CiviCRM Community Forums (archive)

This functionality is being added in the 4.1 release. There is a patch for 3.4 which you can try if you're in a hurry:

http://issues.civicrm.org/jira/browse/CRM-8723

CiviCRM synchs (links) it's contact records to Joomla user accounts initially using email address. If you run Synch Users to Contacts from Administer > Manager menu - it will look for matches between your 250 Joomla users and the 5,000 contacts you've imported to civi. Once the match is made, it's stored in civicrm_uf_match table. It looks like you're discussing additional functionality regarding propagating email changes here:

http://forum.civicrm.org/index.php?topic=22637.new#new

I think you'd have to do "manual synch" via DB inserts (civicrm_uf_match table links a civi contact to a joomla user).

Also i realize the manual way of doing it. Maybe this could be brought in as a feature and put in the backend so that my non-technical admin could then go in and manually sync?

Sure the security risk would be that if I go on a Joomla site that uses CiviCRM and register with my friends email address instead of mine and the administrator enabled frontend viewing of my civiprofile (linked to emails) then I would suddenly get access to my friend's profile instead of mine. The reason for this is that if the admin goes and clicks sync then Civi will look at my email (which is my friends) and sync my friends profile to my Joomla userprofile thereby giving me access to his info - hence the security risk.

I also know some families share emails and so a daughter might get her father's info and vice versa shown to her depending on their registration.

There HAS to be a way for an admin to manually approve links on a user by user basis in the backend and not require them to go into the database with phpmyadmin to do this. This to me seems like a huge issue.

An easy way to implement this would be to have CiviCRM have a field where you can input the Joomla UserID number into the CiviCRM Contant's profile and thus link the two accounts that way - rather than by email automatically. It should be pretty simple to implement and I think is VERY important and probably something not many people realized would/could even happen.

All I need to do is visit any civi site where the frontend allows me to see my profile, register on the site with some users email and boom I have their info.

Thoughts?

This really is what the user account activation tool in Joomla is for. J15 has only self activation; J16+ has self or admin activation.

1) User completes the new user registration form
2) If self-activation is enabled, they receive an email and must click to activate. Thus only people with access to the email address may activate and gain access. If admin-activation is enabled, the admin receives notification and must review/approve before the user may access the site. If you're using J15 and need the admin-activation, there are some other 3rd party extensions that can provide that feature.

As for "father/daughter sharing an email address" -- that's not a problem I think we need to build a solution for. The problem is not the technology. It's the father's poor management of his email address. Even an admin-approved activation is not going to solve this. Bottom line is that unless you plan to pick up the phone and talk to people, you won't ever know who is on the other side of the email address.

If security is that much a concern, I would just disable user registration altogether and have admins generate user accounts via the new tool in 4.1 (browse to contact record and create user account).

As for the initial syncing -- yes, it is somewhat prone to error if you have duplicate email addresses in your db. I don't see an easy way around it -- you either accept the risk of a false connection, or you handle it with a direct import to the uf_match table where you retain full control. It would be nice to have an interface to review and manage the links between J and C. But I'm not sure it's worth the effort (you might be able to inject the link into the J user manager with a plugin -- could be interesting to explore that possibility). Once you get past the initial syncing, you probably won't run into too many issues since peoples user accounts and contact records are generally created in the same step.