Simple ACL for Joomla

by filed under Joomla.

SimpleACL for Joomla! is a simple ACL component that helps to restrict front-end access to particular sections.

What is this thing?

SimpleACL for Joomla helps you to restrict front-end access to particular user/section combinations. You can independently set permission to read, insert, update (and delete) content items based on the section they belongs to. The component does not override default Joomla roles, those roles are always checked first. SimpleACL plays only with default com_content component and doesn’t affect other components or modules. You can set a default access permission and selectively enable/block users to access content items in selected sections.

What can I do with this component?

A typical scenario:
  • Your site is a company site and the company has several departments.
  • Every department has a user who is in charge for editing web content for the department.
  • Every department has its own section for content items.
  • Users should only be able to edit content in their own department.
  • There is a user who is the public relation manager, he must be able to edit content in all sections (without being Administrator).
  • There are some section whose content should be readable only by selected users.
With SimpleACL you can set permissions to selected section/user combinations, this allows you to implement such a fine grained access control.

How it works?

SimpleACL works with an independent database table that hold the permissions for user/section combinations. A system mambot checks those access rules when the user access a content item from the front-end.

Please note that…

  1. Default Joomla roles are not overridden and are always checked first.
  2. SimpleACL work in the front-end only
  3. Only authenticated users are checked for ACLs
  4. “Administrator” or “Super Administrator” user are not checked for ACLs.
  5. There is no group support, hence this component is not suited for systems with many users

Licence

AGPL (Affero General Public Licence).

Translations

They go in a language file, at the moment only English is in the distribution.

Contributions

Please consider contributing with some:
  • code
  • bug fix
  • translations
  • food or beverages
  • money
  • compliments and appreciation
  • comments
  • etc. etc.

Download (Joomla < 1.5)

Simple ACL component 1.0.1 Simple ACL mambot 1.0.1

56 Responses to “Simple ACL for Joomla”

  • Sven Bankel

    Hi,
    This seems to be exactly what I am looking for. Will it work with Joomla! 1.5 RC3? I have a family site and would like to restrict each member to only write articles in his/her own particular section, plus in one or two common sections.
    Regards,
    Sven

  • Alessandro Pasotti

    This component was not tested with the 1.5 branch, so I do not expect it works.

    Maybe in the future I will port it to the 1.5 branch provided somebody will fund the development.

  • Piero

    Ho testato su joomla 1.0.13. Ho creato i tre utenti fron-end e impostato tutti i flag compreso “Create new content items” su una determinata sezione. Tornanto sulla “Simple ACL list” , gli utenti hanno “Insert” sempre impostato su “No” per cui non possono aggiungere notizie nemmeno nella loro sezione.

  • Andrea

    Ciao, ho cercato di installare il componente ma ricevo sempre lo stesso errore:

    hai idea di cosa può essere?

    Errore SQL DB function failed with error number 1064
    You have an error in your SQL syntax near ‘ENGINE=MyISAM ‘ at line 9 SQL=CREATE TABLE `jos_simpleacl` ( `id` int(11) NOT NULL auto_increment, `userid` int(11) NOT NULL, `action` set(‘c’,’r’,’u’,’d’) NOT NULL, `policy` enum(‘allow’,’deny’) NOT NULL, `sectionid` int(11) NOT NULL, PRIMARY KEY (`id`), UNIQUE KEY `sacl_unique` (`userid`,`sectionid`) ) ENGINE=MyISAM ;
    SQL =

    CREATE TABLE `jos_simpleacl` (
    `id` int(11) NOT NULL auto_increment,
    `userid` int(11) NOT NULL,
    `action` set(‘c’,’r’,’u’,’d’) NOT NULL,
    `policy` enum(‘allow’,’deny’) NOT NULL,
    `sectionid` int(11) NOT NULL,
    PRIMARY KEY (`id`),
    UNIQUE KEY `sacl_unique` (`userid`,`sectionid`)
    ) ENGINE=MyISAM ;

  • Rik Bignell

    This works really well. Simple just like it suggests. Easy to install and use. Only problem i found i static content is not ACLed. Is there work on including groups? It would be really handy to apply the same ACL to all users of a particular group?

  • Alessandro Pasotti

    @Rik

    Sorry, this component is not at the top of our priority list. Development will eventually restart on 1.5 branch since we’ve almost completed the migration to this new Joomla version.

    It would be nice to raise some funds to complete this component because something easier than GACL+ or other invasive solutions is really missing.

  • Rik Bignell

    I recommend you post this tool on the joomla extensions directory then add a DONATIONS section for people to donate if they like the tool. You should then be able to raise the fund you need to complete this development project.

  • Michel

    Thanks for a great component! just a little bug. When I edited the “Deny page text” with a picture, both pages (Back and Front End) turns white. I also tried to use XTYPO mambot without results.
    Anyway a great component almost that i was looking for :), is possible to add a Drop down multi-select list instead?
    I know you wrote that isn’t for grups, but, why not :)??
    Thanks again!
    Michel

  • JM

    I get errors with both “view ACL” and “edit savings” menu items. So, I basically can’t get started.

    For “view ACL”, I get
    Notice: Undefined variable: where in C:\www\administrator\components\com_simpleacl\admin.simpleacl.php on line 138

    For “edit savings”, I get
    Notice: Undefined variable: default_policy in C:\www\administrator\components\com_simpleacl\admin.simpleacl.php on line 251

    and

    Notice: Undefined variable: default_policy in C:\www\administrator\components\com_simpleacl\admin.simpleacl.php on line 253

    I’d appreciate any help you can provide.

  • fizi

    Hi there,
    This is a great feature you guys are working on!
    Great works!

    Just asking… I didnt say any option on restricting users by category… I found settings only for section. Is it possible to have control for category?

    Thanks

  • Salvatore

    Innanzitutto complimenti, simple ACL è un’estenzione di estrema utilità.

    Volevo chiedere se il fatto che non lo abbiate testato su joomla 1.5 esclude il fatto che possa funzionare.

    Mi spiego meglio, volevo sapere se è probabile che funzioni ma non è “certificato” per l’uso con la 1.5 oppure è da escludere che funzioni con quella versione???

    Grazie mille.

  • mike

    it doesen’t work for me.. simpleACL only gives permisions to sections… I need to manage categories, since I have a webpage with only one section and multiple categories

  • VTP

    Installed it and configured it. But then when I logged in as the regulated username, and clicked the link in the User Nemu to “Submit News”, I got the locked-out message. So it didn’t just stop me from EDITING content items that were not in the Section where permission was granted; it stopped me from adding new content ENTIRELY. Anyone else have this problem?

  • Fabio

    ho installato simple ACL su joomla 1,5. ho iniziato dal mambot ed è saltato tutto. poco male visto che sono a sperimentare. credo che sia il prodotto che cerco visto che gestisco un sito didattico dove gruppi diversi di studenti devono avere accesso a materiali diversi.
    quando uscirà una versione per joomla 1.5.
    un saluto,
    fabio

  • Francesco

    Ho notato che, con Joomla 1.0.15 e con il tuo (peraltro utilissimo) componente, si ripresenta ancora il problema segnalato da Piero che cito:
    Tornanto sulla “Simple ACL list” , gli utenti hanno “Insert” sempre impostato su “No” per cui non possono aggiungere notizie nemmeno nella loro sezione.

    Si può fare qualcosa?
    Ancora niente per Joomla 1.5?

    Grazie

  • Francesco

    Grazie per la solerte risposta (non avevo visto il tuo precedente post).
    Nel frattempo ho corretto il bug segnalato prima.
    Se mi regali il componente per la 1.5 ti rilascio il codice che ho modificato per la versione < 1.5 😉
    Scherzo, ovviamente. Però…
    Grazie e buon lavoro.

  • Giuggiola

    Ciao,
    nelle caratteristiche dici che non adatto a gestire un gran numero di utenti, non sai dire esattamente il numero totale degli utenti che può supportare ACL?
    Grazie e complimenti per il lavoro.

  • Giuggiola

    Grazie della risposta velocissima! Un’altra cosa… è possibile agire anche sulle voci di menu? In pratica io vorrei che ogni utente abbia nel menu visibile solo la voce di menu collegata alla sezione che può modificare lui.

  • Denis Occhiali

    Dall’articolo descrittivo dell’estensione emergono sicuramente quali vantaggi essa porta, ma credo sia altrettanto interessante capirne i vincoli (ovviamente se ne esistono): grado di compatibilità con le maggiori estensioni (quali community builder oppure virtuemart).
    Può risultare altrettanto interessante effettuare un confronto con l’estensione JACLPLUS.

    Cordiali Saluti.
    Complimenti per il contributo portato nella comunità Joomla!

  • Codrut

    Hello Alessandro,
    I downloaded and installed yesterday simple ACL, but:
    I have a section that i want to be visible only for 3 registered members, for all the rest, it should not be visible. The menu item, the category ,section and section item are accesible to “registered”.
    So i presumed that I must define ACL rules for all the users to not be able to see this section, except the 3 i need them to see it. Apparently, every1 can see it. Am i doing something wrong ?
    Thank you

  • michael

    Are you going to have group support? I want to assign access to content based on group in a premium section of my site. Group membership will decide what you have access to. That I would pay for, as I expect everyone else with the same requirements as me would.

    Build it and they will come.

  • Alessandro Pasotti

    @michael

    Unfortunately, implementing group support is not trivial and I’m not sure that Simple ACL would remain so “simple” if I add groups support.

    Additionally, there are already many other components (JACL+ and Juga to cite a few) that support groups.

  • Max

    I downloaded and installed today simple ACL but clicking View ACL I got this error:
    Table ‘jos_simpleacl’ doesn’t exist SQL=SELECT count(*) FROM jos_simpleacl AS aDB function failed with error number 1146
    Table ‘jos_simpleacl’ doesn’t exist SQL=SELECT jos_simpleacl.*, u.name as name, CONCAT(s.name, ‘ (‘ , s.title, ‘)’) as sectionname FROM jos_simpleacl, jos_users as u, jos_sections AS s WHERE jos_simpleacl.userid = u.id AND jos_simpleacl.sectionid = s.id ORDER BY name ASC LIMIT 0,10

  • Jason

    Hello Alessandro,
    I downloaded and installed simple ACL but by clicking on the View ACL button, i got this error:
    Table ‘webpage_jom.jos_simpleacl’ doesn’t exist SQL=SELECT count(*) FROM jos_simpleacl AS aDB function failed with error number 1146
    Table ‘webpage_jom.jos_simpleacl’ doesn’t exist SQL=SELECT jos_simpleacl.*, u.name as name, CONCAT(s.name, ‘ (‘ , s.title, ‘)’) as sectionname FROM jos_simpleacl, jos_users as u, jos_sections AS s WHERE jos_simpleacl.userid = u.id AND jos_simpleacl.sectionid = s.id ORDER BY name ASC LIMIT 0,10

    Will appreciate any help you can provide. Thanks

  • Alessandro Pasotti

    @Jason and Max

    Something went wrong during installation, I cannot tell you what.

    Also, development on Simple ACL for Joomla < 1.5 has been discontinued since Joomla < 1.5 is now obsolete.

  • John

    I am trying to stop people from changing what section content belongs in when they edit from the frontend. Will simple acl accomplish this

    Thanks

  • Alex urrea

    Hey! thanks for the SACL for 1.0 I installed it, I enter the users, but it doesnt seem to be working. I activate the mambot. Still nothing… all users see everthing… anything else I have to do, in code perhaps?

  • Alessandro Pasotti

    Development on Simple ACL for Joomla < 1.5 has been discontinued since Joomla < 1.5 is now obsolete. All that I can say is that SACL 1.0 it worked reasonably well at the time of release (one year ago).

  • aku82

    Dear Alessandro Pasotti,

    Previously you’ve said that you gonna stop developing for Joomla < 1.5.

    I hope you still do think about revamping for older joomla because many of web developers still using it.

    To me, sometimes it seems like a fight between xp and vista, where many still believe in older technology.

    I myself still using the old joomla because many new extensions I’ve depend on either has not been developed or still unstable.

    Thank you for your consideration.

  • Peo Forsberg

    Hi!
    I’m just wondering if I can set permissions user against category in this extension for Jommla. Or is it just by section?
    Best regards, Peo

  • John

    I’ve installed this but how to users edit things? Theres no frontend edit button or anything how can they edit the content please can you help?

  • Alessandro Pasotti

    @John

    Simple ACL version 1.0.1 is not supported anymore, sorry.

    BTW, the problem you describe has nothing to do with Simple ACL but it is a Joomla usage/configuration problem, I suggest you to ask your question on a Joomla general forum/list.

  • John

    Hi Alessandro, If anyone is wondering I fixed the problem i had to set the user as an “Editor” in the User Management page so they could see the edit button.

    I spent months looking for this and its working great! Just one question is there anyway to stop users being able to edit the frontpage because they all seem to be able to edit the frontpage? I know its not supported anymore but i would appreciate it greatly if you could point me in the right direction

    Many Thanks

  • Patsy

    So I installed this and it doesn’t seem to work right. I created about 10 users all associate to 10 sections. They are all set to registered. I went into the ACL tool and created the section name and user name it is associated, all set to retrieve because when they log in, I want them to see that section. But when I log in as one of the users, I get the denied access and they can’t even access the regular content on the website. Any ideas?

  • Alessandro Pasotti

    @Patsy,

    unfortunately you don’t say which version of Joomla and which version of Simple ACL you are using.

    Anyway, did you check the default policy?

    Also, there is probably a bug in Simple ACL version 1.0.1 that deny the whole home page in case there is a single “denied” article in the page.

Trackbacks/Pingbacks

  1.  ItOpen - Open Web Solutions, WebGis Development » Blog Archive » Simple ACL ready for Joomla 1.5