Actions
Feature proposal #2903
closed
J1.7: Limiting backend access using joomla 1.7 ACL
Description
http://groups.google.com/group/joomla-dev-general/browse_frm/thread/cefcd16974adf96e?pli=1
Can be easily implemented as follows:
https://github.com/mahagr/Kunena-1.6/commit/81b7a10d3e4fefa6b6553112a4e63533e3e8cbf6
Details in case the original link doesn't work:
administrator/components/com_kunena/access.xml View file @ 81b7a10
... ...
@@ -2,17 +2,7 @@
2 2
<!DOCTYPE access>
3 3
<access component="com_kunena">
4 4
<section name="component">
5
- <action name="core.admin" title="JAction_Admin" description="JAction_Admin_Component_Desc" />
6
- <action name="core.manage" title="JAction_Manage" description="JAction_Manage_Component_Desc" />
7
- <action name="core.create" title="JAction_Create" description="JAction_Create_Component_Desc" />
8
- <action name="core.delete" title="JAction_Delete" description="JAction_Delete_Component_Desc" />
9
- <action name="core.edit" title="JAction_Edit" description="JAction_Edit_Component_Desc" />
10
- <action name="core.edit.state" title="JAction_Edit_State" description="JAction_Edit_State_Component_Desc" />
11
- </section>
12
- <section name="category">
13
- <action name="core.create" title="CATEGORY_ACCESS_CREATE" description="CATEGORY_ACCESS_CREATE_DESC" />
14
- <action name="core.delete" title="CATEGORY_ACCESS_DELETE" description="CATEGORY_ACCESS_DELETE_DESC" />
15
- <action name="core.edit" title="CATEGORY_ACCESS_EDIT" description="CATEGORY_ACCESS_EDIT_DESC" />
16
- <action name="core.edit.state" title="CATEGORY_ACCESS_EDITSTATE" description="CATEGORY_ACCESS_EDITSTATE_DESC" />
5
+ <action name="core.admin" title="JACTION_ADMIN" description="JACTION_ADMIN_COMPONENT_DESC" />
6
+ <action name="core.manage" title="JACTION_MANAGE" description="JACTION_MANAGE_COMPONENT_DESC" />
17 7
</section>
18 8
</access>
administrator/components/com_kunena/config.xml View file @ 81b7a10
... ...
@@ -0,0 +1,8 @@
1
+<?xml version="1.0" encoding="utf-8" standalone="yes"?>
2
+<!DOCTYPE config>
3
+<config>
4
+ <!-- Joomla 1.6 Support -->
5
+ <fieldset name="permissions" label="JCONFIG_PERMISSIONS_LABEL" description="JCONFIG_PERMISSIONS_DESC">
6
+ <field name="rules" type="rules" label="JCONFIG_PERMISSIONS_LABEL" class="inputbox" filter="rules" validate="rules" component="com_kunena" section="component" />
7
+ </fieldset>
8
+</config>
administrator/components/com_kunena/admin.kunena.php View file @ 81b7a10
... ...
@@ -21,6 +21,13 @@
21 21
22 22
defined( '_JEXEC' ) or die();
23 23
24
+// Access check.
25
+if (version_compare(JVERSION, '1.6', '>')) {
26
+ if (!JFactory::getUser()->authorise('core.manage', 'com_kunena')) {
27
+ return JError::raiseWarning(404, JText::_('JERROR_ALERTNOAUTHOR'));
28
+ }
29
+}
30
+
24 31
// Start output buffering to cleanup if redirect
25 32
ob_start();
+COM_KUNENA_CONFIGURATION="Kunena Forum Options"
administrator/components/com_kunena/toolbar.kunena.html.php View file @ 81b7a10
... ...
@@ -26,7 +26,16 @@ defined( '_JEXEC' ) or die();
26 26
// ################################################################
27 27
class CKunenaToolbar
28 28
{
29
+ function _CPANEL_MENU()
30
+ {
31
+ if (version_compare(JVERSION, '1.6', '>')) {
32
+ if (JFactory::getUser()->authorise('core.admin', 'com_kunena')) {
33
+ JToolBarHelper::preferences('com_kunena');
34
+ }
35
+ }
36
+ }
Updated by beat about 12 years ago
- Status changed from New to Closed
- Assignee set to beat
- % Done changed from 0 to 100
Implemented in r1670 + r1671 as follows: J2.5: Fixed all ACL bugs and added support for Permissions settings, namely bug #3044, completes Joomla 2.5 support: Feature #3179 and Feature #2903 : J1.7: Limiting backend access using joomla 1.7 ACL, and bug #3000 : J2.5: CB User List access only checking one ACL group
Actions