[15]Access Management in Joomla! 1.6

jpatti
Joomla! Apprentice
Joomla! Apprentice
Posts: 38
Joined: Sun Aug 03, 2008 6:05 am

Re: User Permission Abilities

Post by jpatti » Tue Sep 16, 2008 3:05 pm

Nakebod wrote:also some editor groups which may only edit a few sections or categories.
I need this. I have a lot of corporate sites where someone in department X needs to be able to edit section X and *only* that section. I need to be able to assign authors to sections and/or categories. Right now, I have to "trust" people to not screw up and press buttons I should just be able to turn off entirely.

I also need one person to approve not only before a page is first published, but *every* time it's edited. In most companies, there's someone in marketing or creative services or such who does spelling/grammar checks, makes sure the corporate logo is used according to specs, everyone formats their phone number the same, keeps track of corporate-wide changes, etc. It's great they can be the "publisher" and approve the article, but they *also* need to approve edits of the article after it's published to make sure the standards are kept up with cause the authors know section X, they don't know all the corporate crap the "publisher" knows.

esatterwhite
Joomla! Intern
Joomla! Intern
Posts: 50
Joined: Wed Aug 13, 2008 1:23 pm

Re: User Permission Abilities

Post by esatterwhite » Tue Sep 16, 2008 6:05 pm

jpatti wrote:
I also need one person to approve not only before a page is first published, but *every* time it's edited. In most companies, there's someone in marketing or creative services or such who does spelling/grammar checks, makes sure the corporate logo is used according to specs, everyone formats their phone number the same, keeps track of corporate-wide changes, etc. It's great they can be the "publisher" and approve the article, but they *also* need to approve edits of the article after it's published to make sure the standards are kept up with cause the authors know section X, they don't know all the corporate crap the "publisher" knows.

there is a pretty good extension for this. They just converted to 1.5 native and working out some kinks, but it will be there soon.
http://www.ernitech.com/egxact-revision-manager.html

User avatar
almamun
Joomla! Guru
Joomla! Guru
Posts: 798
Joined: Fri Jul 18, 2008 2:28 pm
Location: Dinajpur, Bangladesh
Contact:

Re: [15]Access Management in Joomla! 1.6

Post by almamun » Thu Sep 18, 2008 12:01 pm

When 1.6 is coming?

All you've told my wish.

Are we getting these?
Bengali (Bangladesh) Forum Moderator

http://amviro.com - Web & App Development.

piegus
Joomla! Apprentice
Joomla! Apprentice
Posts: 10
Joined: Wed Aug 13, 2008 1:06 pm

Re: [15]Access Management in Joomla! 1.6

Post by piegus » Mon Sep 22, 2008 8:30 am

I'm also thinking about that. Beacuse there's been J1.5.7 relase so I was wondering is this will be such fast as the previous updates.

User avatar
Tonie
Joomla! Master
Joomla! Master
Posts: 16584
Joined: Thu Aug 18, 2005 7:13 am

Re: [15]Access Management in Joomla! 1.6

Post by Tonie » Mon Sep 22, 2008 8:36 am

No date has been set for 1.6, so you might have to wait a while.

esatterwhite
Joomla! Intern
Joomla! Intern
Posts: 50
Joined: Wed Aug 13, 2008 1:23 pm

Re: Better ACL permissions – based on groups or users?

Post by esatterwhite » Mon Sep 29, 2008 12:03 am

webamoeba wrote:
the_real_svempa wrote:This is exactly the way I can see a basic permission system be implemented.
ewww yuck. ;) lol - This is really not a viable solution. A drop down list of all users! blimey, that in itself would be completely unmanageable in sites with a large number of users.

On a far more positive note, I agree that access-control is an important issue. I remember back when I discovered Joomla! (at the time it was Mambo) and thinking how important this was and that it needed addressing. Sadly X years on it has still not been fully realised.

OK, a quick bit of background, Joomla! uses PHP GACL, sort of, or rather, in a very limited way. PHP GACL consists of four `concepts`:

ACL - Access Control List - Permissions list for an object
ACO - Access Control Object - Object to deny or allow access to
AXO - Access eXtension Object - Extended object to deny or allow access to
ARO - Access Request Object - Object requesting access

To explain this a bit better I'll grab a quote from a Joomla! book:
In phpGACL, permissions are given to ARO groups and AROs, to access ACOs and AXOs. In Joomla! we only give permissions to ARO groups, and Joomla! users can only be a member of one group, whereas in phpGACL AROs can be members of multiple groups

These differences between Joomla! and phpGACL are due to one major factor. In phpGACL when we check permissions, we ask the question ‘does ARO X have access to ACO Y?’. In Joomla! we ask the question ‘does ARO group X have access to ACO Y?’. The way in which we assign permissions in Joomla! will be altered in the future to use the same principals as phpGACL.
Fully implementing PHP GACL fully is a major issue, mainly because of backwards compatibility. J! 1.5 has made some additional contributions to the setup that make some big differences, it's just that its all pretty invisible to the end user and admins. For example, the MVC framework includes permission checking and the JUser class includes a handy authorize() method. Also the three groups public, registered, special, I think have technically been deprecated...?

OK, I'm getting a bit bogged down in the technicalities, so rather than bore us all to death (myself included) let's address the real issue here. Not 'we want better access-control', but 'What are the ramifications of implementing PHP GACL fully on both the J! core and third party extensions, and what is the best way to deal with the transition period'.

I remember some time ago, I saw something stating that this would be addressed in J! 2... but I'm not sure if I just imagined that ;) lol.
I think a drop down or list box where one can assign permissions to all of the users would be great. there is nothing wrong with granular control. However, large sites would be difficult. So the ability to create groups and assign permissions in more of a blanket method would help.

Having the ability to create custom groups with custom permission sets would be great. Groups like Admin, staff, editor, author, user, publisher, banned, etc. would be a dream for a lot of users. and if you don't want that much control then you wouldn't need it however, the current ACL system is very much lacking.

stevetsi
Joomla! Apprentice
Joomla! Apprentice
Posts: 17
Joined: Sun Jan 22, 2006 11:21 pm
Location: Annapolis, MD
Contact:

Re: [15]Access Management in Joomla! 1.6

Post by stevetsi » Wed Oct 08, 2008 11:41 pm

Forgive me if I upset anyone by saying this, but JACLplus pro BYOSTECH is the BEST ACL component for for Joomla ever made. Yes, the support for it is horrible, they make you pay and force you to use Zend Optimizer because some of the code is encoded...

BUT...

The system just WORKS.

I can create unlimited groups and assign to them as many other groups I want. PLUS, not only can I assign any user to anyone of those groups (which may contain the permissions of other groups as well), but I can assign as many SUB-GROUPS as I want to that user!

JACLplus pro ties in strongly with the existing PHPGACL permissions tables and ads one additional table that deals with the assignment of sub-groups to individual users.

I have actually implemented this on a LARGE scale with a remote user authentication system (with a custom authentication plugin I developed) that creates user sessions on login and assigns the users their appropriate sub-groups (as dictated by the webservice against which I authenticate - Apache Axis).

PLEASE, Joomla developers, use the model spearheaded by BYOSTECH and implement robust and granular ACL into this CMS as soon as possible.

Here's how you solve the problem of backwards compatibility:

(simplified, but proves the point)
1. Place the access groups assigned to the the article, component, or whatever into one array. Place the *required* permissions groups (to gain access to that item) into a second array. These arrays will be compared in the next step.
2. User php's array intersect - a NULL value means no intersection, therefore no access. Not NULL, means you got access.
3. The key is that, when standard Joomla access control rights exist, the array containing the "assigned access groups" will only one have one value - public, registered, or Special. With ACL "enhanced" components, that array will contain ALL the assigned access groups.

Yes, all components, modules, plugins, will have to be recoded to accommodate this change, but the change will be consistent and backwards compatible. Compatibility with old extensions will ONLY be broken if the Joomla users chooses to define groups beyond the standard Joomla ACL groups. There is no reason why an option bit in the Configuration menu cannot be "flipped" to allow or deny access to custom group creation and assignment to articles and extensions.

eirinikos
Joomla! Apprentice
Joomla! Apprentice
Posts: 7
Joined: Fri Oct 24, 2008 11:08 pm

Re: [15]Access Management in Joomla! 1.6

Post by eirinikos » Sat Oct 25, 2008 10:49 pm

I just can't believe you guys would build something as awesome as Joomla and then leave out something so fundamental and necessary.

... and all of these "commercial" solutions really tick me off. They're like buzzards trying to make a buck by exploiting this area of weakness.

Since when do you release something GNU/GPL and then SELL it??

User avatar
Tonie
Joomla! Master
Joomla! Master
Posts: 16584
Joined: Thu Aug 18, 2005 7:13 am

Re: [15]Access Management in Joomla! 1.6

Post by Tonie » Sun Oct 26, 2008 11:19 am

eirinikos wrote:I just can't believe you guys would build something as awesome as Joomla and then leave out something so fundamental and necessary.

... and all of these "commercial" solutions really tick me off. They're like buzzards trying to make a buck by exploiting this area of weakness.

Since when do you release something GNU/GPL and then SELL it??
And why shouldn't they? Do you have any idea how much time it takes to build extensions?

stevetsi
Joomla! Apprentice
Joomla! Apprentice
Posts: 17
Joined: Sun Jan 22, 2006 11:21 pm
Location: Annapolis, MD
Contact:

Re: [15]Access Management in Joomla! 1.6

Post by stevetsi » Sun Oct 26, 2008 3:27 pm

I have to agree with Tonie. If someone steps up and gets the job done, I've got no problem compensating them for it. By the way, GNU/GPL doesn't mean you can't make money from it - the main advantage is that no one company has a proprietary stranglehold over the software development process and implementation.

I digress.

Full ACL in Joomla couldn't come soon enough. This combined with a robust versioning component could push Joomla far ahead of Drupal and give it the serious community respect it deserves.

User avatar
trouble
Joomla! Intern
Joomla! Intern
Posts: 92
Joined: Tue Jul 31, 2007 9:27 am
Location: UK

Re: [15]Access Management in Joomla! 1.6

Post by trouble » Sun Oct 26, 2008 3:30 pm

Tonie wrote:
eirinikos wrote:Since when do you release something GNU/GPL and then SELL it??
And why shouldn't they? Do you have any idea how much time it takes to build extensions?
And how much time have they saved by using the Joomla framework? I thought one of the principles of open source is giving back to the community. ;) :pop

jpatti
Joomla! Apprentice
Joomla! Apprentice
Posts: 38
Joined: Sun Aug 03, 2008 6:05 am

Re: [15]Access Management in Joomla! 1.6

Post by jpatti » Sun Oct 26, 2008 6:17 pm

I don't personally have any problem paying for extensions. Some are free, some you pay, no problem.

Hell, I'd not have a problem paying for Joomla itself. I don't use it cause it's free, but cause it rocks and there's so much stuff available.

But with something as *basic* as user management, I'd rather wait for something in the core. I don't want to install an extension, train all my users on it, and then find out I have to upgrade Joomla due to a security issue, and the extension doesn't work with the new version, so I find another extension and have to train users on that, etc.

For me, personally, until it's in the core and supported by the Joomla team, I can't risk it, ya know?

eirinikos
Joomla! Apprentice
Joomla! Apprentice
Posts: 7
Joined: Fri Oct 24, 2008 11:08 pm

Re: [15]Access Management in Joomla! 1.6

Post by eirinikos » Sun Oct 26, 2008 9:13 pm

Tonie wrote:And why shouldn't they? Do you have any idea how much time it takes to build extensions?
I was referring mainly to JACL and other similar "hack" solutions to fix the ACL problem.

I don't have a problem paying for an extension that does something awesome.

But like JPatti said.. this is something basic and fundamental, and I'm going to either have to learn how to hack the core myself or get some help from someone who's already done it. And I don't want to pay for a hack :-\

:D

esambe
Joomla! Apprentice
Joomla! Apprentice
Posts: 6
Joined: Thu Jul 24, 2008 2:57 am
Contact:

Re: [15]Access Management in Joomla! 1.6

Post by esambe » Sun Oct 26, 2008 9:15 pm

I have a bit of money in my paypal, willing to finance work on ACL and also willing to take part in development of the same, i have all the RAD tools i need to participate. Can someone tell us how we can participate. Even if I am not accepted into the core team. I have debugging and profiling software that with one hour per day investment I can pinpoint bugs (given test procedures or sandbox). I am willing to be involved in any way to have this feature implemented sooner.

I also think its not mature to post in a disgruntled tone or complaing when you are doing nothing to aid development of this open source software. I think if you have nothing (i.e no cash or man hours) to offer the best you can do is add your voice to the global request for ACL but not demand or complain.

please, core developers, we appreciate your work and wanna participate. let us know how.

mainstwebguy
Joomla! Enthusiast
Joomla! Enthusiast
Posts: 118
Joined: Fri Aug 29, 2008 11:40 am
Location: Michigan
Contact:

Re: [15]Access Management in Joomla! 1.6

Post by mainstwebguy » Thu Oct 30, 2008 7:52 pm

The ability to limit what parts of the backend users would have access too would be simple amazing :-) I hope to see this in 1.6!! Great suggestion!

esambe
Joomla! Apprentice
Joomla! Apprentice
Posts: 6
Joined: Thu Jul 24, 2008 2:57 am
Contact:

Re: [15]Access Management in Joomla! 1.6

Post by esambe » Sat Nov 01, 2008 7:45 am

I think the greatest value joomla 1.5 brought to joomla users who know even a bit of php is the ability to easily customise code without touching (any) joomla code (aka hacking it). In coming elections, the candidates will have to state whether he support joomla ACL or not!
and if you dont, away with you ;-)
PS. this is intended to be a purely joomla comment

stevetsi
Joomla! Apprentice
Joomla! Apprentice
Posts: 17
Joined: Sun Jan 22, 2006 11:21 pm
Location: Annapolis, MD
Contact:

Re: [15]Access Management in Joomla! 1.6

Post by stevetsi » Thu Nov 06, 2008 3:56 pm

I am desperately hoping the the Joomla Dev team integrates granular ACL into J1.6, at least as it is implemented by ByOStech in JACLplus pro.

Earlier this year I developed quite an ambious site using Joomla & JACLplus pro. You can visit it at **************.com (PM me if you want the link).

It is built with mulitple templates assigned to various section & categories of content (via pre-assigned menu links). All the premium services are user & password protected and access is controlled by JACL. What's more, is that users can belong to any number of subgroups, depending on their subscription.

Here's where it gets really interesting:
The system incorporates a dual authentication system - local Joomla login and remote authentication to a webservice powered by Apache Axis, by SOAP requests via PHP/Java Bridge. When a user authenticates against the webservice, they are momentarily created in the database so that permissions can be assigned and the session is created. As soon as the session is created, the new user is destroyed. What's key here is that the user needs to be assigned not only to a GROUP, but to a collection of SUBGROUPS associated with their subscriptions (for which the information is pulled from the webservice and stored in Java arrays which are converted to php arrays).

I am doing this with Joomla - NOW. BUT, we need a native granular ACL so I don't have to keep modifing modules and plugins to recognize the new groups and subgroups.

The bottom line is that what people are asking for in this thread HAS ALREADY BEEN DONE. I AM DOING IT NOW. The Joomla dev team just needs to finish fully integrating, in this case, phpgacl, into the core.

User avatar
feldon27
Joomla! Explorer
Joomla! Explorer
Posts: 334
Joined: Tue Aug 23, 2005 2:18 pm
Location: Houston, TX

Re: [15]Access Management in Joomla! 1.6

Post by feldon27 » Thu Nov 06, 2008 8:03 pm

I am really looking forward to Joomla 1.6 for the main reason is full Usergroup Permissions (ACL)!!! I am stuck with Joomla 1.0.x and JACLPlus because it is the best implementation of ACL available for Joomla.

Joomla 1.6 core has got to have full ACL, whether that is based on existing ARO, ACO, AXO, ACL (which JACLPlus simply takes the foundation and fully implements). The core of Section, Category, and Article must fully respect ACL with View, Edit, Publish/Manage/Approve, so I can dole out management of my site to different users.

If Joomla 1.6 adds Versioning, then we also might need permissions of "Hard Delete", "Edit Original", I don't know. Or that might be Admin only.

Just as important, and to set an example, all the bundled Joomla Plugins should set the standard for ACL adoption. FAQ, Banners, Glossary, etc. should have View, Edit, Publish rights controlled by Usergroups.

Also these Components and/or Plugins should have Admin (backend) permissions. The hardest part might be Admin Control Panel. If we can really create a useful distinction between Administrator and Super Administrator that would be helpful.


ACL: I believe if you build it, they will come. Even though JACLPlus is a niche product (and seems to be abandoned as far as support these days), Components have been tweaked to support ACL. Plus JACL took the initiative to take other popular components and make them ACL-aware. If Joomla 1.6 had ACL out of the box, I imagine developers would add the appropriate IF statements to their components overnight.


I am going back through this thread and reading now to learn as much as possible. I am really looking forward to full ACL for Joomla 1.6.

I am curious -- How does this thread link to the Summer of Code project?

Also I see some very useful threads which are linked earlier in this thread have been lost?

Finally a little note about CommunityBuilder. When I needed to build a site for a client with Usergroups, people pointed me to CommunityBuilder. I am still frustrated with the hours I spent researching and trying to use it. Thus, whenever I see mention of CommunityBuilder, I cringe. Sorry, but CB is just an extended profile plugin from what I can see. It doesn't even really allow people to create their own spaces which is what I was expecting, let alone Usergroup control which is what this thread is about.
Last edited by feldon27 on Thu Nov 06, 2008 8:53 pm, edited 3 times in total.

User avatar
feldon27
Joomla! Explorer
Joomla! Explorer
Posts: 334
Joined: Tue Aug 23, 2005 2:18 pm
Location: Houston, TX

Re: [15]Access Management in Joomla! 1.6

Post by feldon27 » Thu Nov 06, 2008 8:23 pm

trouble wrote:
Tonie wrote:
eirinikos wrote:Since when do you release something GNU/GPL and then SELL it??
And why shouldn't they? Do you have any idea how much time it takes to build extensions?
And how much time have they saved by using the Joomla framework? I thought one of the principles of open source is giving back to the community. ;) :pop
My problem with JACLPlus is the lying, the abandonment of their website, forums, and the community. They seem to take the money and run. There has not been an admin post on the forums since August 2007. The website is completely obsolete as all over the place it says the component is free and that they will release JACL for Joomla 1.5 to the public soon. Yet all there is the private JACLPro which is Encrypted, Commercial, yet completely unsupported software. Support e-mails are completely ignored. For $108 a year, I expect more than a slap in the face.

The feature set of JACLPlus is the role model for Joomla 1.6. Their documentation, support, and business practices are not. ;) And I say this as the operator of a tech support site for a product which costs a lot less than $108 a year. :) We offer direct support through the forum, answer questions, resolve issues, track bugs, etc.

User avatar
feldon27
Joomla! Explorer
Joomla! Explorer
Posts: 334
Joined: Tue Aug 23, 2005 2:18 pm
Location: Houston, TX

Re: [15]Access Management in Joomla! 1.6

Post by feldon27 » Thu Nov 06, 2008 8:36 pm

It is VERY FRUSTRATING that there are so many broken links in this thread? What happened to all the thread links? I don't mean 4 years ago, I mean March 2008 thread links are broken?
Last edited by feldon27 on Thu Nov 06, 2008 8:53 pm, edited 1 time in total.

stevetsi
Joomla! Apprentice
Joomla! Apprentice
Posts: 17
Joined: Sun Jan 22, 2006 11:21 pm
Location: Annapolis, MD
Contact:

Re: [15]Access Management in Joomla! 1.6

Post by stevetsi » Thu Nov 06, 2008 8:42 pm

feldon27

You make a valid point and it only serves to underscore how badly robust ACL is needed in Joomla.

Don't forget, though, I use JACL with J1.5.x and it works great.

User avatar
feldon27
Joomla! Explorer
Joomla! Explorer
Posts: 334
Joined: Tue Aug 23, 2005 2:18 pm
Location: Houston, TX

Re: [15]Access Management in Joomla! 1.6

Post by feldon27 » Thu Nov 06, 2008 8:48 pm

I was reading an earlier post in this thread. I am not really sure how to respond to Teams and Roles. It seems Teams is another word for Usergroup? JACLPlus does not allow one user to belong to multiple Usergroups. Joomla would need to correct this. Otherwise if you have 10 usergroups, then to make all possible combinations of them, you would have to create 10*9*8*7*6*5*4*3*2*1 Subgroups.


Just for folks who are not familiar with JACLPlus, here are the permissions it provides:

Administration
  • Config
  • Edit
    • Components
      • All
      • DBAdmin
      • Languages
      • MassMail
      • MenuManager
      • Templates
      • Trash
      • Users
      • Contact
      • Frontpage
      • Glossary
      • JACLPlus
      • Login
      • Newsfeeds
      • Poll
      • Search
      • Syndicate
      • Weblinks
    • Mambots
    • Modules
    • User Properties
  • Install
  • Login
  • Manage
Action
  • Add
    • Content
    • Section
    • Category
  • Edit
    • Content
    • Section
    • Category
    -Publish
    • Content
    • Section
    • Category
Workflow
  • Email Events
Last edited by feldon27 on Thu Nov 06, 2008 8:55 pm, edited 1 time in total.

User avatar
feldon27
Joomla! Explorer
Joomla! Explorer
Posts: 334
Joined: Tue Aug 23, 2005 2:18 pm
Location: Houston, TX

Re: [15]Access Management in Joomla! 1.6

Post by feldon27 » Thu Nov 06, 2008 8:49 pm

stevetsi wrote:feldon27

You make a valid point and it only serves to underscore how badly robust ACL is needed in Joomla.

Don't forget, though, I use JACL with J1.5.x and it works great.
You're the first positive post I've seen about JACLPro with Joomla 1.5.x. Does it have the same functionality as JACLPlus for 1.0.x? More? Less? Any conflicts you've seen? Of course the big problem is the sea change in Components. Most of the components that were popular at Joomla 1.0.x died off (mostly cause 3rd party devs got the impression that they were seen as expendible) and new ones took their place and I doubt ByOS is doing any effort to make those new components ACL-aware.

Can you shed some light on why they have completely abandoned the website? How did you figure out how to install it? Is there any support whatsoever? I don't want to derail this thread too much though. :)

User avatar
trouble
Joomla! Intern
Joomla! Intern
Posts: 92
Joined: Tue Jul 31, 2007 9:27 am
Location: UK

Re: [15]Access Management in Joomla! 1.6

Post by trouble » Thu Nov 06, 2008 8:52 pm

feldon27 wrote:It is VERY FRUSTRATING that there are so many broken links in this thread? What happened to all the thread links?
This thread is nearly 9 months old! ;)
But we've been waiting longer than that for ACL :eek:

User avatar
feldon27
Joomla! Explorer
Joomla! Explorer
Posts: 334
Joined: Tue Aug 23, 2005 2:18 pm
Location: Houston, TX

Re: [15]Access Management in Joomla! 1.6

Post by feldon27 » Thu Nov 06, 2008 9:01 pm

This thread is nearly 9 months old! ;)
But we've been waiting longer than that for ACL :eek:
It seems to be a very bad design feature of this forum software phpBB that a link to a thread includes not only the thread ID, but also the forum ID. If you move a thread from one forum to another, the link becomes invalid. This seems completely stupid and unnecessary to me and is NOT how vBulletin, IPB, and other forums work.

By the way on my forum I have links to topics from 2000 that are still valid. ;)

Then again if you want to look at boneheaded coding, vBulletin galleries unnecessarily include the albumID when viewing a photo. Move the photo to a new album, and the link breaks.

stevetsi
Joomla! Apprentice
Joomla! Apprentice
Posts: 17
Joined: Sun Jan 22, 2006 11:21 pm
Location: Annapolis, MD
Contact:

Re: [15]Access Management in Joomla! 1.6

Post by stevetsi » Thu Nov 06, 2008 9:38 pm

feldon27

I don't know what the deal is with byostech.

Installation was pretty straightforward... BUT you have to follow the JACL instructions! Make sure Zend Optimizer is installed. Make sure that the requisite files are uploaded in binary mode (not ASCII).

What can I say, the system just works.

I did have to modify certain modules/plugins.

For example, ninjaforge.com has some JACL access modules and plugins. I had to modify them though to recognized the JACL plus pro subgroups (I don't think this feature is available in J1.0.x releases). In doing so, I was able to use plugins that can selectively hide or show content in an article based on the logged in visitor's exact group permissions.

I also modified SWMenuPro to recognize JACL groups/subgroups. Specifically, I made a modification that allows the menu to hide top menu items based on the permissions level of SUBMENU items. Why, you ask? Because it allows me to link directly to the top-level pages, while using the menu system to hide them from non-members. That way, I can include teaser copy on those top-level menu item pages. By utilizing my show/no-show content plugins, I can then remove the teaser copy for logged in visitors. Wait, it gets better. I can even create an article with multiple hidden/shown content that correlates to the logged in visitors exact group memberships.

Anyway... please Joomla devs, show me some core, granular ACL love in J1.6.x!

User avatar
feldon27
Joomla! Explorer
Joomla! Explorer
Posts: 334
Joined: Tue Aug 23, 2005 2:18 pm
Location: Houston, TX

Re: [15]Access Management in Joomla! 1.6

Post by feldon27 » Thu Nov 06, 2008 10:59 pm

Thanks for the input!


Has anyone looked at:
http://www.jfoobar.org/blog/44-first-lo ... 6-acl.html

jpatti
Joomla! Apprentice
Joomla! Apprentice
Posts: 38
Joined: Sun Aug 03, 2008 6:05 am

Re: [15]Access Management in Joomla! 1.6

Post by jpatti » Fri Nov 07, 2008 1:11 am

feldon27 wrote: Has anyone looked at:
http://www.jfoobar.org/blog/44-first-lo ... 6-acl.html
That looks very, very kewl.

stevetsi
Joomla! Apprentice
Joomla! Apprentice
Posts: 17
Joined: Sun Jan 22, 2006 11:21 pm
Location: Annapolis, MD
Contact:

Re: [15]Access Management in Joomla! 1.6

Post by stevetsi » Sat Nov 08, 2008 1:57 pm

Correction to feldon27's statement:
JACLPlus does not allow one user to belong to multiple Usergroups. Joomla would need to correct this.
JACLPlus pro *does* allow members who belongs to groups to also belong to subgroups. That's what I was explaining in my previous post about how I developed a website that allows members be assigned to multiple ACL subgroups on login (permissions are contained within the Joomla session data field stored in the database under the jos_sessions tabel).

JACLplus (not pro) does not allow subgroups. Unfortunately, that "pro" distinction also requires a paid subscription (and J1.5, I think...), so most people will not discover it in passing.

Whatever, I'm just waiting now for core granular ACL.

User avatar
feldon27
Joomla! Explorer
Joomla! Explorer
Posts: 334
Joined: Tue Aug 23, 2005 2:18 pm
Location: Houston, TX

Re: [15]Access Management in Joomla! 1.6

Post by feldon27 » Sat Nov 08, 2008 5:25 pm

JACL is not available for Joomla 1.5 except as a commercial product. They never released JACLPlus for Joomla 1.5, despite initial promises.

Thanks for the info tho, glad to hear it does allow multiple usergroup memberships.


Locked

Return to “Accepted - Archived”