ACL presentation Hannes Pappenberg on Dutch Joomla!day 5 April 2008
13
26.03.08 Access Control Lists & Joomla 1.6 - An Intimate Encounter With The Beast
-
Upload
wilco-jansen -
Category
Technology
-
view
5.169 -
download
0
description
ACL presentation Hannes Pappenberg on Dutch Joomla!day 5 April 2008
Transcript of ACL presentation Hannes Pappenberg on Dutch Joomla!day 5 April 2008
26.03.08
Access Control Lists & Joomla 1.6-
An Intimate Encounter With The Beast
26.03.08
Joomla! User & Access Management
Why does Joomla need a new access management?
Current Situation:•7 fixed groups•A bit random group IDs•3 different ways for access checks•No way to restrict two groups to different content
26.03.08
Joomla! User & Access Management
What do we try to achieve?•Infinite groups•Adjustable rights•Content is taken into the equation•Connection to existing user control systems
26.03.08
Joomla! User & Access Management
By what means do we achieve this goal?➔Access Control Lists!
26.03.08
Joomla! User & Access Management
What are these ominous Access Control Lists? (ACL)•ARO (user), ACO (action), AXO (content), ACL (rule)•like a language with simple, fixed grammar•subject, predicate, object (optional)•User and content groups
26.03.08
Joomla! User & Access Management
Implementation in Joomla!•phpGACL class•Usermanager•Access Manager (Global and component specific)•Content Access Management
26.03.08
Joomla! User & Access Management
phpGACL or JACL?•Generic ACL class by Mike Benoit in PHP•Class to manage access rights•JACL: exchangeable?•Framework class to wrap phpGACL•Plugin driven
26.03.08
Joomla! User & Access Management
Usermanager: Users and Groups•Allows to assign users to several groups•Users and Groups in one screen•Treestructure•Additional group: Unassigned
26.03.08
Joomla! User & Access Management
Global Access Manager•Allows to create simple 2 dimensional rules for global access rights
Component Access Manager•Allows to create 2 and 3 dimensional rules for the specific component•Driven by an XML file•Similar to com_config
26.03.08
Joomla! User & Access Management
Content Access Management•Allows to assign content to access roles•Integrated in the edit screen of the content object•HTML snippets both for content groups and content objects
26.03.08
Joomla! User & Access Management
Problems•phpGACL in its current form is very slow•Design of the UI of the Access Manager•Overall performance•Upgrading/Migration from 1.5 to 1.6
26.03.08
Joomla! User & Access Management
Questions?
