Access Control List (ACL)
One of the great features of Joomla! is the built-in Access Control List (ACL) that gives you the ability to control exactly what the user can see and do on your site.
There are four levels of permissions which apply to frontend and backend:
- Global permissions
- Component permissions
- Category permissions
- Article permissions
These permissions flow down, so if you deny something in the global permissions, then it will also be denied in the component permissions, category permissions, and article permissions.
Just remember, deny always wins. For example, if you specifically allow delete permission on a category, but have denied delete permission in the component permissions, then the allow will be overruled by the deny in the higher ...