I'm working with joomla 3.
Consider a joomla component with 6 views.
And two user groups named user-group1, user-group2.
My requirement is like this:
user-group1 should be able to access the first three views of the component.( access on last three views should be denied for user-group1).
user-group2 should be able to access the last three views of the component.( access on first three views should be denied for user-group2).
Related
I am creating a Laravel project for the users. Laravel has its own laravel/ui package, but I am creating its admin panel too, and I am a bit confused about what I should do for admins. Also, I am confused about the security for the admin panel. So there are 2 solutions in my mind:
Add a new column in the user's table named status, and if its value is admin, he can access the admin panel; otherwise, redirect to the homepage.
Create a separate admins table and improve laravel/ui auth. For that, I found documentation here.
What should I do? Even i have added table prefix for tables in .env & config/database.php. I am afraid that the hackers/users should not access the admin panel. And also, tell me if the table prefix is good for security, or should I remove the table prefix?
You need the permission-roles system.
https://spatie.be/docs/laravel-permission/v4/introduction
This is good decision for you. With well-configured routes no one wont have access in admin panel without access in data base.
For example, in panel page only admin have access:
Route::name('adminspace.')->group(['middleware' => ['role:admin']], function () {
Route::view('/panel', 'pages.panel');
});
I am working with Joomla 2.5 and I need to set a page each language to be visible only to registered users.
Now that's what I have done already:
I created 5 new pages with restricted access (Registered), one each language
Created 5 new menu items, linking to single articles with restricted access (Registered)
Created a module to display the above menu with restricted access (Registered)
Everything works fine, so the menu items link to the correct pages, except that I get the module also for Public users.
Where am I wrong?
You need to create a guest usergroup which is not a part of the registered user group. Then you should set your default usergroup for not-logged in users as guest instead of public. You can do that in the options of the user manager page. That should do the trick.
I am new in magento. I wanted to add multi vendor website in magento. how can I add multiple stores in magento and where do I can create a login form for vendors
and also how can I add a URL for vendor login..for e.g.- abc.com/vendor instead of abc.com/admin
You can create stores by following this link.
and for second question, you can create multiple users by going through System->Permission->Users and click on Create User. You can restrict the access to the menu for the different users through by creating different roles to them through system->Permission-> roles and all of them ca be accessed through the same link
Description: I’ve two top level Categories SiteContent and UserArticles.
SiteContent contains all the site pages (Home, About, Contact) and UserArticles contains 5 categories (Music, Movies, Sports, Entertainment and Other).
I’ve created a user with access level as Manager, who will be reponsible for posting content in the UserArticles categories. He has no rights to edit main SiteContent pages.
What I want to do ? Ans: When the Manager logs in using administrator panel, he should see only UserArticles category and the related articles. He should not be able to view SiteContent category and its respective articles.
What I’ve tried? Ans: I’ve edit the SiteContent - Category Permission for Manager changed to Create - Not Allowed, Delete - Not Allowed, Edit - Not Allowed, Edit State - Not Allowed, Edit Own - Not Allowed. But the category SiteContent (Category and Articles) are shown for user Manager; its only disabled. I want them to be completely removed and show only UserArticles category and its respective articles.
Thanks in advance.
This isn't possible with core Joomla but could make a layout override and include access checks for this. The theory of the Joomla administrator is that if you have access to the back and and to a particular manager that you can see it all but not do everything.
I'm building a component for the backend. I don't want the users who will access it to access ANYTHING else in the backend except for this component.
I tried following these two instructions:
http://www.aclmanager.net/blog/general/31-how-to-add-basic-acl-support-to-your-extension
http://docs.joomla.org/Developing_a_Model-View-Controller_%28MVC%29_Component_for_Joomla!1.6_-_Part_14#Describing_the_ACL
I made a new User Group with a parent of public and allow admin login (which would lock them out of everything) and then tried adding the ACL code from those links above with permissions to create and edit but I just get a blank screen (not even a logout link). The "Debug Permissions Report" showed the correct permissions but nothing's showing up.
Any ideas? My next step is to manually go through every component and not allow access to that new User Group but it seems like there's an easier way.
Thanks!
In Joomla! 2.5 we regularly create "Content" only backend users that have access only to the 'com_content' component.
Going back through our steps the only thing you haven't specified is adding the new user group to a View Access Level. If you're using the standard sample content installed when setting up a Joomla! website you can add your new user group to the "Special" view access (although any will do).
If a new group has 'admin login' privileges it can login but without a View Access level it can't see anything.. it's a subtle difference but it's the way Joomla! works.