Make your extension
more powerful by
implementing
Joomla ACL
Sander Potjer - @sanderpotjer
www.aclmanager.net
J and Beyond...
Sander Potjer
Extension: ACL Manager
Joomla Agency: Perfect Web Team
I love Joomla
Sander Potjer
Extension: ACL Manager
Joomla Agency: Perfect Web Team
I love Joomla
Slides: slideshare.net/sanderpotjer
Photo by: Mark Fischer
Joomla ACL
ACL?!?!
ACL = Access Control List
!
!
!
!
!
!
!
ACL?!?!
ACL = Access Control List
!
1) Visibility of content
!
!
!
!
!
ACL?!?!
ACL = Access Control List
!
1) Visibility of content
!
!
!
!
2) Actions on objects
Photo by: Chris Smith
Overview
user
user permissions
user permissionspermissions
!
Site Login
Admin Login
Offline Access
Super Admin / Configure
Access Admin. Interface
Create...
user permissions
group
user permissions
access level
group
user permissions
access level
group
user permissions
access level
group
user permissions
access level
group
user permissions
access level
group
user permissions
access level
group
user permissions
access level
role
ACL levels
Photo by: Ian Sane
Global Configuration permissions
Component permissions
Category / Module permissions
Article permissions
Photo by: Andreas
Inheritance
Global Configuration permissions
Component permissions
Category / Module permissions
Article permissions
Global Configuration permissions
Component permissions
Category / Module permissions
Article permissions
Global Configuration permissions
Component permissions
Category / Module permissions
Article permissions
not set
inherited...
Global Configuration permissions
Component permissions
Category / Module permissions
Article permissions
allowed
inherited...
Global Configuration permissions
Component permissions
Category / Module permissions
Article permissions
allowed
inherited...
Global Configuration permissions
Component permissions
Category / Module permissions
Article permissions
not set
allowed
i...
Global Configuration permissions
Component permissions
Category / Module permissions
Article permissions
not set
inherited...
Global Configuration permissions
Component permissions
Category / Module permissions
Article permissions
denied
allowed
lo...
Global Configuration permissions
Component permissions
Category / Module permissions
Article permissions
denied
allowed
lo...
Why?
Photo by: jon jordan
Why not!
Photo by: Peter Reed
Usability
Photo by: Rick Dolishny
Don’t
make
me
think
Photo by: Alper Çuğun
Basic ACL
implementation
Photo by: Daniel Kulinski
Configure
To configure the access settings via the 'Options'
toolbar button
!
Access Administration Interface
To define wh...
4 steps
18 lines of code
couple minutes
Add actions
1
File: administrator/components/com_foobar/config.xml
Access check
2
File: administrator/components/com_foobar/foobar.php
‘Options’
toolbar button
3
File: administrator/components/com_foobar/views/foobars/view.html.php
File: administrator/components/com_foobar/views/foobars/view.html.php
Add language
string
4
File: administrator/language/en-GB/en-GB.com_foobar.ini
Done!
Basic ACL support is
not optional, it is a
requirement for any
Joomla extension!
Advanced ACL
implementationPhoto by: Patrick Lauke
Database
Rules - JSON encoded
{"core.login.site":{"6":1,"2":1}
com_content.article.24
[extension].[section].[object id]
Action name format (database)
JTable
Access.xml
File: administrator/components/com_foobar/config.xml
File: administrator/components/com_content/access.xml
File: administrator/components/com_content/access.xml
File: administrator/components/com_content/access.xml
File: administrator/components/com_content/access.xml
File: administrator/components/com_content/access.xml
File: administrator/components/com_content/access.xml
Component permissions
Category / Module permissions
Article permissi...
File: administrator/components/com_content/access.xml
Site Login: core.login.site
Admin Login: core.login.admin
Offline Access: core.login.offline
Super Admin / Configure: core...
File: administrator/components/com_content/access.xml
File: administrator/components/com_content/access.xml
Component permissions
Category / Module permissions
Article permissi...
Custom Actions
File: administrator/components/com_akeeba/access.xml
File: administrator/components/com_akeeba/access.xml
File: administrator/components/com_akeeba/access.xml
File: administrator/components/com_akeeba/access.xml
File: administrator/components/com_akeeba/access.xml
Action name format (xml)
akeeba.backup
[name extension].[name action]
Keep it structured
Interface
File: administrator/components/com_foobar/views/foobar/tmpl/edit.php
getActions helper
File: libraries/cms/helper/content.php
File: can be used anywhere
File: can be used anywhere
addToolbar
File: administrator/components/com_foobar/views/foobars/view.html.php
File: administrator/components/com_foobar/views/foobars/view.html.php
Resources
Photo by: Schub@
Is your extension really Joomla 1.7 ready?

http://www.aclmanager.net/news/general/28-is-your-extension-really-joomla-17-r...
Make your extension more powerful by implementing Joomla ACL - J and Beyond 2014
Make your extension more powerful by implementing Joomla ACL - J and Beyond 2014
Make your extension more powerful by implementing Joomla ACL - J and Beyond 2014
Make your extension more powerful by implementing Joomla ACL - J and Beyond 2014
Make your extension more powerful by implementing Joomla ACL - J and Beyond 2014
Make your extension more powerful by implementing Joomla ACL - J and Beyond 2014
Make your extension more powerful by implementing Joomla ACL - J and Beyond 2014
Make your extension more powerful by implementing Joomla ACL - J and Beyond 2014
Make your extension more powerful by implementing Joomla ACL - J and Beyond 2014
Make your extension more powerful by implementing Joomla ACL - J and Beyond 2014
Make your extension more powerful by implementing Joomla ACL - J and Beyond 2014
Make your extension more powerful by implementing Joomla ACL - J and Beyond 2014
Make your extension more powerful by implementing Joomla ACL - J and Beyond 2014
Make your extension more powerful by implementing Joomla ACL - J and Beyond 2014
Make your extension more powerful by implementing Joomla ACL - J and Beyond 2014
Upcoming SlideShare
Loading in …5
×

Make your extension more powerful by implementing Joomla ACL - J and Beyond 2014

2,041 views

Published on

Did you already implemented support for Joomla ACL in your extension? No? Join this session to learn all about making your extension more powerful by implementing support for Joomla ACL.

In an attempt to keep Joomla user friendly many site builders would like to be able to set customized access for the end users of the website. For example by proving access to a specific page of a specific extension in the backend.

Many extensions still don't offer the possibility to configure ACL permissions. I will explain why it is important for the customers of your extension to implement Joomla ACL support and how easily this can be implemented.

Published in: Technology
  • Be the first to comment

Make your extension more powerful by implementing Joomla ACL - J and Beyond 2014

  1. 1. Make your extension more powerful by implementing Joomla ACL Sander Potjer - @sanderpotjer www.aclmanager.net J and Beyond 2014
  2. 2. Sander Potjer Extension: ACL Manager Joomla Agency: Perfect Web Team I love Joomla
  3. 3. Sander Potjer Extension: ACL Manager Joomla Agency: Perfect Web Team I love Joomla Slides: slideshare.net/sanderpotjer
  4. 4. Photo by: Mark Fischer Joomla ACL
  5. 5. ACL?!?! ACL = Access Control List ! ! ! ! ! ! !
  6. 6. ACL?!?! ACL = Access Control List ! 1) Visibility of content ! ! ! ! !
  7. 7. ACL?!?! ACL = Access Control List ! 1) Visibility of content ! ! ! ! 2) Actions on objects
  8. 8. Photo by: Chris Smith Overview
  9. 9. user
  10. 10. user permissions
  11. 11. user permissionspermissions ! Site Login Admin Login Offline Access Super Admin / Configure Access Admin. Interface Create Delete Edit Edit State Edit Own
  12. 12. user permissions group
  13. 13. user permissions access level group
  14. 14. user permissions access level group
  15. 15. user permissions access level group
  16. 16. user permissions access level group
  17. 17. user permissions access level group
  18. 18. user permissions access level group
  19. 19. user permissions access level role
  20. 20. ACL levels Photo by: Ian Sane
  21. 21. Global Configuration permissions Component permissions Category / Module permissions Article permissions
  22. 22. Photo by: Andreas Inheritance
  23. 23. Global Configuration permissions Component permissions Category / Module permissions Article permissions
  24. 24. Global Configuration permissions Component permissions Category / Module permissions Article permissions
  25. 25. Global Configuration permissions Component permissions Category / Module permissions Article permissions not set inherited inherited inherited
  26. 26. Global Configuration permissions Component permissions Category / Module permissions Article permissions allowed inherited inherited inherited
  27. 27. Global Configuration permissions Component permissions Category / Module permissions Article permissions allowed inherited denied locked
  28. 28. Global Configuration permissions Component permissions Category / Module permissions Article permissions not set allowed inherited inherited
  29. 29. Global Configuration permissions Component permissions Category / Module permissions Article permissions not set inherited allowed inherited
  30. 30. Global Configuration permissions Component permissions Category / Module permissions Article permissions denied allowed locked locked
  31. 31. Global Configuration permissions Component permissions Category / Module permissions Article permissions denied allowed locked locked CONFLICT
  32. 32. Why? Photo by: jon jordan
  33. 33. Why not! Photo by: Peter Reed
  34. 34. Usability Photo by: Rick Dolishny
  35. 35. Don’t make me think Photo by: Alper Çuğun
  36. 36. Basic ACL implementation Photo by: Daniel Kulinski
  37. 37. Configure To configure the access settings via the 'Options' toolbar button ! Access Administration Interface To define which group is able to access/manage the component 2 actions required
  38. 38. 4 steps 18 lines of code couple minutes
  39. 39. Add actions 1
  40. 40. File: administrator/components/com_foobar/config.xml
  41. 41. Access check 2
  42. 42. File: administrator/components/com_foobar/foobar.php
  43. 43. ‘Options’ toolbar button 3
  44. 44. File: administrator/components/com_foobar/views/foobars/view.html.php
  45. 45. File: administrator/components/com_foobar/views/foobars/view.html.php
  46. 46. Add language string 4
  47. 47. File: administrator/language/en-GB/en-GB.com_foobar.ini
  48. 48. Done!
  49. 49. Basic ACL support is not optional, it is a requirement for any Joomla extension!
  50. 50. Advanced ACL implementationPhoto by: Patrick Lauke
  51. 51. Database
  52. 52. Rules - JSON encoded {"core.login.site":{"6":1,"2":1}
  53. 53. com_content.article.24 [extension].[section].[object id] Action name format (database)
  54. 54. JTable
  55. 55. Access.xml
  56. 56. File: administrator/components/com_foobar/config.xml
  57. 57. File: administrator/components/com_content/access.xml
  58. 58. File: administrator/components/com_content/access.xml
  59. 59. File: administrator/components/com_content/access.xml
  60. 60. File: administrator/components/com_content/access.xml
  61. 61. File: administrator/components/com_content/access.xml
  62. 62. File: administrator/components/com_content/access.xml Component permissions Category / Module permissions Article permissions
  63. 63. File: administrator/components/com_content/access.xml
  64. 64. Site Login: core.login.site Admin Login: core.login.admin Offline Access: core.login.offline Super Admin / Configure: core.admin Access Administration Interface: core.manager Create: core.create Delete: core.delete Edit: core.edit Edit State: core.edit.state Edit Own: core.edit.own Title vs Name
  65. 65. File: administrator/components/com_content/access.xml
  66. 66. File: administrator/components/com_content/access.xml Component permissions Category / Module permissions Article permissions allowed inherited inherited
  67. 67. Custom Actions
  68. 68. File: administrator/components/com_akeeba/access.xml
  69. 69. File: administrator/components/com_akeeba/access.xml
  70. 70. File: administrator/components/com_akeeba/access.xml
  71. 71. File: administrator/components/com_akeeba/access.xml
  72. 72. File: administrator/components/com_akeeba/access.xml
  73. 73. Action name format (xml) akeeba.backup [name extension].[name action]
  74. 74. Keep it structured
  75. 75. Interface
  76. 76. File: administrator/components/com_foobar/views/foobar/tmpl/edit.php
  77. 77. getActions helper
  78. 78. File: libraries/cms/helper/content.php
  79. 79. File: can be used anywhere
  80. 80. File: can be used anywhere
  81. 81. addToolbar
  82. 82. File: administrator/components/com_foobar/views/foobars/view.html.php
  83. 83. File: administrator/components/com_foobar/views/foobars/view.html.php
  84. 84. Resources Photo by: Schub@
  85. 85. Is your extension really Joomla 1.7 ready?
 http://www.aclmanager.net/news/general/28-is-your-extension-really-joomla-17-ready ! How to add basic ACL support to your extension http://www.aclmanager.net/news/general/31-how-to-add-basic-acl-support-to-your- extension 
 Developing a MVC Component/Adding ACL http://docs.joomla.org/J2.5:Developing_a_MVC_Component/Adding_ACL 
 Adding ACL rules to your component http://docs.joomla.org/Adding_ACL_rules_to_your_component ! Access Control List Tutorial http://docs.joomla.org/J2.5:Access_Control_List_Tutorial ! Support for ACL permissions per module in com_modules https://github.com/joomla/joomla-cms/pull/1930/files ! JHelperContent::getActions() improvements
 https://github.com/joomla/joomla-cms/pull/2728 ! This presentation http://slideshare.net/sanderpotjer/

×