tel: +2348055401551 (sms, whatsapp)
skype: tokunboajewole

Joomla ACL Tutorial: how to restrict Joomla users to specific media upload folder

  • Published on Thursday, 03 November 2016 15:02

In this tutorial, I will explain how to setup Joomla users to publish articles, and upload media-content into user/group-specific upload folders.

Joomla's default editor is TinyMCE. We need to install another editor that has options for setting user-specific upload folders.

1) Install JCE: https://www.joomlacontenteditor.net/. Set JCE as the default editor in Global configuration.

2) Create a user account: "frederick". Assign "frederick" to group: "registered".

On the "Basic Settings" tab of Frederick's user account, set the Editor option to "Editor JCE.

jtutorials1

3) Let us setup user-frederick to publish from the backend via a group-add:

- create a group:legal-team; group parent = registered.

- Add user "frederick" to group "legal-team"

jtutorials3

- add group "legal team" to the "special viewing access level"

- Allow backend login: refer to tutorial: Joomla ACL Tutorial: create a user account and allow backend login

4) Allow user to publish articles via Joomla backend: Joomla ACL Tutorial: allow user account to publish articles via Joomla backend

5) Now, let us setup the media upload folder:

- As administrator, go to Content >> Media....

Note: I have deleted the default files and directories in the new Joomla installation im using for this tutorial.

- Create a folder with name:"fredericks-folder"

jtutorials4

6) Configure JCE Profile for user-Frederick:

To make/force user-frederick's media content into "fredericks-folder", we need to set up JCE editor-profiles on the group that user-frederick belongs to.

- Goto Components >> JCE Editor >> Editor Profiles.

- Select the Default Profile and make a copy.

- Click to open the copied profile; on the "Setup-tab", details-section, change "Name" to Legal Team Profile

- scroll down to the "Users Group" section. Uncheck every group except "legal team", and "Super users"... (only super users and the legal team will have access)

- In the users-list, use the "add users" button to add user "Frederick".

See screenshots below:

jtutorials5

Profile name: Legal Team Profile name

jtutorials6

User group: select legal-team

jtutorials7

user-frederick is selected in the users list

jtutorials8

user-frederick is selected in the users list

On the Editors Parameters Tab, set Filesystem >> File Directory Path to: images/fredericks-folder

On the Plugin Parameters Tab, set File Browser >> File Directory Path to: images/fredericks-folder

After creating the Legal Team Profile, dont forget to move it above the Default Profile. Tip: any created profile should be moved above the Default Profile.

jtutorials9

NOTES:

According to Joomlacontenteditor documentation, the following are some considerations on File Directory Path options.

File Directory Path
Relative path to file directory. Defaults to images if left blank. This path can contain the variables (eg: images/$usertype/$username) :

$id - Will be replaced with the user ID
$username - Will be replaced with the user username
$usertype - Will be replaced with the user usertype eg: author
$profile - Will be replaced with the profile name
$group - Will be replaced with the profile name
$year - Will be replaced with current year, eg: 2010
$month - Will be replaced with current month number, eg: 06
$day - Will be replaced with the day number, eg: 10

examples, with reference to sample group: legal-team:

- if File Directory Path is set to "images/$username", every user in the legal-team group will have an upload folder with their own username.....meaning a directory named "frederick" will automatically be created the first time user-frederick wants to upload an image. Same will happen for all other "usernames" in the legal-team usergroup.

- if File Directory Path is set to "images/$group", all users in the legal-team group will have a common upload folder/foldername as "Legal_Team_Profile". This is because the "Legal Team Profile" is applied to the Legal Team user-group where they all belong. Folder will be automatically created when a user in the group uploads a file.

- if File Directory Path is set to "images/$usertype", things work a little different: all "Registered-group" users will have a common upload folder by name "Registered". All "Authors-group" users will have a common upload folder "Authors"., etc

Links: Read Full JCE Editor Parameters documentation:

Thats all folks, thanks for dropping by.

Joomla ACL Tutorial: allow backend user to publish articles into only a specific directory

  • Published on Tuesday, 01 November 2016 16:06

ALLOW USER TO PUBLISH ARTICLES INTO ONLY SPECIFIC DIRECTORY

In this tutorial, we will allow a Joomla-backend-user to publish articles into ONLY A SPECIFIC CATEGORY/IES.

SETUP: we have two users, each will be able to publish articles to only 1-category each

1) CREATE GROUP
- create a group: "sports-group" with group parent as public
- create another group: "politics-group" with group parent as public

2) CREATE USER
- create a user: sportsuser with parent as registered. Assign user to sports-group
- create a user, politicsuser with parent as registered. Assign user to politics-group

See the following screenshot of our users list:

tut1a

3) ADD GROUPS TO SPECIAL ACCESS LEVEL AND ALLOW BACKEND LOGIN

This was covered in a previous tutorial: Joomla ACL Tutorial: create a user account and allow backend login

At this point, users can login via backend, but cant do anything.

4) CREATE CONTENT CATEGORY:
Create content category "sports category" and under the permissions-tab, set as follows:
- for politics-group: set all actions to denied
- for sports-group: set all actions to allowed

Create content category "politics category", and under the permissions-tab, set as follows
for politics-group: set all actions to allowed
for sports-group: set all actions to denied

5) ALLOW USER ACCOUNTS TO PUBLISH ARTICLES:

This was covered in a previous tutorial: Joomla ACL Tutorial: allow user account to publish articles via Joomla backend

TESTING TIME TESTING TIME TESTING TIME

1) Login(backend) as sportsuser, create an article. you would notice that in the category options, only 1-option "sports-category" is available. Publish an article, then logout.

tut1b

2) Login as politicsuser, create an article. You would notice that in the category options, only 1-option "politics-category" is available.

- you would also notice that you can see the article created by sportsuser(above), but can't edit it. Create and publish your own article as politicsuser

- after publishing your article, check the article list and you would notice that now that there are two articles, but you can only edit your own article.

tut1c

 

MORE OPTIONS:

1) what if you want a user to be able to publish articles into both sports and politics groups?

- just create the user(group parent = registered) and add it to the two groups. The user will now be able to see articles published by other sports&politics groups members.

2) Users in the same group are able to edit each-other's articles, what do I do?

- if another user(ex: politicsuser2) is created and added to politics-group, this useraccount would be able to edit, enable/disable articles published by previous politics-group member/s account.

This is not a desired option. This is what to do:

Goto Content >> category >> select politics-category >> permissions

- in the politics group on the left-side bar, set Edit and Edit-state to Denied (see screenshot below)

tut1d

Repeat the above for the sports-group / any other groups you many have.

TEST AGAIN

Login as politicsuser, you are able to see articles published by all politics-group members but can only edit your own(useraccount) article.

Joomla ACL Tutorial: allow user account to publish articles via Joomla backend

  • Published on Friday, 16 September 2016 14:50

In our previous tutorial, we created a user account, a group account, assigned the user-account to the group-account, and set the necessary permissions for the user to login via Joomla backend.

User was able to login and see the control panel and profile editing options. Read the tutorial here:

After the above tutorial, when our user(sales-user) logs into Joomla backend, this is how the control panel looks like:

joomtut5

In this tutorial, we will give a created user-account the necessary permission / s to publish articles. User will be able to publish articles to any category, there will be no restrictions whatsoever.

Login to your Joomla site as administrator, and from the administrator menu do the following:

- click content >> articles >> options (top right hand corner) >> permissions

- find the groupname 'sales-group' or the group-name you created earlier

- set these actions (access administration interface, create, delete, edit, edit-state and edit-own) to "allow"

joomtut2a

After the above is done, login to Joomla backend as the user-account you created earlier "sales-user".

The control panel will look like this:

joomtut4a

Notes:

- 'Content' menu-item and pull-down is now visible at the top menu; 'Content' side menu is also visible

- sales-user has the ability to perform functions: create new articles, delete existing articles, edit, publish / unpublish any article regardless of author or category;

- user can view article list by clicking the "articles" option; as well view the list of available categories via the "categories" option; publish or unpublish categories;

So basically, because no restrictions were set by the administrator, this user has all rights on the articles in the site.

Joomla Access Control List Tutorials

  • Published on Friday, 16 September 2016 13:16
joomla-acl

The following are a list of Joomla ACL tutorials to help you set up a Joomla website for user access both from the backend and front-end.

 

Please leave a comment to make a request for a Joomla ACL tutorial you dont see covered on this list:

Joomla ACL Articles

Joomla ACL Tutorial: create a user account and allow backend login

  • Published on Friday, 16 September 2016 13:09

By default, while installing Joomla, a user account is required, and created. This user-account has "super user" priviledges(it is assigned to the 'Super User' group).

In this tutorial, we will do the following:
- create a new user account
- create a group account
- assign the user to the group
- set permissions on the group to allow the user to publish articles from the backend.

The following will be done as a super-user:

1) Allow user to login via backend:
- create a user group = sales-group
users >> group >> add new group
- set group parent = public

joomtut1

 

2) Create a user account, ex: sales-user
users >> manage >> add new user
- set username and password as you wish
- set assigned user group = public
- assign user to sales-user group

joomtut2

 

3) Add the new group into the "special" access level:
- users >> access level
- click special
- tick the checkbox in front of "sales-group", and save & close

joomtut3

 

4) Set Global configuration permissions for the group:
- System >> global configuration >> permissions >> sales-group
- set "administrator login" to "allow access"

joomtut4

 

5) you can now login to the backend of the website:
- the Control Panel and Help items on the menu are available, as well, this user account can edit his/her user profile.

joomtut5

Stay tuned for the next tutorial

I use Linux 24x7

Recent Comments