Joomla 1.5: Hack Joomla ACL

Rumor has it that Joomla! 1.6 will have customizable access levels. Until then, however, the only way to customize access to your site is via third party extensions or hacking Joomla! yourself. The popular third party extensions (which shall here remain nameless) tend to be commercial, charging a fee or subscription for the latest and greatest version, and requiring registration even for the unsupported or semi-supported old versions. If you haven’t used them before, you can’t be sure of how well they’ll integrate with the rest of Joomla! This is obviously not an ideal solution, especially for the webmaster on a budget. Following are instructions for hacking Joomla! yourself to add an extra user level called “Subscriber” who can be given access, for example, to premium paid content. These steps were carried out successfully on a Joomla! 1.5.10 installation, but there are no guarantees, as the author is not a Joomla! developer; try at your own risk!

We’ll Start with the database. We can add access levels to the database, but that alone isn’t going to be sufficient since to some degree they’re hard-coded into Joomla! Don’t worry about that now though; the database is where we’ll start. You can use phpMyAdmin to do this if you’re not keen on editing the tables by hand. You need to add a new row to the jos_core_acl_aro_groups table with name and value of “Subscriber” and the id of “Registered” for parent_id. For lft and rgt, alter and use the following php program, taken from http://docs.joomla.org/Custom_user_groups.

<?php
mysql_connect("localhost", "xxxx", "xxxxx") or
die("Could not connect: " . mysql_error());
mysql_select_db("joomla15");

// 0-> parent_id in Joomla this is the value of the parent_id field of the Root record
// 1-> start the left tree at 1
rebuild_tree ( 0 , 1);


function rebuild_tree($parent_id, $left) {


// the right value of this node is the left value + 1
$right = $left+1;

// get all children of this node
$result = mysql_query('SELECT id FROM jos_core_acl_aro_groups '.
'WHERE parent_id="'.$parent_id.'";');
while ($row = mysql_fetch_array($result)) {
// recursive execution of this function for each
// child of this node
// $right is the current right value, which is
// incremented by the rebuild_tree function
$right = rebuild_tree($row['id'], $right);
}

// we've got the left value, and now that we've processed
// the children of this node we also know the right value
mysql_query('UPDATE jos_core_acl_aro_groups SET lft='.$left.', rgt='.
$right.' WHERE id="'.$parent_id.'";');

// return the right value of this node + 1
return $right+1;
}
?>

The other thing that needs to be done to the database is a change to the jos_groups table. Change the id of “Special” to 3 and add “Subscriber” with an id of 2. This is all we need to do to the database… on to the code!

To start, we need to make some changes to /administrator/components/com_users/views/user/view.html.php. About 108 you’ll findAbout line 113 you’ll find the following:

if ( $userGroupName == $myGroupName && $myGroupName == 'administrator' )
{
// administrators can't change each other
$lists['gid'] = 'get('gid') .'" /><strong>'. JText::_( 'Administrator' ) .'</strong>';
}
else
{
$gtree = $acl->get_group_children_tree( null, 'USERS', false );

Change it to:

if ( $userGroupName == $myGroupName && $myGroupName == 'administrator' )
{
// administrators can't change each other
$lists['gid'] = 'get('gid') .'" /><strong>'. JText::_( 'Administrator' ) .'</strong>';
}
else
{
$gtree = $acl->get_group_children_tree( null, 'USERS', true );

Then we move on to /libraries/joomla/user/authorization.php where you’ll find bunches of lines calling $this->addACL(); Find the ones with ‘registered’ as an argument, copy and paste right underneath and change ‘registered’ to ‘subscriber’ on your pasted line

The next changes will be made to /administrator/components/com_content/models/article.xml at about line 8, where you’ll find:

<option value="0">Public</option>
<option value="1">Registered</option>
<option value="2">Special</option>

It needs to be:

<option value="0">Public</option>
<option value="1">Registered</option>
<option value="2">Subscriber</option>
<option value="3">Special</option>

Now let’s modify /administrator/components/com_users/controller.php… we’ll be hacking a hack in this case. At about line 205 you’ll find the following code:

// Fudge Authors, Editors, Publishers and Super Administrators into the special access group
if ($acl->is_group_child_of($grp->name, 'Registered') ||
$acl->is_group_child_of($grp->name, 'Public Backend')) {
$user->set('aid', 2);

Change it to:

// Fudge Authors, Editors, Publishers and Super Administrators into the special access group
if ($acl->is_group_child_of($grp->name, 'Registered')) {
$user->set('aid', 2);
}
if ($acl->is_group_child_of($grp->name, 'Subscriber') ||
$acl->is_group_child_of($grp->name, 'Public Backend')) {
$user->set('aid', 3);
}

A very similar change needs to be made to /plugins/user/joomla.php, where you’ll find the following at about line 116:

// Fudge Authors, Editors, Publishers and Super Administrators into the special access group
if ($acl->is_group_child_of($grp->name, 'Registered') ||
$acl->is_group_child_of($grp->name, 'Public Backend')) {
$instance->set('aid', 2);
}

It needs to be:

// Fudge Authors, Editors, Publishers and Super Administrators into the special access group
if ($acl->is_group_child_of($grp->name, 'Registered')) {
$instance->set('aid', 2);
}
if ($acl->is_group_child_of($grp->name, 'Subscriber') ||
$acl->is_group_child_of($grp->name, 'Public Backend')) {
$instance->set('aid', 3);
}

If you use the Blogger API you’ll also need to make the previous changes to /plugins/xmlrpc/blogger.php, otherwise congratulations! You’ve just set up Joomla! to use an extra user group! When adding/editing an article, menu entry, etc., you should see ‘Subscriber’ as one of the access level options. If selected the article/menu entry/whatever will be visible to Subscribers, Authors, Editors, Publishers, Managers, Administrators, and Super Administrators. For those who need additional user levels, hopefully this article gave you the information needed to get started. Good luck!

Source: http://facebook.com/topic.php?uid=53296764374&topic=11004