Access Control List
From Joomla! Documentation
Revision as of 02:19, 18 July 2009 by Robin.muilwijk
ACL for publishing workflow
There are several different kinds of users in Joomla and each has a set of permissions granted to them:
Guests - Anonymous users of the website, no special rights.
Registered Users - Normal visitors who register.
Authors- Can submit content for approval in the front end only. Can edit their own content once published. A publisher or higher must approve new content before it goes live.
Editors - Can submit or edit all existing content, front end only. A publisher or higher must approve new pages before they go live, updates to existing content go live immediately.
Publishers - Can publish plus do any of the above, front end only.
Managers, Admins and Super Admins - All of the above plus can log into the back end w/increasing rights.
After installation, Joomla starts out with one super administrator. To add or edit new users manually, you must be at least a manager. To create admins, you must be a Super Admin.
TIP. For a small organization with one web master, much of this may be unnecessary. But even if you choose not to use a publishing workflow, having a publisher or manager user is a nice way to simplify the options for less experienced users.
ACL for displaying content
Aside from fontend/backend permissions, you may also use ACL to display certain content to certain visitors. Currently there are only three choices for using ACL this way. They are Public, Registered, and Special (which stands for Authors and above). You can assign the access level to any menu item, article or module in the back end. The default is "public", but by choosing “registered” or “special”, the item will only appear to that user group and above.
TIP. "Special" ACL is used for the User Menu items in the default sample content. This allows for links such as "submit article" to be only visible for author users and above.
TIP. You can use "registered" ACL as an simple way to create member’s only content.
TIP. You can safely experiment on a live site by using access levels. Simply assign something (such as a new menu item and page) to the “special” access level and publish it. Then only users who are author and above will ever see it. (Don’t forget to log in to the front end before viewing the live site, or it won’t appear).
After installation, Joomla starts out with one super administrator. To add or edit users, you must be at least a manager. To create admins, you must be a Super Admin. For a small organization with one web master, much of this may be unnecessary. But even if you don’t use a publishing workflow, having a publisher or manager user is a nice way to simplify the options for less experienced users.
Registering and ACL
If someone registers at your site, a new user is created automatically. Normally these new users will become Registered Users, however you may choose your preferred access level in Joomla's global configuration.