CB 1.4 and Joomla 1.6 ACL

Hi,

I am a CB newbie, so apologies in advance if I am doing things incorrectly. I did try to search the forum for answers, but so far did not find it.

Vesions I am using: CB-1.4, Joomla-1.6.3, PHP-5.3.5 (testing with XAMPP-win32-1.7.4-VC6).

Overall registration process, with CB/Joomla integrated, is working fine. I have setup the Joomla ACL with new groups, for example:

Public
|-Registered
|-AdminTeam
|-ContentManager
|-UserManager

The idea is that only Registered users that are members of the group UserManager should be able to manage the user DB, see users list, moderate/approve registrations, etc.

The first ACL-based thing I am trying to do is to allow the UserManager logged-on to the front-end to see the Users list. I have created a menu entry for Registered users to see Users List. In the CB Configuration->Moderation tab, I have set "Moderator Groups" to "UserManager", and "Allow Moderators to Edit User Profiles" to "CB Moderators and levels above". Under CB->List Management, I have a published list called "Members List", for which "User Group to allow access to:" is set to "UserManager".

When I access the menu logged in to front-end as an UserManager, then it says "There are no published user lists!". if I change the list's "User Group to allow access to:" to simply "Registered", then the list is shown. I know the obvious is to check if the logged-in user is really a member of UserManager, and not just Registered, and I have checked that over and over.

First question: What am I doing wrong for the front-end permissions to not work?

Second question: If I were to allowed access through back-end, how do I setup CB/Joomla such that only UserManager group is allowed to manage users?

Thanks,
Shash

Oops...sorry, the spacing got messed up. Try again:

Public
|-Registered
..|-AdminTeam
....|-ContentManager
......|-UserManager

I am having the same issue.

It behaves is as if the usergroup that is given access is exclusive. If I have a user that is part of the allowed to access group and the SuperUser group, the list doesn't display, but if I have a user who is only a member of the allowed group, the list displays.

I imagine it needs to be changed to the new ACLs in 1.6 to work as we think it should, but that is only my opinion.

Im wondering if there has been a resolution to this as Im experiencing the same issue with providing access to user groups to a members list
As Jeronimodynamo said it behaves as if there are no flow up the hierarchy of permissions as there should be

I did some testing and discovered that in Joomla in general, as long as a person's highest level group in the tree has access to a given item, then the user has access. It does not matter if the user is also a member of a lower group in the tree.
For CB member list access it looks at the lowest group that the user belongs to and if that group doesn't have access the user is denied with the "not authorized" error. It doesn't not matter is the user is also a member of a higher group in the tree that does have access, membership in the lower group prevents the access. If the lower group is removed then the access is granted.

Example:
User is part of the following groups:
+Registered
++Member

CB list access is set to "Member". User gets "Not Authorized"
If user is removed from "Registered" group, user gets access.

Confirmed this on Joomla 1.6.4 with CB 1.4, and CB 1.7.