ACL Support at Category, Sermon, or Series Level

More
04 May 2016 17:55 #6121 by Ryan Bachman
I would be very interested in having ACL support at the category, sermon, or series level. While most sermons we are totally fine with having publicly accessible, there are a few reasons that we might want to have restricted access based on user logins. For example, if we have a speaker from a sensitive country or if copyrighted concerns come into play.

This component has been great! Thank you to the developer(s) for all your hard work!

Please Log in or Create an account to join the conversation.

More
04 May 2016 18:03 #6122 by Thomas Hunziker
ACL is supported at category level. I have no plans for adding it to sermon and series (item) level.
I think you should be able to achieve what you need with a (restricted) subcategory.

Please Log in or Create an account to join the conversation.

More
04 May 2016 18:45 #6123 by Ryan Bachman
Thank you for the fast reply! I somehow missed that it is available on the category level; however, I probably should have been more specific. It appears that the ACL support for categories is restricted to create, delete, and edit. What I really was asking for was the ability to restrict viewing sermons via ACL. Is it possible to prevent someone from listening to or downloading within a particular category?

Please Log in or Create an account to join the conversation.

More
04 May 2016 19:34 #6124 by Thomas Hunziker
Yes, based on categories as well. That is what the access level (eg public, registered, special) is for. Just set a different access level for your restricted category and the sermons, series and speakers assigned to that category will inherit the restriction.
However keep in mind that the actual files are stored on the server and anyone who can guess the name of the file can listen to it. There is no access control there since it's handled by Apache itself without Joomla or SermonSpeaker being involved.

Please Log in or Create an account to join the conversation.

More
04 May 2016 22:37 #6125 by Ryan Bachman
Oops... I was only looking under the Permissions tab, so I completely missed the 'Access' option. Sorry about that! That's great.

I understand that the actual files are still accessible, but that actually leads me to a different feature request. We have another component that uses an .htaccess file to restrict access to the contents of the folder. The component is still able to access the files stored within that folder, and it controls this access levels. How difficult would it be to add this type of functionality to SermonSpeaker?

Please Log in or Create an account to join the conversation.

More
04 May 2016 23:47 #6126 by Thomas Hunziker
If you want to use an audio/video player on your site, you can't protect the folder with a .htaccess file. The browser needs access to those files to download and play it.
You could in theory proxy them through a PHP script which reads the files and serves it to the browser, but it's a very ressource intensive action. Especially if it comes to videos it would likely blow up your server, especially if it's a shared hosting. That's why I never did it. Plus SermonSpeaker isn't really meant to secure files. If you need that, you're better served with one of the file management extensions. They will be safe (but don't offer players and the like).

Please Log in or Create an account to join the conversation.

Time to create page: 0.192 seconds
Powered by Kunena Forum