Restrict admin access for specific plugin in backend

Moderators: mandville, General Support Moderators

Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.
Windows Defender SmartScreen Issues <-- please read this if using Windows 10.
Locked
mbsfirst
Joomla! Apprentice
Joomla! Apprentice
Posts: 15
Joined: Fri Jun 24, 2011 12:34 am

Restrict admin access for specific plugin in backend

Post by mbsfirst » Mon Jan 25, 2021 12:40 pm

is there a way to restrict access to specific plugin for users.

i have a payment processor that contains banking info that no one should have access to except superusers
Last edited by toivo on Sun Jan 31, 2021 7:41 pm, edited 2 times in total.
Reason: mod note: moved from 3.x Administration

User avatar
AMurray
Joomla! Exemplar
Joomla! Exemplar
Posts: 9634
Joined: Sat Feb 13, 2010 7:35 am
Location: Australia

Re: Restrict admin access for specific plugin in backend

Post by AMurray » Fri Jan 29, 2021 11:05 pm

I expect you can set the permissions the same as you do with any aspect of Joomla through the ACL settings.

Go to the plugins options, you should see the "permission" setting in the drop-box as normal. Click the "Options" button and you will see the list of what you can and can't do according to the default access levels

Whether it will actually lock-down the plugin in the way you intend, I don't know. It may need to be set the way it is to actually function from the front-end.

However, I suppose you could deny permission for every user level besides Super User to login to the back end. By default the Manager and Administrator also have back-end access; you could simply turn that off.

What plugin are you using that requires banking info to be stored in your site? Surely you'd use a known payment processor like Paypal (and any similar one) that securely store that sort of information? It would be sensible to ensure such details are encrypted in the database. That might be something you need to ask the extension developer about.
Regards - A Murray
General Support Moderator


Locked

Return to “Access Control List (ACL) in Joomla! 3.x”