Hi,
I am attempting to lock down the back end so a group only has access to the Users area of VirtueMart.
I have Allow All Access set in configuration, and all the module patches are installed.
I created a group and set access to forbid all Components except VirtueMart. I created a role and function, but did not set anything in those.
But when I logged in as a member of the restricted group it shows an error when I go to VirtueMart.
Error: You do not have permission to access the requested module.
I did not create any module settings, and I don't see the back end modules anywhere to be selected. Is there something else I have to do, to allow it to show the control panel or Summary page in VirtueMart?
Is this the proper way to use this ACL?
The thing about VirtueMart is it's URLs are backward from your documentation examples and puts the option=com_virtuemart at the end of the string. Does this make any difference?
It's URLs are like this:
index.php?pshop_mode=admin&page=product.product_list&option=com_virtuemart
If and when I understand how to get this group to be able to access Virtuemart, then I want to see if I can have more granular control over access to specific parts of Virtuemart.
Is it possible to only allow access to the Users area of VirtueMart?
I was hoping to use the Functions custom actions to forbid the restricted groups access to all the other areas of VirtueMart.
So, if I want to forbid:
index.php?pshop_mode=admin&page=product.product_list&option=com_virtuemart
Would I need to add both key pairs in my function line item or can I use just the unique pair: page=product.product_list
Thank you,
Eric