Does it affect the way joomla authenticate users if I add a custom user groups in the Joomla 1.5.15 and does it make it less secure?
I'm planning to add a custom group using the table jos_core_acl_aro_groups as described at http://docs.joomla.org/Custom_user_groups.
But someone told me that if I add a new user group and the group_id is greater than 25 (this is the ID of the Super Administrator), that new group will have the same access as the super admin in the default joomla core files without changing anything just the additional user group. Is this true?
Don't you have a local instsall of Joomla to try this?
Anyways, it's not true because it can't be, why should the group_id define the access rights? That would be a terrible ACL implementation. But please try it, before you actually use it live.
In Joomla 1.5 you can make user groups but they will have one of the existing role patterns. In Joomla 1.6 (alpha) there will be full flexibility in defining your groups, roles and granular ownership settings for each article, module, etc.
There are several extension you can find at:
http://extensions.joomla.org/extensions/access-a-security
Which enhance the core ACL functions. Give them a look and you'll probably find the solution without hacking the core files.
Related
I currently have a Joomla site that has 5 different departments of people accessing the backend content. Basically, everyone's looking and poking at other departments contents. So how would I set a different account for everyone and allow them to only modify their own content? E.G.
The salt department can post whatever articles they want, but they cannot modify the sugar department's article.
Does Joomla have this kind of ability or any extensions out there?
That is pretty simple on Joomla 3 system.
Firstly, you create 5 different User Groups in Joomla under Users menu.
Go to Content > Article Manager > click Options button on the top right side > Permissions Tab
In the Permissions Tab, click on each User Group and you have tons of permission to tweak such as: Create, Edit, Edit Own, ...
Hope it helps.
If you haven't configured it yet, the key term to look for is ACL (Access Control List).
Basically you need to create 5 users groups (which are not Super Users).
Here is an article to get you started:
Joomla ACL: Configuring back-end ACL
I have statically defined user groups with statically defined access rights.
And I want to be able to change the user group for given user from the front-end using some module.
Reason: users can register by themselves, and automatically go to group "registered". After some time they can be promoted and moved to group "member". But I don't want to do this from back-end, bcs e.g. promotion can be done by any another already member. So I need this in front-end.
I haven't found any mention about this in Google. Maybe this is just something obvious? Are there any module/plugin perfoming such task?
The Joomla core components don't allow this. But you can search on http://extensions.joomla.org/extensions/clients-a-communities/user-management if there is something that fits your needs.
Maybe this one: http://extensions.joomla.org/extensions/clients-a-communities/user-management/13753
You could make a module with a button and have the button use JUserHelper::addUserToGroup.
In Joomla 2.5 I have a custom component installed that is only available to the Administrator. I would like to make this component available to the Manager Group as well.
Can someone please tell me what file I must edit? Is it an XML file in the administrator/components/name_here/? Or is this a lot more complicated than I think?
I hope I am reading the right file, this Joomla system is a mad hatter.
It's not just an XML file your component will need to check the permissions a user has.
Since Joomla! 1.6 there is an extensive Access Control (ACL) mechanism implemented for front-end and backend access. You can define an unlimited number of Groups all with different access levels on a per component basis (this presumes that the component is written correctly). The default groups that are created with the initial setup can be deleted or renamed and may not to exist on all installations, users can create groups of any name with any range of permissions.
I would recommend starting with the Access Control List/2.5/Tutorial this will give you a better understanding of the new ACL.
Then from the "Developing a Model-View-Controller Component/2.5" tutorial, re-read "Adding ACL" article, if you need custom rules you will probably want to read the Adding ACL Rules to your component article as well.
In magento I am having 3 websites and it contains 6 to 7 store views. I want as a single admin has to access single store products only. He should not modify the products in another stores. How can I do this?
I have read in magneto documentation as to create new admin in system/permissions/roles and modify there. But trying with this, the new admin is restricted to only creating of products or for dashboard or for shippings or for tax module only. But I need like the new admin has to be accessed to only one store only..
So how can I do this??
I know this is a little late reply but anyone who is interested, answer from mprototype is perfectly valid as long as you/your client uses a Magento Enterprise edition. Checked in versions 1.12 and above.
When you goto :
System -> Permissions -> Roles
While defining the role you can choose custom scope and checkbox the stores you want then to have access to.
I don't know if I am late but any of these will do what you are looking for. In fact, it will provide even more flexibility.
http://www.aitoc.com/en/magentomods_advanced_permissions.html
http://amasty.com/magento-advanced-permissions.html
Happy Coding !!!
I am looking for a module/extension, or something that can help me to
make a page/item that only one specific user registered can see.
I would like also create a space dedicated to this user, where i can publish there pages and aticles.
Maybe using php and the variable that contains the username and an iframe, but I dont know how to doit.
Thank for the help
GMAccess is a Joomla! component that makes managing groups and access permissions easy, you will be able to create a special group and add your user (via Joomla's user management) to it and manage which pages can be viewed by that group.