Reputation: 23
joomla 3.0 site component access control
Joomla 3 component security question (sorry noob). I've got a component I'd like the site and admin portions to have different access setting. The Joomla example seem to focus on the admin security, specifically admin\access.xml.
Can I set group level access on the "site" side of my component? if so, how?
Thanks, this is the best document I've found, but I don't believe it addresses my question.
Upvotes: 2
Views: 745
Answers (1)
Reputation: 1345
You have the right document, if it works correctly in the backend already, you can use it in the frontend too. As the tutorial describes you have to add:
// Access check: is this user allowed to access the backend of this component?
if (!JFactory::getUser()->authorise('core.manage', 'com_yourcomponent')){
//pop the error below:
return JError::raiseWarning(404, JText::_('JERROR_ALERTNOAUTHOR'));
}else{
// [...] Stuff for restricted access here
}
In place of core.manage you can put whatever acl requirement you need to check against. For example core.edit, core.manage, core.yourown etc. These access control conditions co-exist in the admin/access.xml file, there's no need to create a separate file for the frontend.
Upvotes: 1
Related Questions
- Access permission inside Joomla custom component
- ACL in joomla (access control list)?
- Clarification regarding Joomla Access Control (ACL)
- Joomla Component Permissions
- Joomla 2.5 ACL restrict to specific features/views
- ACL for Joomla Component
- user authorization in custom component
- To implement new type ACL in joomla 2.5
- Joomla : How to set access permission from a custom component?
- Joomla ACL: Only allow access to custom component in the backend?