Project

General

Profile

Actions

Feature proposal #2903

closed

J1.7: Limiting backend access using joomla 1.7 ACL

Added by beat about 13 years ago. Updated almost 13 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Target version:
Start date:
14 October 2011
Due date:
% Done:

100%

Estimated time:
2:00 h

Description

http://groups.google.com/group/joomla-dev-general/browse_frm/thread/cefcd16974adf96e?pli=1

Can be easily implemented as follows:
https://github.com/mahagr/Kunena-1.6/commit/81b7a10d3e4fefa6b6553112a4e63533e3e8cbf6

Details in case the original link doesn't work:

administrator/components/com_kunena/access.xml View file @ 81b7a10
...    ...    
@@ -2,17 +2,7 @@
2    2    
 <!DOCTYPE access>
3    3    
 <access component="com_kunena">
4    4    
   <section name="component">
5         
-    <action name="core.admin" title="JAction_Admin" description="JAction_Admin_Component_Desc" />
6         
-    <action name="core.manage" title="JAction_Manage" description="JAction_Manage_Component_Desc" />
7         
-    <action name="core.create" title="JAction_Create" description="JAction_Create_Component_Desc" />
8         
-    <action name="core.delete" title="JAction_Delete" description="JAction_Delete_Component_Desc" />
9         
-    <action name="core.edit" title="JAction_Edit" description="JAction_Edit_Component_Desc" />
10         
-    <action name="core.edit.state" title="JAction_Edit_State" description="JAction_Edit_State_Component_Desc" />
11         
-  </section>
12         
-  <section name="category">
13         
-    <action name="core.create" title="CATEGORY_ACCESS_CREATE" description="CATEGORY_ACCESS_CREATE_DESC" />
14         
-    <action name="core.delete" title="CATEGORY_ACCESS_DELETE" description="CATEGORY_ACCESS_DELETE_DESC" />
15         
-    <action name="core.edit" title="CATEGORY_ACCESS_EDIT" description="CATEGORY_ACCESS_EDIT_DESC" />
16         
-    <action name="core.edit.state" title="CATEGORY_ACCESS_EDITSTATE" description="CATEGORY_ACCESS_EDITSTATE_DESC" />
     5    
+    <action name="core.admin" title="JACTION_ADMIN" description="JACTION_ADMIN_COMPONENT_DESC" />
     6    
+    <action name="core.manage" title="JACTION_MANAGE" description="JACTION_MANAGE_COMPONENT_DESC" />
17    7    
   </section>
18    8    
 </access>
administrator/components/com_kunena/config.xml View file @ 81b7a10
...    ...    
@@ -0,0 +1,8 @@
     1    
+<?xml version="1.0" encoding="utf-8" standalone="yes"?>
     2    
+<!DOCTYPE config>
     3    
+<config>
     4    
+  <!-- Joomla 1.6 Support -->
     5    
+  <fieldset name="permissions" label="JCONFIG_PERMISSIONS_LABEL" description="JCONFIG_PERMISSIONS_DESC">
     6    
+    <field name="rules" type="rules" label="JCONFIG_PERMISSIONS_LABEL" class="inputbox" filter="rules" validate="rules" component="com_kunena" section="component" />
     7    
+  </fieldset>
     8    
+</config>
administrator/components/com_kunena/admin.kunena.php View file @ 81b7a10
...    ...    
@@ -21,6 +21,13 @@
21    21    

22    22    
 defined( '_JEXEC' ) or die();
23    23    

     24    
+// Access check.
     25    
+if (version_compare(JVERSION, '1.6', '>')) {
     26    
+  if (!JFactory::getUser()->authorise('core.manage', 'com_kunena')) {
     27    
+    return JError::raiseWarning(404, JText::_('JERROR_ALERTNOAUTHOR'));
     28    
+  }
     29    
+}
     30    
+
24    31    
 // Start output buffering to cleanup if redirect
25    32    
 ob_start();
+COM_KUNENA_CONFIGURATION="Kunena Forum Options" 

administrator/components/com_kunena/toolbar.kunena.html.php View file @ 81b7a10
...    ...    
@@ -26,7 +26,16 @@ defined( '_JEXEC' ) or die();
26    26    
 // ################################################################
27    27    
 class CKunenaToolbar
28    28    
 {
     29    
+    function _CPANEL_MENU()
     30    
+    {
     31    
+    if (version_compare(JVERSION, '1.6', '>')) {
     32    
+      if (JFactory::getUser()->authorise('core.admin', 'com_kunena')) {
     33    
+        JToolBarHelper::preferences('com_kunena');
     34    
+      }
     35    
+    }
     36    
+    }

Actions #1

Updated by beat almost 13 years ago

  • Status changed from New to Closed
  • Assignee set to beat
  • % Done changed from 0 to 100

Implemented in r1670 + r1671 as follows: J2.5: Fixed all ACL bugs and added support for Permissions settings, namely bug #3044, completes Joomla 2.5 support: Feature #3179 and Feature #2903 : J1.7: Limiting backend access using joomla 1.7 ACL, and bug #3000 : J2.5: CB User List access only checking one ACL group

Actions

Also available in: Atom PDF