I'm building a component for the backend. I don't want the users who will access it to access ANYTHING else in the backend except for this component.
I tried following these two instructions:
http://www.aclmanager.net/blog/general/31-how-to-add-basic-acl-support-to-your-extension
http://docs.joomla.org/Developing_a_Model-View-Controller_%28MVC%29_Component_for_Joomla!1.6_-_Part_14#Describing_the_ACL
I made a new User Group with a parent of public and allow admin login (which would lock them out of everything) and then tried adding the ACL code from those links above with permissions to create and edit but I just get a blank screen (not even a logout link). The "Debug Permissions Report" showed the correct permissions but nothing's showing up.
Any ideas? My next step is to manually go through every component and not allow access to that new User Group but it seems like there's an easier way.
Thanks!
In Joomla! 2.5 we regularly create "Content" only backend users that have access only to the 'com_content' component.
Going back through our steps the only thing you haven't specified is adding the new user group to a View Access Level. If you're using the standard sample content installed when setting up a Joomla! website you can add your new user group to the "Special" view access (although any will do).
If a new group has 'admin login' privileges it can login but without a View Access level it can't see anything.. it's a subtle difference but it's the way Joomla! works.
Related
I am working with Joomla 2.5 and I need to set a page each language to be visible only to registered users.
Now that's what I have done already:
I created 5 new pages with restricted access (Registered), one each language
Created 5 new menu items, linking to single articles with restricted access (Registered)
Created a module to display the above menu with restricted access (Registered)
Everything works fine, so the menu items link to the correct pages, except that I get the module also for Public users.
Where am I wrong?
You need to create a guest usergroup which is not a part of the registered user group. Then you should set your default usergroup for not-logged in users as guest instead of public. You can do that in the options of the user manager page. That should do the trick.
I have set up user group called "Article Editor" with a parent of Administrator. Within that group I have a user of "Agent" and assigned them to the "Article Editor" User group.
I have a blog page in which when they are logged in they can create an article (only with a particular category called blog) and they can edit all articles, however, I cannot get any option anywhere to enable them to delete any article they have created within the "blog" category. I have gone into the article manage and made sure the permissions are set to enable Edit, Delete and Create.
Any ideas how I allow the user to log into the front end and have the option to delete? Ive tried everything I can think of an am going around in circles now.
The Delete permission should be given only to trusted administrators (with intended access to the back-end) and can be performed in the back-end.
From your description, you don't want this group of users to have access in the back-end and even more have delete permissions, as these users if they log-in to the backend they will be able to delete many things.
These users should be able to edit state (publish/unpublish) their own articles.
So, concluding:
Give this group only front-end access, with permissions similar to the author (core joomla group) with the addition of edit state.
So they will be able to create and publish/unpublish (**addition- or trashing) their articles.
I am new to cakephp development. I have create user controller to register, login & update own profile in the user table. I can access the user controller with http://local-host/my_project/user/login.
I have also a admin table in database so that admin can login and manage user in my project. I want to create a folder separate folder (ex: admin) in the controller directory so that i can access the controller files using http://local-host/my_project/admin/controller/login & http://local-host/my_project/admin/controller/manage.
You should have a look at 'prefix routing' in the manual, it seems that this is what you're looking for:
http://book.cakephp.org/2.0/en/development/routing.html#prefix-routing
With prefix routing, you'll be able to add, for example, an action admin_overview() to your User controller which is then accessible via the URL /admin/users/overview. The 'admin' prefixed action will not overlap with non-admin actions (e.g. 'overview()'), which will be accessible via the 'regular' URL; /users/overview/
Of course, you can create separate admin controller(s) for this purpose, but you may need to create custom routes. For more advanced options regarding routing, it's worth your time to read the whole chapter (or, even better) read the whole cake cookbook, it's also available as eBook for offline reading;
http://book.cakephp.org/2.0/en/index.html
Another solution is to develop the 'admin' part of your application as a plugin. This will keep your frontend and backend controllers/models/views separated. As a bonus, the backend may can be re-used for other projects as well (depending on its design of course)
http://book.cakephp.org/2.0/en/plugins.html#creating-your-own-plugins
I'm building up a custom component, which should only be accessible to logged in users. I'm thinking about checking JFactory::getUser()->guest and if is set, redirect them to a custom page.
Now i prefer this page to contain both register and login options, but joomla itself does not seem to have this feature. Do i have to make this functionality to my custom component, or there is an another solution?
You should really use the built in ACL to control user access instead of trying to code it in yourself. That's kind of the whole point of having the ACL to begin with. Here's the tutorial for how the ACL works in the admin and front end of a site -
http://docs.joomla.org/ACL_Tutorial_for_Joomla_1.6
Here is the tutorial for adding ACL to a component -
http://docs.joomla.org/Developing_a_Model-View-Controller_(MVC)_Component_for_Joomla!1.7_-_Part_14
I think you will be much better served using the ACL system as it allows you a lot more flexibility - like adding additional user groups and permissions later without having to touch the code.
Once you have this set up, making a custom register or login page is as easy as a template override of the default com_user login view. You would need to combine these files -
For the login part of the page:
JOOMLA/components/com_users/views/login/tmpl/default.php
For the registration part of the page:
JOOMLA/components/com_users/views/registration/tmpl.default.php
Then put the new and improved file here:
JOOMLA/templates/YOUR TEMPLATE/html/com_users/login/default.php
That would give you ACL controlled access to your component as well as a custom login/registration page without having to muck around with any unnecessary extensions.
Joomla!'s default login module/page only provide a link to a registration page.
A quick search of the JED shows about 200 login extensions, it's possible one of them does what you want.
However, if you want it integrated with the access to your component you will have to code it yourself. The normal process is that if a user tries to access an asset view the view.html.php (or similar) will check their permissions and depending on the component post an JError message and possibly redirect them to the system login.
eg. com_content
// Check the view access to the article (the model has already computed the values).
if ($item->params->get('access-view') != true && (($item->params->get('show_noauth') != true && $user->get('guest') ))) {
JError::raiseWarning(403, JText::_('JERROR_ALERTNOAUTHOR'));
return;
}
I am looking for a module/extension, or something that can help me to
make a page/item that only one specific user registered can see.
I would like also create a space dedicated to this user, where i can publish there pages and aticles.
Maybe using php and the variable that contains the username and an iframe, but I dont know how to doit.
Thank for the help
GMAccess is a Joomla! component that makes managing groups and access permissions easy, you will be able to create a special group and add your user (via Joomla's user management) to it and manage which pages can be viewed by that group.