Joomla ACL (Access Control Levels) Setup

Our company is engaged in the development, support and maintenance of sites of any complexity. From simple one-page sites to large-scale cluster systems built on micro services. Experience of developers is confirmed by certificates from vendors.
8+Years of work900+Completed projects100+In house employees19+Partners
Development and maintenance of all types of websites:
Informational websites or web applications
Business card websites, landing pages, corporate websites, online catalogs, quizzes, promo websites, blogs, news resources, informational portals, forums, aggregators
E-commerce websites or web applications
Online stores, B2B portals, marketplaces, online exchanges, cashback websites, exchanges, dropshipping platforms, product parsers
Business process management web applications
CRM systems, ERP systems, corporate portals, production management systems, information parsers
Electronic service websites or web applications
Classified ads platforms, online schools, online cinemas, website builders, portals for electronic services, video hosting platforms, thematic portals

These are just some of the technical types of websites we work with, and each of them can have its own specific features and functionality, as well as be customized to meet the specific needs and goals of the client.

Offered services
Showing 1 of 1 servicesAll 2065 services
Joomla ACL (Access Control Levels) Setup
Medium
from 1 business day to 3 business days
FAQ
Our competencies:
Development stages
Latest works
  • image_website-b2b-advance_0.png
    B2B ADVANCE company website development
    1212
  • image_web-applications_feedme_466_0.webp
    Development of a web application for FEEDME
    1161
  • image_websites_belfingroup_462_0.webp
    Website development for BELFINGROUP
    852
  • image_ecommerce_furnoro_435_0.webp
    Development of an online store for the company FURNORO
    1041
  • image_crm_enviok_479_0.webp
    Development of a web application for Enviok
    822
  • image_bitrix-bitrix-24-1c_fixper_448_0.png
    Website development for FIXPER company
    815
Show more works

Joomla ACL (Access Control Levels) Setup

Joomla ACL is one of the most flexible access control systems among CMS. User group hierarchy, view access levels, permission inheritance — enables any business logic without additional extensions.

ACL Concept

User groups — hierarchical. Inherit parent permissions. Built-in: Public → Guest → Registered → Author → Editor → Publisher → Manager → Administrator → Super Users.

Access levels — define which groups can view element. Built-in: Public, Guest, Registered, Special, Super Users.

Actions — what group can do: Create, Edit, Edit Own, Edit State, Delete.

Creating Custom Groups

Users → User groups → Add:

Parent: Registered
Title: Premium Member

Create access level: Users → Access levels → Add:

Title: Premium Content
Groups: Premium Member

Assign content access level "Premium Content" — visible only to premium members.

Component Permissions

Each component has own permissions. Global configuration → Permissions sets global rights. Component configuration → Permissions — overrides for specific component.

Example: editors edit only their category content:

Component com_content → Category "Blog" → Permissions:
  Group: Blog Editors
  Action: Create = Allow
  Action: Edit = Allow
  Action: Edit Own = Allow
  Action: Edit State = Deny  (no publish)

Programmatic Access Check

use Joomla\CMS\Factory;

$user = Factory::getApplication()->getIdentity();

// Check if authorized
if ($user->guest) {
    // Show login form
    echo Factory::getApplication()->getDocument()
        ->getRenderer('component')
        ->render('com_users.login');
}

// Check access to specific level
if (!$user->authorise('core.view', 'com_content.article.' . $article->id)) {
    throw new \Joomla\CMS\Exception\ExceptionHandler(403);
}

// Check permission
if ($user->authorise('core.create', 'com_content')) {
    // show create button
}

// Check group membership
$groups = $user->groups; // array of group IDs
$isPremium = in_array($premiumGroupId, $groups);

Limiting Access to Menu and Modules

Each menu item and module has Access level parameter. Set "Premium Content" — item/module hidden for everyone except premium users.

Payment System Integration

For paid content — assign user to group after payment:

// After payment confirmation
use Joomla\CMS\User\UserHelper;

$user = \Joomla\CMS\Factory::getUser($userId);
$premiumGroupId = 8; // ID of Premium Member group

// Add to group
$groups = $user->groups;
$groups[$premiumGroupId] = $premiumGroupId;
UserHelper::setUserGroups($userId, $groups);

Multi-Level Subscription

Multiple access levels:

Basic Member → sees Basic Content
Pro Member → sees Basic Content + Pro Content
Enterprise Member → sees everything

Implemented via three groups with inheritance or three independent access levels assigned to needed content.

Timeline

ACL setup with 3–5 custom groups and access levels for paid content — 1–2 days.