Using Access Control Lists (ACL) to limit back-end access to a single component
If you want to give a user access to just one component through the back-end administration interface, do the following:
- Create a new user group such as admin2 and assign it to the Public group parent.
- Go to Site | Global Configuration.
- Click Permissions.
- Open Permissions for the Admin2 group.
- Change Admin Login to Allow and click Save. Note: Do not enable Access Admin Interface or they will have access to much more.
- Go to Users | Access Levels
- Edit the Special level and enable the admin2 user group you created to be part of the Special group. It is a strange quirk of Joomla that you must be part of the Special group to access the back end.
- Go to the Component you wish to provide access to.
- Click Options.
- Expand the permissions for admin2 and change all the settings you require to Allow and click Save and Close.
Create a new user and assign them to the admin2 group.
Now when you log in with the new user you've created, you will only see the menu for the component you allowed access to and a couple other essential Joomla menus.