Security, Access and Permissions
nant
see some answers ...
cgc0202 wrote:
Part A:
I "bought" (well I had to pay $20 to be able to login and download) the Community Builder because I read about it before, and some members of one group that I am helping wanted a more secure "registration" process, and a more careful access and permissions privileges in relation to the contents.
Thank you for supporting this effort. You did not pay $20 to login and download CB. You paid this amount to have access to the detailed documentation, the PMS integration documentation and the CB Captcha 2.0 plugin. CB component, CB login module, CB workflow module, CB online module, CB profilebook plugin, CB gallery plugin, and many more scripts are free for download.
The main Joomla team does not seem to consider the aformentioned issues as important. Joomla has one of the most primitive "permissions" process I have ever seen -- starting from the registration.
Agree ACL is still lacking in Joomla.
That is one feature that is partly addressed by CB1.1 through the option allowing Admin approval and the captcha.
CB does not address ACL. It does not extend existing ACL groups (e.g. registered, author, editor, etc). JACL from byostech does this by altering core Joomla files.
More detailed information during the registration
While CB1.1 provided some fix, the information requested -- name, username, valid email address -- was not enough to really know anything about the person. So, what then would be the basis for approval of the registration by the Admin, if the latter does not know the registrant?
CB does allow you to ask for and capture additional information during registration. This additional information may also be sent to moderators via email for them to review during the approval process. You went through a pretty tedious registration process on this site - all of this is standard CB functionality that you can recreate on other sites.
Its in the documentation that you have subscribed to - did you miss it?
For many commercial websites that would want as many registered users as possible, that is not an issue. However, for many websites, especially those one-person operations, the information requested by the CB1.1 is almost virtually useless -- except of course that you have eliminated the bots, intruders, etc. (and that is good).
Clearly, there is a need to get more pertinent information from the registrants.
Once again, sounds like you have not read the documentation or you have not even seen the CB backend fields management section and tab management section.
I was given these links by someone else who is a webpage developer:
joomlaequipment.com/content/view/48/79/
www.byostech.com/
The first link gives you features that are most likely already in CB (and for free). You need to decide what information you want to capture. Organize this information in CB fields and tabs and decide if you want to capture this during registration process or afterwards in profile.
The second link extends Joomla ACL functionality.
I browsed at the links briefly and tested their demo pages, and some of them would be helpful. It is clear however that these softwares are more geared for sites that gather and mine information about their registered users.
I like the ability to expand the information, in a more flexible way, requested of the registrants. And, for $28, that was not so bad.
Maybe we should start charging $28 also
It is imperative also that the information provided by the registrant in the "Additional Information" window be included in the email sent to the Admin.
Right now, if I do not have that option to have the information included in the registration form, I have to ask the registrant to send me a separate email.
You mean this $28 system does not do this?
Well, CB does and its free. You should start experimenting with the CB backend options. Or if you don't have time to experiment you can subscribe (as you did) and download the detailed documentation (did you download?). At this point you must read it - can't help you there.
A very cumbersome procedure.
To a trained programmer, the script needed actually is very simple to include the aformentioned suggestions, in the registration module, and in the correspondence scripts.
So, I hope someone would provide the interim scripts, that once improved would be integrated in the succeeding upgrades of CB
Thanks.
Cornelio
*********************
Below is the note I included in the registration module for our family website (obviously. the note will be tailored for the other sites I am developing). I should point out that I would prefer a box for the registrant to provide the information, rather than the survey forms (although some of the information would be OK to be included in a survey format for easier reading and evaluation.
However, by allowing the registrant to have more independence in stating what additional information should be provided would be critical for me whether I will approve a registration or not.
By the way, can I use simple html to layout the note below?
*********************
Please Note: Your registration will not be approved unless you provide the information requested below, especially if the Host does not know you personally. Please be sure to send an email to Cornelio, the "Host of Pamana: A Family Album". Introduce who you are, share a bit about yourself -- where you are now, what you are doing, why you are interested to participate in this webpage and any other information that you wanted to share. If you know a member of the family, please include in your email message the name, current address, email address, and most recent phone number. Please write to the person also to vouch for you. If you have any website or some other internet site that will help us know more about you, please share the information too. [MySpace, and all those commercial sites that require the webmaster to register before the contents may be viewed are not acceptable.]
All of this is doable in CB - you already have it.
YOU MUST INVEST to learn - everything is there.
Post edited by: nant, at: 2008/01/18 07:42
--
Nick (nant)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Tutorials + Search the forums
For more add-ons and support: Upgrade your membership
Links: Community Builder - Languages - Adv/Pro/Dev membership - CBSubs Paid Subscriptions - GPL Templates - Hosting
Visit my CB Profile - Send me a Private Message (PM)
Please Log in to join the conversation.
