Welcome, Guest
Username: Password: Remember me

TOPIC: ACL definitions and setup - core.entry

ACL definitions and setup - core.entry 29 Jul 2012 12:14 #2923

  • e-struct
  • e-struct's Avatar
  • Offline
  • Senior Member
  • Posts: 76
  • Thank you received: 4
  • Karma: 5
Can you please detail the required Access Control Level setup for the component beign edited.
In the demo video, ACL are defined from back-end layout but its is not clear enough.
Can point to the documentation place for that topic if there is one ?
Thanks.
Last Edit: 12 Aug 2012 08:47 by admin.
The administrator has disabled public write access.

Re: ACL definitions and setup 30 Jul 2012 16:46 #2927

  • admin
  • admin's Avatar
  • Offline
  • Administrator
  • Chef
  • Posts: 3711
  • Thank you received: 987
  • Karma: 140
The ACLs are a Joomla standard.

When a user try to process a task, the ACL is consulted to know if the user is allowed to do it.

How it works :

First, you must organise your users in groups. Because the acls do not deal with single users, but with groups.
That means if you add a user, you do not need to change the ACLs. You only attribute an affiliation to a group, and then, the ACLs will act automatically.

ACLs are commons for all items. If you want to limit access for a particular item, you must use another feature : the access levels.

So, once your component is created, go to the 'options' of your component and define them.
Each type of operation is described (create, edit, change state, delete, ...)
It is possible to create a new ACL name ('run' for example) in the access.xml file of your component.

Defining the ACLs can be a little bit tricky because you must have a global vision of your component and because the ACL table is big (The more groups you have, the more rows you obtain in this table)

The groups are using a hierarchy, this means that a non specified ACL for a group herit the ACL of the previous group in hierarchy (level under)


In the sandbox, you can try them, using the combobox who simulate virtual users.

I think with theses informations you can start understanding them.
Coding is now a piece of cake
The administrator has disabled public write access.

Re: ACL definitions and setup 01 Aug 2012 08:47 #2943

  • e-struct
  • e-struct's Avatar
  • Offline
  • Senior Member
  • Posts: 76
  • Thank you received: 4
  • Karma: 5
My point was not how ACL's are organized in joomla but in COOK !
I already have all my groups and levels defined but ....
I'll try to explain .. not so easy

when I enter my component URL by a direct link access in the address bar of the browser..
ex:
https://<URL>/index.php/?option=com_<mycompoent>

I can easily access to the page where I see my table headers.
The content (rows) are not displayed due to the ACL restrictions but there is nothing that prohibits to display the page.
I can also pass a requested view &view=... and is working smoothly :(

I have no "Option" icon on the back-end when I select my component in the menu where I could define more groups as shown in the demo video.
So my point is how (and where) I can say to COOK that I don't want direct access to my component ?
In this case I would like to Joomla redirects me to a page saying "You have no right to display this content".
Last Edit: 01 Aug 2012 08:50 by e-struct.
The administrator has disabled public write access.

Re: ACL definitions and setup 01 Aug 2012 09:11 #2944

  • admin
  • admin's Avatar
  • Offline
  • Administrator
  • Chef
  • Posts: 3711
  • Thank you received: 987
  • Karma: 140
RIght, there is no specific ACL for that.

TODO
Create a new ACL in access.xml (for example core.entry)
Limit the access directly in your main controller file (entry point)

Something like :
if (!JFactory::getUser()->autorise('core.entry'))
{
... //redirect or something else
}

That's it
Coding is now a piece of cake
The administrator has disabled public write access.

Re: ACL definitions and setup 01 Aug 2012 09:18 #2945

  • e-struct
  • e-struct's Avatar
  • Offline
  • Senior Member
  • Posts: 76
  • Thank you received: 4
  • Karma: 5
OK I will try ...
but this means I will have to do that every time I will generate my component, right ?
The administrator has disabled public write access.

Re: ACL definitions and setup 01 Aug 2012 09:22 #2946

  • admin
  • admin's Avatar
  • Offline
  • Administrator
  • Chef
  • Posts: 3711
  • Thank you received: 987
  • Karma: 140
I add it to the list of functionalities.

It is really missing in Joomla. Lot of components are missing this ACL.
So, I hope it will come soon.
Coding is now a piece of cake
The administrator has disabled public write access.
Time to create page: 0.071 seconds

Get Started