News:

You may pay someone to create your store, or you visit our seminar and become a professional yourself with the silver certification

Main Menu

Giving limited backend access to employees

Started by EvanGR, July 09, 2019, 13:21:08 PM

Previous topic - Next topic

EvanGR

Hello,

We want to give limited VM backend access to a new employee.

Besides restricting access to certain functions, we also want to hide information, such as the number of sales, profits, and any other sensitive/financial information.

What are the possibilities? Can we create a tweaked backend template just for certain users?

Thanks

Studio 42

You can do an overide in your template and remove all admin template except the default admin template(isis)
Then you check for user group or level
The data are get using this code :
$user   = JFactory::getUser();
$superUser = $user->get('isRoot');// is a super user
$user->getAuthorisedGroups();//give all groups
$user->getAuthorisedViewLevels();//give access levels

or
$groups = JAccess::getGroupsByUser($user->id);//give all groups
$levels = JAccess::getAuthorisedViewLevels($user->id);//give access levels

EvanGR

Thanks Studio42.

And then I can selectively hide parts of the Virtuemart backend, for that specific user (who will be an Administrator too I suppose).

Correct?

Studio 42

#3
Correct ;) (using the user->id)
But better use another group or acces level, so you can disable access to other things too

EvanGR

I need a little more assistance on this.

What is the recommended way to add a new store employee account, and set the permissions? (= easiest way, minimum amount of configuration required)

- What kind of Joomla user? Do I make them a super user? Editor? Something else?

(Initially it's 1 new employee, but there may be more with the same permissions.)

- How do I get the current user group id? (or even better, the group title)
I prefer to filter by stuff by group id, instead of user id, to be able to handle more employees in the future.

Thanks

Studio 42

The best is too inherit it from register user group, so you add only needed rights or use the manager group perhaps and add some right if you dont want modify all permissions.