2

Permissions

Jonathan Miller edited this page 2026-06-27 19:54:36 +00:00

Contents

Table of Contents

• Permissions
• Permission Actions
• Default Configuration
• Recommended Setup
• Dispatcher Role
• Fleet Manager Role
• Administrator Role
• API Permissions
• Zone-Level Permissions

Permissions

MokoSuiteTaxi uses Joomla's ACL system for access control, defined in access.xml.

Permission Actions

Action	Description
core.admin	Configure component options
core.manage	Access the component backend
core.create	Create new records
core.delete	Delete records
core.edit	Edit existing records
core.edit.state	Change record status
core.edit.own	Edit own records only

Default Configuration

By default, the component inherits permissions from the global Joomla configuration. Administrators have full access.

Recommended Setup

Dispatcher Role

A dispatcher manages day-to-day ride operations:

• core.manage: Allow
• core.edit.state: Allow (to update ride/dispatch status)
• core.create: Allow (to create rides manually)
• core.edit: Deny (prevent modifying fares/zones)

Fleet Manager Role

A fleet manager handles vehicles and drivers:

• core.manage: Allow
• core.create: Allow
• core.edit: Allow
• core.delete: Deny (preserve audit trail)

Administrator Role

Full access including:

• core.admin: Allow (configure component options)
• All other actions: Allow

API Permissions

API access respects the same ACL rules. A token authenticates as a specific Joomla user, and that user's group permissions determine what API operations are allowed.

Zone-Level Permissions

Future enhancement: per-zone permissions to allow different dispatchers to manage different geographic areas.

Pages

• API-Reference
• Configuration
• Database-Schema
• Dispatch-Engine
• Driver-Management
• Fare-System
• Fare-Zones
• Fleet-Management
• Home
• Installation
• Permissions
• Ride-Lifecycle
• Ride-Management