Search code examples
joomlajoomla1.5user-accountsadministrator

Joomla - Determining whether logged-in user is an Admin

I am having tons of fun working on a big project that was, for reasons hard to justify, based on Joomla! (which I don't mean to criticise, Joomla! is great, just not for the task I am faced with currently) and when I googled for a way of determining whether the currently logged-in user is an Admin, I found a post that quite boldly recommends using the following code:

$user =& JFactory::getUser();
if($user->usertype == "Super Administrator" || $user->usertype == "Administrator"){ ... }

To me, this looks like a rather strange way of checking for Admin users. I would appreciate a $user->isAdmin() method to do this rather than a couple of hard-coded strings.

I fail to find a more elegant solution to checking for admin users within the Joomla! framework. Can anyone help?

Solution

  • Actually, as the Access levels are hard coded into the database in Joomla! 1.5, the only way this string comparison could fail is when someone deliberately hacked new groups into it. Strings can be changed in the .ini-Files (so that non-english installations still use the english words in the database - this is not true for other tables like the names of plugins or components.)

    You could get the group id via JFactory::getACL(), and then $acl->getGroupsByUser($userid, false) (see docs), but assuming that a greater id means greater privileges as well, seems a bit hacky, too (though true for a standard installation).

    Other than that, you could take over a Joomla! capability: define more explicitly, what a "admin user" is: someone who can install new software? who can change the system's configuration? Just make a reasonable assumption, something related to what you want him to do as a admin user, use it in a authorize()-Call (see docs), and maybe document it in your interface.

    The only clean solution (that I know of) would be to define new entries for the ACL-authorize-lookuptable (currently implemented in php only, not SQL). This is the only way to ensure that it will be Joomla! 1.6-proof, where custom user groups will be possible (and so the admin user can choose to give this authorization to a user group or not). For example:

    $acl =& JFactory::getACL();
$acl->addACL('{com_nameOfExtension}', '{action}', 'users', 'super administrator');
$acl->addACL('{com_nameOfExtension}', '{action}', 'users', 'administrator');

    And there we have them again, hard-coded groupnames. Well.