Author Topic: Restricting access to profiles (Read 3027 times)

monicab · January 07, 2009, 12:55:19 pm

Okay, I must be missing something simple. Is there a way to restrict access to profiles? I'm using Joomla 1.0 and CiviCRM 2.0.4. I can restrict pages in Joomla to registered users, and I can restrict a menu item (e.g., civicrm component) to registered users, but the profile itself isn't restricted. So presumably anyone clever enough (and this doesn't seem like it takes too much) to figure out the <siteroot>/profile&reset=1&gid=N syntax could easily bypass the menu system and start putting in random N's to access any info available through those profiles. This seems like a major security hole, so I presume I'm missing something. What is it? Thanks for the help.

Donald Lobo · January 07, 2009, 01:53:49 pm

the security restrictions for CiviCRM in joomla are fairly minimal. The best bet to avoid the below is to ensure that profiles have the right "used for" setting and are marked as such

lobo

monicab · January 07, 2009, 04:27:11 pm

Sorry for my density, but what "used for" setting?

Donald Lobo · January 07, 2009, 05:49:46 pm

Click on settings from the profile browse page, you will get a page similar to:

http://drupal.demo.civicrm.org/civicrm/admin/uf/group?action=update&id=1

the Used For section is the second row

lobo

conductorchris · January 07, 2009, 07:03:13 pm

Having just read this post, I then spotted a new Joomla extension:
http://extensions.joomla.org/extensions/access-&-security/group-access/6874/details
which purports to refine Joomla front-end user access, giving you control over which user groups can see specific modules, articles, components, sections, etc.

I haven't used it, I'm just pointing it out -- let us know how it goes if you do.

Also, I can't tell from the description if you can use it to specifically control stand alone profile pages. Perhaps a work-around would be to use the option where you generate and copy html code -- then make that code a Joomla module, which you then restrict access to as appropriate.

monicab · January 08, 2009, 10:01:40 am

Thanks for the responses, but they don't do anything to ease my mind. First, my version of civiCRM only offers "profile" and "search results" as used-for options, but it seems to me that even having "user registration" and "view/edit user account" would solve the problem, since the information is still linked to a profile. The problem is that any active profile (whether linked to a front-end joomla page or not) is openly accessible through the albeit obscure but readily public syntax. So if I have a profile page:

<siteroot>/index.php?option=com_civicrm&task=civicrm/profile&reset=1&gid=13&force=1&search=0

All a clever person has to do is change the gid# to access any active profile that exists. Since joomla doesn't come into play, there's no way to restrict the access to the profiles, even with the extension that allows you to assign groups to components. Am I tracking that rightly? So basically, any field placed on a profile is basically openly accessible, correct? Since we need to protect the privacy of our constituents, this makes civiCRM completely useless to us, unless someone can point out something I'm missing.

Donald Lobo · January 08, 2009, 10:14:30 am

If you want fine grained control over profile access, you'll need to switch to either drupal or standalone. as mentioned previously, our permissioning system in joomla is minimal / non-existent at the front end

alternatively you can hack components/com_civicrm/civicrm.php and add code there to secure your site

lobo

monicab · January 08, 2009, 11:20:17 am

Thanks Lori. I'm don't really think I'm asking for "fine-grained" control -- I'm a little stunned to find that there is basically no control at all. At any rate, sounds like standalone is my best option if I'm going to stick with civi. But I'll need to delete the profile once I've generated the standalone code, right? Otherwise the info on the profile is still available...

monicab · January 08, 2009, 11:38:54 am

Sorry, modify that. Any fields on a profile that are set as "searchable" or "in selector" are visible. The problem is, in order to make something like a directory it needs to be searchable, making restricting access impossible?

Donald Lobo · January 08, 2009, 01:29:07 pm

In drupal/standalone, you can restrict access to any/all/specific profiles. Thus u can allow a few profiles to be exposed to "all" users (including anonymous) and keep the other profiles restricted. You will need to use ACLs and/or ACL hooks to enable this under these CMS.

We dont have this funcitonality implemened in joomla (as yet)

lobo

CiviCRM Community Forums (archive)

News:

Author Topic: Restricting access to profiles (Read 3027 times)

monicab

Restricting access to profiles

Donald Lobo

Re: Restricting access to profiles

monicab

Re: Restricting access to profiles

Donald Lobo

Re: Restricting access to profiles

conductorchris

Re: Restricting access to profiles

monicab

Re: Restricting access to profiles

Donald Lobo

Re: Restricting access to profiles

monicab

Re: Restricting access to profiles

monicab

Re: Restricting access to profiles

Donald Lobo

Re: Restricting access to profiles