English (United Kingdom)
Jms Multi Site, formerly joomla multisite.
Create, share multiple joomla sites in few clicks !
Message
  • EU e-Privacy Directive

    This website uses cookies to manage authentication, navigation, and other functions. By using our website, you agree that we can place these types of cookies on your device.

    View e-Privacy Directive Documents

Welcome, Guest
Please Login or Register.    Lost Password?
Go to bottomPage: 12
TOPIC: Slave Site and User Sharing Security
#3370
Slave Site and User Sharing Security 14 Years, 10 Months ago Karma: 0
I just have a slightly problem to understand something, when you share the users of the master site.

Just assume you have prepared a template to create new slave sites from the front end and you are sharing the users with the master site within this template.

Now the problem appears, if you grant access to the backend of the slave site, the site admin of the slave site must be defined as a site administrator, but as you are sharing the user table you know have a new site admin within the master site, which is also able to login as a site admin to the master site.

And you also have full access to any of the users of the master site.

Is this right?
Zappu
Junior Boarder
Posts: 25
graphgraph
User Offline Click here to see the profile of this user
Gender: Male Joomla Media Design
The administrator has disabled public write access.
 
#3374
Re: Slave Site and User Sharing Security 14 Years, 10 Months ago Karma: 54
YES.
When you share the users, they have the same privileges in all the website where the users are shared.

There are no "record" level restriction.
So a super admin in a website is also the super admin of all the websites that are shared.
edwin2win
Moderator
Posts: 5370
graph
User Offline Click here to see the profile of this user
The administrator has disabled public write access.
 
#3407
Re: Slave Site and User Sharing Security 14 Years, 10 Months ago Karma: 0
Ok, but wouldn't it be a good idea to think about that? Probably it's worth to think about to ad the site id to the user record, so the admin with this explicit site id can onyl touch the administration of the site and can see the users which are signed on with his/her site id?

That would be great I think
Zappu
Junior Boarder
Posts: 25
graphgraph
User Offline Click here to see the profile of this user
Gender: Male Joomla Media Design
The administrator has disabled public write access.
 
#3409
Re: Slave Site and User Sharing Security 14 Years, 10 Months ago Karma: 54
We think to this problem for july 2008 and we have tried several possibilties before to found this method of sharing without having to rewrite everything.

We know that several person would like to have a partial sharing and control each individual records in the DB but this can become very complex to guarantee the integrety of the content.
edwin2win
Moderator
Posts: 5370
graph
User Offline Click here to see the profile of this user
Last Edit: 2010/02/24 00:28 By edwin2win.
The administrator has disabled public write access.
 
#3422
Re: Slave Site and User Sharing Security 14 Years, 10 Months ago Karma: 0
I think this seems to be a solution (even you have to pay for it) to get around this problem. I think I will buy it within the next days to give it a test

www.corephp.com/community-acl/community-acl-for-joomla-1.5.html
Zappu
Junior Boarder
Posts: 25
graphgraph
User Offline Click here to see the profile of this user
Gender: Male Joomla Media Design
The administrator has disabled public write access.
 
#3429
Re: Slave Site and User Sharing Security 14 Years, 10 Months ago Karma: 54
This extension consists in replicating and syncrhonizing the users between different website.
They do not share them but syncrhonize them.

This extension is already defined in JMS.
There is a limitation when using Community ACL.
You can not use "JomSocial" as they use the same MySQL table parttern #__community
If you are using both, this may have side effect when you decide the share JomSocial.

Use Community_ACL and also the user sharing may have unpredictable result.
This may result by trying to synchronise users that are already share by MySQL.
edwin2win
Moderator
Posts: 5370
graph
User Offline Click here to see the profile of this user
Last Edit: 2010/02/25 21:53 By edwin2win.
The administrator has disabled public write access.
 
Go to topPage: 12
get the latest posts directly to your desktop
2Win, Multisite(s) are trademarks of Edwin2Win.
Joomla