Viewing Access Levels

Post Reply
WADAEC
Joomla! Apprentice
Joomla! Apprentice
Posts: 7
Joined: Fri Feb 08, 2019 11:21 am

Viewing Access Levels

Post by WADAEC » Mon Aug 17, 2020 1:24 pm



Hi there, we are trying to create a user access level in 3.9.20 and for some reason it will not allow the user to login.

We are using the usual set up with a new group, view access level, allow admin interface but when the client tries to login, it says they are not allowed to access the admin area - has something changed with the new upgrade?

Help urgently please as we have client training tomorrow.

Thank you so much in advance
Last edited by imanickam on Tue Aug 18, 2020 3:18 am, edited 1 time in total.
Reason: Moved topic » from Administration Joomla! 3.x to Access Control List (ACL) in Joomla! 3.x

User avatar
mjparadac
Joomla! Hero
Joomla! Hero
Posts: 2197
Joined: Mon Oct 29, 2012 3:58 pm

Re: Viewing Access Levels

Post by mjparadac » Mon Aug 17, 2020 2:17 pm

Hello WADAEC
Have you checked the settings for groups, actions, and inheritance?
Check if there has been any change in the user group you want to use.

Regards,
Joomla Community Ambassador for A2 Hosting | A2 Hosting - Our speed, your success | https://www.a2hosting.com/joomla-hosting

User avatar
Webdongle
Joomla! Master
Joomla! Master
Posts: 39469
Joined: Sat Apr 05, 2008 9:58 pm

Re: Viewing Access Levels

Post by Webdongle » Mon Aug 17, 2020 2:50 pm

Set Parent of the Group 'Registered
In Global config Allow Admin login. (leave other Permissions inherited.
In the Component menu Options Allow 'Access Administration Interface' . If you do that in global config they access all components not just the component(s) you want them too.
http://www.weblinksonline.co.uk/
https://www.weblinksonline.co.uk/updating-joomla.html
"The definition of insanity is doing the same thing over and over again, but expecting different results": Albert Einstein.

WADAEC
Joomla! Apprentice
Joomla! Apprentice
Posts: 7
Joined: Fri Feb 08, 2019 11:21 am

Re: Viewing Access Levels

Post by WADAEC » Wed Aug 26, 2020 10:03 am

Thanks guys for your replies but the client can't even login after doing what you have suggested and that is the same actions we have been using up until now, so I am unsure why this is happening - any ideas? Anyone else had a similar issue?

Thanks in advance

User avatar
Webdongle
Joomla! Master
Joomla! Master
Posts: 39469
Joined: Sat Apr 05, 2008 9:58 pm

Re: Viewing Access Levels

Post by Webdongle » Wed Aug 26, 2020 11:12 am

If you have followed viewtopic.php?p=3612539#p3611800 correctly then one of several problems is happening.
  • You have a 3rd party extension handling login/access levels
  • They are logging in with the wrong credentials
    Have you tested by creating a test user and putting them in the new group or are you just relying on their ability?
Screenshot of global config Permissions for the new user group please. Also screenshot of the edit screen for Users >>> User Groups >>> your new user group

https://forumpostassistant.github.io/docs/ please
http://www.weblinksonline.co.uk/
https://www.weblinksonline.co.uk/updating-joomla.html
"The definition of insanity is doing the same thing over and over again, but expecting different results": Albert Einstein.

User avatar
toivo
Joomla! Master
Joomla! Master
Posts: 13265
Joined: Thu Feb 15, 2007 5:48 am
Location: Zagreb, Croatia

Re: Viewing Access Levels

Post by toivo » Wed Aug 26, 2020 11:28 am

Change the parent of the new group to be 'Administrator' and see if that gives the user in the new group proper access to the back end.

Once the member of the new group can login to the back end, you can start limiting the permissions from the Options button or function of each component, depending on the designed workflow and permissions planned for the new group.

Go to Users - User Groups and click the link 'Advanced Permissions Report' under the name of the new user group to review the permissions.
Toivo Talikka, Global Moderator

User avatar
Webdongle
Joomla! Master
Joomla! Master
Posts: 39469
Joined: Sat Apr 05, 2008 9:58 pm

Re: Viewing Access Levels

Post by Webdongle » Wed Aug 26, 2020 12:31 pm

toivo wrote:
Wed Aug 26, 2020 11:28 am
...
Once the member of the new group can login to the back end, you can start limiting the permissions from the Options button or function of each component, depending on the designed workflow and permissions planned for the new group....
Sorry to disagree but restriction is not best done by component because it requires a 'Hard' deny and causes possible security issues should a new extension be added at a later date.

Best practice is to have 'Registered' as Parent for the new group and then in global config only change Permission for Admin login to Yes. If a user can not log in to admin then the credentials they use are in question and a test user should be used to test. If the user can log in frontend but not Admin then it is possible that a 3rd party extension is preventing the admin login.

@WADAEC
I will set it up on my site like I have explained to you and pm you a login to test.

Bottom line
New user groups should not have higher than 'Registered' as Parent because of security reasons.
http://www.weblinksonline.co.uk/
https://www.weblinksonline.co.uk/updating-joomla.html
"The definition of insanity is doing the same thing over and over again, but expecting different results": Albert Einstein.

User avatar
toivo
Joomla! Master
Joomla! Master
Posts: 13265
Joined: Thu Feb 15, 2007 5:48 am
Location: Zagreb, Croatia

Re: Viewing Access Levels

Post by toivo » Wed Aug 26, 2020 12:57 pm

Webdongle wrote:
Wed Aug 26, 2020 12:31 pm
Sorry to disagree but restriction is not best done by component because it requires a 'Hard' deny and causes possible security issues should a new extension be added at a later date.
...
Bottom line
New user groups should not have higher than 'Registered' as Parent because of security reasons.
No problems and I fully agree, minimalism is best practice and a safer starting point for permissions on the need-to-know basis in the workflow.
Toivo Talikka, Global Moderator

User avatar
Webdongle
Joomla! Master
Joomla! Master
Posts: 39469
Joined: Sat Apr 05, 2008 9:58 pm

Re: Viewing Access Levels

Post by Webdongle » Wed Aug 26, 2020 12:58 pm

Set Parent of the Group 'Registered'
In Global config Allow Admin login. (leave other Permissions inherited.
That allows admin login

In the Component menu Options Allow 'Access Administration Interface' . If you do that in global config they access all components not just the component(s) you want them too.

The part I missed to say was in Users >>> view/access level >>> Special ... select the new use group. That allows the user in the new group to see the Admin menu.
http://www.weblinksonline.co.uk/
https://www.weblinksonline.co.uk/updating-joomla.html
"The definition of insanity is doing the same thing over and over again, but expecting different results": Albert Einstein.

WADAEC
Joomla! Apprentice
Joomla! Apprentice
Posts: 7
Joined: Fri Feb 08, 2019 11:21 am

Re: Viewing Access Levels

Post by WADAEC » Thu Aug 27, 2020 5:35 pm

@webdongle

Yes please that would be fab so that I can see what I am doing wrong :S Driving me mad as you can imagine

Debs x

User avatar
Webdongle
Joomla! Master
Joomla! Master
Posts: 39469
Joined: Sat Apr 05, 2008 9:58 pm

Re: Viewing Access Levels

Post by Webdongle » Thu Aug 27, 2020 6:27 pm

Sent a pm check your Private messages
http://www.weblinksonline.co.uk/
https://www.weblinksonline.co.uk/updating-joomla.html
"The definition of insanity is doing the same thing over and over again, but expecting different results": Albert Einstein.


Post Reply

Return to “Access Control List (ACL) in Joomla! 3.x”