MokoConsulting/MokoSuiteCross
1
0
Fork 0
Code Issues 44 Pull Requests Releases 2 Wiki Activity

Access control: add access.xml for component ACL permissions #136

New Issue
Closed
opened 2026-06-21 15:52:35 +00:00 by jmiller · 0 comments
jmiller commented 2026-06-21 15:52:35 +00:00
Owner
Copy Link
Copy Source

Summary

The component has no access.xml file defining Joomla ACL permissions. The old com_mokojoomcross/access.xml was deleted during the rename but not recreated as com_mokosuitecross/access.xml.

Without access.xml, the component relies on core Joomla permissions only and cannot define component-specific actions like "manage services", "manage templates", "dispatch posts", etc.

Proposed permissions

<?xml version="1.0" encoding="UTF-8"?>
<access component="com_mokosuitecross">
    <section name="component">
        <action name="core.admin" title="JACTION_ADMIN" />
        <action name="core.manage" title="JACTION_MANAGE" />
        <action name="core.create" title="JACTION_CREATE" />
        <action name="core.delete" title="JACTION_DELETE" />
        <action name="core.edit" title="JACTION_EDIT" />
        <action name="core.edit.state" title="JACTION_EDITSTATE" />
        <action name="mokosuitecross.dispatch" title="COM_MOKOSUITECROSS_ACTION_DISPATCH" />
    </section>
</access>

Files

  • Create: source/packages/com_mokosuitecross/access.xml
  • Update: source/packages/com_mokosuitecross/mokosuitecross.xml — ensure <administration> section references access.xml
  • Add language strings for custom actions

Acceptance Criteria

  • access.xml exists with standard + custom actions
  • Component manifest references the access file
  • Permissions tab appears in component Options
  • Controllers check appropriate permissions
## Summary The component has no `access.xml` file defining Joomla ACL permissions. The old `com_mokojoomcross/access.xml` was deleted during the rename but not recreated as `com_mokosuitecross/access.xml`. Without `access.xml`, the component relies on core Joomla permissions only and cannot define component-specific actions like "manage services", "manage templates", "dispatch posts", etc. ## Proposed permissions ```xml <?xml version="1.0" encoding="UTF-8"?> <access component="com_mokosuitecross"> <section name="component"> <action name="core.admin" title="JACTION_ADMIN" /> <action name="core.manage" title="JACTION_MANAGE" /> <action name="core.create" title="JACTION_CREATE" /> <action name="core.delete" title="JACTION_DELETE" /> <action name="core.edit" title="JACTION_EDIT" /> <action name="core.edit.state" title="JACTION_EDITSTATE" /> <action name="mokosuitecross.dispatch" title="COM_MOKOSUITECROSS_ACTION_DISPATCH" /> </section> </access> ``` ## Files - Create: `source/packages/com_mokosuitecross/access.xml` - Update: `source/packages/com_mokosuitecross/mokosuitecross.xml` — ensure `<administration>` section references `access.xml` - Add language strings for custom actions ## Acceptance Criteria - [ ] `access.xml` exists with standard + custom actions - [ ] Component manifest references the access file - [ ] Permissions tab appears in component Options - [ ] Controllers check appropriate permissions
Sign in to join this conversation.
Labels
No items
No labels
Priority Medium
Type Feature
Milestone
No items
No Milestone
Assignees
Clear assignees
jmiller (Jonathan Miller)
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: MokoConsulting/MokoSuiteCross#136
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?