Joomla! Discussion Forums

Hi,

I know a lot has been said about a proper User and Access Control System within Joomla, but I will make a plea for it anyway.

As a developer on RSGallery2, I have been struggling to come up with a logical Access Control System. As the J1.0 core does not provide a very flexible framework to hook into, we decided to write a limited version, specialized for RSGallery2. As this does not tie into the core, it is not very flexible.

If there is one area Joomla! is losing it to the competition it is User and Access Control. Although this is a difficult task to perform, it is not an impossible one. That is why I cannot understand the delay in achieving this. Most of the community agrees it should have been part of Joomla 1.5. As the roadmap does not offer any insight of development after releasing Joomla 1.5 stable, I am afraid this could take a while.

Having said that, I get the impression that we did make some progress on the Google Summer of Code sessions, and we do have some expertise on the PHPGACL in the Core Team and the community, which is the preferred framework as I understood from the forums. Also looking at the great job the Core Team has done on the J15 Framework(It is really awesome), I would say this would have to be one of the main priorities after releasing J1.5 Stable.

As this is a major undertaking, because it will affect large parts of the framework, it wouldn’t be a bad idea to create a User and Access Control Development Team, it’s primary task being to come up with a functional and technical design of the User and Access Control System and a plan how to integrate this into the Joomla Framework. Using the knowledge on PHPGACL, the results of the Google Summer of Code Experience and the expertise on the current framework, this could speed up implementation a lot.

I am pretty sure, as this is one of the most wanted features in Joomla!, rounding up a team like this wouldn’t be too hard. To complete this task successfully though, the commitment of the Core Team is very much needed as is a proper project manager to synchronize efforts.

Being a project- and programme manager myself I realize the size of the task at hand, but looking beyond that I can also see the benefits of having a proper User and Access Control System. It would put Joomla on top of the Open Source Market, confirming the already achieved status even more.

I am really interested what the view of the Core Team and the Joomla Community is on this.

Cheers,

Ronald

ACLs are on the 1.6 TODO list. 

tcp

Ok,

Thanks for your enlightening answer.

I know, hat sounds cynical, but I had expected a more comprehensive answer. I already know it is on the todo list, but so are many other things. with J15 about to release in a few months, I hope the plan for 1.6 and beyond is taking shape. This means you would have a reasonably clear picture about the things you want to do, the set priorities and the allocation of capacity to achieve the goals. A roadmap is more that just a timeline, to state the obvious. Perhaps it is there and you have not released this to the public yet, but then at least an acknowledgement would be nice.

In my very humble opinion the focal point for J1.6 should be a full blown User and Access Control System. Using this as starting point, an impact analysis on the Framework could be developed and the rest of the roapmap can be completed, using that data. This will not only help to structure development, but also injects the thoughts of the Core Team into the community. This works both ways.
This is why i wrote my plea for a seperate Access Control Development Team. The work you could do from now untill the release of J15 Stable, would be invaluable to both the Core Team and the community.

Anyway, I am sure there are a few project- and programme management experts on the Core Team, so I probably am not saying new things here, it is just that this is one of the things that is not very transparent to the community. For the majority of users this probably isn't very interesting, but I'd like to look at the big picture and although it is Open Source, it does not hurt to stay ahead of the competition. A solid view of the future and a roadmap to guide us getting there, are the main survival tools of any large project.

Again, I am very curious wat the view of the Core Team and the Community is on this.

Cheers,

Ronald

Hi and thanks for submitting to the Core team members a more clean and understandable topic about Users Management.

I tried (with my limited patronage of english), to submit at the attention of the core team members this thread: http://forum.joomla.org/index.php/topic,221064.0.html on wich I exposed my basic request (since no-one cared about that, I suppose I was unclean about what  was my wish).
Essentially I need to have a better control over what user1 can do and user2 cannot, specifically I need to redirect only selected users somewhere, and one of my major concerns actually is the fact that as soon as you login, you get redirected only to a specific place, and not the place from where you were logging in. In two words, I need better control over who does what on my site.

I understand that there is a lot of things to be done and a lot of other priorities, but in my humble opinion this is something wich deserve some more priority.

What about some basic functionalities around 1.5.X?

Sadly, none of the Core Team members have reacted yet. I know the also have busy lives, but it is not very promising.
I am not advocating a hasty implementation, but I am much more curious about the way ahead and the importance of User and Access Management in that discussion.

What you are describing is only a small part of the complete system, but equally important. You are suggesting some basic functionality in j1.5.x. While that may be possible, it needs to be a part of the big plan. This beacause implementing this, even only partially, would possibly break some functionality and that is not something you would like to do within the J1.5.x series, is my humble guess.

Again: I do not have all the technical wisdom, I just would like to start the discussion.

Thanks for your reaction.

Cheers,

Ronald

The developers will be the first to say that the current system is not perfect to enhance it with additional features. I'm not one of the developers, but I know what's will be said. 1.5 is taking a long time, and needs to be finished. All priorities are diverted to that, and that only.  Just asking for new features for 1.5 now, is bound to be shot down. As for a separate team, that might be an idea for after 1.5. While there have been talks about 1.6, it hasn't been anything as far as planning.

Tonie,

Thanks for your reaction.
First of all, I am not asking for new features in J15, 'au contraire', my last post states that new functionality in the J1.5.x series is not the smartest thing to do.

I am very curious about the decision to focus all effort on the J1.5, although it is a very important task. I would like some input from the Core Team on that one.
As I explained earlier, you need to think at least two steps ahead, as that provides valuable input for current activities and following step. That would justify claiming a small portion of the available capacity to think ahead. I am pretty sure the Core Team has some kind of strategic view of the whole project, as global as that view may be.

Going back to the User and Access Control System, this is in my opinion the one big thing (together with a node-based categories system) that seperates Joomla! from the competition. With that in place, there is no CMS around that is more user friendly and logically oriented.

Cheers,

Ronald

Ronald -

Have you looked at Andrew's RokACL? According to an article on Andrew's NewLifeInIt Site, this is what is anticipated for implementation in v 1.6.

There is also a RokAccess plugin in the RocketWerx SVN, but I am uncertain if it is part of RokACL, or not.

Anyway, take a look at that and see what you think.
Amy

There's about two years of work in Joomla 1.5. It's about time that it's finished. It was and is a monumental task to rewrite the code, from which probably nobody realized how much work. By bringing our RC versions, we should be making clear that we are going towards final. As for the focus on 1.5, we simply don't have the resourcing capacity to deal with rewriting Joomla, and also working on a new version at the same time. The idea so far is to not change 1.6 very much to 1.5, having ACL as it's main feature and doing bugfixes and some smaller features. The idea behind is, is that we can release this far faster than 1.0 --> 1.5. We have talked, and are always talking about life after 1.5. Ideas are coming and going, lots of things change again over time. So far the idea has been to release 1.6, 1.7 with new features, and then start with 2.0, which will be a version built from the ground up (completely new database design to create a node based structure for content, php 5.2 minimum, support for other databases, etc.). If this will be the case, only time will tell.

As for a full blown ACL, I'm working with directories a lot and would absolutely love it.

An interesting & worthwhile discussion - one to watch.

Based on this, people are [unsuccessfully and unhappily] patching like crazy due to the lack of ACL implementation, but we'll have to suffer for perhaps a year or more before this gets into a J! version (1.6? sheesh!).
http://forum.joomla.org/index.php/topic,3391.240.html

Based on Andrew's ACL post at NewLifeinIT, he cannot wait and has started, but although a SVN version is available here http://joomlacode.org/gf/project/rocketwerx/scmsvn/, a stable version is "coming soon" here http://www.rocketwerx.com/joomla/extensions/rokacl/.

Although not a programmer I see the need for ACL. I agree with Ronald's plea goal to *concurrently* develop this code to insert in 1.6, so that when the Core Team deems "ready" to *add* this essential feature to Joomla we can get there. Perhaps Andrew wants to open up his development?

Just my perspective today as I look at Boonex and lust at their community & groups features....but lamenting that they have no content-creation/HTML editing features, yet.

John

John -

Posts like that one suck the fun out of Joomla!. How motivated do you think people are to contribute when there is no financial compensation *and* it's not fun?

Amy

I had a quick glance today. I did a checkout and I will have a detailed look at it later this weekend. This does look promising and it strenghtens my believe that there is already some great work out there on the User and Access Management System. The downside is they are all individual actions. Imagine what could happen when we synchronize all these efforts into one solid ACL system.

Looking at Tonies latest post, which was very informative, I have the idea there is a strategic view, but at this moment the Team lacks capacity to transform this strategic view into something more concrete, which is understandable at this point.

Now I might overestimate the community, but I am reasonable sure that if an action was made to create a seperate User and Access Management Workgroup, a lot of people would like to sign u pto contribute to this task.
It would require some hands on involvement from the Core Team, selecting the right people for the job, but with the already available code, the focus on ACL in J16 and some guidance from the Core Team, they should be able to come up with a functional design and an impact analysis on the J15 core.

Lastly a quick reaction to John. I understand what your saying, but I don't really agree with the negative tone in your reaction. As Open Source Development Team you are for the most part dependant on the skills and availability of contributors within the community. In that respect the Joomla! community is an outstanding example of the way it should work.

Looking at the timeline, the choices that have been made by the Core Team untill now are in my opinion the right ones. It makes no sense implementing an ACL solution without having a mature framework, but with nearing the completion of this task, it is time to look ahead.

And there we meet again, as we both agree the time has come to slowly start shifting the focus towards J16. As Tonie said, this is not possible within the current capacity, so an option is to form the User and Access Development Team as I described above.
So let's have a positive attitude towards it all, something I also like about this community.

And don't forget that one of the communities responsibilities is to keep the Core Team and Developers on it's toes , so constructive criticism is always welcome. It helps the Core Team to reflect on what they are doing and why.

Anyway, It is much too late and this post is getting too long, so I am off to bed now.

Cheers,

Ronald

Amy: Hardly takes the wind out of things here. Rather, it's pretty realistic for web developers to know what the other platforms offer.I didn't mean any insult to the plans and results of the coders; I KNOW they work hard and code free but that's completely beside the point of this post: to look ahead and get ACL into J!1.6 if possible, and why not?

With that said, Ronald, my tone wasn't meant to be negative at all. It's precisely BECAUSE of your clearly-stated objective that a [Core team-supervised or /-led] working group could - perhaps using RocketWerx as a starting point - get some code achieved, and sooner rather than some vague later.

A base-coded ACl would help get permissioning for other web-based user-generated services - items that are emerging (quickly) and will become essential as Joomla goes forward. Indeed, in my personal experience, I've hit a few brick walls (calendaring, video/audio files, uploading and editor permissions quickly come to mind) due to the lack of an ACL that works seamlessly across all components & modules; it's simply been on my wish list - and what is what drew me into this discussion.

Thanks for your insights, everyone, to a valuable conversation.

John

John -

Did you download the ACL?

Amy

That is the reason ACL is planned for 1.6, since a lot of people want/need it. As for opening up a trunk, that could be a possibility. Before that happens, I think the lead developers and developers should get together to plan 1.6 first and deal with questions like: what have we done right, what have we done wrong, what do we need to change in developing, what do we want in 1.6, how are we going to start developing, etc. We/they have talked about 1.6 already (Core Summit for example), that has already been months ago. Due to the nature of online communication and the long release cycle, this definitely needs to be done again.

Sorry for posting in what is becoming in old thread. I have not tried RokACL but unless I am very much mistaken the focus in this discussion is on setting access rights from the back-end.

What I think would be really interesting in addition is to allow front-end users to set access rights to specific information that they are privy to as registered users. For example, if you were to make a community site, it would be great if you could enable a user to share his/her images gallery with selected other users.