ACL Rules

What are Access Control Rules

ACL stands for Access control Rules. It refers to who has permission to do what. ACL rules restrict user's ability to perform certain tasks.These rules are applied to all users of that particular ProfileType for which the rule is defined.

Example

1. Suppose you want, student profiletype's users cannot access event or Join Group created by teacher then you can restrict them by applying ACL rule.
2. As an admin, you may wish to provide more features to a paid member and less features to free members. So in such a case you should write few Access Control Rules (referred as ACL rules) for Free members.

Creating  Rule

To create ACL rules Go To : Components -» JSPT -» Access Control

1. Rule Name: A name to identify rule name, it is not shown to the end user. It's for your reference only.
2. Published: Only published rule will be enforced on users.
3. Resource Accessor: This information decide on users of which profiletype this rule will be applied.
4. Resource Owner: If a user wants to apply a rule between two profiletypes then this will be the profiletype which is applying this rule. e.g. Sending a message, you can restrict free members to send message to premium members. So, in this case premium members will be the resource owner.
5. Applicable to Friend Also: If you don't want to apply this rule to your friends those belongs to the same profiltype which you have selected in the Resource Accessor field, set it to No.
   
6. Control the Feature: You can select predefined rules which you want to apply on users.
7. Feature Limit: This is the magic number related to the feature control.  If you want to disallow some user to use that feature you should assign 0 here, else you can write here how much he can use the feature. e.g. If you write 10 for Add Groups Rules, then user will be allowed to create only 10 groups.
8. Message: This message will be displayed when user is trying to use restricted feature.
9. Force Redirection during Ajax Request: If set yes, then after displaying pop-up message, user will be redirected to the URL mentioned in the Redirect URL field. And if set to no then will redirected to itself. This field is applicable to only those ACL rules which uses AJAX.
   
10. Redirect URL: If user tries to access the restricted feature, then user will be redirected to the URL mentioned in this field.

Supported Rules

1. Event: Can not Access Event, Can not Create Events, Can not Delete Events, Can not Join Event, Can Access Event Category.
   
2. Groups: Can not Access Group, Can not Join Group, Can not Create Group, Can not Delete Group, Can not Leave Group, Can Access Group Category, Can not Create Bulletin, Can not Create Discussion, Can not Send Email to group members, Can not Invite Friends.
   
3. Albums: Can not Add Albums
4. Videos: Can not Add Videos, Can not Access Videos, Can Access Video Category
5. Profile Videos: Can not Access Profile Video, Can not Add Profile Video, Can not Delete Profile Video
6. Application: Can not Add Application
7. Friend: Can not add Friends
8. Photos: Can not add Photos, Can not Access Photos
9. Profile: Can not View Other's Profile, Can not Edit Self Profile, Can not Edit Self Profile Details, Change Status Messages, Can not view Other's ProfileFields, Can not Delete Profile
   
10. Avatar: Can not Change Avatar, Force to Upload Avatar
11. Privacy: Can not Change Privacy
12. Others: Redirect to AEC or Custom URL, Redirect to AEC URL, Can not Send Message, Can not Read Message
13. LikeDislike: Can not Like Dislike Photos, Can not Like Dislike Videos, Can not Like Dislike Profile, Can not Like Dislike Group, Can not Like Dislike Event

Note: Currently we support 44 varied rules. More can be added as per your suggestions.