usersOne of the most powerful aspects of a CMS like Joomla is the User Management features.  Joomla has greatly extended the web developers ability to control exactly what users can see and what they can do when the get to the website.

With your website you may have many contributors that add content to the site, you may have areas that you only want paid subscribers to see, you may have several people in the company adding content to the site, and you may want a few individuals to be able to access everything on the site and have control over all of the settings.

Joomla has default User Groups and Access Levels for the users on the site, but you can modify the default groups and levels and add as many as you wish.

Access Levels vs Permissions

Access Levels control what the user can SEE, Permissions control what the user can DO. Permissions control User Groups for things like being able to log into the back end and creating, editing, publishing or deleting content. Permissions for specific user groups can be set globally under the Global Configuration area in the System menus, or set specifically for Articles and Categories using the Options under Article or Category Manager, and they can be set specifically for individual articles and categories from within the article itself. Permissions are set on an inheirited basis.  This means that for any particular item, it will have the inheirited permission set by the Global Configuration unless overwritten at the Article Manager or Category Manager Level.  If Permissions are set for the individual article, then that overrides any inheirited settings.

 

Learn By Example

Thomas Greenthumb has a garden center that sells plants and also has landscaping and consulting services.  Thomas wants to generate traffic to his website and his garden center by having topical articles about gardening in his area of the country.  He is going to have many experts contributing articles for his site, but he is going to have only one person from the people wrting articles to edit and review the articles before publishing them to the live site.  He also is going to have a catalog of plants, tools, books and garden accessories, where his secretary is going to add the prices, descriptions and anything on sale. He is also going to have people subscribe to the site for free so that he can send them e-newsletters and promotions and they in turn can ask questions from his group of gardening experts. Thomas doesn't want the people writing the gardening articles to be able to access the catalog and he only wants the subscribers to access the Front End of the site.  

Thomas can set up multiple User Groups for all of these people.  He can then give the groups different Access Levels and set the Permissions for the User Groups.  As he creates the catalog, he can select a User Group for the catalog items so that only he and his secretary can make edits. He can set up his site so that the article contributers can create and edit only their own articles, but the user set to the Publisher group can access all of the articles and edit them and publish them to the live site.  He will also use the default Registered User Group for the subscribers.  They can only post questions for the experts if they are in the Registered group.

Thomas will set up a login module on the front page of his site, so that the public can login or register for the site.  The contributors can also login and access and edit their own articles from the front end.  If their articles have not yet been published, he can make it so they alone can see their articles and not the public.

Thomas can create Users in the Administrative Interface by selecting Users from the top menu and selecting User Manager from the dropdown menu. He can also access it from the Quick Icons on the Dashboard. He, himself, is the Super User because he installed the site.  This means that he can access any feature on the back end of the site. He then sets up another User profile for his secretary.  He enters her name, her user name and assigns a secure password for her that has upper and lower case letters, numbers and two symbols.  Under the Assigned User Group tab he assigns her to the Super Users group.  He also sets up a user profile for the Publisher. He assigns the Publisher to Publisher group.  He then creates user profiles for the first five people that will be contributing articles.  They will be assigned to the Editor user group.  

Anyone that wants can register for the site using the login form.  By registering, this will automatically create a User Profile.  They will also automatically be placed into the Registered user group.  Thomas is going to create a form where Registered users can post questions.  The form will send an email to each of the gardening experts.

He can also set it up so that when the contributers log into the back end, they only see Content on the dropdown menus.  This way they won't have access to any of the other features and can't accidently change something they shouldn't.

The details on how to set up Users, User Groups and Access Levels are covered in the joom3 Administrative Interface section

Resources: Users, User Groups & Access Levels

Resources: Users, User Groups & Access Levels

docs.joomla.org/J2.5:Access_Control_List_Tutorial: at this writing, docs.joomla.org does not have a full article for Joomla version 3, but the concepts are essentially the same.