Support

What we can do for you

User Manual

Control Panel

Menu path: Components => MijoACL => Control Panel

The control panel is the main page of MijoACL's administration from where you can control all of MijoACL's functionality. It is divided into three sections:

1. Top - navigation menu and informative or error messages
2. Left - action buttons (these will be described in another chapters)
3. Right - informative panels

control panel


MijoACL Panel
Provides basic information about the currently installed version of MijoACL with its links to Miwisoft website, license and Copyright. It also shows the newest version available, if version checker is not disabled.

  control panel 1


Status Panel
Shows the status of ACL related configuration on your website with buttons to enable or disable them, so you can control all the most important configuration at one place. Remember that all of the messages must be green so that MijoACL could work fine.

  control panel 2

Configuration

Main

configuration

MijoACL
Enable
This option controls whether MijoACL will be used to process Access Control on your site.
Default value: Yes

Enable Version Checker
If set to Yes, MijoACL notifies if a new version is enabled. You can disable if there is any connection problem with www.miwisoft.com website.
Default value: Yes

Personal ID
Enter the Personal ID if you have purchased the paid version of MijoACL. The Personal ID is used to identify your copy and install/upgrade the copyright-free version.
Default value: Yes

Show database errors
Show fatal errors if database functions fails. It is highly recommended to not enable this option until you know what you're doing.
Default value: No

Instant Cache
Instant cache will use your server's RAM to cache records (permissions, rules, extensions) instantly. You don't have to clean the instant cache. Use the Permanent Cache for large websites.
Default value: Yes

Permanent Cache
Version Info
Caching Version Info will increase the loading speed of the backend area (Control Panel) of MijoACL. The life time is 1 day for Version Info's cache.
Default value: Yes

Extensions’ Parametres
Caching Extensions' Parameters will decrease the queries made to database and speed-up your site. Beware that if you enable this option and later you change the extensions' setting then you need to clean the cache as the settings are stored/cached in a file.
Default value: No

ACL
Enable inheritance
Inheritance is done only through Global=>Component=>Category=>Item hierarchy, not Groups hierarchy. Click here to learn more about inheritance.
Default value: Yes

Show inheritance info
Show inheritance description in permissions page.
Default value: Yes

User based permissions
If is set to Yes, MijoACL will try to find if there is any permission assigned to the user logged in and apply it, otherwise will apply his/her group permissions. It is highly recommended to disable this feautre if you don't use it, it will improve the performance.
Default value: No

Show error message
Select whether to show error message if any visitor/user has no rights to reach that page. This can be overriden by each MijoACL extension.
Default value: Yes

Default action
MijoACL checks permission records according Global=>Component=>Category=>Item hierarchy. If there is no permissions (allow/deny) set for that action/rule (access, delete, edit, move etc) then the default action will be applied.
Default value: Deny

Front-end Redirect
The link that the user/visitor will be redirected if he/she has no rights to reach that page in front-end. Do not enter your domain name. Leave empty to redirect to home page. This can be overriden from extensions' parameters.
Default value:  (empty)

Back-end Redirect
The link that the user/visitor will be redirected if he/she has no rights to reach that page in back-end. Do not enter your domain name. Leave empty to redirect to the control panel of admin side. This can be overriden from extensions' parameters.
Default value:  (empty)

Disable-ACL variables
List of globaly applied disable-ACL variables that will prevent Access Control in case of they are included in non-SEF (Real) URL. Seperate them by comma: catid, view=article.

Custom Error Message
Here you can enter a custom error message instead of the default 'You are not authorized' one that will be displayed if any visitor/user has no rights to reach that page. This can be overriden by each MijoACL extension.
Default value: (empty)

Extensions

MijoACL is written 100% in a modular way so each component has its own options.

Beware that currently MijoACL Extensions are a MUST to run the Access Control.

extension


Install / Upgrade
You can quickly install a new or upgrade manually any extension by selecting the ZIP file and subsequently clicking the "Upload file & Install" button. Try to change your browser if you came across with any issue.


Toolbar


Uninstall
You can select one or more extensions and uninstall them on the fly.

Publish/Unpublish
To run the Access Control the state of the extension (component) should be published. That means that to skip any extension (component) from Access Control you should unpublish it's extension

Clean Cache
You can delete even a single record from the cache.

Functions

Ext. Status
From this field you can upgrade, get or order an extension. Click here to learn how to upgrade commercial extensions automatically.

Extensions Parameters

As you can see there are two tabs of options, Common tab and Global Rules tab. Each extension is made according the component that represent. In this way, "Global Rules" tab has different selection for each extension. On the other hand, the Common tab is same for all extensions.

extension2 extension1 

Common tab options
These options ovverides the Configuration's one. Click here to learn more about what are these options used for.

Component / Category / Item Rules
Here you can select the Global Rules that you want to be able to show and set them from the Permisions page.

Groups

Here you can add, edit and delete special groups. 

groups groups1 

Default Joomla! groups can not be edited or deleted. The purpose of this protection is to offer you the possibility to remove MijoACL later and continue running your site without any issue. 

MijoACL creates the Guest & Super User special groups automatically. As you can understand from their names, the "Guest" group offers you the possibility to assign permissions to visitors not logged in and the "Super User" offers you the possibility to allow any user to DO EVERYTHING without any Access Control. 

As mentioned in this article, there is NO GROUP INHERITANCE and MijoACL uses groups just to categorize users and the name of the group does not matter in any way. Another important point is that if one group gives you access then you are in. 

Users

Here we are in the User management section where you can add, edit, delete and logout users. Also, you can take more actions like Move to Main-Group, Add to Multi-Gorup and Remove from Multi-Group.

NOTE: When you try to open the "User Manager" of Joomla you will be redirected to MijoACL User Manager.

Users

As you know, in Joomla! 1.5 users can be assigned to only one group. By using MijoACL you have the opportunity to assign users to multiple groups.

Super User
Super User is a special group that allows the user to DO EVERYTHING without any Access Control if he/she is assigned to this group.

Main-Group vs Multi-Group
As mentioned above, MijoACL allows you to assign a user to multiple groups. However, Joomla 1.5 stores the user's group in 2 different places, the first one is what we call "Main-Group" and the second "Multi-Group". Some components like Kunena uses the "Main-Group" to check who is admin etc. so we strongly recommend you to set the group with higher rights as "Main-Group". For example, if you're going to assign any user to 2 groups, Administrator and Author, select the Administrator from "Main-Group" list and Author from "Multi-Group" list.

Users-Options Users-Options-1
Users-Options-2 Users-Options-3

Rules

In this section you can add, edit or delete rules for each component, category or item.

Before starting, lets explain what are these rules. Rules are the actions such as access, edit, delete etc. that users perform on your site. These rules are used in Permissions page to set who can perform what and later controlled by MijoACL. Except the static Global Rules, other rules can be component, category or item based.

MijoACL will automatically create 10 Global Rules after installation and they can not be deleted or modified. The purpose of this protection is because those rules are used by other components too.

rules1   rules2

Global Rules


Login
: Restricts who can log-in in Front-end and Back-end separately
Access: Restricts who can access/view any component/category/item in Front-end
Manage: Restricts who can access/view any component in Back-end
Configure: Restricts who can configure any component in Back-end
Create: Restricts who can create any category/item in Front-end and Back-end separately
Delete: Restricts who can delete any category/item in Back-end
Edit: Restricts who can edit any category/item in Front-end and Back-end separately
Edit Own: Restricts who can edit it's own items in Front-end and Back-end separately
Edit State: Restricts who can edit the state (publish, archive) of any category/item in Back-end
Copy: Restricts who can copy any item in Back-end
Offline Login: Restricts who can log-in in Front-end and Back-end separately when your site is offline

You can also create as much rules as you want manually.

New/Edit Rule


Title
It's the title of Rule you will define. It can be whatever you want.

Component
If the rule will be used by more than one component then you should select "Global".

Category / Item
These are optional. If the rule will be component based then do not select any category. If the rule will category based then do not select any item.

Name
If you use the Component/Category/Item select boxes then the name will be generated automatically. You can also fill the name manually if you know the name of component and the ID of category or item. The rule name does also reflect it's level, component, category or item based. The format of rule names MUST be like this:

  Component: com_foo ==> com_content
  Category: com_foo.category.category_id ==> com_content.category.4
  Item: com_foo.item.item_id ==> com_conten.item.26

Action
This is the action that will be allowed/denied, such as edit, delete, move etc. It must be lower case. Generally you can get it from the non-SEF (Real) URL, like view=edit or task=move.

Client
Here you can set where the rule will be applicable (Front-end, Back-end or Both).

Level
Here you can select if the rule will be component, category or item based. If the Name contains .category.x then the Component option will be disabled. If the Name contains .item.x then the Component and Category options will be disabled. These automatic protections will be help to not make any mistake.


EXAMPLE RULE
Lets say that I'm using jDownloads component and I want to be able to set permissions for the Search page. In order to do that I should create a custom rule manually or expect to be create by the jDownloads extension for MijoACL. Assume that it is not created by the extension and we should create it manually.

First of all, I must obtain the non-SEF URL: index.php?option=com_jdownloads&view=search&Itemid=133

2 variables of this URL suits to me, the option and view. So lets create the rule:

Title: Search page
Component: I can select the jDownloads component from the list
Category: None, do not select any
Name: If I've select the component above then it'll be automatically filled as com_jdownloads, otherwise I can use the option variable from the above URL
Action: search , I obtained this from the above link, view=search
Level: I'll select just Component as the search page is not affected by category/item

That's it. The rule is ready to be allowed/denied. Don't forget to set the permissions for this rule otherwise the Default action will be applicable because it's custom rule and there is no Global Rule like this so that the permssions could be inherited.

Permissions

Here we are in the Permissions management section where you can filter and set all permissions.

Beware that currently MijoACL Extensions are a MUST to set permissions and run the Access Control.

permissions

Permissions are seperated in tabs to easy the usability. You can also manage all permissions from "All-in-one" tab.

Firstly, determine the permissions you wanna manage by using filters. After you've set permission (Allow / Deny / Inherit) save or apply your changes.

Check the following images to learn how to set Global, Component, Category and/or Item based permissions.

permissions permissions2
permissions3 permissions4 permissions5


You can also check this article to learn how does the permission hierarchy of MijoACL works.

Permission states

There are 5 permisison states available:

NS: Not Set, it means that there is no permission set for this rule/action even in Global. In this case the MijoACL=>Configuration=>Default action will be applied
A: Allowed, this gives rights for that rule/action
D: Denied, this removes rights for that rule/action
IA: Inherited Allowed, it means that there is no permission set for this rule/action but it is allowed in upper levels
ID: Inherited Denied, it means that there is no permission set for this rule/action but it is denied in upper levels

Developers


Here you can find useful information about how to use the API class of MijoACL.


FAQ

How to show the Permissions Widget into my component?

That is pretty simple, you can display and save the permissions by adding just a couple of lines. You should customize just the com_kunena.category.5 part.

Display Permissions Widget
$defined_constants = get_defined_constants();
if (!empty($defined_constants['MijoACL']) && MijoaclApi::authorize('permissions', 'com_mijoacl')) {
    MijoaclApi::getWidget('com_kunena.category.5', true);
}

Save Permissions Widget
$defined_constants = get_defined_constants();
if (!empty($defined_constants['MijoACL']) && MijoaclApi::authorize('permissions', 'com_mijoacl')) {
    MijoaclApi::storeWidget('com_kunena.category.5', true);
}


API

MijoACL API class

Name: MijoaclApi
Type: Abstract
Since: 1.0.0
Location: administrator/components/com_mijoacl/library/api.php

Method Summary

boolean authorize ([string $action = ''], [string $name = ''], [int $user_id = null])
object getConfig ()
object storeConfig ([object $config = ''])
objectList getRules ([string $name = ''])
boolean storeRules ([string $title = ''],[string $name = ''], [string $action = ''], [int $client = ''], [string $params = null])
boolean loadACL ([string $option = false], [string $type = 'group'])
string(json) getACL ([string $name = ''], [string $type = 'group'])
void setACL ([string $name = ''], [string (json) $actions = ''], [string $type = 'group'])
object getPermissionRow ([string $name = ''], [int $client = ''], [string $type = ''])
boolean setPermissions ([string $name = ''], [string $action = ''], [int $client = ''], [int $state = ''], [int $id = null], [string $type = 'group'])
void getWidget ([string $name = ''], [boolean $is_not_slider = false])
void storeWidget ([string $name = ''])
objectList getUsersByGroup ([int $group_id = ''])
objectList getGroupsByUser ([int $user_id])
string getGroupName ([int $id = ''])
int getGroupID ([string $name = ''])
boolean addUserToMultiGroup ([int $group_id = ''], [int $user_id = null])
boolean removeUserFromMultiGroup ([int $group_id = ''], [int $user_id = null])
object getExtension ([string $option = ''])

Methods


authorize ($action, $name, $user_id = null)
Check if the visitor/user is authorized or not. Returns boolean value.

string $action : Action name like edit, move, manage etc.
string $name : Permission name like "com_content", "com_content.category.1" or "com_content.item.1".
int $user_id : The user identifier, if the user ID is null then the logged user ID is used

getConfig ()
Get MijoACL configuration object (stdClass). Returns an MijoACL configuration object, only once created.

storeConfig ($config)
Store MijoACL configuration object (stdClass). Returns void value.

object $config :An object of configuration settings.

getRules ($name)
Get rules from database acording to name. Returns ofjectList value.

string $name : Name of rule.

storeRules ($title, $name, $action, $client, $params = null)
Store any rule to database.

string $title : Title of the rule
string $name : Name of the rule. Must be like (global / com_foo / com_foo.category.cat_id / com_foo.item.item_id)
string $action : Action like edit, move, manage etc.
string $client : Client must be 0=front-end, 1=back-end or 2=both
string $params :

loadACL ($option = false, $type = 'group')
Load the permissions from MijoACL DB tables to RAM (static var). Returns boolean value.

string $option : Component name like "com_content"
string $type : Type must be "group" or "user"

getACL ($name, $actions, $type = 'group')
Get the permissions loaded to RAM (static var). Returns JSON string value.

string $name : Permission name.
string $type : Type must be "group" or "user"

setACL ($name, $actions, $type = 'group')
Set specific permission to RAM (static var). Returns void.

string $name : Permission name.
string $actions : Permission actions.
string $type : Type must be "group" or "user"

getPermissionRow ($name, $client, $type)
Get permissions from database acording to name, client and type. Returns object value.

string $name : Permission name.
int $client : Type of client. 1=back-end, 0=front-end 
string $type : Type must be "group" or "user"

setPermissions ($name, $action, $client, $state, $id = null, $type = 'group')
Store permissions to MijoACL database tables. Returns boolean value.

string $name : Permission name.
string $action : Action name.
int $client : Type of client. 1=back-end, 0=front-end
int $state :State must be 0=Denny, 1=Allow or -1=Inherited
int $id : User/Group ID. It should not be null.
string $type : Type must be "group" or "user"

getWidget ($name, $is_not_slider = false)
Display the widget in any component, Returns void value.

string $name : Name must be like "com_option.item/category.id"
boolean $is_not_slider : It determines whether the widget is shown in a slider or not

storeWidget ($name)
Save permissions that comes from widget to MijoACL database tables. Returns void value.

string $name : Name must be like "com_option.item/category.id"

getUsersByGroup ($group_id)
Get users based on group id. Returns objectList value.

int $group_id : Group ID

getGroupsByUser ($user_id)
Get groups based on user id. Returns objectList value.

int $user_id : User ID. If null, the logged user's ID will be used

getGroupName ($id)
Get group name based on group id. Returns sting value.

int $id : Group ID

getGroupID ($name)
Get group id based on group name. Returns int value.

string $name : Group name

addUserToMultiGroup ($group_id, $user_id = null)
Add an user to multi group, if the user ID is null then the logged user id is used

int $group_id : Group ID
int $user_id : User ID

removeUserFromMultiGroup ($group_id, $user_id = null)
Remove an user from multi group, if the user ID is null then the logged user id is used

int $group_id : Group ID
int $user_id : User ID

getExtension ($option)
Get the instance of the extension. Returns object value.

string $option : Component name like "com_content"

Support Channels

Paid Services