I needed to allow managers and others to change their own password but only the back-end is accessible. I didn't want to enable login at the front end. But anything below administrator, not even the user manager menu comes out, so there is nothing to edit. Finally after much googling I found: http://demo.joomlaworks.gr/content/view/23/32/ which basically tells me that I can change the includes/gacl.class.php to hand hack the acl. By adding:
$this->_mos_add_acl( 'administration', 'manage', 'users', 'manager', 'components', 'com_users' );
I was able to show the user menu for managers and they can see the list of users. But they cannot edit anything. Cannot add anything. Cannot delete anything. So I finally checked directly into the file controlling the user data administrator/components/com_users/admin.users.php
In the function checkUserPermission I changed it to:
if ( !$allowActionToMyself && $id == $my->id ){
$msg .= 'You cannot '. $actionName .' Yourself!';
} else if (($id != $my->id && $obj->gid == $my->gid && !in_array($my->gid, array(24, 25))) || ($obj->gid && !in_array($obj->gid,getGIDSChildren($my->gid)))) {
$msg .= 'You cannot '. $actionName .' a `'. $this_group .'`. Only higher-level users have this power. ';
}
I added the $id!=$my->id part in the elseif. That would allow the action if the action is allowed to self (ie the $allowActionToMyself is set). Finally I was able to edit. But when I tried to save it didn't work. Finally I checked into the saveUser function and changed it to:
$msg = checkUserPermissions( array($userIdPosted), 'save', true );
Meaning that I allow user to save themselves. So now my managers can edit their own profile and only their profile. Turned out better than I thought.
1 comments:
well done!!!
Post a Comment