Your SlideShare is downloading. ×
0
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Enrich your extensions with Joomla! ACL support

6,378

Published on

Enrich your extensions with Joomla! ACL support during J and Beyond 2012

Enrich your extensions with Joomla! ACL support during J and Beyond 2012

Published in: Technology
0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
6,378
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
99
Comments
0
Likes
3
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Enrich your extensions with Joomla! ACL support Sander Potjer @sanderpotjer J  and  Beyond  -­‐  May  20,  2012
  • 2. Sander Potjer?Twitter:@sanderpotjerE-mail:sander@sanderpotjer.nlSlides:http://www.slideshare.net/sanderpotjer/
  • 3. Joomla! ACL
  • 4. It took a while... DrupalCon, October 2005 Johan Janssens• http://www.slideshare.net/JohanJanssens/drupalcon-2005-joomla-drupal-and-you-presentation
  • 5. ACL?!?!ACL = Access Control List
  • 6. ACL?!?!ACL = Access Control ListAccess to parts of the website– e.g. menu / module visibility– “view” action
  • 7. ACL?!?!ACL = Access Control ListAccess to parts of the website– e.g. menu / module visibility– “view” actionUser actions on objectsexample: create / edit / edit state / delete article
  • 8. ACL?!?!ACL = Access Control ListAccess to parts of the website– e.g. menu / module visibility– “view” actionUser actions on objectsexample: create / edit / edit state / delete article
  • 9. Joomla! 2.5ACL Overview
  • 10. • http://community.joomla.org/blogs/community/1252-16-acl.html
  • 11. • http://community.joomla.org/blogs/community/1252-16-acl.html
  • 12. User • Guest is also a ‘user’ • Users can be assigned to one or multiple groups
  • 13. • http://community.joomla.org/blogs/community/1252-16-acl.html
  • 14. PermissionsAssigned to group (not to a user!) 10 Actions – Site Login – Admin Login – Offline Access (since 1.7) – Super Admin / Configure – Access Administration Interface – Create – Delete – Edit – Edit State – Edit Own
  • 15. • http://community.joomla.org/blogs/community/1252-16-acl.html
  • 16. Group • Users with same permissions • Inherited permissions from parent groups • Unlimited nested groups • Keep it simple! Only use nested groups if needed
  • 17. • http://community.joomla.org/blogs/community/1252-16-acl.html
  • 18. Access Level • What is visible for the group (article, menu, module, etc.) • Permissions are inherit between Access Levels • Even Super Users can not view content on frontend if not assigned
  • 19. • http://community.joomla.org/blogs/community/1252-16-acl.html
  • 20. Permissions Settings 4 possible permission settings– Not Set– Inherited– Allowed– Denied
  • 21. Permission Hierarchy (levels)Level 1: Global configuration– default permissions settings for actions for a group
  • 22. Permission Hierarchy (levels)Level 1: Global configuration– default permissions settings for actions for a groupLevel 2: Component Options– can override the permissions of Level 1
  • 23. Permission Hierarchy (levels)Level 1: Global configuration– default permissions settings for actions for a groupLevel 2: Component Options– can override the permissions of Level 1Level 3: Category– can override the permissions of Level 1 & Level 2– available for components with categories (Articles, Banners, etc...)
  • 24. Permission Hierarchy (levels)Level 1: Global configuration– default permissions settings for actions for a groupLevel 2: Component Options– can override the permissions of Level 1Level 3: Category– can override the permissions of Level 1 & Level 2– available for components with categories (Articles, Banners, etc...)Level 4: Item– can override the permissions of Level 1 & Level 2 & Level 3– only available for article manager in Joomla core
  • 25. Permission Hierarchy (levels)Level 1: Global configuration– default permissions settings for actions for a groupLevel 2: Component Options– can override the permissions of Level 1Level 3: Category– can override the permissions of Level 1 & Level 2– available for components with categories (Articles, Banners, etc...)Level 4: Item– can override the permissions of Level 1 & Level 2 & Level 3– only available for article manager in Joomla coreOverride permissions of higher levels only works ifpermission setting is not ‘Denied’!
  • 26. Inheriting example for ‘Create’ Action Level 1 Level 2 Level 3 Level 4• http://www.theartofjoomla.com/home/5-commentary/84-introducing-the-new-permissions-in-joomla-16.html
  • 27. Database: #__assets
  • 28. Database: #__assets: rules names10 Actions:– Site Login: core.login.site– Admin Login: core.login.admin– Offline Access: core.login.offline– Super Admin / Configure: core.admin– Access Administration Interface: core.manager– Create: core.create– Delete: core.delete– Edit: core.edit– Edit State: core.edit.state– Edit Own: core.edit.own
  • 29. Database: #__assets: rules valuesPermissions values “Null”, ‘0’ and ‘1’– Null: Not Set or Inherited– 0: Denied– 1: Allowed
  • 30. Database: #__assets: rules format {"core.login.site":{"6":1,"2":1}
  • 31. Database: #__assets: name format com_content.category.19
  • 32. Database: #__assets
  • 33. Joomla Basic ACL support
  • 34. 2 actions requiredConfigureTo configure the access settings via the Options toolbar buttonAccess Administration InterfaceTo define which group is able to access/manage the component
  • 35. 18 lines of code 4 stepscouple minutes
  • 36. 1. Add/modify config.xmlFile: administrator/components/com_foobar/config.xml<?xml version="1.0" encoding="utf-8"?><config> <fieldset name="permissions" label="JCONFIG_PERMISSIONS_LABEL"description="JCONFIG_PERMISSIONS_DESC"> <field name="rules" type="rules"label="JCONFIG_PERMISSIONS_LABEL" filter="rules"component="com_foobar" section="component"> <action name="core.admin" title="JACTION_ADMIN"description="JACTION_ADMIN_COMPONENT_DESC" /> <action name="core.manage" title="JACTION_MANAGE"description="JACTION_MANAGE_COMPONENT_DESC" /> </field> </fieldset></config>
  • 37. 2. Add access checkFile: administrator/components/com_foobar/foobar.phpdefined(_JEXEC) or die(Restricted access);// Access check.if (!JFactory::getUser()->authorise(core.manage, com_foobar)) { return JError::raiseWarning(404, JText::_(JERROR_ALERTNOAUTHOR));}
  • 38. 3. Add the Options toolbar buttonFile: administrator/components/com_foobar/views/foobars/view.html.php// Options button.if (JFactory::getUser()->authorise(core.admin, com_foobar)) { JToolBarHelper::preferences(com_foobar);}
  • 39. 4. Add one language stringFile: administrator/language/en-GB/en-GB.com_foobar.iniCOM_FOOBAR_CONFIGURATION="FooBar Options"
  • 40. That’s all!
  • 41. Actually, basic ACL support is not optional, it should be a requirement for a “native” Joomla 2.5 extension.
  • 42. Adding custom actions
  • 43. Adding custom actions Example: administrator/components/com_foobar/access.xml<?xml version="1.0" encoding="utf-8" ?><access component="com_helloworld">! <section name="component">! ! <action name="core.admin" title="JACTION_ADMIN" description="JACTION_ADMIN_COMPONENT_DESC" />! ! <action name="core.manage" title="JACTION_MANAGE" description="JACTION_MANAGE_COMPONENT_DESC" />! ! <action name="core.create" title="JACTION_CREATE" description="JACTION_CREATE_COMPONENT_DESC" />! ! <action name="core.delete" title="JACTION_DELETE" description="JACTION_DELETE_COMPONENT_DESC" />! ! <action name="foobar.delete.own" title="FOOBAR_DELETE_OWN" description="FOOBAR_DELETE_OWN_DESC" />! </section>! <section name="message">! ! <action name="core.delete" title="JACTION_DELETE" description="COM_HELLOWORLD_ACCESS_DELETE_DESC" />! ! <action name="core.edit" title="JACTION_EDIT" description="COM_HELLOWORLD_ACCESS_EDIT_DESC" /> <action name="foobar.delete.own" title="FOOBAR_DELETE_OWN" description="FOOBAR_DELETE_OWN_DESC" />! </section></access>
  • 44. Adding custom actions Example: administrator/components/com_foobar/config.xml<?xml version="1.0" encoding="utf-8"?><config>! <fieldset! ! name="greetings"! ! label="COM_FOOBAR_CONFIG_GREETING_SETTINGS_LABEL"! ! description="COM_FOOBAR_CONFIG_GREETING_SETTINGS_DESC"! >! ! <field! ! ! name="show_category"! ! ! type="radio"! ! ! label="COM_FOOBAR_HELLOWORLD_FIELD_SHOW_CATEGORY_LABEL"! ! ! description="COM_FOOBAR_HELLOWORLD_FIELD_SHOW_CATEGORY_DESC"! ! ! default="0"! ! >! ! ! <option value="0">JHIDE</option>! ! ! <option value="1">JSHOW</option>! ! </field>! </fieldset>! <fieldset! ! name="permissions"! ! label="JCONFIG_PERMISSIONS_LABEL"! ! description="JCONFIG_PERMISSIONS_DESC"! >! ! <field! ! ! name="rules"! ! ! type="rules"! ! ! label="JCONFIG_PERMISSIONS_LABEL"! ! ! class="inputbox"! ! ! validate="rules"! ! ! filter="rules"! ! ! component="com_foobar"! ! ! section="component"! ! />! </fieldset></config>
  • 45. Extension X (not so good) example
  • 46. Extension X (not so good) example
  • 47. Extension X (not so good) example
  • 48. Extension X (not so good) example
  • 49. Action check
  • 50. Simple action checkFile: administrator/components/com_foobar/views/foobars/view.html.php// Options button.if (JFactory::getUser()->authorise(core.admin, com_foobar)) { JToolBarHelper::preferences(com_foobar);}
  • 51. Multiple action check File: administrator/components/com_foobar/views/foobars/view.html.php /**! * Setting the toolbar! */! protected function addToolBar()! {! ! $canDo = FoobarHelper::getActions();! ! JToolBarHelper::title(JText::_(COM_FOOBAR_MANAGER_HELLOWORLDS), foobar);! ! if ($canDo->get(core.create))! ! {! ! ! JToolBarHelper::addNew(foobar.add, JTOOLBAR_NEW);! ! }! ! if ($canDo->get(core.edit))! ! {! ! ! JToolBarHelper::editList(foobar.edit, JTOOLBAR_EDIT);! ! }! ! if (($canDo->get(core.delete)) || ($canDo->get(foobar.delete.own)))! ! {! ! ! JToolBarHelper::deleteList(, foobar.delete, JTOOLBAR_DELETE);! ! }! ! if ($canDo->get(core.admin))! ! {! ! ! JToolBarHelper::divider();! ! ! JToolBarHelper::preferences(com_foobar);! ! }! }
  • 52. Multiple action check File: administrator/components/com_foobar/helpers/foobar.php /**! * Get the actions! */! public static function getActions($messageId = 0)! {!! ! jimport(joomla.access.access);! ! $user ! = JFactory::getUser();! ! $result! = new JObject;! ! if (empty($messageId)) {! ! ! $assetName = com_foobar;! ! }! ! else {! ! ! $assetName = com_foobar.message..(int) $messageId;! ! }! ! $actions = JAccess::getActions(com_foobar, component);! ! foreach ($actions as $action) {! ! ! $result->set($action->name, $user->authorise($action->name, $assetName));! ! }! ! return $result;! }
  • 53. Multiple action checkFile: administrator/components/com_content/helpers/content.php
  • 54. Displaying permission interface
  • 55. Display permission interface File: administrator/components/com_foobar/views/foobar/tmpl/edit.php <?php if ($this->canDo->get(core.admin)): ?> <div class="width-100 fltlft"> <?php echo JHtml::_(sliders.start, permissions-sliders-.$this->item->id,array(useCookie=>1)); ?> <?php echo JHtml::_(sliders.panel, JText::_(COM_HELLOWORLD_FIELDSET_RULES), access-rules); ?> <fieldset class="panelform"> <?php echo $this->form->getLabel(rules); ?> <?php echo $this->form->getInput(rules); ?> </fieldset> <?php echo JHtml::_(sliders.end); ?> </div> <?php endif; ?>
  • 56. Display permission interfaceFile: administrator/components/com_foobar/views/foobar/tmpl/edit.php
  • 57. Usage examples in MVC
  • 58. Usage examples - ModelFile: administrator/components/com_content/models/article.php
  • 59. Usage examples - ModelFile: administrator/components/com_content/models/articles.php
  • 60. Usage examples - ViewFile: administrator/components/com_content/views/articles/tmpl/default.php
  • 61. Usage examples - ViewFile: administrator/components/com_content/views/articles/tmpl/default.php
  • 62. Usage examples - ControllerFile: administrator/components/com_content/controllers/articles.php
  • 63. Be Creative!
  • 64. Resources• http://www.aclmanager.net/news/general/28-is-your-extension-really- joomla-17-ready• http://www.aclmanager.net/news/general/31-how-to-add-basic-acl-support-to- your-extension• http://docs.joomla.org/Developing_a_Model-View- Controller_(MVC)_Component_for_Joomla!2.5_-_Part_14• http://docs.joomla.org/How_to_implement_actions_in_your_code• http://community.joomla.org/blogs/community/1252-16-acl.html• http://docs.joomla.org/ACL_Tutorial_for_Joomla_1.6• http://docs.joomla.org/Access_Control_System_In_Joomla_1.6• http://magazine.joomla.org/issues/Issue-May-2012/item/761-Joomla-ACL- Configuring-back-end

×