Welcome, Guest
Username: Password: Remember me
  • Page:
  • 1

TOPIC:

[info] how to limit Backend-access 8 years 5 months ago #12510

  • Bluefox
  • Bluefox's Avatar Topic Author
  • Offline
  • Moderator
  • Moderator
  • Posts: 4525
  • Thank you received: 492
It can happen that you want to give an user backend-access but you only want them to show JEM and the other stuff should be hidden. So how would/can you do that?

maybe this info can help a bit.

- install JEM quickicon-plugin, this icon will be shown to the users when he is logged in in the backend.
- Go to Users->Groups
- Add Usergroup (group parent="public")
- Go to Global Configuration->Permission->*createdgroup*
- Select setting for AdminLogin
- Go to Users->AccessLevels->special
- check *createdgroup*
- Go to JEM-controlpanel
- Click at the Options button
- select permission for the *createdgroup*
- click at the save&close button after that
- Go to users->usermanager
- select your user and add the *createdgroup*

At this point the user will have access to the backend and it will be limited but the user will see an option to edit his profile. This is default but it can be changed by editing PHP files.


Links in site
In there you will find a link to edit the profile

it can be stripped by modifying:
- administrator/modules/mod_menu/tmpl/default_enabled.php
take a look and you'll see the links, if you don't want it to appear disable it.


Quickicon button, profile
This can be changed in:
- administrator/modules/mod_quickicon/helper.php
in there you'll see the link to the profile and access = true. This will mean the button is always shown. Basicly you can disable that array to have it not appear.


//

With accesslevels you can choose only the creategroup but doing so
won't show anything in the back, so that's why we're selecting special.
The reason for not showing is that the backend modules are shown to the group "special"
(won't respond to PM)
==================================================================
running: pre-alpha JEM 4.x (custom version) + Joomla 4.0.0-beta7 + PHP 7.3
Attachments:
The following user(s) said Thank You: Hoffi

Please Log in or Create an account to join the conversation.

Last edit: by Bluefox.

[info] how to limit Backend-access 8 years 5 months ago #12511

  • Hoffi
  • Hoffi's Avatar
  • Offline
  • Platinum Member
  • Platinum Member
  • Posts: 2279
  • Thank you received: 449
Thanks Bluefox.

But keep in mind:
Using access level "special" means that user will also see on frontend all things (categories, articles, menu items, ...) set to this access level.

Also hiding links as you suggest by patching modules does not deny user from accessing those things. He only needs / find out the right url themself.

So you should be carefully giving users access to backend. And try it intensive with a test user (incl. links he can't see but you as admin).

Better: Advance this user to an admin with contract. So you are guarded and have an additional ressource for all your work. B)
Pessimists are optimists with experience!

Please Log in or Create an account to join the conversation.

[info] how to limit Backend-access 8 years 5 months ago #12512

  • Bluefox
  • Bluefox's Avatar Topic Author
  • Offline
  • Moderator
  • Moderator
  • Posts: 4525
  • Thank you received: 492
@Hoffi

You've some good point there :)
(didn't think of those things)

About the usergroup "special": it's possible to use the newly created group but in that case you have to redefine modules etc to point visible to that group.
(won't respond to PM)
==================================================================
running: pre-alpha JEM 4.x (custom version) + Joomla 4.0.0-beta7 + PHP 7.3

Please Log in or Create an account to join the conversation.

[info] how to limit Backend-access 8 years 5 months ago #12513

  • Bluefox
  • Bluefox's Avatar Topic Author
  • Offline
  • Moderator
  • Moderator
  • Posts: 4525
  • Thank you received: 492
some info about adding/specifying modules backend to a usergroup:

- go to extensionmanager->modules
- you'll see filter "site", select "admin"
- click button new
- select what you want and fill in the details of the module
- be aware to select the created usergroup


preventing access to the profile-edit completely is a bit tougher as it's a allowed default-setting. but maybe it can be done by altering:
- administrator/components/com_admin/controllers/profile.php
In there is a function "AllowEdit"

Basicaly we can add code to check if we're dealing with the front/back and if the user is a superadmin. But it's probably to advanced for now.
(won't respond to PM)
==================================================================
running: pre-alpha JEM 4.x (custom version) + Joomla 4.0.0-beta7 + PHP 7.3

Please Log in or Create an account to join the conversation.

Last edit: by Bluefox.

[info] how to limit Backend-access 8 years 5 months ago #12515

  • Hoffi
  • Hoffi's Avatar
  • Offline
  • Platinum Member
  • Platinum Member
  • Posts: 2279
  • Thank you received: 449

About the usergroup "special": it's possible to use the newly created group but in that case you have to redefine modules etc to point visible to that group.

Do you mix "user group" and "access level"?

In a user group you define rights to modify (e.g. create, delete, edit, configure) things.
An access level is for read access only. The level itself has no settings, it's only used. Each item (e.g. article, category, menu (item)) is set to exact one access level. Then all users which are member of a user group allowed to access this access level can see the item. (rights and access level are inherited when groups are derived)

On backend it's a little bit different. Because a super user must be able to manage all he also must see all.
Pessimists are optimists with experience!

Please Log in or Create an account to join the conversation.

[info] how to limit Backend-access 8 years 5 months ago #12516

  • Bluefox
  • Bluefox's Avatar Topic Author
  • Offline
  • Moderator
  • Moderator
  • Posts: 4525
  • Thank you received: 492

Do you mix "user group" and "access level"?

hmm, think so.. time for a coffee-break and will let this rest.


//
Actually i do have:
- a usergroup: JEM-Users
- Accesslevel: JEM
The usergroup is linked to that access-level

an yep the modules are pointing to that access-level
(won't respond to PM)
==================================================================
running: pre-alpha JEM 4.x (custom version) + Joomla 4.0.0-beta7 + PHP 7.3

Please Log in or Create an account to join the conversation.

Last edit: by Bluefox.
  • Page:
  • 1
Time to create page: 0.353 seconds

Donate

If you find JEM useful and if you use it on your site, please consider a donation to the project.

Private Messages

You are not logged in.

Follow us......