Prof3ta

Joomla! Access Control Plugin

Saturday, 09 February 2008 17:41

The graphical interface for the Joomla! Access Control Plugin is finally ready!!!

As you probably know, Joomla 1.5 doesn't allow a granular Access Control, but an ACL will probably be a feature of new Joomla! versions (1.6?). In the meantime, I decided to write this simple extension.

This totally unobtrusive plugin allows you to introduce some basic Access Control in your Joomla! extensions (components and modules), without having to edit the Joomla! core files or the Joomla! core database.

If you need to categorize your users in groups (let say, students and teachers), giving them specific permissions in the front-end and/or different views of your Joomla! website, this Joomla! plugin is what you need.

Simply install the plugin through the Joomla!plugin installer and enable it.

Then, install the GUI component, that will allow you to manage groups and permissions in a snap!

I will soon add a screencast in which I'll explain how to use the Access Control Component and Plugin. I will show how to create a simple "safe component" (compatible with the Access Control mechanism) in a few steps, too. In the meantime, be content with the following textual instructions.

If you want to create your "access-control compliant" component, you just need to edit your component main file according to the following template. As you can notice, it's very similar to the "MVC Hello World Component Main File" suggested in the official Joomla! wiki. The edited/added lines are marked in blue.

<?php

// no direct access
defined('_JEXEC') or die('Restricted access');

   // Require the base controller
   require_once (JPATH_COMPONENT.DS.'controller.php');

    // Import the user plugin group
    JPluginHelper::importPlugin('ACL');

    // Get the Access Control Info for current user
    $user =& JFactory::getUser();
    $componentId = JComponentHelper::getComponent($option)->id;

    if (!JRequest::getVar('task'))
        $task = 'display';

    $canPerformTask = $mainframe->triggerEvent( 'onPerformingTask',
                                  array($user->id, $componentId, $task) );

   // Require specific controller if requested
   if($controller = JRequest::getVar('controller')) {
       require_once (JPATH_COMPONENT.DS.'controllers'.DS.$controller.'.php');
   }

   // Create the controller
   $classname   = 'StagesController'.$controller;
   $controller = new $classname( );

   // Perform the Request task (if permission granted)
    if ($canPerformTask[0] == '1')
       $controller->execute( JRequest::getVar('task') );
    else
        JError::raiseError( 403, 'Access Denied' );

   // Redirect if set by the controller
   $controller->redirect();

?>

This simple controller will allow you a full granular access control to the tasks you need to perform within your component. Notice that the names of the task you want to perform within your component need to correspond to the names specified for the rules added through the graphical interface provided with the component.

If you need control access on a specific code section contained in your component (for example in one of your views), you can use the "triggerEvent" function (offered by the plugin) in the following way:

$user =& JFactory::getUser();

$userId = $user->id;

// Import the user plugin group
JPluginHelper::importPlugin('ACL');

// Let's fire the onAccessingSafeComponent event

$canGiveGrades = $mainframe->triggerEvent( 'onAccessingSafeComponent', array($userId, 'giveGrades'));

if ($canGiveGrades[0] == '1'){

// CODE TO GIVE GRADES GOES HERE

}

That's all folks! Use the forum on this website for installation and configuration issues.

PS: I want to thank Wilco Jansen and Hannes Papenberg for their support concerning Joomla! ACL issues :)

Last Updated ( Tuesday, 11 March 2008 20:01 )