The Joomla! Forum ™



Forum rules


Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Security Checklist
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.



Post new topic This topic is locked, you cannot edit posts or make further replies.  [ 19 posts ] 
Author Message
PostPosted: Sat Feb 02, 2008 12:39 pm 
User avatar
Joomla! Apprentice
Joomla! Apprentice

Joined: Sun Jan 06, 2008 9:12 pm
Posts: 5
Location: Rotterdam, Holland
I just noticed that content marked 'Special' access can be viewed by registered users with Author status
Is this a bug? I am forgetting something? Is the online manual completely wrong? http://help.joomla.org/content/view/1516/278/


Last edited by kroonweb on Thu Feb 07, 2008 8:21 pm, edited 1 time in total.

Top
 Profile  
 
PostPosted: Sat Feb 02, 2008 3:22 pm 
User avatar
Joomla! Master
Joomla! Master

Joined: Fri Aug 12, 2005 3:47 pm
Posts: 17369
Location: **Translation Matters**
Quote:
Content Access Classification:

In Joomla! Content is classified by who can view/access it. There are three levels of Content Access Classification:

    * Public - open to all visitors to the web site.
    * Registered - restricted to all seven Registered User Groups of the web site.
    * Special - restricted to all User Groups except Guest and Registered.

NOTE: The Special Classification uses the individual Group's authority levels to determine precisely what Special Access is actually permitted.

Author is within the Special range.

_________________
Jean-Marie Simonet / infograf · http://www.info-graf.fr
Multilanguage in 2.5: http://help.joomla.org/files/EN-GB_multilang_tutorial.pdf
---------------------------------
Joomla Translation Coordination Team • Joomla! Production Working Group


Top
 Profile  
 
PostPosted: Mon Feb 04, 2008 2:08 pm 
User avatar
Joomla! Apprentice
Joomla! Apprentice

Joined: Sun Jan 06, 2008 9:12 pm
Posts: 5
Location: Rotterdam, Holland
Got it now: Special access - restricted to all User Groups except Guest and Registered.
How can i edit the individual group authority levels for groups?
What does jos_core_acl_aro_groups do with fields lft en rgt?
How can i shrink the restriction to less groups?
More posts about this subject:
http://forum.joomla.org/index.php?topic=164774.0
http://forum.joomla.org/index.php/topic ... msg1174975
http://www.joomlahacks.com/smf/index.ph ... g7296.html

A solution would probably be to extend Joomla! with one of these:
http://extensions.joomla.org/index.php? ... &Itemid=35


Top
 Profile  
 
PostPosted: Wed Feb 06, 2008 5:57 am 
User avatar
Joomla! Hero
Joomla! Hero

Joined: Sat Oct 21, 2006 10:20 pm
Posts: 2727
Location: Wisconsin USA
Don't know if this will help or not, but I did this for a clubs website. I get 3 levels of access without editing abilities (like a second registered category) for author level.

This is a core file modification, but is easy to make.

In the file: includes/gacl.class.php. I made these changes under where it says actions at about line 178 or so The original line is remarked out with the new line above it:

In the line $this->_mos_add_acl( 'action', 'add', 'users', 'author', 'content', 'all' ); I removed the word author. There are two places in this section to do this. I copied and pasted the action section below from my gacl.class.php file with the mods made and commented. Use if you like, but note this is only the top sections of actions where the edits were made.

// actions
      //Modifications added to remove author level actions. Original line is marked out. 12-17-07
      // This prevents changes from being allowed by authors enabling you to use the author registration level
      // for club members.
      $this->_mos_add_acl( 'action', 'add', 'users', 'content', 'all' );
      //$this->_mos_add_acl( 'action', 'add', 'users', 'author', 'content', 'all' );
      $this->_mos_add_acl( 'action', 'add', 'users', 'editor', 'content', 'all' );
      $this->_mos_add_acl( 'action', 'add', 'users', 'publisher', 'content', 'all' );
      $this->_mos_add_acl( 'action', 'edit', 'users', 'content', 'own' );
      //$this->_mos_add_acl( 'action', 'edit', 'users', 'author', 'content', 'own' );
      $this->_mos_add_acl( 'action', 'edit', 'users', 'editor', 'content', 'all' );
      $this->_mos_add_acl( 'action', 'edit', 'users', 'publisher', 'content', 'all' );
      $this->_mos_add_acl( 'action', 'publish', 'users', 'publisher', 'content', 'all' );

                ~~~~~~ rest of section actions here ~~~~~~~~~~

Club members are set to "Author" level and Content set to "Special" is only viewable to them. 


The end result is club members are author permission level but they can't perform any "author" level actions.

Regular people can still register on the site, and also buy things from the store without accessing anything that is club members only. This solves the problem of giving "more private" permissions to club members without the ability to actually do any author level editing, having a login module visible, and still letting non club people register to purchase items from the store.

Guests and registered members will not see anything that only club members are supposed to see. Club members once logged in will have additional menu items, sections, etc.  available to them, that registered users don't .

The mods I made were based on the information I found here:
http://demo.joomlaworks.gr/content/view/23/32/

The link provides information on how to make other permission "adjustments" and is worth a read and was the inspiration for the above mod.

_________________
PhilD -- Unrequested PM's and/or emails may not get a response.
Security Moderator


Top
 Profile  
 
PostPosted: Thu Feb 07, 2008 8:19 pm 
User avatar
Joomla! Apprentice
Joomla! Apprentice

Joined: Sun Jan 06, 2008 9:12 pm
Posts: 5
Location: Rotterdam, Holland
Thx PhilD, for the hint and the link, i tweaked gacl.class a bit but i really wanted something else.
1. make registered users default authors
2. make authors not part of the 'Special' content authorisation group but 'Registered' content group,
so some content can be hidden for 'Public' & 'Registered' but viewable for 'Special' (publishers, managers, administrators)

The first was solved by this hack in /components/com_registration/registration.php:
replace 'Registered' with 'Author'
Code:
function saveRegistration() {
   global $database, $acl;
...
   $row->id       = 0;
   $row->usertype    = '';
   $row->gid       = $acl->get_group_id( 'Author', 'ARO' );
...


The second hack i didn't find yet, but this can be solved by an extension.
If somebody knows a quick&dirty trick, let me know. Thx.


Last edited by kroonweb on Thu Feb 07, 2008 8:31 pm, edited 1 time in total.

Top
 Profile  
 
PostPosted: Fri Feb 08, 2008 2:58 am 
User avatar
Joomla! Hero
Joomla! Hero

Joined: Sat Oct 21, 2006 10:20 pm
Posts: 2727
Location: Wisconsin USA
I must not follow completely, which can be normal  :D

I don't think you can take authors out of the special group. At least not without something like JACLPlus, which makes many modifications to core Joomla files.

If you want authors to only edit their own content you might play around with the "all" and "own" in the gacl.class.php section, but leave author in the lines and see what happens.

The change I gave essentially makes all author level users registered users as far as actions available to the various levels go. It takes away any author actions from authors so they only have registered user actions available. All other author level permissions are still in effect. I.E they are actually in the special group. That way you can hide articles, buttons etc. from registered and public users but have them show for anyone of author level.

Like I said I get 3 different levels of users to my site. Public, registered who are users who bought from the store or just registered on the site, and Club Members. Only club members have access to the private club areas. When a club member logs in, they will have additional menu items, articles, and other information available to them. Since I do not want club members to be able to add, change, or otherwise mess anything up, I restricted them in their actions using the above mod.   

Soap Box Time.
I would agree with many people on the forum that Joomla is VERY severely lacking in any real kind of permission levels. I would also agree that advanced permissions should be built in and not some convoluted component add on that must be redone every time a new version of Joomla comes out. Heck SMF (Simple Machine Forum) has a pretty good way of creating and setting permission levels, why can't Joomla have something similar. Pick and choose what users can, can not do. Need a special group? Make one based on another groups permissions and then adjust the new groups permissions as needed.

_________________
PhilD -- Unrequested PM's and/or emails may not get a response.
Security Moderator


Top
 Profile  
 
PostPosted: Sun Nov 16, 2008 1:19 pm 
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Sat Nov 26, 2005 1:16 am
Posts: 115
yes it is a huge let down on joomla behalf that the ACL is so limited. I really dont think Authors should be in the Special group.

I have a website of 5000 members and want any member who wants to submit an article to be able to. The only problem with making everyone an author is then they have 'Special' access rights, so i cannot hide menu items and modules etc from all my members. So for years now i have had to make do with just keeping my members set to registered but ive now decided that i need my users to be able to submit articles.

Anyone know how they can submit articles as registered members or remove author from special acl group?


Top
 Profile  
 
PostPosted: Tue Jun 02, 2009 4:01 am 
Joomla! Fledgling
Joomla! Fledgling

Joined: Mon May 25, 2009 6:50 am
Posts: 1
Nice workaround PhilD I like the way you think.
I see your wheels were turning. This is exactly what will keep me going until 1.6 comes out.

Maybe you can give me a suggestion on my math site.

I want unregistered users to be able to access level 1.
Registered users to access level 1 and level 2.
Special(authors) to access level 1 2 and 3.

For a person to go from Registered to Author(special) They have to pay a subscription fee.

I would then have to manually check that they made the payment and change their group, i might get lazy/busy and not be able to update permission regularly.

I thought of making manual temporary accounts. So right as a person pays they get sent an (auto) email with a pre created username and password listed in it, maybe paypal IPN can do this, or outlook express with rules. Once i get around to changing their permission, i email them and tell them they can use their account again. Then i delete the temporary (special user) and make a new one and add it to the email.

How do i make this process the least stressful for me? S it is semi automatic and people can access level 1 2 and 3 right after they pay? I'm trying to stick to free methods for now. Give me your suggestions please. feel free to think outside the box.

My main goal is to give them automatic access to level 1 2 and 3 after the pay.


Top
 Profile  
 
PostPosted: Mon Jun 22, 2009 2:36 am 
Joomla! Enthusiast
Joomla! Enthusiast

Joined: Wed Feb 11, 2009 3:38 am
Posts: 141
hi,
i am looking for something similar i believe.
i have a cb community.
i am trying to offer a free registered level of membership
and then a premium level for a member so they
can have access to special items and such.
can you offer any advice or help?
thanks

_________________
Paddock
http://www.twitter.com/boycottfootball


Top
 Profile  
 
PostPosted: Sat Jan 23, 2010 4:03 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Fri Jan 08, 2010 12:53 am
Posts: 9
The file you've mentioned - gacl.class.php in the includes folder only contains the following line:

require_once( dirname(__FILE__) .'/../libraries/phpgacl/gacl.php' );

In that folder, phpgacl, there are two files - gacl.php and gacl-api.php.
Neither of them contains the code you're talking about, so how am I supposed to follow your instructions? What version of Joomla! you used back then?


Top
 Profile  
 
PostPosted: Sat Jan 23, 2010 5:41 pm 
User avatar
Joomla! Hero
Joomla! Hero

Joined: Sat Oct 21, 2006 10:20 pm
Posts: 2727
Location: Wisconsin USA
To make author level a class of registered user so you can have registered site users (free level) and site users who have access to hidden content (premium level) that is not available to free level users, you can do the following core hack.

This is for version 1.0.xx of Joomla. The 1.5.xx version the file is located (and named different) and I will have to look it up.
In 1.0.xx version of Joomla open /includes/gcal.class.php and look for this section:
Code:
// actions
      $this->_mos_add_acl( 'action', 'add', 'users', 'author', 'content', 'all' );
      $this->_mos_add_acl( 'action', 'add', 'users', 'editor', 'content', 'all' );
      $this->_mos_add_acl( 'action', 'add', 'users', 'publisher', 'content', 'all' );
      $this->_mos_add_acl( 'action', 'edit', 'users', 'author', 'content', 'own' );
      $this->_mos_add_acl( 'action', 'edit', 'users', 'editor', 'content', 'all' );
      $this->_mos_add_acl( 'action', 'edit', 'users', 'publisher', 'content', 'all' );
      $this->_mos_add_acl( 'action', 'publish', 'users', 'publisher', 'content', 'all' );

find the lines with author in it and remove author like so:
Code:
// actions
      $this->_mos_add_acl( 'action', 'add', 'users', 'author', 'content', 'all' );
      $this->_mos_add_acl( 'action', 'add', 'users', 'editor', 'content', 'all' );
      $this->_mos_add_acl( 'action', 'add', 'users', 'publisher', 'content', 'all' );
      $this->_mos_add_acl( 'action', 'edit', 'users', 'author', 'content', 'own' );
      $this->_mos_add_acl( 'action', 'edit', 'users', 'editor', 'content', 'all' );
      $this->_mos_add_acl( 'action', 'edit', 'users', 'publisher', 'content', 'all' );
      $this->_mos_add_acl( 'action', 'publish', 'users', 'publisher', 'content', 'all' );


Save and upload it back. This will enable you to promote registered users (free) to author (premium) which is in the 'special' Joomla group but the authors won't have any more rights than registered users. Make the content etc. you want hidden visible to the 'special' Joomla group and then only those with author privileges can see the content. The authors level will not have normal author privileges, but more like normal registered users. I use this core hack to make a club member level with content visible only to club members.

_________________
PhilD -- Unrequested PM's and/or emails may not get a response.
Security Moderator


Top
 Profile  
 
PostPosted: Sat Jan 23, 2010 5:52 pm 
User avatar
Joomla! Hero
Joomla! Hero

Joined: Sat Oct 21, 2006 10:20 pm
Posts: 2727
Location: Wisconsin USA
In Joomla 1.5.xx you can do the same by modifying the /libraries/joomla/user/authorization.php file

Look for the following section:
Code:
// actions
      $this->addACL( 'com_content', 'add', 'users', 'author', 'content', 'all' );
      $this->addACL( 'com_content', 'add', 'users', 'editor', 'content', 'all' );
      $this->addACL( 'com_content', 'add', 'users', 'publisher', 'content', 'all' );
      $this->addACL( 'com_content', 'edit', 'users', 'author', 'content', 'own' );
      $this->addACL( 'com_content', 'edit', 'users', 'editor', 'content', 'all' );
      $this->addACL( 'com_content', 'edit', 'users', 'publisher', 'content', 'all' );
      $this->addACL( 'com_content', 'publish', 'users', 'publisher', 'content', 'all' );


Remark out the two lines that contain author like so:
Code:
// actions
      //$this->addACL( 'com_content', 'add', 'users', 'author', 'content', 'all' );
      $this->addACL( 'com_content', 'add', 'users', 'editor', 'content', 'all' );
      $this->addACL( 'com_content', 'add', 'users', 'publisher', 'content', 'all' );
      //$this->addACL( 'com_content', 'edit', 'users', 'author', 'content', 'own' );
      $this->addACL( 'com_content', 'edit', 'users', 'editor', 'content', 'all' );
      $this->addACL( 'com_content', 'edit', 'users', 'publisher', 'content', 'all' );
      $this->addACL( 'com_content', 'publish', 'users', 'publisher', 'content', 'all' );


You can now use author level as a (premium) registered level so that content etc. marked as 'special' will be visible to them, but they have only registered user privileges like the 1.0.xx core hack in the post above provides.

_________________
PhilD -- Unrequested PM's and/or emails may not get a response.
Security Moderator


Top
 Profile  
 
PostPosted: Sat Jan 23, 2010 11:53 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Fri Jan 08, 2010 12:53 am
Posts: 9
PhilD wrote:
In Joomla 1.5.xx you can do the same by modifying the /libraries/joomla/user/authorization.php file

And that was what I've been looking for. Thanks! : )


Top
 Profile  
 
PostPosted: Wed Feb 24, 2010 1:20 pm 
Joomla! Fledgling
Joomla! Fledgling

Joined: Wed Feb 24, 2010 1:16 pm
Posts: 1
I tried this, but its not working for menus/modules.

How can you hide menus/modules doing a similar hack?


Top
 Profile  
 
PostPosted: Sat Feb 27, 2010 5:29 pm 
Joomla! Intern
Joomla! Intern

Joined: Mon May 11, 2009 3:00 am
Posts: 98
I'm hoping for a way to set view permissions for modules (menus) as well. My hope is to have free open access to anonymous and registered users while having only certain menus and articles viewable by superadmin.

_________________
Landscape Architecture Resource
everything useful for landscape architects
http://landscapearchitectureresource.com
jobs | schools | materials | news | firms | lare


Top
 Profile  
 
PostPosted: Sat Feb 27, 2010 10:40 pm 
User avatar
Joomla! Hero
Joomla! Hero

Joined: Sat Oct 21, 2006 10:20 pm
Posts: 2727
Location: Wisconsin USA
Quote:
I'm hoping for a way to set view permissions for modules (menus) as well. My hope is to have free open access to anonymous and registered users while having only certain menus and articles viewable by superadmin.


That is done by what permission level you set for the menu button, article, module, etc.
There are 3 general levels Public, Registered, and Special
Each builds on permissions of the previous one. I.E. the Special level inherits all special and public permissions.

All persons assigned in user to levels of Author and above are in Special category
super-admin is in that Special category and if you don't assign any users higher than registered then they can not see what is assigned to special level.

If you need more control than that there are many extensions that will expand what you can assign to users and what level users are.

_________________
PhilD -- Unrequested PM's and/or emails may not get a response.
Security Moderator


Top
 Profile  
 
PostPosted: Tue Apr 27, 2010 4:43 pm 
Joomla! Fledgling
Joomla! Fledgling

Joined: Thu Sep 11, 2008 6:10 pm
Posts: 1
Is there a way in Joomla 1.5 to auto assign a "special" acccess level upon registration? I have a website where I need to assign 'special' level access to members who register using a link that contains an account number. The sticky point is trying to auto-set the access level to 'special'. Thanks for your help.


Top
 Profile  
 
PostPosted: Tue May 11, 2010 9:42 am 
Joomla! Fledgling
Joomla! Fledgling

Joined: Fri May 07, 2010 8:52 am
Posts: 4
@Phil
The hack that you said works for content. Does it also work for modules? I created a module and made it's access special but I noticed that after using your hack, authors cannot see the module when they login. Please what could be the problem


Top
 Profile  
 
PostPosted: Sun Jul 04, 2010 6:08 am 
Joomla! Intern
Joomla! Intern

Joined: Tue Jun 29, 2010 3:30 am
Posts: 68
@jrajani
If I understand your question correctly, do this (Joomla 1.5):
Log into back end
Global Configuration
User Settings
New User Registration Type

_________________
New to Joomla! but trying really hard to figure things out on my own! If I am asking here, I am likely frustrated, embarrassed or otherwise not happy. Please be easy on me and I will try to get back to it on my own without being a pest. ;)


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic This topic is locked, you cannot edit posts or make further replies.  [ 19 posts ] 



Who is online

Users browsing this forum: No registered users and 7 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
Powered by phpBB® Forum Software © phpBB Group