Access Control Lists in Joomla

ACL or Access Control List is a concept of limiting an access to a certain user and is being used in Joomla since version 1.6. If you are in a situation in which a single user or a group of users have to see certain pages but not others or you want to limit access to certain operations, like edit or delete etc, then you can take advantage of ACL. If you are developing a simple website then ACL may not be needed and you dont have to alter Joomla default settings as the default ACL settings have everything you need in almost 90% of sites, but if it is very complex one you can use advanced ACL concept by creating new user groups and assigning new controls to them.

   You would need 4 configurable elements in order to make ACL, work properly. These comprise on “users”, “core permissions”, “groups”, “access levels”. 

Users are indeed the accounts we make for other members to allow them to login to frontend or backend. Users are then assigned to groups. “Core permissions” actually define that what this group is capable of doing. There are basically 10 core permissions in Joomla 3.x.

• create
• edit
• edit your own
• edit state
• delete
• access component
• site login
• admin login
• super administrator
• offline access permission

Keep in mind that core permissions are assigned to groups, not individual users. So, if you want a permission for a single user only, you have to create a group for that single user only. Joomla default groups are, 

Public Group, registered, author, editor, publisher, manager, administrator, super user. You can create, edit or delete any user group, if you have super user access to backend. Access levels indeed control what specific groups are allowed to view and which operations they can perform at frontend. These include. Public, Registered and Special and they are available since Joomla 1.6. Public means that everybody can view the content, while registered means that only registered users can view and special means only authors, editors, publishers, managers, administrators and super users can view the content.

Users      

As you already know that Joomla creates a super user account, when u install it and after installation you are able to login to its backend through that username / password combination. This is the frontend of the website located at http://localhost/breed where breed is the name of the folder, containing our Joomla installation. To access backend, we have to go to http://localhost/breed/administrator to login to backend. Here we will give appropriate username and password and then press login. Now to get to user manager, you can either press the “User Manager” tab at frontend panel or can go to Users –> User manager and you will be at users management page. Currently we have a single user and we have loggedin with that. You can also see the user group the user is assigned to and in this case is, “Super Users”. So, when we click on the username, we are directed to an edit page where we can change the information we want.

There is an “Assigned User Groups” section at the edit page where we can assign different groups to this specific user and currently for this user account, we have super user group, but we can have more user groups if we want by checking the appropriate checkboxes. On the right panel, are the details like setting backend template styles, language for both front and backend for this specific user and also the editor and time. 

Each user in Joomla must be assigned with atleast one user group. Permissions are assigned to a user group and then are passed to the user, registered under that group.