How to limit access to content in Joomla using JACLPlus & DocMan PDF Print E-mail
User Rating: / 13
News - Web Development
Written by Tim Black   
Tuesday, 08 January 2008 14:38

Let's say you have DocMan and JACLPlus installed, and your friendly web developer has already set up some groups for you.  You would probably ask,

Where’s the primary point from which we drive who is in which group?

And your friendly web developer would reply....  In your site the two main places to create groups, define each group's permissions, and add users to groups are:

1.   DocMan admin pages
2.   JACLPlus admin pages

Currently, our DocMan permissions system is independent of the JACLPlus permission system, so to change one group's access, you need to edit both the DocMan & the JACLPlus settings.

In DocMan's admin pages, you first create a "category" of downloadable documents--these are the categories under which documents are arranged on the frontend.  Then for any category to which you want to restrict access, you create a "group" of users who can access that category, and add users to the group by editing a group.  When you upload a file into DocMan from the front or back end, make sure you assign it to the right "category," then that category's permissions will be applied to the document.

In JACLPlus, you have a lot more options, so it can get confusing.  Basically, you create a new JACLPlus group, add users to it, and hook it to a JACLPlus access level and add articles to the access level.  The best way to learn to use JACLPlus is to go to "JACLPlus - User Group Manager" and in the table of groups, click on the link in the "Users" column for one particular group.  This will let you add users to that group.  To add a user, click "Reset All Filters," select one or more users, then in the drop-down boxes, add those users to a group.  For example, in the "Add to selected sub" drop-down box, select the "MTW Committee" option to add the selected user(s) to that group.

That's half the job with JACLPlus.  The other half is to assign content to groups.  This requires an understanding of two key distinctions involved in Joomla's method of organizing content:

  • First distinction:  there are "content items" ("articles" in Joomla 1.5+), and "menu items."  Both can be assigned access permissions by restricting access to the item to the members of a particular JACLPlus group.  Permissions on menu items either display or hide the menu item.  Permissions on content items allow/disallow viewing (or optionally editing, etc.) an item.  You create a content item first, then create a menu item that links to that content item if you want the content item to show up in the menu.
  • Second distinction:  there are "sections" (main groupings of content items) and "categories" (groupings of content items on the sub-section level).  Every content item must be assigned to a section and category when you create the content item, so you need to set up a new category and/or section before you add content items that require a new section/category.  Permissions can also be applied to sections and categories to efficiently apply permissions to a large set of content items all at once.  Currently each committee with content has a separate category, and those categories are all grouped within the "Committees" section, and are all set to be accessible to all.  This also requires understanding how fine-grained JACLPlus permissions can be.  In JACLPlus, you can give a group, or a user, several kinds of access to a content item:  the basic permission is to "view" the item, but additional permissions can allow them to "add," "edit," and/or "publish" the item.

So, to put it together, you'll probably want to keep the current per-committee Joomla categories with their public access permissions as a way of organizing the public content items for each committee.  When you need to create a content item that is private to one committee, remove the "Public" and "Registered" access levels from that committee's JACL group, and add the appropriate users to that group.  Then create a new Joomla category (in "Content - Category Manager") called something like "MTW - Private," and set its "Access Level" to the committee's name ("MTW Committee").  Then create the content item, and assign it to that category ("MTW - Private").  This will give members of the committee access to view the content items in that category.

You may want to give certain members of each committee add/edit/publish rights to their committee's public and private pages.  I think the best way to do this is to create a new JACLPlus group for, e.g., "MTW Committee - Admins," at the bottom of the page where you create that group, select "action," "add," "category," "MTW," "Yes," and click the plus ( + ) sign, then repeat for the "edit" and "publish" actions too, and repeat for the "MTW - Private" category too.  Then add the members to that group, and they should be able to edit the pages for that group.

Whew!  That was a lot for your friendly web developer to say.  After digesting it for a while, you might also ask him, 

Can a person be in multiple groups and if so, where does that get set?

To which thankfully, there's a simple answer--Yes!  Just add the user to each DocMan and JACLPlus group they need to belong to, as described above.

You might want to start posting some of these how-to's in a FAQ category for administrators only.  Maybe in the "General Info" section, under a new "FAQs for Admins" category.  You can create a "Blog - Content Category Archive" link in the main menu, make it accessible only to users with backend privileges, and then that link will produce a page listing all FAQs you post in the category.  Come to think of it, I should be doing that too...

Last Updated on Monday, 14 January 2008 08:34