user hierarchy Adding users to the system Managing users Creating user registration Controlling access to content and functionalities Effective command of user privileges and access cont
Trang 1Working with the
User Manager
IN THIS CHAPTER
Introducing the User Manager Understanding the Joomla! user hierarchy
Adding users to the system Managing users
Creating user registration Controlling access to content and functionalities
Effective command of user privileges and access controls is essential to
the creation of a successful web site Users are the lifeblood of any site
and proper user management is needed to both inspire repeat visitors
and to protect the integrity of the site Joomla! provides several tools that
enable user privileges and access; the most important of these tool is the
User Manager
In this chapter, I take a detailed look at the Joomla! User Manager and how it
is used to create and manage the registered users on your Web site I also
examine the connection between the various Joomla! User Groups and the
Access Level controls that are associated with the site’s many content items,
components, modules, and plugins
Introducing the User Manager
The User Manager handles the creation and management of all registered
users in the Joomla! system The User Manager is located inside the Joomla!
admin system After you have logged in to the admin system, you can access
the User Manager in two ways: either by clicking on the User Manager icon
on the Control Panel or by selecting the User Manager option from the Site
menu Figure 10.1 shows the default User Manager in Joomla! 1.5.x
Trang 2FIGURE 10.1
The Joomla! 1.5.x User Manager interface, showing the default administrator account (logged in) and one front-end user (not logged in)
The toolbar at the top of the User Manager provides quick access to the following functions:
l Logout: Select one or more users from the list and then click this icon to manually log the
users out of the system
l Delete: Select one or more users from the list and then click this icon to delete the user
account(s)
l Edit: Select a user from the list and then click this icon to edit the user’s account details.
l New: Click to create a new user account.
l Help: Click to access the online Help files related to the active screen.
Three sorting and searching tools to help you manage long lists of users are below the toolbar They are:
l The Filter field on the left works like a search box for the User Manager Type a word or
phrase into the field and then click Go The page reloads and displays the results of the search To clear the screen and return to a full listing, click the Reset button
Trang 3l The Select Group filter on the right side allows you to display only those users that have
been assigned to a specific group Note that the combo box lists all of the user groups pro-vided by Joomla!, regardless of whether any users are assigned to those groups In other words, you can filter by a group that has no members, in which case the system will return no results To reset this filter, change the combo box back to the default setting
l The Select Log Status filter on the far right allows you to filter and display the users
according to whether they are presently logged in to the system This provides an easy way to identify all users that are currently active on the site To reset this filter, change the combo box back to the default setting
The main content area of the screen contains a list of all the registered users in your Joomla! site The columns provided are:
l # : An indexing number assigned by Joomla! This number cannot be changed.
l Checkbox (no label): Click in a checkbox to select a user account; this is needed if you
want to use several of the toolbar options
l Name: This field displays the full name of the user Click on the name to edit the user’s
details
l Username: The name displayed in this field is the username needed for login.
l Logged In: A checkmark in this column indicates that the user is currently logged in to
the system This field is blank if the user is not logged in
l Enabled: A green checkmark in this column indicates that the account is active The field
shows a red X when the user account is disabled A user account may be disabled for one
of two reasons: Either the user has been blocked by an administrator, or the user has failed to confirm and activate a new account Administrators can toggle between the two settings by clicking on the icon shown
l Group: The group to which the user is assigned.
l Email: The e-mail address associated with this user account Click the address to send the
user an e-mail
l Last Visit: This column displays the date and time the user last logged in to the site.
l ID: The system-generated user ID number.
Finally, at the bottom of the screen, below the content area, is the Display # option Change the value
in the combo box control to alter the number of users that are displayed on the page The default value can be altered by changing the List Length option on the Global Configuration Manager
Cross-Reference
See Chapter 4 to find out more about the Global Configuration Manager.
Joomla! 1.6
Significant changes to the User Manager functionality in Joomla! 1.6 have been planned, however at the time
of writing this chapter the final version of Joomla! 1.6 was not yet available for review.
Trang 4Understanding the Joomla! User Hierarchy
The Joomla! 1.5.x system provides a fixed user hierarchy consisting of seven different levels User access levels are called groups in Joomla! The seven groups are divided between users with only front-end access, and those with access to both the front end and the back end of the site Each group has different privileges in the system Higher-level groups always include all the privileges of lower-level groups as shown in Figure 10.2
One of the unfortunate limitations of the Joomla! 1.5.x system is a lack of flexibility in relation to users access levels User Group privileges are fixed and cannot be modified Moreover, you cannot create new groups, or assign to individual users privileges that are inconsistent with the group to which they belong If you have a compelling need for greater flexibility in your user access levels, you must install a third-party extension to enhance the default system
FIGURE 10.2
The Hierarchy of User Privileges
Trang 5Classifying public front-end users
Four different groups are classified as public front-end users The groups are named Registered, Author, Editor, and Publisher The users assigned to these groups have a limited access to only the front end of the site Although they can log in to the front end and perform tasks, they do not have the ability to log into the back end of the site This limited form of access is useful both for provid-ing control to content and for settprovid-ing up a workflow that allows users to add content to the site
Registered
Registered users are the most basic and the most limited access group A user in this group can view pages and menus where the access level has been set to either Public or Registered This user group has no ability to add or edit content items Typically this user group is concerned with access to content, not with administration privileges This group allows you to recognize and dis-tinguish certain users from general public viewers of the web site and to allow your Registered site visitors to see more items and do more things than a general public visitor
Author
The Author group is one step up the hierarchy from a Registered visitor Authors cannot only access restricted content items and menus, but can also access pages and menus where the access level has been set to Special The most important privilege that users in this group enjoy is the abil-ity to add content to pages from the front end
The Author group is typically used by administrators to create a front-end content management workflow An Author can add content to pages and edit content they have created Authors can-not, however, edit the pages of other users Additionally, Authors cannot schedule or publish content items and they cannot create content structures, such as sections or categories As such, this group is typically part of a larger work flow process that includes other user groups that complete the publication cycle In the default configuration, members of the Author group are also able to submit web links from the front end of the site, though this can be modified by the site administrator
Editor
Users assigned to the Editor group enjoy the same privileges as authors, plus the ability to edit the content items created by other users Editors are part of a front-end content management work-flow, but because they are unable to schedule or publish pages, Editors are normally part of a larger schema involving other user groups
Publisher
The Publisher group is the highest level of public front-end users Publishers enjoy the same privi-leges as Editors, plus they can create pages, edit the pages of other users, and schedule and publish pages
Trang 6Classifying public back-end users
Three groups are classified as Public back-end users: Manager, Administrator, and Super Adminis-trator Users assigned to these groups are able to log in to the back-end administration system of your site; accordingly, care should be taken to only grant this level of access to trusted users
Manager
In terms of privileges, Managers are more concerned with content management than with system administration Users assigned to the Managers group enjoy rights very similar to those of
Publishers, but with the added ability to create content structures, such as sections and categories and the ability to work with the site’s menus Unlike Publishers, Managers are able to use the admin interface to edit and otherwise manage pages Because the admin interface is typically more user-friendly for editing pages than the front end, the ability to access the back end is a consider-able advantage
Administrator
The Administrator group has significant system administration privileges Users in this group enjoy all the rights of a Manager, plus the ability to work with the site’s users, modules, and components
Super Administrator
The Super Administrator Group is the Joomla! equivalent of a Super User This user group is the most powerful in the system, with no limits on the user’s ability to perform tasks with the system Key privileges, such as access to the Global Configuration Manager and the ability take the site offline make this group suitable for only the most trusted users As a general rule, you can restrict membership to this group to the fewest number of persons possible
Tip
A Super Administrator account cannot be directly deleted, but it can be downgraded to a lower level group and then deleted.
Adding Users to the System
You can add an unlimited number of users to your system You can create new users in one of two ways: by a site administrator via the User Manager, or by the users themselves via the front-end user registration process
In this section, we discuss adding users through the admin system, because this way is the most common and the most powerful approach to user creation Note that if you want to create a user account with more than just the most basic of user permissions and privileges, then you must cre-ate the account from inside the back-end User Manager