User Management

By default visitors to your site are allowed to register. If a registration form is made available (either as a module or a menu item) then visitors can register by selecting a user name, password and entering their email address. By default Joomla then sends a confirmation email that the user then needs to reply to before the account is made active. 

Changing the Default User Mangament Settings

Go to Users -  User Manager and click on the Options icon in the top right.


If you want to prevent visitors to your site from registering click No against Allow User Registration. 

To change the the Activation behaviour use the New User Account Activation drop down list. You have three options, Self (the user gets sent a confirmation email), Admin, (an administrator needs to activate the account) or None (the user is automatically registered on submitting the form).

You can choose to send an email to the Administrator(s) each time someone registers. You may also want to include a 'Captcha' challenge, particularly if you are getting a large number of unexplained registrations with randomly generated email addresses.

Restricting access to resources

Resources such as articles, modules, menu items and menus can be set as Access Registered. This means that access to the item will not be given unless the user has registered and is logged in. 

This is done simply by selecting the option Access to Registered when the resource is created or edited.


Things to try.

Create a category (eg clients) that will only be available to registered users. 

Create a Category Blog only available to registered users.

Create module only available to registered users.


User Management 2

If you completed the exercises in the previous tutorial you will have some resources (a category, a menu item and a module) that are accessible only to registered users. To confirm that these resources are only available to registers users you need to first create a test user. Then log in to the front end of your site as this test user and confirm that the access permissions work as expected. 

Go to Users - User Manager


This is where you can add, delete, or edit users. At the moment there will probably be only one name in the list, and that will be you.  Note that you, as the creator of the site are in the Super Users group and have have complete access to the site. There can be more then one Super User.

For our testing purposes we want to create a user that has registered access. In the Users Manager:Users window click New. Fill in the Account Details. Keep it simple, I just use 'testuser' for for all text fields and a generic password. You can delete the user when finishing testing. You will need to trick the email field by using an email form (This email address is being protected from spambots. You need JavaScript enabled to view it. ). Click Save and Close.

Now go to the Frontend of your site. Go to your log in page and logout. Confirm that the resources that you set as Access Registered are not available. Now go back to the log in form and enter your test username and password to log in. You should confirm that these resources are now available.


User Management 3

Its often the case where you might need finer grained access control. For instance if you want one group of users to be able to just view articles in a category blog and another group of users to be able to both view and create articles in the blog. This is where Joomla's User Groups  come in to play. 

There are 3 Back End user groups and 4 Front End user groups that are pre installed with Joomla. (see Here for a list of them and their function). You can also add custom user groups, and apply custom viewing access levels to supplement the default Public, Registered and Special levels. (more about this later) 

Permissions are generally assigned in one of two ways.

1. Globally. For Articles this is in Article Manager:Article-Options-Permissions.

2. Locally. For individual articles this is done in the Article Manager: Edit Article in the Permissions pane. 

In the case where permissions conflict (for instance when a Public module contains a Registered link) the more restrictive permission will apply.

Although this may seem overly complex, this multi leveled approach allow maximum flexibility, allowing resources to be assigned in very specific ways. 

So you can get a feel for how this works we are going to take a relatively simple example. Supposing you want one or more people, besides yourself, to be able to upload articles to your recipe blog. The simplest way to do this, you may think, is to just assign the Create Article menu item to Access  Registered. By default Joomla denies the Registered user group the permissions to create content. This could be changed in the Article Manager - Options-Permissions window but it is not advisable because it would grant all registered users the ability to upload content. We really only want to grant this permission to a subset of registered users.

Fortunately in Joomla there is a User Group created for this very task. the Author group. User groups inherit the properties of their parent, since the parent of the Author group is the Registered group the Author group can be considered a subset of the Registered group, inheriting all the privileges of Registered group plus the additional permission to create content

You can verify that the author group does have these privledges by going to Article Manager, clicking on Options and selecting the Permissions tab. Expand the Author drop down list to see that Create and Edit Own are allowed. Permissions can change by selecting either Inherited (The Global setting or Parent Group) or Allow, or Deny. 

Click Cancel without saving. 



Now if you completed the tutorials in Lesson 4 you will already have a category blog and a 'Create Article' menu item. Remember we assigned the create article menu item Access to Special, so only an administrator could view the menu item. If we set it to Registered all registered users will be able to see this menu item. However if they are not in the Authors user group (and their permissions have not been changed from the default) then they will receive the "you are not authorised to view this resource" message when they click Create Article menu item 

Go to Menus - Main Menu. In the list of menu items find the menu item for the Category Blog (ie Recipes). Click on it to edit it. Change the Access setting to Registered and click Save. Now log into the front end as your testuser. Verify that you can see the Create Article menu item and that when you click on it it gives you the access denied message.

Now in the Back end go to User Manager. Click on testuser to edit it. In the Assigned Users Groups  pane check the box next to Author. Click Save and Close. The test user has now been added to the User Group Author.


Now go back to the Front End and you should be able to reload the create article page.(you may need to log out and log back in as the testuser0 

So while this works it leaves a messy Create Article link that leads to an error for some users. What we really need to do is change the Viewing Access Levels of the Create Article menu item so that for registered users that are not Authors the Create Article menu item is invisible.   

Go to Users - Access Levels - Add New Access level. Type 'Author' in the Level Title Field and check the box next to Author in the User Groups Having viewing Access pane. Click Save and Close.


Now you can go back to the Front End and confirm that the testuser can access the Create Article menu item. If You go to the back end Users - User Manager and remove the testuser's Author privileges (uncheck the box next to Author in the Permissions pane in the testusers editing window.) then go to the front end log out and log back in as testuser to confirm that the Create Article menu item now does not show for a user without Author privleges.

 Things to Try

Create a number of category blogs, available to all registered users, each with there own author. Authors should only be able to publish in their own category. For instance if you were running an online newspaper and you had writers for current affairs, sports, gossip etc or you wanted to divide your recipes into mains and deserts and had specialty writers for each. (Hint create a User Group and a Viewing Access level for each category and apply permissions on the Category)