Can I Override/Fake User Access Control & Permissions

For Joomla! 3.x Coding related discussions, please use: http://groups.google.com/group/joomla-dev-general

Moderator: ooffick

Forum rules
Please use the mailing list here: http://groups.google.com/group/joomla-dev-general rather than this forum.
Post Reply
User avatar
andypooz
Joomla! Guru
Joomla! Guru
Posts: 728
Joined: Sat Dec 30, 2006 3:03 pm
Location: London, UK
Contact:

Can I Override/Fake User Access Control & Permissions

Post by andypooz » Wed Aug 03, 2022 10:49 am

I have a client with a SaaS type product that I've developed for them. We currently have 2 different sites that I'm combining into a single joomla installation with the idea that they can access a suite of products. This has had the effect of making UAC very difficult, as I need to base their access on 2 different criteria:
1. Their level of access (company admin, consultancy admin, consultant, advisor)
2. Which products the organisation they are linked to are subscribed to (this will change, and I don't want to have to update every user when their company subscribes/unsubscribes to/from a product.
If I am to use the joomla core UAC system to control access to menu items and interfaces (and that's what I'd prefer) can/should I create a user plugin that looks at their user group and also whether the user's organisation is subscribed to a product and assigns access levels based on that.
If I had the following user access levels:
Product A Company Admin / Product A Consultancy Admin / Product A Consultant / Product A Advisor
Product B Company Admin / Product B Consultancy Admin / Product B Consultant / Product B Advisor
Product C Company Admin / Product C Consultancy Admin / Product C Consultant / Product C Advisor
Product D Company Admin / Product D Consultancy Admin / Product D Consultant / Product D Advisor
Product E Company Admin / Product E Consultancy Admin / Product D Consultant / Product E Advisor

I'd much prefer to just have 4 user groups that I would assign to users in the usual manner:
Company Admin / Consultancy Admin / Consultant / Advisor
and assign each user to the correct access levels on login based on that user group AND their organisation's subscriptions WITHOUT creating a specific user group for every user access variation.

Put another way, can I have user access levels set up where only super admin users are members, but override this on login based on their user group and checking the subscriptions of their organisation?

nb. I have my custom organisation component already created that has a companies table, a company_users table and a company_products table. I just want to be able to use this to help control the Joomla user access levels system.

Is this doable, and is it advisable (or am I missing a far better approach to this)?
Andy Hickey
Bespoke Joomla Extension Developer
http://www.netamity.com

User avatar
Per Yngve Berg
Joomla! Master
Joomla! Master
Posts: 29127
Joined: Mon Oct 27, 2008 9:27 pm
Location: Romerike, Norway

Re: Can I Override/Fake User Access Control & Permissions

Post by Per Yngve Berg » Sat Aug 06, 2022 10:14 am

1) An Access Level can contain several User Groups.
2) Child User Groups will inherit permissions from their parents.

Adding/removing User Groups from the Access Level should do the trick.

User avatar
Webdongle
Joomla! Master
Joomla! Master
Posts: 41728
Joined: Sat Apr 05, 2008 9:58 pm

Re: Can I Override/Fake User Access Control & Permissions

Post by Webdongle » Sat Aug 06, 2022 11:19 am

http://www.weblinksonline.co.uk/
https://www.weblinksonline.co.uk/updating-joomla.html
"When I'm right no one remembers but when I'm wrong no one forgets".


Post Reply

Return to “Joomla! 3.x Coding”