Joomla!: knitters and architects

There are two different approaches to development in a software project:

  • expanding existing code or
  • restarting from scratch.

Both have their pros and cons.

It is good to use what has allready been done. So, if you want something extra, you add it. This is the main approach that is used for Joomla! 1.6 (and 1.7 etc.): we keep what we have as much as possible and create something extra to expand it. I call it "knitting". In itself nothing wrong with it. It is the best method to get a quick result (which can still take some time anyway...). But after several attachments a knitwork can become a patchwork. Then it's time for a major revision.

When you start from scratch, having learned from what has been done in the past, you can thoroughly lay out a plan, an overall structure, a fundament. This is "architecture"! It takes more time than "knitting", but the result is more future-proof. This is what is needed for Joomla! 2.0.

Patchwork ACL

In 1.5 and 1.6 we have mainly 3 systems of access control at the same time:

  1. We have a restricted administrator-folder. Files under that folder can only be reached from outside if you are logged in (with the right access level), otherwise you'll be redirected to the login-page.
  2. You'll have to have the proper rights to create, edit or delete content. It is mainly this part that has been expanded with the new ACL in Joomla! 1.6.
  3. Read-access, wether you can view something, is mostly arranged by restricting menu-items and/or content to certain access-levels.

I see this as a patchwork and the only way it can be thoroughly solved is by solid architecture. Now I understand, that that will not be done in a minor release, as 1.6 is. It is something for Joomla! 2.0. I plead to start the development of a major release concurrent to the development of minor releases: it is a different thing. The architects can do their work while the knitters continue.


What I see with the development of webservices for Joomla! at the moment, is that developers create their own system for authentication and authorization. So, apart from the 3 systems of access control we allready have in Joomla! they make a fourth. And it is understandable: you want your webservice up and running as soon as possible, clients are waiting, so there is no time for solid architecture; take your knitting needles and attach what you need.

Concurrent development

Maybe we can get some people together and work out a good architecture for Joomla! 2.0, with an emphasis on access control. That can be done, as said, concurrently with "knitting" on for 1.6, 1.7, extensions, webservices etc. But I have the vague feeling, that the patchwork of existing code is so bad at the moment, that a reorganisation that could be done in a major release would save more time than it costs; in that case 2.0 could be released earlier than 1.7.

Herman Peeren
September 25, 2010

Originally, this article was a posting in a thread about developing web-accessible APIs in Joomla!: