245
CHAPTER
Working with the
User Manager
IN THIS CHAPTER
Introducing the User Manager
Understanding the Joomla!
user hierarchy
Adding users to the system
Managing users
Creating user registration
Controlling access to content
and functionalities
E
ffective command of user privileges and access controls is essential to
the creation of a successful web site. Users are the lifeblood of any site
and proper user management is needed to both inspire repeat visitors
and to protect the integrity of the site. Joomla! provides several tools that
enable user privileges and access; the most important of these tool is the
User Manager.
In this chapter, I take a detailed look at the Joomla! User Manager and how it
is used to create and manage the registered users on your Web site. I also
examine the connection between the various Joomla! User Groups and the
Access Level controls that are associated with the site’s many content items,
components, modules, and plugins.
Introducing the User Manager
The User Manager handles the creation and management of all registered
users in the Joomla! system. The User Manager is located inside the Joomla!
admin system. After you have logged in to the admin system, you can access
the User Manager in two ways: either by clicking on the User Manager icon
on the Control Panel or by selecting the User Manager option from the Site

menu. Figure 10.1 shows the default User Manager in Joomla! 1.5.x.
Part II: Working with Content and Users
246
FIGURE 10.1
The Joomla! 1.5.x User Manager interface, showing the default administrator account (logged in) and one
front-end user (not logged in).
The toolbar at the top of the User Manager provides quick access to the following functions:
l
Logout: Select one or more users from the list and then click this icon to manually log the
users out of the system.
l
Delete: Select one or more users from the list and then click this icon to delete the user
account(s).
l
Edit: Select a user from the list and then click this icon to edit the user’s account details.
l
New: Click to create a new user account.
l
Help: Click to access the online Help files related to the active screen.
Three sorting and searching tools to help you manage long lists of users are below the toolbar.
They are:
l
The Filter field on the left works like a search box for the User Manager. Type a word or
phrase into the field and then click Go. The page reloads and displays the results of the
search. To clear the screen and return to a full listing, click the Reset button.
Chapter 10: Working with the User Manager
247
l
The Select Group filter on the right side allows you to display only those users that have
been assigned to a specific group. Note that the combo box lists all of the user groups pro-

vided by Joomla!, regardless of whether any users are assigned to those groups. In other
words, you can filter by a group that has no members, in which case the system will
return no results. To reset this filter, change the combo box back to the default setting.
l
The Select Log Status filter on the far right allows you to filter and display the users
according to whether they are presently logged in to the system. This provides an easy
way to identify all users that are currently active on the site. To reset this filter, change the
combo box back to the default setting.
The main content area of the screen contains a list of all the registered users in your Joomla! site.
The columns provided are:
l
# : An indexing number assigned by Joomla! This number cannot be changed.
l
Checkbox (no label): Click in a checkbox to select a user account; this is needed if you
want to use several of the toolbar options.
l
Name: This field displays the full name of the user. Click on the name to edit the user’s
details.
l
Username: The name displayed in this field is the username needed for login.
l
Logged In: A checkmark in this column indicates that the user is currently logged in to
the system. This field is blank if the user is not logged in.
l
Enabled: A green checkmark in this column indicates that the account is active. The field
shows a red X when the user account is disabled. A user account may be disabled for one
of two reasons: Either the user has been blocked by an administrator, or the user has
failed to confirm and activate a new account. Administrators can toggle between the two
settings by clicking on the icon shown.
l

Group: The group to which the user is assigned.
l
Email: The e-mail address associated with this user account. Click the address to send the
user an e-mail.
l
Last Visit: This column displays the date and time the user last logged in to the site.
l
ID: The system-generated user ID number.
Finally, at the bottom of the screen, below the content area, is the Display # option. Change the value
in the combo box control to alter the number of users that are displayed on the page. The default
value can be altered by changing the List Length option on the Global Configuration Manager.
Cross-Reference
See Chapter 4 to find out more about the Global Configuration Manager.
Joomla! 1.6
Significant changes to the User Manager functionality in Joomla! 1.6 have been planned, however at the time
of writing this chapter the final version of Joomla! 1.6 was not yet available for review.
Part II: Working with Content and Users
248
Understanding the Joomla! User Hierarchy
The Joomla! 1.5.x system provides a fixed user hierarchy consisting of seven different levels. User
access levels are called groups in Joomla! The seven groups are divided between users with only
front-end access, and those with access to both the front end and the back end of the site. Each
group has different privileges in the system. Higher-level groups always include all the privileges of
lower-level groups as shown in Figure 10.2
One of the unfortunate limitations of the Joomla! 1.5.x system is a lack of flexibility in relation to
users access levels. User Group privileges are fixed and cannot be modified. Moreover, you cannot
create new groups, or assign to individual users privileges that are inconsistent with the group to
which they belong. If you have a compelling need for greater flexibility in your user access levels,
you must install a third-party extension to enhance the default system.
FIGURE 10.2

The Hierarchy of User Privileges.
Chapter 10: Working with the User Manager
249
Classifying public front-end users
Four different groups are classified as public front-end users. The groups are named Registered,
Author, Editor, and Publisher. The users assigned to these groups have a limited access to only the
front end of the site. Although they can log in to the front end and perform tasks, they do not have
the ability to log into the back end of the site. This limited form of access is useful both for provid-
ing control to content and for setting up a workflow that allows users to add content to the site.
Registered
Registered users are the most basic and the most limited access group. A user in this group can
view pages and menus where the access level has been set to either Public or Registered. This user
group has no ability to add or edit content items. Typically this user group is concerned with
access to content, not with administration privileges. This group allows you to recognize and dis-
tinguish certain users from general public viewers of the web site and to allow your Registered site
visitors to see more items and do more things than a general public visitor.
Author
The Author group is one step up the hierarchy from a Registered visitor. Authors cannot only
access restricted content items and menus, but can also access pages and menus where the access
level has been set to Special. The most important privilege that users in this group enjoy is the abil-
ity to add content to pages from the front end.
The Author group is typically used by administrators to create a front-end content management
workflow. An Author can add content to pages and edit content they have created. Authors can-
not, however, edit the pages of other users. Additionally, Authors cannot schedule or publish
content items and they cannot create content structures, such as sections or categories. As such,
this group is typically part of a larger work flow process that includes other user groups that
complete the publication cycle. In the default configuration, members of the Author group are
also able to submit web links from the front end of the site, though this can be modified by the
site administrator.
Editor

Users assigned to the Editor group enjoy the same privileges as authors, plus the ability to edit the
content items created by other users. Editors are part of a front-end content management work-
flow, but because they are unable to schedule or publish pages, Editors are normally part of a
larger schema involving other user groups.
Publisher
The Publisher group is the highest level of public front-end users. Publishers enjoy the same privi-
leges as Editors, plus they can create pages, edit the pages of other users, and schedule and publish
pages.
Part II: Working with Content and Users
250
Classifying public back-end users
Three groups are classified as Public back-end users: Manager, Administrator, and Super Adminis-
trator. Users assigned to these groups are able to log in to the back-end administration system of
your site; accordingly, care should be taken to only grant this level of access to trusted users.
Manager
In terms of privileges, Managers are more concerned with content management than with system
administration. Users assigned to the Managers group enjoy rights very similar to those of
Publishers, but with the added ability to create content structures, such as sections and categories
and the ability to work with the site’s menus. Unlike Publishers, Managers are able to use the
admin interface to edit and otherwise manage pages. Because the admin interface is typically more
user-friendly for editing pages than the front end, the ability to access the back end is a consider-
able advantage.
Administrator
The Administrator group has significant system administration privileges. Users in this group enjoy
all the rights of a Manager, plus the ability to work with the site’s users, modules, and components.
Super Administrator
The Super Administrator Group is the Joomla! equivalent of a Super User. This user group is the
most powerful in the system, with no limits on the user’s ability to perform tasks with the system.
Key privileges, such as access to the Global Configuration Manager and the ability take the site
offline make this group suitable for only the most trusted users. As a general rule, you can restrict

membership to this group to the fewest number of persons possible.
Tip
A Super Administrator account cannot be directly deleted, but it can be downgraded to a lower level group
and then deleted.
Adding Users to the System
You can add an unlimited number of users to your system. You can create new users in one of two
ways: by a site administrator via the User Manager, or by the users themselves via the front-end
user registration process.
In this section, we discuss adding users through the admin system, because this way is the most
common and the most powerful approach to user creation. Note that if you want to create a user
account with more than just the most basic of user permissions and privileges, then you must cre-
ate the account from inside the back-end User Manager.