Chapter 10: Working with the User Manager 263 FIGURE 10.7 The Login Form Redirection Parameters. Controlling Access to Content and Functionalities The essential reason for creating user groups is to control access to content and functionalities. As discussed at the outset of this chapter, the Joomla! system’s seven user classes are designed to give you varying levels of privileges; however, those user Groups do not dictate access to content or functionality. Controlling access requires an understanding of the Access Level parameters in Joomla! and how those relate to the user Groups. Default access levels Items can be assigned to any one of three access levels: Public, Registered, or Special. Table 10.1 shows how the access levels impact the users’ ability to view content and functionality. Part II: Working with Content and Users 264 In this sidebar, I show you two examples of how you can manage access levels to create content hier- archies for the front-end of your Joomla! 1.5.x Web site. First, let’s assume you want to have both unrestricted content for the general public and some items that users must register to view. Let’s also assume that you need to implement front-end workflow for the creation and editing of content items. In this case, your options are limited. For the unrestricted items, you must set the Access Level to Public. For the items you wish to be limited to your registered users, you must set the Access Level to Registered. Note that you may need to restrict access to both Pages and to Menu Items to cleanly separate the options available to your Public and Registered users. Finally, since you are enabling front-end content management, you will have to use the Special Access Level to restrict access Menu Items that are needed to implement the content submission and editing options. In other words, in this example, you are only able to achieve two levels of visitor access to your content (Public and Registered), as the third level (Special) must be reserved for the User Groups needed to implement front-end content management. Now, let’s look at a different example: Assume that you do not need to use front-end content manage- ment workflow; that you are going to manage all your content from the back end. In this situation, you can actually dedicate all three access levels to controlling content on the front end of your site and thereby create three different levels of access for your site visitors. A concrete example makes this easier to understand. Let’s assume you are building a site for your local sports league. You have three different types of users: general public visitors, team members, and coaches and officials. The general public members need to see information about game schedules and news items. The team members need a higher level of access as they need to be able to read league announcements. The last group, coaches and officials, need a still higher level of access to view inter- nal management and policy items. Initially it may seem like this is impossible to achieve without installing an additional extension to expand the user group functionality, but in fact it can be done by using the three default Access Levels. Set the general public items to Public. Set the team member items to Registered. Set the coaches and officials items to Special. The Access Levels are only one part of what you need to do to implement this schema. You must also group the users and the content accordingly. Assign the team members to the Registered Group. Assign the Coaches and the Officials to the Author Group. As for the content items, assign them to the access level you need to control their visibility. One more step and you are finished. By default, the system assumes you are using front-end content management and will automatically show Author, Editor, and Publisher links on the User Menu that enables page submission and editing. Let’s disable those by going to the User Menu and unpublishing the options Submit an Article and Submit a Web Link. That’s it; you’re done. Your front-end pages and menu items can now be displayed to any one of the three groups through use of the Access Level controls, and assignment of the users to the proper Groups. Squeezing the most out of three access levels Chapter 10: Working with the User Manager 265 TABLE 10.1 How Access Levels Impact Visibility Access Level Description Public An unrestricted item. Can be viewed or used by any visitor to your site. Registered A limited access item. Can be viewed or used only by registered users. Public visitors, that is, unauthenticated visitors, will not be able to see or use the item. Special A limited access item. Can be viewed or used only by registered users that have been granted at least Author level group membership. Public visitors and members of the Registered user group cannot see or use the item. The three access levels effectively divide your site visitors into three groups: Those who can only access Public items, those who can access both Public and Registered items, and those who can access any item. Note that this distinction is only meaningful on the front end of the site; back-end access is restricted to only those users who are assigned to the Manager, Administrator, and Super Administrator Groups. By definition, users in those Groups have unfettered access to all front-end content and functionality. Cross-Reference Working with front-end content management work flow is discussed at length in Chapter 5. Restricting access to content items You can control access to sections, categories, and articles, as shown in Table 10.2. By limiting access to a section or a category you limit access to the items within that content grouping. Although access levels for individual articles can be set to create exceptions, they can only be used to create more restricted access, not less restricted access. In other words, if you set a section’s access levels to Registered, then setting the categories or articles in that section to Public will have no effect — the more restricted access of the parent grouping (the section) prevails. In contrast, if you set the parent grouping to Public, then you can make access to any child items more restricted. For example, you can set access to a section to Public and set access to an article in that section to Registered with no problem. TABLE 10.2 Managing content access levels in Joomla! 1.5.x Item To change Access Levels, visit… Section Section manager and click on Access Level, or edit the Section item Category Category manager and click on Access Level, or edit the Category item Article Article manager and click on Access Level, or edit the Article item Part II: Working with Content and Users 266 Restricting access to menus and menu items Joomla! allows you to control access to both entire menus and to individual menu items. Limiting access to a menu also limits access to the items on that menu, as shown in Table 10.3. In contrast, it is possible to set more restrictive access levels on menu items. TABLE 10.3 Managing Menu Access Levels in Joomla! 1.5.x Item To change Access Levels, visit… Menu Module Manager and click on the menu module’s Access Level, or edit the Module Menu Item Menu Item Editing dialogue and click on Access Level, or edit the Menu Item Restricting access to components, modules, and plugins Access Level settings can be managed for all modules and plugins in the system, but a number of the Joomla! default components lack individual access level controls. Of the components, only the contact, news feeds, and web links components offer the access level option. Moreover, while indi- vidual contacts can be managed, only the categories associated with news feeds and web links are given access level settings; you cannot set access levels for individual news feeds or web links Table 10.4 summarizes the options for Joomla! 1.5.x. Although not all the components are associated with access level settings, you can always apply access restrictions to the menu items that link to those components if you need greater control than is offered by the Component Manager. TABLE 10.4 Managing access levels for components, modules, and plugins in Joomla! 1.5.x Item To change Access Levels, visit… Contact Component Contact Manager and click on the contact’s Access Level, or edit the contact News Feeds Component (Category only) News Feed manager and click on News Feed Category Access Level, or edit the news feed category Web Link Component (Category only) Web Link manager and click on the Web Link Category’s Access Level, or edit the web link category Module Module manager and click on the module’s Access Level, or edit the module Plugin Plugin Manager and click on the plugin’s Access Level, or edit the plugin Chapter 10: Working with the User Manager 267 Caution Exercise caution when you restrict access to plugins. If you limit the access to a plugin, it may result in the fail- ure of functionalities that are dependent upon the plugin. Summary In this chapter, we have covered the Joomla! User Manager in depth. You learned the following: l How to create, edit, and delete users l The fixed Joomla! User Hierarchy and the privileges associated with each group l Various options for managing User Registration l Options for the Login Form module and how to create a login page l The connection between groups and access levels l How to control access to content and functionality by using the groups together with the access level controls . news feeds and web links are given access level settings; you cannot set access levels for individual news feeds or web links Table 10 .4 summarizes the options for Joomla! 1. 5 .x. Although not. menu, as shown in Table 10 .3. In contrast, it is possible to set more restrictive access levels on menu items. TABLE 10 .3 Managing Menu Access Levels in Joomla! 1. 5 .x Item To change Access. For example, you can set access to a section to Public and set access to an article in that section to Registered with no problem. TABLE 10 .2 Managing content access levels in Joomla! 1. 5 .x Item