• Hello Fabrik Community

    Fabrik is now in the hands of the development team that brought you Fabrik for Joomla 4. We have recently transitioned the Fabrik site over to a new server and are busy trying to clean it up. We have upgraded the site to Joomla 4 and are running the latest version of Fabrik 4. We have also upgraded the Xenforo forum software to the latest version. Many of the widgets you might have been used to on the forum are no longer operational, many abandoned by the developers. We hope to bring back some of the important ones as we have time.

    Exciting times to be sure.

    The Fabrik 4.0 Official release is now available. In addition, the Fabrik codebase is now available in a public repository. See the notices about these in the announcements section

    We wish to shout out a very big Thank You to all of you who have made donations. They have really helped. But we can always use more...wink..wink..

    Also a big Thank You to those of you who have been assisting others in the forum. This takes a very big burden off of us as we work on bugs, the website and the future of Fabrik.

Advanced access control to lists.

bggann

Active Member
I have a site where
- Registered users can add, edit and view their OWN records. I actually do this by using a menu pre-filter on the list that matches the logged in user id to the user id stored in the record.
- Admins can add,edit and view ANY record

I need to add the ability to have a new class of users who has "view only" access to all records on the list - but no edit access.

I can't figure out how to do this. Using the standard joomla ACL or using a pre-filter like I did before.
I need:
- Registered users can access their records (add, view, edit - their own records)
- "Special" users, who are my admins, can access all records (add, view, edit all records)
- "NEW" users who are my consumers of the data can read only access all records (view).
- "Super Users" who is me, can access all records.

I can create new groups in Joomla, but they all have either Registered, Special or Super users - and that is what Fabrik access looks at.

I thought about "use field" access, but that appears to allow only a given user id, not a group.

Help?

-b
 
Prefilters are not looking for groups but for access levels.
You must set up the correct user-groups / access level structure. Access levels are inherited, so all access levels assiged to a parent group are also assigned to the child group.
So depending on what you need you may have to flatten the group hierachies.

What are NEW users? Guests (= not logged in users)?
 
What you describe should be achievable with the built in list ACLs. As Troester says, you just have to get your J! Access Levels correct (and understand how the permission inheritance works) which sometimes means creating additional groups that aren't within any other group, and creating new Access Levels for those groups.

-- hugh
 
Responding to both - of your posts. Thanks.

First, but what I meant by "NEW" was this "NEW" group that does not exists that I want to give view only access to. In this case the "new" users group is "dispatchers"

It did seem to me that I should be able to do it with J! ACL, and I was able to create a new user group for this set of users. But all I could do was assign that group to access level of "Registered, Special or Super User" (well, I could also set it to public or guest).

My problem is that "Registered" users need to be able to add/view/edit their records - so they have a edit access. If I give the new "dispatcher" group "Registered" Level, then they have edit. I can't take edit away from 'registered' - cause then those users cannot edit their records.

If I put them "Special", which is where my "admin's" are, they also have edit access to all records. If I take away 'edit' permissions from "special", then the admins don't have access anymore.

--- It sounds like you are saying I can add a new J! access level - and that would do it if Fabrik respects it. I have a new J! user group, but not access level.

Sounds like this is a J! problem, not a Fabrik problem. I'll go back and study J! ACL more. If I can create a new access level - say "dispatcher" and give them read only access to the Fabrik lists, (somehow, - advanced permissions?) then it'll work. They will be one step 'below' registered.
I'll be able to give "view" permission to the "dispatcher" and above (which is include registered and special). But edit will require registered.

I'll keep digging. Unfortunately J! ACL documentation tends to assume a level of knowledge I don't quite have.

Addendum: It also seems like I could give "registered" users only view access, and the "submitters", who are now registered, edit. That would mean the new "access level" is for the registered users, not the dispatchers..... So- rather than creating my new access level below registered, I 'downgrade' registered and create a new access level between registered and special.

Does this make sense to anybody?.....
 
You guys are awesome. I was able to create a new access level in J!and think I've got it. Still a little tweaking to do- but pretty close.

I'll post a detailed description of how I did this once I get the kinks worked out.

Bravo
- bob
 
We are in need of some funding.
More details.

Thank you.

Members online

Back
Top