ACLs
Last updated May 16th, 2019 | Page history | Improve this page | Report an issue
Support the team building MODX with a monthly donation.
The budget raised through OpenCollective is transparent, including payouts, and any contributor can apply to be paid for their work on MODX.
Backers
Budget
$306 per month—let's make that $500!
Learn moreWhat is an ACL (Access Control List)?¶
An ACL, or Access Control List, is a set of Permissions attached to an object. More information on ACLs can be found here in Wikipedia.
Usage¶
In MODX, ACLs can be applied to any modAccessibleObject. Primarily MODX Revolution 2.0 allows for ACLs on Resources and Contexts.
Context ACL¶
A Context ACL is referenced of 4 parts:
- A Context
- A User Group
- A Minimum Role
- An Access Policy
This means that one can assign a ACL to a Context that will apply to:
- All the Users in a User Group
- ...with at least the Minimum Role specified
- ...that will give the Users all the Permissions in the Access Policy assigned.
Resource ACL¶
Resource ACLs behave a bit differently, and basically allow you to restrict access to Resources (such as Documents, Weblinks, etc) by Resource Groups. They are comprised of 5 Parts:
- A Resource Group
- A User Group
- A Minimum Role
- An Access Policy
- A Context
This means that an ACL applied to a Resource Group will:
- Effect all the Users in the specified User Group
- ... with at least the Minimum Role specified
- ... give the Resource Permissions (save, load, delete, etc) in the Policy specified
- ... to all the Resources in the Resource Group
See Also¶
- Users
- User Groups
- Resource Groups
- Roles
- Policies
- Security Tutorials
- Hardening MODX Revolution
- Troubleshooting Security
Support the team building MODX with a monthly donation.
The budget raised through OpenCollective is transparent, including payouts, and any contributor can apply to be paid for their work on MODX.
Backers
Budget
$306 per month—let's make that $500!
Learn more