groups.

Make separate Access viewing level for all the groups and connect to specific users.

Now for Level 3: Create category called 'News' and give category level permissions where 'News' will be ony having the create, edit, permissions for 'News Editor' group.

Customer Requirements.. R5. Backend (Manager) can

-add/edit/delete articles,

-full access to module manager, -limited access to media manager, -can take Akeeba Backup and download the backup file.

Demo (Backend)

R5: Backend (Manager)

Create a user grop ’Backend (Manager)’

From the global configuration put the permission to ’Admin Login: Allowed’

Set the access level to ’Special’ for the user group

Connect a user in the group, here ’cpa’

Tips

Make your own users group with non hierarchical structure Name your ACL related to the group Careful about using ’Denied’ in Hierarchal group Structure

'Level 1' config is Enough for groups in simple site Keep It Simple Read the resources to Learn the ACL

Resources

•http://docs.joomla.org/Access_Control_List/1.6-2.5/Tutorial•http://magazine.joomla.org/issues/Issue-Jan-2012/item/637-Joomla-1-6,-1-7,-and-2-5-ACL-Concepts-Overview•http://community.joomla.org/blogs/community/1252-16-acl.html•http://www.joomlatutorials.com/blog/140-joomla-16-acl-video.html•http://www.youtube.com/watch?v=2P4DiFIyc30•http://www.slideshare.net/jen4web/joomla-1617-access-control-lists-acl http://magazine.joomla.org/issues/Issue-May-2012/item/761-Joomla-ACL-Configuring-back-endhttp://vimeo.com/25428348

Thank you.

Questions????

ricky@actionwave.se @actionwave_ab