#77

Product support

Get help in the plugin support forum.

Categories

  • Developer Tools
  • Miscellaneous
  • Utility

Frontend user permissions and roles for October CMS

"A great way to curtail and grant access to all things on your website. Setup public / private areas of a page, create types of user access, limit visibility to sensitive information." - Passage Plugin User.

Managing User Permissions User permissions are managed on the Users tab found in the back-end. Users are organized by user groups and the permissions (Passage Keys) are assigned to those groups. Add permissions (Passage Keys) to your pages or plugins and only users belonging to a group with permission can access it.

Plugin settings There are no settings other than creating the permissions and adding them to the groups.

Features

  • Multi- language support. ( EN provided )
  • Uses only two queries to get the keys no matter how many places you check for keys.
  • Permissions can be integrated into your own plugin code by using a provided global set of passage keys.
  • Fast author support. ( Issues and support requests are usually addressed within 48 hrs )
Managing Permission Keys

Passage plugin

( Installation code : kurtjensen.passage ) Requires ( RainLab.User )

This plugin adds a front end user group permission system to OctoberCMS.

Download the plugin to the plugins directory and logout and log in back into October backend. Go to the Passage Keys page via the side menu in users in the backend and add your permissions/keys.

User Permision / Passage Key Entry

In the backend under Users (Rainlab.Users) you will find a sidemenu item called "Passage Keys". This is where you enter your permission names and an optional description.

In the backend under Users you will find a button at the top called "User Groups". Press button to see groups. When editing a group you will find check boxes at the bottom for each "Passage Key". This is where you assign permissions for each user group.

User Permisions in Pages or Partials

On a page you may restrict access to a portion of view by using the following code:

    {% if can('calendar_meetings') %}

        <p>Show if the user belongs to a Rainlab-User Usergroup that includes the permission named "calendar_meetings".</p>

    {% else %}

        <p>Show if the user DOES NOT belong to a Rainlab-User Usergroup that include the permission named "calendar_meetings".</p>

    {% endif %}

    {% if inGroup('my_admins') %}

    <p>Show if the user belongs to a Rainlab.User Usergroup that has code "my_admins".</p>

    {% else %}

    <p>Show if the user DOES NOT belong to a Rainlab.User Usergroup that has code "my_admins".</p>

    {% endif %}

        <p>Show for all users regardless of permissions.</p>

User Permissions in Your Own Plugins

Get all permision keys for the user in an array.

    $permission_keys_by_name = \KurtJensen\Passage\Plugin::passageKeys();

OR

In your plugin you may restrict access to a portion of code:

    // check for permission directly using hasKeyName( $key_name )
    $permissionGranted = \KurtJensen\Passage\Plugin::hasKeyName('view_magic_dragon');
    if($permissionGranted) {
        // Do stuff
    }

OR

Lets say you have a model that uses a permission field containg the id of a permission key and want to see if model permission matches.

Example: $model->perm_id = 5 which came from a dropdown that contained keys from \KurtJensen\Passage\Plugin::passageKeys();

    $model = Model::first();
    // check for permission directly using hasKey( $key_id )
    if(\KurtJensen\Passage\Plugin::hasKey($model->perm_id)) {
        // Do Stuff
    }else{
        // Do other Stuff if user does NOT have permission  
    }

OR

Get Array of Groups

    // You can get array of the users groups keyed by the code of the group
    $groups = \KurtJensen\Passage\Plugin::passageGroups()

OR

Check group membership by group code

    // use hasGroup($group_code) to check membership
    $isCool = \KurtJensen\Passage\Plugin::hasGroup('cool_people')

OR

Check group membership by group Name

Note: Group names are not guaranteed to be unique.

DO NOT CHECK BY GROUP NAME if security is an issue.

    // use hasGroupName($group_name) to check membership
    $isInGroupNamedCool = \KurtJensen\Passage\Plugin::hasGroupName('Cool')

Like this plugin?

If you like this plugin or if you use some of my plugins, you can help me by submitting a review in the market. Small donations also help keep me motivated.

Please do not hesitate to find me in the IRC channel or contact me for assistance. Sincerely Kurt Jensen

  • Found the plugin useful on 11 Nov, 2016

    Works out of box without any struggle and does it job. Fast and friendly support!

  • Found the plugin useful on 23 Oct, 2016

    A great way to curtail and grant access to all things on your website. Setup public / private areas of a page, create types of user access, limit visibility to sensitive information.

  • Found the plugin useful on 10 Aug, 2016

    This plugin works for adding security on frontend users.

  • author

    Replied on 10 Aug, 2016

    Thank you for your review. Please do not hesitate to contact me if you need any support. Sincerely Kurt Jensen

1.0.10

Fixed nullpointer when no user is logged in ( Thanks jhendess )

Dec 18, 2016

1.0.9

Prevents unactivated users from having any permissions

Dec 17, 2016

1.0.8

Added model UsersGroups (from Rainlab) to make easier to get users of a permission key

Nov 13, 2016

1.0.7

Fixes dumb mistake at plugin.php line 150 and caches groups better

Oct 10, 2016

1.0.6

Fixes error at plugin.php line 152

Oct 04, 2016

1.0.5

!!! This is an important update that contains breaking changes. Changed inGroup to use code instead of name and added methods.

Oct 04, 2016

1.0.4

Added messageURL() to enable Author Notices

Feb 14, 2016

1.0.3

Fixed error caused by inGroup($group) on non-logged in user.

Feb 07, 2016

1.0.2

Added replacement twig tag for hasRole() called inGroup(). This checks to see if user belongs to RainLab\User\Models\UserGroup.

Feb 05, 2016

1.0.1

Initialize plugin.

Jan 29, 2016

Upgrading from Shahiem Seymor's Frontend User Roles Manager

Do you have "Frontend User Roles Manager" installed?

There are data transfer buttons available in the "Passage Keys" list in the Back-end.
You may use them to transfer data from "Frontend User Roles Manager" to the "Passage Keys" plugin tables.

These buttons will go away if you uninstall "Frontend User Roles Manager".