Joomla! 1.6 ACL
Joomla! 1.6 ACL
Sander Potjer
Joomla!Days UK - 30th & 31st October 2010
Joomla! 1.6 ACL
Sander Potjer
• Co-founder of Dutch community: JoomlaCommunity.eu
• Organizer Joomla!Day Netherlands
• Org...
Joomla! 1.6 ACL
Joomla! 1.6 ACL
Joomla! 1.6 ACL
It took a while...
• http://www.slideshare.net/JohanJanssens/drupalcon-2005-joomla-drupal-and-you-presenta...
Joomla! 1.6 ACL
• ACL = Access Control List
• Access to parts of the website
– e.g. menu / module visibility
– “view” acti...
Joomla! 1.6 ACL
ACL in Joomla! 1.5 & 1.6 (Access)
• 7 fixed Groups
– Public, Registered, Author, Editor,
Publisher, Manage...
Joomla! 1.6 ACL
• 7 fixed Groups
– Public, Registered, Author, Editor,
Publisher, Manager, Administrator
and Super-Adminis...
Joomla! 1.6 ACL
ACL in Joomla! 1.5 & 1.6 (Actions)
• Fixed Actions per group
– Create / edit / delete /
admin access / etc...
Joomla! 1.6 ACL
• Fixed Actions per group
– Create / edit / delete /
admin access / etc.
• Permission scope for
entire sit...
Joomla! 1.6 ACL
Joomla! 1.6 ACL Overview
(r19286, 29-10-2010)
Joomla! 1.6 ACL
Joomla 1.6 ACL Overview
• http://community.joomla.org/blogs/community/1252-16-acl.html
Joomla! 1.6 ACL
Joomla 1.6 ACL: User
• Guest is also a user
• Users can be
assigned to one or
several groups
Joomla! 1.6 ACL
Joomla 1.6 ACL: Permissions
• Assigned to group (not user!)
• 9 Actions
– Site Login
– Admin Login
– Confi...
Joomla! 1.6 ACL
Joomla 1.6 ACL: Action Permission Groups
• Users with same permissions
• User can be in multiple
groups
• ...
Joomla! 1.6 ACL
Joomla 1.6 ACL: Access Level
• Which group can view what
(article, menu, module, etc.)
• Permissions are n...
Joomla! 1.6 ACL
Permissions
Joomla! 1.6 ACL
How Action Permissions work
• Not set
– ‘soft’ deny
– can be overridden by ‘allow’
• Inherited
– value fro...
Joomla! 1.6 ACL
Permission Hierarchy Levels
• Global configuration (Level 1)
– default permissions for each action and gro...
Joomla! 1.6 ACL
Permissions: Global Configuration (Level 1)
Joomla! 1.6 ACL
Permissions: Component Options (Level 2)
Joomla! 1.6 ACL
Permissions: Category (Level 3)
Joomla! 1.6 ACL
Permissions: Item (Level 4)
Joomla! 1.6 ACL
Inheriting example for action ‘Create’
• http://www.theartofjoomla.com/home/5-commentary/84-introducing-th...
Joomla! 1.6 ACL
Inheriting example for action ‘Create’
• http://www.theartofjoomla.com/home/5-commentary/84-introducing-th...
Joomla! 1.6 ACL
Available Joomla 1.6
Permissions and Levels
for a Group
Joomla! 1.6 ACL
Action: Edit State
Joomla! 1.6 ACL
ACL Manager
by Sander Potjer
Joomla! 1.6 ACL
ACL Manager for Joomla! 1.6
Joomla! 1.6 ACL
ACL Manager for Joomla! 1.6
Joomla! 1.6 ACL
ACL Manager for Joomla! 1.6
Joomla! 1.6 ACL
ACL Manager for Joomla! 1.6
www.aclmanager.net
Joomla! 1.6 ACL
Joomla! 1.6 ACL live demo
Joomla! 1.6 ACL
Some Notes
Joomla! 1.6 ACL
User in multiple groups
• USA group
– Allow on edit ‘USA’ category
– Deny on edit ‘Europe’ category
• Euro...
Joomla! 1.6 ACL
What if I locked myself out? :-)
Joomla! 1.6 ACL
What if I locked myself out? :-)
• No need to access your database
• Open your configuration.php and add:
...
Joomla! 1.6 ACL
Debug Permissions
• Turn on the ‘Debug System’ in the
Global Configuration
• Go to ‘User Manager’ or ‘Grou...
Joomla! 1.6 ACL
Practical ACL Tips
Joomla! 1.6 ACL
ACL Tips
• Write down your ACL requirements for a website
before implementing
• Joomla 1.5 User Groups are...
Joomla! 1.6 ACL
ACL Tips
• Structure your content properly to handle the
permissions (don’t set permissions per article/ma...
Joomla! 1.6 ACL
Resources
• http://www.yireo.com/tutorials/joomla/joomla-administration/402-joomla-16-
acls-1-marketing-gr...
Upcoming SlideShare
Loading in …5
×

Joomla! 1.6 ACL at #jd10uk

4,946 views

Published on

The most wanted new feature of Joomla 1.6, the new ACL system explained. Including the ACL Manager extension that is in development by Sander Potjer.
Given at Joomla Days United Kingdom, 2010.

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
4,946
On SlideShare
0
From Embeds
0
Number of Embeds
3,241
Actions
Shares
0
Downloads
16
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Joomla! 1.6 ACL at #jd10uk

  1. 1. Joomla! 1.6 ACL Joomla! 1.6 ACL Sander Potjer Joomla!Days UK - 30th & 31st October 2010
  2. 2. Joomla! 1.6 ACL Sander Potjer • Co-founder of Dutch community: JoomlaCommunity.eu • Organizer Joomla!Day Netherlands • Organizer Joomla! User Groups in The Netherlands • Company: Sander Potjer Webdesign • Yireo team member • Student Architecture
  3. 3. Joomla! 1.6 ACL Joomla! 1.6 ACL
  4. 4. Joomla! 1.6 ACL It took a while... • http://www.slideshare.net/JohanJanssens/drupalcon-2005-joomla-drupal-and-you-presentation DrupalCon, October 2005 Johan Janssens
  5. 5. Joomla! 1.6 ACL • ACL = Access Control List • Access to parts of the website – e.g. menu / module visibility – “view” action • User actions on objects – e.g. create / edit / delete article ACL?!
  6. 6. Joomla! 1.6 ACL ACL in Joomla! 1.5 & 1.6 (Access) • 7 fixed Groups – Public, Registered, Author, Editor, Publisher, Manager, Administrator and Super-Administrator – Hierarchical structure • User can be assigned to one group • 3 fixed Access Levels – Public, Registered and Special • Fixed relation between Groups and Access Levels
  7. 7. Joomla! 1.6 ACL • 7 fixed Groups – Public, Registered, Author, Editor, Publisher, Manager, Administrator and Super-Administrator – Hierarchical structure • User can be assigned to one group • 3 fixed Access Levels – Public, Registered and Special • Fixed relation between Groups and Access Levels • Unlimited Groups – user-defined – not hierarchical • User can be assigned to multiple groups • Unlimited Access Levels – user-defined • Any combination of Groups can be assigned to any Access Level ACL in Joomla! 1.5 & 1.6 (Access)
  8. 8. Joomla! 1.6 ACL ACL in Joomla! 1.5 & 1.6 (Actions) • Fixed Actions per group – Create / edit / delete / admin access / etc. • Permission scope for entire site – Same permission for all objects • Permission inheritance not applicable • http://brian.teeman.net/joomla-gps/joomla-15-acl-explained.html
  9. 9. Joomla! 1.6 ACL • Fixed Actions per group – Create / edit / delete / admin access / etc. • Permission scope for entire site – Same permission for all objects • Permission inheritance not applicable • User defined Actions per group – Create / edit / delete / admin access / etc. • Permission scope at multiple levels – Site, Component, Category, Object • Permission can be inherited – from parent Groups and parent Categories ACL in Joomla! 1.5 & 1.6 (Actions)
  10. 10. Joomla! 1.6 ACL Joomla! 1.6 ACL Overview (r19286, 29-10-2010)
  11. 11. Joomla! 1.6 ACL Joomla 1.6 ACL Overview • http://community.joomla.org/blogs/community/1252-16-acl.html
  12. 12. Joomla! 1.6 ACL Joomla 1.6 ACL: User • Guest is also a user • Users can be assigned to one or several groups
  13. 13. Joomla! 1.6 ACL Joomla 1.6 ACL: Permissions • Assigned to group (not user!) • 9 Actions – Site Login – Admin Login – Configure – Access Comp. – Create – Delete – Edit – Edit State – Edit Own
  14. 14. Joomla! 1.6 ACL Joomla 1.6 ACL: Action Permission Groups • Users with same permissions • User can be in multiple groups • Permissions are inherited between groups • Unlimited (sub-)groups
  15. 15. Joomla! 1.6 ACL Joomla 1.6 ACL: Access Level • Which group can view what (article, menu, module, etc.) • Permissions are not inherited between Access Levels • Even Super Users can not view
  16. 16. Joomla! 1.6 ACL Permissions
  17. 17. Joomla! 1.6 ACL How Action Permissions work • Not set – ‘soft’ deny – can be overridden by ‘allow’ • Inherited – value from a higher permission level – value from a higher user group • Allowed – action for this permission level and lower levels – action for this user group and child groups • Denied & Locked – action for this permission level and lower levels – action for this user group and child groups – always win!
  18. 18. Joomla! 1.6 ACL Permission Hierarchy Levels • Global configuration (Level 1) – default permissions for each action and group • Component Options (Level 2) – can override the default permissions for a component • Category (Level 3) – can override the default permissions and component options – applies to components with categories (Articles, Banners, etc...) • Item (Level 4) – can override all permissions above for an object – only applies to articles in Joomla 1.6 core • Override permissions only works if higher level is not denied & locked!
  19. 19. Joomla! 1.6 ACL Permissions: Global Configuration (Level 1)
  20. 20. Joomla! 1.6 ACL Permissions: Component Options (Level 2)
  21. 21. Joomla! 1.6 ACL Permissions: Category (Level 3)
  22. 22. Joomla! 1.6 ACL Permissions: Item (Level 4)
  23. 23. Joomla! 1.6 ACL Inheriting example for action ‘Create’ • http://www.theartofjoomla.com/home/5-commentary/84-introducing-the-new-permissions-in-joomla-16.html Level 1 Level 2 Level 3 Level 4
  24. 24. Joomla! 1.6 ACL Inheriting example for action ‘Create’ • http://www.theartofjoomla.com/home/5-commentary/84-introducing-the-new-permissions-in-joomla-16.html Level 1 Level 2 Level 3 Level 4
  25. 25. Joomla! 1.6 ACL Available Joomla 1.6 Permissions and Levels for a Group
  26. 26. Joomla! 1.6 ACL Action: Edit State
  27. 27. Joomla! 1.6 ACL ACL Manager by Sander Potjer
  28. 28. Joomla! 1.6 ACL ACL Manager for Joomla! 1.6
  29. 29. Joomla! 1.6 ACL ACL Manager for Joomla! 1.6
  30. 30. Joomla! 1.6 ACL ACL Manager for Joomla! 1.6
  31. 31. Joomla! 1.6 ACL ACL Manager for Joomla! 1.6 www.aclmanager.net
  32. 32. Joomla! 1.6 ACL Joomla! 1.6 ACL live demo
  33. 33. Joomla! 1.6 ACL Some Notes
  34. 34. Joomla! 1.6 ACL User in multiple groups • USA group – Allow on edit ‘USA’ category – Deny on edit ‘Europe’ category • Europe group – Allow on edit ‘Europe’ category – Deny on edit ‘USA’ category • User in USA & Europe group – Deny on edit ‘Europe’ category – Deny on edit ‘USA’ category – Deny always win
  35. 35. Joomla! 1.6 ACL What if I locked myself out? :-)
  36. 36. Joomla! 1.6 ACL What if I locked myself out? :-) • No need to access your database • Open your configuration.php and add: – public $root_user = 'username'; • You can login again and perform all actions • Great for playing around with the new ACL • Don’t forget to remove the $root_user line!
  37. 37. Joomla! 1.6 ACL Debug Permissions • Turn on the ‘Debug System’ in the Global Configuration • Go to ‘User Manager’ or ‘Groups’ • Click on ‘Debug Permission Report’ below User or Group name
  38. 38. Joomla! 1.6 ACL Practical ACL Tips
  39. 39. Joomla! 1.6 ACL ACL Tips • Write down your ACL requirements for a website before implementing • Joomla 1.5 User Groups are for backward compatibility in Joomla 1.6, you may remove them • Use multi-nested Groups only if needed / know what you are doing (so inheriting value only between levels, not also groups)
  40. 40. Joomla! 1.6 ACL ACL Tips • Structure your content properly to handle the permissions (don’t set permissions per article/make a parent category with nested categories with same permissions) • Keep flexible for lower permission levels/groups: try to avoid the ‘Denied & Locked’ as long as possible • Idea: Make a Group for each Action so you can assign actions directly to a user
  41. 41. Joomla! 1.6 ACL Resources • http://www.yireo.com/tutorials/joomla/joomla-administration/402-joomla-16- acls-1-marketing-group • http://community.joomla.org/blogs/community/1252-16-acl.html • http://docs.joomla.org/ACL_Tutorial_for_Joomla_1.6 • http://docs.joomla.org/Access_Control_System_In_Joomla_1.6 • http://www.theartofjoomla.com/home/5-commentary/84-introducing-the-new- permissions-in-joomla-16.html • http://www.theartofjoomla.com/home/38-talks/101-the-joomla-16-video- access-controls.html • http://www.aclmanager.net

×