tfertil
Posts: 43
|
| Posted: 02/26/2011, 8:51 AM |
|
I developed a CCS application integrated to Joomla 1.5 sites, using the jos_users table to establish CCS security.
Now, Joomla 1.6 has an important change because now a user can be part of more than one group at the time.
So, the old group_id field (GID) is no longer present at the jos_users table, but is in the new table jos_user_usergroup_map, which contains the many-to-many relationship between users and users groups.
So, I created this view in my mySQL database so I can have a table with just one record per user and the higher access level for the user:
CREATE VIEW pam_joomlausers AS
SELECT
jos_users.id,
jos_users.name,
jos_users.username,
jos_users.email,
jos_users.password,
jos_users.usertype,
jos_users.block,
jos_users.sendEmail,
jos_users.registerDate,
jos_users.lastvisitDate,
jos_users.activation,
jos_users.params,
max(jos_user_usergroup_map.group_id) AS group_id
FROM jos_users
INNER JOIN jos_user_usergroup_map ON (jos_users.id = jos_user_usergroup_map.user_id)
GROUP BY
jos_users.id,
jos_users.name,
jos_users.username,
jos_users.email,
jos_users.password,
jos_users.usertype,
jos_users.block,
jos_users.sendEmail,
jos_users.registerDate,
jos_users.lastvisitDate,
jos_users.activation,
jos_users.params
Now I can use this view when using the Builder from CSS.
Hope find this useful.
|
 |
 |
jokecoat
Posts: 43
|
| Posted: 06/04/2011, 9:11 AM |
|
Could you please explain how you did integrate ccs in joomla 1.5 or 1.6?
|
|
|
|
tfertil
Posts: 43
|
| Posted: 06/14/2011, 10:06 AM |
|
Jokecoat:
Sorry I didn't answer you sooner, was really busy...
My strategy is to include my CCS screens in a wraper inside Joomla, specifically, an iFrame.
I installed a normal joomla site and then create a folder inside it for my CCS application.
Also I create some additional tables and views in the Joomla database to manage security, and obviously, my own system tables.
Note that my applications *normally* doesn't interact with Joomla, nor Joomla with my apps, I'm only using Joomla to embed my app with my clients content.
Detailed steps:
STEP 1
In my CCS application, I don't use joomla user and session tables directly, because there are some differences between version 1.5 and 1.6, and I like this to be "transparent" to my apps.
So I create two views.
JOOMLA 1.5 VERSION OF THE VIEWS
CREATE VIEW sec_vw_joomlausers AS
SELECT
jos_users.id
,jos_users.name
,jos_users.username
,jos_users.email
,jos_users.password
,jos_users.usertype
,jos_users.block
,jos_users.sendEmail
,jos_users.registerDate
,jos_users.lastvisitDate
,jos_users.activation
,jos_users.params
,CASE jos_users.gid
WHEN 25 THEN 8
WHEN 24 THEN 7
WHEN 23 THEN 6
WHEN 21 THEN 5
WHEN 20 THEN 4
WHEN 19 THEN 3
WHEN 18 THEN 2 END AS group_id
FROM jos_users;
-- --------------------------------------------------------
CREATE VIEW sec_vw_joomlasession AS
SELECT
jos_session.session_id
,jos_session.client_id
,jos_session.guest
,jos_session.time
,jos_session.data
,jos_session.userid
,jos_session.username
,jos_session.usertype
,CASE jos_session.gid
WHEN 25 THEN 8
WHEN 24 THEN 7
WHEN 23 THEN 6
WHEN 21 THEN 5
WHEN 20 THEN 4
WHEN 19 THEN 3
WHEN 18 THEN 2 END AS group_id
FROM jos_session;
JOOMLA 1.6 VERSION OF THE VIEWS
CREATE VIEW sec_vw_joomlausers AS
SELECT
jos_users.id
,jos_users.name
,jos_users.username
,jos_users.email
,jos_users.password
,jos_users.usertype
,jos_users.block
,jos_users.sendEmail
,jos_users.registerDate
,jos_users.lastvisitDate
,jos_users.activation
,jos_users.params
,max(jos_user_usergroup_map.group_id) AS group_id
FROM jos_users
INNER JOIN jos_user_usergroup_map ON (jos_users.id = jos_user_usergroup_map.user_id)
group by
jos_users.id
,jos_users.name
,jos_users.username
,jos_users.email
,jos_users.password
,jos_users.usertype
,jos_users.block
,jos_users.sendEmail
,jos_users.registerDate
,jos_users.lastvisitDate
,jos_users.activation
,jos_users.params;
-- --------------------------------------------------------
CREATE VIEW sec_vw_joomlasession AS
SELECT
jos_session.session_id
,jos_session.client_id
,jos_session.guest
,jos_session.time
,jos_session.data
,jos_session.userid
,jos_session.username
,jos_session.usertype
,sec_vw_joomlausers.group_id
FROM jos_session
INNER JOIN sec_vw_joomlausers ON jos_session.userid = sec_vw_joomlausers.id
STEP 2
Back in CSS, I set the security table to be my user view.
In order to CCS load the values from the database, I added this code at the end of the common.php file:
$conn = new myDBConnection();
$sessioncookie = CCGetFromGet("sessioncookie", ""); // Get sessionvariable of Joomla-Session over the URL which passes the Joomla-Wrapper to the iframe
$lang = CCGetFromGet("locale","es");
$josUserID = CCDLookUp("userid","sec_vw_joomlasession","session_id='$sessioncookie'", $conn);
global $josUserLogin;
$josUserLogin = CCDLookUp("username","sec_vw_joomlasession","session_id='$sessioncookie'", $conn);
#$josUserType = CCDLookUp("usertype","sec_vw_joomlasession","session_id='$sessioncookie'", $conn);
$josGroupID = CCDLookUp("group_id","sec_vw_joomlasession","session_id='$sessioncookie'", $conn);
CCSetSession("josUserID", $josUserID);
CCSetSession("josUserLogin", $josUserLogin);
CCSetSession("josGroupID", $josGroupID);
$conn->close();
of course the name of the CCS session vars (josUserID, josUserLogin, josGroupID) must be set at the security properties of your project.
STEP 2
Maybe you noted that I get the joomla session cookie to locate the user's session at the session table. This is passed from joomla to the iFrame where the CSS page is loaded, but I need to make a little adjustement in Joomla.
I add this lines at the beggining of the \components\com_wrapper\views\wrapper\tmpl\default.php file, just AFTER the line defined('JEXEC').
#################
$session =& JFactory::getSession();
$sid = $session->getId();
$locale = $_GET[‘locale’];
###################
and down the code of this file I changed the line:
src="<?php echo $this->wrapper->url; ?>"
to be
Joomla 1.5
src="<?php echo $this->wrapper->url."?sessioncookie=$sid&locale=$lang"; ?>"
Joomla 1.6
src="<?php echo $this->escape($this->wrapper->url)."?sessioncookie=$sid&locale=$lang"; ?>"
STEP 3
Back in Joomla Administrator site, I created a menu and some menu items. Each menu item is a wrapper, the url is simply the right path to my CCS subfolder and file, something like \myCCS\myFile.php
In some cases I use my own tables to manage security and left the pages accesible to every REGISTERED user in Joomla, sometimes I use Joomla groups. I left the specifics to you.
Hope this compact explanation helps you out.
|
|
|
|
jokecoat
Posts: 43
|
| Posted: 06/14/2011, 1:20 PM |
|
@tfertil: Thanks! This did the trick!
|
|
|
|
gulam
Posts: 55
|
| Posted: 04/28/2012, 2:35 AM |
|
Hi,
This looks like a very good solution to link CCS with JOOMLA. Will the 1.6 procedure work for j2.5?
Gulam
|
|
|
|
tfertil
Posts: 43
|
| Posted: 04/28/2012, 9:03 AM |
|
Yes, I'm using it with Joomla 2.5
|
|
|
|
gulam
Posts: 55
|
| Posted: 04/29/2012, 12:29 AM |
|
Thanks will try this out.
I have several projects running in j1.5 and j2.5.
I have one more question, I have gone through your procedure step by step and everything is clear except the last part "In some cases I use my own tables to manage security and left the pages accesible to every REGISTERED user in Joomla, sometimes I use Joomla groups. I left the specifics to you"
Taking an example of j1.5, do I need to create groups in CCS that match with Joomla groups? how would this be handled in j2.5?
Gulam
|
|
|
|
gulam
Posts: 55
|
| Posted: 04/29/2012, 5:42 AM |
|
Hi again,
I tried this with j2.5, works quite well except for one issue. In edit mode of any form, the PRESERVE PARAMETER has to be set to GET otherwise you get an access denied message.
This is what is happening - whenever you select to edit an existing record, if the preserve parameter is set to none, then - after any change when you submit it goes to access denied page. This means all the variables including sessions parameters are getting initialized. With preserve parameters set to GET, it works ok but the fields don't get initialized and the current field values remains.
Is there any way out of this? I even tried to initialize all fields in the after update events but this does not work.
Gulam
|
|
|
|
tfertil
Posts: 43
|
| Posted: 04/29/2012, 8:45 AM |
|
Hi Gulam
You can try this:
At the very end of you form's PHP code, lies the "Go to destination page" section of the code.
Here you will find a line like this:
header("Location: " . $Redirect);
Change it to this:
header("Location: " . $Redirect."&sessioncookie=".$sessioncookie."&lang=".$lang);
This way you don't have to worry about preserving these parameters.
If you don't use or need the lang session variable, you can ommit it.
Drawbacks?
If you create new componentes in the form, CodeCharge does not re-generates these code portion, and the "unset($YourNewComponente) lines that are normally added, are not.
This is the only problem I'd found until now.
Hope this helps...
|
|
|
|
tfertil
Posts: 43
|
| Posted: 04/29/2012, 8:47 AM |
|
Gulam: sorry, I didn't saw you first question: the answer is Yes, I do create my groups en CCS to match Joomla groups.
So long I used just standard groups, I'd not experimented with user created groups in Joomla 2.5.
|
|
|
|
gulam
Posts: 55
|
| Posted: 04/29/2012, 10:20 AM |
|
Thanks for your reply, will try that out.
I have another similar problem but with CCS reports. On any CCS generated report that has a search grid and a report grid, the search grid shows up but when I select any criteria and submit - I get an access denied page. Can I try something similar for this?
Gulam
|
|
|
|
gulam
Posts: 55
|
| Posted: 04/29/2012, 12:14 PM |
|
PROBLEM 1
I tried your suggestion but get a 404 error - page not found when the sessioncookie is added to the URL. To test this, try the below on my test site.
http://173.203.59.177/~innovate/
click on test
username: test
password: 12345
try and edit any existing record and you will see the error.
Please advice if you have a solution for this.
PROBLEM 2
I have also written another post with a similar problem but with report generated with CCS, can I use a similar solution for that as well?
To test this, once logged in as above, click on reports and you will see both the search and report grids are displayed but the moment you enter any search criteria you get the access denied page.
Gulam
|
|
|
|
tfertil
Posts: 43
|
| Posted: 04/29/2012, 5:18 PM |
|
gulam
Any redirection that takes place must add the parameters. I think your problem is due to the edit record being in the same form (not your fault!)
So... you must check if the $Redirect string already contains a parameter list (identified by a question mark "?" inside the string). If there ara parameteres, then you can add the line I suggest:
header("Location: " . $Redirect."&sessioncookie=".$sessioncookie."&lang=".$lang);
BUT... if there are no parameters in $Redirect, then you must add the question mark:
header("Location: " . $Redirect."?sessioncookie=".$sessioncookie."&lang=".$lang);
So, in short: (this is pseudo code, not validated PHP):
if ($Redirect contains '?') {
header("Location: " . $Redirect."&sessioncookie=".$sessioncookie."&lang=".$lang);
} else {
header("Location: " . $Redirect."?sessioncookie=".$sessioncookie."&lang=".$lang);
}
As I told you before, this must be implemented in any redirection, so it applies too for reports, search forms, grids, etc.
regards,
|
|
|
|
gulam
Posts: 55
|
| Posted: 04/30/2012, 9:04 AM |
|
Thanks, putting the ? in the redirect seems to do the trick.
Can you tell me what would be the valid PHP code to do that?
Gulam
|
|
|
|
gulam
Posts: 55
|
| Posted: 07/13/2012, 10:51 AM |
|
Hi tfertil,
I am doing another project based on joomla 1.5.26 and CCS 4.3. I am facing a strange issue and thought maybe you can help.
When I assign more than 1 group (e.g administrators and managers) to be allowed to access a CCS program, then only the administrator is allowed, but the manager group is denied access.
Can you advice what could be wrong?
Thanks in advance
Gulam
|
|
|
|
gulam
Posts: 55
|
| Posted: 07/14/2012, 11:56 PM |
|
Resending as I got an "email could not be sent" error while submitting the the below post:
Hi tfertil,
I am doing another project based on joomla 1.5.26 and CCS 4.3. I am facing a strange issue and thought maybe you can help.
When I assign more than 1 group (e.g administrators and managers) to be allowed to access a CCS program, then only the administrator is allowed, but the manager group is denied access.
Can you advice what could be wrong?
Thanks in advance
Gulam
|
|
|
|
gulam
Posts: 55
|
| Posted: 07/27/2012, 12:12 PM |
|
Resending as I got an "email could not be sent" error while submitting the the below post:
Hi tfertil,
I am doing another project based on joomla 1.5.26 and CCS 4.3. I am facing a strange issue and thought maybe you can help.
When I assign more than 1 group (e.g administrators and managers) to be allowed to access a CCS program, then only the administrator is allowed, but the manager group is denied access.
Can you advice what could be wrong?
Thanks in advance
Gulam
|
|
|
|
|
