Joomla permission settings are used to set control levels for different user groups in your site. Using permission settings will enable you to give certain user groups the ability to do things like add content to your site, but it won t give them access to the entire site. Permissions are given to user groups, not to individual users. This means that a user must be a member of a user group with administrative permissions to be able to change things on your site. This article explains the different types of permission settings and how to adjust the permission setting for different user groups.
Global permission levels affect your entire site; they form the base that permission levels for individual components are built on. To set the global permissions, Log into the administration Area (the back end) of your site, and go Global Configuration.
Once in the Global Configuration area, select the "Permissions" tab and you'll see a list of all your different user groups. All user groups have the same global permission levels that are detailed below.
Expand a user group to select new permission settings.
Each permission level enables users to do different things from the front end or the back end of your site:
Site Login determines whether or not the user can log in to the front end of your site.
Admin Login determines whether or not the user can log in to the back end of your site.
Offline Access allows or denies the user the ability to log in and view the front end of your site when your site is in Offline Mode.
Super Admin gives the user group full access to change every aspect of your site, regardless of any other permissions that are set. This effectively gives members of the group the same administrative abilities that they would have if they were in the "Super Users" group.
Access Administration Interface gives the user the ability to access the entire administration interface in the back end of your site except for the Global Configuration area. With this permission, the user can only view all of the parts of the interface. To be able to create or edit content, or to be able to change settings, the user needs to be granted those permissions.
Create controls whether or not a user is allowed to create an item in a component that the user has access to. For instance, if a user has access to the Article Manager, that user would need to have the create permission to be able to create new articles.
Delete enables users to delete any content from the components to which they have access.
Edit gives the user the ability to edit any content in the components that they have access to, regardless of who created the content.
Edit State determines whether or not the user can edit the state of the content in the components to which they have access. The state of content determines whether or not the content shows up on your site. For most content, the possible states are "Published", "Unpublished", and "Trashed".
Edit Own is similar to the "Edit" permission, except it only gives the user the ability to edit the content that he or she has made.
To allow or deny any permission level for any user group, use the "Select New Setting" drop down menu that is next to that permission level within each user group. "Allowed" means that the user is permitted to perform the functions for that permissions level. "Denied" restricts that user from performing those functions. "Not Set" is virtually the same as "Denied" - the user group will not have those permissions. Be sure to save your work.
In addition to global permissions, each manager and component that comes with Joomla has its own set of permissions that can be changed. This means, for example, that you can enable a user group to create, edit, and delete articles, but this same user group may only be able to edit existing modules. The permissions for each manager or component can be changed by clicking the "Options" button in the toolbar within that manager or component.
Once inside the manager/components "Options" area, go to the "Permissions" tab. This article illustrates how to access this area within the Article Manager, but the process is similar with each manager or component.
There are three settings to choose from for each permission level. "Inherited" is explained in the Permissions Inheritance article. "Allowed" means that the permission will be granted to that group. "Denied" means that the permission will not be granted to that group.
Each manager & component-specific permission level enables users to do different things from the front end or the back end of your site:
Configure controls whether or not the user will be able to access and change the options for the manager or component.
Access Administration Interface enables users to access the manager or component from the back end of your site if they have the ability to log in to the back end.
Create, Delete, Edit, Edit State, & Edit Own function the same as they do in the Global Permissions, except they apply only to the specific manager or component in which you are working. Changing any of these permissions in the manager or component will override the settings within the global permissions.
Permissions can be set to one of three settings: "Inherited", "Allowed", or "Denied". The "Inherited" setting is explained in more detail in the Permissions Inheritance article. "Allowed" means that the permission will be granted to that group, and "Denied" means that the permission will not be granted to that group.
For even more control over a users’ ability to create, edit, publish, and delete articles, you can also assign permissions to individual article categories. You can potential enable a user to create and edit articles in one category, but not have the ability in another category. The permissions that can be assigned to categories are "Create", "Delete", "Edit", "Edit State", and "Edit Own". They function the same way that they do for the Article Manager itself, except they apply to individual categories.
To assign permissions to a category, go to the Category Manager in the administration area (the back end) of your site.
Open a category and scroll down the "Category Permission" settings.
You can grant permission to this category for your various user groups.
Similarly, site administrators can enable users to access individual articles. Go to the Article Manager.
Open an article, and scroll down to the "Article Permission" settings. You can grant permission to this article for your various user groups.