This page is a collection of small recipes and hints about Simple ACL Joomla component. Note: this article is still a work in progress, please leave a message if you find errors, typos or if you have any suggestion or proposal. Abbreviations in the recipes:
  • UX = “User X” where X is a number (for example U1 = User 1, U2 = User 2 etc.)
  • SX = “Section X” where X is a number (for example S1 = Section 1, S2 = Section 2 etc.)
  • ACL = a single Access Control List rule

Recipe 1 : prevent authors to edit their own articles after being approved (workflow)

Scenario

  • You have many authors submitting content that you or some other admins approve before being published
  • Joomla 1.5 does not prevent an author to edit again  his/her content once published
  • you want to avoid editing after approval, only admins will be able to do that

Procedure

The strategy here is to block content update to all users, admins and back-end users will retain the standard Joomla behaviour.
  1. Set the default ACL to prevent all the users to update or delete content: in Components->Simple ACL->Parameters set
    • Create = Allow
    • Update = Deny
    • Retrieve = Allow
    • Delete = Deny (not implemented from Joomla front-end, but Just in case)

Recipe 2 : public website with some section editors

Scenario

  • Your website is public, everybody can see everything
  • you have one section for each department in your company (S1 and S2 in this example)
  • each section has one or more users  that can add or edit content (U1 can edit S1, U2 can edit S2 and U3 can edit both)

Procedure

The strategy here is to allow content retrieval by default and only block content creation or editing, individual ACLs allow editing to some selected sections/users.
  1. First thing to do is set the default ACL to prevent all the users to create or update content: in Components->Simple ACL->Parameters set
    • Create = Deny
    • Update = Deny
    • Retrieve = Allow
    • Delete = Deny
  2. Save the new parameters (hit “Save”)
  3. Now open S1 to U1 and U3, create the following ACLs:
    • Section S1, User U1:  check all permissions
    • Section S1, User U3:  check all permissions
  4. Now open  S2 to U2 and U3, create the following ACLs:
    • Section S2, User U2:  check all permissions
    • Section S2, User U3:  check all permissions

Recipe 3 : public website with some private sections

Scenario

  • Your website is mostly public but you have
    • some private sections (S1, S2 and S3)  available for browsing and/or editing to selected employees
    • some private sections (S4, S5) for your customers
  • all your employees (U1, U2, U3) are registered users with level “author”
  • all your customers are registered users with level “registered”
  • since S1, S2 and S3 are not public, their Joomla access level must be set to “Registered”  (in this case it would be also possible to set it as  “Special”  since our employees level is  “Author”)
  • since S4 and S5 are not public, their Joomla access level must be set to “Registered
  • we want to set thing up such that
    • U1 can view and edit S1
    • U2 can view and edit S2
    • every employee can view S3 (but nobody below admins can edit it from the front-end)
    • every employee can view and edit content in S4
    • every customer can view content in S4 and S5

Procedure

Here we are choosing a different strategy: keep all sections closed by default and selectively open sections to users. Because in this example we have Customers and Employees belonging to different Joomla levels (Registered and Author) we can create some group ACLs instead of individual ones.
  1. First thing to do is set the default ACL to prevent all the users to retrieve, create, update content: in Components->Simple ACL->Parameters set
    • Create = Deny
    • Update = Deny
    • Retrieve = Deny
    • Delete = Deny
  2. Save the new parameters (hit “Save”)
  3. Grant all users with level “Author” permission to retrieve content from S3: create an ACL on group “Author” and section S3 with Retrieve permission only
  4. Open S1 to U1: create the following ACLs:
    • Section S1, User U1:  check all permissions
  5. Open  S2 to U2: create the following ACLs:
    • Section S2, User U2:  check all permissions
  6. Grant all users with level “Author” permission to create, retrieve and update content from S4: create an ACL on group “Author” and section S4, check all permissions
  7. Grant all users with level “Registered” permission to retrieve content from S4: create an ACL on group “Registered” and section S4 with Retrieve permission only
  8. Grant all users with level “Registered” permission to retrieve content from S5: create an ACL on group “Registered” and section S5 with Retrieve permission only

6 Responses to “Joomla Simple ACL recipes”

  • Lolke

    Hi,

    Certainly looks cool! I was wondering whether it would solve my issue:

    A menu item action needs to be dependent on user (logged in or NOT logged in). The action is a FORM (Breezingforms component). So, if I could make 2 menu items (same label) and one points to form A and the other to form B and your tool woud allow assigning access rules to those forms, it would do the job. Right?

    Further: what about 1.6? Would it make your tool obsolete?

    Thanks for your time.
    Lolke

  • Alessandro Pasotti

    Simple ACL only works when menu items point to com_content items, so it will not work if the menu item points to a form.

    And yes, 1.6 will maybe make Simple ACL obsolete, but if you have tried 1.6 you know that ACL are far from being simple and easy to use, a simpler solution like Simple ACL will probably be still useful for 1.6.

  • Armand Davila

    Maybe I’m not doing something right but I can’t create user groups and thusly cannot assign ACL’s to them.

    They said this was simple, but I’ve followed the instructions the best way I can and this isn’t working for me at all. Please help because I have a deadline – yikes!

Trackbacks/Pingbacks

  1.  ItOpen – Open Web Solutions, WebGis Development » Blog Archive » Simple ACL ready for Joomla 1.5