Simple ACL ready for Joomla 1.5
Simple ACL
SimpleACL for Joomla helps you to restrict front-end access to particular user/section combinations. You can independently set permission to read, insert and update content items based on the section they belongs to.
The component does not override default Joomla roles, those roles are always checked first.
SimpleACL plays only with default com_content component and doesn’t affect other components or modules.
You can set a default access permission and selectively enable/block users to access content items in selected sections.
What can I do with this component?
A typical scenario:
- Your site is a company site and the company has several departments.
- Every department has a user who is in charge for editing web content for the department.
- Every department has its own section for content items.
- Users should only be able to edit content in their own department.
- There is a user who is the public relation manager, he must be able to edit content in all sections (without being Administrator).
- There are some section whose content should be readable only by selected users.
With SimpleACL you can set permissions to selected section/user combinations (or even to “Joomla! standard groups”/section combinations), this allows you to implement such a fine grained access control.
How it works?
SimpleACL works with an independent database table that hold the permissions for user/section combinations. A system plugin checks those access rules when the user access a content item from the front-end.
If you want to know more about the internals of Simple ACL and how it works, please see Decision Flowchart.
Please note that…
- Default Joomla roles are not overridden and are always checked first.
- SimpleACL work in the front-end only
- Only authenticated users are checked for ACLs
- “Administrator” or “Super Administrator” user are not checked for ACLs.
- Group support for standard Joomla! groups (author, editor, publisher…) is also available
- Custom groups creation is not supported (but you won’t miss it!)
Licence and costs
Simple ACL for Joomla 1.5 is free software (”free” as in “free speech”), licenced under Affero General Public Licence but I distribute it only in bundle with paid 12 month support service that costs 45 € (V.A.T. included).
Together with 12 months support you will get lifetime software updates, that means that you can pay just once and use the software forever in how many Joomla installations you like.
Please use the donation link at the top and middle of this page, you will immediately receive a download link.
Thank you for supporting free software and Joomla Simple ACL project!
Translations
They go in a language file, at the moment only English is in the distribution.
If you need more information about the Simple ACL, please read the FAQ at the bottom of this page.
What’s new in version G.x series
This new version brings many enhancements:
- limited group support
- check/uncheck all actions when editing ACLs
- Admin users will not be shown in the user list when creating ACLs
- limited menu integration
- DB backward compatible (will not overwrite your existing ACLs, but make a backup first)
Let’s give a closer look to some of the coolest new features…
Limited group support
You can now add ACLs to the following standard Joomla user groups:
- registered
- author
- editor
- publisher
- manager
In case of ACL conflicts between group-ACLs and user-ACLs, the second will always prevail.
Limited menu integration
Many of you have asked for an ACL-aware menu.
You can now enable menu integration as an experimental option in Simple ACL configuration.
If you enable this option, Simple ACL will try to hide menu items that point to articles, sections or categories that are not accessible by the logged in user.
In some cases, it can happen that all menu items are hiddden, in this case the user will see an empty menu list, but Simple ACL will not be able to hide the title of the menu itself because it operates at a different level in the joomla processing flow.
Screenshots
-
- Simple ACL Decision Flowchart
FAQ
Is this thing “stable” ?
Yes, sure. It’s now used on several production websites.
Can I limit access to a category instead of a section?
Not in the current version.
I will eventually implement it in a future version (but please don’t ask me when 
)
Will Simple ACL alter in any way menu items or search results depending on user ACLs ?
Yes, Simple ACL comes with some companion plugins to hide unaccessible items from search results amd the latest version has also an experimental feature to hide unaccessible menu items from menus.
How will I receive the software after the donation?
After a successful payment, you will receive a download link via email.
Why should I pay for a free software component?
I think an explanation is needed: in my career I developed a couple of free (”free” as in “free speech”) software projects (KMLMapserver, MapStorer, Joomla FAP, SWFslideshow to cite a few), all of them are also “free” as in “free lunch” but in more than ten years I did not receive one cent as a donation, most of the time those projects were funded by one or more of my customers.
After keeping Simple ACL unpublished for a while, I simply felt I couldn’t spend time to publish, promote and give assistance on another free software project for nothing, I was simply dedicating too much time in open-source free projects without receiving back any money.
That’s why instead of keeping Simple ACL hidden in my desktop I decided to distribute it for a small fee, please note that this fee goes to cover the plain costs of assistance (answering to emails, writing documentation etc.) and development of Simple ACL, I will certainly not get rich with this fees.
This is not in contrast with free-software philosophy: GNU Free Software Foundation philosophy not only says that you can distribute free software for money, but encourage you to do so:
http://www.fsf.org/licensing/licenses/gpl-faq.html#DoesTheGPLAllowMoney
http://www.gnu.org/philosophy/selling.html
Can I distribute or sell Simple ACL?
Yes, you can. But doing so, you will probably provoke a stop in the development of Simple ACL, since I will not raise enough funds to cover the costs of its development.
It’s up to you.
Is this fee an yearly fee?
No, you donate once, you get the software and one year email assistance to set it up. That’s all.
I will send you all the future versions of the component (if any) for free.
“Delete” ACL rule doesn’t work
True, but this is not my fault, Joomla does not allow article deletion from the font-end, hence this rule is useless at the moment (but I have implemented it in case future Joomla versions support deletion from the front-end).
Why “Simple” ?
Well, because the objectives of this project were limited:
- do not touch the core of Joomla
- be unobstrusive: you can install and remove the component without consequences
- do not interfere with standard Joomla user and permissions: Simple ACL respect standard Joomla permissions levels, and only acts after Joomla has done its checks and controls
- solve a simple problem: let selected users to access and/or edit selected sections
I have 1000 users and 1000 sections, does Simple ACL suit my needs?
Probably not: Simple ACL does not support user defined (custom) groups, this mean that you should set up 1000 ACL’s to bind your 1000 users to their 1000 sections. This is just unpractical.
The latest version has limited group support. You can now add ACLs to the following standard Joomla user groups:
- registered
- author
- editor
- publisher
- manager
In case of ACL conflicts between group-ACLs and user-ACLs, the second will always prevail (see the Decision Flowchart scheme for details).
What kind of default access policy should I choose?
Simple ACL allows you to configure a default access policy on the individual actions (Create, Update, Retrieve and Delete (the lattest not being implemented in Joomla front-end at the moment).
Please remember that Simple ACL rules apply only to registered users, by keeping this in mind you could have two main scenarios (other scenarios or combinations are of course possible):
1 – Your website is completely public (everybody can see everything) but you have (for example) three authors (A, B, C) and two sections (A, B). You want user A to edit only section A, user B to edit only section B and user C to edit both. In this case, you would
- create users A, B and C as authors (or editor or publisher)
- set Joomla standard access to “public” for sections A, B and C (this is the default)
- set Simple ACL default access policy to Retrieve=Allow, Create=Deny, Update=Deny, Delete=Deny
- create one ACL for user A/section A to allow all actions (Create, Retrieve, Update, Delete)
- create one ACL for user B/section B to allow all actions (Create, Retrieve, Update, Delete)
- create one ACL for user C/section A to allow all actions (Create, Retrieve, Update, Delete)
- create one ACL for user C/section B to allow all actions (Create, Retrieve, Update, Delete)
2 – Your website is mainly public, but you have some private sections that you want to be accessible only from selected users. You have (for example) three authors (A, B, C) and two private sections (A, B) and you want user A able to read (and not edit) section A, user B able to read (and not edit) section B, user C able to read (and not edit) all three sections. In this case, you would
- create users A, B and C as registered (remember, they don’t need to edit anything, just read)
- create sections A, B and C and set standard Joomla access level to “registered” otherwise all user (included A and B) would be able to read section A and B while not authenticated (logged in)
- set Simple ACL default access policy to Retrieve=Deny, Create=Deny, Update=Deny, Delete=Deny
- create one ACL for user A/section A to allow Retrieve and deny all other actions
- create one ACL for user B/section B to allow Retrieve and deny all other actions
- create one ACL for user C/section A to allow Retrieve and deny all other actions
- create one ACL for user C/section B to allow Retrieve and deny all other actions
Why two different plugins?
System plugin must always be installed and activated otherwise Simple ACL will not work.
Content plugin is only useful when both of the following conditions apply:
- in your default access policy (as set in component parameters window) Retrieve=deny
- and you have a mixture of articles coming from allowed and denied sections in the front page
If given the conditions above you don’t activate the content plugin, a single denied article in the front page will deny the whole page.
What happens when a logged in user try to access/edit a denied page?
A “denied page” means a page containing an article that belongs to a section non accessible by that user because of Simple ACL restrictions.
The user will be redirected to a page generated by Simple ACL component. This page shows the deny message that you can change through the Simple ACL parameters settings in the control panel. The page shows also the default Simple ACL policy and the existing ACLs for that user so the user can see exactly which sections he can access.
2008-09-24 at 12.54 pm
[...] ItOpen – Open Web Solutions, WebGis Development » Blog Archive » Simple ACL ready for Jo… Says: 2008-09-24 at 12.36 pm [...]
2008-11-19 at 10.24 pm
Hi Alessandro,
If I have 1000 users and 5 sections, and each user needs to access only one section, will I need 5 ACLs or 1000 ACLs?
Thanks,
Dave
2008-11-19 at 10.33 pm
@Dave
You will need 1000.
2008-11-20 at 7.26 pm
Can you copy ACLs or must you create them from scratch each time? What is the approximate fee in US $?
2008-11-20 at 10.54 pm
@Daniel
No, there is no copy function, but it would’nt help much if it were there, since you should edit the ACL in any case at least to change the user/section combination.
2008-11-21 at 4.23 pm
Hi, is it possible to have this limit category access instead of sections?
2008-11-21 at 4.42 pm
@Ollie,
not at the moment, I will eventually implement it in a future version.
2008-11-27 at 10.24 am
Gentilmente vorrei sapere se una volta acquistato il componente può essere installato in più siti da me gestiti.
Grazie
2008-11-27 at 10.27 am
@Silvano
certamente!
2008-12-02 at 5.12 pm
how will I get support
2008-12-02 at 5.58 pm
@John
Perhaps you missed a question mark?
BTW support is done via email or Trouble Ticket System as you wish.
2008-12-05 at 3.57 pm
I just paid & got it in few minutes. I’ll make a comment after job… On the start all is OK!
2008-12-11 at 3.36 am
Hello,
Is it possible with “simple ACL” make articles that are only visible to one user.
I would like to generate for each of my customers page with info considering only them.
2008-12-11 at 9.50 am
@Prea
this can be done with Simple ACL: you can set default access policy to Retrieve=deny so that registered users (remember: Simple ACL has no effect on “guests”) will not have access to any section while logged in.
Then you can set up an ACL rule for each customer to give him Retrieve=allow access to their personal section.
Using a combination of Joomla standard access level (public, registered, special) and Simple ACL rules you can achieve many complex access control setups.
2008-12-13 at 5.44 pm
your example:
create one ACL for user A/section A to allow all actions (Create, Retrieve, Update, Delete)
So this user would then be able
1. to submit a new story from the front end (once logged in) but would he be able to publish it – that is, would it appear in the publice part of the web site as soon as he saved it?
Thanks,
Richard
2008-12-13 at 7.34 pm
@Richard
Yes and no: the user A would be able to submit a new article in the section A, but if the article will be published or not will depend on Joomla standard role of user A (author, publisher or editor).
Simple ACL plays *before* Joomla core system and respect standard Joomla roles.
2008-12-13 at 8.21 pm
Thanks for your reply. You wrote:
Yes and no: the user A would be able to submit a new article in the section A, but if the article will be published or not will depend on Joomla standard role of user A (author, publisher or editor).
Simple ACL plays *before* Joomla core system and respect standard Joomla roles.
My quetion: so if user A was registered as a publisher in the Joomla core system, he would be able to submit, publish and edit, but only in section A? He would not be able to do any of these things in any other section?
And the section we are talking about here is the standard Joomla section of section and category?
Thanks,
Richard
2008-12-13 at 10.55 pm
@Richard
Yes to both your questions.
Keep in mind that you can set default Simple ACL rule that will be examined if there is no explicit ACL match for a specific user/section combination. In your case, I would set default Simple ACL rule to Create=deny and Update=deny, so that only users for which an ACL exists will be able to submit or update articles in a given section.
2008-12-15 at 4.40 pm
Hi we want to set up some users that can only edit a single article
i.e User A can edit article A
B can only edit article B
and so on
will we be able to do this with your component
2008-12-15 at 4.46 pm
@Martin,
no, Simple ACL works on sections and not on articles.
2008-12-15 at 5.42 pm
You wrote (above): Keep in mind that you can set default Simple ACL rule that will be examined if there is no explicit ACL match for a specific user/section combination. In your case, I would set default Simple ACL rule to Create=deny and Update=deny, so that only users for which an ACL exists will be able to submit or update articles in a given section.
Well, it works after a fashion but its operation is too confusing, I believe, to let loose on users.
What I wanted was the ability to restrict a user to creating and publishing in his own section. I assumed that he/she, once logged in, would only find edit buttons on his/her own section articles, but this is not the case. Edits are visible on all articles/sections just not saveable right at the end of the process.
Having set it up by allocating a different section to each user, and setting the permissions as you suggested, in order to publishe their own articles the user needs to be set as a Joomla pubisher. When this user logs in he is certainly able to edit his own section and publish to it, but all the other articles on the web site also appear with the ‘edit’ icon and this user can go through the motions of editing other articles. When he tries to save he will be denied but it seems to me this is too late and too confusing.
Even if I set the default ACL rules to deny for all categories, when this user, classed as publisher and allowed by ACL to use all functions – articles in other sections are invisible but not the ‘edit’ symbol and clicking on the edit symbol brings up the editing window allowing all functions except save when one gets to the end.
I guess this is the way it works, but it seems simpler, in the end, just to ask the user to stick to his own section and leave others alone – certainly less confusing to the user.
Richard
2008-12-15 at 6.05 pm
@Richard,
You are absolutely right: it’s confusing etc..
The problem is that to achieve the ideal behaviour you must change the core of Joomla, a plugin or component will not be sufficient.
Other ACL components choose to alter Joomla core (it means to overwrite some of the core files and/or alter default database tables) this quickly becomes a mantainance nightmare and cause a lot of problems at installation time and/or if you wish to remove the ACL component.
Similar behaviour can be obtained at the template level, but this also make impossible to distribute the code since virtually everybody use a different or a customized template.
Simple ACL comes from a compromise: what can be achieved with standard components or plugins without altering the core? What you miss is the possibility to act “before” the user click “submit” (that would mean changing the core) or to hide the edit icons (that would mean alter the template).
On the other hand, a system plugin (as Simple ACL system plugin) is far more safe that a template based solution.
To tell you the truth, all Joomla ACL components I’ve seen so far are only hacks and Simple ACL is not an exception: a real ACL system *MUST* sit in the core, we all hope Joomla 1.6 will bring us a stable and functional ACL system.
2009-01-16 at 1.56 pm
Simple ACL is working very satisfactory on my Web page.
Of course it should be better to have the some possibilities on categories. Now the only way is to create new sections instead categories and bigger site makes you more troubles with internal structure.
Please think about it – the way how to do it isn’t very complcated, is it?
2009-01-16 at 4.05 pm
@Pawel,
it’s more complicated than you can imagine…
… if you want a bullet-proof solution that can work with both sections and categories in all kind of scenarios the people is using Simple ACL at the time being.
Of course, IF (you just need categories AND you are satisfied with a quick hack AND you can do some PHP coding) THEN you could do it in a couple of hours (testing included)
2009-01-18 at 11.18 pm
@Pierre
Try this: in Components -> Simple ACL -> Global configuration
set “Show configuration” to “yes” and change “Deny message” text to something more descriptive, like “Sorry, you are not able to submit articles in this setcion, please see below the default settings and the ACLs set up for your account”
For your second question, you could set Global configuration “Retrieve” to “yes”, this way all users will be able to read all sections (if there is not an ACL that explicitely blocks access for a given user/section combination).
2009-03-06 at 12.59 pm
Thanks for the reply Alessandro, but it is feasible that there will many thousands of users/editors, manual intervention for each one is something that i would like to avoid.
Thanks anyway.
2009-03-08 at 12.51 am
That would be a better solution for what i am looking for, if i could just set a permission for everyone who registers, they are automaticly set as “editors”, i only want to stop them editing certain pages, ie the home page and one or two others.
Can this be done?
2009-03-08 at 5.43 pm
@Paul,
not with the current version, but I’ve developed a beta version that supports ACLs for Joomla standard group:
* registered
* author
* editor
* publisher
* manager
administrators will always have full access granted.
In case of conflicts, ACL for users will always prevail over group ACLs.
I think I will release this new beta for testing in a few days.
I will send the beta to all the people who have donated in the past and to all new donors.
2009-03-08 at 8.03 pm
Ok Alessandro, can you email when you have released this and i will make a donation!
Many thanks
Paul.
2009-03-19 at 2.12 pm
Hi Alessandro,
I have received the files this morning – thanks you!
Lee.
2009-03-26 at 10.07 pm
Ciao Alessandro,
sono interessato a usare il tuo plug-in. Il sito che sto per publicare usa il plug-in joomfish.
Credi che il tuo plug-in sarebbe ancora valido?
Grazie.
2009-03-26 at 10.28 pm
@Vittorio,
si, non dovrebbero esserci interferenze con Joomfish.
2009-03-26 at 10.38 pm
Ciao Alessandro, capisco e approvo la tua scelta di esigere un contributo per tuo lavoro (non tutti hanno le idee chiare sulla differenza tra “gratis” e open source). Però solitamente prima di spendere soldi cerco di verificare se il software fà al caso mio..
Il pratica io devo poter mostrare ad utenti che si loggano in un sito in joomla una pagina personale (che deve essere diversa per ognuno) e nello stesso tempo impedire agli altri di poter accedere alla stessa..
Si può fare?
Grazie
2009-03-26 at 11.13 pm
@Davis
Non sono sicuro che faccia esattamente al caso tuo: con simple ACL puoi decidere quali singoli utenti oppure interi gruppi di utenti Joomla (registered, author, publisher, manager) possono (o non possono) leggere, modificare o inserire articoli in una data sezione.
Nella versione beta c’è una integrazione sperimentale con i menu, quindi un utente vedrà solo le voci di menu che puntano a sezioni (o categorie appartenenti a sezioni oppuere singoli articoli appartenenti a sezioni) alle quali può accedere in lettura.
Quindi potresti fare così: mettere il default a read=deny, in questo modo chiudi tutte le sezioni a tutti gli utenti, poi crei una acl per ciascun utente facendola puntare alla propria sezione e concedendo i permessi del caso.
2009-04-07 at 10.14 pm
I’d like to allow access to the following on my website (hpronline.org):
– Blog section to a new user type categorized “Blogger”, to draft, save, publish, and edit *their own work*…
– Allow that user to add to, but not delete from, pages they created another section.
– Allow that user to add metadata (tags) to, but otherwise not change, pages in a third section.
Are these possible?
2009-04-07 at 10.21 pm
I’d like to allow access to the following on my website (hpronline.org):
– Blog section to a new user type categorized “Blogger”, to draft, save, publish, and edit *their own work*…
– Allow that user to add to, but not delete from, pages they created another section.
– Allow that user to add metadata (tags) to, but otherwise not change, pages in a third section.
Are these possible? Please let me know ASAP.
2009-04-08 at 8.09 am
@Elise,
sorry that I see this comment only now: I don’t think you can do all what you ask with Simple ACL.
You cannot create custom groups, only standard Joomla groups (registered, author, editor, publisher) and single users are supported at the moment.
Anyway, you could set all you users to “author” (or “publisher”, depending if you want them to be able to publish or not: remember that Simple ACL will always honor Joomla! standard roles first!) , then create a section for each user, where they can publish their own articles (you must create a single ACL for each user/section combination here).
Then you create another section and an ACL to allow the users in group “author” (or “user”, depending what you choose before) to post in that section.
I have no clue about metadata, Simple ACL knows nothing about them.
2009-04-17 at 4.08 am
Have a trial version for Joomla 1.5.10 and working over the PHP4?
I’ve try many kinds of CAL but seems not working well.
2009-04-20 at 11.32 am
@wanted
no, sorry there is not a trial version.
PHP4 is supported (but not recommended!) in the stable version only.
New beta version was not (yet) tested on PHP4 but I would expect it will work without problems.
2009-04-20 at 8.43 pm
I only need for some admins to have an access to a couple components and nothing more (back-end). Can this extension customize that?
2009-04-20 at 9.45 pm
@hannibal,
no, sorry. Simple ACL has only effect on front-end sections.
2009-05-15 at 3.46 pm
Salve,
sono un newbie assoluto e ho l’ingrato compito di dover fare il sito web per il mio dipartimento universitario, dove sono tutti anche peggio di me e quindi…
ho bisogno di una soluzione – la piu’ semplice possibile – per:
- permettere a ognuno dei 20-30 membri dello staff di modificare la propria pagina / sezione, e solo quella!
- permettere ad alcuni (5-6), di postare anche sulla front-page e in altre pagine “comuni”.
- tutto possibilmente da fare tramite il front-office.
si puo’ fare? senza grossi problemi posso far coincidere sectios and categories
grazie!
2009-05-15 at 3.59 pm
@Giorgio,
con Joomla + Simple ACL faresti tutto quello che chiedi, solo per la home dovrai usare al posto del componente frontpage il componente content con la vista blog/sezioni scegliendo una sezione che sarà quella da mostrare in home page.
La configurazione di Simple ACL avviene dal back-end, tutto il resto lo puoi fare da front-end.
2009-05-25 at 10.35 pm
Alessandro, thanks a lot, simple ACL works well and it is super-simple to implement!
2009-06-12 at 6.29 pm
Hello,
I’m responsible for the Website of our public school “Technische Schule Aalen” (www.tsaalen.de).
I’m interested in your SimpleACL extension, but in our adminstration there is no official way do donate via PayPal.
Can you provide any other way to send you the money?
Thanks
Robert
2009-06-13 at 4.00 am
I am working on a medical tourism website where I will have public access to view some basic pages/articles and registered users who will be able to view only more detailed pages/articles. Then I need a third level of users who can access and modify perhaps only information regarding their trip. No one else can view their information unless authorized by the client–say a relative or friend they want to be aware of their trip information. This means the search function must not bring up their profiles and pages/articles.
It looks like I can set up a section for each user and restrict access to just that user, much like access to bank account information. Right?
Can Simple ACL work to provide this? I am not a programer so I need a plugin that is easily modified and set up.
Thanks.
Kathy
2009-06-13 at 11.18 am
@Kathy,
Yes, Simple ACL will do what you want: you will deny access to all as default ACL policy, create one section for each user, set up an ACL to grant access to that user, and only that user will be able to read/search and optionally edit or create content in that section.
And yes, Simple ACL is really “simple” to install and configure, this is its unique selling point, after all: do one thing and do it well and easily.
That said, be warned that Simple ACL was not built with military grade security in mind, this means that if you put a reserved document (say a PDF) in one of the reserved pages, if an unauthorized user knows the exact document URL, nothing will prevent her/him to download the document if she/he enters the URL directly in the browser address bar.
2009-06-22 at 11.24 pm
hi,
I want to have several pages within my joomla-website (1.5.11) which are available only for special users.
what means, I have about 100 people, who should get an individual account. there will be a blog-category for each user with several pages which should be available for all visitors, but 1 page of this blog should have restricted access and should be available only for this one special user.
is this possible with simple acl???
thanks,
nelu
2009-06-28 at 8.57 am
@nelu,
Simple ACL works with whole sections only, so the answer is no (for your second requirement).
2009-06-28 at 6.03 pm
Hello, I believe your product is what I need for my site. But I do have a problem. Your payment option is only paypal.com And paypal does not have my country in their country list. Is there another way I can pay for this product? because I do have a master card.
Reply Asap.
2009-06-28 at 6.17 pm
@Chucks,
I believe that paypal also accept mastercard.
The only other option is wire tranfer (bank to bank) but you would pay the transfer costs and they could be quite high (it is also very slow).
In case you choose the wire, write me an email (the address is in Contacts page).
2009-07-04 at 11.50 am
hi,
just received and installed Simple Acl. Installation and setup went well, but I am unable to create any acl. Can this be due to my site running under php 4.4.2 and/or Mysql 3.23 ?
I always get a message : Error creating item. If this is the problem, is there any workaround ?
Thanks for a quick reply.
2009-07-15 at 6.39 am
Hi–
I’ve read through the comments thread here on what Simple ACL can and cannot do, but I’d like to ask about my specific scenarios before purchase/donation. I’ve now tried six other ACL systems and none would do everything I need in any reasonable way, so I’m hoping yours is the component I’ve been looking for!
Here’s my needs list:
1. control access by Joomla default groups (Guest, Registered, Author, Editor, etc…), but
2. control what menu items a user can see based on Joomla default groups.
3. control what content sections a user interact with based on Joomla default groups.
4. only need to have ACL rules based on Joomla default groups; do not need to add an ACL per user.
Will SimpleACL do this for me?
Thanks!
-wb
2009-07-15 at 2.14 pm
@wayneb,
Yes and no: Simple ACL will hide menu items only when they link to “denied” sections, or categories (categories belonging to denied sections) or articles (articles belonging to denied sections). Simple ACL will not interfere with any other menu types.
So, if your menu items will only point to content items (sections, categories or articles), Simple ACL will work for you just fine.
Of course if you’re fine with standard Joomla “hyerarchical” access control (publisher > editor > author) you will not need Simple ACL nor any other additional component.
2009-07-15 at 4.09 pm
@Frank
I’m sorry I didn’t see your comment… the next time please file your requests in http://busg.itopen.it under “Simple ACL”.
Coming to your problem, there is an issue with very old versions of MySQL, the only way to install is to run a SQL query by hand to create the necessary table:
————-
CREATE TABLE IF NOT EXISTS `jos_simpleacl` (
`id` int(11) NOT NULL auto_increment,
`userid` int(11) NOT NULL,
`action` set(’c',’r',’u',’d') NOT NULL,
`sectionid` int(11) NOT NULL,
PRIMARY KEY (`id`),
UNIQUE KEY `sacl_unique` (`userid`,`sectionid`)
) TYPE=MyISAM ;
———————-
To run the query you should have access to a shell or you can use phpmyadmin which is available from most ISP control panels.
Let me know if this solves your problem.
Best regards.
2009-07-16 at 1.08 am
Alessandro–
Thanks for the fast reply!
I still believe I need Simple ACL or the like, as, unless I’m missing something, the standard Joomla 1.5x restrictions are Public, Registered and Special, lumping everyone above Registered into Special, which is my problem. I need to be able to differentiate access to all the standard access groups. Or, am I missing something in Joomla core? Everything I’ve tried is Public, Registered and Special; no way to tie a restriction to Editor specifically, for example….
Again, thanks for the info and, unless you have a solution without Simple ACL, I’ll most likely be purchasing it shortly.
Thanks!
-wb
2009-07-16 at 9.11 am
@wayneb
Yes, you’re right, I forgot that Joomla core squash all above registered into special…
Simple ACL will work for you, but remember: it works in the front-end only and for sections only.
2009-07-16 at 6.12 pm
Can this be installed with Joomla 1.0?
2009-07-16 at 6.29 pm
@Lawrence:
no.
2009-07-17 at 9.58 pm
Alessandro–
Understood. Just one last question. Regarding the ‘experimental’ menu suppression/control, will it work on top-level menu ’seperator’ items (those who have Main Menu as their direct parent but have child menu items)? If so, then this is exactly what I need, as controlling front-end access to allow some Main Menu items to only be visible to Editors or Publishers, as opposed to Authors and Registered.
Thanks!
-wb
P.S. in case it matters, I’m using J1.5.x and a RocketTheme template that uses MooMenu.
2009-07-17 at 10.43 pm
@wayneb,
frankly speaking, your mileage may vary… Menu integration was not tested much, the logic behind it checks if the menu item is pointing to a com_content item (section, category or an article), if yes, it checks ACLs for the section and hide it accordingly.
2009-07-23 at 3.35 am
It is either not working right or I’m doing something wrong. Majority of my website is public. Therefore, my ACL’s global configuration has to have: Retrieve: ‘Allow’ because if it is selected as ‘Deny’, the public can’t read the public pages. And I have three groups of users (A,B&C), where each group user can see a specific section (for example user A can see section A and user B can see section B). Therefore, each of these group user is destinated as ‘registered’ within user manager and within Simple ACL, the user is destinated to the specific section. And I destinated the section’s article and menu to be ‘registered’. But the problem is that when user A signs in, user A can see all articles within A, B & C, therefore seeing articles not within their section. Why is that? Thanks for your help!
2009-07-27 at 2.40 pm
@Jen,
Hi,
your first assumption is not correct: SimpleACL works only with authenticated users (registered and logged in) so you don’t need to set default Retrieve=Allow to allow unautenthicated users to browse public sections.
In your case, change default access to Retrieve=Deny and (if needed) create an ACL to grant access to Registered group to the public sections.
2009-08-01 at 1.24 am
I surely know this question has been asked and answered but not in the way my brain is working, so…
Can I set/restrict my Authors to only be able to ’see’ certain sections/categories and thus be only able to write to those restricted sections/categories.
eg – on my Site I have
Sections: A, B, C, D, E, F, G
I want to allow Authors the ability to ONLY write for Sections: A, B, G
(I still wish to retain Admin control over final publishing for public viewing)
Thanks
David
2009-08-01 at 8.55 am
@David,
yes, of course it’s possible. It’s just a matter of setting the right ACLs.
Set default configuration to Create=Deny, Retrieve=Allow, Update=Deny
Create 3 ACLs to Create=Allow and Update=Allow for group Author and sections A,B,G
2009-08-11 at 9.13 am
Does the plugin support Chinese Character encoding? I mean, if some of the articles, sections or categories are posted or named in Chinese, will the display and access work properly? will garbled code appear?
Thank you very much
2009-08-11 at 9.23 am
@Miao,
I don’t know, but I don’t see any reason why the encoding should influence Simple ACL checks in any way.
2009-10-06 at 11.01 pm
Hello, What we are looking for is a way to redirect each user that logs in to a custom page just for them with information that applies only to that user. We might also want to just show a different module to each user when they log in. Can this be done with Simple ACL?
2009-10-07 at 8.06 am
I need to restrict access to a section. But I also need to be able to change the password for the group that has access to this section. So, for example, perhaps the password for a section is asdf. I would then change the password for this section to hjkl. Then I would notify the entire group about the new password. Will ACL do this for me?
Thanks,
Scott
2009-10-07 at 8.46 am
@JJ:
No, the only thing Simple ACL does is manage access to sections for users or standard joomla user groups (author, editor etc.).
@Scott:
No, neither Joomla nor Simple ACL implement user-defined groups or section passwords.
2009-10-19 at 9.56 pm
Hello! I just saw this “The latest version has limited group support. You can now add ACLs to the following standard Joomla user groups:
registered
author
editor
publisher
manager”.
it might be silly of me to ask, but just to be sure… Does that mean that Simple ACL doesn’t support the creation of other user groups??
Thanks,
Alexis
2009-10-20 at 8.44 am
@Alexis
Simple ACL does not support custom user-defined groups.
You can create ACLs for
* single user / single section
* standard Joomla groups (author, editor etc.) / single section
* default
This ACLs offers a broad range of use cases but Simple ACL is not the solution for *all* ACL problems, is’t “Simple” after all.
2009-10-20 at 3.56 pm
Got it! Thank you very much for your reply, as i was saying it was just to be sure. Good luck!
2009-10-23 at 2.29 pm
Hello,
Is your tool useful for my site?
The situation is:
About 10 people (group registered, status publisher) should be allowed to edit and insert news only in one defined category with the frontend editor. The articles in this news category are viewable by public and the first five articles are shown also on the frontpage.
They should not to be allowed to change (edit,delete) public articles in other categories (rest of the site) when they logged in the frontend.
2009-10-23 at 3.04 pm
Yes, Simple ACL will do it but only if you change category into a section: Simple ACL works with sections, not with categories (of course you can create a section with a single category for this purpose).
You will
* set default Simple ACL parameters to allow retrieve and deny all other actions
* create an ACL for standard group “publishers” to grant edit and insert for your defined section
2009-11-02 at 9.28 pm
I would like to allow people to self-register on my site, but not automatically give them access to restricted sections. I want to manually validate each new login (to make sure they’re a customer) and then grant them access to the restricted section of the site.
From what I can tell, self registration automatically puts users into the Registered group.
Is this something that Simple ACL can help with?
Tx,
Henry
2009-11-02 at 9.52 pm
@Henry,
You don’t need Simple ACL: Joomla standard workflow will do it just fine.
2009-11-05 at 11.48 am
I want a user to decide to register for my site from our home page… Go to paypal… become registered… then once paid and registered have access to members only menus items AND most important have their own unique portal page or section. Is this possible?
Thank You