Let's get ACL / Authorization added to CiviCRM + Joomla

Gepubliceerd
2009-07-24 19:05
Written by
SarahGladstone - member of the CiviCRM community - view blog guidelines
Currently Joomla + CiviCRM is great combination, except for a key missing feature: The ability to control the authorization rules for who can see what. ( Otherwise known as ACL ) To donate to this cause, visit the link: http://www.fundable.com/groupactions/groupaction.2009-07-21.7920489394 Is it to much to ask that only the bookeeper can see the money? Currently anyone with access to the "Components" menu in the back-end of Joomla can see everything. Lets fund a great feature for the CiviCRM project, the best CRM software for nonprofits. Right now ACL / Authorization is only available in CiviCRM running within Drupal or stand-alone. It would be great for ACL / authorization to be available in CiviCRM within Joomla.
Filed under

Comments

This is a great goal!

Who is going to do the development?

Does this proposal also go the other way, so that you can provide access to CiviCRM to people who do not have Joomla! back-end Administrator access?

It is often the case that you want people to be able to manage members without being able to edit website content!

Andrew

we are chatting with sarah gladstone and most likely will do the development if it meets the fundraising goals

we'll expose all functionality to both the frontend and backend and access will be controlled by CiviCRM ACL's and permissioning

we'll also take the project to clean up, simplify and document the ACL system to make it easier for folks to understand, customize and extend

lobo

Well I think first it would be nice just to in general make CiviCRM work like a Joomla Component. Then it will be ready to work with Joomla ACL or quite frankly you could just add the existing acl.

We're pretty far from that, so it's hard to imagine what making the acl work is going to take. On the other hand, just add a real front end with layouts and i think adding in the acl is simple.

I've seen some forum posts asking if the standalone version is able to use other methods to login.

Wouldn't it be better to spend the effort to make the standalone version more generic? ie allow users to login using any user tables?

This way, joomla users can use the standalone version, configured to login using the joomla user table, and others can also integrate against their user database.

Anonymous (niet gecontroleerd)
2009-07-25 - 17:39

...but in the meantime, I just left a forum post here which may help ease the suffering a bit until ACL works in Joomla installs.

Why do you need a new ACL implementation if you have one that works internally already? I don't quite see what you're trying to achieve, perhaps I'm missing something.

Sarah Gladstone (niet gecontroleerd)
2009-07-27 - 06:27

I don't need a new ACL implementation. I would like to see the existing ACLs work in a Joomla + CiviCRM environment. To see what is missing first hand, visit http://joomla.demo.civicrm.org and log into the administration area.

JoomlaShack is reporting that J!1.6 will go beta in the next few weeks, with a link to a video of a core team member describing the release:
http://www.joomlashack.com/joomla-16/394-joomla-16-beta-coming-soon

How that pertains here is that one of the core upgrades in 1.6 is ACL as part of the core and usable by components. That should make this far easier to implement. The Drupal version of CiviCRM has ACL because Drupal has ACL!!

Anonymous (niet gecontroleerd)
2009-07-31 - 05:38

In addition to the point about J1.6, there is a project within Joomla (not clear how official, but on their website) to create a much fuller set of CiviCRM modules and plugins. The more that can go to the front end, the less ACL issues in the back-end matter. They seem fairly well advanced already.

http://community.joomla.org/blogs/community/974-civicrm-modules-update.html

-not sure where all the whitespace in the preview is coming from.

We'd be willing to make a contribution to this project, but not sure we want to authorise a payment to Fundable. Let us know if it is looking possible!