#614 ACL

Parent Category:
Last Updated:
Allon Moritz, Wednesday, 06 October 2021 19:35
Friday, 17 February 2012 22:14


DPCalendar, the Joomla event calendar, uses Joomla's access control (ACL) feature for calendars and events. Here we will provide instructions on how to set ACL permissions in DPCalendar. For a more detailed explanation of Joomla's ACL mechanism, please search the internet or read this article as a starting point.

Basically we distinguish between who can see what and who can do what. The following two terms are used in this document.

  • Access - who can see the item(s)
  • Permissions - who can add, edit, delete, and do other changes.

Planing your groups

Before you set up your groups, you must think through what calendars you have, the people that you will be able to view, add, delete, edit, edit own, edit state, and attend events. With a pencil and paper write down your calendars and then how many different groups of people you will need for each calendar. Most people will have one group that can view the calendar, this might be public or a new group (which you will create). A simple calendar will have Public for viewing and Registered for adding, editing, and deleting and such. Once your groups are identified you can add your users to each group.

Setting up user groups

In the backend of Joomla select the menu item - Users > Groups. You will see a hierarchy of Users starting with Public and climbing to Administer and Publisher. There is also a group for Super User. Depending on your needs, you might use these groups or you may create your own group. It is important to notice the hierarchy. If something is public, everyone can see it, but if it is registered, public cannot see it. Make sure when you create your own group that you put it in the proper spot in the hierarchy.

Access control

Access control defines who can see what in Joomla. It can be set per calendars and/or events. DPCalendar has two different access controls defined by two settings. The Access property defines who can see the whole calendar or the event and the Access Content property defines who can see the event details. If a user has no right (access) to see the content of an event, they will see Free/Busy placeholder text instead. This means you can show the visitor that you are doing something, but not what.

ACL calendar

Set the access levels

In the DPCalendar component > Calendars you should see to the right of the calendar name the access level of the calendar, public is typical. The default setting is inherited from the goobal default access level setting in the Joomla configuration. To change the access level, you need to edit the calendar or event and look for the Access dropdown. The same applies for an event. Additionally the event has the access content setting which defines who can see the event details.

It is also possible to set in the DPCalendar option the default access level per event, means when a user is creating an event, the event will have a predefined value instead the one from the global Joomla configuration.

Access controls in external calendars

If you are using a plugin to get your events from an external system like Google calendar or iCloud, you can define per calendar who can see the events and who can see the content.

Permissions introduction

Permissions do define who can modify the events or do other actions like book an event or invite others to an invent. The component inherits the permissions from the global Joomla configuration and every calendar in DPCalendar inherits from the component permission. DPCalendar supports the following permissions:

  • Configure ACL & Options
    Who can define administer DPCalendar.
  • Access Administration Interface
    Who can access the administration interface in the back end.
  • Create
    Who can create calendars and events.
  • Delete
    Who can delete calendars and events.
  • Edit
    Who can edit calendars and events.
  • Edit State
    Who can edit the state of an event. If a user has the Edit State permission the event is automatically published after creation. If the user doesn't have the right the event needs to be published by an administrator.
  • Edit Own
    Who can edit its own event. This is useful when a user has the create permission. When you allow multiple users to create events in the same calendar but want to allow them to only edit their own events.
  • Edit Custom Field Value
    Who can edit the custom fields value.
  • Admin Booking/Tickets
    Who can administrate the bookings and tickets on the front and back end, also gives access on the front to the bookings and tickets list of an event.
  • Book Event
    Who can book an event.
  • Invite Event
    Who can invite users and groups to an event.

Default component permissions

In the DPCalendar component you may select the Options button > Permissions tab. The settings in here are the default settings for all of your calendars. Set these for your most basic calendar settings. In the next item below you will see how to edit each calendar individually. If you have a few calendars you may only have to edit in this Permission tab. You can define who can access DPCalendar Joomla calendar, who can change the options and who can edit events and calendars. Normally, Public viewers can only view the calendars. In some cases you might want users to be able to create events or book an event. In these cases you must change the selections to allow them.

Calendar permissions

Some users may have several calendars that have different permissions on a calendar by calendar basis. The calendar permissions override the component permissions on a per-calendar basis. This means that they inherit the permissions from the component permissions initially, but can be changed later here.

In the component, click on your calendar to open it, now you should see a tab Permissions. Here you can set your permissions for this calendar only.

ACL permissions

Comments (0)

We use cookies on our website. Some of them are essential for the operation of the site, while others help us to improve this site and the user experience (tracking cookies). You can decide for yourself whether you want to allow cookies or not. Please note that if you reject them, you may not be able to use all the functionalities of the site.