How to modify access controls for Walled Gardens

This document is part of Elgg's "Walled Gardeners" group, where you can get information about running a private site.  The group is here.


This page will contain information about various ways of modifying access controls for Walled Gardens


1.  Removing access levels

2.  Changing names of access levels

3.  Changing ordering of access options



There are two ways to do this:  remove an access level totally, or make it so it isn't displayed.  Let's do the "make it so it isn't displayed" option first.  This is about rendering the HTML without the thing you don't want.

The file we want to override is in (starting with the web root)  /views/default/input/access.php

You don't want to edit that, but create a plugin that does it.  Not too hard.  Follow the usual directions for creating a plugin, (create a plugin directory, and have two files under that (manifest.xml and start.php) and then create the directory structure: /views/default/input) and then create the file to override it: access.php

You're going to copy the original file to this one, then make changes.  You'll notice there are two sections of code.  The first one gets the access levels, then second one renders it in HTML.  You can, if you really, really know what you're doing - unset members of the access array in the PHP section.  But, instead, we're going to focus on the HTML rendering section.

The key section is the loop:

foreach($vars['options'] as $key => $option) {
        if ($key != $vars['value']) {
            echo "<option value=\"{$key}\">". htmlentities($option, ENT_QUOTES, 'UTF-8') ."</option>";
        } else {
            echo "<option value=\"{$key}\" selected=\"selected\">". htmlentities($option, ENT_QUOTES, 'UTF-8') ."</option>";

Let's say that you wanted to get rid of the "Private" option.  You could make this the first line of the loop:

if ($key == 0 && $option == 'Private') { continue; }

This would skip over rendering that option in HTML and the user would never see it.  You have to test the index number and the option otherwise you'll knock out the 0th index of the group permissions setup page.  This way, it will be OK on that page.  You can also knock out public by adding another condition (index 2, option "Public").  Of course, this assumes you're using English.  You can use another language, or use the language key code instead.

This works very well, and leaves the access options intact in the system.  You might say, "But they are still there!"  It's true that someone (if they knew what they were doing) could construct an artificial form submission and choose the missing option as a form parameter, and the system would accept it.  But what would they get?  They can make things private, if they want, but what benefit do they gain?  They can make things "public" but if everyone has to log into the site, it isn't really public anyway, either.  However, if they do this, when you edit that content, the option they chose won't be there, so a default one will appear.  From then on, when it's saved, it will be under a legitimate access level.  Therefore, I really don't see this as a big deal and don't think it's worth it to do anything other than remove the HTML.


This is pretty simple, and just involves going to your language file and changing the names of the labels.  The fields you're interested in (let's say you were using en.php) are on lines 191-195:

	'PRIVATE' => "Private",
	'LOGGED_IN' => "Logged in users",
	'PUBLIC' => "Public",
	'access:friends:label' => "Friends",
	'access' => "Access",



You just want to change the first few.  So, it's probably a good change to make LOGGED_IN something like: "All Members" - especially if you have removed the public setting.  I think, that if you keep private, I think that's not even the greatest name from a usability point of view.  Maybe, "Only I can see" or something.



This is very useful to do, especially if you get rid of "Public".  You want the default option to be the one that most people use.  So, let's say you get rid of public.  The default then becomes private.  You don't want that as most people won't notice the setting and then nobody sees anything. Ugh.  If you just want to make your LOGGED_IN setting default, let's say you changed the label to "All Members" then go to the Administration screen, then Site Administration, and in the middle of the screen, choose the default setting you want.

However, if you want to create a particular ordering (not just setting the first one) then you need to mess with the HTML code.  If you don't have a plugin for access, create one, and then you need to override the access.php snippet in /views/default/input/access.php  So copy that file to that directory structure in your plugin, and focus on this code here:

foreach($vars['options'] as $key => $option) {
        if ($key != $vars['value']) {
            echo "{$option}";
        } else {
            echo "{$option}";



This just iterates through the options and renders them in that order.  You need to write code inside that loop that notices which option comes up when.  However, be mindful that this code is also used for group creation and group permissions.  AND don't forget that people's friend lists will appear there.  So.... you won't really know all the items that could be in that array - so don't even think of hardcoding a few lines.  Your best bet will be something like this:  first, lay out the options you know are there and that you want as the first few - hardcode those.  Then, have the original loop follow, but test for each index and label (not just index) that you've already done and then "continue" to the next one.


  • Keep writing ...;-O..  We have school walled sites too, just doing the wall and access differently, but this is very interesting material. I myself am looking to plug in open SSL/ signature/ PKS authentication to wall-in a site without playng with access levels ( for later ) - ie levels remain defaults, but not PKS auth -> no access.


  • Every time I activate Walled Garden, I get a double image of my main page when logged out. Nor a very professional look when asking visitors to join. Any idea what causes this?

  • @sunwest - all I can say is that I get the same thing - so I can confirm that what you are seeing isn't gremlins.  Someone once said in my quest for an answer -- "something must be wrong" - but that's as far as I got. So I abandoned it. That's all I know.