Actions

Difference between revisions of "ACL Technique in Joomla!"

From Joomla! Documentation

(References)
m (removing 1.7, still testing varchar use)
 
(12 intermediate revisions by 3 users not shown)
Line 1: Line 1:
{{JVer|Platform}}{{JVer|2.5}}{{JVer|3.0}}
+
{{version|2.5,3.1|platform=11.1}}{{incomplete}}{{RightTOC}}
 +
 
 
A technical overview of how Access Control is implemented in Joomla!.
 
A technical overview of how Access Control is implemented in Joomla!.
 +
 +
== Introduction ==
 +
TODO: short intro about different parts that work together as one Access Control system.
  
 
== The #__assets table ==
 
== The #__assets table ==
 +
The #__assets database table has the following structure (MySql):
 +
<source lang="mysql">
 +
CREATE TABLE IF NOT EXISTS `#__assets` (
 +
  `id` int(10) unsigned NOT NULL AUTO_INCREMENT COMMENT 'Primary Key',
 +
  `parent_id` int(11) NOT NULL DEFAULT '0' COMMENT 'Nested set parent.',
 +
  `lft` int(11) NOT NULL DEFAULT '0' COMMENT 'Nested set lft.',
 +
  `rgt` int(11) NOT NULL DEFAULT '0' COMMENT 'Nested set rgt.',
 +
  `level` int(10) unsigned NOT NULL COMMENT 'The cached level in the nested tree.',
 +
  `name` varchar(50) NOT NULL COMMENT 'The unique name for the asset.',
 +
  `title` varchar(100) NOT NULL COMMENT 'The descriptive title for the asset.',
 +
  `rules` varchar(5120) NOT NULL COMMENT 'JSON encoded access control.',
 +
  PRIMARY KEY (`id`),
 +
  UNIQUE KEY `idx_asset_name` (`name`),
 +
  KEY `idx_lft_rgt` (`lft`,`rgt`),
 +
  KEY `idx_parent_id` (`parent_id`)
 +
);
 +
</source>
 +
 
TODO: describe the Assets database table. Fields, layout and purpose.
 
TODO: describe the Assets database table. Fields, layout and purpose.
 +
 +
Also see: [[Fixing the assets table]]
  
 
== JTableAsset ==
 
== JTableAsset ==
 
TODO: describe the methods of JTableAsset, a JTableNested.
 
TODO: describe the methods of JTableAsset, a JTableNested.
Also see: http://docs.joomla.org/JTableAsset and subpages
+
 
 +
Also see:  
 +
* http://docs.joomla.org/JTableAsset and subpages
 +
* http://api.joomla.org/Joomla-Platform/Table/JTableAsset.html
  
 
== JAccessRule and JAccessRules ==
 
== JAccessRule and JAccessRules ==
 
TODO: describe the methods of AccessRule and JAccessRules
 
TODO: describe the methods of AccessRule and JAccessRules
Also see: deprecated docs.joomla.org/JRule, docs.joomla.org/JRules and subpages
+
 
 +
Also see:  
 +
* deprecated http://docs.joomla.org/JRule, http://docs.joomla.org/JRules and subpages
 +
* http://api.joomla.org/Joomla-Platform/Access/JAccessRule.html and http://api.joomla.org/Joomla-Platform/Access/JAccessRules.html
  
 
== JAccess ==
 
== JAccess ==
 
TODO: describe the (static) methods and (static) properties of JAccess
 
TODO: describe the (static) methods and (static) properties of JAccess
Also see: http://docs.joomla.org/JAccess and subpages
+
 
 +
Also see:  
 +
* http://docs.joomla.org/JAccess and subpages
 +
* http://api.joomla.org/Joomla-Platform/Access/JAccess.html
  
 
== Users, Usergroups and View Access Levels ==
 
== Users, Usergroups and View Access Levels ==
 +
Used tables and classes
 +
 
Also see: http://docs.joomla.org/Access_Control_System_In_Joomla_1.6
 
Also see: http://docs.joomla.org/Access_Control_System_In_Joomla_1.6
  
 
== JUser authorisation methods and properties ==
 
== JUser authorisation methods and properties ==
 
TODO: describe the authorisation methods and properties of JUser: authorise(), authorisedLevels(), getAuthorisedCategories(), getAuthorisedGroups(), getAuthorisedViewLevels(), $_authActions, $_authGroups, $_authLevels
 
TODO: describe the authorisation methods and properties of JUser: authorise(), authorisedLevels(), getAuthorisedCategories(), getAuthorisedGroups(), getAuthorisedViewLevels(), $_authActions, $_authGroups, $_authLevels
Also see: http://docs.joomla.org/JUser and subpages
+
 
 +
Also see:  
 +
* http://docs.joomla.org/JUser and subpages
 +
* http://api.joomla.org/Joomla-Platform/User/JUser.html
 +
* http://api.joomla.org/Joomla-Platform/User/JUserHelper.html
 +
* http://api.joomla.org/Joomla-Platform/User/JAuthentication.html and http://api.joomla.org/Joomla-Platform/User/JAuthenticationResponse.html
 +
* http://api.joomla.org/Joomla-Platform/Table/JTableUser.html and http://api.joomla.org/Joomla-Platform/Table/JTableUsergroup.html
  
 
== JTable methods and properties for storing access permissions ==
 
== JTable methods and properties for storing access permissions ==
 
TODO: describe the JTable methods and properties for storing access permissions: getRules(), setRules(), etc.
 
TODO: describe the JTable methods and properties for storing access permissions: getRules(), setRules(), etc.
 +
 
http://docs.joomla.org/JTable is only for 1.5 and lacks those new methods and properties
 
http://docs.joomla.org/JTable is only for 1.5 and lacks those new methods and properties
 +
 +
Also see:
 +
* http://api.joomla.org/Joomla-Platform/Table/JTable.html
  
 
== access.xml ==
 
== access.xml ==
 
TODO: describe the use of the access.xml file
 
TODO: describe the use of the access.xml file
 +
 +
== setting permissions in a form ==
 +
TODO: describe the use of a "rules"-fieldset to set the permissions
 +
 +
== ACL-related methods in JControllerForm and JModelAdmin ==
 +
TODO: describe what those methods do, how they are used and when/how to override them.
 +
* JControllerForm: allowAdd(), allowEdit(), allowSave()
 +
* JModelAdmin: canDelete(), canEditState()
  
 
== How it all comes together ==
 
== How it all comes together ==
TODO: describe how the above parts are used together in a workflow
+
TODO: describe how all the above parts are used together in a workflow
  
 
== Further reading ==
 
== Further reading ==

Latest revision as of 06:49, 25 April 2013

Quill icon.png
Content is Incomplete

This article or section is incomplete, which means it may be lacking information. You are welcome to assist in its completion by editing it as well. If this article or section has not been edited in several days, please consider helping complete the content.
This article was last edited by Tom Hutchison (talk| contribs) 17 months ago. (Purge)

Contents

A technical overview of how Access Control is implemented in Joomla!.

Introduction

TODO: short intro about different parts that work together as one Access Control system.

The #__assets table

The #__assets database table has the following structure (MySql):

CREATE TABLE IF NOT EXISTS `#__assets` (
  `id` int(10) unsigned NOT NULL AUTO_INCREMENT COMMENT 'Primary Key',
  `parent_id` int(11) NOT NULL DEFAULT '0' COMMENT 'Nested set parent.',
  `lft` int(11) NOT NULL DEFAULT '0' COMMENT 'Nested set lft.',
  `rgt` int(11) NOT NULL DEFAULT '0' COMMENT 'Nested set rgt.',
  `level` int(10) unsigned NOT NULL COMMENT 'The cached level in the nested tree.',
  `name` varchar(50) NOT NULL COMMENT 'The unique name for the asset.',
  `title` varchar(100) NOT NULL COMMENT 'The descriptive title for the asset.',
  `rules` varchar(5120) NOT NULL COMMENT 'JSON encoded access control.',
  PRIMARY KEY (`id`),
  UNIQUE KEY `idx_asset_name` (`name`),
  KEY `idx_lft_rgt` (`lft`,`rgt`),
  KEY `idx_parent_id` (`parent_id`)
);

TODO: describe the Assets database table. Fields, layout and purpose.

Also see: Fixing the assets table

JTableAsset

TODO: describe the methods of JTableAsset, a JTableNested.

Also see:

JAccessRule and JAccessRules

TODO: describe the methods of AccessRule and JAccessRules

Also see:

JAccess

TODO: describe the (static) methods and (static) properties of JAccess

Also see:

Users, Usergroups and View Access Levels

Used tables and classes

Also see: http://docs.joomla.org/Access_Control_System_In_Joomla_1.6

JUser authorisation methods and properties

TODO: describe the authorisation methods and properties of JUser: authorise(), authorisedLevels(), getAuthorisedCategories(), getAuthorisedGroups(), getAuthorisedViewLevels(), $_authActions, $_authGroups, $_authLevels

Also see:

JTable methods and properties for storing access permissions

TODO: describe the JTable methods and properties for storing access permissions: getRules(), setRules(), etc.

http://docs.joomla.org/JTable is only for 1.5 and lacks those new methods and properties

Also see:

access.xml

TODO: describe the use of the access.xml file

setting permissions in a form

TODO: describe the use of a "rules"-fieldset to set the permissions

ACL-related methods in JControllerForm and JModelAdmin

TODO: describe what those methods do, how they are used and when/how to override them.

  • JControllerForm: allowAdd(), allowEdit(), allowSave()
  • JModelAdmin: canDelete(), canEditState()

How it all comes together

TODO: describe how all the above parts are used together in a workflow

Further reading

More information on Joomla!'s Access Control can be found on the following pages:

Contributors