Join Jen Kramer for an in-depth discussion in this video Testing logins, part of Joomla! 1.7 and Joomla! 2.5: Access Control Lists in Depth.
The last step after you go through and configure ACL for a particular situation on the website is to be sure to cycle through your logins and make sure everything works exactly according to plan. So we've created a login for Joe, we assigned him to the Marketing Group, and we allowed him to login into the back end of the website, have access to menus, the Media Manager, the Article Manager, and the Category Manager, and the Web links component as well as the menus. So let's take a look and make sure that we haven't broken anything in the process and that somebody can't login to the back end of the website that we weren't expecting.
So if I take a look here in Chrome juts as I said, if I go into the Article Manager I see that some of the items are grayed out can't be edited, other items can be edited. I can always filter my categories using the dropdown here in the top, let's say I want to look at just the Employees articles or if I want to look at just the Collections articles I can filter those and take a look at what's there. I can certainly click on one of these, I can take a look at it, I can go ahead and add some additional text, or I can make any kind of edits that I want to make to this particular screen and when I hit Save & Close those changes are saved, so that's all working correctly.
I can always go to the Media Manager and I know that I can upload pictures here into the Media Manager and then that's working correctly. I also have already tested the Web links and I know that I can add new links to the website. I can also go into my main menu, I can click on menu items and I can make changes here however I want to make changes and hit the Save & Close button at the top of the screen, and those changes are saved. So now I'm going to logout as Joe using the Log out button over here in the far right, and I'll try to login as employee which is the other group that Joe belongs to and if I hit Log in I do get a notice here saying that I don't have access to the administrator section of the site, that's absolutely true because the Employee login only has the site login permission so I shouldn't be able to log into the back of the website.
If I try log in as Sara I also can't login to the back end of the website, I'd get the same error. So it looks like things are going well here, things are working according to expectations, and Joe is very, very happy that he now can get into the website and make the changes that he needs without involving a Super User in the process.
- Introducing access control lists
- Defining users, groups, and access levels
- Assigning core permissions
- Creating users and assigning them to groups
- Assigning viewing access levels to modules, articles, and categories
- Customizing back-end editing for improving client usability
- Adjusting permissions for each category of content
- Hiding a site behind a login