ACL - FREE Component Control Access

sharbron · **Joined:** Mon Jul 06, 2009 9:55 am **Posts:** 202

FOR THOSE WANTING TO INSTALL NoixACL2.0.6 on J 1.5.X Please download list below

noixacl2.0.6.zip http://joomlacode.org/gf/download/frsrelease/9395/41302/noixacl2.0.6.zip
mod_mainmenu_noixacl.zip http://joomlacode.org/gf/download/frsrelease/9908/37665/mod_mainmenu_noix.zip
1)adaptercontent1.5.7.zip http://joomlacode.org/gf/download/frsrelease/9441/41446/adapterContent1.5.7.zip
2)adapteraccess1.5.3.zip http://joomlacode.org/gf/download/frsrelease/10213/41464/adapterAccess1.5.3.zip
3)adaptermodulesv1.0.zip http://joomlacode.org/gf/download/frsrelease/10397/40546/adapterModulesv1.0.zip
4)menuadapter1.5.1zip http://joomlacode.org/gf/download/frsrelease/9442/37387/menuAdapter1.5.1.zip

link to the main page of the NoixACL project

http://joomlacode.org/gf/project/noixacl/

All components are required for correct functioning of noix.

Note: We recommend to install adaptercontent 1.5.5 instead of 1.5.7, because 1.5.7 can give some problems. The adaptercontent 1.5.5 is available from http://blueflyingfish.no-ip.biz/joomla15/noix_docs_files/noix_files/AdapterContent1.5.5.zip.

Installation of the NoixACL2.0.6

Installed from the extention>install/uninstall

noixacl2.0.6.zip (installs sys and user plugins with componet automatically)
mod_mainmenu_noixacl.zip

then the 4 adapeters installed from the component>access control>adapters
Content adaptercontent1.5.7.zip
Access adapteraccess1.5.3.zip
Module adaptermodulesv1.0.zip
Menu menuadapter1.5.1zip

Please follow these install instructions kindly provided by ewm

http://blueflyingfish.no-ip.biz/joomla15/noixacl_v206_install_2.htm

For those who would like to use the new NoixACL Systems plugin 2.0.11 please follow these instructions;

1)Uninstall the noixACL-systemplugin 2.0.10
Goto Extention Manager>Install/Uninstall>Plugins and locate the 2.0.10 system noixacl plugin
Select and click the uninstall icon
2)Install the new noixACL systems plugin 2.0.11
Goto Extention Manager>Install/Uninstall
Browse for the new 2.0.11 system plugin you downloaded and click install
3)Check the new plugin is enabled
Goto Extention Manager>Plugin Manager and enabled

Here is a link to download the new plugin.

http://joomlacode.org/gf/download/frsrelease/9395/44620/plg_system_2.0.11.zip

****NOTE****
If you are installing NoixACL2.0.6 component this automatically installs the user and systems plugins you will need to perform the above after installation to upgrade to the new system plugin.

this is a repeat comment for those just looking for quick download and install instrucions, if you require further help on installation and configuration please browse for ewm projects for instuction, tips and tricks or visit the NoixACL project area for the tutorial, thank you

sharbron · **Joined:** Mon Jul 06, 2009 9:55 am **Posts:** 202

NoixACL System Plugin 2.0.11
Release Notes

With this release the "Super Administrator" has full access to create, edit and delete the following:

1) Menus and menu items
2) Articles

All administrative tasks can be accomplished without having to disable the NOIX "Content" or "Menu" adapters.

The "Super Administrator" is granted by default access to all "Menus" and "Content".

The "Super Administrator" group, however, must still be granted access from the frontend to "Menu Items" manually.

To give the "Super Administrator" access to "Menu Items" on the frontend:

1) Navigate to Components->Access Control->Manage Groups
2) Select the Super Administrator group
3) Select under the adapter list menu
4) Select Frontend and use the dropdown menu to select the menu you need to grant access click the menu items and then tick the box to grant access.

If you are experiencing any problem with the new system plugin installed please report it to

http://joomlacode.org/gf/project/noixacl

aBrookland · **Joined:** Tue Jun 16, 2009 1:41 pm **Posts:** 13

Hi,

I've been struggling to set up a system where I can have several private catgeories for different groups of users who can have front end editing access.

I have noix 2.0.6 with all the latest adapters (using content adapter 1.5.7)

Having looked through the tutorials this is what I did:

1) created two new groups "group1" and "group2"
2) created a new section "private"
3) created two new categories "cat1" and "cat2" both set to registered
4) created two menu items "menu1" and "menu2" that are category lists set to "cat1" and "cat2" respectively also both set to registered
5) in noix "manage Groups":
a) in menu adapter -> front end granted access to "menu1" for "group1" and same for "menu2" and "group2"
b) in content adapter -> front end granted Acessar, New Item, Edit Item and Save to "cat1" for "group1" and the same for "cat2" and "group2"*
6) created two test users "user1" set to "group1" and "user2" set to "group2"

*This is where I hit my first snag - New Item, Edit Item and Save options wouldn't stay checked when applying or saving. Checking through the code I found out that the content adapter content.xml file was wrong I changed this:

Code:

            <save>
                <aco_section type="text">com_content</aco_section>
                <aco_value type="text">access</aco_value>
                <axo_section type="text">category</axo_section>
                <axo_value type="var">catid</axo_value>
            </save>
            <load>
                <field>aco_value</field>
                <aco_section type="text">com_content</aco_section>
                <aco_value type="text">access</aco_value>
                <axo_section type="text">category</axo_section>
                <axo_value type="var">catid</axo_value>
            </load>

to this:

Code:

            <save>
                <aco_section type="text">com_content</aco_section>
                <aco_value type="var">tasks</aco_value>
                <axo_section type="text">category</axo_section>
                <axo_value type="var">catid</axo_value>
            </save>
            <load>
                <field>aco_value</field>
                <aco_section type="text">com_content</aco_section>
                <aco_value></aco_value>
                <axo_section type="text">category</axo_section>
                <axo_value type="var">catid</axo_value>
            </load>

so now the rules where being saved and loaded correctly.

Testing on the frontend I could log in as "user1" and see the menu item "menu1" but not "menu2" and go to the category listing page for "cat1" and vice versa for "user2" however I wasn't getting the new article link on the "cat1" and "cat2" pages. Looking through the code again I found this in components/com_content/views/category/view.html.php

Code:

      $access->canEdit      = $user->authorize('com_content', 'edit', 'content', 'all');
      $access->canEditOwn      = $user->authorize('com_content', 'edit', 'content', 'own');
      $access->canPublish      = $user->authorize('com_content', 'publish', 'content', 'all');

which I guess isn't affected by noix at all. I remembered in previous research, in this topic I think, someone had suggested putting users into a standard Joomla group and using multigroup feature of noix to add a second group to controll menu access.

I tried this by modifying both "user1" and "user2" so they where members of the Editor group and adding "user1" to "group1" multipgroup and "user2" to "group2" multigroup. This however meant that although each user could see the correct menu item both got the noix "You dont have permission to access" message.

Going back to the code I followed execution through [plugins/system/noixacl.php] executeAdapterPlugin() -> [administrator/components/com_noixacl/libraries/adapter.php] checkrule() -> getAdapterLoadTasks() -> loadGroupTasks()

What I saw happening was that in executeAdapterPlugin() a list of groups was created and passed as part of the $pluginParams array (key = 'groups') however in getAdapterLoadTasks() the user's group was got from $user and the 'groups' list was ignored. So I modified getAdapterLoadTasks() changing:

Code:

$groupName = $user->usertype;

to:

Code:

$groupName = array_key_exists('groups', $extraParams) ? $extraParams['groups'] : $user->usertype;

then I modified loadGroupTasks() changing:

Code:

$wheres[] = "{$ruleKey} = '{$ruleValue}'";

to:

Code:

if(is_array($ruleValue)) {
    $wheres[] = "{$ruleKey} IN ('". join("', '", $ruleValue) ."')";
} else {
    $wheres[] = "{$ruleKey} = '{$ruleValue}'";
}

Which now means that "user1" has front end edit ability in the core from being a member of the Editor group and also is restricted to only seeing "cat1" and not "cat2".

So now I have a bit more control than I had this morning and I hope that what I've found out and modified will help improve noix - however my quest is not yet at an end because what I realy want is to give front end edit ability to "user1" only for "cat1" and not any other sections or categories in the site for which I need the noix content adapter front end permissions to work. I'm going to spend the rest of my afternoon seeing if I can figure it out and I'll post back any answers I get.

Cheers,

Alan.

aBrookland · **Joined:** Tue Jun 16, 2009 1:41 pm **Posts:** 13

Well my last post was so long I thought I'd save this bit for a new one as it was a bit off topic for that one

During all the testing above I was modifying the users a fair amount and I got really confused after changing the group for "user1" and adding in the multigroup that when I then clicked on "user2" there was no multigroup option.

I took me a few minutes to realise it was that when I had saved "user1" I had ended up on the standard Joomla user manager and not the noix one so after investigating the code I saw that administrator/components/com_noixacl/controllers/aclusers.php was extending components/com_users/controller.php and of course the redirect in the save() function in components/com_users/controller.php was set for the Joomla user manager.

I've copied the whole save() function from components/com_users/controller.php into administrator/components/com_noixacl/controllers/aclusers.php and did a find'n'replace on "index.php?option=com_user" to "index.php?option=com_noixacl&controller=aclusers".

Now the noix user editor redirects back to the noix user manager

Cheers,

Alan.

dbvieira · **Joined:** Wed Sep 30, 2009 2:48 pm **Posts:** 1

I find this plug not very clear to deploy...diferent versions on diferent places to dowload.

On top of it I can't really understand why the superadmin has its permissions revogued to a point where even manualy you cant grant access to modules on backend.

sharbron · **Joined:** Mon Jul 06, 2009 9:55 am **Posts:** 202

aBrookland wrote:

Well my last post was so long I thought I'd save this bit for a new one as it was a bit off topic for that one

During all the testing above I was modifying the users a fair amount and I got really confused after changing the group for "user1" and adding in the multigroup that when I then clicked on "user2" there was no multigroup option.

I took me a few minutes to realise it was that when I had saved "user1" I had ended up on the standard Joomla user manager and not the noix one so after investigating the code I saw that administrator/components/com_noixacl/controllers/aclusers.php was extending components/com_users/controller.php and of course the redirect in the save() function in components/com_users/controller.php was set for the Joomla user manager.

I've copied the whole save() function from components/com_users/controller.php into administrator/components/com_noixacl/controllers/aclusers.php and did a find'n'replace on "index.php?option=com_user" to "index.php?option=com_noixacl&controller=aclusers".

Now the noix user editor redirects back to the noix user manager

Cheers,

Alan.

Yeah by default the NoixACL should do this automatically but in some cases this has not performed the way expected.

Glad you got it working!

sharbron · **Joined:** Mon Jul 06, 2009 9:55 am **Posts:** 202

aBrookland wrote:

Testing on the frontend I could log in as "user1" and see the menu item "menu1" but not "menu2" and go to the category listing page for "cat1" and vice versa for "user2" however I wasn't getting the new article link on the "cat1" and "cat2" pages. Looking through the code again I found this in components/com_content/views/category/view.html.php

Code:

      $access->canEdit      = $user->authorize('com_content', 'edit', 'content', 'all');
      $access->canEditOwn      = $user->authorize('com_content', 'edit', 'content', 'own');
      $access->canPublish      = $user->authorize('com_content', 'publish', 'content', 'all');

which I guess isn't affected by noix at all. I remembered in previous research, in this topic I think, someone had suggested putting users into a standard Joomla group and using multigroup feature of noix to add a second group to controll menu access.

I tried this by modifying both "user1" and "user2" so they where members of the Editor group and adding "user1" to "group1" multipgroup and "user2" to "group2" multigroup. This however meant that although each user could see the correct menu item both got the noix "You dont have permission to access" message.

Going back to the code I followed execution through [plugins/system/noixacl.php] executeAdapterPlugin() -> [administrator/components/com_noixacl/libraries/adapter.php] checkrule() -> getAdapterLoadTasks() -> loadGroupTasks()

What I saw happening was that in executeAdapterPlugin() a list of groups was created and passed as part of the $pluginParams array (key = 'groups') however in getAdapterLoadTasks() the user's group was got from $user and the 'groups' list was ignored. So I modified getAdapterLoadTasks() changing:

Code:

$groupName = $user->usertype;

to:

Code:

$groupName = array_key_exists('groups', $extraParams) ? $extraParams['groups'] : $user->usertype;

then I modified loadGroupTasks() changing:

Code:

$wheres[] = "{$ruleKey} = '{$ruleValue}'";

to:

Code:

if(is_array($ruleValue)) {
    $wheres[] = "{$ruleKey} IN ('". join("', '", $ruleValue) ."')";
} else {
    $wheres[] = "{$ruleKey} = '{$ruleValue}'";
}

Which now means that "user1" has front end edit ability in the core from being a member of the Editor group and also is restricted to only seeing "cat1" and not "cat2".

So now I have a bit more control than I had this morning and I hope that what I've found out and modified will help improve noix - however my quest is not yet at an end because what I realy want is to give front end edit ability to "user1" only for "cat1" and not any other sections or categories in the site for which I need the noix content adapter front end permissions to work. I'm going to spend the rest of my afternoon seeing if I can figure it out and I'll post back any answers I get.

Cheers,

Alan.

Which file did you edit the above code, since i would like to try the same

sokka888 · **Joined:** Thu Apr 23, 2009 9:53 am **Posts:** 5

sharbron wrote:

sokka888 wrote:

Hi,

I've installed the NOIX ACL, on my joomla 1.5.12.

I was playing with this system Access Controls. After logout I'm unable to login to the admin area, using my Super Admin account. It gives me err message "

* You do not have access to the administrator section of this site.

" Im using Joomla 1.5.12 I need to login to my admin control panel as admin how do I do it?

Pls help.

thanks

sokka888,

The only suggestion i can think of is to use PHPmyadmin and remove the Noix tables from the Joomla installation, only issue with this is that if you have set any permissions you will need to do it all again.

Remove the folling tables, but becareful dont 'Drop' the database;

jos_noixacl_adapters
jos_noixacl_groups_levels
Jos_noixacl_multigroups
jos_noxiacl_rules

jos is the default prefix for joomla installs.

Once you have done this you can try and log back in, once you have successfully uninstall the NoixACL component and reinstall.

Hope this helps

:geek:

Hi sharbron,

I uninstalled the four tables

jos_noixacl_adapters
jos_noixacl_groups_levels
Jos_noixacl_multigroups
jos_noxiacl_rules

however it does not help me with the login. It shows the same error "You do not have access to the administrator section of this site." when I login to administrator site.

However I have access to the front end of the site.

So does this mean its a dead end? And I have to re-install my site again?

Thanks

aBrookland · **Joined:** Tue Jun 16, 2009 1:41 pm **Posts:** 13

sharbron wrote:

Which file did you edit the above code, since i would like to try the same

It's all in the above post but to reiterate:

in the file administrator/components/com_noixacl/libraries/adapter.php

function getAdapterLoadTasks()
change:

Code:

$groupName = $user->usertype;

to:

Code:

$groupName = array_key_exists('groups', $extraParams) ? $extraParams['groups'] : $user->usertype;

In same file

function loadGroupTasks()
change:

Code:

$wheres[] = "{$ruleKey} = '{$ruleValue}'";

to:

Code:

if(is_array($ruleValue)) {
    $wheres[] = "{$ruleKey} IN ('". join("', '", $ruleValue) ."')";
} else {
    $wheres[] = "{$ruleKey} = '{$ruleValue}'";
}

Note: there are two instances of this line - I changed both.

Cheers,

Alan.

aBrookland · **Joined:** Tue Jun 16, 2009 1:41 pm **Posts:** 13

sokka888 wrote:

sharbron wrote:

sokka888 wrote:

Hi,

I've installed the NOIX ACL, on my joomla 1.5.12.

I was playing with this system Access Controls. After logout I'm unable to login to the admin area, using my Super Admin account. It gives me err message "

* You do not have access to the administrator section of this site.

" Im using Joomla 1.5.12 I need to login to my admin control panel as admin how do I do it?

Pls help.

thanks

sokka888,

The only suggestion i can think of is to use PHPmyadmin and remove the Noix tables from the Joomla installation, only issue with this is that if you have set any permissions you will need to do it all again.

Remove the folling tables, but becareful dont 'Drop' the database;

jos_noixacl_adapters
jos_noixacl_groups_levels
Jos_noixacl_multigroups
jos_noxiacl_rules

jos is the default prefix for joomla installs.

Once you have done this you can try and log back in, once you have successfully uninstall the NoixACL component and reinstall.

Hope this helps

:geek:

Hi sharbron,

I uninstalled the four tables

jos_noixacl_adapters
jos_noixacl_groups_levels
Jos_noixacl_multigroups
jos_noxiacl_rules

however it does not help me with the login. It shows the same error "You do not have access to the administrator section of this site." when I login to administrator site.

However I have access to the front end of the site.

So does this mean its a dead end? And I have to re-install my site again?

Thanks

One suggestion would be to disable the plugin - I don't know if it would help as I'm not in a position to test it (not being locked out of my back end) but I assume it won't run then so it won't affect login?

To do so in phpmyadmin find the jos_plugins table (might have a different prefix) and then find the entry for name = "System - noixACL", element = "noixacl", folder = "system" and change published to 0.

If the plugin still runs then you could try editing the plugin file - it'll be in plugins/system/noixacl.php. If it's a remote server you'll have to ftp the file to your computer, edit it and re-upload, if it's local just edit the file where it is.

Comment out the entire contents of the function onAfterRoute() as below (I've put "<-- I'VE ADDED ...." explanation text after each place I've added stuff - don't add that text just the "/*" and "*/" bits). There are two start comments, one at the start of the function, one near the end and an end comment right at the end of the function.

Once you've got into the backend (hopefully) you can change settings and then upload the file without the comments again to reenable noix.

Code:

   public function onAfterRoute()
   {/* <-- I'VE ADDED THE START COMMENT HERE
           $option = JRequest::getCMD('option');
      
      $adapterLibFile = JPATH_ADMINISTRATOR.DS."components".DS."com_noixacl".DS."libraries".DS."adapter.php";
      
      //return false if not exists file
      if( !file_exists($adapterLibFile) ){
         return false;
      }
      
      if( $option == 'com_installer' || $option == 'com_noixacl'){
         $pathFile = JPATH_ADMINISTRATOR.DS."components".DS."com_noixacl".DS."libraries".DS.'installer'.DS.'adapters'.DS.'adapter.php';
         if( file_exists($pathFile) ){
            require_once $pathFile;
            // Get an installer instance
            $installer =& JInstaller::getInstance();
            $adapterInstaller = new JInstallerAdapter($installer);
            $installer->setAdapter('adapter',$adapterInstaller);
         }
      }
      
      
      
      $db = JFactory::getDBO();
      $app =& JFactory::getApplication();
      $user = Jfactory::getUSER();
      $acl =& JFactory::getACL();

      //if user not logged or is Administrator/Super Adminisrator return false;
      if( $user->id == 0 || ($user->gid > 23 && $user->gid < 26) ){
         return false;
      }
      
      //geting usertype from user
      $arrMultiGroups[] = $user->usertype;
      $arrUserGroupId = array( $user->gid );
      
      //get multigrop names if user have it
      $sqlGetMultigroups = "SELECT grp.name, grp.id FROM #__core_acl_aro_groups as grp, #__noixacl_multigroups multigrp WHERE grp.id = multigrp.id_group AND multigrp.id_user = {$user->id}";
      $db->setQuery( $sqlGetMultigroups );
      $multiGroups = $db->loadObjectList();

      if( !empty($multiGroups) ){
         foreach($multiGroups as $mgrp){
            $arrMultiGroups[] = $mgrp->name;
            $arrUserGroupId[] = $mgrp->id;
         }
      }
//rrr
      $this->globArrMultiGroups = $arrMultiGroups;
      
      
      

      //get access level
      $groupList = implode(',', $arrUserGroupId);
      $query = "SELECT id_levels FROM #__noixacl_groups_level WHERE id_group IN ({$groupList})";
      $db->setQuery( $query );
      $glevels = $db->loadObjectList();

      if( !empty($glevels) ){
         foreach($glevels as $glevel){
            $arrUserLevels = explode(',',$glevel->id_levels);
            if( !empty($arrUserLevels) ){
               foreach($arrUserLevels as $groupLevel)
               {
                  if( $groupLevel > $user->get('aid') ){
                     $user->aid = $groupLevel;
                  }
               }
            }
         }
      }
      
      $catid = 0;
      $view = JRequest::getCMD('view');
      $task = JRequest::getCMD('task');
      switch($view) {
          case 'category':
              $catid = JRequest::getVar( 'id', 0 );
              break;
          case 'article':
              switch($task) {
                  case 'new':
                      // ARSE: no way to get category id - we're given the section id only!!!!
                      $catid = JRequest::getVar( 'categoryid', 0 );
                      break;
                  default:
                      $id = JRequest::getVar( 'id', 0 );
                      $sql = 'SELECT catid FROM #__content WHERE id='. $id;
                        $db->setQuery( $sqlContent );
                        $catid = $db->loadResult();
              }
      }
      
        //geting rules from multigroups
//      $acl_sql = "SELECT aco_section,aco_value,aro_section,aro_value,axo_section,axo_value FROM #__noixacl_rules WHERE ACO_VALUE<>'BLOCK' AND aro_section = 'users' AND aro_value IN ('". implode("','",$arrMultiGroups) ."')";
      $acl_sql = "SELECT aco_section,aco_value,aro_section,aro_value,axo_section,axo_value FROM #__noixacl_rules WHERE aro_section = 'users' AND aro_value IN ('". implode("','",$arrMultiGroups) ."')";
      $db->setQuery( $acl_sql );
      $rulles = $db->loadObjectList();

      if( count($rulles) > 0 ){
         /**
          * Adding a rule to joomlaACL
          */ /* <- I'VE HAD TO ADD ANOTHER START COMMENT HERE
         foreach($rulles as $r){
             if($r->aco_value == 'edit' && $r->aco_section == 'com_content' && $r->axo_value == $catid) {
                 $acl->addACL( 'com_content', 'edit', $r->aro_section, $user->usertype, 'content', 'all' );
                 $acl->addACL( 'com_content', 'add', $r->aro_section, $user->usertype, 'content', 'all' );
                 $acl->addACL( 'com_content', 'publish', $r->aro_section, $user->usertype, 'content', 'all' );
             }
            $acl->addACL( $r->aco_section, $r->aco_value, $r->aro_section, $user->usertype, $r->axo_section, $r->axo_value );
         }
      }
        $this->controlAdapterAccess(); */ <-- I'VE ADDED THE END COMMENT HERE
   }

aBrookland · **Joined:** Tue Jun 16, 2009 1:41 pm **Posts:** 13

aBrookland wrote:

Hi,

I've been struggling to set up a system where I can have several private catgeories for different groups of users who can have front end editing access.

<snip>

So now I have a bit more control than I had this morning and I hope that what I've found out and modified will help improve noix - however my quest is not yet at an end because what I realy want is to give front end edit ability to "user1" only for "cat1" and not any other sections or categories in the site for which I need the noix content adapter front end permissions to work. I'm going to spend the rest of my afternoon seeing if I can figure it out and I'll post back any answers I get.

Cheers,

Alan.

So I've finally managed it and I now have groups of users who can only front end edit their particular category

unfortunately it did require a mod to one line of a core file

Here's what I've done if anyone wants the same functionality. First you'll need to set up everything as described in my earlier post.

Next the dirty core hack $:-\$ in components/com_content/helpers/icon.php in function create() I changed

Code:

$url = 'index.php?task=new&ret='.base64_encode($ret).'&id=0&sectionid='.$article->sectionid;

to

Code:

$url = 'index.php?task=new&ret='.base64_encode($ret).'&id=0&sectionid='.$article->sectionid .'&categoryid='.$article->id;

(btw if anyone knows how to override the icon.php file instead of hacking it please let me know as I couldn't figure it (I don't think it's possible). Also I called the var caetgoryid instead of the usual catid because otherwise it caused an error in com_content/router.php and I didn't want to hack that file as well if I could help it.

Next in plugins/system/noixacl.php just before

Code:

        //geting rules from multigroups
//      $acl_sql = "SELECT aco_section,aco_value,aro_section,aro_value,axo_section,axo_value FROM #__noixacl_rules WHERE ACO_VALUE<>'BLOCK' AND aro_section = 'users' AND aro_value IN ('". implode("','",$arrMultiGroups) ."')";
      $acl_sql = "SELECT aco_section,aco_value,aro_section,aro_value,axo_section,axo_value FROM #__noixacl_rules WHERE aro_section = 'users' AND aro_value IN ('". implode("','",$arrMultiGroups) ."')";
      $db->setQuery( $acl_sql );
      $rulles = $db->loadObjectList();

I added

Code:

      if($option = 'com_content') {
          $catid = 0;
          $view = JRequest::getCMD('view');
          $task = JRequest::getCMD('task');
      
          switch($view) {
              case 'category':
                  $catid = JRequest::getVar( 'id', 0 );
                  break;
              case 'article':
                  switch($task) {
                      case 'new':
                          // Need core hack to components/com_content/helpers/icon.php
                          $catid = JRequest::getVar( 'categoryid', 0 );
                          break;
                      case 'save':
                          $catid = JRequest::getVar( 'catid', 0 );
                          break;
                      default:
                          $id = (int) JRequest::getVar( 'id', 0 );
                          $sql = 'SELECT catid FROM #__content WHERE id='. $id;
                            $db->setQuery( $sql );
                            $catid = $db->loadResult();
                  }
          }
      }

Which gets the current category id if applicable.

Then in the same file I modified

Code:

      if( count($rulles) > 0 ){
         /**
          * Adding a rule to joomlaACL
          */
         foreach($rulles as $r){
               $acl->addACL( $r->aco_section, $r->aco_value, $r->aro_section, $user->usertype, $r->axo_section, $r->axo_value );
         }
      }

to

Code:

      if( count($rulles) > 0 ){
         /**
          * Adding a rule to joomlaACL
          */
         foreach($rulles as $r){
             if($option == 'com_content' && $r->aco_value == 'edit' && $r->aco_section == 'com_content' && $r->axo_value == $catid) {
                 $acl->addACL( 'com_content', 'edit', $r->aro_section, $user->usertype, 'content', 'all' );
                 $acl->addACL( 'com_content', 'add', $r->aro_section, $user->usertype, 'content', 'all' );
                 $acl->addACL( 'com_content', 'publish', $r->aro_section, $user->usertype, 'content', 'all' );
             }
            $acl->addACL( $r->aco_section, $r->aco_value, $r->aro_section, $user->usertype, $r->axo_section, $r->axo_value );
         }
      }

Which checks if the front end edit permission has been set for the current category and if so sets the correct permissions in the core ACL to allow front end editing. Note - these permissions are for front end editing of all content but since they are set on each page load they will only affect the given category (which is one nice side effect of the permissions being set programatically and not saved in the database

)

I think that the code I've added to noixacl.php here should be refactor into the noixACL adapter plugin system so that each adapter can modify the core ACL rules as needed to enable fine grained permission setting in the same manner - also noixacl.php just insn't the right place for content specific code

Finally I made a template override for com_content/views/article/tmpl/form.php where I added

Code:

$special_group_user = in_array($this->user->usertype, array('group1', 'group2'));

so I could use the $special_group_user var to control whether to show the publishing options or not by wrapping each element div like so

Code:

<?php
if($special_group_user) {
?>
         <input type="hidden" value="1" name="access" />
<?php
} else {
?>
            <div class="formelement access">
                <label for="access"><span><?php echo JText::_( 'Access Level' ); ?>:</span><?php echo $this->lists['access']; ?></label>
            </div>
<?php
}
?>

In this example we're hiding the access level setting for the special users and setting the articles access level to registered with a hidden input field. I do the same to remove the section and category choices and set them to the correct current section and category and I also remove the front page option.

So now I have my holy grail - special users who have front end edit access limited to a specific category based on the usergroup and they also have limited publishing options on the front end article editor controllable by me (admittedly by modifying the template) so they can't create articles not within their category or change the access level from registered.

sharbron · **Joined:** Mon Jul 06, 2009 9:55 am **Posts:** 202

aBrookland wrote:

So now I have my holy grail - special users who have front end edit access limited to a specific category based on the usergroup and they also have limited publishing options on the front end article editor controllable by me (admittedly by modifying the template) so they can't create articles not within their category or change the access level from registered.

aBrookland,

Great work, will look throught your hacking later, but there are a few questions i want to ask.

Firstly are you using the contentadapter1.5.5. or 1.5.7??
Secondly are you setting the menu items for categorys to list or blog layout?

And have you heard of the content_submit extention that can provide a menu item that you can set up for submitting only to a section or category?

Anyway great that you have share so much, will enjoy testing it out.

:geek:

aBrookland · **Joined:** Tue Jun 16, 2009 1:41 pm **Posts:** 13

sharbron wrote:

aBrookland wrote:

So now I have my holy grail - special users who have front end edit access limited to a specific category based on the usergroup and they also have limited publishing options on the front end article editor controllable by me (admittedly by modifying the template) so they can't create articles not within their category or change the access level from registered.

aBrookland,

Great work, will look throught your hacking later, but there are a few questions i want to ask.

Firstly are you using the contentadapter1.5.5. or 1.5.7??
Secondly are you setting the menu items for categorys to list or blog layout?

And have you heard of the content_submit extention that can provide a menu item that you can set up for submitting only to a section or category?

Anyway great that you have share so much, will enjoy testing it out.

:geek:

Thanks,

I'm using contentadapter 1.5.7 - mainly because I'd already installed it before I saw the tutorials that suggested downgrading to 1.5.5 and I didn't want to have to reconfigure all the current access rules set up :eek:

The menu items for categories are list layout - the blog layout doesn't get the front end edit icons (although I suppose you could add them in with a template override should you so wish).

And no I hadn't heard of the content_submit extesion - I'll have a quick look now.

Enjoy the testing...

sharbron · **Joined:** Mon Jul 06, 2009 9:55 am **Posts:** 202

aBrookland wrote:

sharbron wrote:

aBrookland wrote:

So now I have my holy grail - special users who have front end edit access limited to a specific category based on the usergroup and they also have limited publishing options on the front end article editor controllable by me (admittedly by modifying the template) so they can't create articles not within their category or change the access level from registered.

aBrookland,

Great work, will look throught your hacking later, but there are a few questions i want to ask.

Firstly are you using the contentadapter1.5.5. or 1.5.7??
Secondly are you setting the menu items for categorys to list or blog layout?

And have you heard of the content_submit extention that can provide a menu item that you can set up for submitting only to a section or category?

Anyway great that you have share so much, will enjoy testing it out.

:geek:

Thanks,

I'm using contentadapter 1.5.7 - mainly because I'd already installed it before I saw the tutorials that suggested downgrading to 1.5.5 and I didn't want to have to reconfigure all the current access rules set up :eek:

The menu items for categories are list layout - the blog layout doesn't get the front end edit icons (although I suppose you could add them in with a template override should you so wish).

And no I hadn't heard of the content_submit extesion - I'll have a quick look now.

Enjoy the testing...

aBrookland,

I thought you where!!

I thought it might be useful to know!

motassa · **Joined:** Thu Oct 01, 2009 9:02 am **Posts:** 19

hi there,
I'm totally new using noix. I have a problem (I'm sure it'll be a silly thing) that is the following:
When I go to adapters-menu- I can only do enable, but I can't access in it. I want to select front-end but I can't because i can't access. It's in grey colour (I can't do anything).
Any help please?

joomila · **Posted:** Tue Oct 06, 2009 2:14 pm

motassa wrote:

hi there,
I'm totally new using noix. I have a problem (I'm sure it'll be a silly thing) that is the following:
When I go to adapters-menu- I can only do enable, but I can't access in it. I want to select front-end but I can't because i can't access. It's in grey colour (I can't do anything).
Any help please?

Check if you use latest version, and see documentation by ewn

motassa · **Joined:** Thu Oct 01, 2009 9:02 am **Posts:** 19

Thanks for your answer.
I've followed the Ewn's post viewtopic.php?f=46&t=341017&start=1170
and my joomla version is 1.5.14. I have the following... I thinks ther are the latest version...
Component:
1) noixacl2.0.6.zip
Modules:
2) mod_mainmenu_noix.zip
Adapters:
1) adapterAccess1.5.3.zip
2) adapterContent1.5.5.zip
3) adapterModulesv1.0.zip
4) menuAdapter1.5.1.zip

What's wrong?
Bye for now.

joomila · **Posted:** Wed Oct 07, 2009 2:22 pm

Today I finish my plugin for tweet when you create new content with link.

rajendrads · **Joined:** Thu Oct 08, 2009 9:25 am **Posts:** 1

Hi,

I am using version 2.0.6 of this component. I created one group Level1 under registered level. Then I added one user under Level1. But when i login with the registered user under Level1, I can't edit my profile.

In admin panel, after creating Level1, I checked on access adapter. It lists all the component except com_users. Can this be one of the reason for not updating profile.

Please Advice.

Raj

eyashwant · **Joined:** Wed Dec 03, 2008 9:28 am **Posts:** 925

I am using ACL of Backend Restriction for giving admin panel to my Client. But I am unable to figure out how to get it done as there are no documents for that. I saw few instruction like :

Quote:

1) noixacl2.0.6.zip
Modules:
2) mod_mainmenu_noix.zip
Adapters:
1) adapterAccess1.5.3.zip
2) adapterContent1.5.5.zip
3) adapterModulesv1.0.zip
4) menuAdapter1.5.1.zip

Here noixacl2.0.6.zip is what I installed.
mod_mainmenu_noix.zip - This is not required now as I am not doing front end restriction. This is for backend only for now.

Quote:

Adapters:
1) adapterAccess1.5.3.zip
2) adapterContent1.5.5.zip
3) adapterModulesv1.0.zip
4) menuAdapter1.5.1.zip

I think these are for front end only. There is no document for backend.

So please tell me how I can do it
I want the client to see certain things like :

User Manager
Stats
Etc,.

So please suggest me accordingly so that I can go further.

It is a bit Urgent...plz

aBrookland · **Joined:** Tue Jun 16, 2009 1:41 pm **Posts:** 13

eyashwant wrote:

I am using ACL of Backend Restriction for giving admin panel to my Client. But I am unable to figure out how to get it done as there are no documents for that. I saw few instruction like :

Quote:

1) noixacl2.0.6.zip
Modules:
2) mod_mainmenu_noix.zip
Adapters:
1) adapterAccess1.5.3.zip
2) adapterContent1.5.5.zip
3) adapterModulesv1.0.zip
4) menuAdapter1.5.1.zip

Here noixacl2.0.6.zip is what I installed.
mod_mainmenu_noix.zip - This is not required now as I am not doing front end restriction. This is for backend only for now.

Quote:

Adapters:
1) adapterAccess1.5.3.zip
2) adapterContent1.5.5.zip
3) adapterModulesv1.0.zip
4) menuAdapter1.5.1.zip

I think these are for front end only. There is no document for backend.

So please tell me how I can do it
I want the client to see certain things like :

User Manager
Stats
Etc,.

So please suggest me accordingly so that I can go further.

It is a bit Urgent...plz

As far as I understand it all the adapters apart from modules allows you to restrict back end access. Create your user group you want to allow limited backend access (they'll have to be a child of Public backend I guess - I've only tested front end groups so far) and then go to "Access Control" -> "Manage Groups", click on the new group, click on the adapter "menu" then you will be in the "back end" tab - here you can apply permissions to allow this group the ability to manage each menu in the back end.

Click on the "access" adapter and you will be on the "Administer" tab (means the same as back end) where you can restrict access to manage individual components.

And finally click on the "content" adapter and you'll be on the "Backend" tab to give permissions for the group to manage the sections and categories of the site.

For each of these adapters you would need to click on the "frontend" tab to set permissions for that group accessing the front end of the site.

There is no system currently (afaik) for dissallowing access to the "Site", "Extensions" and "Tools" menus in the back end but with the above adapters you can definately limit access to content, menus and components in the back end.

Best of luck,

Alan.

Eraser · **Posted:** Mon Oct 12, 2009 11:39 am

Hi! Thanks for the great component!

As I translated it into Etonian, I found some typos in English language file ...

Code:

NOIXACL_VIEW_NOIXACL_TEXT_OFICIAL_TOPIC=Oficial topic

Oficial topic => Official

Code:

NOIXACL_VIEW_GROUP_VALIDATE_PARENT_GROUP=Please, select a parent gorup

gorup => group

Code:

NOIXACL_ADAPTERS_EXECUTE_QUERY_ERROR=Erro to execute query

Erro => Error

Code:

NOIXACL_ADAPTERS_UNINSTALL_SUCESSFULL=Adapter unistall sucessfull
NOIXACL_ADAPTERS_INSTALL_SUCESSFULL=Adapter installed sucessfull
NOIXACL_GROUPS_GROUP_REMOVED_SUCESSFULL=Group removed sucessfull

sucessfull => successfully

kathtg · **Joined:** Tue Apr 28, 2009 9:07 pm **Posts:** 58

Hello,

I'm hoping that you can help. I've probably done something basic incorrectly but I've searched and searched and it is escaping me.

I created new sections/categories. They do not appear for selection in new articles. When I disable the system plugins, it will work fine. (I tried disabling the adapters etc too but these had no affect). The permissions in Manage Groups look fine to me. Please please tell me what I am missing?

Also quick question, for some reason I have two noixACL - System Plugin 2.0.10 plugins and two noixACL - User Plugin 2.0.10 plugins, and only one System - noixACL . Is this expected? If not and I uninstall and reinstall to get rid of the additional, will it hurt anything.

Sincere thanks

aBrookland · **Joined:** Tue Jun 16, 2009 1:41 pm **Posts:** 13

kathtg wrote:

Hello,

I'm hoping that you can help. I've probably done something basic incorrectly but I've searched and searched and it is escaping me.

I created new sections/categories. They do not appear for selection in new articles. When I disable the system plugins, it will work fine. (I tried disabling the adapters etc too but these had no affect). The permissions in Manage Groups look fine to me. Please please tell me what I am missing?

Also quick question, for some reason I have two noixACL - System Plugin 2.0.10 plugins and two noixACL - User Plugin 2.0.10 plugins, and only one System - noixACL . Is this expected? If not and I uninstall and reinstall to get rid of the additional, will it hurt anything.

Sincere thanks

You definately shouldn't have two system and user plugins - I guess you've got that because the core component installer installs these for you and then you manually installed them afterwards?

Unless you've done lots of configuring it's probably best to uninstall all the noix stuff and start again with the main component and then check what plugins it installs for you.

I have know idea if having two versions of the plugin installed could be causing your problem or if you've not configured permissions correctly somewhere - you've not supplied very much info to go on.

The latest system plugin (2.0.11) bypasses the security for the super administrator (see the above post for info) otherwise you have to grant access to each category for each user group that you want back end access to that category.

Cheers,

Alan.

kathtg · **Joined:** Tue Apr 28, 2009 9:07 pm **Posts:** 58

Thank you for replying. I found it. My content adapter was disabled due to the error in the backend that occurs. I enabled it and found the content permission list in the Manage Groups page. I will uninstall and reinstall due to my multiple plugins. thanks again!

Vircos · **Joined:** Tue Sep 02, 2008 11:50 am **Posts:** 9

I have installed NoixACL following the instructions as posted repeatedly in this topic. Everything seems to work fine except the following: When click on the button "New" under accesslevels to add a new level I get the following error:

Code:

PHP Notice:  Trying to get property of non-object in C:\Inetpub\wwwroot\joomla\administrator\components\com_noixacl\views\accesslevel\tmpl\default.php on line 18
PHP Notice:  Undefined variable: k in C:\Inetpub\wwwroot\joomla\administrator\components\com_noixacl\views\accesslevel\tmpl\default.php on line 46
PHP Notice:  Undefined variable: k in C:\Inetpub\wwwroot\joomla\administrator\components\com_noixacl\views\accesslevel\tmpl\default.php on line 46
PHP Notice:  Undefined variable: k in C:\Inetpub\wwwroot\joomla\administrator\components\com_noixacl\views\accesslevel\tmpl\default.php on line 46
PHP Notice:  Undefined variable: k in C:\Inetpub\wwwroot\joomla\administrator\components\com_noixacl\views\accesslevel\tmpl\default.php on line 46
PHP Notice:  Undefined variable: k in C:\Inetpub\wwwroot\joomla\administrator\components\com_noixacl\views\accesslevel\tmpl\default.php on line 46
PHP Notice:  Undefined variable: k in C:\Inetpub\wwwroot\joomla\administrator\components\com_noixacl\views\accesslevel\tmpl\default.php on line 46
PHP Notice:  Undefined variable: k in C:\Inetpub\wwwroot\joomla\administrator\components\com_noixacl\views\accesslevel\tmpl\default.php on line 46
PHP Notice:  Undefined variable: k in C:\Inetpub\wwwroot\joomla\administrator\components\com_noixacl\views\accesslevel\tmpl\default.php on line 46
PHP Notice:  Undefined variable: k in C:\Inetpub\wwwroot\joomla\administrator\components\com_noixacl\views\accesslevel\tmpl\default.php on line 46
PHP Notice:  Undefined variable: k in C:\Inetpub\wwwroot\joomla\administrator\components\com_noixacl\views\accesslevel\tmpl\default.php on line 46
PHP Notice:  Trying to get property of non-object in C:\Inetpub\wwwroot\joomla\administrator\components\com_noixacl\views\accesslevel\tmpl\default.php on line 66

mic · **Posted:** Thu Oct 15, 2009 12:22 pm

Nothing serious ('only' notices), but it shows that the programer(s) did not do their homework.

Vircos · **Joined:** Tue Sep 02, 2008 11:50 am **Posts:** 9

I have created an new accesslevel and a group. I want to be able to apply the new accesslevel to the new group. Somehow I am not able to do that. I cannot select the new group while editing the new accesslevel. It's greyed out.

Is there a way to realise this?

And is this related to the problem mentioned underneath the following link? http://joomlacode.org/gf/project/noixacl/tracker/?action=TrackerItemEdit&tracker_item_id=16357

motassa · **Joined:** Thu Oct 01, 2009 9:02 am **Posts:** 19

please help, I only want a basic thing: one user has to be able to edit a "public" article in frontend. how can I do it?
I've tried to follow some tutorials, basically
http://blueflyingfish.no-ip.biz/joomla1 ... 82&lang=en
but I'm sure I did something wrong. I can't find the mistake.
I've tried to create a new group in front-end, called "mestres editors". Once I clic over (component-access control-manage groups-mestres editors-adapter-content) and I choose front-end tab, the word of the section that I want is in grey colour, so I can't edit.
Thanks for this usefull forum!

kathtg · **Joined:** Tue Apr 28, 2009 9:07 pm **Posts:** 58

A couple of questions.

1. I have two copies on my machine so I'm trying to uninstall and reinstall as suggested. When I try to uninstall, I receive an error that states 'Plugin Uninstall: Manifest File invalid or not found '.

I believe this is because I had two installations. It uninstalled the first and couldn't find the second. The second still appeared in my plugins list though. I'm guessing that I will need to add the files into the backend manually to be able to delete this second installation. I'm not certain which files I will need to add back there though. If this is correct, can you tell me what files it is looking for so I can add them?

2. Should I install AdapterContent1.5.5.zip or AdapterContent1.5.7.zip?

3. I have to reinstall but applying permissions to everything again is a time consuming nightmare (2 hours). is there a table I can update in the backend to do this for me instead?

Thanks so much for your time in these! It's much much appreciated. I only have one more day to get all of this working.

Trina
Thanks in advance for your help!

Joomla! Discussion Forums

Forum rules

ACL - FREE Component Control Access

Quick reply

Who is online