SlideShare a Scribd company logo

ACL in Joomla 1.6 at #jd11nl

Sander Potjer
Sander Potjer

Joomla 1.6 ACL explained.

Technology
1 of 68
Download to read offline
Joomla! 1.6 ACL Sander Potjer Sander  Potjer  Webdesign twi$er:  @sanderpotjer web:  www.sanderpotjer.nl
Joomla! 1.6 ACL About me • Co-founder of JoomlaCommunity.eu • Organizer Joomla!Days Netherlands • Organizer Joomla! User Groups in The Netherlands • Company: Sander Potjer Webdesign • Yireo/Jira ICT • Student Architecture
Joomla! 1.6 ACL Joomla! 1.6 ACL
Joomla! 1.6 ACL It took a while... DrupalCon, October 2005 Johan Janssens • http://www.slideshare.net/JohanJanssens/drupalcon-2005-joomla-drupal-and-you-presentation
Joomla! 1.6 ACL ACL?! • ACL = Access Control List • Access to parts of the website – e.g. menu / module visibility – “view” action • User actions on objects – e.g. create / edit / delete article
Joomla! 1.6 ACL ACL in Joomla! 1.5 & 1.6 (Access) • 7 fixed Groups • Unlimited Groups – Public, Registered, Author, Editor, – user-defined Publisher, Manager, Administrator – not hierarchical and Super-Administrator – Hierarchical structure • User can be assigned to • User can be assigned to one group multiple groups
Joomla! 1.6 ACL ACL in Joomla! 1.5 & 1.6 (Access) • 3 fixed Access Levels • Unlimited Access Levels – Public, Registered and Special – user-defined • Fixed relation between • Any combination of Groups and Access Levels Groups can be assigned to any Access Level
Joomla! 1.6 ACL ACL in Joomla! 1.5 & 1.6 (Actions) • Fixed Actions per group – Create / edit / delete / admin access / etc. • Permission scope for entire site – Same permission for all objects • Permission inheritance not applicable • http://brian.teeman.net/joomla-gps/joomla-15-acl-explained.html
Joomla! 1.6 ACL ACL in Joomla! 1.5 & 1.6 (Actions) • http://brian.teeman.net/joomla-gps/joomla-15-acl-explained.html
Joomla! 1.6 ACL ACL in Joomla! 1.5 & 1.6 (Actions) • Fixed Actions per group • User defined Actions per – Create / edit / delete / group admin access / etc. – Create / edit / delete / admin access / etc. • Permission scope for • Permission scope at entire site multiple levels – Same permission for all objects – Site, Component, Category, Object • Permission inheritance • Permission can be not applicable inherited – from parent Groups and parent Categories
Joomla! 1.6 ACL Joomla! 1.6 ACL Overview
Joomla! 1.6 ACL Joomla 1.6 ACL Overview • http://community.joomla.org/blogs/community/1252-16-acl.html
Joomla! 1.6 ACL Joomla 1.6 ACL Overview • http://community.joomla.org/blogs/community/1252-16-acl.html
Joomla! 1.6 ACL Joomla 1.6 ACL: User • Guest is also a user • Users can be assigned to one or several groups
Joomla! 1.6 ACL Joomla 1.6 ACL Overview • http://community.joomla.org/blogs/community/1252-16-acl.html
Joomla! 1.6 ACL Joomla 1.6 ACL: Permissions • Assigned to group (not to a user!) • 9 Actions – Site Login – Admin Login – Super Admin – Access Component – Create – Delete – Edit – Edit State – Edit Own
Joomla! 1.6 ACL Joomla 1.6 ACL Overview • http://community.joomla.org/blogs/community/1252-16-acl.html
Joomla! 1.6 ACL Joomla 1.6 ACL: Groups • Users with same permissions • User can be in multiple groups • Inherit permissions from parent groups • Unlimited (sub-)groups • Keep it simple! Only use nested groups if needed
Joomla! 1.6 ACL Joomla 1.6 ACL Overview • http://community.joomla.org/blogs/community/1252-16-acl.html
Joomla! 1.6 ACL Joomla 1.6 ACL: Access Level • Which group can view what (article, menu, module, etc.) • Permissions are not inherited between Access Levels • Even Super Users can not view content on frontend
Joomla! 1.6 ACL Joomla 1.6 ACL Overview • http://community.joomla.org/blogs/community/1252-16-acl.html
Joomla! 1.6 ACL Permissions
Joomla! 1.6 ACL How Permissions work • 4 possible permission settings – Not Set – Inherited – Allowed – Denied
Joomla! 1.6 ACL How Permissions work • Not set – ‘soft’ deny – can be overridden by ‘Allowed’ or ‘Denied’
Joomla! 1.6 ACL How Permissions work • Inherited – value from a parent permission level – value from a parent user group – can be overridden by ‘Allowed’ or ‘Denied’
Joomla! 1.6 ACL How Permissions work • Allowed – action for current permission level and lower levels – action for current user group and child groups – can be overridden by ‘Denied’
Joomla! 1.6 ACL How Permissions work • Denied – action for current permission level and lower levels – action for current user group and child groups – can’t be overridden at all – always win!
Joomla! 1.6 ACL Permission Hierarchy Levels • Level 1: Global configuration – default permissions settings for actions for a group
Joomla! 1.6 ACL Permissions: Global Configuration (Level 1)
Joomla! 1.6 ACL Permission Hierarchy Levels • Level 1: Global configuration – default permissions settings for actions for a group • Level 2: Component Options – can override the permissions of Level 1
Joomla! 1.6 ACL Permissions: Component Options (Level 2)
Joomla! 1.6 ACL Permissions: Component Options (Level 2)
Joomla! 1.6 ACL Permission Hierarchy Levels • Level 1: Global configuration – default permissions settings for actions for a group • Level 2: Component Options – can override the permissions of Level 1 • Level 3: Category – can override the permissions of Level 1 & Level 2 – available for components with categories (Articles, Banners, etc...)
Joomla! 1.6 ACL Permissions: Category (Level 3)
Joomla! 1.6 ACL Permissions: Category (Level 3)
Joomla! 1.6 ACL Permission Hierarchy Levels • Level 1: Global configuration – default permissions settings for actions for a group • Level 2: Component Options – can override the permissions of Level 1 • Level 3: Category – can override the permissions of Level 1 & Level 2 – available for components with categories (Articles, Banners, etc...) • Level 4: Item – can override the permissions of Level 1 & Level 2 & Level 3 – only available for articles in Joomla 1.6 core
Joomla! 1.6 ACL Permissions: Item (Level 4)
Joomla! 1.6 ACL Permissions: Item (Level 4)
Joomla! 1.6 ACL Permission Hierarchy Levels • Level 1: Global configuration – default permissions settings for actions for a group • Level 2: Component Options – can override the permissions of Level 1 • Level 3: Category – can override the permissions of Level 1 & Level 2 – available for components with categories (Articles, Banners, etc...) • Level 4: Item – can override the permissions of Level 1 & Level 2 & Level 3 – only available for articles in Joomla 1.6 core
Joomla! 1.6 ACL Permission Hierarchy Levels • Level 1: Global configuration – default permissions settings for actions for a group • Level 2: Component Options – can override the permissions of Level 1 • Level 3: Category – can override the permissions of Level 1 & Level 2 – available for components with categories (Articles, Banners, etc...) • Level 4: Item – can override the permissions of Level 1 & Level 2 & Level 3 – only available for articles in Joomla 1.6 core • Override permissions of higher levels only works if permission setting is not ‘Denied’!
Joomla! 1.6 ACL Inheriting example for ‘Create’ action Level 1 Level 2 Level 3 Level 4 • http://www.theartofjoomla.com/home/5-commentary/84-introducing-the-new-permissions-in-joomla-16.html
Joomla! 1.6 ACL Inheriting example for ‘Create’ action Level 1 Level 2 Level 3 Level 4 • http://www.theartofjoomla.com/home/5-commentary/84-introducing-the-new-permissions-in-joomla-16.html
Joomla! 1.6 ACL Inheriting example for ‘Create’ action Level 1 Level 2 Level 3 Level 4 • http://www.theartofjoomla.com/home/5-commentary/84-introducing-the-new-permissions-in-joomla-16.html
Joomla! 1.6 ACL Inheriting example for ‘Create’ action Level 1 Level 2 Level 3 Level 4 • http://www.theartofjoomla.com/home/5-commentary/84-introducing-the-new-permissions-in-joomla-16.html
Joomla! 1.6 ACL Inheriting example for ‘Create’ action Level 1 Level 2 Level 3 Level 4 • http://www.theartofjoomla.com/home/5-commentary/84-introducing-the-new-permissions-in-joomla-16.html
Joomla! 1.6 ACL Available Permissions and Levels for a Group of Users
Joomla! 1.6 ACL Action: Edit State
Joomla! 1.6 ACL ACL Manager for Joomla! 1.6 by Sander Potjer
Joomla! 1.6 ACL ACL Manager for Joomla! 1.6
Joomla! 1.6 ACL ACL Manager for Joomla! 1.6
Joomla! 1.6 ACL ACL Manager for Joomla! 1.6
Joomla! 1.6 ACL ACL Manager for Joomla! 1.6 www.aclmanager.net
Joomla! 1.6 ACL Debug Permissions
Joomla! 1.6 ACL Debug Permissions • Turn on the ‘Debug System’ in the Global Configuration • Go to ‘User Manager’ or ‘Groups’ • Click on ‘Debug Permission Report’ next to the User or User Group
Joomla! 1.6 ACL Debug Permissions
Joomla! 1.6 ACL Debug Permissions • Disadvantage: need to turn ‘Debug System’
Joomla! 1.6 ACL Plan your ACL implementation
Joomla! 1.6 ACL Describe the problem • Most of the website is public available, specific content only for a group of users (e.g. teachers & students) • A teacher can see content specifically for teachers, all student content and all public content • Students can see content specifically for students and all public content
Joomla! 1.6 ACL Viewing or action problem? • Define the problem, is it a viewing problem or action problem (create/delete/edit/etc..)? Or both? • Viewing: define the Viewing Access Levels • Access: define the permissions for the actions
Joomla! 1.6 ACL Think ahead! Maintenance? • Structure your content properly to handle the permissions • Make usage of parent categories with nested categories with same permissions • No need to set permissions per article
Joomla! 1.6 ACL Some Notes
Joomla! 1.6 ACL User in multiple groups • Class 1 – Allowed on edit ‘Class 1’ category – Denied on edit ‘Class 2’ category • Class 2 – Allowed on edit ‘Class 2’ category – Denied on edit ‘Class 1’ category • User in Class 1 & Class 2 group – Denied on edit ‘Class 1’ category – Denied on edit ‘Class 1’ category – Denied always win – Solution: don’t use denied (soft deny)
Joomla! 1.6 ACL What if I locked myself out? :-)
Joomla! 1.6 ACL What if I locked myself out? :-) • No need to access your database • Open your configuration.php and add: – public $root_user = 'username'; • You can login again and perform all actions • Great for playing around with the new ACL • Don’t forget to remove the $root_user line!
Joomla! 1.6 ACL Practical ACL Tips
Joomla! 1.6 ACL ACL Tips • Write down your ACL requirements for a website before implementing • Joomla 1.5 User Groups are for backward compatibility in Joomla 1.6, you may remove them! • Use multi-nested Groups only if needed / know what you are doing (so inheriting value only between levels, not groups as well)
Joomla! 1.6 ACL ACL Tips • Assign User Group with backend access to a Viewing Access Level • Keep flexible for lower permission levels/groups: Avoid the ‘Denied’ permission setting as long as possible • Idea: Make a Group for each Action so you can assign actions directly to a user
Joomla! 1.6 ACL Resources • http://www.yireo.com/tutorials/joomla/joomla-administration/402-joomla-16- acls-1-marketing-group • http://community.joomla.org/blogs/community/1252-16-acl.html • http://docs.joomla.org/ACL_Tutorial_for_Joomla_1.6 • http://docs.joomla.org/Access_Control_System_In_Joomla_1.6 • http://www.theartofjoomla.com/home/5-commentary/84-introducing-the-new- permissions-in-joomla-16.html • http://www.theartofjoomla.com/home/38-talks/101-the-joomla-16-video- access-controls.html • http://www.aclmanager.net

Recommended

Joomla Extensions Directory at JoomlaDay London, UK #jduk11
Joomla Extensions Directory at JoomlaDay London, UK #jduk11Joomla Extensions Directory at JoomlaDay London, UK #jduk11
Joomla Extensions Directory at JoomlaDay London, UK #jduk11
Sander Potjer
 
Joomla Access Control List (ACL) at JoomlaDay London, UK #jduk11
Joomla Access Control List (ACL) at JoomlaDay London, UK #jduk11Joomla Access Control List (ACL) at JoomlaDay London, UK #jduk11
Joomla Access Control List (ACL) at JoomlaDay London, UK #jduk11
Sander Potjer
 
Joomla! ACL - Joomla!Day Germany
Joomla! ACL - Joomla!Day GermanyJoomla! ACL - Joomla!Day Germany
Joomla! ACL - Joomla!Day Germany
Sander Potjer
 
Joomla! 1.6 ACL at #jd10uk
Joomla! 1.6 ACL at #jd10ukJoomla! 1.6 ACL at #jd10uk
Joomla! 1.6 ACL at #jd10uk
Sander Potjer
 
Joomla ACL & ACL Manager @ JUG Breda
Joomla ACL & ACL Manager @ JUG BredaJoomla ACL & ACL Manager @ JUG Breda
Joomla ACL & ACL Manager @ JUG Breda
Sander Potjer
 
Joomla CCK extensies - JUG Heerenveen, NL
Joomla CCK extensies - JUG Heerenveen, NLJoomla CCK extensies - JUG Heerenveen, NL
Joomla CCK extensies - JUG Heerenveen, NL
Sander Potjer
 
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL supportEnrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Sander Potjer
 
Joomla 1.6 multilingual - 2Value meeting
Joomla 1.6 multilingual - 2Value meetingJoomla 1.6 multilingual - 2Value meeting
Joomla 1.6 multilingual - 2Value meeting
Sander Potjer
 

Recommended

Joomla Extensions Directory at JoomlaDay London, UK #jduk11
Joomla Extensions Directory at JoomlaDay London, UK #jduk11Joomla Extensions Directory at JoomlaDay London, UK #jduk11
Joomla Extensions Directory at JoomlaDay London, UK #jduk11
Sander Potjer
 
Joomla Access Control List (ACL) at JoomlaDay London, UK #jduk11
Joomla Access Control List (ACL) at JoomlaDay London, UK #jduk11Joomla Access Control List (ACL) at JoomlaDay London, UK #jduk11
Joomla Access Control List (ACL) at JoomlaDay London, UK #jduk11
Sander Potjer
 
Joomla! ACL - Joomla!Day Germany
Joomla! ACL - Joomla!Day GermanyJoomla! ACL - Joomla!Day Germany
Joomla! ACL - Joomla!Day Germany
Sander Potjer
 
Joomla! 1.6 ACL at #jd10uk
Joomla! 1.6 ACL at #jd10ukJoomla! 1.6 ACL at #jd10uk
Joomla! 1.6 ACL at #jd10uk
Sander Potjer
 
Joomla ACL & ACL Manager @ JUG Breda
Joomla ACL & ACL Manager @ JUG BredaJoomla ACL & ACL Manager @ JUG Breda
Joomla ACL & ACL Manager @ JUG Breda
Sander Potjer
 
Joomla CCK extensies - JUG Heerenveen, NL
Joomla CCK extensies - JUG Heerenveen, NLJoomla CCK extensies - JUG Heerenveen, NL
Joomla CCK extensies - JUG Heerenveen, NL
Sander Potjer
 
Enrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL supportEnrich your extensions with Joomla! ACL support
Enrich your extensions with Joomla! ACL support
Sander Potjer
 
Joomla 1.6 multilingual - 2Value meeting
Joomla 1.6 multilingual - 2Value meetingJoomla 1.6 multilingual - 2Value meeting
Joomla 1.6 multilingual - 2Value meeting
Sander Potjer
 
Joomla 2.5 ACL @ Dutch Joomla!Days #jd12nl
Joomla 2.5 ACL @ Dutch Joomla!Days #jd12nlJoomla 2.5 ACL @ Dutch Joomla!Days #jd12nl
Joomla 2.5 ACL @ Dutch Joomla!Days #jd12nl
Sander Potjer
 
Joomla Workshop.pptx
Joomla Workshop.pptxJoomla Workshop.pptx
Joomla Workshop.pptx
Oslworkshop
 
Molajo - Joomla based distributions
Molajo - Joomla based distributionsMolajo - Joomla based distributions
Molajo - Joomla based distributions
kauselot
 
Mobile app development
Mobile app development Mobile app development
Mobile app development
Luke Summerfield
 
Template frameworks
Template frameworksTemplate frameworks
Template frameworks
Luke Summerfield
 
wcpgh
wcpghwcpgh
wcpgh
Michelle Ames
 
WordPress 3.3 Feature Tour
WordPress 3.3 Feature TourWordPress 3.3 Feature Tour
WordPress 3.3 Feature Tour
East Bay WordPress Meetup
 
Improving Joomla’s Backend User Experience
Improving Joomla’s Backend User ExperienceImproving Joomla’s Backend User Experience
Improving Joomla’s Backend User Experience
Randy Carey
 
Joomla vs. Drupal and Other CMSs
Joomla vs. Drupal and Other CMSsJoomla vs. Drupal and Other CMSs
Joomla vs. Drupal and Other CMSs
JustinAluent
 
Synapse india reviews on drupal intro
Synapse india reviews on drupal introSynapse india reviews on drupal intro
Synapse india reviews on drupal intro
Tarunsingh198
 
Comparing Joomla CCKs
Comparing Joomla CCKsComparing Joomla CCKs
Comparing Joomla CCKs
Justin Herrin
 
Hidden Features in WordPress
Hidden Features in WordPressHidden Features in WordPress
Hidden Features in WordPress
Michelle Ames
 
Why is Joomla! better?
Why is Joomla! better?Why is Joomla! better?
Why is Joomla! better?
Russell Searle
 
Fetchnotes pp
Fetchnotes ppFetchnotes pp
Fetchnotes pp
mchapman12
 
Justin Herrin Comparing Joomla CCKs from jd12ne
Justin Herrin Comparing Joomla CCKs from jd12neJustin Herrin Comparing Joomla CCKs from jd12ne
Justin Herrin Comparing Joomla CCKs from jd12ne
Justin Herrin
 
Critical extensions
Critical extensionsCritical extensions
Critical extensions
Melissa Wetherby
 
Social website
Social websiteSocial website
Social website
Saqib Iqbal
 
Mura CMS Publishing Workflow
Mura CMS Publishing WorkflowMura CMS Publishing Workflow
Mura CMS Publishing Workflow
Mura CMS
 
Must-Have Joomla Extensions by Ken Lyle
Must-Have Joomla Extensions by Ken LyleMust-Have Joomla Extensions by Ken Lyle
Must-Have Joomla Extensions by Ken Lyle
John Coonen
 
The Good, The Bad and The Ugly
The Good, The Bad and The UglyThe Good, The Bad and The Ugly
The Good, The Bad and The Ugly
Open Source Support Desk
 
Joomla 1.6 ACL - J and Beyond 2011 #jab11
Joomla 1.6 ACL - J and Beyond 2011 #jab11Joomla 1.6 ACL - J and Beyond 2011 #jab11
Joomla 1.6 ACL - J and Beyond 2011 #jab11
Sander Potjer
 
Joomla ACL introduction, limit site access
Joomla ACL introduction, limit site accessJoomla ACL introduction, limit site access
Joomla ACL introduction, limit site access
Sander Potjer
 

More Related Content

What's hot

Joomla Workshop.pptx
Joomla Workshop.pptxJoomla Workshop.pptx
Joomla Workshop.pptx
Oslworkshop
 

What's hot (20)

Joomla 2.5 ACL @ Dutch Joomla!Days #jd12nl
Joomla 2.5 ACL @ Dutch Joomla!Days #jd12nlJoomla 2.5 ACL @ Dutch Joomla!Days #jd12nl
Joomla 2.5 ACL @ Dutch Joomla!Days #jd12nl
 
Joomla Workshop.pptx
Joomla Workshop.pptxJoomla Workshop.pptx
Joomla Workshop.pptx
 
Molajo - Joomla based distributions
Molajo - Joomla based distributionsMolajo - Joomla based distributions
Molajo - Joomla based distributions
 
Mobile app development
Mobile app development Mobile app development
Mobile app development
 
Template frameworks
Template frameworksTemplate frameworks
Template frameworks
 
wcpgh
wcpghwcpgh
wcpgh
 
WordPress 3.3 Feature Tour
WordPress 3.3 Feature TourWordPress 3.3 Feature Tour
WordPress 3.3 Feature Tour
 
Improving Joomla’s Backend User Experience
Improving Joomla’s Backend User ExperienceImproving Joomla’s Backend User Experience
Improving Joomla’s Backend User Experience
 
Joomla vs. Drupal and Other CMSs
Joomla vs. Drupal and Other CMSsJoomla vs. Drupal and Other CMSs
Joomla vs. Drupal and Other CMSs
 
Synapse india reviews on drupal intro
Synapse india reviews on drupal introSynapse india reviews on drupal intro
Synapse india reviews on drupal intro
 
Comparing Joomla CCKs
Comparing Joomla CCKsComparing Joomla CCKs
Comparing Joomla CCKs
 
Hidden Features in WordPress
Hidden Features in WordPressHidden Features in WordPress
Hidden Features in WordPress
 
Why is Joomla! better?
Why is Joomla! better?Why is Joomla! better?
Why is Joomla! better?
 
Fetchnotes pp
Fetchnotes ppFetchnotes pp
Fetchnotes pp
 
Justin Herrin Comparing Joomla CCKs from jd12ne
Justin Herrin Comparing Joomla CCKs from jd12neJustin Herrin Comparing Joomla CCKs from jd12ne
Justin Herrin Comparing Joomla CCKs from jd12ne
 
Critical extensions
Critical extensionsCritical extensions
Critical extensions
 
Social website
Social websiteSocial website
Social website
 
Mura CMS Publishing Workflow
Mura CMS Publishing WorkflowMura CMS Publishing Workflow
Mura CMS Publishing Workflow
 
Must-Have Joomla Extensions by Ken Lyle
Must-Have Joomla Extensions by Ken LyleMust-Have Joomla Extensions by Ken Lyle
Must-Have Joomla Extensions by Ken Lyle
 
The Good, The Bad and The Ugly
The Good, The Bad and The UglyThe Good, The Bad and The Ugly
The Good, The Bad and The Ugly
 

Similar to ACL in Joomla 1.6 at #jd11nl

Lifting The Lid On Joomla 1.6
Lifting The Lid On Joomla 1.6Lifting The Lid On Joomla 1.6
Lifting The Lid On Joomla 1.6
SMedia Lab
 
Lifting The Lid On Joomla 1.6
Lifting The Lid On Joomla 1.6Lifting The Lid On Joomla 1.6
Lifting The Lid On Joomla 1.6
mikebrogan
 
Make your extension more powerful by implementing Joomla ACL - J and Beyond 2014
Make your extension more powerful by implementing Joomla ACL - J and Beyond 2014Make your extension more powerful by implementing Joomla ACL - J and Beyond 2014
Make your extension more powerful by implementing Joomla ACL - J and Beyond 2014
Sander Potjer
 
Introducing Joomla! CMS
Introducing Joomla! CMSIntroducing Joomla! CMS
Introducing Joomla! CMS
Kandarp Vyas
 

Similar to ACL in Joomla 1.6 at #jd11nl (20)

Joomla 1.6 ACL - J and Beyond 2011 #jab11
Joomla 1.6 ACL - J and Beyond 2011 #jab11Joomla 1.6 ACL - J and Beyond 2011 #jab11
Joomla 1.6 ACL - J and Beyond 2011 #jab11
 
Joomla ACL introduction, limit site access
Joomla ACL introduction, limit site accessJoomla ACL introduction, limit site access
Joomla ACL introduction, limit site access
 
Joomla! 1.6 Access Control Proposal
Joomla! 1.6 Access Control ProposalJoomla! 1.6 Access Control Proposal
Joomla! 1.6 Access Control Proposal
 
Lifting The Lid On Joomla 1.6
Lifting The Lid On Joomla 1.6Lifting The Lid On Joomla 1.6
Lifting The Lid On Joomla 1.6
 
Lifting The Lid On Joomla 1.6
Lifting The Lid On Joomla 1.6Lifting The Lid On Joomla 1.6
Lifting The Lid On Joomla 1.6
 
Joomla Presentations
Joomla PresentationsJoomla Presentations
Joomla Presentations
 
Joomladay Switzerland - Joomla! 1.5 and roadmap to future versions
Joomladay Switzerland - Joomla! 1.5 and roadmap to future versionsJoomladay Switzerland - Joomla! 1.5 and roadmap to future versions
Joomladay Switzerland - Joomla! 1.5 and roadmap to future versions
 
Make your extension more powerful by implementing Joomla ACL - J and Beyond 2014
Make your extension more powerful by implementing Joomla ACL - J and Beyond 2014Make your extension more powerful by implementing Joomla ACL - J and Beyond 2014
Make your extension more powerful by implementing Joomla ACL - J and Beyond 2014
 
Drupal intro-training-in-mumbai
Drupal intro-training-in-mumbaiDrupal intro-training-in-mumbai
Drupal intro-training-in-mumbai
 
Introducing Joomla! CMS
Introducing Joomla! CMSIntroducing Joomla! CMS
Introducing Joomla! CMS
 
Drupal intro (1)
Drupal intro (1)Drupal intro (1)
Drupal intro (1)
 
Oracle Enterprise Manager Security A Practitioners Guide
Oracle Enterprise Manager Security A Practitioners GuideOracle Enterprise Manager Security A Practitioners Guide
Oracle Enterprise Manager Security A Practitioners Guide
 
Web Development with Joomla - Past, Present & Future
Web Development with Joomla - Past, Present & FutureWeb Development with Joomla - Past, Present & Future
Web Development with Joomla - Past, Present & Future
 
What's new in Joomla 1.6?
What's new in Joomla 1.6?What's new in Joomla 1.6?
What's new in Joomla 1.6?
 
Alfresco DevCon 2019 Performance Tools of the Trade
Alfresco DevCon 2019 Performance Tools of the TradeAlfresco DevCon 2019 Performance Tools of the Trade
Alfresco DevCon 2019 Performance Tools of the Trade
 
MaharaUK12 - What's new in 1.5 and 1.6?
MaharaUK12 - What's new in 1.5 and 1.6?MaharaUK12 - What's new in 1.5 and 1.6?
MaharaUK12 - What's new in 1.5 and 1.6?
 
Drupal intro
Drupal introDrupal intro
Drupal intro
 
Drupal intro
Drupal introDrupal intro
Drupal intro
 
Molajo | Joomla Night Stockholm
Molajo | Joomla Night StockholmMolajo | Joomla Night Stockholm
Molajo | Joomla Night Stockholm
 
Drupal -Introduction to Drupal
Drupal -Introduction to DrupalDrupal -Introduction to Drupal
Drupal -Introduction to Drupal
 

More from Sander Potjer

Complexe pagina's gebruiksvriendelijk (Joomla Page Builders)
Complexe pagina's gebruiksvriendelijk (Joomla Page Builders)Complexe pagina's gebruiksvriendelijk (Joomla Page Builders)
Complexe pagina's gebruiksvriendelijk (Joomla Page Builders)
Sander Potjer
 

More from Sander Potjer (20)

Daarom Joomla! - Makkelijk content publiceren
Daarom Joomla! - Makkelijk content publicerenDaarom Joomla! - Makkelijk content publiceren
Daarom Joomla! - Makkelijk content publiceren
 
Daarom Joomla! - Inspiratie uit de praktijk
Daarom Joomla! - Inspiratie uit de praktijkDaarom Joomla! - Inspiratie uit de praktijk
Daarom Joomla! - Inspiratie uit de praktijk
 
Daarom Joomla! - Een fantastische basis
Daarom Joomla! - Een fantastische basisDaarom Joomla! - Een fantastische basis
Daarom Joomla! - Een fantastische basis
 
Performance budget @ Joomla! Performance Expert Sessie
Performance budget @ Joomla! Performance Expert SessiePerformance budget @ Joomla! Performance Expert Sessie
Performance budget @ Joomla! Performance Expert Sessie
 
Technieken & tools @ Joomla! Performance Expert Sessie
Technieken & tools @ Joomla! Performance Expert SessieTechnieken & tools @ Joomla! Performance Expert Sessie
Technieken & tools @ Joomla! Performance Expert Sessie
 
CDN @ Joomla! Performance Expert Sessie
CDN @ Joomla! Performance Expert SessieCDN @ Joomla! Performance Expert Sessie
CDN @ Joomla! Performance Expert Sessie
 
Proxy caching @ Joomla! Performance Expert Sessie
Proxy caching @ Joomla! Performance Expert SessieProxy caching @ Joomla! Performance Expert Sessie
Proxy caching @ Joomla! Performance Expert Sessie
 
Server performance @ Joomla! Performance Expert Sessie
Server performance @ Joomla! Performance Expert SessieServer performance @ Joomla! Performance Expert Sessie
Server performance @ Joomla! Performance Expert Sessie
 
.htaccess performance @ Joomla! Performance Expert Sessie
.htaccess performance @ Joomla! Performance Expert Sessie.htaccess performance @ Joomla! Performance Expert Sessie
.htaccess performance @ Joomla! Performance Expert Sessie
 
Google AMP @ Joomla! Performance Expert Sessie
Google AMP @ Joomla! Performance Expert SessieGoogle AMP @ Joomla! Performance Expert Sessie
Google AMP @ Joomla! Performance Expert Sessie
 
Optimaliseer afbeeldingen @ Joomla! Performance Expert Sessie
Optimaliseer afbeeldingen @ Joomla! Performance Expert SessieOptimaliseer afbeeldingen @ Joomla! Performance Expert Sessie
Optimaliseer afbeeldingen @ Joomla! Performance Expert Sessie
 
Optimalisatie plugins @ Joomla! Performance Expert Sessie
Optimalisatie plugins @ Joomla! Performance Expert SessieOptimalisatie plugins @ Joomla! Performance Expert Sessie
Optimalisatie plugins @ Joomla! Performance Expert Sessie
 
Cache handlers @ Joomla! Performance Expert Sessie
Cache handlers @ Joomla! Performance Expert SessieCache handlers @ Joomla! Performance Expert Sessie
Cache handlers @ Joomla! Performance Expert Sessie
 
Performance & Joomla! core @ Joomla! Performance Expert Sessie
Performance & Joomla! core @ Joomla! Performance Expert SessiePerformance & Joomla! core @ Joomla! Performance Expert Sessie
Performance & Joomla! core @ Joomla! Performance Expert Sessie
 
Joomla! First - JoomlaDagen 2017 #jd17nl
Joomla! First - JoomlaDagen 2017 #jd17nlJoomla! First - JoomlaDagen 2017 #jd17nl
Joomla! First - JoomlaDagen 2017 #jd17nl
 
Complexe pagina's gebruiksvriendelijk (Joomla Page Builders)
Complexe pagina's gebruiksvriendelijk (Joomla Page Builders)Complexe pagina's gebruiksvriendelijk (Joomla Page Builders)
Complexe pagina's gebruiksvriendelijk (Joomla Page Builders)
 
Performance & SEO - Joomla SEO Expert Sessie
Performance & SEO - Joomla SEO Expert SessiePerformance & SEO - Joomla SEO Expert Sessie
Performance & SEO - Joomla SEO Expert Sessie
 
Social Media & SEO - Joomla SEO Expert Sessie
Social Media & SEO - Joomla SEO Expert SessieSocial Media & SEO - Joomla SEO Expert Sessie
Social Media & SEO - Joomla SEO Expert Sessie
 
Joomla 3.6: nieuwe router - Joomla SEO Expert Sessie
Joomla 3.6: nieuwe router - Joomla SEO Expert SessieJoomla 3.6: nieuwe router - Joomla SEO Expert Sessie
Joomla 3.6: nieuwe router - Joomla SEO Expert Sessie
 
SEO Audit - Joomla SEO Expert Sessie
SEO Audit - Joomla SEO Expert SessieSEO Audit - Joomla SEO Expert Sessie
SEO Audit - Joomla SEO Expert Sessie
 

Recently uploaded

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Principled Technologies
 

Recently uploaded (20)

HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 

ACL in Joomla 1.6 at #jd11nl

  • 1. Joomla! 1.6 ACL Sander Potjer Sander  Potjer  Webdesign twi$er:  @sanderpotjer web:  www.sanderpotjer.nl
  • 2. Joomla! 1.6 ACL About me • Co-founder of JoomlaCommunity.eu • Organizer Joomla!Days Netherlands • Organizer Joomla! User Groups in The Netherlands • Company: Sander Potjer Webdesign • Yireo/Jira ICT • Student Architecture
  • 4. Joomla! 1.6 ACL It took a while... DrupalCon, October 2005 Johan Janssens • http://www.slideshare.net/JohanJanssens/drupalcon-2005-joomla-drupal-and-you-presentation
  • 5. Joomla! 1.6 ACL ACL?! • ACL = Access Control List • Access to parts of the website – e.g. menu / module visibility – “view” action • User actions on objects – e.g. create / edit / delete article
  • 6. Joomla! 1.6 ACL ACL in Joomla! 1.5 & 1.6 (Access) • 7 fixed Groups • Unlimited Groups – Public, Registered, Author, Editor, – user-defined Publisher, Manager, Administrator – not hierarchical and Super-Administrator – Hierarchical structure • User can be assigned to • User can be assigned to one group multiple groups
  • 7. Joomla! 1.6 ACL ACL in Joomla! 1.5 & 1.6 (Access) • 3 fixed Access Levels • Unlimited Access Levels – Public, Registered and Special – user-defined • Fixed relation between • Any combination of Groups and Access Levels Groups can be assigned to any Access Level
  • 8. Joomla! 1.6 ACL ACL in Joomla! 1.5 & 1.6 (Actions) • Fixed Actions per group – Create / edit / delete / admin access / etc. • Permission scope for entire site – Same permission for all objects • Permission inheritance not applicable • http://brian.teeman.net/joomla-gps/joomla-15-acl-explained.html
  • 9. Joomla! 1.6 ACL ACL in Joomla! 1.5 & 1.6 (Actions) • http://brian.teeman.net/joomla-gps/joomla-15-acl-explained.html
  • 10. Joomla! 1.6 ACL ACL in Joomla! 1.5 & 1.6 (Actions) • Fixed Actions per group • User defined Actions per – Create / edit / delete / group admin access / etc. – Create / edit / delete / admin access / etc. • Permission scope for • Permission scope at entire site multiple levels – Same permission for all objects – Site, Component, Category, Object • Permission inheritance • Permission can be not applicable inherited – from parent Groups and parent Categories
  • 11. Joomla! 1.6 ACL Joomla! 1.6 ACL Overview
  • 12. Joomla! 1.6 ACL Joomla 1.6 ACL Overview • http://community.joomla.org/blogs/community/1252-16-acl.html
  • 13. Joomla! 1.6 ACL Joomla 1.6 ACL Overview • http://community.joomla.org/blogs/community/1252-16-acl.html
  • 14. Joomla! 1.6 ACL Joomla 1.6 ACL: User • Guest is also a user • Users can be assigned to one or several groups
  • 15. Joomla! 1.6 ACL Joomla 1.6 ACL Overview • http://community.joomla.org/blogs/community/1252-16-acl.html
  • 16. Joomla! 1.6 ACL Joomla 1.6 ACL: Permissions • Assigned to group (not to a user!) • 9 Actions – Site Login – Admin Login – Super Admin – Access Component – Create – Delete – Edit – Edit State – Edit Own
  • 17. Joomla! 1.6 ACL Joomla 1.6 ACL Overview • http://community.joomla.org/blogs/community/1252-16-acl.html
  • 18. Joomla! 1.6 ACL Joomla 1.6 ACL: Groups • Users with same permissions • User can be in multiple groups • Inherit permissions from parent groups • Unlimited (sub-)groups • Keep it simple! Only use nested groups if needed
  • 19. Joomla! 1.6 ACL Joomla 1.6 ACL Overview • http://community.joomla.org/blogs/community/1252-16-acl.html
  • 20. Joomla! 1.6 ACL Joomla 1.6 ACL: Access Level • Which group can view what (article, menu, module, etc.) • Permissions are not inherited between Access Levels • Even Super Users can not view content on frontend
  • 21. Joomla! 1.6 ACL Joomla 1.6 ACL Overview • http://community.joomla.org/blogs/community/1252-16-acl.html
  • 23. Joomla! 1.6 ACL How Permissions work • 4 possible permission settings – Not Set – Inherited – Allowed – Denied
  • 24. Joomla! 1.6 ACL How Permissions work • Not set – ‘soft’ deny – can be overridden by ‘Allowed’ or ‘Denied’
  • 25. Joomla! 1.6 ACL How Permissions work • Inherited – value from a parent permission level – value from a parent user group – can be overridden by ‘Allowed’ or ‘Denied’
  • 26. Joomla! 1.6 ACL How Permissions work • Allowed – action for current permission level and lower levels – action for current user group and child groups – can be overridden by ‘Denied’
  • 27. Joomla! 1.6 ACL How Permissions work • Denied – action for current permission level and lower levels – action for current user group and child groups – can’t be overridden at all – always win!
  • 28. Joomla! 1.6 ACL Permission Hierarchy Levels • Level 1: Global configuration – default permissions settings for actions for a group
  • 29. Joomla! 1.6 ACL Permissions: Global Configuration (Level 1)
  • 30. Joomla! 1.6 ACL Permission Hierarchy Levels • Level 1: Global configuration – default permissions settings for actions for a group • Level 2: Component Options – can override the permissions of Level 1
  • 31. Joomla! 1.6 ACL Permissions: Component Options (Level 2)
  • 32. Joomla! 1.6 ACL Permissions: Component Options (Level 2)
  • 33. Joomla! 1.6 ACL Permission Hierarchy Levels • Level 1: Global configuration – default permissions settings for actions for a group • Level 2: Component Options – can override the permissions of Level 1 • Level 3: Category – can override the permissions of Level 1 & Level 2 – available for components with categories (Articles, Banners, etc...)
  • 34. Joomla! 1.6 ACL Permissions: Category (Level 3)
  • 35. Joomla! 1.6 ACL Permissions: Category (Level 3)
  • 36. Joomla! 1.6 ACL Permission Hierarchy Levels • Level 1: Global configuration – default permissions settings for actions for a group • Level 2: Component Options – can override the permissions of Level 1 • Level 3: Category – can override the permissions of Level 1 & Level 2 – available for components with categories (Articles, Banners, etc...) • Level 4: Item – can override the permissions of Level 1 & Level 2 & Level 3 – only available for articles in Joomla 1.6 core
  • 39. Joomla! 1.6 ACL Permission Hierarchy Levels • Level 1: Global configuration – default permissions settings for actions for a group • Level 2: Component Options – can override the permissions of Level 1 • Level 3: Category – can override the permissions of Level 1 & Level 2 – available for components with categories (Articles, Banners, etc...) • Level 4: Item – can override the permissions of Level 1 & Level 2 & Level 3 – only available for articles in Joomla 1.6 core
  • 40. Joomla! 1.6 ACL Permission Hierarchy Levels • Level 1: Global configuration – default permissions settings for actions for a group • Level 2: Component Options – can override the permissions of Level 1 • Level 3: Category – can override the permissions of Level 1 & Level 2 – available for components with categories (Articles, Banners, etc...) • Level 4: Item – can override the permissions of Level 1 & Level 2 & Level 3 – only available for articles in Joomla 1.6 core • Override permissions of higher levels only works if permission setting is not ‘Denied’!
  • 41. Joomla! 1.6 ACL Inheriting example for ‘Create’ action Level 1 Level 2 Level 3 Level 4 • http://www.theartofjoomla.com/home/5-commentary/84-introducing-the-new-permissions-in-joomla-16.html
  • 42. Joomla! 1.6 ACL Inheriting example for ‘Create’ action Level 1 Level 2 Level 3 Level 4 • http://www.theartofjoomla.com/home/5-commentary/84-introducing-the-new-permissions-in-joomla-16.html
  • 43. Joomla! 1.6 ACL Inheriting example for ‘Create’ action Level 1 Level 2 Level 3 Level 4 • http://www.theartofjoomla.com/home/5-commentary/84-introducing-the-new-permissions-in-joomla-16.html
  • 44. Joomla! 1.6 ACL Inheriting example for ‘Create’ action Level 1 Level 2 Level 3 Level 4 • http://www.theartofjoomla.com/home/5-commentary/84-introducing-the-new-permissions-in-joomla-16.html
  • 45. Joomla! 1.6 ACL Inheriting example for ‘Create’ action Level 1 Level 2 Level 3 Level 4 • http://www.theartofjoomla.com/home/5-commentary/84-introducing-the-new-permissions-in-joomla-16.html
  • 46. Joomla! 1.6 ACL Available Permissions and Levels for a Group of Users
  • 48. Joomla! 1.6 ACL ACL Manager for Joomla! 1.6 by Sander Potjer
  • 49. Joomla! 1.6 ACL ACL Manager for Joomla! 1.6
  • 50. Joomla! 1.6 ACL ACL Manager for Joomla! 1.6
  • 51. Joomla! 1.6 ACL ACL Manager for Joomla! 1.6
  • 52. Joomla! 1.6 ACL ACL Manager for Joomla! 1.6 www.aclmanager.net
  • 53. Joomla! 1.6 ACL Debug Permissions
  • 54. Joomla! 1.6 ACL Debug Permissions • Turn on the ‘Debug System’ in the Global Configuration • Go to ‘User Manager’ or ‘Groups’ • Click on ‘Debug Permission Report’ next to the User or User Group
  • 55. Joomla! 1.6 ACL Debug Permissions
  • 56. Joomla! 1.6 ACL Debug Permissions • Disadvantage: need to turn ‘Debug System’
  • 57. Joomla! 1.6 ACL Plan your ACL implementation
  • 58. Joomla! 1.6 ACL Describe the problem • Most of the website is public available, specific content only for a group of users (e.g. teachers & students) • A teacher can see content specifically for teachers, all student content and all public content • Students can see content specifically for students and all public content
  • 59. Joomla! 1.6 ACL Viewing or action problem? • Define the problem, is it a viewing problem or action problem (create/delete/edit/etc..)? Or both? • Viewing: define the Viewing Access Levels • Access: define the permissions for the actions
  • 60. Joomla! 1.6 ACL Think ahead! Maintenance? • Structure your content properly to handle the permissions • Make usage of parent categories with nested categories with same permissions • No need to set permissions per article
  • 62. Joomla! 1.6 ACL User in multiple groups • Class 1 – Allowed on edit ‘Class 1’ category – Denied on edit ‘Class 2’ category • Class 2 – Allowed on edit ‘Class 2’ category – Denied on edit ‘Class 1’ category • User in Class 1 & Class 2 group – Denied on edit ‘Class 1’ category – Denied on edit ‘Class 1’ category – Denied always win – Solution: don’t use denied (soft deny)
  • 63. Joomla! 1.6 ACL What if I locked myself out? :-)
  • 64. Joomla! 1.6 ACL What if I locked myself out? :-) • No need to access your database • Open your configuration.php and add: – public $root_user = 'username'; • You can login again and perform all actions • Great for playing around with the new ACL • Don’t forget to remove the $root_user line!
  • 66. Joomla! 1.6 ACL ACL Tips • Write down your ACL requirements for a website before implementing • Joomla 1.5 User Groups are for backward compatibility in Joomla 1.6, you may remove them! • Use multi-nested Groups only if needed / know what you are doing (so inheriting value only between levels, not groups as well)
  • 67. Joomla! 1.6 ACL ACL Tips • Assign User Group with backend access to a Viewing Access Level • Keep flexible for lower permission levels/groups: Avoid the ‘Denied’ permission setting as long as possible • Idea: Make a Group for each Action so you can assign actions directly to a user
  • 68. Joomla! 1.6 ACL Resources • http://www.yireo.com/tutorials/joomla/joomla-administration/402-joomla-16- acls-1-marketing-group • http://community.joomla.org/blogs/community/1252-16-acl.html • http://docs.joomla.org/ACL_Tutorial_for_Joomla_1.6 • http://docs.joomla.org/Access_Control_System_In_Joomla_1.6 • http://www.theartofjoomla.com/home/5-commentary/84-introducing-the-new- permissions-in-joomla-16.html • http://www.theartofjoomla.com/home/38-talks/101-the-joomla-16-video- access-controls.html • http://www.aclmanager.net

Editor's Notes

  1. \n
  2. \n
  3. \n
  4. \n
  5. \n
  6. \n
  7. \n
  8. \n
  9. \n
  10. \n
  11. \n
  12. \n
  13. \n
  14. \n
  15. \n
  16. \n
  17. \n
  18. \n
  19. \n
  20. \n
  21. \n
  22. \n
  23. \n
  24. \n
  25. \n
  26. \n
  27. \n
  28. \n
  29. \n
  30. \n
  31. \n
  32. \n
  33. \n
  34. \n
  35. \n
  36. \n
  37. \n
  38. \n
  39. \n
  40. \n
  41. \n
  42. \n
  43. \n
  44. \n
  45. \n
  46. \n
  47. \n
  48. \n
  49. \n
  50. \n
  51. \n
  52. \n
  53. \n
  54. \n
  55. \n
  56. \n
  57. \n
  58. \n
  59. \n
  60. \n
  61. \n
  62. \n
  63. \n
  64. \n
  65. \n
  66. \n
  67. \n
  68. \n
  69. \n
  70. \n
  71. \n
  72. \n
  73. \n