alastairwalker
Member
After several months of grappling with the Joomla ACL structure, and a careful study of the features of the FB model, I have finally found a method for managing and allocating the CRUD rights in the Fabrik Context to different User Groups (and of course, by implication - users) (CRUD standing for: Create, Read, Update, Delete).
The problem is that the usual Joomla Access Control (ACL) structure to manage CRUD rights does support access to the FB object feature level, because the standard J! CRUD operates at the FB higher object level.
I needed to find a way to closely control the allocation of the CRUD rights at the FB object feature level.
I studied all the user posts on the subject in the FB forum, but did not find a succinct solution to my problem.
I am providing this post as one way of acknowledging all the value that I have derived from access to this marvellous component.
Here is a simple statement of the problem I faced:
I need to support three classes of users.
The first group that is able to view only the list, and records.
A second group that inherits the first group rights, and additionally can add, edit, and delete records.
A third group that inherits the access rights of first and second groups, and also has the right to empty records.
SO - here is my receipe to achieve the above:
To achieve CRUD management at the J! object feature level - set up the following:
(Using the Joomla User Manager component, do the following):
Under Users:
(Do this simply for test and verification purposes)
Create three users:
user_a
user_b
user_c
Under User Groups:
a) Create Novice Group (i.e. bottom level - least rights)
Allocate Registered as Parent.
b) Create Practitioner Group (i.e. middle level - create and manage records)
Allocate Novice as Parent.
c) Create Master Group (able to trash data sets)
Allocate Practitioner as Parent.
Now under Users:
Allocate user_a to Registered, Novice.
Allocate user_b to Registered, Practitioner.
Allocate user_c to Registered, Master.
Under Access Levels:
Create Novice.
Allocate the access level to the Novice User Group.
Create Practitioner.
Allocate the access level to Practitioner User Group.
Create Master.
Allocate the access level to Master User Group.
(Using Fabrik):
(For example: List -> Access)
In Fabrik (Lists, Forms, Elements, as required) allocate as follows:
View List: Novice
View Records: Novice
Edit Records: Practitioner
Add Records: Practitioner
Delete Records: Practitioner
Empty Records: Master
This completes all the ncessary steps.
You will now find that user_a,b,c now have closely controlled CRUD rights.
Enjoy!
Alastair Walker
The problem is that the usual Joomla Access Control (ACL) structure to manage CRUD rights does support access to the FB object feature level, because the standard J! CRUD operates at the FB higher object level.
I needed to find a way to closely control the allocation of the CRUD rights at the FB object feature level.
I studied all the user posts on the subject in the FB forum, but did not find a succinct solution to my problem.
I am providing this post as one way of acknowledging all the value that I have derived from access to this marvellous component.
Here is a simple statement of the problem I faced:
I need to support three classes of users.
The first group that is able to view only the list, and records.
A second group that inherits the first group rights, and additionally can add, edit, and delete records.
A third group that inherits the access rights of first and second groups, and also has the right to empty records.
SO - here is my receipe to achieve the above:
To achieve CRUD management at the J! object feature level - set up the following:
(Using the Joomla User Manager component, do the following):
Under Users:
(Do this simply for test and verification purposes)
Create three users:
user_a
user_b
user_c
Under User Groups:
a) Create Novice Group (i.e. bottom level - least rights)
Allocate Registered as Parent.
b) Create Practitioner Group (i.e. middle level - create and manage records)
Allocate Novice as Parent.
c) Create Master Group (able to trash data sets)
Allocate Practitioner as Parent.
Now under Users:
Allocate user_a to Registered, Novice.
Allocate user_b to Registered, Practitioner.
Allocate user_c to Registered, Master.
Under Access Levels:
Create Novice.
Allocate the access level to the Novice User Group.
Create Practitioner.
Allocate the access level to Practitioner User Group.
Create Master.
Allocate the access level to Master User Group.
(Using Fabrik):
(For example: List -> Access)
In Fabrik (Lists, Forms, Elements, as required) allocate as follows:
View List: Novice
View Records: Novice
Edit Records: Practitioner
Add Records: Practitioner
Delete Records: Practitioner
Empty Records: Master
This completes all the ncessary steps.
You will now find that user_a,b,c now have closely controlled CRUD rights.
Enjoy!
Alastair Walker
