Multi-Level User Access With Joomla

It’s well known that Joomla’s core user management and access tools are lacking. I have begun using JaclPlus to provide multiple levels of access to my Web site’s content. Here’s a summary description of JaclPlus from the Joomla Extensions Directory page for this component:

An ACL Enhancements component for Joomla! to enable you to create new user groups and/or new access levels. It also enables you to assign multiple access levels to user group to make your website items’ view access more controllable. Beside these, it also enhance com_content frontend ACL to allow add/edit/publish action control based on user groups for specified sections/categories/content items.
Although this is a HACK solution, it will restore your Joomla to default Joomla state if you uninstall it (users in non-default group will be moved to “Registered” group and items with non-default access level will be assigned to “Special” access level).

The first initial hurdle is the install. Since this component is a ‘hack’ the installer needs access to a number of files which inevitably leads to permissions problems. Below is a quick note from the Joomla Extensions Directory forum:

Having tried every extension out there, it was clear that JACL
is the only one that seems reasonably secure. I was originally
put off because i couldn’t install. Finally, i did, and what an extension! Here’s how to install it – for dummies like me:

1. Download latest public release of component.
2. Auto install through Joomla – Install Component.
3. Print out the list of permission errors.
4. Unistall the component.
5. Chmod the files list to 0777.
6. Re-install
7. Print out further list of permission errors.
8. Unistall
9. Chmod the parent folders to 0777 (mine only worked with FTP program. I.e. if the permission error is say /public_html/administrator/index.php and you have already chmod ‘ed this file after the first installation, the folder ‘administrator’ also has to be chmod’ed to 0777.
10. Reinstall.

This installing and unistalling is all done in order to find the files and directories which need permissions changed. I found that on my particular installation I needed to change the permissions on the following:

chmod 777 /your/site/path/includes/frontend.php
chmod 777 /your/site/path/includes/gacl_api.class.php
chmod 777 /your/site/path/includes/joomla.php
chmod 777 /your/site/path/includes/pathway.php
chmod 777 /your/site/path/includes/pdf.php
chmod 777 /your/site/path/modules/mod_latestnews.php
chmod 777 /your/site/path/modules/mod_mainmenu.php
chmod 777 /your/site/path/modules/mod_mostread.php
chmod 777 /your/site/path/modules/mod_newsflash.php
chmod 777 /your/site/path/modules/mod_related_items.php
chmod 777 /your/site/path/modules/mod_sections.php
chmod 777 /your/site/path/components/com_contact/contact.php
chmod 777 /your/site/path/components/com_content/content.html.php
chmod 777 /your/site/path/components/com_content/content.php
chmod 777 /your/site/path/components/com_newsfeeds/newsfeeds.php
chmod 777 /your/site/path/components/com_weblinks/weblinks.php

chmod 777 /your/site/path/includes/
chmod 777 /your/site/path/components/
chmod 777 /your/site/path/components/com_content/

Now, if your install was successful, you’ll now go ahead and start using JaclPlus. There’s a decent how to at:

http://www.byostech.com/content/view/8/12/

As far as real world use, I’ll show you what I did to setup my first example. The basic steps are 1. create an Access Level, 2. create/edit a Group, 3. add/edit User Group, 4. assign Access Level to content item, menu item, etc.. Below is a list of steps for creating a new Access Level and Group called ‘Gold Member’, adding a user with access to Gold Member, and restricting access to a content item to only the ‘Gold Member’.

  1. go to ‘Access Level Manager’
  2. select ‘New’
  3. add ‘Access Level Name’ (ie. Gold Member)
  4. select ‘Save’
  5. go to ‘User Group Manager’
  6. select ‘New’
  7. add ‘Group Name’ (Gold Member)
  8. select ‘Access Level’ (ie. Gold Member, Public, Registered, etc)
  9. select ‘Save’
  10. go to ‘User Manager’
  11. select ‘New’
  12. add user details
  13. select ‘Group’ (Gold Member)
  14. select ‘Save’
  15. select ‘Content Items Manager’
  16. select content item
  17. select ‘Access Level’ (Gold Member)
  18. select ‘Save’

That’s it, you now setup a content item to only be accessable by the user with ‘Gold Member’ access.

There is one thing I should mention. You’ll need to download the extention that matches the version of Joomla you are running. Also, from reading the boards, it looks like they hold out on the free version of Jacl when an upgrade is made for about 2 weeks with only paying members having access to the upgrade. This may be an issue for some installations.

Post written by Ed Reckers

Founder and lead web development consultant at Red Bridge Internet : San Francisco WordPress Developers and Consultants.

5 Responses to “Multi-Level User Access With Joomla”

  1. hadieHa

    the above described JaclPlus is a hack on the core files. Better use Admin-User-Access, which is not a hack.

  2. fuckJACLPlus

    I wish I had the money to buy all of these shitty extensions and redistribute them on all of the damn warez sites.

  3. shobinsun

    Hi,
    I need to edit the access control of manager user group in joomla 1.5. In joomla 1.x.x we can do it by editing /includes/gacl.class.php.

    Any body have idea about it.???

    Thanks in advance.

  4. carsten888

    admin-user-access is not a hack and is easyer to use.

  5. Tim

    This is stupid. We shouldn’t have to pay for this shit. We shouldn’t even have to install an extension for it. It should already be a feature included in Joomla.

Leave a Reply